diff --git a/code/cves/2019/CVE-2019-14287.yaml b/code/cves/2019/CVE-2019-14287.yaml index 2a8c21ffbb..2264514cb6 100644 --- a/code/cves/2019/CVE-2019-14287.yaml +++ b/code/cves/2019/CVE-2019-14287.yaml @@ -17,15 +17,15 @@ info: cvss-score: 8.8 cve-id: CVE-2019-14287 cwe-id: CWE-755 - epss-score: 0.34299 - epss-percentile: 0.96958 + epss-score: 0.30814 + epss-percentile: 0.96854 cpe: cpe:2.3:a:sudo_project:sudo:*:*:*:*:*:*:*:* metadata: verified: true max-request: 2 vendor: sudo_project product: sudo - tags: cve,cve2019,sudo,code,linux,privesc,local,canonical + tags: packetstorm,cve,cve2019,sudo,code,linux,privesc,local,canonical self-contained: true code: diff --git a/code/cves/2021/CVE-2021-3156.yaml b/code/cves/2021/CVE-2021-3156.yaml index ff8dab6fe8..e5765959b0 100644 --- a/code/cves/2021/CVE-2021-3156.yaml +++ b/code/cves/2021/CVE-2021-3156.yaml @@ -18,13 +18,13 @@ info: cve-id: CVE-2021-3156 cwe-id: CWE-193 epss-score: 0.97085 - epss-percentile: 0.99752 + epss-percentile: 0.99757 cpe: cpe:2.3:a:sudo_project:sudo:*:*:*:*:*:*:*:* metadata: verified: true vendor: sudo_project product: sudo - tags: cve,cve2021,sudo,code,linux,privesc,local,kev + tags: packetstorm,cve,cve2021,sudo,code,linux,privesc,local,kev self-contained: true code: diff --git a/code/cves/2023/CVE-2023-2640.yaml b/code/cves/2023/CVE-2023-2640.yaml index ea23ad4579..31f4a41452 100644 --- a/code/cves/2023/CVE-2023-2640.yaml +++ b/code/cves/2023/CVE-2023-2640.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.8 cve-id: CVE-2023-2640 cwe-id: CWE-863 - epss-score: 0.00174 - epss-percentile: 0.53697 + epss-score: 0.00232 + epss-percentile: 0.60636 cpe: cpe:2.3:o:canonical:ubuntu_linux:23.04:*:*:*:*:*:*:* metadata: verified: true diff --git a/code/cves/2023/CVE-2023-49105.yaml b/code/cves/2023/CVE-2023-49105.yaml index 85e3bf9c3d..46321a88df 100644 --- a/code/cves/2023/CVE-2023-49105.yaml +++ b/code/cves/2023/CVE-2023-49105.yaml @@ -10,20 +10,22 @@ info: - https://owncloud.com/security-advisories/webdav-api-authentication-bypass-using-pre-signed-urls/ - https://github.com/0xfed/ownedcloud - https://owncloud.org/security + - https://github.com/ambionics/owncloud-exploits + - https://github.com/nomi-sec/PoC-in-GitHub classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-49105 cwe-id: CWE-287 + epss-score: 0.21237 + epss-percentile: 0.96302 cpe: cpe:2.3:a:owncloud:owncloud:*:*:*:*:*:*:*:* - epss-score: 0.00091 - epss-percentile: 0.38353 metadata: max-request: 2 + vendor: owncloud product: owncloud shodan-query: title:"owncloud" tags: cve,cve2023,code,owncloud,auth-bypass - variables: username: admin diff --git a/code/cves/2023/CVE-2023-6246.yaml b/code/cves/2023/CVE-2023-6246.yaml index 25c06d08fb..b078a391c6 100644 --- a/code/cves/2023/CVE-2023-6246.yaml +++ b/code/cves/2023/CVE-2023-6246.yaml @@ -17,8 +17,8 @@ info: cvss-score: 7.8 cve-id: CVE-2023-6246 cwe-id: CWE-787,CWE-122 - epss-score: 0.00383 - epss-percentile: 0.72435 + epss-score: 0.0077 + epss-percentile: 0.80859 cpe: cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/dns/soa-detect.yaml b/dns/soa-detect.yaml index 1d98b9fa5d..f37f21fb6e 100644 --- a/dns/soa-detect.yaml +++ b/dns/soa-detect.yaml @@ -1,18 +1,18 @@ id: soa-detect -info: - name: SOA Record Service - Detection - author: rxerium - severity: info - description: | - Detects which domain provider a domain is using, detected through SOA records - reference: - - https://www.cloudflare.com/learning/dns/dns-records/dns-soa-record/ - metadata: - max-request: 1 - verified: true - tags: dns,soa - +info: + name: SOA Record Service - Detection + author: rxerium + severity: info + description: | + Detects which domain provider a domain is using, detected through SOA records + reference: + - https://www.cloudflare.com/learning/dns/dns-records/dns-soa-record/ + metadata: + verified: true + max-request: 1 + tags: dns,soa + dns: - name: "{{FQDN}}" diff --git a/dns/spf-record-detect.yaml b/dns/spf-record-detect.yaml index 7a9a051fd7..276b48f046 100644 --- a/dns/spf-record-detect.yaml +++ b/dns/spf-record-detect.yaml @@ -1,15 +1,16 @@ id: spf-record-detect -info: - name: SPF Record - Detection - author: rxerium - severity: info - description: | - An SPF TXT record was detected - reference: - - https://www.mimecast.com/content/how-to-create-an-spf-txt-record - tags: dns,spf - +info: + name: SPF Record - Detection + author: rxerium + severity: info + description: | + An SPF TXT record was detected + reference: + - https://www.mimecast.com/content/how-to-create-an-spf-txt-record + metadata: + max-request: 1 + tags: dns,spf dns: - name: "{{FQDN}}" type: TXT diff --git a/dns/txt-service-detect.yaml b/dns/txt-service-detect.yaml index 17a8d5e012..055e8cd7f7 100644 --- a/dns/txt-service-detect.yaml +++ b/dns/txt-service-detect.yaml @@ -1,18 +1,18 @@ id: txt-service-detect -info: - name: DNS TXT Service - Detect - author: rxerium - severity: info - description: | - Finding the services companies use via their TXT records. - reference: - - https://www.abenezer.ca/blog/services-companies-use-txt-records - metadata: - max-request: 1 - verified: true - tags: dns,txt - +info: + name: DNS TXT Service - Detect + author: rxerium + severity: info + description: | + Finding the services companies use via their TXT records. + reference: + - https://www.abenezer.ca/blog/services-companies-use-txt-records + metadata: + verified: true + max-request: 1 + tags: dns,txt + dns: - name: "{{FQDN}}" type: TXT diff --git a/headless/cves/2018/CVE-2018-25031.yaml b/headless/cves/2018/CVE-2018-25031.yaml index a6ed7a6ba6..9d85abfdd2 100644 --- a/headless/cves/2018/CVE-2018-25031.yaml +++ b/headless/cves/2018/CVE-2018-25031.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2018-25031 cwe-id: CWE-20 epss-score: 0.00265 - epss-percentile: 0.65414 + epss-percentile: 0.65516 cpe: cpe:2.3:a:smartbear:swagger_ui:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2000/CVE-2000-0114.yaml b/http/cves/2000/CVE-2000-0114.yaml index 687abbbafb..d4d3dd2dfc 100644 --- a/http/cves/2000/CVE-2000-0114.yaml +++ b/http/cves/2000/CVE-2000-0114.yaml @@ -12,13 +12,15 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2000-0114 - https://www.exploit-db.com/exploits/19897 - https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0114 + - https://github.com/0xPugazh/One-Liners + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N cvss-score: 5 cve-id: CVE-2000-0114 cwe-id: NVD-CWE-Other - epss-score: 0.09258 - epss-percentile: 0.94099 + epss-score: 0.15958 + epss-percentile: 0.95829 cpe: cpe:2.3:a:microsoft:internet_information_server:3.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2001/CVE-2001-0537.yaml b/http/cves/2001/CVE-2001-0537.yaml index 7d8eee948d..1427f20da9 100644 --- a/http/cves/2001/CVE-2001-0537.yaml +++ b/http/cves/2001/CVE-2001-0537.yaml @@ -15,13 +15,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2001-0537 - http://www.ciac.org/ciac/bulletins/l-106.shtml - https://exchange.xforce.ibmcloud.com/vulnerabilities/6749 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C cvss-score: 9.3 cve-id: CVE-2001-0537 cwe-id: CWE-287 - epss-score: 0.88063 - epss-percentile: 0.98412 + epss-score: 0.87683 + epss-percentile: 0.98569 cpe: cpe:2.3:o:cisco:ios:11.3:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2004/CVE-2004-0519.yaml b/http/cves/2004/CVE-2004-0519.yaml index 7db660b35a..809de4301a 100644 --- a/http/cves/2004/CVE-2004-0519.yaml +++ b/http/cves/2004/CVE-2004-0519.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2004-0519 cwe-id: NVD-CWE-Other epss-score: 0.02285 - epss-percentile: 0.88555 + epss-percentile: 0.89406 cpe: cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2004/CVE-2004-1965.yaml b/http/cves/2004/CVE-2004-1965.yaml index 7c808f1856..b60b71fb30 100644 --- a/http/cves/2004/CVE-2004-1965.yaml +++ b/http/cves/2004/CVE-2004-1965.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2004-1965 cwe-id: NVD-CWE-Other epss-score: 0.0113 - epss-percentile: 0.83145 + epss-percentile: 0.84351 cpe: cpe:2.3:a:openbb:openbb:1.0.0_beta1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2005/CVE-2005-4385.yaml b/http/cves/2005/CVE-2005-4385.yaml index e706c6eb46..3dfd6d24c9 100644 --- a/http/cves/2005/CVE-2005-4385.yaml +++ b/http/cves/2005/CVE-2005-4385.yaml @@ -13,13 +13,14 @@ info: - http://pridels0.blogspot.com/2005/12/cofax-xss-vuln.html - https://nvd.nist.gov/vuln/detail/CVE-2005-4385 - http://www.vupen.com/english/advisories/2005/2977 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N cvss-score: 4.3 cve-id: CVE-2005-4385 cwe-id: NVD-CWE-Other epss-score: 0.00294 - epss-percentile: 0.65964 + epss-percentile: 0.68633 cpe: cpe:2.3:a:cofax:cofax:1.9.9c:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2007/CVE-2007-0885.yaml b/http/cves/2007/CVE-2007-0885.yaml index 6de5041c16..d1e6d18919 100644 --- a/http/cves/2007/CVE-2007-0885.yaml +++ b/http/cves/2007/CVE-2007-0885.yaml @@ -10,13 +10,14 @@ info: reference: - https://exchange.xforce.ibmcloud.com/vulnerabilities/32418 - https://nvd.nist.gov/vuln/detail/CVE-2007-0885 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P cvss-score: 6.8 cve-id: CVE-2007-0885 cwe-id: NVD-CWE-Other epss-score: 0.0093 - epss-percentile: 0.81235 + epss-percentile: 0.82626 cpe: cpe:2.3:a:rainbow_portal:rainbow.zen:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2007/CVE-2007-3010.yaml b/http/cves/2007/CVE-2007-3010.yaml index 9a6b51be1c..914d2240e6 100644 --- a/http/cves/2007/CVE-2007-3010.yaml +++ b/http/cves/2007/CVE-2007-3010.yaml @@ -21,16 +21,16 @@ info: cvss-score: 10 cve-id: CVE-2007-3010 cwe-id: CWE-20 - epss-score: 0.97264 - epss-percentile: 0.99824 + epss-score: 0.97317 + epss-percentile: 0.99868 cpe: cpe:2.3:a:alcatel-lucent:omnipcx:7.1:*:enterprise:*:*:*:*:* metadata: verified: true max-request: 1 vendor: alcatel-lucent product: omnipcx - fofa-query: app="Alcatel_Lucent-OmniPCX-Enterprise" shodan-query: title:"OmniPCX for Enterprise" + fofa-query: app="Alcatel_Lucent-OmniPCX-Enterprise" tags: cve,cve2007,kev,rce,alcatel http: diff --git a/http/cves/2007/CVE-2007-4504.yaml b/http/cves/2007/CVE-2007-4504.yaml index e272c70f1f..181fb47165 100644 --- a/http/cves/2007/CVE-2007-4504.yaml +++ b/http/cves/2007/CVE-2007-4504.yaml @@ -13,13 +13,14 @@ info: - https://www.exploit-db.com/exploits/4307 - https://exchange.xforce.ibmcloud.com/vulnerabilities/36222 - https://nvd.nist.gov/vuln/detail/CVE-2007-4504 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N cvss-score: 5 cve-id: CVE-2007-4504 cwe-id: CWE-22 - epss-score: 0.01677 - epss-percentile: 0.86314 + epss-score: 0.02599 + epss-percentile: 0.90043 cpe: cpe:2.3:a:joomla:rsfiles:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2007/CVE-2007-4556.yaml b/http/cves/2007/CVE-2007-4556.yaml index fbc2e9b6a5..f6f3a28108 100644 --- a/http/cves/2007/CVE-2007-4556.yaml +++ b/http/cves/2007/CVE-2007-4556.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2007-4556 cwe-id: NVD-CWE-Other epss-score: 0.16469 - epss-percentile: 0.95533 + epss-percentile: 0.95873 cpe: cpe:2.3:a:opensymphony:xwork:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2008/CVE-2008-1059.yaml b/http/cves/2008/CVE-2008-1059.yaml index e9256cc720..044e2056b6 100644 --- a/http/cves/2008/CVE-2008-1059.yaml +++ b/http/cves/2008/CVE-2008-1059.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2008-1059 cwe-id: CWE-94 epss-score: 0.01493 - epss-percentile: 0.85524 + epss-percentile: 0.86573 cpe: cpe:2.3:a:wordpress:sniplets_plugin:1.1.2:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2008/CVE-2008-2650.yaml b/http/cves/2008/CVE-2008-2650.yaml index 1181b629f6..f76cdcc1c5 100644 --- a/http/cves/2008/CVE-2008-2650.yaml +++ b/http/cves/2008/CVE-2008-2650.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2008-2650 cwe-id: CWE-22 epss-score: 0.06344 - epss-percentile: 0.92938 + epss-percentile: 0.93486 cpe: cpe:2.3:a:cmsimple:cmsimple:3.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2008/CVE-2008-4668.yaml b/http/cves/2008/CVE-2008-4668.yaml index a8dca70a0b..a14ccefe8e 100644 --- a/http/cves/2008/CVE-2008-4668.yaml +++ b/http/cves/2008/CVE-2008-4668.yaml @@ -14,13 +14,14 @@ info: - http://securityreason.com/securityalert/4464 - https://nvd.nist.gov/vuln/detail/CVE-2008-4668 - https://exchange.xforce.ibmcloud.com/vulnerabilities/45490 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:P/A:P cvss-score: 9 cve-id: CVE-2008-4668 cwe-id: CWE-22 epss-score: 0.01018 - epss-percentile: 0.82089 + epss-percentile: 0.83418 cpe: cpe:2.3:a:joomla:com_imagebrowser:0.1.5:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2008/CVE-2008-4764.yaml b/http/cves/2008/CVE-2008-4764.yaml index d5142e69d4..94ca96a74e 100644 --- a/http/cves/2008/CVE-2008-4764.yaml +++ b/http/cves/2008/CVE-2008-4764.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2008-4764 cwe-id: CWE-22 epss-score: 0.02365 - epss-percentile: 0.88742 + epss-percentile: 0.89577 cpe: cpe:2.3:a:extplorer:com_extplorer:*:rc2:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2008/CVE-2008-6172.yaml b/http/cves/2008/CVE-2008-6172.yaml index 33870a9313..6ebb1fc117 100644 --- a/http/cves/2008/CVE-2008-6172.yaml +++ b/http/cves/2008/CVE-2008-6172.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2008-6172 cwe-id: CWE-22 epss-score: 0.00509 - epss-percentile: 0.74088 + epss-percentile: 0.76096 cpe: cpe:2.3:a:weberr:rwcards:3.0.11:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2008/CVE-2008-6465.yaml b/http/cves/2008/CVE-2008-6465.yaml index a466106814..99702398f8 100644 --- a/http/cves/2008/CVE-2008-6465.yaml +++ b/http/cves/2008/CVE-2008-6465.yaml @@ -15,13 +15,14 @@ info: - https://exchange.xforce.ibmcloud.com/vulnerabilities/45254 - https://exchange.xforce.ibmcloud.com/vulnerabilities/45252 - https://nvd.nist.gov/vuln/detail/CVE-2008-6465 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N cvss-score: 4.3 cve-id: CVE-2008-6465 cwe-id: CWE-79 epss-score: 0.00421 - epss-percentile: 0.71537 + epss-percentile: 0.73765 cpe: cpe:2.3:a:parallels:h-sphere:3.0.0:p9:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2008/CVE-2008-6668.yaml b/http/cves/2008/CVE-2008-6668.yaml index 3e4df909af..5379eda054 100644 --- a/http/cves/2008/CVE-2008-6668.yaml +++ b/http/cves/2008/CVE-2008-6668.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2008-6668 cwe-id: CWE-22 epss-score: 0.00359 - epss-percentile: 0.6932 + epss-percentile: 0.71607 cpe: cpe:2.3:a:dirk_bartley:nweb2fax:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2008/CVE-2008-7269.yaml b/http/cves/2008/CVE-2008-7269.yaml index 88ffe8b134..bd1d307f24 100644 --- a/http/cves/2008/CVE-2008-7269.yaml +++ b/http/cves/2008/CVE-2008-7269.yaml @@ -17,8 +17,8 @@ info: cvss-score: 5.8 cve-id: CVE-2008-7269 cwe-id: CWE-20 - epss-score: 0.01193 - epss-percentile: 0.83661 + epss-score: 0.01425 + epss-percentile: 0.86241 cpe: cpe:2.3:a:boka:siteengine:5.0:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2009/CVE-2009-0545.yaml b/http/cves/2009/CVE-2009-0545.yaml index d701f4d980..cc536e4b54 100644 --- a/http/cves/2009/CVE-2009-0545.yaml +++ b/http/cves/2009/CVE-2009-0545.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2009-0545 cwe-id: CWE-20 epss-score: 0.97081 - epss-percentile: 0.99724 + epss-percentile: 0.99755 cpe: cpe:2.3:a:zeroshell:zeroshell:1.0:beta1:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2009/CVE-2009-0932.yaml b/http/cves/2009/CVE-2009-0932.yaml index 358ac7b2ec..c14e99c7b8 100644 --- a/http/cves/2009/CVE-2009-0932.yaml +++ b/http/cves/2009/CVE-2009-0932.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2009-0932 cwe-id: CWE-22 epss-score: 0.04048 - epss-percentile: 0.91213 + epss-percentile: 0.919 cpe: cpe:2.3:a:debian:horde:3.2:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2009/CVE-2009-1151.yaml b/http/cves/2009/CVE-2009-1151.yaml index 6e24733849..ca570b9b0c 100644 --- a/http/cves/2009/CVE-2009-1151.yaml +++ b/http/cves/2009/CVE-2009-1151.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2009-1151 cwe-id: CWE-94 epss-score: 0.79256 - epss-percentile: 0.97998 + epss-percentile: 0.98197 cpe: cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2009/CVE-2009-1496.yaml b/http/cves/2009/CVE-2009-1496.yaml index 650a9a69c7..e467eec3a7 100644 --- a/http/cves/2009/CVE-2009-1496.yaml +++ b/http/cves/2009/CVE-2009-1496.yaml @@ -13,13 +13,14 @@ info: reference: - https://www.exploit-db.com/exploits/8367 - https://nvd.nist.gov/vuln/detail/CVE-2009-1496 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N cvss-score: 5 cve-id: CVE-2009-1496 cwe-id: CWE-22 epss-score: 0.00802 - epss-percentile: 0.79755 + epss-percentile: 0.81288 cpe: cpe:2.3:a:joomla:joomla:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2009/CVE-2009-1558.yaml b/http/cves/2009/CVE-2009-1558.yaml index f310450533..f46220b236 100644 --- a/http/cves/2009/CVE-2009-1558.yaml +++ b/http/cves/2009/CVE-2009-1558.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2009-1558 cwe-id: CWE-22 epss-score: 0.01101 - epss-percentile: 0.82907 + epss-percentile: 0.84137 cpe: cpe:2.3:h:cisco:wvc54gca:1.00r22:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2009/CVE-2009-1872.yaml b/http/cves/2009/CVE-2009-1872.yaml index 1eecc7f5cc..fea71dd80e 100644 --- a/http/cves/2009/CVE-2009-1872.yaml +++ b/http/cves/2009/CVE-2009-1872.yaml @@ -14,13 +14,14 @@ info: - http://www.adobe.com/support/security/bulletins/apsb09-12.html - http://www.dsecrg.com/pages/vul/show.php?id=122 - https://nvd.nist.gov/vuln/detail/CVE-2009-1872 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N cvss-score: 4.3 cve-id: CVE-2009-1872 cwe-id: CWE-79 epss-score: 0.37553 - epss-percentile: 0.96847 + epss-percentile: 0.97102 cpe: cpe:2.3:a:adobe:coldfusion:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2009/CVE-2009-2015.yaml b/http/cves/2009/CVE-2009-2015.yaml index 24b37e6bca..fe25445df0 100644 --- a/http/cves/2009/CVE-2009-2015.yaml +++ b/http/cves/2009/CVE-2009-2015.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2009-2015 cwe-id: CWE-22 epss-score: 0.01197 - epss-percentile: 0.83694 + epss-percentile: 0.84862 cpe: cpe:2.3:a:joomla:joomla:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2009/CVE-2009-2100.yaml b/http/cves/2009/CVE-2009-2100.yaml index 5b550be3b1..83bea5b3cd 100644 --- a/http/cves/2009/CVE-2009-2100.yaml +++ b/http/cves/2009/CVE-2009-2100.yaml @@ -12,13 +12,14 @@ info: reference: - https://www.exploit-db.com/exploits/8946 - https://nvd.nist.gov/vuln/detail/CVE-2009-2100 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N cvss-score: 5 cve-id: CVE-2009-2100 cwe-id: CWE-22 - epss-score: 0.00629 - epss-percentile: 0.7675 + epss-score: 0.00779 + epss-percentile: 0.80973 cpe: cpe:2.3:a:joomla:joomla:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2009/CVE-2009-3053.yaml b/http/cves/2009/CVE-2009-3053.yaml index d10eb0bcb4..fb855b6e67 100644 --- a/http/cves/2009/CVE-2009-3053.yaml +++ b/http/cves/2009/CVE-2009-3053.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.8 cve-id: CVE-2009-3053 cwe-id: CWE-22 - epss-score: 0.00367 - epss-percentile: 0.697 + epss-score: 0.00447 + epss-percentile: 0.74489 cpe: cpe:2.3:a:joomla:joomla:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2009/CVE-2009-3318.yaml b/http/cves/2009/CVE-2009-3318.yaml index 22733d3ebd..91bc79834e 100644 --- a/http/cves/2009/CVE-2009-3318.yaml +++ b/http/cves/2009/CVE-2009-3318.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2009-3318 cwe-id: CWE-22 epss-score: 0.00706 - epss-percentile: 0.78314 + epss-percentile: 0.79951 cpe: cpe:2.3:a:joomla:joomla:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2009/CVE-2009-4679.yaml b/http/cves/2009/CVE-2009-4679.yaml index fbb3c90284..61d4838935 100644 --- a/http/cves/2009/CVE-2009-4679.yaml +++ b/http/cves/2009/CVE-2009-4679.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2009-4679 cwe-id: CWE-22 epss-score: 0.00826 - epss-percentile: 0.80104 + epss-percentile: 0.81565 cpe: cpe:2.3:a:inertialfate:com_if_nexus:1.5:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2009/CVE-2009-5114.yaml b/http/cves/2009/CVE-2009-5114.yaml index d836cf4115..da79fb5690 100644 --- a/http/cves/2009/CVE-2009-5114.yaml +++ b/http/cves/2009/CVE-2009-5114.yaml @@ -13,13 +13,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2009-5114 - http://websecurity.com.ua/2628/ - https://exchange.xforce.ibmcloud.com/vulnerabilities/74321 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N cvss-score: 5 cve-id: CVE-2009-5114 cwe-id: CWE-22 epss-score: 0.01329 - epss-percentile: 0.84559 + epss-percentile: 0.85735 cpe: cpe:2.3:a:iwork:webglimpse:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-0467.yaml b/http/cves/2010/CVE-2010-0467.yaml index ebcbafe9b1..e744f5aa94 100644 --- a/http/cves/2010/CVE-2010-0467.yaml +++ b/http/cves/2010/CVE-2010-0467.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-0467 cwe-id: CWE-22 epss-score: 0.06955 - epss-percentile: 0.93273 + epss-percentile: 0.93792 cpe: cpe:2.3:a:chillcreations:com_ccnewsletter:1.0.5:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-0759.yaml b/http/cves/2010/CVE-2010-0759.yaml index d35f24b906..d339eeca95 100644 --- a/http/cves/2010/CVE-2010-0759.yaml +++ b/http/cves/2010/CVE-2010-0759.yaml @@ -13,13 +13,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-0759 - http://www.exploit-db.com/exploits/11498 - https://exchange.xforce.ibmcloud.com/vulnerabilities/56380 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P cvss-score: 7.5 cve-id: CVE-2010-0759 cwe-id: CWE-22 - epss-score: 0.01326 - epss-percentile: 0.84547 + epss-score: 0.01569 + epss-percentile: 0.86974 cpe: cpe:2.3:a:greatjoomla:scriptegrator_plugin:1.4.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-0942.yaml b/http/cves/2010/CVE-2010-0942.yaml index 2a2c71c54e..5543fb7a36 100644 --- a/http/cves/2010/CVE-2010-0942.yaml +++ b/http/cves/2010/CVE-2010-0942.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-0942 cwe-id: CWE-22 epss-score: 0.00477 - epss-percentile: 0.73222 + epss-percentile: 0.75244 cpe: cpe:2.3:a:jvideodirect:com_jvideodirect:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-0944.yaml b/http/cves/2010/CVE-2010-0944.yaml index 642eeafb3e..1e348cdc19 100644 --- a/http/cves/2010/CVE-2010-0944.yaml +++ b/http/cves/2010/CVE-2010-0944.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-0944 cwe-id: CWE-22 epss-score: 0.00477 - epss-percentile: 0.73222 + epss-percentile: 0.75244 cpe: cpe:2.3:a:thorsten_riess:com_jcollection:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-0972.yaml b/http/cves/2010/CVE-2010-0972.yaml index 0a7a37723b..b0a8e64e28 100644 --- a/http/cves/2010/CVE-2010-0972.yaml +++ b/http/cves/2010/CVE-2010-0972.yaml @@ -13,13 +13,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-0972 - http://www.exploit-db.com/exploits/11738 - https://exchange.xforce.ibmcloud.com/vulnerabilities/56863 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P cvss-score: 7.5 cve-id: CVE-2010-0972 cwe-id: CWE-22 epss-score: 0.00813 - epss-percentile: 0.79885 + epss-percentile: 0.81406 cpe: cpe:2.3:a:g4j.laoneo:com_gcalendar:2.1.5:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1056.yaml b/http/cves/2010/CVE-2010-1056.yaml index dba77c8bdf..f5b61a101e 100644 --- a/http/cves/2010/CVE-2010-1056.yaml +++ b/http/cves/2010/CVE-2010-1056.yaml @@ -13,13 +13,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-1056 - http://www.rockettheme.com/extensions-updates/638-rokdownloads-10-released - https://exchange.xforce.ibmcloud.com/vulnerabilities/56898 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P cvss-score: 6.8 cve-id: CVE-2010-1056 cwe-id: CWE-22 epss-score: 0.06484 - epss-percentile: 0.93019 + epss-percentile: 0.93567 cpe: cpe:2.3:a:rockettheme:com_rokdownloads:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1217.yaml b/http/cves/2010/CVE-2010-1217.yaml index a0b971bc58..a94792550f 100644 --- a/http/cves/2010/CVE-2010-1217.yaml +++ b/http/cves/2010/CVE-2010-1217.yaml @@ -13,13 +13,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-1217 - http://www.packetstormsecurity.org/1003-exploits/joomlajetooltip-lfi.txt - http://www.exploit-db.com/exploits/11814 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:N/A:N cvss-score: 4.3 cve-id: CVE-2010-1217 cwe-id: CWE-22 epss-score: 0.01155 - epss-percentile: 0.83281 + epss-percentile: 0.84543 cpe: cpe:2.3:a:je_form_creator:je_form_creator:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1219.yaml b/http/cves/2010/CVE-2010-1219.yaml index 80ee0c9968..1f4197d74e 100644 --- a/http/cves/2010/CVE-2010-1219.yaml +++ b/http/cves/2010/CVE-2010-1219.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2010-1219 cwe-id: CWE-22 epss-score: 0.00813 - epss-percentile: 0.79932 + epss-percentile: 0.81406 cpe: cpe:2.3:a:com_janews:com_janews:1.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1302.yaml b/http/cves/2010/CVE-2010-1302.yaml index 8b5725651c..1f519400dd 100644 --- a/http/cves/2010/CVE-2010-1302.yaml +++ b/http/cves/2010/CVE-2010-1302.yaml @@ -11,13 +11,14 @@ info: reference: - https://www.exploit-db.com/exploits/11978 - https://nvd.nist.gov/vuln/detail/CVE-2010-1302 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N cvss-score: 5 cve-id: CVE-2010-1302 cwe-id: CWE-22 epss-score: 0.01204 - epss-percentile: 0.83694 + epss-percentile: 0.84918 cpe: cpe:2.3:a:decryptweb:com_dwgraphs:1.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1304.yaml b/http/cves/2010/CVE-2010-1304.yaml index a46da6d101..663df7257e 100644 --- a/http/cves/2010/CVE-2010-1304.yaml +++ b/http/cves/2010/CVE-2010-1304.yaml @@ -11,13 +11,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-1304 - http://www.exploit-db.com/exploits/11998 - https://exchange.xforce.ibmcloud.com/vulnerabilities/57483 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N cvss-score: 5 cve-id: CVE-2010-1304 cwe-id: CWE-22 epss-score: 0.0045 - epss-percentile: 0.72402 + epss-percentile: 0.74575 cpe: cpe:2.3:a:joomlamo:com_userstatus:1.21.16:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1306.yaml b/http/cves/2010/CVE-2010-1306.yaml index 3117979ec8..8812b6095c 100644 --- a/http/cves/2010/CVE-2010-1306.yaml +++ b/http/cves/2010/CVE-2010-1306.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2010-1306 cwe-id: CWE-22 epss-score: 0.01242 - epss-percentile: 0.84048 + epss-percentile: 0.85196 cpe: cpe:2.3:a:roberto_aloi:com_joomlapicasa2:2.0.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1308.yaml b/http/cves/2010/CVE-2010-1308.yaml index 83d7a7e76b..8ae74ebca4 100644 --- a/http/cves/2010/CVE-2010-1308.yaml +++ b/http/cves/2010/CVE-2010-1308.yaml @@ -12,13 +12,14 @@ info: - https://www.exploit-db.com/exploits/12066 - https://nvd.nist.gov/vuln/detail/CVE-2010-1308 - http://www.vupen.com/english/advisories/2010/0809 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N cvss-score: 5 cve-id: CVE-2010-1308 cwe-id: CWE-22 epss-score: 0.01334 - epss-percentile: 0.84589 + epss-percentile: 0.85765 cpe: cpe:2.3:a:la-souris-verte:com_svmap:1.1.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1314.yaml b/http/cves/2010/CVE-2010-1314.yaml index 25fddbf745..6c460827dd 100644 --- a/http/cves/2010/CVE-2010-1314.yaml +++ b/http/cves/2010/CVE-2010-1314.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2010-1314 cwe-id: CWE-22 epss-score: 0.00477 - epss-percentile: 0.73222 + epss-percentile: 0.75244 cpe: cpe:2.3:a:joomlanook:com_hsconfig:1.5:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1315.yaml b/http/cves/2010/CVE-2010-1315.yaml index 2747a0d63d..9005d916c1 100644 --- a/http/cves/2010/CVE-2010-1315.yaml +++ b/http/cves/2010/CVE-2010-1315.yaml @@ -13,13 +13,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-1315 - http://packetstormsecurity.org/1004-exploits/joomlaweberpcustomer-lfi.txt - https://exchange.xforce.ibmcloud.com/vulnerabilities/57482 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N cvss-score: 5 cve-id: CVE-2010-1315 cwe-id: CWE-22 epss-score: 0.0087 - epss-percentile: 0.80553 + epss-percentile: 0.82023 cpe: cpe:2.3:a:joomlamo:com_weberpcustomer:1.2.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1345.yaml b/http/cves/2010/CVE-2010-1345.yaml index 9632fd902a..1e5f524d3d 100644 --- a/http/cves/2010/CVE-2010-1345.yaml +++ b/http/cves/2010/CVE-2010-1345.yaml @@ -12,13 +12,14 @@ info: - https://www.exploit-db.com/exploits/15453 - https://nvd.nist.gov/vuln/detail/CVE-2010-1345 - http://www.exploit-db.com/exploits/11785 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N cvss-score: 5 cve-id: CVE-2010-1345 cwe-id: CWE-22 epss-score: 0.00477 - epss-percentile: 0.73149 + epss-percentile: 0.75244 cpe: cpe:2.3:a:cookex:com_ckforms:1.3.3:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1352.yaml b/http/cves/2010/CVE-2010-1352.yaml index 0a157487ea..ecbfb10510 100644 --- a/http/cves/2010/CVE-2010-1352.yaml +++ b/http/cves/2010/CVE-2010-1352.yaml @@ -12,13 +12,14 @@ info: - https://www.exploit-db.com/exploits/12084 - https://nvd.nist.gov/vuln/detail/CVE-2010-1352 - http://packetstormsecurity.org/1004-exploits/joomlajukebox-lfi.txt + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N cvss-score: 5 cve-id: CVE-2010-1352 cwe-id: CWE-22 epss-score: 0.00477 - epss-percentile: 0.73149 + epss-percentile: 0.75244 cpe: cpe:2.3:a:jooforge:com_jukebox:1.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1353.yaml b/http/cves/2010/CVE-2010-1353.yaml index 47f69a66bd..c489f17df3 100644 --- a/http/cves/2010/CVE-2010-1353.yaml +++ b/http/cves/2010/CVE-2010-1353.yaml @@ -14,13 +14,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-1353 - http://www.vupen.com/english/advisories/2010/0808 - https://exchange.xforce.ibmcloud.com/vulnerabilities/57533 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N cvss-score: 5 cve-id: CVE-2010-1353 cwe-id: CWE-22 epss-score: 0.01751 - epss-percentile: 0.86604 + epss-percentile: 0.87665 cpe: cpe:2.3:a:wowjoomla:com_loginbox:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1429.yaml b/http/cves/2010/CVE-2010-1429.yaml index a04cf399c3..ffeefe2b9a 100644 --- a/http/cves/2010/CVE-2010-1429.yaml +++ b/http/cves/2010/CVE-2010-1429.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2010-1429 cwe-id: CWE-264 epss-score: 0.00573 - epss-percentile: 0.7553 + epss-percentile: 0.77469 cpe: cpe:2.3:a:redhat:jboss_enterprise_application_platform:*:cp08:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2010/CVE-2010-1469.yaml b/http/cves/2010/CVE-2010-1469.yaml index c586180f50..cee8a26272 100644 --- a/http/cves/2010/CVE-2010-1469.yaml +++ b/http/cves/2010/CVE-2010-1469.yaml @@ -13,13 +13,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-1469 - http://packetstormsecurity.org/1004-exploits/joomlajprojectmanager-lfi.txt - http://www.exploit-db.com/exploits/12146 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P cvss-score: 6.8 cve-id: CVE-2010-1469 cwe-id: CWE-22 epss-score: 0.00813 - epss-percentile: 0.79885 + epss-percentile: 0.81406 cpe: cpe:2.3:a:ternaria:com_jprojectmanager:1.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1470.yaml b/http/cves/2010/CVE-2010-1470.yaml index e3c5113913..93129c1f6a 100644 --- a/http/cves/2010/CVE-2010-1470.yaml +++ b/http/cves/2010/CVE-2010-1470.yaml @@ -13,13 +13,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-1470 - http://www.exploit-db.com/exploits/12166 - http://www.vupen.com/english/advisories/2010/0858 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P cvss-score: 7.5 cve-id: CVE-2010-1470 cwe-id: CWE-22 epss-score: 0.04616 - epss-percentile: 0.91716 + epss-percentile: 0.92373 cpe: cpe:2.3:a:dev.pucit.edu.pk:com_webtv:1.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1471.yaml b/http/cves/2010/CVE-2010-1471.yaml index 0f082905b0..fbb9cee6c0 100644 --- a/http/cves/2010/CVE-2010-1471.yaml +++ b/http/cves/2010/CVE-2010-1471.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-1471 cwe-id: CWE-22 epss-score: 0.05684 - epss-percentile: 0.92598 + epss-percentile: 0.93171 cpe: cpe:2.3:a:b-elektro:com_addressbook:1.5.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1472.yaml b/http/cves/2010/CVE-2010-1472.yaml index 39f12d0004..064108079e 100644 --- a/http/cves/2010/CVE-2010-1472.yaml +++ b/http/cves/2010/CVE-2010-1472.yaml @@ -13,13 +13,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-1472 - http://www.exploit-db.com/exploits/12167 - http://www.vupen.com/english/advisories/2010/0859 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P cvss-score: 7.5 cve-id: CVE-2010-1472 cwe-id: CWE-22 epss-score: 0.05684 - epss-percentile: 0.92564 + epss-percentile: 0.93171 cpe: cpe:2.3:a:kazulah:com_horoscope:1.5.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1478.yaml b/http/cves/2010/CVE-2010-1478.yaml index ab40706443..bd05c2ec44 100644 --- a/http/cves/2010/CVE-2010-1478.yaml +++ b/http/cves/2010/CVE-2010-1478.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2010-1478 cwe-id: CWE-22 epss-score: 0.00826 - epss-percentile: 0.80104 + epss-percentile: 0.81565 cpe: cpe:2.3:a:ternaria:com_jfeedback:1.2:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1491.yaml b/http/cves/2010/CVE-2010-1491.yaml index 2f8f2ec4b2..29f3f43fea 100644 --- a/http/cves/2010/CVE-2010-1491.yaml +++ b/http/cves/2010/CVE-2010-1491.yaml @@ -13,13 +13,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-1491 - http://packetstormsecurity.org/1004-exploits/joomlammsblog-lfi.txt - http://www.exploit-db.com/exploits/12318 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N cvss-score: 5 cve-id: CVE-2010-1491 cwe-id: CWE-22 epss-score: 0.00477 - epss-percentile: 0.73149 + epss-percentile: 0.75244 cpe: cpe:2.3:a:mms.pipp:com_mmsblog:2.3.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1495.yaml b/http/cves/2010/CVE-2010-1495.yaml index d245c91462..cc88bd94db 100644 --- a/http/cves/2010/CVE-2010-1495.yaml +++ b/http/cves/2010/CVE-2010-1495.yaml @@ -13,13 +13,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-1495 - http://www.vupen.com/english/advisories/2010/0929 - http://packetstormsecurity.org/1004-exploits/joomlamatamko-lfi.txt + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P cvss-score: 7.5 cve-id: CVE-2010-1495 cwe-id: CWE-22 epss-score: 0.04503 - epss-percentile: 0.91627 + epss-percentile: 0.92278 cpe: cpe:2.3:a:matamko:com_matamko:1.01:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1532.yaml b/http/cves/2010/CVE-2010-1532.yaml index d701535cdf..67d7722a82 100644 --- a/http/cves/2010/CVE-2010-1532.yaml +++ b/http/cves/2010/CVE-2010-1532.yaml @@ -12,13 +12,14 @@ info: - https://www.exploit-db.com/exploits/12118 - https://nvd.nist.gov/vuln/detail/CVE-2010-1532 - http://packetstormsecurity.org/1004-exploits/joomlapowermail-lfi.txt + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N cvss-score: 5 cve-id: CVE-2010-1532 cwe-id: CWE-22 epss-score: 0.00477 - epss-percentile: 0.73149 + epss-percentile: 0.75244 cpe: cpe:2.3:a:givesight:com_powermail:1.53:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1533.yaml b/http/cves/2010/CVE-2010-1533.yaml index 0a5966c694..14a7369c16 100644 --- a/http/cves/2010/CVE-2010-1533.yaml +++ b/http/cves/2010/CVE-2010-1533.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2010-1533 cwe-id: CWE-22 epss-score: 0.00706 - epss-percentile: 0.78314 + epss-percentile: 0.79951 cpe: cpe:2.3:a:peter_hocherl:com_tweetla:1.0.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1534.yaml b/http/cves/2010/CVE-2010-1534.yaml index d10a3f64b2..1d2bd6b0f5 100644 --- a/http/cves/2010/CVE-2010-1534.yaml +++ b/http/cves/2010/CVE-2010-1534.yaml @@ -11,13 +11,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-1534 - http://www.exploit-db.com/exploits/12067 - https://exchange.xforce.ibmcloud.com/vulnerabilities/57534 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N cvss-score: 5 cve-id: CVE-2010-1534 cwe-id: CWE-22 - epss-score: 0.01228 - epss-percentile: 0.83874 + epss-score: 0.01385 + epss-percentile: 0.86058 cpe: cpe:2.3:a:joomla.batjo:com_shoutbox:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1602.yaml b/http/cves/2010/CVE-2010-1602.yaml index 8245091386..d3da9c97e6 100644 --- a/http/cves/2010/CVE-2010-1602.yaml +++ b/http/cves/2010/CVE-2010-1602.yaml @@ -14,13 +14,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-1602 - http://packetstormsecurity.org/1004-exploits/joomlazimbcomment-lfi.txt - http://www.vupen.com/english/advisories/2010/0932 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P cvss-score: 7.5 cve-id: CVE-2010-1602 cwe-id: CWE-22 epss-score: 0.03451 - epss-percentile: 0.90542 + epss-percentile: 0.91267 cpe: cpe:2.3:a:zimbllc:com_zimbcomment:0.8.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1603.yaml b/http/cves/2010/CVE-2010-1603.yaml index 9c83884914..1721c83977 100644 --- a/http/cves/2010/CVE-2010-1603.yaml +++ b/http/cves/2010/CVE-2010-1603.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2010-1603 cwe-id: CWE-22 epss-score: 0.03451 - epss-percentile: 0.90581 + epss-percentile: 0.91267 cpe: cpe:2.3:a:zimbllc:com_zimbcore:0.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1607.yaml b/http/cves/2010/CVE-2010-1607.yaml index 9c3f252c94..818c7afdc3 100644 --- a/http/cves/2010/CVE-2010-1607.yaml +++ b/http/cves/2010/CVE-2010-1607.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-1607 cwe-id: CWE-22 epss-score: 0.01726 - epss-percentile: 0.86557 + epss-percentile: 0.87577 cpe: cpe:2.3:a:paysyspro:com_wmi:1.5.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1653.yaml b/http/cves/2010/CVE-2010-1653.yaml index e471c68673..e90da3b533 100644 --- a/http/cves/2010/CVE-2010-1653.yaml +++ b/http/cves/2010/CVE-2010-1653.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2010-1653 cwe-id: CWE-22 epss-score: 0.03527 - epss-percentile: 0.90668 + epss-percentile: 0.91355 cpe: cpe:2.3:a:htmlcoderhelper:com_graphics:1.0.6:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1657.yaml b/http/cves/2010/CVE-2010-1657.yaml index 7cf96701f7..7e5cabac9d 100644 --- a/http/cves/2010/CVE-2010-1657.yaml +++ b/http/cves/2010/CVE-2010-1657.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2010-1657 cwe-id: CWE-22 epss-score: 0.01751 - epss-percentile: 0.86649 + epss-percentile: 0.87665 cpe: cpe:2.3:a:recly:com_smartsite:1.0.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1658.yaml b/http/cves/2010/CVE-2010-1658.yaml index bb81723d53..cc4fdf3336 100644 --- a/http/cves/2010/CVE-2010-1658.yaml +++ b/http/cves/2010/CVE-2010-1658.yaml @@ -14,13 +14,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-1658 - http://www.vupen.com/english/advisories/2010/1007 - https://exchange.xforce.ibmcloud.com/vulnerabilities/58176 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N cvss-score: 5 cve-id: CVE-2010-1658 cwe-id: CWE-22 epss-score: 0.01751 - epss-percentile: 0.86604 + epss-percentile: 0.87665 cpe: cpe:2.3:a:code-garage:com_noticeboard:1.3:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1717.yaml b/http/cves/2010/CVE-2010-1717.yaml index 6f1a7def62..6941286ffe 100644 --- a/http/cves/2010/CVE-2010-1717.yaml +++ b/http/cves/2010/CVE-2010-1717.yaml @@ -13,13 +13,15 @@ info: - https://www.exploit-db.com/exploits/12291 - https://nvd.nist.gov/vuln/detail/CVE-2010-1717 - http://www.vupen.com/english/advisories/2010/0924 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/Live-Hack-CVE/CVE-2010-1717 classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P cvss-score: 7.5 cve-id: CVE-2010-1717 cwe-id: CWE-22 epss-score: 0.01733 - epss-percentile: 0.86527 + epss-percentile: 0.87598 cpe: cpe:2.3:a:if_surfalert_project:if_surfalert:1.2:*:*:*:*:joomla\!:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1718.yaml b/http/cves/2010/CVE-2010-1718.yaml index b6aa42c490..3d80e1674f 100644 --- a/http/cves/2010/CVE-2010-1718.yaml +++ b/http/cves/2010/CVE-2010-1718.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2010-1718 cwe-id: CWE-22 epss-score: 0.00826 - epss-percentile: 0.80104 + epss-percentile: 0.81565 cpe: cpe:2.3:a:lispeltuut:com_archeryscores:1.0.6:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1719.yaml b/http/cves/2010/CVE-2010-1719.yaml index d1d5c38405..b4379c8b45 100644 --- a/http/cves/2010/CVE-2010-1719.yaml +++ b/http/cves/2010/CVE-2010-1719.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2010-1719 cwe-id: CWE-22 epss-score: 0.01671 - epss-percentile: 0.86348 + epss-percentile: 0.87378 cpe: cpe:2.3:a:moto-treks:com_mtfireeagle:1.2:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1858.yaml b/http/cves/2010/CVE-2010-1858.yaml index 23a1a36dbc..a870eef23a 100644 --- a/http/cves/2010/CVE-2010-1858.yaml +++ b/http/cves/2010/CVE-2010-1858.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-1858 cwe-id: CWE-22 epss-score: 0.01155 - epss-percentile: 0.83338 + epss-percentile: 0.84543 cpe: cpe:2.3:a:gelembjuk:com_smestorage:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1878.yaml b/http/cves/2010/CVE-2010-1878.yaml index b5dca1b571..81e99ac1c1 100644 --- a/http/cves/2010/CVE-2010-1878.yaml +++ b/http/cves/2010/CVE-2010-1878.yaml @@ -14,13 +14,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-1878 - http://packetstormsecurity.org/1004-exploits/joomlaorgchart-lfi.txt - https://exchange.xforce.ibmcloud.com/vulnerabilities/58031 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P cvss-score: 7.5 cve-id: CVE-2010-1878 cwe-id: CWE-22 epss-score: 0.00826 - epss-percentile: 0.80059 + epss-percentile: 0.81565 cpe: cpe:2.3:a:blueflyingfish.no-ip:com_orgchart:1.0.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1952.yaml b/http/cves/2010/CVE-2010-1952.yaml index 6e3434fc44..b6c6fb2b07 100644 --- a/http/cves/2010/CVE-2010-1952.yaml +++ b/http/cves/2010/CVE-2010-1952.yaml @@ -13,13 +13,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-1952 - http://www.exploit-db.com/exploits/12239 - https://exchange.xforce.ibmcloud.com/vulnerabilities/57845 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P cvss-score: 7.5 cve-id: CVE-2010-1952 cwe-id: CWE-22 epss-score: 0.01242 - epss-percentile: 0.83996 + epss-percentile: 0.85196 cpe: cpe:2.3:a:cmstactics:com_beeheard:1.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1953.yaml b/http/cves/2010/CVE-2010-1953.yaml index a88d1fb0ab..7b24fbf971 100644 --- a/http/cves/2010/CVE-2010-1953.yaml +++ b/http/cves/2010/CVE-2010-1953.yaml @@ -13,13 +13,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-1953 - http://www.vupen.com/english/advisories/2010/0927 - http://www.exploit-db.com/exploits/12288 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P cvss-score: 7.5 cve-id: CVE-2010-1953 cwe-id: CWE-22 epss-score: 0.05684 - epss-percentile: 0.92564 + epss-percentile: 0.93171 cpe: cpe:2.3:a:joomlacomponent.inetlanka:com_multimap:1.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1957.yaml b/http/cves/2010/CVE-2010-1957.yaml index 903077859d..2f9dd52a72 100644 --- a/http/cves/2010/CVE-2010-1957.yaml +++ b/http/cves/2010/CVE-2010-1957.yaml @@ -13,13 +13,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-1957 - http://packetstormsecurity.org/1004-exploits/joomlalovefactory-lfi.txt - https://exchange.xforce.ibmcloud.com/vulnerabilities/57849 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P cvss-score: 7.5 cve-id: CVE-2010-1957 cwe-id: CWE-22 epss-score: 0.01671 - epss-percentile: 0.86287 + epss-percentile: 0.87378 cpe: cpe:2.3:a:thefactory:com_lovefactory:1.3.4:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1979.yaml b/http/cves/2010/CVE-2010-1979.yaml index 2ab5f48f45..5daa0dfc9b 100644 --- a/http/cves/2010/CVE-2010-1979.yaml +++ b/http/cves/2010/CVE-2010-1979.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-1979 cwe-id: CWE-22 epss-score: 0.00826 - epss-percentile: 0.80104 + epss-percentile: 0.81565 cpe: cpe:2.3:a:affiliatefeeds:com_datafeeds:build_880:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-1983.yaml b/http/cves/2010/CVE-2010-1983.yaml index 4749d2c872..e57c8896b6 100644 --- a/http/cves/2010/CVE-2010-1983.yaml +++ b/http/cves/2010/CVE-2010-1983.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-1983 cwe-id: CWE-22 epss-score: 0.01815 - epss-percentile: 0.86892 + epss-percentile: 0.87898 cpe: cpe:2.3:a:redcomponent:com_redtwitter:1.0b8:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-2035.yaml b/http/cves/2010/CVE-2010-2035.yaml index 29eccebf1f..c57db7260b 100644 --- a/http/cves/2010/CVE-2010-2035.yaml +++ b/http/cves/2010/CVE-2010-2035.yaml @@ -11,15 +11,15 @@ info: reference: - https://www.exploit-db.com/exploits/34006 - https://nvd.nist.gov/vuln/detail/CVE-2010-2035 - - http://web.archive.org/web/20210615115919/https://www.securityfocus.com/bid/40244 - http://packetstormsecurity.org/1005-exploits/joomlaperchagl-lfi.txt + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:P cvss-score: 7.5 cve-id: CVE-2010-2035 cwe-id: CWE-22 - epss-score: 0.00718 - epss-percentile: 0.78453 + epss-score: 0.07071 + epss-percentile: 0.93832 cpe: cpe:2.3:a:percha:com_perchagallery:1.6:beta:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-2122.yaml b/http/cves/2010/CVE-2010-2122.yaml index e29e3ff55f..45131b5fbe 100644 --- a/http/cves/2010/CVE-2010-2122.yaml +++ b/http/cves/2010/CVE-2010-2122.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-2122 cwe-id: CWE-22 epss-score: 0.01806 - epss-percentile: 0.86853 + epss-percentile: 0.87868 cpe: cpe:2.3:a:joelrowley:com_simpledownload:0.9.5:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-2307.yaml b/http/cves/2010/CVE-2010-2307.yaml index cd6ae0c2fc..7110040c59 100644 --- a/http/cves/2010/CVE-2010-2307.yaml +++ b/http/cves/2010/CVE-2010-2307.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-2307 cwe-id: CWE-22 epss-score: 0.00813 - epss-percentile: 0.79936 + epss-percentile: 0.81409 cpe: cpe:2.3:h:motorola:surfboard_sbv6120e:sbv6x2x-1.0.0.5-scm-02-shpc:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-2507.yaml b/http/cves/2010/CVE-2010-2507.yaml index 53be812741..c64969b653 100644 --- a/http/cves/2010/CVE-2010-2507.yaml +++ b/http/cves/2010/CVE-2010-2507.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-2507 cwe-id: CWE-22 epss-score: 0.01671 - epss-percentile: 0.86348 + epss-percentile: 0.87378 cpe: cpe:2.3:a:masselink:com_picasa2gallery:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-2682.yaml b/http/cves/2010/CVE-2010-2682.yaml index 6675cfac0b..12114c5711 100644 --- a/http/cves/2010/CVE-2010-2682.yaml +++ b/http/cves/2010/CVE-2010-2682.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-2682 cwe-id: CWE-22 epss-score: 0.00826 - epss-percentile: 0.80104 + epss-percentile: 0.81565 cpe: cpe:2.3:a:realtyna:com_realtyna:1.0.15:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-2857.yaml b/http/cves/2010/CVE-2010-2857.yaml index db9036034d..0f2dce1d94 100644 --- a/http/cves/2010/CVE-2010-2857.yaml +++ b/http/cves/2010/CVE-2010-2857.yaml @@ -13,13 +13,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2010-2857 - http://www.exploit-db.com/exploits/14274 - https://exchange.xforce.ibmcloud.com/vulnerabilities/60195 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P cvss-score: 6.8 cve-id: CVE-2010-2857 cwe-id: CWE-22 epss-score: 0.00826 - epss-percentile: 0.80059 + epss-percentile: 0.81565 cpe: cpe:2.3:a:danieljamesscott:com_music:0.1:-:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-2861.yaml b/http/cves/2010/CVE-2010-2861.yaml index 9d014f36a3..cb515e7ce1 100644 --- a/http/cves/2010/CVE-2010-2861.yaml +++ b/http/cves/2010/CVE-2010-2861.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-2861 cwe-id: CWE-22 epss-score: 0.97078 - epss-percentile: 0.99727 + epss-percentile: 0.99753 cpe: cpe:2.3:a:adobe:coldfusion:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-2918.yaml b/http/cves/2010/CVE-2010-2918.yaml index 343b70d631..643a902e13 100644 --- a/http/cves/2010/CVE-2010-2918.yaml +++ b/http/cves/2010/CVE-2010-2918.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-2918 cwe-id: CWE-94 epss-score: 0.02847 - epss-percentile: 0.89708 + epss-percentile: 0.90478 cpe: cpe:2.3:a:visocrea:com_joomla_visites:1.1:rc2:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-3426.yaml b/http/cves/2010/CVE-2010-3426.yaml index d6fd5a8bff..d262c0f4a9 100644 --- a/http/cves/2010/CVE-2010-3426.yaml +++ b/http/cves/2010/CVE-2010-3426.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-3426 cwe-id: CWE-22 epss-score: 0.00826 - epss-percentile: 0.80104 + epss-percentile: 0.81565 cpe: cpe:2.3:a:4you-studio:com_jphone:1.0:alpha3:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-4231.yaml b/http/cves/2010/CVE-2010-4231.yaml index f0b7fa5b95..3c61444065 100644 --- a/http/cves/2010/CVE-2010-4231.yaml +++ b/http/cves/2010/CVE-2010-4231.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-4231 cwe-id: CWE-22 epss-score: 0.01615 - epss-percentile: 0.86142 + epss-percentile: 0.87178 cpe: cpe:2.3:a:camtron:cmnc-200_firmware:1.102a-008:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-4239.yaml b/http/cves/2010/CVE-2010-4239.yaml index 52b2e9def4..6a38eb1d2c 100644 --- a/http/cves/2010/CVE-2010-4239.yaml +++ b/http/cves/2010/CVE-2010-4239.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2010-4239 cwe-id: CWE-20 - epss-score: 0.04033 - epss-percentile: 0.9122 + epss-score: 0.03038 + epss-percentile: 0.90751 cpe: cpe:2.3:a:tiki:tikiwiki_cms\/groupware:5.2:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-4719.yaml b/http/cves/2010/CVE-2010-4719.yaml index cfa68424a1..8d3bae1ad3 100644 --- a/http/cves/2010/CVE-2010-4719.yaml +++ b/http/cves/2010/CVE-2010-4719.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-4719 cwe-id: CWE-22 epss-score: 0.04503 - epss-percentile: 0.91627 + epss-percentile: 0.92278 cpe: cpe:2.3:a:fxwebdesign:com_jradio:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-4977.yaml b/http/cves/2010/CVE-2010-4977.yaml index 3046c38a5b..57b62a1ddf 100644 --- a/http/cves/2010/CVE-2010-4977.yaml +++ b/http/cves/2010/CVE-2010-4977.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2010-4977 cwe-id: CWE-89 epss-score: 0.0016 - epss-percentile: 0.52502 + epss-percentile: 0.51628 cpe: cpe:2.3:a:miniwork:com_canteen:1.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-5278.yaml b/http/cves/2010/CVE-2010-5278.yaml index 8f03abbd4c..610a17b2a2 100644 --- a/http/cves/2010/CVE-2010-5278.yaml +++ b/http/cves/2010/CVE-2010-5278.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2010-5278 cwe-id: CWE-22 epss-score: 0.06122 - epss-percentile: 0.92816 + epss-percentile: 0.93381 cpe: cpe:2.3:a:modx:modx_revolution:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2010/CVE-2010-5286.yaml b/http/cves/2010/CVE-2010-5286.yaml index 519fe5438a..0d6fdda612 100644 --- a/http/cves/2010/CVE-2010-5286.yaml +++ b/http/cves/2010/CVE-2010-5286.yaml @@ -12,13 +12,14 @@ info: - https://www.exploit-db.com/exploits/34837 - https://nvd.nist.gov/vuln/detail/CVE-2010-5286 - http://packetstormsecurity.org/1010-exploits/joomlajstore-lfi.txt + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C cvss-score: 10 cve-id: CVE-2010-5286 cwe-id: CWE-22 - epss-score: 0.03802 - epss-percentile: 0.90974 + epss-score: 0.07071 + epss-percentile: 0.93832 cpe: cpe:2.3:a:joobi:com_jstore:-:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2011/CVE-2011-2744.yaml b/http/cves/2011/CVE-2011-2744.yaml index 513965019d..0af15450d7 100644 --- a/http/cves/2011/CVE-2011-2744.yaml +++ b/http/cves/2011/CVE-2011-2744.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2011-2744 cwe-id: CWE-22 epss-score: 0.01541 - epss-percentile: 0.85787 + epss-percentile: 0.86842 cpe: cpe:2.3:a:chyrp:chyrp:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2011/CVE-2011-2780.yaml b/http/cves/2011/CVE-2011-2780.yaml index b91d70c4db..37ada8c50e 100644 --- a/http/cves/2011/CVE-2011-2780.yaml +++ b/http/cves/2011/CVE-2011-2780.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2011-2780 cwe-id: CWE-22 epss-score: 0.03327 - epss-percentile: 0.90416 + epss-percentile: 0.91127 cpe: cpe:2.3:a:chyrp:chyrp:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2011/CVE-2011-3315.yaml b/http/cves/2011/CVE-2011-3315.yaml index a46ca6fe00..c709a97407 100644 --- a/http/cves/2011/CVE-2011-3315.yaml +++ b/http/cves/2011/CVE-2011-3315.yaml @@ -12,13 +12,14 @@ info: - https://www.exploit-db.com/exploits/36256 - http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-uccx - http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-cucm + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:N/A:N cvss-score: 7.8 cve-id: CVE-2011-3315 cwe-id: CWE-22 - epss-score: 0.86205 - epss-percentile: 0.98314 + epss-score: 0.72021 + epss-percentile: 0.97988 cpe: cpe:2.3:h:cisco:unified_ip_interactive_voice_response:-:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2011/CVE-2011-4336.yaml b/http/cves/2011/CVE-2011-4336.yaml index 9a074519dc..a1755a31c3 100644 --- a/http/cves/2011/CVE-2011-4336.yaml +++ b/http/cves/2011/CVE-2011-4336.yaml @@ -11,13 +11,14 @@ info: reference: - https://nvd.nist.gov/vuln/detail/CVE-2011-4336 - https://seclists.org/bugtraq/2011/Nov/140 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2011-4336 cwe-id: CWE-79 epss-score: 0.00255 - epss-percentile: 0.63362 + epss-percentile: 0.64746 cpe: cpe:2.3:a:tiki:tikiwiki_cms\/groupware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2011/CVE-2011-4618.yaml b/http/cves/2011/CVE-2011-4618.yaml index 45c9542899..215b36230a 100644 --- a/http/cves/2011/CVE-2011-4618.yaml +++ b/http/cves/2011/CVE-2011-4618.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2011-4618 cwe-id: CWE-79 epss-score: 0.01913 - epss-percentile: 0.87299 + epss-percentile: 0.88293 cpe: cpe:2.3:a:simplerealtytheme:advanced_text_widget_plugin:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2011/CVE-2011-4624.yaml b/http/cves/2011/CVE-2011-4624.yaml index 0b418552a9..7474a3f31f 100644 --- a/http/cves/2011/CVE-2011-4624.yaml +++ b/http/cves/2011/CVE-2011-4624.yaml @@ -13,13 +13,14 @@ info: - http://www.openwall.com/lists/oss-security/2011/12/23/2 - http://plugins.trac.wordpress.org/changeset/469785 - http://wordpress.org/extend/plugins/flash-album-gallery/changelog/ + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N cvss-score: 4.3 cve-id: CVE-2011-4624 cwe-id: CWE-79 epss-score: 0.00431 - epss-percentile: 0.71804 + epss-percentile: 0.74018 cpe: cpe:2.3:a:codeasily:grand_flagallery:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2011/CVE-2011-4640.yaml b/http/cves/2011/CVE-2011-4640.yaml index 7e01d97052..5a3ef9a97c 100644 --- a/http/cves/2011/CVE-2011-4640.yaml +++ b/http/cves/2011/CVE-2011-4640.yaml @@ -11,7 +11,7 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2011-4640 classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:S/C:P/I:N/A:N - cvss-score: 4.0 + cvss-score: 4 cve-id: CVE-2011-4640 cwe-id: CWE-22 cpe: cpe:2.3:a:spamtitan:webtitan:*:*:*:*:*:*:*:* diff --git a/http/cves/2011/CVE-2011-5106.yaml b/http/cves/2011/CVE-2011-5106.yaml index af295c65b6..d2542c1fed 100644 --- a/http/cves/2011/CVE-2011-5106.yaml +++ b/http/cves/2011/CVE-2011-5106.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2011-5106 cwe-id: CWE-79 epss-score: 0.00434 - epss-percentile: 0.71916 + epss-percentile: 0.7412 cpe: cpe:2.3:a:fractalia:flexible_custom_post_type:0.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2011/CVE-2011-5107.yaml b/http/cves/2011/CVE-2011-5107.yaml index 08f4929265..cb86613bfb 100644 --- a/http/cves/2011/CVE-2011-5107.yaml +++ b/http/cves/2011/CVE-2011-5107.yaml @@ -12,13 +12,15 @@ info: reference: - https://nvd.nist.gov/vuln/detail/CVE-2011-5107 https://www.acunetix.com/vulnerabilities/web/wordpress-plugin-alert-before-your-post-cross-site-scripting-0-1-1/ - https://exchange.xforce.ibmcloud.com/vulnerabilities/71413 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/d4n-sec/d4n-sec.github.io classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N cvss-score: 4.3 cve-id: CVE-2011-5107 cwe-id: CWE-79 epss-score: 0.00232 - epss-percentile: 0.61277 + epss-percentile: 0.6058 cpe: cpe:2.3:a:wordpress:alert_before_you_post:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2011/CVE-2011-5252.yaml b/http/cves/2011/CVE-2011-5252.yaml index b421ced944..db2c0b3dad 100644 --- a/http/cves/2011/CVE-2011-5252.yaml +++ b/http/cves/2011/CVE-2011-5252.yaml @@ -21,8 +21,8 @@ info: cvss-score: 5.8 cve-id: CVE-2011-5252 cwe-id: CWE-20 - epss-score: 0.02747 - epss-percentile: 0.89537 + epss-score: 0.02536 + epss-percentile: 0.89931 cpe: cpe:2.3:a:orchardproject:orchard:1.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2011/CVE-2011-5265.yaml b/http/cves/2011/CVE-2011-5265.yaml index 526dd0b561..9e6fe6f453 100644 --- a/http/cves/2011/CVE-2011-5265.yaml +++ b/http/cves/2011/CVE-2011-5265.yaml @@ -12,13 +12,15 @@ info: reference: - https://nvd.nist.gov/vuln/detail/CVE-2011-5265 - https://exchange.xforce.ibmcloud.com/vulnerabilities/71468 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/d4n-sec/d4n-sec.github.io classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N cvss-score: 4.3 cve-id: CVE-2011-5265 cwe-id: CWE-79 epss-score: 0.00478 - epss-percentile: 0.73197 + epss-percentile: 0.75288 cpe: cpe:2.3:a:featurific_for_wordpress_project:featurific-for-wordpress:1.6.2:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2012/CVE-2012-0392.yaml b/http/cves/2012/CVE-2012-0392.yaml index 345e187915..e54bc1465d 100644 --- a/http/cves/2012/CVE-2012-0392.yaml +++ b/http/cves/2012/CVE-2012-0392.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.8 cve-id: CVE-2012-0392 cwe-id: NVD-CWE-noinfo - epss-score: 0.97059 - epss-percentile: 0.9971 + epss-score: 0.9496 + epss-percentile: 0.99239 cpe: cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2012/CVE-2012-0996.yaml b/http/cves/2012/CVE-2012-0996.yaml index d8da34ad17..0b657a286f 100644 --- a/http/cves/2012/CVE-2012-0996.yaml +++ b/http/cves/2012/CVE-2012-0996.yaml @@ -18,8 +18,8 @@ info: cvss-score: 5 cve-id: CVE-2012-0996 cwe-id: CWE-22 - epss-score: 0.00737 - epss-percentile: 0.78828 + epss-score: 0.02194 + epss-percentile: 0.89179 cpe: cpe:2.3:a:11in1:11in1:1.2.1:stable_12-31-2011:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2012/CVE-2012-1835.yaml b/http/cves/2012/CVE-2012-1835.yaml index 30d6376993..8d600795e9 100644 --- a/http/cves/2012/CVE-2012-1835.yaml +++ b/http/cves/2012/CVE-2012-1835.yaml @@ -18,8 +18,8 @@ info: cvss-score: 4.3 cve-id: CVE-2012-1835 cwe-id: CWE-79 - epss-score: 0.00229 - epss-percentile: 0.61124 + epss-score: 0.01124 + epss-percentile: 0.84313 cpe: cpe:2.3:a:timely:all-in-one_event_calendar:1.4:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2012/CVE-2012-2371.yaml b/http/cves/2012/CVE-2012-2371.yaml index 3bbd9f4e28..bf28ada0ad 100644 --- a/http/cves/2012/CVE-2012-2371.yaml +++ b/http/cves/2012/CVE-2012-2371.yaml @@ -20,8 +20,8 @@ info: cvss-score: 4.3 cve-id: CVE-2012-2371 cwe-id: CWE-79 - epss-score: 0.00825 - epss-percentile: 0.80043 + epss-score: 0.01345 + epss-percentile: 0.85828 cpe: cpe:2.3:a:mnt-tech:wp-facethumb:0.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2012/CVE-2012-4253.yaml b/http/cves/2012/CVE-2012-4253.yaml index fbe3a390e6..b34c5ca69b 100644 --- a/http/cves/2012/CVE-2012-4253.yaml +++ b/http/cves/2012/CVE-2012-4253.yaml @@ -20,8 +20,8 @@ info: cvss-score: 4.3 cve-id: CVE-2012-4253 cwe-id: CWE-22 - epss-score: 0.02018 - epss-percentile: 0.8771 + epss-score: 0.0179 + epss-percentile: 0.87805 cpe: cpe:2.3:a:mysqldumper:mysqldumper:1.24.4:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2012/CVE-2012-4273.yaml b/http/cves/2012/CVE-2012-4273.yaml index 765440b127..9d69e326ae 100644 --- a/http/cves/2012/CVE-2012-4273.yaml +++ b/http/cves/2012/CVE-2012-4273.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2012-4273 cwe-id: CWE-79 epss-score: 0.00252 - epss-percentile: 0.63173 + epss-percentile: 0.64486 cpe: cpe:2.3:a:ppfeufer:2-click-social-media-buttons:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2012/CVE-2012-4768.yaml b/http/cves/2012/CVE-2012-4768.yaml index 2c1869e8f3..59083f5f5d 100644 --- a/http/cves/2012/CVE-2012-4768.yaml +++ b/http/cves/2012/CVE-2012-4768.yaml @@ -14,13 +14,14 @@ info: - http://packetstormsecurity.org/files/116408/wpdownloadmonitor3357-xss.txt - http://www.reactionpenetrationtesting.co.uk/wordpress-download-monitor-xss.html - https://exchange.xforce.ibmcloud.com/vulnerabilities/78422 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N cvss-score: 4.3 cve-id: CVE-2012-4768 cwe-id: CWE-79 epss-score: 0.00922 - epss-percentile: 0.81161 + epss-percentile: 0.82559 cpe: cpe:2.3:a:mikejolley:download_monitor:3.3.5.7:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2012/CVE-2012-4878.yaml b/http/cves/2012/CVE-2012-4878.yaml index cee6cbf339..d08fbbf00c 100644 --- a/http/cves/2012/CVE-2012-4878.yaml +++ b/http/cves/2012/CVE-2012-4878.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2012-4878 cwe-id: CWE-22 epss-score: 0.00608 - epss-percentile: 0.76323 + epss-percentile: 0.7813 cpe: cpe:2.3:a:flatnux:flatnux:2011-08-09-2:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2012/CVE-2012-4889.yaml b/http/cves/2012/CVE-2012-4889.yaml index 52eeaf127a..63ecbffe52 100644 --- a/http/cves/2012/CVE-2012-4889.yaml +++ b/http/cves/2012/CVE-2012-4889.yaml @@ -14,13 +14,14 @@ info: - http://packetstormsecurity.org/files/111474/VL-437.txt - http://www.vulnerability-lab.com/get_content.php?id=437 - https://exchange.xforce.ibmcloud.com/vulnerabilities/74538 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N cvss-score: 4.3 cve-id: CVE-2012-4889 cwe-id: CWE-79 epss-score: 0.03526 - epss-percentile: 0.90633 + epss-percentile: 0.91352 cpe: cpe:2.3:a:manageengine:firewall_analyzer:7.2:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2012/CVE-2012-4982.yaml b/http/cves/2012/CVE-2012-4982.yaml index b1e5f6933b..2133ac7ad9 100644 --- a/http/cves/2012/CVE-2012-4982.yaml +++ b/http/cves/2012/CVE-2012-4982.yaml @@ -15,13 +15,14 @@ info: - https://www.reactionpenetrationtesting.co.uk/forescout-cross-site-redirection.html - https://nvd.nist.gov/vuln/detail/CVE-2012-4982 - http://www.reactionpenetrationtesting.co.uk/forescout-cross-site-redirection.html + - https://github.com/tr3ss/newclei classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:N cvss-score: 5.8 cve-id: CVE-2012-4982 cwe-id: CWE-20 - epss-score: 0.00553 - epss-percentile: 0.75093 + epss-score: 0.00357 + epss-percentile: 0.71561 cpe: cpe:2.3:a:forescout:counteract:6.3.4.10:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2012/CVE-2012-5913.yaml b/http/cves/2012/CVE-2012-5913.yaml index 6a31eb5875..99dc1b66a7 100644 --- a/http/cves/2012/CVE-2012-5913.yaml +++ b/http/cves/2012/CVE-2012-5913.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2012-5913 cwe-id: CWE-79 epss-score: 0.01863 - epss-percentile: 0.87064 + epss-percentile: 0.88104 cpe: cpe:2.3:a:wordpress_integrator_project:wordpress_integrator:1.32:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2013/CVE-2013-2248.yaml b/http/cves/2013/CVE-2013-2248.yaml index aeab16494f..e278d581fc 100644 --- a/http/cves/2013/CVE-2013-2248.yaml +++ b/http/cves/2013/CVE-2013-2248.yaml @@ -19,8 +19,8 @@ info: cvss-score: 5.8 cve-id: CVE-2013-2248 cwe-id: CWE-20 - epss-score: 0.97289 - epss-percentile: 0.99844 + epss-score: 0.97268 + epss-percentile: 0.99838 cpe: cpe:2.3:a:apache:struts:2.0.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2013/CVE-2013-2287.yaml b/http/cves/2013/CVE-2013-2287.yaml index 62a581c805..d47afc49e0 100644 --- a/http/cves/2013/CVE-2013-2287.yaml +++ b/http/cves/2013/CVE-2013-2287.yaml @@ -12,13 +12,15 @@ info: reference: - https://nvd.nist.gov/vuln/detail/CVE-2013-2287 - https://www.dognaedis.com/vulns/DGS-SEC-16.html + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/d4n-sec/d4n-sec.github.io classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N cvss-score: 4.3 cve-id: CVE-2013-2287 cwe-id: CWE-79 epss-score: 0.00219 - epss-percentile: 0.59848 + epss-percentile: 0.59251 cpe: cpe:2.3:a:roberta_bramski:uploader:1.0.4:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2013/CVE-2013-4625.yaml b/http/cves/2013/CVE-2013-4625.yaml index 80b13c8904..0d67310282 100644 --- a/http/cves/2013/CVE-2013-4625.yaml +++ b/http/cves/2013/CVE-2013-4625.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2013-4625 cwe-id: CWE-79 epss-score: 0.01217 - epss-percentile: 0.83857 + epss-percentile: 0.85008 cpe: cpe:2.3:a:cory_lamle:duplicator:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2013/CVE-2013-5979.yaml b/http/cves/2013/CVE-2013-5979.yaml index 58c03bee01..ca0118d9fb 100644 --- a/http/cves/2013/CVE-2013-5979.yaml +++ b/http/cves/2013/CVE-2013-5979.yaml @@ -20,8 +20,8 @@ info: cvss-score: 5 cve-id: CVE-2013-5979 cwe-id: CWE-22 - epss-score: 0.06601 - epss-percentile: 0.93089 + epss-score: 0.04915 + epss-percentile: 0.92611 cpe: cpe:2.3:a:springsignage:xibo:1.2.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2013/CVE-2013-6281.yaml b/http/cves/2013/CVE-2013-6281.yaml index 6c7654d502..1cf21a693b 100644 --- a/http/cves/2013/CVE-2013-6281.yaml +++ b/http/cves/2013/CVE-2013-6281.yaml @@ -15,13 +15,14 @@ info: - https://wordpress.org/plugins/dhtmlxspreadsheet/ - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6281 - https://nvd.nist.gov/vuln/detail/CVE-2013-6281 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N cvss-score: 4.3 cve-id: CVE-2013-6281 cwe-id: CWE-79 - epss-score: 0.00209 - epss-percentile: 0.58813 + epss-score: 0.00327 + epss-percentile: 0.70301 cpe: cpe:2.3:a:dhtmlx:dhtmlxspreadsheet:2.0:-:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2013/CVE-2013-7091.yaml b/http/cves/2013/CVE-2013-7091.yaml index ff0c8ebd21..7b44d9fc5c 100644 --- a/http/cves/2013/CVE-2013-7091.yaml +++ b/http/cves/2013/CVE-2013-7091.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2013-7091 cwe-id: CWE-22 epss-score: 0.97337 - epss-percentile: 0.9987 + epss-percentile: 0.99881 cpe: cpe:2.3:a:synacor:zimbra_collaboration_suite:6.0.0:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2013/CVE-2013-7285.yaml b/http/cves/2013/CVE-2013-7285.yaml index e963d0c1fd..32eaf72eb4 100644 --- a/http/cves/2013/CVE-2013-7285.yaml +++ b/http/cves/2013/CVE-2013-7285.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2013-7285 cwe-id: CWE-78 epss-score: 0.55716 - epss-percentile: 0.97383 + epss-percentile: 0.97607 cpe: cpe:2.3:a:xstream_project:xstream:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2014/CVE-2014-10037.yaml b/http/cves/2014/CVE-2014-10037.yaml index 2dae62c220..ae61d70fa8 100644 --- a/http/cves/2014/CVE-2014-10037.yaml +++ b/http/cves/2014/CVE-2014-10037.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2014-10037 cwe-id: CWE-22 epss-score: 0.14101 - epss-percentile: 0.95201 + epss-percentile: 0.95548 cpe: cpe:2.3:a:domphp:domphp:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2014/CVE-2014-1203.yaml b/http/cves/2014/CVE-2014-1203.yaml index 702b6f34f3..efc57f7ca2 100644 --- a/http/cves/2014/CVE-2014-1203.yaml +++ b/http/cves/2014/CVE-2014-1203.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2014-1203 cwe-id: CWE-77 epss-score: 0.02045 - epss-percentile: 0.87805 + epss-percentile: 0.88732 cpe: cpe:2.3:a:eyou:eyou:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2014/CVE-2014-2323.yaml b/http/cves/2014/CVE-2014-2323.yaml index 06ebacda9e..10d66a4abe 100644 --- a/http/cves/2014/CVE-2014-2323.yaml +++ b/http/cves/2014/CVE-2014-2323.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2014-2323 cwe-id: CWE-89 - epss-score: 0.96071 - epss-percentile: 0.99365 + epss-score: 0.96033 + epss-percentile: 0.99445 cpe: cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2014/CVE-2014-2383.yaml b/http/cves/2014/CVE-2014-2383.yaml index 8ef1751746..d92e4e86e4 100644 --- a/http/cves/2014/CVE-2014-2383.yaml +++ b/http/cves/2014/CVE-2014-2383.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.8 cve-id: CVE-2014-2383 cwe-id: CWE-200 - epss-score: 0.00723 - epss-percentile: 0.78624 + epss-score: 0.00511 + epss-percentile: 0.76134 cpe: cpe:2.3:a:dompdf:dompdf:*:beta3:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2014/CVE-2014-2962.yaml b/http/cves/2014/CVE-2014-2962.yaml index 5830936138..15e7e0ac71 100644 --- a/http/cves/2014/CVE-2014-2962.yaml +++ b/http/cves/2014/CVE-2014-2962.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2014-2962 cwe-id: CWE-22 epss-score: 0.95825 - epss-percentile: 0.99309 + epss-percentile: 0.99395 cpe: cpe:2.3:o:belkin:n150_f9k1009_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2014/CVE-2014-3120.yaml b/http/cves/2014/CVE-2014-3120.yaml index 3f927faecd..2502b1b8c3 100644 --- a/http/cves/2014/CVE-2014-3120.yaml +++ b/http/cves/2014/CVE-2014-3120.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.8 cve-id: CVE-2014-3120 cwe-id: CWE-284 - epss-score: 0.53013 - epss-percentile: 0.97306 + epss-score: 0.53209 + epss-percentile: 0.97551 cpe: cpe:2.3:a:elasticsearch:elasticsearch:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2014/CVE-2014-3206.yaml b/http/cves/2014/CVE-2014-3206.yaml index 3a21aad8f4..0977500622 100644 --- a/http/cves/2014/CVE-2014-3206.yaml +++ b/http/cves/2014/CVE-2014-3206.yaml @@ -13,13 +13,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2014-3206 - https://www.exploit-db.com/exploits/33159 - https://www.exploit-db.com/exploits/33159/ + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2014-3206 cwe-id: CWE-20 - epss-score: 0.31809 - epss-percentile: 0.96584 + epss-score: 0.2561 + epss-percentile: 0.96594 cpe: cpe:2.3:o:seagate:blackarmor_nas_220_firmware:-:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2014/CVE-2014-3704.yaml b/http/cves/2014/CVE-2014-3704.yaml index 7242ba7411..e436f76d58 100644 --- a/http/cves/2014/CVE-2014-3704.yaml +++ b/http/cves/2014/CVE-2014-3704.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2014-3704 cwe-id: CWE-89 epss-score: 0.97537 - epss-percentile: 0.99994 + epss-percentile: 0.99992 cpe: cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2014/CVE-2014-4535.yaml b/http/cves/2014/CVE-2014-4535.yaml index aa74a43535..dd3961ff47 100644 --- a/http/cves/2014/CVE-2014-4535.yaml +++ b/http/cves/2014/CVE-2014-4535.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2014-4535 cwe-id: CWE-79 epss-score: 0.00135 - epss-percentile: 0.48664 + epss-percentile: 0.47838 cpe: cpe:2.3:a:import_legacy_media_project:import_legacy_media:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2014/CVE-2014-4539.yaml b/http/cves/2014/CVE-2014-4539.yaml index 61660a5261..e59b0f258a 100644 --- a/http/cves/2014/CVE-2014-4539.yaml +++ b/http/cves/2014/CVE-2014-4539.yaml @@ -13,13 +13,14 @@ info: - https://wpscan.com/vulnerability/d6ea4fe6-c486-415d-8f6d-57ea2f149304 - https://nvd.nist.gov/vuln/detail/CVE-2014-4539 - http://codevigilant.com/disclosure/wp-plugin-movies-a3-cross-site-scripting-xss + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2014-4539 cwe-id: CWE-79 epss-score: 0.00135 - epss-percentile: 0.48556 + epss-percentile: 0.47838 cpe: cpe:2.3:a:movies_project:movies:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2014/CVE-2014-4592.yaml b/http/cves/2014/CVE-2014-4592.yaml index 740ac88b97..0542260e60 100644 --- a/http/cves/2014/CVE-2014-4592.yaml +++ b/http/cves/2014/CVE-2014-4592.yaml @@ -12,13 +12,14 @@ info: - https://wpscan.com/vulnerability/3c9a3a97-8157-4976-8148-587d923e1fb3 - https://nvd.nist.gov/vuln/detail/CVE-2014-4592 - http://codevigilant.com/disclosure/wp-plugin-wp-planet-a3-cross-site-scripting-xss + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2014-4592 cwe-id: CWE-79 epss-score: 0.00135 - epss-percentile: 0.48556 + epss-percentile: 0.47838 cpe: cpe:2.3:a:czepol:wp-planet:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2014/CVE-2014-4940.yaml b/http/cves/2014/CVE-2014-4940.yaml index 6ee9909b41..24c67122e2 100644 --- a/http/cves/2014/CVE-2014-4940.yaml +++ b/http/cves/2014/CVE-2014-4940.yaml @@ -13,13 +13,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2014-4940 - https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=851874%40tera-charts&old=799253%40tera-charts&sfp_email=&sfph_mail= - http://codevigilant.com/disclosure/wp-plugin-tera-chart-local-file-inclusion/ + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N cvss-score: 5 cve-id: CVE-2014-4940 cwe-id: CWE-22 - epss-score: 0.03891 - epss-percentile: 0.91064 + epss-score: 0.03212 + epss-percentile: 0.90985 cpe: cpe:2.3:a:tera_charts_plugin_project:tera-charts:0.1:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2014/CVE-2014-5111.yaml b/http/cves/2014/CVE-2014-5111.yaml index 10e6b4e08e..daf200fd23 100644 --- a/http/cves/2014/CVE-2014-5111.yaml +++ b/http/cves/2014/CVE-2014-5111.yaml @@ -13,13 +13,14 @@ info: - https://www.exploit-db.com/exploits/39351 - https://nvd.nist.gov/vuln/detail/CVE-2014-5111 - http://packetstormsecurity.com/files/127522/Trixbox-XSS-LFI-SQL-Injection-Code-Execution.html + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N cvss-score: 5 cve-id: CVE-2014-5111 cwe-id: CWE-22 - epss-score: 0.03716 - epss-percentile: 0.90865 + epss-score: 0.02194 + epss-percentile: 0.89179 cpe: cpe:2.3:a:netfortris:trixbox:-:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2014/CVE-2014-5258.yaml b/http/cves/2014/CVE-2014-5258.yaml index 244e6510d7..4a4b442364 100644 --- a/http/cves/2014/CVE-2014-5258.yaml +++ b/http/cves/2014/CVE-2014-5258.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2014-5258 cwe-id: CWE-22 epss-score: 0.01386 - epss-percentile: 0.84968 + epss-percentile: 0.86062 cpe: cpe:2.3:a:webedition:webedition_cms:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2014/CVE-2014-5368.yaml b/http/cves/2014/CVE-2014-5368.yaml index ab666625da..41a5cbee59 100644 --- a/http/cves/2014/CVE-2014-5368.yaml +++ b/http/cves/2014/CVE-2014-5368.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2014-5368 cwe-id: CWE-22 epss-score: 0.09191 - epss-percentile: 0.94107 + epss-percentile: 0.94512 cpe: cpe:2.3:a:wp_content_source_control_project:wp_content_source_control:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2014/CVE-2014-6287.yaml b/http/cves/2014/CVE-2014-6287.yaml index 59dbbce746..b210fb3874 100644 --- a/http/cves/2014/CVE-2014-6287.yaml +++ b/http/cves/2014/CVE-2014-6287.yaml @@ -22,7 +22,7 @@ info: cve-id: 'CVE-2014-6287' cwe-id: CWE-94 epss-score: 0.97289 - epss-percentile: 0.99843 + epss-percentile: 0.99851 cpe: cpe:2.3:a:rejetto:http_file_server:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2014/CVE-2014-6308.yaml b/http/cves/2014/CVE-2014-6308.yaml index 1c78f5f944..d0e691c55d 100644 --- a/http/cves/2014/CVE-2014-6308.yaml +++ b/http/cves/2014/CVE-2014-6308.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2014-6308 cwe-id: CWE-22 epss-score: 0.0922 - epss-percentile: 0.94117 + epss-percentile: 0.94519 cpe: cpe:2.3:a:osclass:osclass:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2014/CVE-2014-8676.yaml b/http/cves/2014/CVE-2014-8676.yaml index 7e41b4a292..6754e20d1c 100644 --- a/http/cves/2014/CVE-2014-8676.yaml +++ b/http/cves/2014/CVE-2014-8676.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2014-8676 cwe-id: CWE-22 epss-score: 0.00195 - epss-percentile: 0.57408 + epss-percentile: 0.56456 cpe: cpe:2.3:a:soplanning:soplanning:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2014/CVE-2014-8799.yaml b/http/cves/2014/CVE-2014-8799.yaml index cf44785af5..50fb708173 100644 --- a/http/cves/2014/CVE-2014-8799.yaml +++ b/http/cves/2014/CVE-2014-8799.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2014-8799 cwe-id: CWE-22 epss-score: 0.17844 - epss-percentile: 0.96002 + epss-percentile: 0.96039 cpe: cpe:2.3:a:dukapress:dukapress:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2014/CVE-2014-9094.yaml b/http/cves/2014/CVE-2014-9094.yaml index b679bf8c04..9dfe9bbd39 100644 --- a/http/cves/2014/CVE-2014-9094.yaml +++ b/http/cves/2014/CVE-2014-9094.yaml @@ -14,13 +14,14 @@ info: - http://websecurity.com.ua/7152/ - http://seclists.org/fulldisclosure/2014/Jul/65 - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/d4n-sec/d4n-sec.github.io classification: cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N cvss-score: 4.3 cve-id: CVE-2014-9094 cwe-id: CWE-79 epss-score: 0.32637 - epss-percentile: 0.9663 + epss-percentile: 0.96912 cpe: cpe:2.3:a:digitalzoomstudio:video_gallery:-:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2014/CVE-2014-9119.yaml b/http/cves/2014/CVE-2014-9119.yaml index 531fbbec82..64be5d6571 100644 --- a/http/cves/2014/CVE-2014-9119.yaml +++ b/http/cves/2014/CVE-2014-9119.yaml @@ -21,8 +21,8 @@ info: cvss-score: 5 cve-id: CVE-2014-9119 cwe-id: CWE-22 - epss-score: 0.10505 - epss-percentile: 0.94469 + epss-score: 0.11639 + epss-percentile: 0.95149 cpe: cpe:2.3:a:db_backup_project:db_backup:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2014/CVE-2014-9180.yaml b/http/cves/2014/CVE-2014-9180.yaml index 9a14efcede..85420bf5a4 100644 --- a/http/cves/2014/CVE-2014-9180.yaml +++ b/http/cves/2014/CVE-2014-9180.yaml @@ -16,8 +16,8 @@ info: cvss-score: 5 cve-id: CVE-2014-9180 cwe-id: CWE-601 - epss-score: 0.00248 - epss-percentile: 0.62799 + epss-score: 0.00285 + epss-percentile: 0.6809 cpe: cpe:2.3:a:eleanor-cms:eleanor_cms:-:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2014/CVE-2014-9607.yaml b/http/cves/2014/CVE-2014-9607.yaml index 6953e1681d..bde1fa1ee7 100644 --- a/http/cves/2014/CVE-2014-9607.yaml +++ b/http/cves/2014/CVE-2014-9607.yaml @@ -13,13 +13,14 @@ info: - https://packetstormsecurity.com/files/download/133034/netsweeper-issues.tgz - https://nvd.nist.gov/vuln/detail/CVE-2014-9607 - http://packetstormsecurity.com/files/133034/Netsweeper-Bypass-XSS-Redirection-SQL-Injection-Execution.html + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2014-9607 cwe-id: CWE-79 epss-score: 0.00102 - epss-percentile: 0.41261 + epss-percentile: 0.40591 cpe: cpe:2.3:a:netsweeper:netsweeper:4.0.3:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2014/CVE-2014-9608.yaml b/http/cves/2014/CVE-2014-9608.yaml index 2abbe7ee11..ac4b7af87e 100644 --- a/http/cves/2014/CVE-2014-9608.yaml +++ b/http/cves/2014/CVE-2014-9608.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2014-9608 cwe-id: CWE-79 epss-score: 0.00102 - epss-percentile: 0.41324 + epss-percentile: 0.40591 cpe: cpe:2.3:a:netsweeper:netsweeper:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2014/CVE-2014-9615.yaml b/http/cves/2014/CVE-2014-9615.yaml index db425eb921..dd8c7bbaaa 100644 --- a/http/cves/2014/CVE-2014-9615.yaml +++ b/http/cves/2014/CVE-2014-9615.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2014-9615 cwe-id: CWE-79 epss-score: 0.00102 - epss-percentile: 0.41324 + epss-percentile: 0.40591 cpe: cpe:2.3:a:netsweeper:netsweeper:4.0.4:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-0554.yaml b/http/cves/2015/CVE-2015-0554.yaml index 4611713715..4d03c321b3 100644 --- a/http/cves/2015/CVE-2015-0554.yaml +++ b/http/cves/2015/CVE-2015-0554.yaml @@ -14,13 +14,14 @@ info: - http://packetstormsecurity.com/files/129828/Pirelli-ADSL2-2-Wireless-Router-P.DGA4001N-Information-Disclosure.html - https://nvd.nist.gov/vuln/detail/CVE-2015-0554 - http://www.exploit-db.com/exploits/35721 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:N/A:C cvss-score: 9.4 cve-id: CVE-2015-0554 cwe-id: CWE-264 epss-score: 0.0139 - epss-percentile: 0.84939 + epss-percentile: 0.86079 cpe: cpe:2.3:o:adb:p.dga4001n_firmware:pdg_tef_sp_4.06l.6:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-1000005.yaml b/http/cves/2015/CVE-2015-1000005.yaml index 41cea0876d..77ee040176 100644 --- a/http/cves/2015/CVE-2015-1000005.yaml +++ b/http/cves/2015/CVE-2015-1000005.yaml @@ -14,13 +14,15 @@ info: - https://wpscan.com/vulnerability/446233e9-33b3-4024-9b7d-63f9bb1dafe0 - https://nvd.nist.gov/vuln/detail/CVE-2015-1000005 - http://www.vapidlabs.com/advisory.php?v=142 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2015-1000005 cwe-id: CWE-22 - epss-score: 0.05243 - epss-percentile: 0.92257 + epss-score: 0.047 + epss-percentile: 0.92455 cpe: cpe:2.3:a:candidate-application-form_project:candidate-application-form:1.0:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-1000012.yaml b/http/cves/2015/CVE-2015-1000012.yaml index 91479daa89..782d8ccbe2 100644 --- a/http/cves/2015/CVE-2015-1000012.yaml +++ b/http/cves/2015/CVE-2015-1000012.yaml @@ -14,13 +14,14 @@ info: - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1000012 - http://www.vapidlabs.com/advisory.php?v=154 - https://nvd.nist.gov/vuln/detail/CVE-2015-1000012 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2015-1000012 cwe-id: CWE-200 - epss-score: 0.00773 - epss-percentile: 0.79326 + epss-score: 0.00689 + epss-percentile: 0.79673 cpe: cpe:2.3:a:mypixs_project:mypixs:0.3:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-1427.yaml b/http/cves/2015/CVE-2015-1427.yaml index cec8d68f07..3c75ac3153 100644 --- a/http/cves/2015/CVE-2015-1427.yaml +++ b/http/cves/2015/CVE-2015-1427.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2015-1427 cwe-id: CWE-284 - epss-score: 0.8674 - epss-percentile: 0.98344 + epss-score: 0.85974 + epss-percentile: 0.98485 cpe: cpe:2.3:a:elasticsearch:elasticsearch:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2015/CVE-2015-1503.yaml b/http/cves/2015/CVE-2015-1503.yaml index fd6ad96e58..3f662ae1e2 100644 --- a/http/cves/2015/CVE-2015-1503.yaml +++ b/http/cves/2015/CVE-2015-1503.yaml @@ -14,13 +14,14 @@ info: - http://www.icewarp.com - https://nvd.nist.gov/vuln/detail/CVE-2015-1503 - https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2015-001/?fid=5614 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2015-1503 cwe-id: CWE-22 epss-score: 0.90421 - epss-percentile: 0.98569 + epss-percentile: 0.98743 cpe: cpe:2.3:a:icewarp:mail_server:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2015/CVE-2015-1635.yaml b/http/cves/2015/CVE-2015-1635.yaml index 4068168fb3..271814ca3b 100644 --- a/http/cves/2015/CVE-2015-1635.yaml +++ b/http/cves/2015/CVE-2015-1635.yaml @@ -10,15 +10,19 @@ info: - https://www.exploit-db.com/exploits/36773 - https://www.securitysift.com/an-analysis-of-ms15-034/ - https://nvd.nist.gov/vuln/detail/CVE-2015-1635 + - http://www.securitytracker.com/id/1032109 + - https://github.com/b1gbroth3r/shoMe classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:C/A:C - cvss-score: 10.0 - cwe-id: CWE-94 + cvss-score: 10 cve-id: CVE-2015-1635 + cwe-id: CWE-94 + epss-score: 0.97537 + epss-percentile: 0.99992 cpe: cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:* metadata: - max-request: 1 verified: true + max-request: 1 vendor: microsoft product: windows_7 shodan-query: '"Microsoft-IIS" "2015"' diff --git a/http/cves/2015/CVE-2015-1880.yaml b/http/cves/2015/CVE-2015-1880.yaml index 462dbef98c..5c80823b3b 100644 --- a/http/cves/2015/CVE-2015-1880.yaml +++ b/http/cves/2015/CVE-2015-1880.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2015-1880 cwe-id: CWE-79 epss-score: 0.00201 - epss-percentile: 0.58021 + epss-percentile: 0.57435 cpe: cpe:2.3:o:fortinet:fortios:5.2.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-20067.yaml b/http/cves/2015/CVE-2015-20067.yaml index d80e4ecc95..80d78378b4 100644 --- a/http/cves/2015/CVE-2015-20067.yaml +++ b/http/cves/2015/CVE-2015-20067.yaml @@ -13,16 +13,23 @@ info: - https://packetstormsecurity.com/files/132693/ - https://seclists.org/fulldisclosure/2015/Jul/73 - https://nvd.nist.gov/vuln/detail/CVE-2015-20067 + - https://github.com/ARPSyndicate/cvemon classification: - cve-id: CVE-2015-20067 cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 + cve-id: CVE-2015-20067 cwe-id: CWE-862 + epss-score: 0.07226 + epss-percentile: 0.93884 + cpe: cpe:2.3:a:wp_attachment_export_project:wp_attachment_export:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 verified: true + max-request: 2 + vendor: wp_attachment_export_project + product: wp_attachment_export + framework: wordpress google-query: inurl:"/wp-content/plugins/wp-attachment-export/" - tags: cve,cve2015,wordpress,wp,wp-plugin,unauth,wp-attachment-export,wpscan + tags: wpscan,packetstorm,seclists,cve,cve2015,wordpress,wp,wp-plugin,unauth,wp-attachment-export http: - method: GET diff --git a/http/cves/2015/CVE-2015-2067.yaml b/http/cves/2015/CVE-2015-2067.yaml index 4e151f6c0e..117633441a 100644 --- a/http/cves/2015/CVE-2015-2067.yaml +++ b/http/cves/2015/CVE-2015-2067.yaml @@ -13,13 +13,14 @@ info: - https://www.exploit-db.com/exploits/35996 - https://nvd.nist.gov/vuln/detail/CVE-2015-2067 - http://packetstormsecurity.com/files/130250/Magento-Server-MAGMI-Cross-Site-Scripting-Local-File-Inclusion.html + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N cvss-score: 5 cve-id: CVE-2015-2067 cwe-id: CWE-22 - epss-score: 0.01003 - epss-percentile: 0.81971 + epss-score: 0.00709 + epss-percentile: 0.79991 cpe: cpe:2.3:a:magmi_project:magmi:-:*:*:*:*:magento_server:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-2068.yaml b/http/cves/2015/CVE-2015-2068.yaml index 71f1f4d888..4a6b052616 100644 --- a/http/cves/2015/CVE-2015-2068.yaml +++ b/http/cves/2015/CVE-2015-2068.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2015-2068 cwe-id: CWE-79 epss-score: 0.00146 - epss-percentile: 0.50461 + epss-percentile: 0.4958 cpe: cpe:2.3:a:magmi_project:magmi:-:*:*:*:*:magento_server:*:* metadata: verified: true diff --git a/http/cves/2015/CVE-2015-2080.yaml b/http/cves/2015/CVE-2015-2080.yaml index 9ffdbe9602..c5c75b7943 100644 --- a/http/cves/2015/CVE-2015-2080.yaml +++ b/http/cves/2015/CVE-2015-2080.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2015-2080 cwe-id: CWE-200 epss-score: 0.95465 - epss-percentile: 0.99229 + epss-percentile: 0.99329 cpe: cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-2166.yaml b/http/cves/2015/CVE-2015-2166.yaml index a492c6a84c..db3f8e572f 100644 --- a/http/cves/2015/CVE-2015-2166.yaml +++ b/http/cves/2015/CVE-2015-2166.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2015-2166 cwe-id: CWE-22 epss-score: 0.23272 - epss-percentile: 0.96134 + epss-percentile: 0.96445 cpe: cpe:2.3:a:ericsson:drutt_mobile_service_delivery_platform:4.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-2196.yaml b/http/cves/2015/CVE-2015-2196.yaml index 63f298cf26..76ac2ae2e3 100644 --- a/http/cves/2015/CVE-2015-2196.yaml +++ b/http/cves/2015/CVE-2015-2196.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.5 cve-id: CVE-2015-2196 cwe-id: CWE-89 - epss-score: 0.0093 - epss-percentile: 0.8129 + epss-score: 0.0025 + epss-percentile: 0.6433 cpe: cpe:2.3:a:web-dorado:spider_calendar:1.4.9:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2015/CVE-2015-2755.yaml b/http/cves/2015/CVE-2015-2755.yaml index 1a2785e12d..f334d13d7b 100644 --- a/http/cves/2015/CVE-2015-2755.yaml +++ b/http/cves/2015/CVE-2015-2755.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.8 cve-id: CVE-2015-2755 cwe-id: CWE-352 - epss-score: 0.02569 - epss-percentile: 0.89129 + epss-score: 0.01828 + epss-percentile: 0.87952 cpe: cpe:2.3:a:ab_google_map_travel_project:ab_google_map_travel:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2015/CVE-2015-2807.yaml b/http/cves/2015/CVE-2015-2807.yaml index 99e09c93a4..dd0fd723e9 100644 --- a/http/cves/2015/CVE-2015-2807.yaml +++ b/http/cves/2015/CVE-2015-2807.yaml @@ -20,8 +20,8 @@ info: cvss-score: 4.3 cve-id: CVE-2015-2807 cwe-id: CWE-79 - epss-score: 0.00469 - epss-percentile: 0.73016 + epss-score: 0.00294 + epss-percentile: 0.68624 cpe: cpe:2.3:a:documentcloud:navis_documentcloud:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-2996.yaml b/http/cves/2015/CVE-2015-2996.yaml index 60599a6db0..70c597ee32 100644 --- a/http/cves/2015/CVE-2015-2996.yaml +++ b/http/cves/2015/CVE-2015-2996.yaml @@ -15,13 +15,14 @@ info: - https://www.sysaid.com/blog/entry/sysaid-15-2-your-voice-your-service-desk - http://seclists.org/fulldisclosure/2015/Jun/8 - https://nvd.nist.gov/vuln/detail/CVE-2015-2996 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:C cvss-score: 8.5 cve-id: CVE-2015-2996 cwe-id: CWE-22 epss-score: 0.77754 - epss-percentile: 0.97955 + epss-percentile: 0.98153 cpe: cpe:2.3:a:sysaid:sysaid:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2015/CVE-2015-3224.yaml b/http/cves/2015/CVE-2015-3224.yaml index b9e4f534bb..e48dd4a36e 100644 --- a/http/cves/2015/CVE-2015-3224.yaml +++ b/http/cves/2015/CVE-2015-3224.yaml @@ -20,8 +20,8 @@ info: cvss-score: 4.3 cve-id: CVE-2015-3224 cwe-id: CWE-284 - epss-score: 0.94661 - epss-percentile: 0.99077 + epss-score: 0.92904 + epss-percentile: 0.98975 cpe: cpe:2.3:a:rubyonrails:web_console:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-3648.yaml b/http/cves/2015/CVE-2015-3648.yaml index dd0e5eaff4..a8dbae0716 100644 --- a/http/cves/2015/CVE-2015-3648.yaml +++ b/http/cves/2015/CVE-2015-3648.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2015-3648 cwe-id: CWE-22 epss-score: 0.02644 - epss-percentile: 0.89323 + epss-percentile: 0.90124 cpe: cpe:2.3:a:montala:resourcespace:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-3897.yaml b/http/cves/2015/CVE-2015-3897.yaml index 17bd671dc3..a8f87dbe1f 100644 --- a/http/cves/2015/CVE-2015-3897.yaml +++ b/http/cves/2015/CVE-2015-3897.yaml @@ -14,13 +14,14 @@ info: - https://www.bonitasoft.com/ - https://nvd.nist.gov/vuln/detail/CVE-2015-3897 - https://www.htbridge.com/advisory/HTB23259 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N cvss-score: 5 cve-id: CVE-2015-3897 cwe-id: CWE-22 epss-score: 0.83225 - epss-percentile: 0.98161 + epss-percentile: 0.98353 cpe: cpe:2.3:a:bonitasoft:bonita_bpm_portal:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2015/CVE-2015-4050.yaml b/http/cves/2015/CVE-2015-4050.yaml index 51564dd4db..a51cb7104f 100644 --- a/http/cves/2015/CVE-2015-4050.yaml +++ b/http/cves/2015/CVE-2015-4050.yaml @@ -20,8 +20,8 @@ info: cvss-score: 4.3 cve-id: CVE-2015-4050 cwe-id: CWE-284 - epss-score: 0.00847 - epss-percentile: 0.80351 + epss-score: 0.00598 + epss-percentile: 0.77957 cpe: cpe:2.3:a:sensiolabs:symfony:2.3.19:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-4063.yaml b/http/cves/2015/CVE-2015-4063.yaml index 3672e0d005..2988a0a2ff 100644 --- a/http/cves/2015/CVE-2015-4063.yaml +++ b/http/cves/2015/CVE-2015-4063.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2015-4063 cwe-id: CWE-79 epss-score: 0.04016 - epss-percentile: 0.91211 + epss-percentile: 0.91867 cpe: cpe:2.3:a:newstatpress_project:newstatpress:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2015/CVE-2015-4074.yaml b/http/cves/2015/CVE-2015-4074.yaml index fb815e6161..1c42c420b5 100644 --- a/http/cves/2015/CVE-2015-4074.yaml +++ b/http/cves/2015/CVE-2015-4074.yaml @@ -14,13 +14,14 @@ info: - https://www.exploit-db.com/exploits/37666/ - https://nvd.nist.gov/vuln/detail/CVE-2015-4074 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4074 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2015-4074 cwe-id: CWE-22 epss-score: 0.00598 - epss-percentile: 0.76066 + epss-percentile: 0.77961 cpe: cpe:2.3:a:helpdesk_pro_project:helpdesk_pro:*:*:*:*:*:joomla\!:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-4414.yaml b/http/cves/2015/CVE-2015-4414.yaml index 8e8a4d502c..6fad7beea7 100644 --- a/http/cves/2015/CVE-2015-4414.yaml +++ b/http/cves/2015/CVE-2015-4414.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2015-4414 cwe-id: CWE-22 epss-score: 0.12486 - epss-percentile: 0.94945 + epss-percentile: 0.95299 cpe: cpe:2.3:a:se_html5_album_audio_player_project:se_html5_album_audio_player:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-4666.yaml b/http/cves/2015/CVE-2015-4666.yaml index a23b5c6d9c..10205cbb3b 100644 --- a/http/cves/2015/CVE-2015-4666.yaml +++ b/http/cves/2015/CVE-2015-4666.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2015-4666 cwe-id: CWE-22 epss-score: 0.02372 - epss-percentile: 0.8876 + epss-percentile: 0.89592 cpe: cpe:2.3:a:xceedium:xsuite:2.3.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-4668.yaml b/http/cves/2015/CVE-2015-4668.yaml index 0763a918fe..ca03f31ae1 100644 --- a/http/cves/2015/CVE-2015-4668.yaml +++ b/http/cves/2015/CVE-2015-4668.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2015-4668 cwe-id: CWE-601 epss-score: 0.00397 - epss-percentile: 0.70835 + epss-percentile: 0.73024 cpe: cpe:2.3:a:xceedium:xsuite:2.3.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-5461.yaml b/http/cves/2015/CVE-2015-5461.yaml index 9ce7d89412..8943193111 100644 --- a/http/cves/2015/CVE-2015-5461.yaml +++ b/http/cves/2015/CVE-2015-5461.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2015-5461 cwe-id: NVD-CWE-Other epss-score: 0.0055 - epss-percentile: 0.75098 + epss-percentile: 0.77025 cpe: cpe:2.3:a:stageshow_project:stageshow:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-5471.yaml b/http/cves/2015/CVE-2015-5471.yaml index ad6610c908..7014c945e2 100644 --- a/http/cves/2015/CVE-2015-5471.yaml +++ b/http/cves/2015/CVE-2015-5471.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2015-5471 cwe-id: CWE-22 epss-score: 0.10406 - epss-percentile: 0.9448 + epss-percentile: 0.94855 cpe: cpe:2.3:a:swim_team_project:swim_team:1.44.10777:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-5531.yaml b/http/cves/2015/CVE-2015-5531.yaml index 882a545815..1559f4eb93 100644 --- a/http/cves/2015/CVE-2015-5531.yaml +++ b/http/cves/2015/CVE-2015-5531.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2015-5531 cwe-id: CWE-22 epss-score: 0.97144 - epss-percentile: 0.99756 + epss-percentile: 0.99783 cpe: cpe:2.3:a:elasticsearch:elasticsearch:*:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2015/CVE-2015-7245.yaml b/http/cves/2015/CVE-2015-7245.yaml index 8578ee1b32..875660acb3 100644 --- a/http/cves/2015/CVE-2015-7245.yaml +++ b/http/cves/2015/CVE-2015-7245.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2015-7245 cwe-id: CWE-22 epss-score: 0.96881 - epss-percentile: 0.99651 + epss-percentile: 0.99685 cpe: cpe:2.3:o:d-link:dvg-n5402sp_firmware:w1000cn-00:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-7377.yaml b/http/cves/2015/CVE-2015-7377.yaml index 43deba4218..575b5c3fff 100644 --- a/http/cves/2015/CVE-2015-7377.yaml +++ b/http/cves/2015/CVE-2015-7377.yaml @@ -20,8 +20,8 @@ info: cvss-score: 4.3 cve-id: CVE-2015-7377 cwe-id: CWE-79 - epss-score: 0.00239 - epss-percentile: 0.61895 + epss-score: 0.00232 + epss-percentile: 0.60606 cpe: cpe:2.3:a:genetechsolutions:pie_register:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-7450.yaml b/http/cves/2015/CVE-2015-7450.yaml index 2a5655690b..5a3f0bf95e 100644 --- a/http/cves/2015/CVE-2015-7450.yaml +++ b/http/cves/2015/CVE-2015-7450.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2015-7450 cwe-id: CWE-94 - epss-score: 0.9739 - epss-percentile: 0.99906 + epss-score: 0.97122 + epss-percentile: 0.99772 cpe: cpe:2.3:a:ibm:tivoli_common_reporting:2.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-7780.yaml b/http/cves/2015/CVE-2015-7780.yaml index f14dbe603d..e682c9bd4b 100644 --- a/http/cves/2015/CVE-2015-7780.yaml +++ b/http/cves/2015/CVE-2015-7780.yaml @@ -14,13 +14,14 @@ info: - http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-000185.html - http://jvn.jp/en/jp/JVN21968837/index.html - https://nvd.nist.gov/vuln/detail/CVE-2015-7780 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N cvss-score: 6.5 cve-id: CVE-2015-7780 cwe-id: CWE-22 epss-score: 0.00151 - epss-percentile: 0.51228 + epss-percentile: 0.50407 cpe: cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-8349.yaml b/http/cves/2015/CVE-2015-8349.yaml index 05349c35d4..eee5eac6b7 100644 --- a/http/cves/2015/CVE-2015-8349.yaml +++ b/http/cves/2015/CVE-2015-8349.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2015-8349 cwe-id: CWE-79 epss-score: 0.0013 - epss-percentile: 0.47768 + epss-percentile: 0.46975 cpe: cpe:2.3:a:gameconnect:sourcebans:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2015/CVE-2015-9312.yaml b/http/cves/2015/CVE-2015-9312.yaml index ad33ddd316..e94178cdb8 100644 --- a/http/cves/2015/CVE-2015-9312.yaml +++ b/http/cves/2015/CVE-2015-9312.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2015-9312 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36857 + epss-percentile: 0.36245 cpe: cpe:2.3:a:newstatpress_project:newstatpress:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2015/CVE-2015-9323.yaml b/http/cves/2015/CVE-2015-9323.yaml index 19774432aa..b73cb212e7 100644 --- a/http/cves/2015/CVE-2015-9323.yaml +++ b/http/cves/2015/CVE-2015-9323.yaml @@ -13,13 +13,15 @@ info: - https://wpscan.com/vulnerability/61586816-dd2b-461d-975f-1989502affd9 - http://cinu.pl/research/wp-plugins/mail_e28f19a8f03f0517f94cb9fea15d8525.html - https://wordpress.org/plugins/404-to-301/#developers + - https://github.com/Enes4xd/Enes4xd + - https://github.com/Hacker5preme/Exploits classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2015-9323 cwe-id: CWE-89 epss-score: 0.00869 - epss-percentile: 0.80542 + epss-percentile: 0.82013 cpe: cpe:2.3:a:duckdev:404_to_301:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2015/CVE-2015-9480.yaml b/http/cves/2015/CVE-2015-9480.yaml index c216bad92e..53a2be068f 100644 --- a/http/cves/2015/CVE-2015-9480.yaml +++ b/http/cves/2015/CVE-2015-9480.yaml @@ -12,13 +12,14 @@ info: reference: - https://www.exploit-db.com/exploits/37252 - https://nvd.nist.gov/vuln/detail/CVE-2015-9480 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2015-9480 cwe-id: CWE-22 - epss-score: 0.37884 - epss-percentile: 0.96862 + epss-score: 0.57022 + epss-percentile: 0.97634 cpe: cpe:2.3:a:robot-cpa:robotcpa:5:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-0957.yaml b/http/cves/2016/CVE-2016-0957.yaml index 9938fb91a5..ab39ae3f4e 100644 --- a/http/cves/2016/CVE-2016-0957.yaml +++ b/http/cves/2016/CVE-2016-0957.yaml @@ -20,7 +20,7 @@ info: cvss-score: 7.5 cve-id: CVE-2016-0957 epss-score: 0.03344 - epss-percentile: 0.90435 + epss-percentile: 0.91144 cpe: cpe:2.3:a:adobe:dispatcher:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-1000126.yaml b/http/cves/2016/CVE-2016-1000126.yaml index 569ad75a86..b9fb82d319 100644 --- a/http/cves/2016/CVE-2016-1000126.yaml +++ b/http/cves/2016/CVE-2016-1000126.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2016-1000126 cwe-id: CWE-79 epss-score: 0.00119 - epss-percentile: 0.45851 + epss-percentile: 0.4505 cpe: cpe:2.3:a:admin-font-editor_project:admin-font-editor:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-1000129.yaml b/http/cves/2016/CVE-2016-1000129.yaml index 53ddfef768..2a8f576b92 100644 --- a/http/cves/2016/CVE-2016-1000129.yaml +++ b/http/cves/2016/CVE-2016-1000129.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2016-1000129 cwe-id: CWE-79 epss-score: 0.00119 - epss-percentile: 0.45851 + epss-percentile: 0.4505 cpe: cpe:2.3:a:defa-online-image-protector_project:defa-online-image-protector:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-1000131.yaml b/http/cves/2016/CVE-2016-1000131.yaml index 6c458b323d..dbf5a6f29c 100644 --- a/http/cves/2016/CVE-2016-1000131.yaml +++ b/http/cves/2016/CVE-2016-1000131.yaml @@ -13,13 +13,14 @@ info: - http://www.vapidlabs.com/wp/wp_advisory.php?v=393 - https://wordpress.org/plugins/e-search - https://nvd.nist.gov/vuln/detail/CVE-2016-1000131 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2016-1000131 cwe-id: CWE-79 epss-score: 0.00101 - epss-percentile: 0.41115 + epss-percentile: 0.40457 cpe: cpe:2.3:a:e-search_project:esearch:1.0:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-1000132.yaml b/http/cves/2016/CVE-2016-1000132.yaml index b1a992e4a5..8c37974d95 100644 --- a/http/cves/2016/CVE-2016-1000132.yaml +++ b/http/cves/2016/CVE-2016-1000132.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2016-1000132 cwe-id: CWE-79 epss-score: 0.00116 - epss-percentile: 0.45239 + epss-percentile: 0.44389 cpe: cpe:2.3:a:cminds:tooltip_glossary:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-1000133.yaml b/http/cves/2016/CVE-2016-1000133.yaml index 50883a00e1..8a4ca435c4 100644 --- a/http/cves/2016/CVE-2016-1000133.yaml +++ b/http/cves/2016/CVE-2016-1000133.yaml @@ -13,13 +13,14 @@ info: - https://wordpress.org/plugins/forget-about-shortcode-buttons - http://www.vapidlabs.com/wp/wp_advisory.php?v=602 - https://nvd.nist.gov/vuln/detail/CVE-2016-1000133 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2016-1000133 cwe-id: CWE-79 epss-score: 0.00142 - epss-percentile: 0.49767 + epss-percentile: 0.48963 cpe: cpe:2.3:a:designsandcode:forget_about_shortcode_buttons:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-1000135.yaml b/http/cves/2016/CVE-2016-1000135.yaml index 9c9937afac..a56972e594 100644 --- a/http/cves/2016/CVE-2016-1000135.yaml +++ b/http/cves/2016/CVE-2016-1000135.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2016-1000135 cwe-id: CWE-79 epss-score: 0.00101 - epss-percentile: 0.41177 + epss-percentile: 0.40457 cpe: cpe:2.3:a:hdw-tube_project:hdw-tube:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-1000137.yaml b/http/cves/2016/CVE-2016-1000137.yaml index 36bb49128b..eff4328c1b 100644 --- a/http/cves/2016/CVE-2016-1000137.yaml +++ b/http/cves/2016/CVE-2016-1000137.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2016-1000137 cwe-id: CWE-79 epss-score: 0.00101 - epss-percentile: 0.41177 + epss-percentile: 0.40457 cpe: cpe:2.3:a:hero-maps-pro_project:hero-maps-pro:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-1000139.yaml b/http/cves/2016/CVE-2016-1000139.yaml index 8ec400b119..cd49c560e4 100644 --- a/http/cves/2016/CVE-2016-1000139.yaml +++ b/http/cves/2016/CVE-2016-1000139.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2016-1000139 cwe-id: CWE-79 epss-score: 0.00116 - epss-percentile: 0.45239 + epss-percentile: 0.44389 cpe: cpe:2.3:a:infusionsoft_project:infusionsoft:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-1000141.yaml b/http/cves/2016/CVE-2016-1000141.yaml index 3c221256a3..25fe9f167a 100644 --- a/http/cves/2016/CVE-2016-1000141.yaml +++ b/http/cves/2016/CVE-2016-1000141.yaml @@ -12,13 +12,14 @@ info: - http://www.vapidlabs.com/wp/wp_advisory.php?v=358 - https://nvd.nist.gov/vuln/detail/CVE-2016-1000141 - https://wordpress.org/plugins/page-layout-builder + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2016-1000141 cwe-id: CWE-79 epss-score: 0.00142 - epss-percentile: 0.49767 + epss-percentile: 0.48963 cpe: cpe:2.3:a:page-layout-builder_project:page-layout-builder:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-1000142.yaml b/http/cves/2016/CVE-2016-1000142.yaml index e1dc5cbef2..93cf7c2523 100644 --- a/http/cves/2016/CVE-2016-1000142.yaml +++ b/http/cves/2016/CVE-2016-1000142.yaml @@ -14,13 +14,14 @@ info: - http://www.vapidlabs.com/wp/wp_advisory.php?v=435 - https://wordpress.org/plugins/parsi-font - https://nvd.nist.gov/vuln/detail/CVE-2016-1000142 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2016-1000142 cwe-id: CWE-79 epss-score: 0.00103 - epss-percentile: 0.415 + epss-percentile: 0.40793 cpe: cpe:2.3:a:parsi-font_project:parsi-font:4.2.5:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-1000143.yaml b/http/cves/2016/CVE-2016-1000143.yaml index b0d62449d4..b8238c16d4 100644 --- a/http/cves/2016/CVE-2016-1000143.yaml +++ b/http/cves/2016/CVE-2016-1000143.yaml @@ -13,13 +13,15 @@ info: - http://www.vapidlabs.com/wp/wp_advisory.php?v=780 - https://wordpress.org/plugins/photoxhibit - https://nvd.nist.gov/vuln/detail/CVE-2016-1000143 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2016-1000143 cwe-id: CWE-79 epss-score: 0.00142 - epss-percentile: 0.49767 + epss-percentile: 0.48963 cpe: cpe:2.3:a:photoxhibit_project:photoxhibit:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-1000148.yaml b/http/cves/2016/CVE-2016-1000148.yaml index 34588454b1..4645bea64a 100644 --- a/http/cves/2016/CVE-2016-1000148.yaml +++ b/http/cves/2016/CVE-2016-1000148.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2016-1000148 cwe-id: CWE-79 epss-score: 0.00119 - epss-percentile: 0.45851 + epss-percentile: 0.4505 cpe: cpe:2.3:a:s3-video_project:s3-video:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-1000149.yaml b/http/cves/2016/CVE-2016-1000149.yaml index 092ccf716a..aa79851c16 100644 --- a/http/cves/2016/CVE-2016-1000149.yaml +++ b/http/cves/2016/CVE-2016-1000149.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2016-1000149 cwe-id: CWE-79 epss-score: 0.00119 - epss-percentile: 0.45851 + epss-percentile: 0.4505 cpe: cpe:2.3:a:simpel-reserveren_project:simpel-reserveren:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-1000153.yaml b/http/cves/2016/CVE-2016-1000153.yaml index 25b895f509..f503872328 100644 --- a/http/cves/2016/CVE-2016-1000153.yaml +++ b/http/cves/2016/CVE-2016-1000153.yaml @@ -13,13 +13,15 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2016-1000153 - http://www.vapidlabs.com/wp/wp_advisory.php?v=427 - https://wordpress.org/plugins/tidio-gallery + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2016-1000153 cwe-id: CWE-79 epss-score: 0.00101 - epss-percentile: 0.41115 + epss-percentile: 0.40457 cpe: cpe:2.3:a:tidio-gallery_project:tidio-gallery:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-1000155.yaml b/http/cves/2016/CVE-2016-1000155.yaml index ac04e2990f..72f756ade0 100644 --- a/http/cves/2016/CVE-2016-1000155.yaml +++ b/http/cves/2016/CVE-2016-1000155.yaml @@ -11,13 +11,15 @@ info: - https://wordpress.org/plugins/wpsolr-search-engine - http://www.vapidlabs.com/wp/wp_advisory.php?v=303 - https://nvd.nist.gov/vuln/detail/CVE-2016-1000155 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2016-1000155 cwe-id: CWE-79 epss-score: 0.00103 - epss-percentile: 0.415 + epss-percentile: 0.40793 cpe: cpe:2.3:a:wpsolr:wpsolr-search-engine:7.6:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-10033.yaml b/http/cves/2016/CVE-2016-10033.yaml index f4cb9af729..2563377bcf 100644 --- a/http/cves/2016/CVE-2016-10033.yaml +++ b/http/cves/2016/CVE-2016-10033.yaml @@ -19,9 +19,9 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2016-10033 - cwe-id: CWE-77 - epss-score: 0.97455 - epss-percentile: 0.99951 + cwe-id: CWE-88 + epss-score: 0.97129 + epss-percentile: 0.99775 cpe: cpe:2.3:a:phpmailer_project:phpmailer:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2016/CVE-2016-10134.yaml b/http/cves/2016/CVE-2016-10134.yaml index db0b7f5143..6d862ce501 100644 --- a/http/cves/2016/CVE-2016-10134.yaml +++ b/http/cves/2016/CVE-2016-10134.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2016-10134 cwe-id: CWE-89 epss-score: 0.05366 - epss-percentile: 0.92355 + epss-percentile: 0.92931 cpe: cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-10367.yaml b/http/cves/2016/CVE-2016-10367.yaml index 0aae5c2089..4be466ce48 100644 --- a/http/cves/2016/CVE-2016-10367.yaml +++ b/http/cves/2016/CVE-2016-10367.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2016-10367 cwe-id: CWE-22 - epss-score: 0.01346 - epss-percentile: 0.84712 + epss-score: 0.00521 + epss-percentile: 0.76355 cpe: cpe:2.3:a:opsview:opsview:4.5.0:*:*:*:pro:*:*:* metadata: verified: true diff --git a/http/cves/2016/CVE-2016-10368.yaml b/http/cves/2016/CVE-2016-10368.yaml index c63298f0e1..3fa9de418a 100644 --- a/http/cves/2016/CVE-2016-10368.yaml +++ b/http/cves/2016/CVE-2016-10368.yaml @@ -14,13 +14,15 @@ info: - https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=18774 - https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2016-016/?fid=8341 - https://nvd.nist.gov/vuln/detail/CVE-2016-10368 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2016-10368 cwe-id: CWE-601 - epss-score: 0.00179 - epss-percentile: 0.55112 + epss-score: 0.00204 + epss-percentile: 0.57743 cpe: cpe:2.3:a:opsview:opsview:4.5.0:*:*:*:pro:*:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-10940.yaml b/http/cves/2016/CVE-2016-10940.yaml index 67230e31f1..25729e34c0 100644 --- a/http/cves/2016/CVE-2016-10940.yaml +++ b/http/cves/2016/CVE-2016-10940.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.2 cve-id: CVE-2016-10940 cwe-id: CWE-89 - epss-score: 0.00755 - epss-percentile: 0.79034 + epss-score: 0.00776 + epss-percentile: 0.80947 cpe: cpe:2.3:a:zm-gallery_project:zm-gallery:1.0:*:*:*:*:wordpress:*:* metadata: max-request: 3 diff --git a/http/cves/2016/CVE-2016-10960.yaml b/http/cves/2016/CVE-2016-10960.yaml index c435e12321..247a8066c7 100644 --- a/http/cves/2016/CVE-2016-10960.yaml +++ b/http/cves/2016/CVE-2016-10960.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2016-10960 cwe-id: CWE-20 epss-score: 0.01469 - epss-percentile: 0.85404 + epss-percentile: 0.86457 cpe: cpe:2.3:a:joomlaserviceprovider:wsecure:*:*:*:*:lite:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-1555.yaml b/http/cves/2016/CVE-2016-1555.yaml index 94c50ef0d4..394b240e50 100644 --- a/http/cves/2016/CVE-2016-1555.yaml +++ b/http/cves/2016/CVE-2016-1555.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2016-1555 cwe-id: CWE-77 - epss-score: 0.97354 - epss-percentile: 0.99883 + epss-score: 0.97373 + epss-percentile: 0.99898 cpe: cpe:2.3:o:netgear:wnap320_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-3088.yaml b/http/cves/2016/CVE-2016-3088.yaml index 761b595d41..d981578b0c 100644 --- a/http/cves/2016/CVE-2016-3088.yaml +++ b/http/cves/2016/CVE-2016-3088.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2016-3088 cwe-id: CWE-20 epss-score: 0.83955 - epss-percentile: 0.98197 + epss-percentile: 0.98392 cpe: cpe:2.3:a:apache:activemq:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2016/CVE-2016-4977.yaml b/http/cves/2016/CVE-2016-4977.yaml index 94f333abf4..6ab9a1e388 100644 --- a/http/cves/2016/CVE-2016-4977.yaml +++ b/http/cves/2016/CVE-2016-4977.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2016-4977 cwe-id: CWE-19 epss-score: 0.03345 - epss-percentile: 0.90401 + epss-percentile: 0.91147 cpe: cpe:2.3:a:pivotal:spring_security_oauth:1.0.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-6195.yaml b/http/cves/2016/CVE-2016-6195.yaml index aa9a2ea11c..4fd09a239d 100644 --- a/http/cves/2016/CVE-2016-6195.yaml +++ b/http/cves/2016/CVE-2016-6195.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2016-6195 cwe-id: CWE-89 epss-score: 0.00284 - epss-percentile: 0.65416 + epss-percentile: 0.68042 cpe: cpe:2.3:a:vbulletin:vbulletin:*:patch_level_4:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2016/CVE-2016-6277.yaml b/http/cves/2016/CVE-2016-6277.yaml index 9cf55fbc07..e2e083a536 100644 --- a/http/cves/2016/CVE-2016-6277.yaml +++ b/http/cves/2016/CVE-2016-6277.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2016-6277 cwe-id: CWE-352 epss-score: 0.97471 - epss-percentile: 0.99961 + epss-percentile: 0.99962 cpe: cpe:2.3:o:netgear:d6220_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-7552.yaml b/http/cves/2016/CVE-2016-7552.yaml index fdb4b19feb..f08309f29f 100644 --- a/http/cves/2016/CVE-2016-7552.yaml +++ b/http/cves/2016/CVE-2016-7552.yaml @@ -13,13 +13,15 @@ info: - https://gist.github.com/malerisch/5de8b408443ee9253b3954a62a8d97b4 - https://nvd.nist.gov/vuln/detail/CVE-2016-7552 - https://github.com/rapid7/metasploit-framework/pull/8216/commits/0f07875a2ddb0bfbb4e985ab074e9fc56da1dcf6 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2016-7552 cwe-id: CWE-22 - epss-score: 0.97004 - epss-percentile: 0.99686 + epss-score: 0.96711 + epss-percentile: 0.99632 cpe: cpe:2.3:a:trendmicro:threat_discovery_appliance:2.6.1062:r1:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2016/CVE-2016-7834.yaml b/http/cves/2016/CVE-2016-7834.yaml index d04c7f1f30..85ce8596da 100644 --- a/http/cves/2016/CVE-2016-7834.yaml +++ b/http/cves/2016/CVE-2016-7834.yaml @@ -21,8 +21,8 @@ info: cvss-score: 8.8 cve-id: CVE-2016-7834 cwe-id: CWE-200 - epss-score: 0.00202 - epss-percentile: 0.58146 + epss-score: 0.00186 + epss-percentile: 0.55032 cpe: cpe:2.3:o:sony:snc_series_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-0929.yaml b/http/cves/2017/CVE-2017-0929.yaml index 9b710acdba..da334b7b07 100644 --- a/http/cves/2017/CVE-2017-0929.yaml +++ b/http/cves/2017/CVE-2017-0929.yaml @@ -13,13 +13,15 @@ info: - https://hackerone.com/reports/482634 - https://nvd.nist.gov/vuln/detail/CVE-2017-0929 - https://github.com/dnnsoftware/Dnn.Platform/commit/d3953db85fee77bb5e6383747692c507ef8b94c3 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/Elsfa7-110/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2017-0929 cwe-id: CWE-918 epss-score: 0.00753 - epss-percentile: 0.78998 + epss-percentile: 0.80628 cpe: cpe:2.3:a:dnnsoftware:dotnetnuke:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-1000163.yaml b/http/cves/2017/CVE-2017-1000163.yaml index 6948d4b0ac..cffe2e0723 100644 --- a/http/cves/2017/CVE-2017-1000163.yaml +++ b/http/cves/2017/CVE-2017-1000163.yaml @@ -13,13 +13,14 @@ info: - https://elixirforum.com/t/security-releases-for-phoenix/4143 - https://vuldb.com/?id.109587 - https://nvd.nist.gov/vuln/detail/CVE-2017-1000163 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2017-1000163 cwe-id: CWE-601 - epss-score: 0.00154 - epss-percentile: 0.51591 + epss-score: 0.00186 + epss-percentile: 0.55009 cpe: cpe:2.3:a:phoenixframework:phoenix:1.0.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-1000486.yaml b/http/cves/2017/CVE-2017-1000486.yaml index 5772c0f03c..c80d2c36f2 100644 --- a/http/cves/2017/CVE-2017-1000486.yaml +++ b/http/cves/2017/CVE-2017-1000486.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2017-1000486 cwe-id: CWE-326 epss-score: 0.97013 - epss-percentile: 0.99696 + epss-percentile: 0.99726 cpe: cpe:2.3:a:primetek:primefaces:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-10974.yaml b/http/cves/2017/CVE-2017-10974.yaml index 95b698e2cc..bc28c0701e 100644 --- a/http/cves/2017/CVE-2017-10974.yaml +++ b/http/cves/2017/CVE-2017-10974.yaml @@ -14,13 +14,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2017-10974 - http://hyp3rlinx.altervista.org/advisories/YAWS-WEB-SERVER-v1.91-UNAUTHENTICATED-REMOTE-FILE-DISCLOSURE.txt - https://www.exploit-db.com/exploits/42303/ + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2017-10974 cwe-id: CWE-22 epss-score: 0.96161 - epss-percentile: 0.99386 + epss-percentile: 0.9947 cpe: cpe:2.3:a:yaws:yaws:1.91:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-11512.yaml b/http/cves/2017/CVE-2017-11512.yaml index af3af351b8..67aa579107 100644 --- a/http/cves/2017/CVE-2017-11512.yaml +++ b/http/cves/2017/CVE-2017-11512.yaml @@ -14,13 +14,15 @@ info: - https://exploit.kitploit.com/2017/11/manageengine-servicedesk-cve-2017-11512.html - https://www.tenable.com/security/research/tra-2017-31 - https://nvd.nist.gov/vuln/detail/CVE-2017-11512 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2017-11512 cwe-id: CWE-22 epss-score: 0.97175 - epss-percentile: 0.99771 + epss-percentile: 0.99794 cpe: cpe:2.3:a:manageengine:servicedesk:9.3.9328:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-11610.yaml b/http/cves/2017/CVE-2017-11610.yaml index d254b853d7..5fb1799904 100644 --- a/http/cves/2017/CVE-2017-11610.yaml +++ b/http/cves/2017/CVE-2017-11610.yaml @@ -20,8 +20,8 @@ info: cvss-score: 8.8 cve-id: CVE-2017-11610 cwe-id: CWE-276 - epss-score: 0.97438 - epss-percentile: 0.99943 + epss-score: 0.97449 + epss-percentile: 0.99947 cpe: cpe:2.3:a:supervisord:supervisor:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-11629.yaml b/http/cves/2017/CVE-2017-11629.yaml index ef19e3ba70..3033bcf95c 100644 --- a/http/cves/2017/CVE-2017-11629.yaml +++ b/http/cves/2017/CVE-2017-11629.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2017-11629 cwe-id: CWE-79 epss-score: 0.001 - epss-percentile: 0.40862 + epss-percentile: 0.40119 cpe: cpe:2.3:a:finecms:finecms:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-12138.yaml b/http/cves/2017/CVE-2017-12138.yaml index 8c27d083d9..b2b3df4452 100644 --- a/http/cves/2017/CVE-2017-12138.yaml +++ b/http/cves/2017/CVE-2017-12138.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2017-12138 cwe-id: CWE-601 epss-score: 0.00062 - epss-percentile: 0.24374 + epss-percentile: 0.24419 cpe: cpe:2.3:a:xoops:xoops:2.5.8:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2017/CVE-2017-12149.yaml b/http/cves/2017/CVE-2017-12149.yaml index c83c2a473a..7b68ef55d2 100644 --- a/http/cves/2017/CVE-2017-12149.yaml +++ b/http/cves/2017/CVE-2017-12149.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2017-12149 cwe-id: CWE-502 epss-score: 0.9719 - epss-percentile: 0.99785 + epss-percentile: 0.99802 cpe: cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.0.0:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2017/CVE-2017-12542.yaml b/http/cves/2017/CVE-2017-12542.yaml index 62271ebd02..9007c2a627 100644 --- a/http/cves/2017/CVE-2017-12542.yaml +++ b/http/cves/2017/CVE-2017-12542.yaml @@ -20,7 +20,7 @@ info: cvss-score: 10 cve-id: CVE-2017-12542 epss-score: 0.97224 - epss-percentile: 0.99807 + epss-percentile: 0.99822 cpe: cpe:2.3:o:hp:integrated_lights-out_4_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-12544.yaml b/http/cves/2017/CVE-2017-12544.yaml index 1538d69f3a..85cc74f98f 100644 --- a/http/cves/2017/CVE-2017-12544.yaml +++ b/http/cves/2017/CVE-2017-12544.yaml @@ -14,13 +14,14 @@ info: - http://web.archive.org/web/20211206092413/https://securitytracker.com/id/1039437 - https://nvd.nist.gov/vuln/detail/CVE-2017-12544 - http://www.securitytracker.com/id/1039437 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N cvss-score: 5.4 cve-id: CVE-2017-12544 cwe-id: CWE-79 epss-score: 0.96723 - epss-percentile: 0.99581 + epss-percentile: 0.99637 cpe: cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-12583.yaml b/http/cves/2017/CVE-2017-12583.yaml index a60790f63c..07e9ecce35 100644 --- a/http/cves/2017/CVE-2017-12583.yaml +++ b/http/cves/2017/CVE-2017-12583.yaml @@ -18,8 +18,8 @@ info: cvss-score: 6.1 cve-id: CVE-2017-12583 cwe-id: CWE-79 - epss-score: 0.001 - epss-percentile: 0.40862 + epss-score: 0.00117 + epss-percentile: 0.44712 cpe: cpe:2.3:a:dokuwiki:dokuwiki:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-12615.yaml b/http/cves/2017/CVE-2017-12615.yaml index a80aad1528..8c8aa44ff7 100644 --- a/http/cves/2017/CVE-2017-12615.yaml +++ b/http/cves/2017/CVE-2017-12615.yaml @@ -21,8 +21,8 @@ info: cvss-score: 8.1 cve-id: CVE-2017-12615 cwe-id: CWE-434 - epss-score: 0.96859 - epss-percentile: 0.99641 + epss-score: 0.96878 + epss-percentile: 0.99684 cpe: cpe:2.3:a:apache:tomcat:7.0:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2017/CVE-2017-12617.yaml b/http/cves/2017/CVE-2017-12617.yaml index 77e7262268..eb3df317d5 100644 --- a/http/cves/2017/CVE-2017-12617.yaml +++ b/http/cves/2017/CVE-2017-12617.yaml @@ -21,8 +21,8 @@ info: cvss-score: 8.1 cve-id: "CVE-2017-12617" cwe-id: CWE-434 - epss-score: 0.97479 - epss-percentile: 0.99965 + epss-score: 0.97533 + epss-percentile: 0.99992 cpe: cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2017/CVE-2017-12629.yaml b/http/cves/2017/CVE-2017-12629.yaml index 66505bfda5..02e7735924 100644 --- a/http/cves/2017/CVE-2017-12629.yaml +++ b/http/cves/2017/CVE-2017-12629.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2017-12629 cwe-id: CWE-611 - epss-score: 0.97438 - epss-percentile: 0.99942 + epss-score: 0.97417 + epss-percentile: 0.99925 cpe: cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2017/CVE-2017-12635.yaml b/http/cves/2017/CVE-2017-12635.yaml index 187d00c109..236d08991a 100644 --- a/http/cves/2017/CVE-2017-12635.yaml +++ b/http/cves/2017/CVE-2017-12635.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2017-12635 cwe-id: CWE-269 - epss-score: 0.97413 - epss-percentile: 0.99922 + epss-score: 0.97348 + epss-percentile: 0.99889 cpe: cpe:2.3:a:apache:couchdb:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-12637.yaml b/http/cves/2017/CVE-2017-12637.yaml index bb5069d746..35e7473de6 100644 --- a/http/cves/2017/CVE-2017-12637.yaml +++ b/http/cves/2017/CVE-2017-12637.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2017-12637 cwe-id: CWE-22 epss-score: 0.00648 - epss-percentile: 0.77145 + epss-percentile: 0.78875 cpe: cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-14135.yaml b/http/cves/2017/CVE-2017-14135.yaml index 5806daa0e8..39f1c881ea 100644 --- a/http/cves/2017/CVE-2017-14135.yaml +++ b/http/cves/2017/CVE-2017-14135.yaml @@ -14,13 +14,14 @@ info: - https://www.exploit-db.com/exploits/42293 - https://nvd.nist.gov/vuln/detail/CVE-2017-14135 - https://the-infosec.com/2017/07/05/from-shodan-to-rce-opendreambox-2-0-0-code-execution/ + - https://github.com/qazbnm456/awesome-cve-poc classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2017-14135 cwe-id: CWE-78 epss-score: 0.96679 - epss-percentile: 0.99564 + epss-percentile: 0.99625 cpe: cpe:2.3:a:dreambox:opendreambox:2.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-14622.yaml b/http/cves/2017/CVE-2017-14622.yaml index c9968fdf62..a9b1706d2e 100644 --- a/http/cves/2017/CVE-2017-14622.yaml +++ b/http/cves/2017/CVE-2017-14622.yaml @@ -15,13 +15,14 @@ info: - https://wordpress.org/plugins/2kb-amazon-affiliates-store/#developers - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14622 - https://nvd.nist.gov/vuln/detail/CVE-2017-14622 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2017-14622 cwe-id: CWE-79 epss-score: 0.00135 - epss-percentile: 0.48536 + epss-percentile: 0.47816 cpe: cpe:2.3:a:2kblater:2kb_amazon_affiliates_store:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-14651.yaml b/http/cves/2017/CVE-2017-14651.yaml index 7e7d6780cc..f63ba09605 100644 --- a/http/cves/2017/CVE-2017-14651.yaml +++ b/http/cves/2017/CVE-2017-14651.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2017-14651 cwe-id: CWE-79 epss-score: 0.00144 - epss-percentile: 0.50224 + epss-percentile: 0.49339 cpe: cpe:2.3:a:wso2:api_manager:2.1.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-15287.yaml b/http/cves/2017/CVE-2017-15287.yaml index 4a3e51a1c2..707efd7448 100644 --- a/http/cves/2017/CVE-2017-15287.yaml +++ b/http/cves/2017/CVE-2017-15287.yaml @@ -14,13 +14,14 @@ info: - https://fireshellsecurity.team/assets/pdf/Vulnerability-XSS-Dreambox.pdf - https://www.exploit-db.com/exploits/42986/ - https://nvd.nist.gov/vuln/detail/CVE-2017-15287 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2017-15287 cwe-id: CWE-79 epss-score: 0.00129 - epss-percentile: 0.47426 + epss-percentile: 0.46737 cpe: cpe:2.3:a:bouqueteditor_project:bouqueteditor:2.0.0:*:*:*:*:dreambox:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-15363.yaml b/http/cves/2017/CVE-2017-15363.yaml index efa3d6c495..04ce36933b 100644 --- a/http/cves/2017/CVE-2017-15363.yaml +++ b/http/cves/2017/CVE-2017-15363.yaml @@ -14,13 +14,14 @@ info: - https://extensions.typo3.org/extension/restler/ - https://extensions.typo3.org/extension/download/restler/1.7.1/zip/ - https://nvd.nist.gov/vuln/detail/CVE-2017-15363 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2017-15363 cwe-id: CWE-22 epss-score: 0.04393 - epss-percentile: 0.91525 + epss-percentile: 0.92189 cpe: cpe:2.3:a:luracast:restler:*:*:*:*:*:typo3:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-15944.yaml b/http/cves/2017/CVE-2017-15944.yaml index 372b7f6fa1..b45d6f398a 100644 --- a/http/cves/2017/CVE-2017-15944.yaml +++ b/http/cves/2017/CVE-2017-15944.yaml @@ -20,7 +20,7 @@ info: cvss-score: 9.8 cve-id: CVE-2017-15944 epss-score: 0.97314 - epss-percentile: 0.99861 + epss-percentile: 0.99866 cpe: cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-16806.yaml b/http/cves/2017/CVE-2017-16806.yaml index 3197a624fa..0de260dce1 100644 --- a/http/cves/2017/CVE-2017-16806.yaml +++ b/http/cves/2017/CVE-2017-16806.yaml @@ -14,13 +14,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2017-16806 - https://github.com/Ulterius/server/commit/770d1821de43cf1d0a93c79025995bdd812a76ee - https://www.exploit-db.com/exploits/43141/ + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2017-16806 cwe-id: CWE-22 epss-score: 0.07105 - epss-percentile: 0.93332 + epss-percentile: 0.93842 cpe: cpe:2.3:a:ulterius:ulterius_server:1.5.6.0:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2017/CVE-2017-16894.yaml b/http/cves/2017/CVE-2017-16894.yaml index 897b697871..c1662a4f35 100644 --- a/http/cves/2017/CVE-2017-16894.yaml +++ b/http/cves/2017/CVE-2017-16894.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2017-16894 cwe-id: CWE-200 epss-score: 0.11608 - epss-percentile: 0.94783 + epss-percentile: 0.95145 cpe: cpe:2.3:a:laravel:laravel:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-17043.yaml b/http/cves/2017/CVE-2017-17043.yaml index 693cf10ef0..2a20b7fcd1 100644 --- a/http/cves/2017/CVE-2017-17043.yaml +++ b/http/cves/2017/CVE-2017-17043.yaml @@ -14,13 +14,14 @@ info: - https://packetstormsecurity.com/files/145060/wpemagmc10-xss.txt - https://wpvulndb.com/vulnerabilities/8964 - https://nvd.nist.gov/vuln/detail/CVE-2017-17043 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2017-17043 cwe-id: CWE-79 epss-score: 0.00245 - epss-percentile: 0.62474 + epss-percentile: 0.63923 cpe: cpe:2.3:a:zitec:emag_marketplace_connector:1.0.0:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-17562.yaml b/http/cves/2017/CVE-2017-17562.yaml index 131d83b131..c8b08c2475 100644 --- a/http/cves/2017/CVE-2017-17562.yaml +++ b/http/cves/2017/CVE-2017-17562.yaml @@ -21,8 +21,8 @@ info: cvss-score: 8.1 cve-id: CVE-2017-17562 cwe-id: CWE-20 - epss-score: 0.97455 - epss-percentile: 0.99953 + epss-score: 0.97436 + epss-percentile: 0.9994 cpe: cpe:2.3:a:embedthis:goahead:*:*:*:*:*:*:*:* metadata: max-request: 65 diff --git a/http/cves/2017/CVE-2017-17731.yaml b/http/cves/2017/CVE-2017-17731.yaml index c3729e86d8..9de36a3609 100644 --- a/http/cves/2017/CVE-2017-17731.yaml +++ b/http/cves/2017/CVE-2017-17731.yaml @@ -15,13 +15,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2017-17731 - https://blog.csdn.net/nixawk/article/details/24982851 - https://github.com/Lucifer1993/AngelSword/blob/232258e42201373fef1f323864366dc1499581fc/cms/dedecms/dedecms_recommend_sqli.py#L25 + - https://github.com/20142995/Goby classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2017-17731 cwe-id: CWE-89 - epss-score: 0.20241 - epss-percentile: 0.95907 + epss-score: 0.02129 + epss-percentile: 0.88972 cpe: cpe:2.3:a:dedecms:dedecms:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-17736.yaml b/http/cves/2017/CVE-2017-17736.yaml index e21d5cbe28..a15ea68987 100644 --- a/http/cves/2017/CVE-2017-17736.yaml +++ b/http/cves/2017/CVE-2017-17736.yaml @@ -14,13 +14,15 @@ info: - https://www.exploit-db.com/ghdb/5694 - https://nvd.nist.gov/vuln/detail/CVE-2017-17736 - https://blog.hivint.com/advisory-access-control-bypass-in-kentico-cms-cve-2017-17736-49e1e43ae55b + - https://github.com/0xSojalSec/Nuclei-TemplatesNuclei-Templates-CVE-2017-17736 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2017-17736 cwe-id: CWE-425 epss-score: 0.1483 - epss-percentile: 0.95265 + epss-percentile: 0.95656 cpe: cpe:2.3:a:kentico:kentico_cms:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-18024.yaml b/http/cves/2017/CVE-2017-18024.yaml index 8b4f089672..fe8d80f715 100644 --- a/http/cves/2017/CVE-2017-18024.yaml +++ b/http/cves/2017/CVE-2017-18024.yaml @@ -13,13 +13,15 @@ info: - https://hackerone.com/reports/963798 - http://packetstormsecurity.com/files/145776/AvantFAX-3.3.3-Cross-Site-Scripting.html - https://nvd.nist.gov/vuln/detail/CVE-2017-18024 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/NarbehJackson/Java-Xss-minitwit16 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2017-18024 cwe-id: CWE-79 epss-score: 0.00074 - epss-percentile: 0.30437 + epss-percentile: 0.30209 cpe: cpe:2.3:a:avantfax:avantfax:3.3.3:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-18487.yaml b/http/cves/2017/CVE-2017-18487.yaml index d81ce7f8f4..e175926f61 100644 --- a/http/cves/2017/CVE-2017-18487.yaml +++ b/http/cves/2017/CVE-2017-18487.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18487 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36836 + epss-percentile: 0.36245 cpe: cpe:2.3:a:google_adsense_project:google_adsense:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-18490.yaml b/http/cves/2017/CVE-2017-18490.yaml index 960bb12109..3d8627b899 100644 --- a/http/cves/2017/CVE-2017-18490.yaml +++ b/http/cves/2017/CVE-2017-18490.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18490 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36857 + epss-percentile: 0.36245 cpe: cpe:2.3:a:bestwebsoft:contact_form_multi:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-18491.yaml b/http/cves/2017/CVE-2017-18491.yaml index 448c3f6d76..bdb354e685 100644 --- a/http/cves/2017/CVE-2017-18491.yaml +++ b/http/cves/2017/CVE-2017-18491.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18491 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36857 + epss-percentile: 0.36245 cpe: cpe:2.3:a:bestwebsoft:contact_form:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-18492.yaml b/http/cves/2017/CVE-2017-18492.yaml index 2040e6334b..6b0e63cf45 100644 --- a/http/cves/2017/CVE-2017-18492.yaml +++ b/http/cves/2017/CVE-2017-18492.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18492 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36857 + epss-percentile: 0.36245 cpe: cpe:2.3:a:bestwebsoft:contact_form_to_db:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-18493.yaml b/http/cves/2017/CVE-2017-18493.yaml index 0715af85c4..0454567bf8 100644 --- a/http/cves/2017/CVE-2017-18493.yaml +++ b/http/cves/2017/CVE-2017-18493.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18493 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36857 + epss-percentile: 0.36245 cpe: cpe:2.3:a:bestwebsoft:custom_admin_page:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-18500.yaml b/http/cves/2017/CVE-2017-18500.yaml index 5d49b576fe..b4fd8d439e 100644 --- a/http/cves/2017/CVE-2017-18500.yaml +++ b/http/cves/2017/CVE-2017-18500.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18500 cwe-id: CWE-79 epss-score: 0.00231 - epss-percentile: 0.61251 + epss-percentile: 0.60522 cpe: cpe:2.3:a:bestwebsoft:social_buttons_pack:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-18501.yaml b/http/cves/2017/CVE-2017-18501.yaml index bcf315f73e..cf3af0b4bd 100644 --- a/http/cves/2017/CVE-2017-18501.yaml +++ b/http/cves/2017/CVE-2017-18501.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18501 cwe-id: CWE-79 epss-score: 0.00231 - epss-percentile: 0.6132 + epss-percentile: 0.60522 cpe: cpe:2.3:a:bestwebsoft:social_login:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-18505.yaml b/http/cves/2017/CVE-2017-18505.yaml index aa7792ebd3..6cc152b43f 100644 --- a/http/cves/2017/CVE-2017-18505.yaml +++ b/http/cves/2017/CVE-2017-18505.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18505 cwe-id: CWE-79 epss-score: 0.00163 - epss-percentile: 0.52929 + epss-percentile: 0.51969 cpe: cpe:2.3:a:bestwebsoft:twitter_button:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-18518.yaml b/http/cves/2017/CVE-2017-18518.yaml index 6ee9d3e9d2..1b75f7fa58 100644 --- a/http/cves/2017/CVE-2017-18518.yaml +++ b/http/cves/2017/CVE-2017-18518.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2017-18518 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36836 + epss-percentile: 0.36245 cpe: cpe:2.3:a:bestwebsoft:smtp:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-18528.yaml b/http/cves/2017/CVE-2017-18528.yaml index 9b6ceaf9e6..8b54371ff9 100644 --- a/http/cves/2017/CVE-2017-18528.yaml +++ b/http/cves/2017/CVE-2017-18528.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18528 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36857 + epss-percentile: 0.36245 cpe: cpe:2.3:a:bestwebsoft:pdf_\&_print:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-18529.yaml b/http/cves/2017/CVE-2017-18529.yaml index 8505e76ddf..8ad39e490a 100644 --- a/http/cves/2017/CVE-2017-18529.yaml +++ b/http/cves/2017/CVE-2017-18529.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18529 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36836 + epss-percentile: 0.36245 cpe: cpe:2.3:a:bestwebsoft:promobar:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-18532.yaml b/http/cves/2017/CVE-2017-18532.yaml index e37f21c3ea..9a927c65b2 100644 --- a/http/cves/2017/CVE-2017-18532.yaml +++ b/http/cves/2017/CVE-2017-18532.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18532 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36857 + epss-percentile: 0.36245 cpe: cpe:2.3:a:bestwebsoft:realty:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-18537.yaml b/http/cves/2017/CVE-2017-18537.yaml index fe22fe34a8..bce7b19faf 100644 --- a/http/cves/2017/CVE-2017-18537.yaml +++ b/http/cves/2017/CVE-2017-18537.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18537 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36857 + epss-percentile: 0.36245 cpe: cpe:2.3:a:bestwebsoft:visitors_online:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-18542.yaml b/http/cves/2017/CVE-2017-18542.yaml index 9165d6bff7..8b5c5fffb0 100644 --- a/http/cves/2017/CVE-2017-18542.yaml +++ b/http/cves/2017/CVE-2017-18542.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18542 cwe-id: CWE-79 epss-score: 0.00221 - epss-percentile: 0.60223 + epss-percentile: 0.59511 cpe: cpe:2.3:a:bestwebsoft:zendesk_help_center:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-18556.yaml b/http/cves/2017/CVE-2017-18556.yaml index 8c81369f43..027ace8f89 100644 --- a/http/cves/2017/CVE-2017-18556.yaml +++ b/http/cves/2017/CVE-2017-18556.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2017-18556 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36857 + epss-percentile: 0.36245 cpe: cpe:2.3:a:bestwebsoft:google_analytics:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-18558.yaml b/http/cves/2017/CVE-2017-18558.yaml index 8f0e68bb48..ae8dbb2e26 100644 --- a/http/cves/2017/CVE-2017-18558.yaml +++ b/http/cves/2017/CVE-2017-18558.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18558 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36857 + epss-percentile: 0.36245 cpe: cpe:2.3:a:bestwebsoft:testimonials:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-18564.yaml b/http/cves/2017/CVE-2017-18564.yaml index ff1e9ab623..249704cc38 100644 --- a/http/cves/2017/CVE-2017-18564.yaml +++ b/http/cves/2017/CVE-2017-18564.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18564 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36857 + epss-percentile: 0.36245 cpe: cpe:2.3:a:bestwebsoft:sender:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-18565.yaml b/http/cves/2017/CVE-2017-18565.yaml index 26eb3db92f..2ddf1acd93 100644 --- a/http/cves/2017/CVE-2017-18565.yaml +++ b/http/cves/2017/CVE-2017-18565.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2017-18565 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36836 + epss-percentile: 0.36245 cpe: cpe:2.3:a:bestwebsoft:updater:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-18598.yaml b/http/cves/2017/CVE-2017-18598.yaml index 9f63976cd3..9e6304924a 100644 --- a/http/cves/2017/CVE-2017-18598.yaml +++ b/http/cves/2017/CVE-2017-18598.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2017-18598 cwe-id: CWE-79 epss-score: 0.00094 - epss-percentile: 0.39244 + epss-percentile: 0.38554 cpe: cpe:2.3:a:designmodo:qards:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-3506.yaml b/http/cves/2017/CVE-2017-3506.yaml index 1c9dcc105c..bc2664a978 100644 --- a/http/cves/2017/CVE-2017-3506.yaml +++ b/http/cves/2017/CVE-2017-3506.yaml @@ -14,12 +14,13 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2017-3506 - http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html - http://www.securitytracker.com/id/1038296 + - https://github.com/CVEDB/top classification: cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N cvss-score: 7.4 cve-id: CVE-2017-3506 epss-score: 0.96935 - epss-percentile: 0.99662 + epss-percentile: 0.99702 cpe: cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-3528.yaml b/http/cves/2017/CVE-2017-3528.yaml index c510621b39..5fd34ed21c 100644 --- a/http/cves/2017/CVE-2017-3528.yaml +++ b/http/cves/2017/CVE-2017-3528.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2017-3528 cwe-id: CWE-601 epss-score: 0.00865 - epss-percentile: 0.80496 + epss-percentile: 0.81972 cpe: cpe:2.3:a:oracle:applications_framework:12.1.3:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-4011.yaml b/http/cves/2017/CVE-2017-4011.yaml index 4ad88aa2ff..e859ed879c 100644 --- a/http/cves/2017/CVE-2017-4011.yaml +++ b/http/cves/2017/CVE-2017-4011.yaml @@ -14,13 +14,14 @@ info: - https://kc.mcafee.com/corporate/index?page=content&id=SB10198 - https://nvd.nist.gov/vuln/detail/CVE-2017-4011 - http://www.securitytracker.com/id/1038523 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2017-4011 cwe-id: CWE-79 epss-score: 0.00142 - epss-percentile: 0.4991 + epss-percentile: 0.49103 cpe: cpe:2.3:a:mcafee:network_data_loss_prevention:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-5638.yaml b/http/cves/2017/CVE-2017-5638.yaml index fe43ad1da3..a899b6f484 100644 --- a/http/cves/2017/CVE-2017-5638.yaml +++ b/http/cves/2017/CVE-2017-5638.yaml @@ -21,8 +21,8 @@ info: cvss-score: 10 cve-id: CVE-2017-5638 cwe-id: CWE-20 - epss-score: 0.97535 - epss-percentile: 0.99993 + epss-score: 0.97543 + epss-percentile: 0.99995 cpe: cpe:2.3:a:apache:struts:2.3.5:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-5689.yaml b/http/cves/2017/CVE-2017-5689.yaml index 6d843483bc..f73eb1f97f 100644 --- a/http/cves/2017/CVE-2017-5689.yaml +++ b/http/cves/2017/CVE-2017-5689.yaml @@ -20,8 +20,8 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2017-5689 - epss-score: 0.97418 - epss-percentile: 0.99921 + epss-score: 0.97395 + epss-percentile: 0.99912 cpe: cpe:2.3:o:intel:active_management_technology_firmware:6.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-5982.yaml b/http/cves/2017/CVE-2017-5982.yaml index 48bbdee0ad..7c34620384 100644 --- a/http/cves/2017/CVE-2017-5982.yaml +++ b/http/cves/2017/CVE-2017-5982.yaml @@ -12,13 +12,15 @@ info: - https://cxsecurity.com/issue/WLB-2017020164 - https://www.exploit-db.com/exploits/41312/ - https://nvd.nist.gov/vuln/detail/CVE-2017-5982 + - https://lists.debian.org/debian-lts-announce/2024/01/msg00009.html + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2017-5982 cwe-id: CWE-22 - epss-score: 0.0488 - epss-percentile: 0.91976 + epss-score: 0.0372 + epss-percentile: 0.91582 cpe: cpe:2.3:a:kodi:kodi:17.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-7269.yaml b/http/cves/2017/CVE-2017-7269.yaml index 174fa9f398..14ff4c2c75 100644 --- a/http/cves/2017/CVE-2017-7269.yaml +++ b/http/cves/2017/CVE-2017-7269.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2017-7269 cwe-id: CWE-119 epss-score: 0.97121 - epss-percentile: 0.99746 + epss-percentile: 0.9977 cpe: cpe:2.3:a:microsoft:internet_information_server:6.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-7391.yaml b/http/cves/2017/CVE-2017-7391.yaml index 45f619f426..c24a9f9b83 100644 --- a/http/cves/2017/CVE-2017-7391.yaml +++ b/http/cves/2017/CVE-2017-7391.yaml @@ -14,13 +14,14 @@ info: - https://github.com/dweeves/magmi-git/releases/download/0.7.22/magmi_full_0.7.22.zip - https://github.com/dweeves/magmi-git/pull/525 - https://nvd.nist.gov/vuln/detail/CVE-2017-7391 + - https://github.com/d4n-sec/d4n-sec.github.io classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2017-7391 cwe-id: CWE-79 epss-score: 0.00195 - epss-percentile: 0.57376 + epss-percentile: 0.56428 cpe: cpe:2.3:a:magmi_project:magmi:0.7.22:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-7615.yaml b/http/cves/2017/CVE-2017-7615.yaml index 48fe21e8e0..de94cd8f90 100644 --- a/http/cves/2017/CVE-2017-7615.yaml +++ b/http/cves/2017/CVE-2017-7615.yaml @@ -26,7 +26,7 @@ info: cve-id: CVE-2017-7615 cwe-id: CWE-640 epss-score: 0.97404 - epss-percentile: 0.99916 + epss-percentile: 0.99917 cpe: cpe:2.3:a:mantisbt:mantisbt:*:*:*:*:*:*:*:* metadata: max-request: 5 diff --git a/http/cves/2017/CVE-2017-7855.yaml b/http/cves/2017/CVE-2017-7855.yaml index 5916e5ad2e..0b98ea0fc9 100644 --- a/http/cves/2017/CVE-2017-7855.yaml +++ b/http/cves/2017/CVE-2017-7855.yaml @@ -16,7 +16,7 @@ info: cve-id: CVE-2017-7855 cwe-id: CWE-79 epss-score: 0.0009 - epss-percentile: 0.37683 + epss-percentile: 0.37043 cpe: cpe:2.3:a:icewarp:server:11.3.1.5:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-7921.yaml b/http/cves/2017/CVE-2017-7921.yaml index 7a5324e8be..d1d11d284d 100644 --- a/http/cves/2017/CVE-2017-7921.yaml +++ b/http/cves/2017/CVE-2017-7921.yaml @@ -14,13 +14,14 @@ info: - https://ics-cert.us-cert.gov/advisories/ICSA-17-124-01 - https://nvd.nist.gov/vuln/detail/CVE-2017-7921 - https://ghostbin.com/paste/q2vq2 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H cvss-score: 10 cve-id: CVE-2017-7921 cwe-id: CWE-287 epss-score: 0.01361 - epss-percentile: 0.84777 + epss-percentile: 0.85934 cpe: cpe:2.3:o:hikvision:ds-2cd2032-i_firmware:-:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-7925.yaml b/http/cves/2017/CVE-2017-7925.yaml index 371458fa37..45caf22abf 100644 --- a/http/cves/2017/CVE-2017-7925.yaml +++ b/http/cves/2017/CVE-2017-7925.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2017-7925 cwe-id: CWE-522,CWE-260 - epss-score: 0.35031 - epss-percentile: 0.96729 + epss-score: 0.42592 + epss-percentile: 0.97235 cpe: cpe:2.3:o:dahuasecurity:dh-ipc-hdbw23a0rn-zs_firmware:-:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-8229.yaml b/http/cves/2017/CVE-2017-8229.yaml index dc77920e67..e973dfeeb1 100644 --- a/http/cves/2017/CVE-2017-8229.yaml +++ b/http/cves/2017/CVE-2017-8229.yaml @@ -15,13 +15,14 @@ info: - http://packetstormsecurity.com/files/153224/Amcrest-IPM-721S-Credential-Disclosure-Privilege-Escalation.html - https://github.com/ethanhunnt/IoT_vulnerabilities/blob/master/Amcrest_sec_issues.pdf - https://seclists.org/bugtraq/2019/Jun/8 + - https://github.com/d4n-sec/d4n-sec.github.io classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2017-8229 cwe-id: CWE-255 - epss-score: 0.89327 - epss-percentile: 0.98501 + epss-score: 0.89506 + epss-percentile: 0.98685 cpe: cpe:2.3:o:amcrest:ipm-721s_firmware:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-8917.yaml b/http/cves/2017/CVE-2017-8917.yaml index 51bd1c46ab..1630cb3678 100644 --- a/http/cves/2017/CVE-2017-8917.yaml +++ b/http/cves/2017/CVE-2017-8917.yaml @@ -15,6 +15,7 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2017-8917 - https://web.archive.org/web/20211207050608/http://www.securitytracker.com/id/1038522 - http://www.securitytracker.com/id/1038522 + - https://github.com/binfed/cms-exp classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 diff --git a/http/cves/2017/CVE-2017-9140.yaml b/http/cves/2017/CVE-2017-9140.yaml index a73d793258..c23c2f7013 100644 --- a/http/cves/2017/CVE-2017-9140.yaml +++ b/http/cves/2017/CVE-2017-9140.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2017-9140 cwe-id: CWE-79 epss-score: 0.00191 - epss-percentile: 0.56827 + epss-percentile: 0.55758 cpe: cpe:2.3:a:progress:telerik_reporting:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-9288.yaml b/http/cves/2017/CVE-2017-9288.yaml index c50a4b7f40..3b22c0da55 100644 --- a/http/cves/2017/CVE-2017-9288.yaml +++ b/http/cves/2017/CVE-2017-9288.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2017-9288 cwe-id: CWE-79 epss-score: 0.00168 - epss-percentile: 0.53791 + epss-percentile: 0.52791 cpe: cpe:2.3:a:raygun:raygun4wp:1.8.0:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-9416.yaml b/http/cves/2017/CVE-2017-9416.yaml index a3b0174849..d91aca11f0 100644 --- a/http/cves/2017/CVE-2017-9416.yaml +++ b/http/cves/2017/CVE-2017-9416.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2017-9416 cwe-id: CWE-22 epss-score: 0.01037 - epss-percentile: 0.82265 + epss-percentile: 0.83585 cpe: cpe:2.3:a:odoo:odoo:8.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2017/CVE-2017-9805.yaml b/http/cves/2017/CVE-2017-9805.yaml index 4da78f95e3..56315ca789 100644 --- a/http/cves/2017/CVE-2017-9805.yaml +++ b/http/cves/2017/CVE-2017-9805.yaml @@ -20,7 +20,7 @@ info: cvss-score: 8.1 cve-id: CVE-2017-9805 cwe-id: CWE-502 - epss-score: 0.97537 + epss-score: 0.97541 epss-percentile: 0.99995 cpe: cpe:2.3:a:apache:struts:2.1.2:*:*:*:*:*:*:* metadata: diff --git a/http/cves/2017/CVE-2017-9822.yaml b/http/cves/2017/CVE-2017-9822.yaml index e2f2ed570e..56556b8085 100644 --- a/http/cves/2017/CVE-2017-9822.yaml +++ b/http/cves/2017/CVE-2017-9822.yaml @@ -14,13 +14,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2017-9822 - http://www.dnnsoftware.com/community/security/security-center - http://packetstormsecurity.com/files/157080/DotNetNuke-Cookie-Deserialization-Remote-Code-Execution.html + - https://github.com/xbl3/awesome-cve-poc_qazbnm456 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.8 cve-id: CVE-2017-9822 cwe-id: CWE-20 - epss-score: 0.96287 - epss-percentile: 0.99425 + epss-score: 0.97056 + epss-percentile: 0.99742 cpe: cpe:2.3:a:dnnsoftware:dotnetnuke:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-9833.yaml b/http/cves/2017/CVE-2017-9833.yaml index 70b4cf45f6..ddcdc345d9 100644 --- a/http/cves/2017/CVE-2017-9833.yaml +++ b/http/cves/2017/CVE-2017-9833.yaml @@ -14,13 +14,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2017-9833 - https://pastebin.com/raw/rt7LJvyF - https://www.exploit-db.com/exploits/42290/ + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2017-9833 cwe-id: CWE-22 - epss-score: 0.35156 - epss-percentile: 0.96738 + epss-score: 0.7354 + epss-percentile: 0.98027 cpe: cpe:2.3:a:boa:boa:0.94.14.21:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2017/CVE-2017-9841.yaml b/http/cves/2017/CVE-2017-9841.yaml index ef6e0ec08f..24b70ae27a 100644 --- a/http/cves/2017/CVE-2017-9841.yaml +++ b/http/cves/2017/CVE-2017-9841.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2017-9841 cwe-id: CWE-94 epss-score: 0.97477 - epss-percentile: 0.99964 + epss-percentile: 0.99963 cpe: cpe:2.3:a:phpunit_project:phpunit:*:*:*:*:*:*:*:* metadata: max-request: 6 diff --git a/http/cves/2018/CVE-2018-1000129.yaml b/http/cves/2018/CVE-2018-1000129.yaml index 6641f9e9a6..e92e7fa79e 100644 --- a/http/cves/2018/CVE-2018-1000129.yaml +++ b/http/cves/2018/CVE-2018-1000129.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2018-1000129 cwe-id: CWE-79 epss-score: 0.00257 - epss-percentile: 0.63529 + epss-percentile: 0.64818 cpe: cpe:2.3:a:jolokia:jolokia:1.3.7:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2018/CVE-2018-1000226.yaml b/http/cves/2018/CVE-2018-1000226.yaml index 7ec635632b..41c42d57b1 100644 --- a/http/cves/2018/CVE-2018-1000226.yaml +++ b/http/cves/2018/CVE-2018-1000226.yaml @@ -11,13 +11,14 @@ info: - https://github.com/cobbler/cobbler/issues/1916 - https://movermeyer.com/2018-08-02-privilege-escalation-exploits-in-cobblers-api/ - https://nvd.nist.gov/vuln/detail/CVE-2018-1000226 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2018-1000226 cwe-id: CWE-732 epss-score: 0.01309 - epss-percentile: 0.84446 + epss-percentile: 0.8563 cpe: cpe:2.3:a:cobblerd:cobbler:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-1000533.yaml b/http/cves/2018/CVE-2018-1000533.yaml index bce24b428e..edd6f32478 100644 --- a/http/cves/2018/CVE-2018-1000533.yaml +++ b/http/cves/2018/CVE-2018-1000533.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-1000533 cwe-id: CWE-20 epss-score: 0.97242 - epss-percentile: 0.99816 + epss-percentile: 0.99831 cpe: cpe:2.3:a:gitlist:gitlist:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2018/CVE-2018-1000600.yaml b/http/cves/2018/CVE-2018-1000600.yaml index 3ea8ef820e..008473d685 100644 --- a/http/cves/2018/CVE-2018-1000600.yaml +++ b/http/cves/2018/CVE-2018-1000600.yaml @@ -15,13 +15,14 @@ info: - https://devco.re/blog/2019/01/16/hacking-Jenkins-part1-play-with-dynamic-routing/ - https://jenkins.io/security/advisory/2018-06-25/#SECURITY-915 - https://nvd.nist.gov/vuln/detail/CVE-2018-1000600 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H cvss-score: 8.8 cve-id: CVE-2018-1000600 cwe-id: CWE-200 - epss-score: 0.95625 - epss-percentile: 0.99268 + epss-score: 0.93232 + epss-percentile: 0.99014 cpe: cpe:2.3:a:jenkins:github:*:*:*:*:*:jenkins:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-1000671.yaml b/http/cves/2018/CVE-2018-1000671.yaml index 319a823c34..43e64d9c44 100644 --- a/http/cves/2018/CVE-2018-1000671.yaml +++ b/http/cves/2018/CVE-2018-1000671.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2018-1000671 cwe-id: CWE-601 - epss-score: 0.00845 - epss-percentile: 0.80332 + epss-score: 0.00598 + epss-percentile: 0.77958 cpe: cpe:2.3:a:sympa:sympa:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-1000856.yaml b/http/cves/2018/CVE-2018-1000856.yaml index 72c04d3e9e..b0861dee25 100644 --- a/http/cves/2018/CVE-2018-1000856.yaml +++ b/http/cves/2018/CVE-2018-1000856.yaml @@ -19,8 +19,8 @@ info: cvss-score: 4.8 cve-id: CVE-2018-1000856 cwe-id: CWE-79 - epss-score: 0.00101 - epss-percentile: 0.41139 + epss-score: 0.00092 + epss-percentile: 0.38207 cpe: cpe:2.3:a:domainmod:domainmod:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-1000861.yaml b/http/cves/2018/CVE-2018-1000861.yaml index fc2b384e46..d3dddae44e 100644 --- a/http/cves/2018/CVE-2018-1000861.yaml +++ b/http/cves/2018/CVE-2018-1000861.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2018-1000861 cwe-id: CWE-502 - epss-score: 0.97215 - epss-percentile: 0.99801 + epss-score: 0.9734 + epss-percentile: 0.99882 cpe: cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-10141.yaml b/http/cves/2018/CVE-2018-10141.yaml index 6931d698c1..ad474134a6 100644 --- a/http/cves/2018/CVE-2018-10141.yaml +++ b/http/cves/2018/CVE-2018-10141.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2018-10141 cwe-id: CWE-79 epss-score: 0.00126 - epss-percentile: 0.47114 + epss-percentile: 0.46296 cpe: cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-10822.yaml b/http/cves/2018/CVE-2018-10822.yaml index 875dd399d6..cd2cff50a4 100644 --- a/http/cves/2018/CVE-2018-10822.yaml +++ b/http/cves/2018/CVE-2018-10822.yaml @@ -14,13 +14,14 @@ info: - http://sploit.tech/2018/10/12/D-Link.html - https://nvd.nist.gov/vuln/detail/CVE-2018-10822 - https://seclists.org/fulldisclosure/2018/Oct/36 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2018-10822 cwe-id: CWE-22 epss-score: 0.10309 - epss-percentile: 0.94411 + epss-percentile: 0.94824 cpe: cpe:2.3:o:dlink:dwr-116_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-10956.yaml b/http/cves/2018/CVE-2018-10956.yaml index ea398ebea6..e614b9fdd3 100644 --- a/http/cves/2018/CVE-2018-10956.yaml +++ b/http/cves/2018/CVE-2018-10956.yaml @@ -15,13 +15,14 @@ info: - https://github.com/nettitude/metasploit-modules/blob/master/orchid_core_vms_directory_traversal.rb - https://www.exploit-db.com/exploits/44916/ - https://nvd.nist.gov/vuln/detail/CVE-2018-10956 + - https://github.com/xbl3/awesome-cve-poc_qazbnm456 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2018-10956 cwe-id: CWE-22 epss-score: 0.57917 - epss-percentile: 0.97423 + epss-percentile: 0.97652 cpe: cpe:2.3:a:ipconfigure:orchid_core_vms:2.0.5:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-11227.yaml b/http/cves/2018/CVE-2018-11227.yaml index 3189e7892e..5c94a94a5b 100644 --- a/http/cves/2018/CVE-2018-11227.yaml +++ b/http/cves/2018/CVE-2018-11227.yaml @@ -15,13 +15,14 @@ info: - https://www.exploit-db.com/exploits/44646 - https://nvd.nist.gov/vuln/detail/CVE-2018-11227 - https://github.com/monstra-cms/monstra/issues + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2018-11227 cwe-id: CWE-79 - epss-score: 0.02667 - epss-percentile: 0.89322 + epss-score: 0.02135 + epss-percentile: 0.8903 cpe: cpe:2.3:a:monstra:monstra_cms:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-11231.yaml b/http/cves/2018/CVE-2018-11231.yaml index 166a2b8764..a54774291b 100644 --- a/http/cves/2018/CVE-2018-11231.yaml +++ b/http/cves/2018/CVE-2018-11231.yaml @@ -14,13 +14,14 @@ info: - https://web.archive.org/web/20220331072310/http://foreversong.cn/archives/1183 - https://nvd.nist.gov/vuln/detail/CVE-2018-11231 - http://foreversong.cn/archives/1183 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.1 cve-id: CVE-2018-11231 cwe-id: CWE-89 epss-score: 0.00903 - epss-percentile: 0.80953 + epss-percentile: 0.82368 cpe: cpe:2.3:a:divido:divido:-:*:*:*:*:opencart:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-11473.yaml b/http/cves/2018/CVE-2018-11473.yaml index 7cf03fd391..0046780028 100644 --- a/http/cves/2018/CVE-2018-11473.yaml +++ b/http/cves/2018/CVE-2018-11473.yaml @@ -14,13 +14,14 @@ info: - https://github.com/monstra-cms/monstra/issues/446 - https://github.com/nikhil1232/Monstra-CMS-3.0.4-XSS-ON-Registration-Page - https://nvd.nist.gov/vuln/detail/CVE-2018-11473 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2018-11473 cwe-id: CWE-79 epss-score: 0.00097 - epss-percentile: 0.40212 + epss-percentile: 0.39534 cpe: cpe:2.3:a:monstra:monstra:3.0.4:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-11709.yaml b/http/cves/2018/CVE-2018-11709.yaml index aeeaf24b0d..9d4ecb51ab 100644 --- a/http/cves/2018/CVE-2018-11709.yaml +++ b/http/cves/2018/CVE-2018-11709.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2018-11709 cwe-id: CWE-79 - epss-score: 0.00151 - epss-percentile: 0.5127 + epss-score: 0.00175 + epss-percentile: 0.53725 cpe: cpe:2.3:a:gvectors:wpforo_forum:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-11759.yaml b/http/cves/2018/CVE-2018-11759.yaml index 5b99c4eb53..76e66f7eed 100644 --- a/http/cves/2018/CVE-2018-11759.yaml +++ b/http/cves/2018/CVE-2018-11759.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2018-11759 cwe-id: CWE-22 - epss-score: 0.96598 - epss-percentile: 0.99543 + epss-score: 0.96552 + epss-percentile: 0.99592 cpe: cpe:2.3:a:apache:tomcat_jk_connector:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2018/CVE-2018-11776.yaml b/http/cves/2018/CVE-2018-11776.yaml index adf84431ab..37bb722daa 100644 --- a/http/cves/2018/CVE-2018-11776.yaml +++ b/http/cves/2018/CVE-2018-11776.yaml @@ -21,8 +21,8 @@ info: cvss-score: 8.1 cve-id: CVE-2018-11776 cwe-id: CWE-20 - epss-score: 0.97505 - epss-percentile: 0.99981 + epss-score: 0.97517 + epss-percentile: 0.99985 cpe: cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-12031.yaml b/http/cves/2018/CVE-2018-12031.yaml index e548b66311..746d432343 100644 --- a/http/cves/2018/CVE-2018-12031.yaml +++ b/http/cves/2018/CVE-2018-12031.yaml @@ -13,13 +13,15 @@ info: - https://github.com/EmreOvunc/Eaton-Intelligent-Power-Manager-Local-File-Inclusion - https://www.exploit-db.com/exploits/48614 - https://nvd.nist.gov/vuln/detail/CVE-2018-12031 + - https://github.com/0xT11/CVE-POC + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2018-12031 cwe-id: CWE-22 - epss-score: 0.01411 - epss-percentile: 0.85052 + epss-score: 0.00725 + epss-percentile: 0.80248 cpe: cpe:2.3:a:eaton:intelligent_power_manager:1.6:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2018/CVE-2018-1207.yaml b/http/cves/2018/CVE-2018-1207.yaml index 75f420a3b1..4fd6798b54 100644 --- a/http/cves/2018/CVE-2018-1207.yaml +++ b/http/cves/2018/CVE-2018-1207.yaml @@ -24,7 +24,7 @@ info: cve-id: CVE-2018-1207 cwe-id: CWE-94 epss-score: 0.01875 - epss-percentile: 0.87166 + epss-percentile: 0.88144 cpe: cpe:2.3:a:dell:emc_idrac7:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-12095.yaml b/http/cves/2018/CVE-2018-12095.yaml index a98e98c9ab..f913f5030b 100644 --- a/http/cves/2018/CVE-2018-12095.yaml +++ b/http/cves/2018/CVE-2018-12095.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-12095 cwe-id: CWE-79 epss-score: 0.00333 - epss-percentile: 0.68242 + epss-percentile: 0.70604 cpe: cpe:2.3:a:oecms_project:oecms:3.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-12296.yaml b/http/cves/2018/CVE-2018-12296.yaml index a46cd229ae..bf0c101eaf 100644 --- a/http/cves/2018/CVE-2018-12296.yaml +++ b/http/cves/2018/CVE-2018-12296.yaml @@ -12,13 +12,14 @@ info: reference: - https://blog.securityevaluators.com/invading-your-personal-cloud-ise-labs-exploits-the-seagate-stcr3000101-ecf89de2170 - https://nvd.nist.gov/vuln/detail/CVE-2018-12296 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2018-12296 cwe-id: CWE-732 - epss-score: 0.01386 - epss-percentile: 0.84924 + epss-score: 0.01442 + epss-percentile: 0.86338 cpe: cpe:2.3:o:seagate:nas_os:4.3.15.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-12675.yaml b/http/cves/2018/CVE-2018-12675.yaml index 8a1c0ddc84..a4ec8df889 100644 --- a/http/cves/2018/CVE-2018-12675.yaml +++ b/http/cves/2018/CVE-2018-12675.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2018-12675 cwe-id: CWE-601 epss-score: 0.00118 - epss-percentile: 0.45761 + epss-percentile: 0.44971 cpe: cpe:2.3:o:sv3c:h.264_poe_ip_camera_firmware:v2.3.4.2103-s50-ntd-b20170508b:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-1271.yaml b/http/cves/2018/CVE-2018-1271.yaml index 56fb431233..dc1adffb97 100644 --- a/http/cves/2018/CVE-2018-1271.yaml +++ b/http/cves/2018/CVE-2018-1271.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-1271 cwe-id: CWE-22 epss-score: 0.004 - epss-percentile: 0.70833 + epss-percentile: 0.73113 cpe: cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2018/CVE-2018-12909.yaml b/http/cves/2018/CVE-2018-12909.yaml index 834a79441c..ae9347d562 100644 --- a/http/cves/2018/CVE-2018-12909.yaml +++ b/http/cves/2018/CVE-2018-12909.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.5 cve-id: CVE-2018-12909 cwe-id: CWE-22 - epss-score: 0.01119 - epss-percentile: 0.83058 + epss-score: 0.00466 + epss-percentile: 0.74979 cpe: cpe:2.3:a:webgrind_project:webgrind:1.5.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-12998.yaml b/http/cves/2018/CVE-2018-12998.yaml index cad5baf5a7..80af352281 100644 --- a/http/cves/2018/CVE-2018-12998.yaml +++ b/http/cves/2018/CVE-2018-12998.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2018-12998 cwe-id: CWE-79 - epss-score: 0.96915 - epss-percentile: 0.9966 + epss-score: 0.96752 + epss-percentile: 0.99646 cpe: cpe:2.3:a:zohocorp:firewall_analyzer:-:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-13980.yaml b/http/cves/2018/CVE-2018-13980.yaml index 645eed6277..7bd191ae69 100644 --- a/http/cves/2018/CVE-2018-13980.yaml +++ b/http/cves/2018/CVE-2018-13980.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-13980 cwe-id: CWE-22 epss-score: 0.0018 - epss-percentile: 0.55295 + epss-percentile: 0.5428 cpe: cpe:2.3:a:zeta-producer:zeta_producer:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-14013.yaml b/http/cves/2018/CVE-2018-14013.yaml index 82b9d898c5..55fc0419dd 100644 --- a/http/cves/2018/CVE-2018-14013.yaml +++ b/http/cves/2018/CVE-2018-14013.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-14013 cwe-id: CWE-79 epss-score: 0.00755 - epss-percentile: 0.79096 + epss-percentile: 0.80655 cpe: cpe:2.3:a:synacor:zimbra_collaboration_suite:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-14728.yaml b/http/cves/2018/CVE-2018-14728.yaml index b8646e0924..ee8a6ead70 100644 --- a/http/cves/2018/CVE-2018-14728.yaml +++ b/http/cves/2018/CVE-2018-14728.yaml @@ -13,13 +13,15 @@ info: - http://packetstormsecurity.com/files/148742/Responsive-Filemanager-9.13.1-Server-Side-Request-Forgery.html - https://www.exploit-db.com/exploits/45103/ - https://nvd.nist.gov/vuln/detail/CVE-2018-14728 + - https://github.com/sobinge/nuclei-templates + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2018-14728 cwe-id: CWE-918 epss-score: 0.96369 - epss-percentile: 0.99454 + epss-percentile: 0.99525 cpe: cpe:2.3:a:tecrail:responsive_filemanager:9.13.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-14916.yaml b/http/cves/2018/CVE-2018-14916.yaml index 4b0c8dd7ed..7e496642c8 100644 --- a/http/cves/2018/CVE-2018-14916.yaml +++ b/http/cves/2018/CVE-2018-14916.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-14916 cwe-id: CWE-732 epss-score: 0.00685 - epss-percentile: 0.77959 + epss-percentile: 0.79617 cpe: cpe:2.3:o:loytec:lgate-902_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-14931.yaml b/http/cves/2018/CVE-2018-14931.yaml index fe9ccbac57..01c140af69 100644 --- a/http/cves/2018/CVE-2018-14931.yaml +++ b/http/cves/2018/CVE-2018-14931.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2018-14931 cwe-id: CWE-601 epss-score: 0.00118 - epss-percentile: 0.45761 + epss-percentile: 0.44971 cpe: cpe:2.3:a:polarisft:intellect_core_banking:9.7.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-15517.yaml b/http/cves/2018/CVE-2018-15517.yaml index 9d59bfbaf7..3d573cf503 100644 --- a/http/cves/2018/CVE-2018-15517.yaml +++ b/http/cves/2018/CVE-2018-15517.yaml @@ -20,8 +20,8 @@ info: cvss-score: 8.6 cve-id: CVE-2018-15517 cwe-id: CWE-918 - epss-score: 0.01414 - epss-percentile: 0.85108 + epss-score: 0.01001 + epss-percentile: 0.83284 cpe: cpe:2.3:a:dlink:central_wifimanager:1.03:r0098:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-15745.yaml b/http/cves/2018/CVE-2018-15745.yaml index 6873fef6d4..8ddb39b4bc 100644 --- a/http/cves/2018/CVE-2018-15745.yaml +++ b/http/cves/2018/CVE-2018-15745.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2018-15745 cwe-id: CWE-22 epss-score: 0.94576 - epss-percentile: 0.99076 + epss-percentile: 0.99184 cpe: cpe:2.3:a:argussurveillance:dvr:4.0.0.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-15917.yaml b/http/cves/2018/CVE-2018-15917.yaml index b05ba1eea1..c73edd7384 100644 --- a/http/cves/2018/CVE-2018-15917.yaml +++ b/http/cves/2018/CVE-2018-15917.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2018-15917 cwe-id: CWE-79 epss-score: 0.04217 - epss-percentile: 0.91397 + epss-percentile: 0.92046 cpe: cpe:2.3:a:jorani_project:jorani:0.6.5:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-16059.yaml b/http/cves/2018/CVE-2018-16059.yaml index 2c5f17ea34..de6cb5e711 100644 --- a/http/cves/2018/CVE-2018-16059.yaml +++ b/http/cves/2018/CVE-2018-16059.yaml @@ -20,8 +20,8 @@ info: cvss-score: 5.3 cve-id: CVE-2018-16059 cwe-id: CWE-22 - epss-score: 0.34793 - epss-percentile: 0.96722 + epss-score: 0.32871 + epss-percentile: 0.96924 cpe: cpe:2.3:o:endress:wirelesshart_fieldgate_swg70_firmware:3.00.07:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-16133.yaml b/http/cves/2018/CVE-2018-16133.yaml index 58126805ac..2ecf3035bc 100644 --- a/http/cves/2018/CVE-2018-16133.yaml +++ b/http/cves/2018/CVE-2018-16133.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-16133 cwe-id: CWE-22 epss-score: 0.03629 - epss-percentile: 0.90789 + epss-percentile: 0.91461 cpe: cpe:2.3:a:cybrotech:cybrohttpserver:1.0.3:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-16139.yaml b/http/cves/2018/CVE-2018-16139.yaml index ba423ce6f0..d6baca488b 100644 --- a/http/cves/2018/CVE-2018-16139.yaml +++ b/http/cves/2018/CVE-2018-16139.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-16139 cwe-id: CWE-79 epss-score: 0.00135 - epss-percentile: 0.48664 + epss-percentile: 0.47838 cpe: cpe:2.3:a:bibliosoft:bibliopac:2008:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-16159.yaml b/http/cves/2018/CVE-2018-16159.yaml index ebf93501c6..62d576c2c6 100644 --- a/http/cves/2018/CVE-2018-16159.yaml +++ b/http/cves/2018/CVE-2018-16159.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-16159 cwe-id: CWE-89 epss-score: 0.01228 - epss-percentile: 0.83928 + epss-percentile: 0.85084 cpe: cpe:2.3:a:codemenschen:gift_vouchers:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-16167.yaml b/http/cves/2018/CVE-2018-16167.yaml index 9c771ba06e..4229c61fc0 100644 --- a/http/cves/2018/CVE-2018-16167.yaml +++ b/http/cves/2018/CVE-2018-16167.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2018-16167 cwe-id: CWE-78 - epss-score: 0.21391 - epss-percentile: 0.96016 + epss-score: 0.27457 + epss-percentile: 0.9669 cpe: cpe:2.3:a:jpcert:logontracer:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-16283.yaml b/http/cves/2018/CVE-2018-16283.yaml index 8a36fa74cc..14ccf83922 100644 --- a/http/cves/2018/CVE-2018-16283.yaml +++ b/http/cves/2018/CVE-2018-16283.yaml @@ -18,8 +18,8 @@ info: cvss-score: 9.8 cve-id: CVE-2018-16283 cwe-id: CWE-22 - epss-score: 0.05805 - epss-percentile: 0.9266 + epss-score: 0.0412 + epss-percentile: 0.91963 cpe: cpe:2.3:a:wechat_brodcast_project:wechat_brodcast:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-16288.yaml b/http/cves/2018/CVE-2018-16288.yaml index ffd0c3fd90..2cd1505517 100644 --- a/http/cves/2018/CVE-2018-16288.yaml +++ b/http/cves/2018/CVE-2018-16288.yaml @@ -14,13 +14,15 @@ info: - https://www.exploit-db.com/exploits/45440 - http://mamaquieroserpentester.blogspot.com/2018/09/multiple-vulnerabilities-in-lg.html - https://nvd.nist.gov/vuln/detail/CVE-2018-16288 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N cvss-score: 8.6 cve-id: CVE-2018-16288 cwe-id: CWE-200 - epss-score: 0.16221 - epss-percentile: 0.95476 + epss-score: 0.12055 + epss-percentile: 0.95227 cpe: cpe:2.3:a:lg:supersign_cms:2.5:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-16668.yaml b/http/cves/2018/CVE-2018-16668.yaml index 1f4ebdf790..b01ad025cd 100644 --- a/http/cves/2018/CVE-2018-16668.yaml +++ b/http/cves/2018/CVE-2018-16668.yaml @@ -14,13 +14,14 @@ info: - https://github.com/SadFud/Exploits/tree/master/Real%20World/Suites/cir-pwn-life - https://www.exploit-db.com/exploits/45384/ - https://nvd.nist.gov/vuln/detail/CVE-2018-16668 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2018-16668 cwe-id: CWE-287 - epss-score: 0.00318 - epss-percentile: 0.67308 + epss-score: 0.00189 + epss-percentile: 0.55432 cpe: cpe:2.3:a:circontrol:circarlife_scada:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-16671.yaml b/http/cves/2018/CVE-2018-16671.yaml index 2116a87bee..eac2464890 100644 --- a/http/cves/2018/CVE-2018-16671.yaml +++ b/http/cves/2018/CVE-2018-16671.yaml @@ -13,13 +13,15 @@ info: - https://www.exploit-db.com/exploits/45384 - https://github.com/SadFud/Exploits/tree/master/Real%20World/Suites/cir-pwn-life - https://nvd.nist.gov/vuln/detail/CVE-2018-16671 + - https://github.com/20142995/sectool + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2018-16671 cwe-id: CWE-200 - epss-score: 0.00224 - epss-percentile: 0.60639 + epss-score: 0.00189 + epss-percentile: 0.55432 cpe: cpe:2.3:a:circontrol:circarlife_scada:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-16763.yaml b/http/cves/2018/CVE-2018-16763.yaml index ba914c3e27..5b83da0c5a 100644 --- a/http/cves/2018/CVE-2018-16763.yaml +++ b/http/cves/2018/CVE-2018-16763.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2018-16763 cwe-id: CWE-74 - epss-score: 0.83439 - epss-percentile: 0.98171 + epss-score: 0.83285 + epss-percentile: 0.98356 cpe: cpe:2.3:a:thedaylightstudio:fuel_cms:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-16836.yaml b/http/cves/2018/CVE-2018-16836.yaml index 470776f393..87c0badfda 100644 --- a/http/cves/2018/CVE-2018-16836.yaml +++ b/http/cves/2018/CVE-2018-16836.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2018-16836 cwe-id: CWE-22 - epss-score: 0.29944 - epss-percentile: 0.96512 + epss-score: 0.26631 + epss-percentile: 0.96643 cpe: cpe:2.3:a:rubedo_project:rubedo:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-16979.yaml b/http/cves/2018/CVE-2018-16979.yaml index 0dbf1b39fd..dfa7471efc 100644 --- a/http/cves/2018/CVE-2018-16979.yaml +++ b/http/cves/2018/CVE-2018-16979.yaml @@ -13,13 +13,14 @@ info: reference: - https://github.com/howchen/howchen/issues/4 - https://nvd.nist.gov/vuln/detail/CVE-2018-16979 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2018-16979 cwe-id: CWE-113 - epss-score: 0.00118 - epss-percentile: 0.45685 + epss-score: 0.00141 + epss-percentile: 0.48943 cpe: cpe:2.3:a:monstra:monstra:3.0.4:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-17153.yaml b/http/cves/2018/CVE-2018-17153.yaml index f91656f047..56931486bb 100644 --- a/http/cves/2018/CVE-2018-17153.yaml +++ b/http/cves/2018/CVE-2018-17153.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2018-17153 cwe-id: CWE-287 - epss-score: 0.92144 - epss-percentile: 0.98754 + epss-score: 0.81607 + epss-percentile: 0.98273 cpe: cpe:2.3:o:western_digital:my_cloud_wdbctl0020hwt_firmware:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-17246.yaml b/http/cves/2018/CVE-2018-17246.yaml index 40159995d4..e248210fd4 100644 --- a/http/cves/2018/CVE-2018-17246.yaml +++ b/http/cves/2018/CVE-2018-17246.yaml @@ -19,9 +19,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2018-17246 - cwe-id: CWE-73,CWE-829 - epss-score: 0.96827 - epss-percentile: 0.99619 + cwe-id: CWE-829,CWE-73 + epss-score: 0.96638 + epss-percentile: 0.99612 cpe: cpe:2.3:a:elastic:kibana:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-17422.yaml b/http/cves/2018/CVE-2018-17422.yaml index d6ec1926cf..c86470ba5d 100644 --- a/http/cves/2018/CVE-2018-17422.yaml +++ b/http/cves/2018/CVE-2018-17422.yaml @@ -13,13 +13,14 @@ info: reference: - https://github.com/dotCMS/core/issues/15286 - https://nvd.nist.gov/vuln/detail/CVE-2018-17422 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2018-17422 cwe-id: CWE-601 epss-score: 0.00118 - epss-percentile: 0.45685 + epss-percentile: 0.44971 cpe: cpe:2.3:a:dotcms:dotcms:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-17431.yaml b/http/cves/2018/CVE-2018-17431.yaml index 2aa77891ff..1e4f28bea5 100644 --- a/http/cves/2018/CVE-2018-17431.yaml +++ b/http/cves/2018/CVE-2018-17431.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-17431 cwe-id: CWE-287 epss-score: 0.11416 - epss-percentile: 0.95073 + epss-percentile: 0.95098 cpe: cpe:2.3:a:comodo:unified_threat_management_firewall:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2018/CVE-2018-18069.yaml b/http/cves/2018/CVE-2018-18069.yaml index 12e2b959c8..a6939da7a5 100644 --- a/http/cves/2018/CVE-2018-18069.yaml +++ b/http/cves/2018/CVE-2018-18069.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-18069 cwe-id: CWE-79 epss-score: 0.00092 - epss-percentile: 0.38754 + epss-percentile: 0.38026 cpe: cpe:2.3:a:wpml:wpml:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-18264.yaml b/http/cves/2018/CVE-2018-18264.yaml index 3bbf15eaf2..d8ed277549 100644 --- a/http/cves/2018/CVE-2018-18264.yaml +++ b/http/cves/2018/CVE-2018-18264.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2018-18264 cwe-id: CWE-306 - epss-score: 0.96258 - epss-percentile: 0.99415 + epss-score: 0.96092 + epss-percentile: 0.99459 cpe: cpe:2.3:a:kubernetes:dashboard:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2018/CVE-2018-18323.yaml b/http/cves/2018/CVE-2018-18323.yaml index 3592c0c46b..22905f6820 100644 --- a/http/cves/2018/CVE-2018-18323.yaml +++ b/http/cves/2018/CVE-2018-18323.yaml @@ -15,13 +15,14 @@ info: - http://centos-webpanel.com/ - https://seccops.com/centos-web-panel-0-9-8-480-multiple-vulnerabilities/ - https://nvd.nist.gov/vuln/detail/CVE-2018-18323 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2018-18323 cwe-id: CWE-22 - epss-score: 0.97014 - epss-percentile: 0.9969 + epss-score: 0.9648 + epss-percentile: 0.99556 cpe: cpe:2.3:a:control-webpanel:webpanel:0.9.8.480:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-18570.yaml b/http/cves/2018/CVE-2018-18570.yaml index 4c911d474d..3c5f07bf77 100644 --- a/http/cves/2018/CVE-2018-18570.yaml +++ b/http/cves/2018/CVE-2018-18570.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2018-18570 cwe-id: CWE-79 epss-score: 0.00098 - epss-percentile: 0.40364 + epss-percentile: 0.39642 cpe: cpe:2.3:a:planonsoftware:planon:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-18775.yaml b/http/cves/2018/CVE-2018-18775.yaml index b1748603d2..8566e600c0 100644 --- a/http/cves/2018/CVE-2018-18775.yaml +++ b/http/cves/2018/CVE-2018-18775.yaml @@ -13,13 +13,14 @@ info: - https://www.exploit-db.com/exploits/45755 - http://packetstormsecurity.com/files/150059/Microstrategy-Web-7-Cross-Site-Scripting-Traversal.html - https://nvd.nist.gov/vuln/detail/CVE-2018-18775 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2018-18775 cwe-id: CWE-79 epss-score: 0.00157 - epss-percentile: 0.52016 + epss-percentile: 0.51189 cpe: cpe:2.3:a:microstrategy:microstrategy_web:7:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-18778.yaml b/http/cves/2018/CVE-2018-18778.yaml index 1f73161e79..403adacffa 100644 --- a/http/cves/2018/CVE-2018-18778.yaml +++ b/http/cves/2018/CVE-2018-18778.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.5 cve-id: CVE-2018-18778 cwe-id: CWE-200 - epss-score: 0.95125 - epss-percentile: 0.9916 + epss-score: 0.17666 + epss-percentile: 0.96022 cpe: cpe:2.3:a:acme:mini-httpd:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2018/CVE-2018-18809.yaml b/http/cves/2018/CVE-2018-18809.yaml index ca54e9c59f..bde8f3a3cc 100644 --- a/http/cves/2018/CVE-2018-18809.yaml +++ b/http/cves/2018/CVE-2018-18809.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.5 cve-id: CVE-2018-18809 cwe-id: CWE-22 - epss-score: 0.42207 - epss-percentile: 0.96983 + epss-score: 0.43128 + epss-percentile: 0.97253 cpe: cpe:2.3:a:tibco:jasperreports_library:*:*:*:*:activematrix_bpm:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-18925.yaml b/http/cves/2018/CVE-2018-18925.yaml index bbfc6bacc6..28bfdad1fd 100644 --- a/http/cves/2018/CVE-2018-18925.yaml +++ b/http/cves/2018/CVE-2018-18925.yaml @@ -13,13 +13,14 @@ info: - https://github.com/vulhub/vulhub/tree/master/gogs/CVE-2018-18925 - https://nvd.nist.gov/vuln/detail/cve-2018-18925 - https://github.com/gogs/gogs/issues/5469 + - https://github.com/j4k0m/CVE-2018-18925 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2018-18925 cwe-id: CWE-384 epss-score: 0.09538 - epss-percentile: 0.94194 + epss-percentile: 0.94612 cpe: cpe:2.3:a:gogs:gogs:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2018/CVE-2018-19136.yaml b/http/cves/2018/CVE-2018-19136.yaml index 72188d25f1..a94bf0f917 100644 --- a/http/cves/2018/CVE-2018-19136.yaml +++ b/http/cves/2018/CVE-2018-19136.yaml @@ -14,13 +14,15 @@ info: - https://www.exploit-db.com/exploits/45883/ - https://github.com/domainmod/domainmod/issues/79 - https://nvd.nist.gov/vuln/detail/CVE-2018-19136 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2018-19136 cwe-id: CWE-79 epss-score: 0.00152 - epss-percentile: 0.51369 + epss-percentile: 0.50531 cpe: cpe:2.3:a:domainmod:domainmod:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-19137.yaml b/http/cves/2018/CVE-2018-19137.yaml index 20a740bcd2..b7c56024ba 100644 --- a/http/cves/2018/CVE-2018-19137.yaml +++ b/http/cves/2018/CVE-2018-19137.yaml @@ -13,13 +13,14 @@ info: reference: - https://github.com/domainmod/domainmod/issues/79 - https://nvd.nist.gov/vuln/detail/CVE-2018-19137 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2018-19137 cwe-id: CWE-79 - epss-score: 0.0008 - epss-percentile: 0.335 + epss-score: 0.00096 + epss-percentile: 0.39294 cpe: cpe:2.3:a:domainmod:domainmod:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-19365.yaml b/http/cves/2018/CVE-2018-19365.yaml index 84844ef1d1..7ac3fedd97 100644 --- a/http/cves/2018/CVE-2018-19365.yaml +++ b/http/cves/2018/CVE-2018-19365.yaml @@ -13,13 +13,14 @@ info: - https://blog.gdssecurity.com/labs/2019/2/11/wowza-streaming-engine-manager-directory-traversal-and-local.html - https://nvd.nist.gov/vuln/detail/CVE-2018-19365 - https://raw.githubusercontent.com/WowzaMediaSystems/public_cve/main/wowza-streaming-engine/CVE-2018-19365.txt + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H cvss-score: 9.1 cve-id: CVE-2018-19365 cwe-id: CWE-22 - epss-score: 0.01629 - epss-percentile: 0.86133 + epss-score: 0.01354 + epss-percentile: 0.8589 cpe: cpe:2.3:a:wowza:streaming_engine:4.7.4.0.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-19386.yaml b/http/cves/2018/CVE-2018-19386.yaml index 19e5a72d2a..4598f3ac5d 100644 --- a/http/cves/2018/CVE-2018-19386.yaml +++ b/http/cves/2018/CVE-2018-19386.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-19386 cwe-id: CWE-79 epss-score: 0.00177 - epss-percentile: 0.54991 + epss-percentile: 0.53963 cpe: cpe:2.3:a:solarwinds:database_performance_analyzer:11.1.457:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-19439.yaml b/http/cves/2018/CVE-2018-19439.yaml index fe88d25952..bc1e1c1ff0 100644 --- a/http/cves/2018/CVE-2018-19439.yaml +++ b/http/cves/2018/CVE-2018-19439.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2018-19439 cwe-id: CWE-79 - epss-score: 0.00776 - epss-percentile: 0.79431 + epss-score: 0.00548 + epss-percentile: 0.76986 cpe: cpe:2.3:a:oracle:secure_global_desktop:4.4:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-19749.yaml b/http/cves/2018/CVE-2018-19749.yaml index a273bef199..3511c31d3f 100644 --- a/http/cves/2018/CVE-2018-19749.yaml +++ b/http/cves/2018/CVE-2018-19749.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2018-19749 cwe-id: CWE-79 epss-score: 0.00096 - epss-percentile: 0.39832 + epss-percentile: 0.39112 cpe: cpe:2.3:a:domainmod:domainmod:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-19751.yaml b/http/cves/2018/CVE-2018-19751.yaml index d1291498b4..633b16ce95 100644 --- a/http/cves/2018/CVE-2018-19751.yaml +++ b/http/cves/2018/CVE-2018-19751.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-19751 cwe-id: CWE-79 epss-score: 0.00096 - epss-percentile: 0.39832 + epss-percentile: 0.39112 cpe: cpe:2.3:a:domainmod:domainmod:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-19752.yaml b/http/cves/2018/CVE-2018-19752.yaml index 0366f7061e..42d914741b 100644 --- a/http/cves/2018/CVE-2018-19752.yaml +++ b/http/cves/2018/CVE-2018-19752.yaml @@ -14,13 +14,14 @@ info: - https://github.com/domainmod/domainmod/issues/84 - https://www.exploit-db.com/exploits/45949/ - https://nvd.nist.gov/vuln/detail/CVE-2018-19752 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N cvss-score: 4.8 cve-id: CVE-2018-19752 cwe-id: CWE-79 epss-score: 0.00096 - epss-percentile: 0.39797 + epss-percentile: 0.39112 cpe: cpe:2.3:a:domainmod:domainmod:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-19877.yaml b/http/cves/2018/CVE-2018-19877.yaml index 93c62c5f7c..007ed11dd2 100644 --- a/http/cves/2018/CVE-2018-19877.yaml +++ b/http/cves/2018/CVE-2018-19877.yaml @@ -14,13 +14,14 @@ info: - https://loganalyzer.adiscon.com/news/loganalyzer-v4-1-7-v4-stable-released/ - https://www.exploit-db.com/exploits/45958/ - https://nvd.nist.gov/vuln/detail/CVE-2018-19877 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2018-19877 cwe-id: CWE-79 epss-score: 0.00241 - epss-percentile: 0.62084 + epss-percentile: 0.63554 cpe: cpe:2.3:a:adiscon:loganalyzer:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-19892.yaml b/http/cves/2018/CVE-2018-19892.yaml index b1a8e1d899..45b58e9e2a 100644 --- a/http/cves/2018/CVE-2018-19892.yaml +++ b/http/cves/2018/CVE-2018-19892.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-19892 cwe-id: CWE-79 epss-score: 0.00101 - epss-percentile: 0.41139 + epss-percentile: 0.40415 cpe: cpe:2.3:a:domainmod:domainmod:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-19914.yaml b/http/cves/2018/CVE-2018-19914.yaml index fd113691a1..c96caf3296 100644 --- a/http/cves/2018/CVE-2018-19914.yaml +++ b/http/cves/2018/CVE-2018-19914.yaml @@ -14,13 +14,15 @@ info: - https://www.exploit-db.com/exploits/46375/ - https://github.com/domainmod/domainmod/issues/87 - https://nvd.nist.gov/vuln/detail/CVE-2018-19914 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N cvss-score: 4.8 cve-id: CVE-2018-19914 cwe-id: CWE-79 epss-score: 0.00153 - epss-percentile: 0.51511 + epss-percentile: 0.50703 cpe: cpe:2.3:a:domainmod:domainmod:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-19915.yaml b/http/cves/2018/CVE-2018-19915.yaml index 4266e2ac48..c59d880faa 100644 --- a/http/cves/2018/CVE-2018-19915.yaml +++ b/http/cves/2018/CVE-2018-19915.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2018-19915 cwe-id: CWE-79 epss-score: 0.00153 - epss-percentile: 0.51608 + epss-percentile: 0.50703 cpe: cpe:2.3:a:domainmod:domainmod:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-20010.yaml b/http/cves/2018/CVE-2018-20010.yaml index 0384d9f691..28c9ee8e2d 100644 --- a/http/cves/2018/CVE-2018-20010.yaml +++ b/http/cves/2018/CVE-2018-20010.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-20010 cwe-id: CWE-79 epss-score: 0.00153 - epss-percentile: 0.51608 + epss-percentile: 0.50703 cpe: cpe:2.3:a:domainmod:domainmod:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-20011.yaml b/http/cves/2018/CVE-2018-20011.yaml index 1eaa48aaf3..c72056c797 100644 --- a/http/cves/2018/CVE-2018-20011.yaml +++ b/http/cves/2018/CVE-2018-20011.yaml @@ -14,13 +14,14 @@ info: - https://www.exploit-db.com/exploits/46374/ - https://github.com/domainmod/domainmod/issues/88 - https://nvd.nist.gov/vuln/detail/CVE-2018-20011 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N cvss-score: 4.8 cve-id: CVE-2018-20011 cwe-id: CWE-79 epss-score: 0.00153 - epss-percentile: 0.51511 + epss-percentile: 0.50703 cpe: cpe:2.3:a:domainmod:domainmod:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-20462.yaml b/http/cves/2018/CVE-2018-20462.yaml index 158b8d5266..b9251f9f59 100644 --- a/http/cves/2018/CVE-2018-20462.yaml +++ b/http/cves/2018/CVE-2018-20462.yaml @@ -14,13 +14,14 @@ info: - https://wpvulndb.com/vulnerabilities/9196 - https://nvd.nist.gov/vuln/detail/CVE-2018-20462 - https://www.cbiu.cc/2018/12/WordPress%E6%8F%92%E4%BB%B6jsmol2wp%E6%BC%8F%E6%B4%9E/#%E5%8F%8D%E5%B0%84%E6%80%A7XSS + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2018-20462 cwe-id: CWE-79 epss-score: 0.00245 - epss-percentile: 0.62459 + epss-percentile: 0.63916 cpe: cpe:2.3:a:jsmol2wp_project:jsmol2wp:1.07:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-20463.yaml b/http/cves/2018/CVE-2018-20463.yaml index a49889b5ff..798ff85b2f 100644 --- a/http/cves/2018/CVE-2018-20463.yaml +++ b/http/cves/2018/CVE-2018-20463.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2018-20463 cwe-id: CWE-22 epss-score: 0.01939 - epss-percentile: 0.88289 + epss-percentile: 0.88381 cpe: cpe:2.3:a:jsmol2wp_project:jsmol2wp:1.07:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-20526.yaml b/http/cves/2018/CVE-2018-20526.yaml index 8d1f7b4f73..f05d05d968 100644 --- a/http/cves/2018/CVE-2018-20526.yaml +++ b/http/cves/2018/CVE-2018-20526.yaml @@ -14,13 +14,15 @@ info: - http://packetstormsecurity.com/files/151033/Roxy-Fileman-1.4.5-File-Upload-Directory-Traversal.html - https://www.exploit-db.com/exploits/46085/ - https://nvd.nist.gov/vuln/detail/CVE-2018-20526 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2018-20526 cwe-id: CWE-434 - epss-score: 0.00803 - epss-percentile: 0.79773 + epss-score: 0.00666 + epss-percentile: 0.79248 cpe: cpe:2.3:a:roxyfileman:roxy_fileman:1.4.5:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-20608.yaml b/http/cves/2018/CVE-2018-20608.yaml index 8d4592b472..1d88147b09 100644 --- a/http/cves/2018/CVE-2018-20608.yaml +++ b/http/cves/2018/CVE-2018-20608.yaml @@ -17,8 +17,8 @@ info: cvss-score: 7.5 cve-id: CVE-2018-20608 cwe-id: CWE-200 - epss-score: 0.03654 - epss-percentile: 0.90821 + epss-score: 0.0111 + epss-percentile: 0.84208 cpe: cpe:2.3:a:txjia:imcat:4.4:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-20985.yaml b/http/cves/2018/CVE-2018-20985.yaml index ce102e38fd..b69795bd95 100644 --- a/http/cves/2018/CVE-2018-20985.yaml +++ b/http/cves/2018/CVE-2018-20985.yaml @@ -13,13 +13,15 @@ info: - https://www.pluginvulnerabilities.com/2018/12/06/our-improved-proactive-monitoring-has-now-caught-a-local-file-inclusion-lfi-vulnerability-as-well/ - https://wordpress.org/plugins/wp-payeezy-pay/#developers - https://nvd.nist.gov/vuln/detail/CVE-2018-20985 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2018-20985 cwe-id: CWE-20 epss-score: 0.0117 - epss-percentile: 0.83424 + epss-percentile: 0.84668 cpe: cpe:2.3:a:payeezy:wp_payeezy_pay:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-2894.yaml b/http/cves/2018/CVE-2018-2894.yaml index 106ace3a25..375873468e 100644 --- a/http/cves/2018/CVE-2018-2894.yaml +++ b/http/cves/2018/CVE-2018-2894.yaml @@ -21,7 +21,7 @@ info: cvss-score: 9.8 cve-id: CVE-2018-2894 epss-score: 0.97327 - epss-percentile: 0.99866 + epss-percentile: 0.99875 cpe: cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2018/CVE-2018-3167.yaml b/http/cves/2018/CVE-2018-3167.yaml index 3f890404dd..e51655b7c0 100644 --- a/http/cves/2018/CVE-2018-3167.yaml +++ b/http/cves/2018/CVE-2018-3167.yaml @@ -19,8 +19,8 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2018-3167 - epss-score: 0.00727 - epss-percentile: 0.78679 + epss-score: 0.00492 + epss-percentile: 0.75672 cpe: cpe:2.3:a:oracle:application_management_pack:12.1.3:*:*:*:*:e-business_suite:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-3238.yaml b/http/cves/2018/CVE-2018-3238.yaml index 839efb3e8d..64b034e68b 100644 --- a/http/cves/2018/CVE-2018-3238.yaml +++ b/http/cves/2018/CVE-2018-3238.yaml @@ -14,12 +14,13 @@ info: - https://www.oracle.com/security-alerts/cpuoct2018.html - https://nvd.nist.gov/vuln/detail/CVE-2018-3238 - http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:N cvss-score: 6.9 cve-id: CVE-2018-3238 epss-score: 0.00471 - epss-percentile: 0.72995 + epss-percentile: 0.75103 cpe: cpe:2.3:a:oracle:webcenter_sites:11.1.1.8.0:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2018/CVE-2018-3810.yaml b/http/cves/2018/CVE-2018-3810.yaml index edb1f65b30..f76dbc0074 100644 --- a/http/cves/2018/CVE-2018-3810.yaml +++ b/http/cves/2018/CVE-2018-3810.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-3810 cwe-id: CWE-287 epss-score: 0.792 - epss-percentile: 0.97997 + epss-percentile: 0.98197 cpe: cpe:2.3:a:oturia:smart_google_code_inserter:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2018/CVE-2018-5233.yaml b/http/cves/2018/CVE-2018-5233.yaml index 1031c4ea36..f1ab1c29cd 100644 --- a/http/cves/2018/CVE-2018-5233.yaml +++ b/http/cves/2018/CVE-2018-5233.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2018-5233 cwe-id: CWE-79 epss-score: 0.00294 - epss-percentile: 0.66042 + epss-percentile: 0.6862 cpe: cpe:2.3:a:getgrav:grav_cms:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-5715.yaml b/http/cves/2018/CVE-2018-5715.yaml index 39cd27397b..476e38aa68 100644 --- a/http/cves/2018/CVE-2018-5715.yaml +++ b/http/cves/2018/CVE-2018-5715.yaml @@ -14,13 +14,14 @@ info: - https://m4k4br0.github.io/sugarcrm-xss/ - https://www.exploit-db.com/exploits/43683/ - https://nvd.nist.gov/vuln/detail/CVE-2018-5715 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2018-5715 cwe-id: CWE-79 epss-score: 0.00129 - epss-percentile: 0.47426 + epss-percentile: 0.46737 cpe: cpe:2.3:a:sugarcrm:sugarcrm:3.5.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-6184.yaml b/http/cves/2018/CVE-2018-6184.yaml index 4d4da40461..2b420da44d 100644 --- a/http/cves/2018/CVE-2018-6184.yaml +++ b/http/cves/2018/CVE-2018-6184.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2018-6184 cwe-id: CWE-22 epss-score: 0.00396 - epss-percentile: 0.70806 + epss-percentile: 0.72998 cpe: cpe:2.3:a:zeit:next.js:4.0.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-6200.yaml b/http/cves/2018/CVE-2018-6200.yaml index 98aead2dd8..a5068b76c1 100644 --- a/http/cves/2018/CVE-2018-6200.yaml +++ b/http/cves/2018/CVE-2018-6200.yaml @@ -13,13 +13,14 @@ info: reference: - https://cxsecurity.com/issue/WLB-2018010251 - https://nvd.nist.gov/vuln/detail/CVE-2018-6200 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2018-6200 cwe-id: CWE-601 - epss-score: 0.00121 - epss-percentile: 0.46136 + epss-score: 0.00141 + epss-percentile: 0.48943 cpe: cpe:2.3:a:vbulletin:vbulletin:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2018/CVE-2018-6530.yaml b/http/cves/2018/CVE-2018-6530.yaml index 1f916fca87..20c7417390 100644 --- a/http/cves/2018/CVE-2018-6530.yaml +++ b/http/cves/2018/CVE-2018-6530.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2018-6530 cwe-id: CWE-78 epss-score: 0.93644 - epss-percentile: 0.98928 + epss-percentile: 0.99057 cpe: cpe:2.3:o:dlink:dir-860l_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-6910.yaml b/http/cves/2018/CVE-2018-6910.yaml index 68ffce8b0b..917850c4f9 100644 --- a/http/cves/2018/CVE-2018-6910.yaml +++ b/http/cves/2018/CVE-2018-6910.yaml @@ -13,13 +13,15 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2018-6910 - https://github.com/kongxin520/DedeCMS/blob/master/DedeCMS_5.7_Bug.md - https://kongxin.gitbook.io/dedecms-5-7-bug/ + - https://github.com/zhibx/fscan-Intranet + - https://github.com/0ps/pocassistdb classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2018-6910 cwe-id: CWE-668 - epss-score: 0.03394 - epss-percentile: 0.9047 + epss-score: 0.02422 + epss-percentile: 0.89709 cpe: cpe:2.3:a:dedecms:dedecms:5.7:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-7251.yaml b/http/cves/2018/CVE-2018-7251.yaml index 9b93947e02..8cfbac11f8 100644 --- a/http/cves/2018/CVE-2018-7251.yaml +++ b/http/cves/2018/CVE-2018-7251.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2018-7251 cwe-id: CWE-200 epss-score: 0.06473 - epss-percentile: 0.93046 + epss-percentile: 0.93558 cpe: cpe:2.3:a:anchorcms:anchor:0.12.3:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-7422.yaml b/http/cves/2018/CVE-2018-7422.yaml index 5fa4f7c708..1a534664c4 100644 --- a/http/cves/2018/CVE-2018-7422.yaml +++ b/http/cves/2018/CVE-2018-7422.yaml @@ -15,13 +15,14 @@ info: - http://seclists.org/fulldisclosure/2018/Mar/40 - https://wpvulndb.com/vulnerabilities/9044 - https://nvd.nist.gov/vuln/detail/CVE-2018-7422 + - https://github.com/El-Palomo/SYMFONOS classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2018-7422 cwe-id: CWE-22 epss-score: 0.94711 - epss-percentile: 0.99086 + epss-percentile: 0.99202 cpe: cpe:2.3:a:siteeditor:site_editor:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2018/CVE-2018-7490.yaml b/http/cves/2018/CVE-2018-7490.yaml index 972d3c0a4a..3dbd594800 100644 --- a/http/cves/2018/CVE-2018-7490.yaml +++ b/http/cves/2018/CVE-2018-7490.yaml @@ -14,13 +14,14 @@ info: - https://www.exploit-db.com/exploits/44223/ - https://www.debian.org/security/2018/dsa-4142 - https://nvd.nist.gov/vuln/detail/CVE-2018-7490 + - https://github.com/jweny/pocassistdb classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2018-7490 cwe-id: CWE-22 epss-score: 0.9541 - epss-percentile: 0.99218 + epss-percentile: 0.99316 cpe: cpe:2.3:a:unbit:uwsgi:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-7600.yaml b/http/cves/2018/CVE-2018-7600.yaml index 101599f2ed..6c08d56e43 100644 --- a/http/cves/2018/CVE-2018-7600.yaml +++ b/http/cves/2018/CVE-2018-7600.yaml @@ -20,7 +20,7 @@ info: cvss-score: 9.8 cve-id: CVE-2018-7600 cwe-id: CWE-20 - epss-score: 0.97571 + epss-score: 0.97568 epss-percentile: 1 cpe: cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* metadata: diff --git a/http/cves/2018/CVE-2018-7653.yaml b/http/cves/2018/CVE-2018-7653.yaml index edcb24deef..3a5f1230af 100644 --- a/http/cves/2018/CVE-2018-7653.yaml +++ b/http/cves/2018/CVE-2018-7653.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2018-7653 cwe-id: CWE-79 epss-score: 0.00797 - epss-percentile: 0.79754 + epss-percentile: 0.81235 cpe: cpe:2.3:a:yzmcms:yzmcms:3.6:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-8006.yaml b/http/cves/2018/CVE-2018-8006.yaml index 0af91ff1f7..6294d5a1bd 100644 --- a/http/cves/2018/CVE-2018-8006.yaml +++ b/http/cves/2018/CVE-2018-8006.yaml @@ -26,7 +26,7 @@ info: cve-id: CVE-2018-8006 cwe-id: CWE-79 epss-score: 0.34776 - epss-percentile: 0.96721 + epss-percentile: 0.97001 cpe: cpe:2.3:a:apache:activemq:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-8033.yaml b/http/cves/2018/CVE-2018-8033.yaml index 585e1a289a..91a0451773 100644 --- a/http/cves/2018/CVE-2018-8033.yaml +++ b/http/cves/2018/CVE-2018-8033.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2018-8033 cwe-id: CWE-200 - epss-score: 0.00813 - epss-percentile: 0.79933 + epss-score: 0.04526 + epss-percentile: 0.92289 cpe: cpe:2.3:a:apache:ofbiz:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-8715.yaml b/http/cves/2018/CVE-2018-8715.yaml index 4baaf1feed..eef7d6a376 100644 --- a/http/cves/2018/CVE-2018-8715.yaml +++ b/http/cves/2018/CVE-2018-8715.yaml @@ -14,13 +14,14 @@ info: - https://blogs.securiteam.com/index.php/archives/3676 - https://security.paloaltonetworks.com/CVE-2018-8715 - https://nvd.nist.gov/vuln/detail/CVE-2018-8715 + - https://github.com/cyberharsh/appweb classification: cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.1 cve-id: CVE-2018-8715 cwe-id: CWE-287 epss-score: 0.00927 - epss-percentile: 0.81212 + epss-percentile: 0.8261 cpe: cpe:2.3:a:embedthis:appweb:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-8823.yaml b/http/cves/2018/CVE-2018-8823.yaml index eeca8763a8..c83766eff1 100644 --- a/http/cves/2018/CVE-2018-8823.yaml +++ b/http/cves/2018/CVE-2018-8823.yaml @@ -11,13 +11,14 @@ info: - https://www.openservis.cz/prestashop-blog/nejcastejsi-utoky-v-roce-2023-seznam-deravych-modulu-nemate-nejaky-z-nich-na-e-shopu-i-vy/ - https://github.com/advisories/GHSA-q937-6mg8-6rgc - https://nvd.nist.gov/vuln/detail/CVE-2018-8823 + - https://github.com/zapalm/prestashop-security-vulnerability-checker classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2018-8823 cwe-id: CWE-94 epss-score: 0.24062 - epss-percentile: 0.96167 + epss-percentile: 0.96494 cpe: cpe:2.3:a:responsive_mega_menu_pro_project:responsive_mega_menu_pro:1.0.32:*:*:*:*:prestashop:*:* metadata: verified: true @@ -27,7 +28,6 @@ info: framework: prestashop shodan-query: http.component:"prestashop" tags: cve,cve2018,prestashop,rce,sqli - variables: num: "999999999" diff --git a/http/cves/2018/CVE-2018-9118.yaml b/http/cves/2018/CVE-2018-9118.yaml index f6888857fc..c843bce2c2 100644 --- a/http/cves/2018/CVE-2018-9118.yaml +++ b/http/cves/2018/CVE-2018-9118.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2018-9118 cwe-id: CWE-22 epss-score: 0.07018 - epss-percentile: 0.9332 + epss-percentile: 0.93812 cpe: cpe:2.3:a:99robots:wp_background_takeover_advertisements:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-9161.yaml b/http/cves/2018/CVE-2018-9161.yaml index 5d77d640b7..d88a7d00ff 100644 --- a/http/cves/2018/CVE-2018-9161.yaml +++ b/http/cves/2018/CVE-2018-9161.yaml @@ -13,13 +13,14 @@ info: - https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5453.php - https://nvd.nist.gov/vuln/detail/CVE-2018-9161 - https://www.exploit-db.com/exploits/44276/ + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2018-9161 cwe-id: CWE-798 - epss-score: 0.26342 - epss-percentile: 0.96302 + epss-score: 0.12574 + epss-percentile: 0.95318 cpe: cpe:2.3:a:prismaindustriale:checkweigher_prismaweb:1.21:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2018/CVE-2018-9205.yaml b/http/cves/2018/CVE-2018-9205.yaml index c208ab8a30..ed28835572 100644 --- a/http/cves/2018/CVE-2018-9205.yaml +++ b/http/cves/2018/CVE-2018-9205.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2018-9205 cwe-id: CWE-22 epss-score: 0.02175 - epss-percentile: 0.88246 + epss-percentile: 0.89127 cpe: cpe:2.3:a:drupal:avatar_uploader:7.x-1.0:beta8:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-0193.yaml b/http/cves/2019/CVE-2019-0193.yaml index 821b7203b4..d626077c3f 100644 --- a/http/cves/2019/CVE-2019-0193.yaml +++ b/http/cves/2019/CVE-2019-0193.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.2 cve-id: CVE-2019-0193 cwe-id: CWE-94 - epss-score: 0.94797 - epss-percentile: 0.99109 + epss-score: 0.9605 + epss-percentile: 0.99452 cpe: cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-0221.yaml b/http/cves/2019/CVE-2019-0221.yaml index 3095f78279..9faf8fb7db 100644 --- a/http/cves/2019/CVE-2019-0221.yaml +++ b/http/cves/2019/CVE-2019-0221.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2019-0221 cwe-id: CWE-79 epss-score: 0.00915 - epss-percentile: 0.81078 + epss-percentile: 0.82479 cpe: cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-10068.yaml b/http/cves/2019/CVE-2019-10068.yaml index deb232e2f8..9c022c554a 100644 --- a/http/cves/2019/CVE-2019-10068.yaml +++ b/http/cves/2019/CVE-2019-10068.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2019-10068 cwe-id: CWE-502 - epss-score: 0.97356 - epss-percentile: 0.99885 + epss-score: 0.97344 + epss-percentile: 0.99887 cpe: cpe:2.3:a:kentico:kentico:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-1010287.yaml b/http/cves/2019/CVE-2019-1010287.yaml index 52fd96dd46..77b55133fd 100644 --- a/http/cves/2019/CVE-2019-1010287.yaml +++ b/http/cves/2019/CVE-2019-1010287.yaml @@ -14,13 +14,14 @@ info: - https://sourceforge.net/p/tsheetx/discussion/779083/thread/7fcb52f696/ - https://sourceforge.net/p/tsheetx/code/497/tree/branches/legacy/login.php#l40 - https://nvd.nist.gov/vuln/detail/CVE-2019-1010287 + - https://github.com/merlinepedra25/nuclei-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2019-1010287 cwe-id: CWE-79 epss-score: 0.00129 - epss-percentile: 0.47461 + epss-percentile: 0.46774 cpe: cpe:2.3:a:timesheet_next_gen_project:timesheet_next_gen:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-1010290.yaml b/http/cves/2019/CVE-2019-1010290.yaml index 88bf0fea5f..315c6b3a60 100644 --- a/http/cves/2019/CVE-2019-1010290.yaml +++ b/http/cves/2019/CVE-2019-1010290.yaml @@ -13,13 +13,14 @@ info: - https://untrustednetwork.net/en/2019/02/20/open-redirection-vulnerability-in-babel/ - http://dev.cmsmadesimple.org/project/files/729 - https://nvd.nist.gov/vuln/detail/CVE-2019-1010290 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2019-1010290 cwe-id: CWE-601 epss-score: 0.00215 - epss-percentile: 0.59513 + epss-percentile: 0.58908 cpe: cpe:2.3:a:cmsmadesimple:bable\:multilingual_site:*:*:*:*:*:cms_made_simple:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-10232.yaml b/http/cves/2019/CVE-2019-10232.yaml index 72c6377261..d61aa173f1 100644 --- a/http/cves/2019/CVE-2019-10232.yaml +++ b/http/cves/2019/CVE-2019-10232.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2019-10232 cwe-id: CWE-89 - epss-score: 0.14229 - epss-percentile: 0.95224 + epss-score: 0.12149 + epss-percentile: 0.95246 cpe: cpe:2.3:a:teclib-edition:gestionnaire_libre_de_parc_informatique:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-10405.yaml b/http/cves/2019/CVE-2019-10405.yaml index 352549dac7..77ba55740e 100644 --- a/http/cves/2019/CVE-2019-10405.yaml +++ b/http/cves/2019/CVE-2019-10405.yaml @@ -13,13 +13,14 @@ info: - https://jenkins.io/security/advisory/2019-09-25/#SECURITY-1505 - http://www.openwall.com/lists/oss-security/2019/09/25/3 - https://nvd.nist.gov/vuln/detail/CVE-2019-10405 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N cvss-score: 5.4 cve-id: CVE-2019-10405 cwe-id: CWE-79 epss-score: 0.00572 - epss-percentile: 0.75485 + epss-percentile: 0.77427 cpe: cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-10475.yaml b/http/cves/2019/CVE-2019-10475.yaml index 1a9367aad2..ff0992cd33 100644 --- a/http/cves/2019/CVE-2019-10475.yaml +++ b/http/cves/2019/CVE-2019-10475.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2019-10475 cwe-id: CWE-79 epss-score: 0.97301 - epss-percentile: 0.99852 + epss-percentile: 0.99859 cpe: cpe:2.3:a:jenkins:build-metrics:*:*:*:*:*:jenkins:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-11013.yaml b/http/cves/2019/CVE-2019-11013.yaml index 99c724857b..f6a29cca41 100644 --- a/http/cves/2019/CVE-2019-11013.yaml +++ b/http/cves/2019/CVE-2019-11013.yaml @@ -14,13 +14,14 @@ info: - https://mayaseven.com/nimble-directory-traversal-in-nimble-streamer-version-3-0-2-2-to-3-5-4-9/ - http://packetstormsecurity.com/files/154196/Nimble-Streamer-3.x-Directory-Traversal.html - https://nvd.nist.gov/vuln/detail/CVE-2019-11013 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N cvss-score: 6.5 cve-id: CVE-2019-11013 cwe-id: CWE-22 epss-score: 0.01775 - epss-percentile: 0.86672 + epss-percentile: 0.87745 cpe: cpe:2.3:a:softvelum:nimble_streamer:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-11370.yaml b/http/cves/2019/CVE-2019-11370.yaml index fc504df739..c30a1d6a69 100644 --- a/http/cves/2019/CVE-2019-11370.yaml +++ b/http/cves/2019/CVE-2019-11370.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2019-11370 cwe-id: CWE-79 epss-score: 0.1896 - epss-percentile: 0.95814 + epss-percentile: 0.96129 cpe: cpe:2.3:o:carel:pcoweb_card_firmware:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-11580.yaml b/http/cves/2019/CVE-2019-11580.yaml index e7e9b4e4c4..c1a077f2a7 100644 --- a/http/cves/2019/CVE-2019-11580.yaml +++ b/http/cves/2019/CVE-2019-11580.yaml @@ -14,12 +14,13 @@ info: - https://jira.atlassian.com/browse/CWD-5388 - https://nvd.nist.gov/vuln/detail/CVE-2019-11580 - http://packetstormsecurity.com/files/163810/Atlassian-Crowd-pdkinstall-Remote-Code-Execution.html + - https://github.com/Elsfa7-110/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2019-11580 - epss-score: 0.97457 - epss-percentile: 0.99952 + epss-score: 0.97441 + epss-percentile: 0.99943 cpe: cpe:2.3:a:atlassian:crowd:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-12276.yaml b/http/cves/2019/CVE-2019-12276.yaml index 8621c2e6dd..040a529b5d 100644 --- a/http/cves/2019/CVE-2019-12276.yaml +++ b/http/cves/2019/CVE-2019-12276.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2019-12276 cwe-id: CWE-22 - epss-score: 0.96216 - epss-percentile: 0.99405 + epss-score: 0.96035 + epss-percentile: 0.99446 cpe: cpe:2.3:a:grandnode:grandnode:4.40:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-12461.yaml b/http/cves/2019/CVE-2019-12461.yaml index 4005afa892..a7f988e9b0 100644 --- a/http/cves/2019/CVE-2019-12461.yaml +++ b/http/cves/2019/CVE-2019-12461.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2019-12461 cwe-id: CWE-79 epss-score: 0.00269 - epss-percentile: 0.6435 + epss-percentile: 0.6713 cpe: cpe:2.3:a:webport:web_port:1.19.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-12583.yaml b/http/cves/2019/CVE-2019-12583.yaml index d1e5d8ed04..5a10c9e54e 100644 --- a/http/cves/2019/CVE-2019-12583.yaml +++ b/http/cves/2019/CVE-2019-12583.yaml @@ -13,13 +13,15 @@ info: - https://www.zyxel.com/support/vulnerabilities-related-to-the-Free-Time-feature.shtml - https://n-thumann.de/blog/zyxel-gateways-missing-access-control-in-account-generator-xss/ - https://nvd.nist.gov/vuln/detail/CVE-2019-12583 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/StarCrossPortal/scalpel classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H cvss-score: 9.1 cve-id: CVE-2019-12583 cwe-id: CWE-425 epss-score: 0.00481 - epss-percentile: 0.73297 + epss-percentile: 0.75389 cpe: cpe:2.3:o:zyxel:uag2100_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-12593.yaml b/http/cves/2019/CVE-2019-12593.yaml index 7d2fd12b22..1e1fc390cf 100644 --- a/http/cves/2019/CVE-2019-12593.yaml +++ b/http/cves/2019/CVE-2019-12593.yaml @@ -15,13 +15,14 @@ info: - http://www.icewarp.com - https://nvd.nist.gov/vuln/detail/CVE-2019-12593 - http://packetstormsecurity.com/files/153161/IceWarp-10.4.4-Local-File-Inclusion.html + - https://github.com/sobinge/nuclei-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2019-12593 cwe-id: CWE-22 - epss-score: 0.1185 - epss-percentile: 0.94799 + epss-score: 0.11506 + epss-percentile: 0.95118 cpe: cpe:2.3:a:icewarp:mail_server:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-12616.yaml b/http/cves/2019/CVE-2019-12616.yaml index 5aae97bb9f..4e260cd6eb 100644 --- a/http/cves/2019/CVE-2019-12616.yaml +++ b/http/cves/2019/CVE-2019-12616.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.5 cve-id: CVE-2019-12616 cwe-id: CWE-352 - epss-score: 0.01434 - epss-percentile: 0.85227 + epss-score: 0.01696 + epss-percentile: 0.87461 cpe: cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-12725.yaml b/http/cves/2019/CVE-2019-12725.yaml index 18680207c1..4b312fdf7c 100644 --- a/http/cves/2019/CVE-2019-12725.yaml +++ b/http/cves/2019/CVE-2019-12725.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2019-12725 cwe-id: CWE-78 - epss-score: 0.9634 - epss-percentile: 0.99443 + epss-score: 0.96341 + epss-percentile: 0.99518 cpe: cpe:2.3:o:zeroshell:zeroshell:3.9.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-12962.yaml b/http/cves/2019/CVE-2019-12962.yaml index 77faff9f17..ec5b910ef2 100644 --- a/http/cves/2019/CVE-2019-12962.yaml +++ b/http/cves/2019/CVE-2019-12962.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2019-12962 cwe-id: CWE-79 - epss-score: 0.20689 - epss-percentile: 0.95962 + epss-score: 0.17333 + epss-percentile: 0.95984 cpe: cpe:2.3:a:livezilla:livezilla:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-12985.yaml b/http/cves/2019/CVE-2019-12985.yaml index b412b36fe1..090b49797a 100644 --- a/http/cves/2019/CVE-2019-12985.yaml +++ b/http/cves/2019/CVE-2019-12985.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2019-12985 cwe-id: CWE-78 - epss-score: 0.97297 - epss-percentile: 0.99851 + epss-score: 0.97276 + epss-percentile: 0.99843 cpe: cpe:2.3:a:citrix:netscaler_sd-wan:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-12988.yaml b/http/cves/2019/CVE-2019-12988.yaml index 4951d570d0..0a5734dc78 100644 --- a/http/cves/2019/CVE-2019-12988.yaml +++ b/http/cves/2019/CVE-2019-12988.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2019-12988 cwe-id: CWE-78 - epss-score: 0.97297 - epss-percentile: 0.9985 + epss-score: 0.97276 + epss-percentile: 0.99843 cpe: cpe:2.3:a:citrix:netscaler_sd-wan:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-13101.yaml b/http/cves/2019/CVE-2019-13101.yaml index e16c44a3e2..caa16db77b 100644 --- a/http/cves/2019/CVE-2019-13101.yaml +++ b/http/cves/2019/CVE-2019-13101.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2019-13101 cwe-id: CWE-306 epss-score: 0.0359 - epss-percentile: 0.90708 + epss-percentile: 0.9142 cpe: cpe:2.3:o:dlink:dir-600m_firmware:3.02:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-13396.yaml b/http/cves/2019/CVE-2019-13396.yaml index f130dd10a9..c5c624e5eb 100644 --- a/http/cves/2019/CVE-2019-13396.yaml +++ b/http/cves/2019/CVE-2019-13396.yaml @@ -13,13 +13,15 @@ info: - https://www.exploit-db.com/exploits/47121 - http://getflightpath.com/node/2650 - https://nvd.nist.gov/vuln/detail/CVE-2019-13396 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/d4n-sec/d4n-sec.github.io classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2019-13396 cwe-id: CWE-22 - epss-score: 0.02107 - epss-percentile: 0.87968 + epss-score: 0.02602 + epss-percentile: 0.90051 cpe: cpe:2.3:a:getflightpath:flightpath:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-14205.yaml b/http/cves/2019/CVE-2019-14205.yaml index e8fe443544..c9d4c93f71 100644 --- a/http/cves/2019/CVE-2019-14205.yaml +++ b/http/cves/2019/CVE-2019-14205.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2019-14205 cwe-id: CWE-22 - epss-score: 0.05117 - epss-percentile: 0.92168 + epss-score: 0.06233 + epss-percentile: 0.93435 cpe: cpe:2.3:a:nevma:adaptive_images:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-14251.yaml b/http/cves/2019/CVE-2019-14251.yaml index 80db166a7d..c87f2a5801 100644 --- a/http/cves/2019/CVE-2019-14251.yaml +++ b/http/cves/2019/CVE-2019-14251.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.5 cve-id: CVE-2019-14251 cwe-id: CWE-22 - epss-score: 0.01412 - epss-percentile: 0.851 + epss-score: 0.01653 + epss-percentile: 0.87315 cpe: cpe:2.3:a:temenos:t24:r15.01:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-14312.yaml b/http/cves/2019/CVE-2019-14312.yaml index c4eea85ccc..1f2ae544a1 100644 --- a/http/cves/2019/CVE-2019-14312.yaml +++ b/http/cves/2019/CVE-2019-14312.yaml @@ -14,13 +14,14 @@ info: - http://packetstormsecurity.com/files/153985/Aptana-Jaxer-1.0.3.4547-Local-File-Inclusion.html - https://github.com/aptana/Jaxer/commits/master - https://nvd.nist.gov/vuln/detail/CVE-2019-14312 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N cvss-score: 6.5 cve-id: CVE-2019-14312 cwe-id: CWE-22 - epss-score: 0.01777 - epss-percentile: 0.8668 + epss-score: 0.02354 + epss-percentile: 0.89553 cpe: cpe:2.3:a:aptana:jaxer:1.0.3.4547:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-14322.yaml b/http/cves/2019/CVE-2019-14322.yaml index a04082f11c..2e083e386d 100644 --- a/http/cves/2019/CVE-2019-14322.yaml +++ b/http/cves/2019/CVE-2019-14322.yaml @@ -14,13 +14,15 @@ info: - https://palletsprojects.com/blog/werkzeug-0-15-5-released/ - http://packetstormsecurity.com/files/163398/Pallets-Werkzeug-0.15.4-Path-Traversal.html - https://nvd.nist.gov/vuln/detail/CVE-2019-14322 + - https://github.com/faisalfs10x/CVE-2019-14322-scanner + - https://github.com/sobinge/nuclei-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2019-14322 cwe-id: CWE-22 - epss-score: 0.58463 - epss-percentile: 0.97438 + epss-score: 0.65161 + epss-percentile: 0.97821 cpe: cpe:2.3:a:palletsprojects:werkzeug:*:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2019/CVE-2019-14470.yaml b/http/cves/2019/CVE-2019-14470.yaml index cc610f2c4c..09eae3c7a5 100644 --- a/http/cves/2019/CVE-2019-14470.yaml +++ b/http/cves/2019/CVE-2019-14470.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2019-14470 cwe-id: CWE-79 - epss-score: 0.80196 - epss-percentile: 0.98028 + epss-score: 0.79707 + epss-percentile: 0.98209 cpe: cpe:2.3:a:instagram-php-api_project:instagram-php-api:-:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-14530.yaml b/http/cves/2019/CVE-2019-14530.yaml index a59f10d2e2..b2173ae1a4 100644 --- a/http/cves/2019/CVE-2019-14530.yaml +++ b/http/cves/2019/CVE-2019-14530.yaml @@ -15,13 +15,14 @@ info: - https://github.com/openemr/openemr/archive/refs/tags/v5_0_1_7.zip - https://github.com/openemr/openemr/pull/2592 - https://nvd.nist.gov/vuln/detail/CVE-2019-14530 + - https://github.com/sec-it/exploit-CVE-2019-14530 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.8 cve-id: CVE-2019-14530 cwe-id: CWE-22 epss-score: 0.81752 - epss-percentile: 0.98091 + epss-percentile: 0.98283 cpe: cpe:2.3:a:open-emr:openemr:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-14696.yaml b/http/cves/2019/CVE-2019-14696.yaml index b818f004eb..d60d889078 100644 --- a/http/cves/2019/CVE-2019-14696.yaml +++ b/http/cves/2019/CVE-2019-14696.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2019-14696 cwe-id: CWE-79 - epss-score: 0.00776 - epss-percentile: 0.7943 + epss-score: 0.00618 + epss-percentile: 0.78345 cpe: cpe:2.3:a:open-school:open-school:2.3:*:*:*:community:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-14789.yaml b/http/cves/2019/CVE-2019-14789.yaml index 72e80b0f7c..d07e26c7a0 100644 --- a/http/cves/2019/CVE-2019-14789.yaml +++ b/http/cves/2019/CVE-2019-14789.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2019-14789 cwe-id: CWE-79 epss-score: 0.00125 - epss-percentile: 0.46761 + epss-percentile: 0.46015 cpe: cpe:2.3:a:kunalnagar:custom_404_pro:3.2.8:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-15501.yaml b/http/cves/2019/CVE-2019-15501.yaml index 4751b9a280..a6631a8b34 100644 --- a/http/cves/2019/CVE-2019-15501.yaml +++ b/http/cves/2019/CVE-2019-15501.yaml @@ -14,13 +14,14 @@ info: - https://www.exploit-db.com/exploits/47302 - http://www.lsoft.com/manuals/16.5/LISTSERV16.5-2018a_WhatsNew.pdf - https://nvd.nist.gov/vuln/detail/CVE-2019-15501 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2019-15501 cwe-id: CWE-79 epss-score: 0.00303 - epss-percentile: 0.6646 + epss-percentile: 0.69072 cpe: cpe:2.3:a:lsoft:listserv:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-15811.yaml b/http/cves/2019/CVE-2019-15811.yaml index 4f0f1162b6..34654f0f3a 100644 --- a/http/cves/2019/CVE-2019-15811.yaml +++ b/http/cves/2019/CVE-2019-15811.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.1 cve-id: CVE-2019-15811 cwe-id: CWE-79 - epss-score: 0.00376 - epss-percentile: 0.69988 + epss-score: 0.00269 + epss-percentile: 0.6713 cpe: cpe:2.3:a:domainmod:domainmod:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-15858.yaml b/http/cves/2019/CVE-2019-15858.yaml index ca6519a257..934f1f253c 100644 --- a/http/cves/2019/CVE-2019-15858.yaml +++ b/http/cves/2019/CVE-2019-15858.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2019-15858 cwe-id: CWE-306 epss-score: 0.036 - epss-percentile: 0.90758 + epss-percentile: 0.91432 cpe: cpe:2.3:a:webcraftic:woody_ad_snippets:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-16057.yaml b/http/cves/2019/CVE-2019-16057.yaml index ecc86ec5eb..f7c0b20ee6 100644 --- a/http/cves/2019/CVE-2019-16057.yaml +++ b/http/cves/2019/CVE-2019-16057.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2019-16057 cwe-id: CWE-78 epss-score: 0.9754 - epss-percentile: 0.99995 + epss-percentile: 0.99994 cpe: cpe:2.3:o:dlink:dns-320_firmware:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-16097.yaml b/http/cves/2019/CVE-2019-16097.yaml index 0cd80697c8..f38b2360a2 100644 --- a/http/cves/2019/CVE-2019-16097.yaml +++ b/http/cves/2019/CVE-2019-16097.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.5 cve-id: CVE-2019-16097 cwe-id: CWE-862 - epss-score: 0.96903 - epss-percentile: 0.99656 + epss-score: 0.96492 + epss-percentile: 0.99563 cpe: cpe:2.3:a:linuxfoundation:harbor:1.7.0:-:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-16123.yaml b/http/cves/2019/CVE-2019-16123.yaml index 3a75ad1dc8..bb525eb40c 100644 --- a/http/cves/2019/CVE-2019-16123.yaml +++ b/http/cves/2019/CVE-2019-16123.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2019-16123 cwe-id: CWE-22 - epss-score: 0.72953 - epss-percentile: 0.97827 + epss-score: 0.67812 + epss-percentile: 0.97877 cpe: cpe:2.3:a:kartatopia:piluscart:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-16313.yaml b/http/cves/2019/CVE-2019-16313.yaml index 833ac19f81..bd4df5d259 100644 --- a/http/cves/2019/CVE-2019-16313.yaml +++ b/http/cves/2019/CVE-2019-16313.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2019-16313 cwe-id: CWE-798 - epss-score: 0.03744 - epss-percentile: 0.90933 + epss-score: 0.04059 + epss-percentile: 0.91911 cpe: cpe:2.3:o:ifw8:fr6_firmware:4.31:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-16332.yaml b/http/cves/2019/CVE-2019-16332.yaml index 0527134d42..f291a1d94e 100644 --- a/http/cves/2019/CVE-2019-16332.yaml +++ b/http/cves/2019/CVE-2019-16332.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2019-16332 cwe-id: CWE-79 epss-score: 0.00303 - epss-percentile: 0.66434 + epss-percentile: 0.69049 cpe: cpe:2.3:a:api_bearer_auth_project:api_bearer_auth:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-16469.yaml b/http/cves/2019/CVE-2019-16469.yaml index 471f5e46bd..752f76f8b3 100644 --- a/http/cves/2019/CVE-2019-16469.yaml +++ b/http/cves/2019/CVE-2019-16469.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.5 cve-id: CVE-2019-16469 cwe-id: CWE-917 - epss-score: 0.00373 - epss-percentile: 0.69903 + epss-score: 0.17165 + epss-percentile: 0.95967 cpe: cpe:2.3:a:adobe:experience_manager:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-1653.yaml b/http/cves/2019/CVE-2019-1653.yaml index 83a82dff32..e0bc4d908e 100644 --- a/http/cves/2019/CVE-2019-1653.yaml +++ b/http/cves/2019/CVE-2019-1653.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2019-1653 cwe-id: CWE-200,CWE-284 - epss-score: 0.97555 - epss-percentile: 0.99998 + epss-score: 0.97565 + epss-percentile: 0.99999 cpe: cpe:2.3:o:cisco:rv320_firmware:1.4.2.15:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-16920.yaml b/http/cves/2019/CVE-2019-16920.yaml index 6db9b58f81..d8dfc26bb6 100644 --- a/http/cves/2019/CVE-2019-16920.yaml +++ b/http/cves/2019/CVE-2019-16920.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2019-16920 cwe-id: CWE-78 epss-score: 0.96307 - epss-percentile: 0.99432 + epss-percentile: 0.99507 cpe: cpe:2.3:o:dlink:dir-655_firmware:*:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2019/CVE-2019-16931.yaml b/http/cves/2019/CVE-2019-16931.yaml index f895fa08f0..11240b1ec4 100644 --- a/http/cves/2019/CVE-2019-16931.yaml +++ b/http/cves/2019/CVE-2019-16931.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2019-16931 cwe-id: CWE-79 epss-score: 0.00244 - epss-percentile: 0.62382 + epss-percentile: 0.63842 cpe: cpe:2.3:a:themeisle:visualizer:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-16996.yaml b/http/cves/2019/CVE-2019-16996.yaml index de950520cb..9772dc08f8 100644 --- a/http/cves/2019/CVE-2019-16996.yaml +++ b/http/cves/2019/CVE-2019-16996.yaml @@ -12,13 +12,16 @@ info: reference: - https://github.com/XiaOkuoAi/XiaOkuoAi.github.io/issues/1 - https://nvd.nist.gov/vuln/detail/CVE-2019-16996 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/StarCrossPortal/scalpel classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H cvss-score: 7.2 cve-id: CVE-2019-16996 cwe-id: CWE-89 - epss-score: 0.25861 - epss-percentile: 0.96276 + epss-score: 0.33595 + epss-percentile: 0.96956 cpe: cpe:2.3:a:metinfo:metinfo:7.0.0:beta:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-17270.yaml b/http/cves/2019/CVE-2019-17270.yaml index 86ed452aac..110dc4813e 100644 --- a/http/cves/2019/CVE-2019-17270.yaml +++ b/http/cves/2019/CVE-2019-17270.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2019-17270 cwe-id: CWE-78 - epss-score: 0.94652 - epss-percentile: 0.99087 + epss-score: 0.93892 + epss-percentile: 0.99085 cpe: cpe:2.3:a:yachtcontrol:yachtcontrol:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-17418.yaml b/http/cves/2019/CVE-2019-17418.yaml index 60cfc7fca2..27b95edcb3 100644 --- a/http/cves/2019/CVE-2019-17418.yaml +++ b/http/cves/2019/CVE-2019-17418.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.2 cve-id: CVE-2019-17418 cwe-id: CWE-89 - epss-score: 0.46136 - epss-percentile: 0.97112 + epss-score: 0.54908 + epss-percentile: 0.97587 cpe: cpe:2.3:a:metinfo:metinfo:7.0.0:beta:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-17444.yaml b/http/cves/2019/CVE-2019-17444.yaml index 8c47543f90..0da9aa89d5 100644 --- a/http/cves/2019/CVE-2019-17444.yaml +++ b/http/cves/2019/CVE-2019-17444.yaml @@ -14,13 +14,14 @@ info: - https://www.jfrog.com/confluence/display/JFROG/Artifactory+Release+Notes - https://www.jfrog.com/confluence/display/JFROG/JFrog+Artifactory - https://nvd.nist.gov/vuln/detail/CVE-2019-17444 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2019-17444 cwe-id: CWE-521 - epss-score: 0.06182 - epss-percentile: 0.92849 + epss-score: 0.05344 + epss-percentile: 0.92917 cpe: cpe:2.3:a:jfrog:artifactory:*:*:*:*:*:-:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-17662.yaml b/http/cves/2019/CVE-2019-17662.yaml index f71205eccc..c462543dea 100644 --- a/http/cves/2019/CVE-2019-17662.yaml +++ b/http/cves/2019/CVE-2019-17662.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2019-17662 cwe-id: CWE-22 - epss-score: 0.68973 - epss-percentile: 0.97707 + epss-score: 0.64941 + epss-percentile: 0.97813 cpe: cpe:2.3:a:cybelsoft:thinvnc:1.0:b1:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-1821.yaml b/http/cves/2019/CVE-2019-1821.yaml index ac23d8682d..d601b87426 100644 --- a/http/cves/2019/CVE-2019-1821.yaml +++ b/http/cves/2019/CVE-2019-1821.yaml @@ -12,13 +12,14 @@ info: - https://srcincite.io/blog/2019/05/17/panic-at-the-cisco-unauthenticated-rce-in-prime-infrastructure.html - https://nvd.nist.gov/vuln/detail/CVE-2019-1821 - http://packetstormsecurity.com/files/153350/Cisco-Prime-Infrastructure-Health-Monitor-TarArchive-Directory-Traversal.html + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2019-1821 cwe-id: CWE-20 epss-score: 0.96882 - epss-percentile: 0.99644 + epss-percentile: 0.99686 cpe: cpe:2.3:a:cisco:evolved_programmable_network_manager:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-18818.yaml b/http/cves/2019/CVE-2019-18818.yaml index 5a1b5a2746..065799b57a 100644 --- a/http/cves/2019/CVE-2019-18818.yaml +++ b/http/cves/2019/CVE-2019-18818.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2019-18818 cwe-id: CWE-640 - epss-score: 0.87533 - epss-percentile: 0.98385 + epss-score: 0.89613 + epss-percentile: 0.98691 cpe: cpe:2.3:a:strapi:strapi:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-18922.yaml b/http/cves/2019/CVE-2019-18922.yaml index f2744581d2..bd8d00410f 100644 --- a/http/cves/2019/CVE-2019-18922.yaml +++ b/http/cves/2019/CVE-2019-18922.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2019-18922 cwe-id: CWE-22 - epss-score: 0.26248 - epss-percentile: 0.96311 + epss-score: 0.2399 + epss-percentile: 0.96487 cpe: cpe:2.3:o:alliedtelesis:at-gs950\/8_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-18957.yaml b/http/cves/2019/CVE-2019-18957.yaml index 4d1978da6d..521cb381f8 100644 --- a/http/cves/2019/CVE-2019-18957.yaml +++ b/http/cves/2019/CVE-2019-18957.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2019-18957 cwe-id: CWE-79 epss-score: 0.00375 - epss-percentile: 0.69967 + epss-percentile: 0.72231 cpe: cpe:2.3:a:microstrategy:microstrategy_library:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-19368.yaml b/http/cves/2019/CVE-2019-19368.yaml index 019ce7911e..738223d1f5 100644 --- a/http/cves/2019/CVE-2019-19368.yaml +++ b/http/cves/2019/CVE-2019-19368.yaml @@ -14,13 +14,14 @@ info: - https://www.maxum.com/Rumpus/Download.html - http://packetstormsecurity.com/files/155719/Rumpus-FTP-Web-File-Manager-8.2.9.1-Cross-Site-Scripting.html - https://nvd.nist.gov/vuln/detail/CVE-2019-19368 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2019-19368 cwe-id: CWE-79 epss-score: 0.00624 - epss-percentile: 0.76639 + epss-percentile: 0.78472 cpe: cpe:2.3:a:maxum:rumpus:8.2.9.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-19824.yaml b/http/cves/2019/CVE-2019-19824.yaml index 8b2e648b39..3ce67fe734 100644 --- a/http/cves/2019/CVE-2019-19824.yaml +++ b/http/cves/2019/CVE-2019-19824.yaml @@ -15,13 +15,14 @@ info: - https://cybersecurity.att.com/blogs/labs-research/att-alien-labs-finds-new-golang-malwarebotenago-targeting-millions-of-routers-and-iot-devices-with-more-than-30-exploits - https://nvd.nist.gov/vuln/detail/CVE-2019-19824 - https://sploit.tech + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.8 cve-id: CVE-2019-19824 cwe-id: CWE-78 - epss-score: 0.96632 - epss-percentile: 0.99548 + epss-score: 0.96343 + epss-percentile: 0.99519 cpe: cpe:2.3:o:totolink:a3002ru_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-19908.yaml b/http/cves/2019/CVE-2019-19908.yaml index e28c9e843d..752c61976e 100644 --- a/http/cves/2019/CVE-2019-19908.yaml +++ b/http/cves/2019/CVE-2019-19908.yaml @@ -15,13 +15,14 @@ info: - http://ciprianmp.com/ - https://sourceforge.net/projects/phpmychat/ - https://nvd.nist.gov/vuln/detail/CVE-2019-19908 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2019-19908 cwe-id: CWE-79 epss-score: 0.00673 - epss-percentile: 0.77654 + epss-percentile: 0.79388 cpe: cpe:2.3:a:ciprianmp:phpmychat-plus:1.98:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-20085.yaml b/http/cves/2019/CVE-2019-20085.yaml index df6942898f..bdb6d97d5a 100644 --- a/http/cves/2019/CVE-2019-20085.yaml +++ b/http/cves/2019/CVE-2019-20085.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2019-20085 cwe-id: CWE-22 epss-score: 0.69009 - epss-percentile: 0.97708 + epss-percentile: 0.97908 cpe: cpe:2.3:o:tvt:nvms-1000_firmware:-:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-20183.yaml b/http/cves/2019/CVE-2019-20183.yaml index e75caed31c..81e9ec8c42 100644 --- a/http/cves/2019/CVE-2019-20183.yaml +++ b/http/cves/2019/CVE-2019-20183.yaml @@ -15,13 +15,14 @@ info: - https://medium.com/@Pablo0xSantiago/cve-2019-20183-employee-records-system-bypass-file-upload-to-rce-ea2653660b34 - https://nvd.nist.gov/vuln/detail/CVE-2019-20183 - https://medium.com/%40Pablo0xSantiago/cve-2019-20183-employee-records-system-bypass-file-upload-to-rce-ea2653660b34 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H cvss-score: 7.2 cve-id: CVE-2019-20183 cwe-id: CWE-434 - epss-score: 0.03427 - epss-percentile: 0.90515 + epss-score: 0.02447 + epss-percentile: 0.89763 cpe: cpe:2.3:a:employee_records_system_project:employee_records_system:1.0:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-20933.yaml b/http/cves/2019/CVE-2019-20933.yaml index a60b87498f..6ca2479754 100644 --- a/http/cves/2019/CVE-2019-20933.yaml +++ b/http/cves/2019/CVE-2019-20933.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2019-20933 cwe-id: CWE-287 epss-score: 0.04913 - epss-percentile: 0.91999 + epss-percentile: 0.92609 cpe: cpe:2.3:a:influxdata:influxdb:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-2578.yaml b/http/cves/2019/CVE-2019-2578.yaml index d5da5735b9..e3bfc27b06 100644 --- a/http/cves/2019/CVE-2019-2578.yaml +++ b/http/cves/2019/CVE-2019-2578.yaml @@ -19,8 +19,8 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N cvss-score: 8.6 cve-id: CVE-2019-2578 - epss-score: 0.00751 - epss-percentile: 0.79026 + epss-score: 0.00623 + epss-percentile: 0.78436 cpe: cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-2579.yaml b/http/cves/2019/CVE-2019-2579.yaml index 17f5c5de8b..414a5074c5 100644 --- a/http/cves/2019/CVE-2019-2579.yaml +++ b/http/cves/2019/CVE-2019-2579.yaml @@ -14,12 +14,13 @@ info: - https://github.com/Leovalcante/wcs_scanner - https://nvd.nist.gov/vuln/detail/CVE-2019-2579 - http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N cvss-score: 4.3 cve-id: CVE-2019-2579 epss-score: 0.00493 - epss-percentile: 0.73611 + epss-percentile: 0.75701 cpe: cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-2588.yaml b/http/cves/2019/CVE-2019-2588.yaml index 7bd1a805ba..4462e4399f 100644 --- a/http/cves/2019/CVE-2019-2588.yaml +++ b/http/cves/2019/CVE-2019-2588.yaml @@ -13,12 +13,15 @@ info: reference: - http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html - https://nvd.nist.gov/vuln/detail/CVE-2019-2588 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/Elsfa7-110/kenzer-templates + - https://github.com/lnick2023/nicenice classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N cvss-score: 4.9 cve-id: CVE-2019-2588 - epss-score: 0.08225 - epss-percentile: 0.93742 + epss-score: 0.13765 + epss-percentile: 0.955 cpe: cpe:2.3:a:oracle:business_intelligence_publisher:11.1.1.9.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-2616.yaml b/http/cves/2019/CVE-2019-2616.yaml index e7e724ae2b..6fc3e6b2fa 100644 --- a/http/cves/2019/CVE-2019-2616.yaml +++ b/http/cves/2019/CVE-2019-2616.yaml @@ -13,12 +13,14 @@ info: - https://www.exploit-db.com/exploits/46729 - http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html - https://nvd.nist.gov/vuln/detail/CVE-2019-2616 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/Ostorlab/KEV classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N cvss-score: 7.2 cve-id: CVE-2019-2616 - epss-score: 0.93111 - epss-percentile: 0.98865 + epss-score: 0.94292 + epss-percentile: 0.99135 cpe: cpe:2.3:a:oracle:business_intelligence_publisher:11.1.1.9.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-2725.yaml b/http/cves/2019/CVE-2019-2725.yaml index f5a099f7f7..b4014d4462 100644 --- a/http/cves/2019/CVE-2019-2725.yaml +++ b/http/cves/2019/CVE-2019-2725.yaml @@ -19,7 +19,7 @@ info: cvss-score: 9.8 cve-id: CVE-2019-2725 cwe-id: CWE-74 - epss-score: 0.97572 + epss-score: 0.97573 epss-percentile: 1 cpe: cpe:2.3:a:oracle:agile_plm:9.3.3:*:*:*:*:*:*:* metadata: diff --git a/http/cves/2019/CVE-2019-2729.yaml b/http/cves/2019/CVE-2019-2729.yaml index 47aa7090bd..1d1cb67aec 100644 --- a/http/cves/2019/CVE-2019-2729.yaml +++ b/http/cves/2019/CVE-2019-2729.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2019-2729 cwe-id: CWE-284 - epss-score: 0.97093 - epss-percentile: 0.9973 + epss-score: 0.97101 + epss-percentile: 0.99761 cpe: cpe:2.3:a:oracle:communications_diameter_signaling_router:8.0:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2019/CVE-2019-2767.yaml b/http/cves/2019/CVE-2019-2767.yaml index b485219cc1..aa61ee874d 100644 --- a/http/cves/2019/CVE-2019-2767.yaml +++ b/http/cves/2019/CVE-2019-2767.yaml @@ -13,12 +13,14 @@ info: - https://www.exploit-db.com/exploits/46729 - http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html - https://nvd.nist.gov/vuln/detail/CVE-2019-2767 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/vah13/Oracle-BI-bugs classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N cvss-score: 7.2 cve-id: CVE-2019-2767 epss-score: 0.14972 - epss-percentile: 0.95282 + epss-percentile: 0.95676 cpe: cpe:2.3:a:oracle:bi_publisher:11.1.1.9.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-3396.yaml b/http/cves/2019/CVE-2019-3396.yaml index 6735381e85..28b223a783 100644 --- a/http/cves/2019/CVE-2019-3396.yaml +++ b/http/cves/2019/CVE-2019-3396.yaml @@ -12,13 +12,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2019-3396 - https://jira.atlassian.com/browse/CONFSERVER-57974 - http://packetstormsecurity.com/files/152568/Atlassian-Confluence-Widget-Connector-Macro-Velocity-Template-Injection.html + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2019-3396 cwe-id: CWE-22 - epss-score: 0.97502 - epss-percentile: 0.99979 + epss-score: 0.97508 + epss-percentile: 0.9998 cpe: cpe:2.3:a:atlassian:confluence:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-3398.yaml b/http/cves/2019/CVE-2019-3398.yaml index 0f109775f1..ac49a34ce0 100644 --- a/http/cves/2019/CVE-2019-3398.yaml +++ b/http/cves/2019/CVE-2019-3398.yaml @@ -21,8 +21,8 @@ info: cvss-score: 8.8 cve-id: CVE-2019-3398 cwe-id: CWE-22 - epss-score: 0.9722 - epss-percentile: 0.99805 + epss-score: 0.97145 + epss-percentile: 0.99783 cpe: cpe:2.3:a:atlassian:confluence:*:*:*:*:*:*:*:* metadata: max-request: 5 diff --git a/http/cves/2019/CVE-2019-3402.yaml b/http/cves/2019/CVE-2019-3402.yaml index 5d168dc106..0689e364d5 100644 --- a/http/cves/2019/CVE-2019-3402.yaml +++ b/http/cves/2019/CVE-2019-3402.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.1 cve-id: CVE-2019-3402 cwe-id: CWE-79 - epss-score: 0.00254 - epss-percentile: 0.63243 + epss-score: 0.00238 + epss-percentile: 0.61128 cpe: cpe:2.3:a:atlassian:jira:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-3403.yaml b/http/cves/2019/CVE-2019-3403.yaml index c4fd921a3a..68400d9110 100644 --- a/http/cves/2019/CVE-2019-3403.yaml +++ b/http/cves/2019/CVE-2019-3403.yaml @@ -12,13 +12,16 @@ info: reference: - https://jira.atlassian.com/browse/JRASERVER-69242 - https://nvd.nist.gov/vuln/detail/CVE-2019-3403 + - https://github.com/nomi-sec/PoC-in-GitHub + - https://github.com/rezasarvani/JiraVulChecker + - https://github.com/und3sc0n0c1d0/UserEnumJira classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2019-3403 cwe-id: CWE-863 - epss-score: 0.0055 - epss-percentile: 0.7504 + epss-score: 0.00379 + epss-percentile: 0.72409 cpe: cpe:2.3:a:atlassian:jira:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-3799.yaml b/http/cves/2019/CVE-2019-3799.yaml index e257f8849a..ade26f6585 100644 --- a/http/cves/2019/CVE-2019-3799.yaml +++ b/http/cves/2019/CVE-2019-3799.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.5 cve-id: CVE-2019-3799 cwe-id: CWE-22 - epss-score: 0.02349 - epss-percentile: 0.88703 + epss-score: 0.01441 + epss-percentile: 0.86327 cpe: cpe:2.3:a:vmware:spring_cloud_config:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-3911.yaml b/http/cves/2019/CVE-2019-3911.yaml index 6eb28ec193..035b8c7508 100644 --- a/http/cves/2019/CVE-2019-3911.yaml +++ b/http/cves/2019/CVE-2019-3911.yaml @@ -12,13 +12,14 @@ info: reference: - https://www.tenable.com/security/research/tra-2019-03 - https://nvd.nist.gov/vuln/detail/CVE-2019-3911 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2019-3911 cwe-id: CWE-79 epss-score: 0.00195 - epss-percentile: 0.57378 + epss-percentile: 0.5643 cpe: cpe:2.3:a:labkey:labkey_server:*:*:community:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-3912.yaml b/http/cves/2019/CVE-2019-3912.yaml index 64f8749a1b..e44841d200 100644 --- a/http/cves/2019/CVE-2019-3912.yaml +++ b/http/cves/2019/CVE-2019-3912.yaml @@ -12,13 +12,16 @@ info: reference: - https://www.tenable.com/security/research/tra-2019-03 - https://nvd.nist.gov/vuln/detail/CVE-2019-3912 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/StarCrossPortal/scalpel + - https://github.com/anonymous364872/Rapier_Tool classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2019-3912 cwe-id: CWE-601 epss-score: 0.0016 - epss-percentile: 0.52431 + epss-percentile: 0.51564 cpe: cpe:2.3:a:labkey:labkey_server:*:*:*:*:community:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-3929.yaml b/http/cves/2019/CVE-2019-3929.yaml index 0e4afed940..b5a05f26b6 100644 --- a/http/cves/2019/CVE-2019-3929.yaml +++ b/http/cves/2019/CVE-2019-3929.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2019-3929 cwe-id: CWE-78,CWE-79 - epss-score: 0.97378 - epss-percentile: 0.99896 + epss-score: 0.97293 + epss-percentile: 0.99855 cpe: cpe:2.3:o:crestron:am-100_firmware:1.6.0.2:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-5127.yaml b/http/cves/2019/CVE-2019-5127.yaml index 5a4970810a..a09c9f3374 100644 --- a/http/cves/2019/CVE-2019-5127.yaml +++ b/http/cves/2019/CVE-2019-5127.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2019-5127 cwe-id: CWE-78 - epss-score: 0.97422 - epss-percentile: 0.99928 + epss-score: 0.97409 + epss-percentile: 0.99922 cpe: cpe:2.3:a:youphptube:youphptube_encoder:2.3:*:*:*:*:*:*:* metadata: max-request: 4 diff --git a/http/cves/2019/CVE-2019-5418.yaml b/http/cves/2019/CVE-2019-5418.yaml index 13207dd827..7a904c30fa 100644 --- a/http/cves/2019/CVE-2019-5418.yaml +++ b/http/cves/2019/CVE-2019-5418.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2019-5418 cwe-id: CWE-22,NVD-CWE-noinfo - epss-score: 0.97497 - epss-percentile: 0.99974 + epss-score: 0.97434 + epss-percentile: 0.99939 cpe: cpe:2.3:a:rubyonrails:rails:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-5434.yaml b/http/cves/2019/CVE-2019-5434.yaml index 7d1b849fd1..76f79572df 100644 --- a/http/cves/2019/CVE-2019-5434.yaml +++ b/http/cves/2019/CVE-2019-5434.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2019-5434 cwe-id: CWE-502 - epss-score: 0.345 - epss-percentile: 0.96715 + epss-score: 0.3278 + epss-percentile: 0.96917 cpe: cpe:2.3:a:revive-sas:revive_adserver:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-6112.yaml b/http/cves/2019/CVE-2019-6112.yaml index 1d7d792a03..6ca9cadd40 100644 --- a/http/cves/2019/CVE-2019-6112.yaml +++ b/http/cves/2019/CVE-2019-6112.yaml @@ -13,13 +13,15 @@ info: - https://github.com/graphpaperpress/Sell-Media/commit/8ac8cebf332e0885863d0a25e16b4b180abedc47#diff-f16fea0a0c8cc36031ec339d02a4fb3b - https://nvd.nist.gov/vuln/detail/CVE-2019-6112 - https://metamorfosec.com/Files/Advisories/METS-2020-001-A_XSS_Vulnerability_in_Sell_Media_Plugin_v2.4.1_for_WordPress.txt + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/Elsfa7-110/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2019-6112 cwe-id: CWE-79 epss-score: 0.00126 - epss-percentile: 0.46982 + epss-percentile: 0.46229 cpe: cpe:2.3:a:graphpaperpress:sell_media:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-6340.yaml b/http/cves/2019/CVE-2019-6340.yaml index abdb0b8acb..8f0ac71f31 100644 --- a/http/cves/2019/CVE-2019-6340.yaml +++ b/http/cves/2019/CVE-2019-6340.yaml @@ -14,13 +14,14 @@ info: - https://www.synology.com/security/advisory/Synology_SA_19_09 - https://nvd.nist.gov/vuln/detail/CVE-2019-6340 - https://www.exploit-db.com/exploits/46452/ + - https://github.com/CVEDB/PoC-List classification: cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.1 cve-id: CVE-2019-6340 cwe-id: CWE-502 - epss-score: 0.97503 - epss-percentile: 0.9998 + epss-score: 0.97487 + epss-percentile: 0.9997 cpe: cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-6715.yaml b/http/cves/2019/CVE-2019-6715.yaml index 915b1c06e6..ca3113d2c1 100644 --- a/http/cves/2019/CVE-2019-6715.yaml +++ b/http/cves/2019/CVE-2019-6715.yaml @@ -14,12 +14,14 @@ info: - https://vinhjaxt.github.io/2019/03/cve-2019-6715 - http://packetstormsecurity.com/files/160674/WordPress-W3-Total-Cache-0.9.3-File-Read-Directory-Traversal.html - https://nvd.nist.gov/vuln/detail/CVE-2019-6715 + - https://github.com/sobinge/nuclei-templates + - https://github.com/random-robbie/cve-2019-6715 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2019-6715 epss-score: 0.23312 - epss-percentile: 0.96121 + epss-percentile: 0.96449 cpe: cpe:2.3:a:boldgrid:w3_total_cache:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-6799.yaml b/http/cves/2019/CVE-2019-6799.yaml index 1187cd6f4c..91b284b9f4 100644 --- a/http/cves/2019/CVE-2019-6799.yaml +++ b/http/cves/2019/CVE-2019-6799.yaml @@ -21,8 +21,8 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 5.9 cve-id: CVE-2019-6799 - epss-score: 0.13969 - epss-percentile: 0.95119 + epss-score: 0.1829 + epss-percentile: 0.96069 cpe: cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-6802.yaml b/http/cves/2019/CVE-2019-6802.yaml index af385e72e7..f941205dd9 100644 --- a/http/cves/2019/CVE-2019-6802.yaml +++ b/http/cves/2019/CVE-2019-6802.yaml @@ -12,13 +12,15 @@ info: - https://vuldb.com/?id.130257 - https://github.com/pypiserver/pypiserver/issues/237 - https://nvd.nist.gov/vuln/detail/CVE-2019-6802 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2019-6802 cwe-id: CWE-74 epss-score: 0.00113 - epss-percentile: 0.44613 + epss-percentile: 0.43845 cpe: cpe:2.3:a:python:pypiserver:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-7192.yaml b/http/cves/2019/CVE-2019-7192.yaml index afd14b4292..3f8a10b408 100644 --- a/http/cves/2019/CVE-2019-7192.yaml +++ b/http/cves/2019/CVE-2019-7192.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2019-7192 cwe-id: CWE-863 epss-score: 0.96341 - epss-percentile: 0.99444 + epss-percentile: 0.99518 cpe: cpe:2.3:a:qnap:photo_station:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-7219.yaml b/http/cves/2019/CVE-2019-7219.yaml index 5dd9320219..38d5266a55 100644 --- a/http/cves/2019/CVE-2019-7219.yaml +++ b/http/cves/2019/CVE-2019-7219.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2019-7219 cwe-id: CWE-79 epss-score: 0.00113 - epss-percentile: 0.44603 + epss-percentile: 0.43765 cpe: cpe:2.3:a:zarafa:webaccess:7.2.0-48204:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-7238.yaml b/http/cves/2019/CVE-2019-7238.yaml index 5e9d137567..f6233a3e28 100644 --- a/http/cves/2019/CVE-2019-7238.yaml +++ b/http/cves/2019/CVE-2019-7238.yaml @@ -13,12 +13,14 @@ info: - https://github.com/jas502n/CVE-2019-7238 - https://support.sonatype.com/hc/en-us/articles/360017310793-CVE-2019-7238-Nexus-Repository-Manager-3-Missing-Access-Controls-and-Remote-Code-Execution-February-5th-2019 - https://nvd.nist.gov/vuln/detail/CVE-2019-7238 + - https://github.com/ycdxsb/Exploits + - https://github.com/zhangchi991022/Comprehensive-experiment-of-infomation-security classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2019-7238 - epss-score: 0.97372 - epss-percentile: 0.99892 + epss-score: 0.974 + epss-percentile: 0.99915 cpe: cpe:2.3:a:sonatype:nexus:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-7254.yaml b/http/cves/2019/CVE-2019-7254.yaml index d1bec6d6de..b340db8a20 100644 --- a/http/cves/2019/CVE-2019-7254.yaml +++ b/http/cves/2019/CVE-2019-7254.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2019-7254 cwe-id: CWE-22 - epss-score: 0.86915 - epss-percentile: 0.98374 + epss-score: 0.85367 + epss-percentile: 0.98459 cpe: cpe:2.3:o:nortekcontrol:linear_emerge_essential_firmware:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-7255.yaml b/http/cves/2019/CVE-2019-7255.yaml index b1eb2cd922..9fadb579c2 100644 --- a/http/cves/2019/CVE-2019-7255.yaml +++ b/http/cves/2019/CVE-2019-7255.yaml @@ -15,13 +15,14 @@ info: - https://applied-risk.com/labs/advisories - https://packetstormsecurity.com/files/155253/Linear-eMerge-E3-1.00-06-Cross-Site-Scripting.html - https://nvd.nist.gov/vuln/detail/CVE-2019-7255 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2019-7255 cwe-id: CWE-79 - epss-score: 0.01544 - epss-percentile: 0.85731 + epss-score: 0.01232 + epss-percentile: 0.85132 cpe: cpe:2.3:o:nortekcontrol:linear_emerge_essential_firmware:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-7315.yaml b/http/cves/2019/CVE-2019-7315.yaml index 7f0b9b3656..26bc967c1f 100644 --- a/http/cves/2019/CVE-2019-7315.yaml +++ b/http/cves/2019/CVE-2019-7315.yaml @@ -13,13 +13,14 @@ info: - https://labs.nettitude.com/blog/cve-2019-7315-genie-access-wip3bvaf-ip-camera-directory-traversal/ - https://vuldb.com/?id.136593 - https://nvd.nist.gov/vuln/detail/CVE-2019-7315 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2019-7315 cwe-id: CWE-22 - epss-score: 0.01501 - epss-percentile: 0.85524 + epss-score: 0.0172 + epss-percentile: 0.87556 cpe: cpe:2.3:o:genieaccess:wip3bvaf_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-7481.yaml b/http/cves/2019/CVE-2019-7481.yaml index 81a6cfd47d..8670b4cc88 100644 --- a/http/cves/2019/CVE-2019-7481.yaml +++ b/http/cves/2019/CVE-2019-7481.yaml @@ -13,13 +13,15 @@ info: - https://www.crowdstrike.com/blog/how-ecrime-groups-leverage-sonicwall-vulnerability-cve-2019-7481/ - https://nvd.nist.gov/vuln/detail/CVE-2019-7481 - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2019-0016 + - https://github.com/Ostorlab/KEV + - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2019-7481 cwe-id: CWE-89 - epss-score: 0.87114 - epss-percentile: 0.98362 + epss-score: 0.91724 + epss-percentile: 0.98849 cpe: cpe:2.3:o:sonicwall:sma_100_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-7543.yaml b/http/cves/2019/CVE-2019-7543.yaml index c7e1f18a0d..4814eb1cfa 100644 --- a/http/cves/2019/CVE-2019-7543.yaml +++ b/http/cves/2019/CVE-2019-7543.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2019-7543 cwe-id: CWE-79 - epss-score: 0.00113 - epss-percentile: 0.44682 + epss-score: 0.00135 + epss-percentile: 0.47935 cpe: cpe:2.3:a:kindsoft:kindeditor:4.1.11:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-7609.yaml b/http/cves/2019/CVE-2019-7609.yaml index 27fffb8883..1c92d910e7 100644 --- a/http/cves/2019/CVE-2019-7609.yaml +++ b/http/cves/2019/CVE-2019-7609.yaml @@ -20,8 +20,8 @@ info: cvss-score: 10 cve-id: CVE-2019-7609 cwe-id: CWE-94 - epss-score: 0.96098 - epss-percentile: 0.99371 + epss-score: 0.96778 + epss-percentile: 0.99656 cpe: cpe:2.3:a:elastic:kibana:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-8086.yaml b/http/cves/2019/CVE-2019-8086.yaml index 68b3141d04..819c3fec14 100644 --- a/http/cves/2019/CVE-2019-8086.yaml +++ b/http/cves/2019/CVE-2019-8086.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2019-8086 cwe-id: CWE-611 - epss-score: 0.09189 - epss-percentile: 0.94079 + epss-score: 0.13896 + epss-percentile: 0.95514 cpe: cpe:2.3:a:adobe:experience_manager:6.2:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-8442.yaml b/http/cves/2019/CVE-2019-8442.yaml index 3583114b55..feca5aab9e 100644 --- a/http/cves/2019/CVE-2019-8442.yaml +++ b/http/cves/2019/CVE-2019-8442.yaml @@ -12,12 +12,15 @@ info: reference: - https://jira.atlassian.com/browse/JRASERVER-69241 - https://nvd.nist.gov/vuln/detail/CVE-2019-8442 + - https://github.com/0ps/pocassistdb + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2019-8442 epss-score: 0.97131 - epss-percentile: 0.99752 + epss-percentile: 0.99777 cpe: cpe:2.3:a:atlassian:jira:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-8446.yaml b/http/cves/2019/CVE-2019-8446.yaml index 88581d4ca7..e33e16c6c1 100644 --- a/http/cves/2019/CVE-2019-8446.yaml +++ b/http/cves/2019/CVE-2019-8446.yaml @@ -12,13 +12,16 @@ info: reference: - https://jira.atlassian.com/browse/JRASERVER-69777 - https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0839 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/CyberTrashPanda/CVE-2019-8446 + - https://github.com/Elsfa7-110/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2019-8446 cwe-id: CWE-863 epss-score: 0.15691 - epss-percentile: 0.95403 + epss-percentile: 0.95793 cpe: cpe:2.3:a:atlassian:jira_server:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-8449.yaml b/http/cves/2019/CVE-2019-8449.yaml index c565350f9b..23007c5608 100644 --- a/http/cves/2019/CVE-2019-8449.yaml +++ b/http/cves/2019/CVE-2019-8449.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2019-8449 cwe-id: CWE-306 epss-score: 0.24444 - epss-percentile: 0.96207 + epss-percentile: 0.96513 cpe: cpe:2.3:a:atlassian:jira:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-8451.yaml b/http/cves/2019/CVE-2019-8451.yaml index 97ca796414..9b42dd24ff 100644 --- a/http/cves/2019/CVE-2019-8451.yaml +++ b/http/cves/2019/CVE-2019-8451.yaml @@ -14,13 +14,14 @@ info: - https://jira.atlassian.com/browse/JRASERVER-69793 - https://hackerone.com/reports/713900 - https://nvd.nist.gov/vuln/detail/CVE-2019-8451 + - https://github.com/merlinepedra/nuclei-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N cvss-score: 6.5 cve-id: CVE-2019-8451 cwe-id: CWE-918 epss-score: 0.97115 - epss-percentile: 0.99743 + epss-percentile: 0.99766 cpe: cpe:2.3:a:atlassian:jira_server:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-9041.yaml b/http/cves/2019/CVE-2019-9041.yaml index aee9b5be0f..b15fa12f18 100644 --- a/http/cves/2019/CVE-2019-9041.yaml +++ b/http/cves/2019/CVE-2019-9041.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.2 cve-id: CVE-2019-9041 cwe-id: CWE-917 - epss-score: 0.01368 - epss-percentile: 0.84872 + epss-score: 0.02876 + epss-percentile: 0.9052 cpe: cpe:2.3:a:zzzcms:zzzphp:1.6.1:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2019/CVE-2019-9618.yaml b/http/cves/2019/CVE-2019-9618.yaml index 7d9d2dc4ef..8cad77c8bf 100644 --- a/http/cves/2019/CVE-2019-9618.yaml +++ b/http/cves/2019/CVE-2019-9618.yaml @@ -18,8 +18,8 @@ info: cvss-score: 9.8 cve-id: CVE-2019-9618 cwe-id: CWE-22 - epss-score: 0.05313 - epss-percentile: 0.92324 + epss-score: 0.04914 + epss-percentile: 0.9261 cpe: cpe:2.3:a:gracemedia_media_player_project:gracemedia_media_player:1.0:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-9670.yaml b/http/cves/2019/CVE-2019-9670.yaml index 3a64be761f..ceea906ff1 100644 --- a/http/cves/2019/CVE-2019-9670.yaml +++ b/http/cves/2019/CVE-2019-9670.yaml @@ -22,8 +22,8 @@ info: cvss-score: 9.8 cve-id: CVE-2019-9670 cwe-id: CWE-611 - epss-score: 0.97216 - epss-percentile: 0.99797 + epss-score: 0.97484 + epss-percentile: 0.99968 cpe: cpe:2.3:a:synacor:zimbra_collaboration_suite:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-9726.yaml b/http/cves/2019/CVE-2019-9726.yaml index 7526caaab9..6cd3d65bbe 100644 --- a/http/cves/2019/CVE-2019-9726.yaml +++ b/http/cves/2019/CVE-2019-9726.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2019-9726 cwe-id: CWE-22 epss-score: 0.03616 - epss-percentile: 0.90773 + epss-percentile: 0.91446 cpe: cpe:2.3:o:eq-3:ccu3_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-9733.yaml b/http/cves/2019/CVE-2019-9733.yaml index d6cf31434b..59ce7864db 100644 --- a/http/cves/2019/CVE-2019-9733.yaml +++ b/http/cves/2019/CVE-2019-9733.yaml @@ -19,8 +19,8 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2019-9733 - epss-score: 0.88323 - epss-percentile: 0.98448 + epss-score: 0.91018 + epss-percentile: 0.98791 cpe: cpe:2.3:a:jfrog:artifactory:6.7.3:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-9915.yaml b/http/cves/2019/CVE-2019-9915.yaml index 26416b89bd..0dce6edecd 100644 --- a/http/cves/2019/CVE-2019-9915.yaml +++ b/http/cves/2019/CVE-2019-9915.yaml @@ -14,13 +14,14 @@ info: - https://github.com/GetSimpleCMS/GetSimpleCMS/issues/1300 - https://www.netsparker.com/web-applications-advisories/ns-18-056-open-redirection-vulnerability-in-getsimplecms/ - https://nvd.nist.gov/vuln/detail/CVE-2019-9915 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2019-9915 cwe-id: CWE-601 epss-score: 0.00123 - epss-percentile: 0.46435 + epss-percentile: 0.45694 cpe: cpe:2.3:a:get-simple.:getsimplecms:3.3.13:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2019/CVE-2019-9955.yaml b/http/cves/2019/CVE-2019-9955.yaml index 3b22ebc893..29ffce49f7 100644 --- a/http/cves/2019/CVE-2019-9955.yaml +++ b/http/cves/2019/CVE-2019-9955.yaml @@ -18,8 +18,8 @@ info: cvss-score: 6.1 cve-id: CVE-2019-9955 cwe-id: CWE-79 - epss-score: 0.0798 - epss-percentile: 0.9368 + epss-score: 0.05816 + epss-percentile: 0.93234 cpe: cpe:2.3:o:zyxel:atp200_firmware:4.31:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2019/CVE-2019-9978.yaml b/http/cves/2019/CVE-2019-9978.yaml index 1368cc757f..56f52994d6 100644 --- a/http/cves/2019/CVE-2019-9978.yaml +++ b/http/cves/2019/CVE-2019-9978.yaml @@ -5,30 +5,29 @@ info: author: madrobot,dwisiswant0 severity: medium description: WordPress Social Warfare plugin before 3.5.3 contains a cross-site scripting vulnerability via the wp-admin/admin-post.php?swp_debug=load_options swp_url parameter, affecting Social Warfare and Social Warfare Pro. + remediation: | + Update the Social Warfare plugin to version 3.5.3 or later to mitigate the vulnerability. reference: - https://github.com/mpgn/CVE-2019-9978 - https://www.wordfence.com/blog/2019/03/unpatched-zero-day-vulnerability-in-social-warfare-plugin-exploited-in-the-wild/ - https://www.pluginvulnerabilities.com/2019/03/21/full-disclosure-of-settings-change-persistent-cross-site-scripting-xss-vulnerability-in-social-warfare/ - https://www.cybersecurity-help.cz/vdb/SB2019032105 - https://nvd.nist.gov/vuln/detail/CVE-2019-9978 - remediation: | - Update the Social Warfare plugin to version 3.5.3 or later to mitigate the vulnerability. classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2019-9978 cwe-id: CWE-79 + epss-score: 0.97235 + epss-percentile: 0.99828 cpe: cpe:2.3:a:warfareplugins:social_warfare:*:*:*:*:*:wordpress:*:* - epss-score: 0.97323 - epss-percentile: 0.99859 metadata: - fofa-query: body="social-warfare" && body="wp-" - framework: wordpress max-request: 2 - product: social_warfare vendor: warfareplugins + product: social_warfare + framework: wordpress + fofa-query: body="social-warfare" && body="wp-" tags: cve,cve2019,wordpress,wp-plugin,ssrf,kev,warfareplugins - flow: http(1) && http(2) http: diff --git a/http/cves/2020/CVE-2020-10148.yaml b/http/cves/2020/CVE-2020-10148.yaml index a9d0d46a15..8e8147bc7a 100644 --- a/http/cves/2020/CVE-2020-10148.yaml +++ b/http/cves/2020/CVE-2020-10148.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-10148 cwe-id: CWE-287,CWE-288 - epss-score: 0.97324 - epss-percentile: 0.99867 + epss-score: 0.97273 + epss-percentile: 0.99841 cpe: cpe:2.3:a:solarwinds:orion_platform:2019.4:hotfix5:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-10220.yaml b/http/cves/2020/CVE-2020-10220.yaml index 5ed64cf767..3de59b1373 100644 --- a/http/cves/2020/CVE-2020-10220.yaml +++ b/http/cves/2020/CVE-2020-10220.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-10220 cwe-id: CWE-89 - epss-score: 0.02204 - epss-percentile: 0.88325 + epss-score: 0.03051 + epss-percentile: 0.90763 cpe: cpe:2.3:a:rconfig:rconfig:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-10546.yaml b/http/cves/2020/CVE-2020-10546.yaml index af0540a32e..62d6dcb1a7 100644 --- a/http/cves/2020/CVE-2020-10546.yaml +++ b/http/cves/2020/CVE-2020-10546.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-10546 cwe-id: CWE-89 - epss-score: 0.49879 - epss-percentile: 0.97237 + epss-score: 0.38355 + epss-percentile: 0.97128 cpe: cpe:2.3:a:rconfig:rconfig:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-10547.yaml b/http/cves/2020/CVE-2020-10547.yaml index ebd2d1f573..8f51eea49c 100644 --- a/http/cves/2020/CVE-2020-10547.yaml +++ b/http/cves/2020/CVE-2020-10547.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-10547 cwe-id: CWE-89 - epss-score: 0.49879 - epss-percentile: 0.97237 + epss-score: 0.38355 + epss-percentile: 0.97128 cpe: cpe:2.3:a:rconfig:rconfig:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-10549.yaml b/http/cves/2020/CVE-2020-10549.yaml index 426c6477e0..3a067dcfda 100644 --- a/http/cves/2020/CVE-2020-10549.yaml +++ b/http/cves/2020/CVE-2020-10549.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-10549 cwe-id: CWE-89 - epss-score: 0.49879 - epss-percentile: 0.97237 + epss-score: 0.38355 + epss-percentile: 0.97128 cpe: cpe:2.3:a:rconfig:rconfig:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-10973.yaml b/http/cves/2020/CVE-2020-10973.yaml index dbed366a4c..f2ae5c84cc 100644 --- a/http/cves/2020/CVE-2020-10973.yaml +++ b/http/cves/2020/CVE-2020-10973.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2020-10973 cwe-id: CWE-306 - epss-score: 0.04225 - epss-percentile: 0.91375 + epss-score: 0.02524 + epss-percentile: 0.8991 cpe: cpe:2.3:o:wavlink:wn530hg4_firmware:m30hg4.v5030.191116:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-11110.yaml b/http/cves/2020/CVE-2020-11110.yaml index dc5be762c8..1c70c981ce 100644 --- a/http/cves/2020/CVE-2020-11110.yaml +++ b/http/cves/2020/CVE-2020-11110.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2020-11110 cwe-id: CWE-79 epss-score: 0.00512 - epss-percentile: 0.74072 + epss-percentile: 0.76153 cpe: cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-11450.yaml b/http/cves/2020/CVE-2020-11450.yaml index 374af47fea..bd398b00de 100644 --- a/http/cves/2020/CVE-2020-11450.yaml +++ b/http/cves/2020/CVE-2020-11450.yaml @@ -20,7 +20,7 @@ info: cvss-score: 7.5 cve-id: CVE-2020-11450 epss-score: 0.59818 - epss-percentile: 0.97482 + epss-percentile: 0.9769 cpe: cpe:2.3:a:microstrategy:microstrategy_web:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-11455.yaml b/http/cves/2020/CVE-2020-11455.yaml index 76b2c0eb96..f9abab71a0 100644 --- a/http/cves/2020/CVE-2020-11455.yaml +++ b/http/cves/2020/CVE-2020-11455.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-11455 cwe-id: CWE-22 - epss-score: 0.85197 - epss-percentile: 0.98278 + epss-score: 0.87845 + epss-percentile: 0.98577 cpe: cpe:2.3:a:limesurvey:limesurvey:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-11530.yaml b/http/cves/2020/CVE-2020-11530.yaml index bdde44f424..2e1afa0621 100644 --- a/http/cves/2020/CVE-2020-11530.yaml +++ b/http/cves/2020/CVE-2020-11530.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-11530 cwe-id: CWE-89 - epss-score: 0.84645 - epss-percentile: 0.98251 + epss-score: 0.83664 + epss-percentile: 0.98377 cpe: cpe:2.3:a:idangero:chop_slider:3.0:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-11547.yaml b/http/cves/2020/CVE-2020-11547.yaml index c0a5bbd9a2..59047e0a5f 100644 --- a/http/cves/2020/CVE-2020-11547.yaml +++ b/http/cves/2020/CVE-2020-11547.yaml @@ -13,13 +13,15 @@ info: - https://github.com/ch-rigu/CVE-2020-11547--PRTG-Network-Monitor-Information-Disclosure - https://github.com/ch-rigu/PRTG-Network-Monitor-Information-Disclosure - https://nvd.nist.gov/vuln/detail/CVE-2020-11547 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2020-11547 cwe-id: CWE-306 epss-score: 0.0011 - epss-percentile: 0.43845 + epss-percentile: 0.43127 cpe: cpe:2.3:a:paessler:prtg_network_monitor:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-11710.yaml b/http/cves/2020/CVE-2020-11710.yaml index 1dd863b7ec..002ad2df44 100644 --- a/http/cves/2020/CVE-2020-11710.yaml +++ b/http/cves/2020/CVE-2020-11710.yaml @@ -19,8 +19,8 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2020-11710 - epss-score: 0.02925 - epss-percentile: 0.89782 + epss-score: 0.02642 + epss-percentile: 0.90121 cpe: cpe:2.3:a:konghq:docker-kong:*:*:*:*:*:kong:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-11738.yaml b/http/cves/2020/CVE-2020-11738.yaml index 813acaa3e5..180174216a 100644 --- a/http/cves/2020/CVE-2020-11738.yaml +++ b/http/cves/2020/CVE-2020-11738.yaml @@ -23,8 +23,8 @@ info: cvss-score: 7.5 cve-id: CVE-2020-11738 cwe-id: CWE-22 - epss-score: 0.97366 - epss-percentile: 0.99888 + epss-score: 0.97323 + epss-percentile: 0.99872 cpe: cpe:2.3:a:snapcreek:duplicator:*:*:*:*:lite:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-11854.yaml b/http/cves/2020/CVE-2020-11854.yaml index 4b57c84b46..a9df60a494 100644 --- a/http/cves/2020/CVE-2020-11854.yaml +++ b/http/cves/2020/CVE-2020-11854.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2020-11854 cwe-id: CWE-798 epss-score: 0.2548 - epss-percentile: 0.96257 + epss-percentile: 0.96589 cpe: cpe:2.3:a:microfocus:application_performance_management:9.50:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-11930.yaml b/http/cves/2020/CVE-2020-11930.yaml index f409bf47f6..b25d2419fb 100644 --- a/http/cves/2020/CVE-2020-11930.yaml +++ b/http/cves/2020/CVE-2020-11930.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2020-11930 cwe-id: CWE-79 - epss-score: 0.00396 - epss-percentile: 0.70723 + epss-score: 0.00303 + epss-percentile: 0.69031 cpe: cpe:2.3:a:gtranslate:translate_wordpress_with_gtranslate:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-11978.yaml b/http/cves/2020/CVE-2020-11978.yaml index 1326ae8b8e..3eef166a43 100644 --- a/http/cves/2020/CVE-2020-11978.yaml +++ b/http/cves/2020/CVE-2020-11978.yaml @@ -19,8 +19,8 @@ info: cvss-score: 8.8 cve-id: CVE-2020-11978 cwe-id: CWE-78 - epss-score: 0.97156 - epss-percentile: 0.99766 + epss-score: 0.97425 + epss-percentile: 0.99933 cpe: cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-12127.yaml b/http/cves/2020/CVE-2020-12127.yaml index 1c547a278d..a24bd6396a 100644 --- a/http/cves/2020/CVE-2020-12127.yaml +++ b/http/cves/2020/CVE-2020-12127.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2020-12127 cwe-id: CWE-306 - epss-score: 0.05177 - epss-percentile: 0.92224 + epss-score: 0.06293 + epss-percentile: 0.93458 cpe: cpe:2.3:o:wavlink:wn530h4_firmware:m30h4.v5030.190403:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-12259.yaml b/http/cves/2020/CVE-2020-12259.yaml index 87dfcfea2b..fc444195a3 100644 --- a/http/cves/2020/CVE-2020-12259.yaml +++ b/http/cves/2020/CVE-2020-12259.yaml @@ -10,13 +10,15 @@ info: - https://www.rconfig.com/downloads/rconfig-3.9.4.zip - https://gist.github.com/farid007/8855031bad0e497264e4879efb5bc9f8 - https://nvd.nist.gov/vuln/detail/CVE-2020-12259 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/Elsfa7-110/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N cvss-score: 5.4 cve-id: CVE-2020-12259 cwe-id: CWE-79 epss-score: 0.16256 - epss-percentile: 0.95479 + epss-percentile: 0.95859 cpe: cpe:2.3:a:rconfig:rconfig:3.9.4:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2020/CVE-2020-12447.yaml b/http/cves/2020/CVE-2020-12447.yaml index c3d58ca838..50b74131a6 100644 --- a/http/cves/2020/CVE-2020-12447.yaml +++ b/http/cves/2020/CVE-2020-12447.yaml @@ -13,13 +13,14 @@ info: - https://blog.spookysec.net/onkyo-lfi - https://nvd.nist.gov/vuln/detail/CVE-2020-12447 - https://blog.spookysec.net/onkyo-lfi/ + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2020-12447 cwe-id: CWE-22 epss-score: 0.01711 - epss-percentile: 0.86438 + epss-percentile: 0.8752 cpe: cpe:2.3:o:onkyo:tx-nr585_firmware:1000-0000-000-0008-0000:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-12478.yaml b/http/cves/2020/CVE-2020-12478.yaml index 338ff97496..3957832e42 100644 --- a/http/cves/2020/CVE-2020-12478.yaml +++ b/http/cves/2020/CVE-2020-12478.yaml @@ -13,13 +13,16 @@ info: reference: - https://github.com/nilsteampassnet/TeamPass/issues/2764 - https://nvd.nist.gov/vuln/detail/CVE-2020-12478 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/StarCrossPortal/scalpel classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2020-12478 cwe-id: CWE-306 epss-score: 0.01186 - epss-percentile: 0.83549 + epss-percentile: 0.8478 cpe: cpe:2.3:a:teampass:teampass:2.1.27.36:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-12720.yaml b/http/cves/2020/CVE-2020-12720.yaml index 728e7d5834..11e5d9f15e 100644 --- a/http/cves/2020/CVE-2020-12720.yaml +++ b/http/cves/2020/CVE-2020-12720.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-12720 cwe-id: CWE-306 - epss-score: 0.90609 - epss-percentile: 0.98582 + epss-score: 0.8836 + epss-percentile: 0.98614 cpe: cpe:2.3:a:vbulletin:vbulletin:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-13117.yaml b/http/cves/2020/CVE-2020-13117.yaml index b8c7ccfc39..e8bf9137b5 100644 --- a/http/cves/2020/CVE-2020-13117.yaml +++ b/http/cves/2020/CVE-2020-13117.yaml @@ -12,13 +12,16 @@ info: reference: - https://blog.0xlabs.com/2021/02/wavlink-rce-CVE-2020-13117.html - https://nvd.nist.gov/vuln/detail/CVE-2020-13117 + - https://github.com/20142995/sectool + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2020-13117 cwe-id: CWE-77 - epss-score: 0.06438 - epss-percentile: 0.92985 + epss-score: 0.07866 + epss-percentile: 0.94083 cpe: cpe:2.3:o:wavlink:wn575a4_firmware:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-13121.yaml b/http/cves/2020/CVE-2020-13121.yaml index 05c3bcad0b..964f577ed1 100644 --- a/http/cves/2020/CVE-2020-13121.yaml +++ b/http/cves/2020/CVE-2020-13121.yaml @@ -12,13 +12,14 @@ info: reference: - https://github.com/Submitty/Submitty/issues/5265 - https://nvd.nist.gov/vuln/detail/CVE-2020-13121 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2020-13121 cwe-id: CWE-601 epss-score: 0.00235 - epss-percentile: 0.61642 + epss-percentile: 0.60944 cpe: cpe:2.3:a:rcos:submitty:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-13158.yaml b/http/cves/2020/CVE-2020-13158.yaml index e51e364b0b..dc04180120 100644 --- a/http/cves/2020/CVE-2020-13158.yaml +++ b/http/cves/2020/CVE-2020-13158.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2020-13158 cwe-id: CWE-22 - epss-score: 0.01736 - epss-percentile: 0.86596 + epss-score: 0.96791 + epss-percentile: 0.99659 cpe: cpe:2.3:a:articatech:artica_proxy:*:*:*:*:community:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-13258.yaml b/http/cves/2020/CVE-2020-13258.yaml index 3e3d614096..041616da13 100644 --- a/http/cves/2020/CVE-2020-13258.yaml +++ b/http/cves/2020/CVE-2020-13258.yaml @@ -13,13 +13,15 @@ info: reference: - https://github.com/contentful/the-example-app.py/issues/44 - https://nvd.nist.gov/vuln/detail/CVE-2020-13258 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2020-13258 cwe-id: CWE-79 epss-score: 0.00464 - epss-percentile: 0.72797 + epss-percentile: 0.7492 cpe: cpe:2.3:a:contentful:python_example:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-13483.yaml b/http/cves/2020/CVE-2020-13483.yaml index af53d8142e..500f44b18b 100644 --- a/http/cves/2020/CVE-2020-13483.yaml +++ b/http/cves/2020/CVE-2020-13483.yaml @@ -13,13 +13,15 @@ info: - https://gist.github.com/mariuszpoplwski/ca6258cf00c723184ebd2228ba81f558 - https://twitter.com/brutelogic/status/1483073170827628547 - https://nvd.nist.gov/vuln/detail/CVE-2020-13483 + - https://github.com/afinepl/research + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2020-13483 cwe-id: CWE-79 epss-score: 0.00113 - epss-percentile: 0.44613 + epss-percentile: 0.43845 cpe: cpe:2.3:a:bitrix24:bitrix24:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-13638.yaml b/http/cves/2020/CVE-2020-13638.yaml index 224978e1a5..b1ad7d4e14 100644 --- a/http/cves/2020/CVE-2020-13638.yaml +++ b/http/cves/2020/CVE-2020-13638.yaml @@ -15,8 +15,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-13638 cwe-id: CWE-269 - epss-score: 0.36738 - epss-percentile: 0.96806 + epss-score: 0.39352 + epss-percentile: 0.97152 cpe: cpe:2.3:a:rconfig:rconfig:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-13927.yaml b/http/cves/2020/CVE-2020-13927.yaml index c176a45008..9769828783 100644 --- a/http/cves/2020/CVE-2020-13927.yaml +++ b/http/cves/2020/CVE-2020-13927.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-13927 cwe-id: CWE-1188 - epss-score: 0.96924 - epss-percentile: 0.99665 + epss-score: 0.96246 + epss-percentile: 0.99489 cpe: cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-13937.yaml b/http/cves/2020/CVE-2020-13937.yaml index 9dd9a848f9..7e51cd02e1 100644 --- a/http/cves/2020/CVE-2020-13937.yaml +++ b/http/cves/2020/CVE-2020-13937.yaml @@ -20,8 +20,8 @@ info: cvss-score: 5.3 cve-id: CVE-2020-13937 cwe-id: CWE-922 - epss-score: 0.97404 - epss-percentile: 0.99917 + epss-score: 0.97421 + epss-percentile: 0.99929 cpe: cpe:2.3:a:apache:kylin:2.0.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-13945.yaml b/http/cves/2020/CVE-2020-13945.yaml index 53663308a4..7572852768 100644 --- a/http/cves/2020/CVE-2020-13945.yaml +++ b/http/cves/2020/CVE-2020-13945.yaml @@ -14,13 +14,14 @@ info: - https://lists.apache.org/thread.html/r792feb29964067a4108f53e8579a1e9bd1c8b5b9bc95618c814faf2f%40%3Cdev.apisix.apache.org%3E - http://packetstormsecurity.com/files/166228/Apache-APISIX-Remote-Code-Execution.html - https://nvd.nist.gov/vuln/detail/CVE-2020-13945 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N cvss-score: 6.5 cve-id: CVE-2020-13945 cwe-id: CWE-522 - epss-score: 0.00587 - epss-percentile: 0.7581 + epss-score: 0.00838 + epss-percentile: 0.81705 cpe: cpe:2.3:a:apache:apisix:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-14181.yaml b/http/cves/2020/CVE-2020-14181.yaml index 06433e7ae5..dbdaccd5c1 100644 --- a/http/cves/2020/CVE-2020-14181.yaml +++ b/http/cves/2020/CVE-2020-14181.yaml @@ -20,8 +20,8 @@ info: cvss-score: 5.3 cve-id: CVE-2020-14181 cwe-id: CWE-200 - epss-score: 0.96363 - epss-percentile: 0.9946 + epss-score: 0.95919 + epss-percentile: 0.99412 cpe: cpe:2.3:a:atlassian:data_center:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-14413.yaml b/http/cves/2020/CVE-2020-14413.yaml index e03f4531d9..b0a7a8cadb 100644 --- a/http/cves/2020/CVE-2020-14413.yaml +++ b/http/cves/2020/CVE-2020-14413.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2020-14413 cwe-id: CWE-79 epss-score: 0.00095 - epss-percentile: 0.39687 + epss-percentile: 0.38971 cpe: cpe:2.3:a:nedi:nedi:1.9c:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-14864.yaml b/http/cves/2020/CVE-2020-14864.yaml index b9bfd66c31..4ceb2c6393 100644 --- a/http/cves/2020/CVE-2020-14864.yaml +++ b/http/cves/2020/CVE-2020-14864.yaml @@ -13,13 +13,15 @@ info: - http://packetstormsecurity.com/files/159748/Oracle-Business-Intelligence-Enterprise-Edition-5.5.0.0.0-12.2.1.3.0-12.2.1.4.0-LFI.html - https://www.oracle.com/security-alerts/cpuoct2020.html - https://nvd.nist.gov/vuln/detail/CVE-2020-14864 + - https://github.com/merlinepedra/nuclei-templates + - https://github.com/sobinge/nuclei-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2020-14864 cwe-id: CWE-22 - epss-score: 0.21848 - epss-percentile: 0.96018 + epss-score: 0.4541 + epss-percentile: 0.97318 cpe: cpe:2.3:a:oracle:business_intelligence:5.5.0.0.0:*:*:*:enterprise:*:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-14883.yaml b/http/cves/2020/CVE-2020-14883.yaml index 68f7237bcd..c60b67b6b6 100644 --- a/http/cves/2020/CVE-2020-14883.yaml +++ b/http/cves/2020/CVE-2020-14883.yaml @@ -15,12 +15,13 @@ info: - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14883 - https://www.oracle.com/security-alerts/cpuoct2020.html - http://packetstormsecurity.com/files/160143/Oracle-WebLogic-Server-Administration-Console-Handle-Remote-Code-Execution.html + - https://github.com/1n7erface/PocList classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H cvss-score: 7.2 cve-id: CVE-2020-14883 - epss-score: 0.97297 - epss-percentile: 0.9985 + epss-score: 0.97498 + epss-percentile: 0.99975 cpe: cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-15050.yaml b/http/cves/2020/CVE-2020-15050.yaml index a20b6dbd1e..4d23d3274f 100644 --- a/http/cves/2020/CVE-2020-15050.yaml +++ b/http/cves/2020/CVE-2020-15050.yaml @@ -13,13 +13,14 @@ info: - http://packetstormsecurity.com/files/158576/Bio-Star-2.8.2-Local-File-Inclusion.html - https://www.supremainc.com/en/support/biostar-2-pakage.asp - https://nvd.nist.gov/vuln/detail/CVE-2020-15050 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2020-15050 cwe-id: CWE-22 - epss-score: 0.4691 - epss-percentile: 0.97123 + epss-score: 0.55214 + epss-percentile: 0.97597 cpe: cpe:2.3:a:supremainc:biostar_2:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-15148.yaml b/http/cves/2020/CVE-2020-15148.yaml index 9206260a78..658e9a7d1f 100644 --- a/http/cves/2020/CVE-2020-15148.yaml +++ b/http/cves/2020/CVE-2020-15148.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2020-15148 cwe-id: CWE-502 epss-score: 0.02081 - epss-percentile: 0.87922 + epss-percentile: 0.88831 cpe: cpe:2.3:a:yiiframework:yii:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-15227.yaml b/http/cves/2020/CVE-2020-15227.yaml index f9cb43a9be..f22f4472ee 100644 --- a/http/cves/2020/CVE-2020-15227.yaml +++ b/http/cves/2020/CVE-2020-15227.yaml @@ -19,16 +19,16 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2020-15227 - cwe-id: CWE-74,CWE-94 - epss-score: 0.97307 - epss-percentile: 0.99855 + cwe-id: CWE-94,CWE-74 + epss-score: 0.97285 + epss-percentile: 0.99849 cpe: cpe:2.3:a:nette:application:*:*:*:*:*:*:*:* metadata: + verified: true max-request: 1 vendor: nette product: application fofa-query: app="nette-Framework" - verified: true tags: cve2020,cve,nette,rce http: diff --git a/http/cves/2020/CVE-2020-15568.yaml b/http/cves/2020/CVE-2020-15568.yaml index ca5efedc99..7a67623c91 100644 --- a/http/cves/2020/CVE-2020-15568.yaml +++ b/http/cves/2020/CVE-2020-15568.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-15568 cwe-id: CWE-913 - epss-score: 0.96535 - epss-percentile: 0.9952 + epss-score: 0.96623 + epss-percentile: 0.99607 cpe: cpe:2.3:o:terra-master:tos:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-15895.yaml b/http/cves/2020/CVE-2020-15895.yaml index ef80f5eaa7..8e94e067ce 100644 --- a/http/cves/2020/CVE-2020-15895.yaml +++ b/http/cves/2020/CVE-2020-15895.yaml @@ -14,13 +14,14 @@ info: - https://research.loginsoft.com/bugs/multiple-vulnerabilities-discovered-in-the-d-link-firmware-dir-816l/ - https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10169 - https://nvd.nist.gov/vuln/detail/CVE-2020-15895 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2020-15895 cwe-id: CWE-79 epss-score: 0.00187 - epss-percentile: 0.56008 + epss-percentile: 0.55045 cpe: cpe:2.3:o:dlink:dir-816l_firmware:2.06:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-16139.yaml b/http/cves/2020/CVE-2020-16139.yaml index c42a3a54fc..0bf595dd06 100644 --- a/http/cves/2020/CVE-2020-16139.yaml +++ b/http/cves/2020/CVE-2020-16139.yaml @@ -14,12 +14,14 @@ info: - http://packetstormsecurity.com/files/158819/Cisco-7937G-Denial-Of-Service.html - https://www.cisco.com/c/en/us/products/collateral/collaboration-endpoints/unified-ip-phone-7940g/end_of_life_notice_c51-729487.html - https://nvd.nist.gov/vuln/detail/CVE-2020-16139 + - https://github.com/anonymous364872/Rapier_Tool + - https://github.com/blacklanternsecurity/Cisco-7937G-PoCs classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H cvss-score: 7.5 cve-id: CVE-2020-16139 - epss-score: 0.04525 - epss-percentile: 0.91637 + epss-score: 0.06015 + epss-percentile: 0.93331 cpe: cpe:2.3:o:cisco:unified_ip_conference_station_7937g_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-16846.yaml b/http/cves/2020/CVE-2020-16846.yaml index 9ca5afb5a1..7eae0a6573 100644 --- a/http/cves/2020/CVE-2020-16846.yaml +++ b/http/cves/2020/CVE-2020-16846.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2020-16846 cwe-id: CWE-78 epss-score: 0.97467 - epss-percentile: 0.99959 + epss-percentile: 0.99957 cpe: cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-16952.yaml b/http/cves/2020/CVE-2020-16952.yaml index c181e875ac..6b0acdd9f2 100644 --- a/http/cves/2020/CVE-2020-16952.yaml +++ b/http/cves/2020/CVE-2020-16952.yaml @@ -14,13 +14,14 @@ info: - https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16952 - https://github.com/rapid7/metasploit-framework/blob/1a341ae93191ac5f6d8a9603aebb6b3a1f65f107/documentation/modules/exploit/windows/http/sharepoint_ssi_viewstate.md - https://nvd.nist.gov/vuln/detail/CVE-2020-16952 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L cvss-score: 8.6 cve-id: CVE-2020-16952 cwe-id: CWE-346 - epss-score: 0.92144 - epss-percentile: 0.9874 + epss-score: 0.90125 + epss-percentile: 0.9872 cpe: cpe:2.3:a:microsoft:sharepoint_enterprise_server:2016:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-17453.yaml b/http/cves/2020/CVE-2020-17453.yaml index 6351d60402..71fea8d563 100644 --- a/http/cves/2020/CVE-2020-17453.yaml +++ b/http/cves/2020/CVE-2020-17453.yaml @@ -14,13 +14,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2020-17453 - https://twitter.com/JacksonHHax/status/1374681422678519813 - https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2021/WSO2-2020-1132/ + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2020-17453 cwe-id: CWE-79 epss-score: 0.00845 - epss-percentile: 0.80281 + epss-percentile: 0.81776 cpe: cpe:2.3:a:wso2:api_manager:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-17456.yaml b/http/cves/2020/CVE-2020-17456.yaml index a263299250..8a45f0858c 100644 --- a/http/cves/2020/CVE-2020-17456.yaml +++ b/http/cves/2020/CVE-2020-17456.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-17456 cwe-id: CWE-78 - epss-score: 0.97022 - epss-percentile: 0.997 + epss-score: 0.96263 + epss-percentile: 0.99495 cpe: cpe:2.3:o:seowonintech:slc-130_firmware:-:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-17463.yaml b/http/cves/2020/CVE-2020-17463.yaml index 990bb6b844..0923aee5b9 100644 --- a/http/cves/2020/CVE-2020-17463.yaml +++ b/http/cves/2020/CVE-2020-17463.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-17463 cwe-id: CWE-89 - epss-score: 0.92663 - epss-percentile: 0.98812 + epss-score: 0.94399 + epss-percentile: 0.99154 cpe: cpe:2.3:a:thedaylightstudio:fuel_cms:1.4.7:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-17496.yaml b/http/cves/2020/CVE-2020-17496.yaml index 4f613f05d0..aa7d9c461a 100644 --- a/http/cves/2020/CVE-2020-17496.yaml +++ b/http/cves/2020/CVE-2020-17496.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-17496 cwe-id: CWE-74 - epss-score: 0.97458 - epss-percentile: 0.99954 + epss-score: 0.97451 + epss-percentile: 0.99949 cpe: cpe:2.3:a:vbulletin:vbulletin:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-17506.yaml b/http/cves/2020/CVE-2020-17506.yaml index 9fb2ec1a9e..cbdd15cbc8 100644 --- a/http/cves/2020/CVE-2020-17506.yaml +++ b/http/cves/2020/CVE-2020-17506.yaml @@ -13,13 +13,15 @@ info: - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17506 - http://packetstormsecurity.com/files/158868/Artica-Proxy-4.3.0-Authentication-Bypass.html - https://blog.max0x4141.com/post/artica_proxy/ + - https://github.com/hangmansROP/proof-of-concepts + - https://github.com/merlinepedra/nuclei-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2020-17506 cwe-id: CWE-89 - epss-score: 0.96414 - epss-percentile: 0.99468 + epss-score: 0.96009 + epss-percentile: 0.99439 cpe: cpe:2.3:a:articatech:web_proxy:4.30.000000:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-17530.yaml b/http/cves/2020/CVE-2020-17530.yaml index ab71f0058f..07c7adf338 100644 --- a/http/cves/2020/CVE-2020-17530.yaml +++ b/http/cves/2020/CVE-2020-17530.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-17530 cwe-id: CWE-917 - epss-score: 0.97035 - epss-percentile: 0.99705 + epss-score: 0.97232 + epss-percentile: 0.99826 cpe: cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-18268.yaml b/http/cves/2020/CVE-2020-18268.yaml index 245eb6ce90..4299ddbf54 100644 --- a/http/cves/2020/CVE-2020-18268.yaml +++ b/http/cves/2020/CVE-2020-18268.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2020-18268 cwe-id: CWE-601 - epss-score: 0.00138 - epss-percentile: 0.49329 + epss-score: 0.00147 + epss-percentile: 0.49792 cpe: cpe:2.3:a:zblogcn:z-blogphp:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-19282.yaml b/http/cves/2020/CVE-2020-19282.yaml index eaa77e399a..187836d75a 100644 --- a/http/cves/2020/CVE-2020-19282.yaml +++ b/http/cves/2020/CVE-2020-19282.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2020-19282 cwe-id: CWE-79 epss-score: 0.00135 - epss-percentile: 0.48638 + epss-percentile: 0.47808 cpe: cpe:2.3:a:jeesns:jeesns:1.4.2:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-19283.yaml b/http/cves/2020/CVE-2020-19283.yaml index d188177eb4..09beac340c 100644 --- a/http/cves/2020/CVE-2020-19283.yaml +++ b/http/cves/2020/CVE-2020-19283.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2020-19283 cwe-id: CWE-79 epss-score: 0.00135 - epss-percentile: 0.48638 + epss-percentile: 0.47808 cpe: cpe:2.3:a:jeesns:jeesns:1.4.2:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-19295.yaml b/http/cves/2020/CVE-2020-19295.yaml index d3b635f9dc..9c8b53dcbe 100644 --- a/http/cves/2020/CVE-2020-19295.yaml +++ b/http/cves/2020/CVE-2020-19295.yaml @@ -13,13 +13,14 @@ info: - https://github.com/zchuanzhao/jeesns/issues/21 - https://www.seebug.org/vuldb/ssvid-97950 - https://nvd.nist.gov/vuln/detail/CVE-2020-19295 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2020-19295 cwe-id: CWE-79 epss-score: 0.00116 - epss-percentile: 0.45185 + epss-percentile: 0.44405 cpe: cpe:2.3:a:jeesns:jeesns:1.4.2:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-19360.yaml b/http/cves/2020/CVE-2020-19360.yaml index 92372a1a5a..6da41388c9 100644 --- a/http/cves/2020/CVE-2020-19360.yaml +++ b/http/cves/2020/CVE-2020-19360.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-19360 cwe-id: CWE-22 epss-score: 0.05104 - epss-percentile: 0.92174 + epss-percentile: 0.92761 cpe: cpe:2.3:a:fhem:fhem:6.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-1943.yaml b/http/cves/2020/CVE-2020-1943.yaml index fff6c37cee..67c4b63780 100644 --- a/http/cves/2020/CVE-2020-1943.yaml +++ b/http/cves/2020/CVE-2020-1943.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2020-1943 cwe-id: CWE-79 - epss-score: 0.43119 - epss-percentile: 0.97011 + epss-score: 0.50879 + epss-percentile: 0.97475 cpe: cpe:2.3:a:apache:ofbiz:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-1956.yaml b/http/cves/2020/CVE-2020-1956.yaml index f88f300c7a..9918b13625 100644 --- a/http/cves/2020/CVE-2020-1956.yaml +++ b/http/cves/2020/CVE-2020-1956.yaml @@ -21,8 +21,8 @@ info: cvss-score: 8.8 cve-id: CVE-2020-1956 cwe-id: CWE-78 - epss-score: 0.97414 - epss-percentile: 0.99923 + epss-score: 0.97374 + epss-percentile: 0.99898 cpe: cpe:2.3:a:apache:kylin:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-19625.yaml b/http/cves/2020/CVE-2020-19625.yaml index 746196e7b7..6f2ec8e84d 100644 --- a/http/cves/2020/CVE-2020-19625.yaml +++ b/http/cves/2020/CVE-2020-19625.yaml @@ -20,8 +20,8 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2020-19625 - epss-score: 0.78777 - epss-percentile: 0.97997 + epss-score: 0.83118 + epss-percentile: 0.98347 cpe: cpe:2.3:a:gridx_project:gridx:1.3:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-20300.yaml b/http/cves/2020/CVE-2020-20300.yaml index f9f25b59b8..c5b5671190 100644 --- a/http/cves/2020/CVE-2020-20300.yaml +++ b/http/cves/2020/CVE-2020-20300.yaml @@ -13,13 +13,15 @@ info: - https://github.com/Y4er/Y4er.com/blob/15f49973707f9d526a059470a074cb6e38a0e1ba/content/post/weiphp-exp-sql.md - https://nvd.nist.gov/vuln/detail/CVE-2020-20300 - https://github.com/Y4er/Y4er.com/blob/master/content/post/weiphp-exp-sql.md + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2020-20300 cwe-id: CWE-89 - epss-score: 0.16123 - epss-percentile: 0.95461 + epss-score: 0.20647 + epss-percentile: 0.96263 cpe: cpe:2.3:a:weiphp:weiphp:5.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-2036.yaml b/http/cves/2020/CVE-2020-2036.yaml index 9a8e9b252b..b77b53e762 100644 --- a/http/cves/2020/CVE-2020-2036.yaml +++ b/http/cves/2020/CVE-2020-2036.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2020-2036 cwe-id: CWE-79 epss-score: 0.03232 - epss-percentile: 0.9028 + epss-percentile: 0.91005 cpe: cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2020/CVE-2020-2096.yaml b/http/cves/2020/CVE-2020-2096.yaml index 6f3e8b1bd2..cb1a0419b1 100644 --- a/http/cves/2020/CVE-2020-2096.yaml +++ b/http/cves/2020/CVE-2020-2096.yaml @@ -14,13 +14,14 @@ info: - http://www.openwall.com/lists/oss-security/2020/01/15/1 - http://packetstormsecurity.com/files/155967/Jenkins-Gitlab-Hook-1.4.2-Cross-Site-Scripting.html - https://nvd.nist.gov/vuln/detail/CVE-2020-2096 + - https://github.com/Elsfa7-110/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2020-2096 cwe-id: CWE-79 epss-score: 0.96965 - epss-percentile: 0.99675 + epss-percentile: 0.99712 cpe: cpe:2.3:a:jenkins:gitlab_hook:*:*:*:*:*:jenkins:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-21012.yaml b/http/cves/2020/CVE-2020-21012.yaml index e0ab08b3fa..9240b09b07 100644 --- a/http/cves/2020/CVE-2020-21012.yaml +++ b/http/cves/2020/CVE-2020-21012.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-21012 cwe-id: CWE-89 - epss-score: 0.05566 - epss-percentile: 0.9252 + epss-score: 0.07235 + epss-percentile: 0.93887 cpe: cpe:2.3:a:hotel_and_lodge_booking_management_system_project:hotel_and_lodge_booking_management_system:2.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-2103.yaml b/http/cves/2020/CVE-2020-2103.yaml index e0b8458ca3..a5afdfa182 100644 --- a/http/cves/2020/CVE-2020-2103.yaml +++ b/http/cves/2020/CVE-2020-2103.yaml @@ -20,8 +20,8 @@ info: cvss-score: 5.4 cve-id: CVE-2020-2103 cwe-id: CWE-200 - epss-score: 0.01531 - epss-percentile: 0.85676 + epss-score: 0.00534 + epss-percentile: 0.76681 cpe: cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-21224.yaml b/http/cves/2020/CVE-2020-21224.yaml index 927bc62f48..905fb389a5 100644 --- a/http/cves/2020/CVE-2020-21224.yaml +++ b/http/cves/2020/CVE-2020-21224.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-21224 cwe-id: CWE-88 - epss-score: 0.04142 - epss-percentile: 0.91341 + epss-score: 0.04664 + epss-percentile: 0.92423 cpe: cpe:2.3:a:inspur:clusterengine:4.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-2140.yaml b/http/cves/2020/CVE-2020-2140.yaml index a28ce0d6e2..2e3c00cfa5 100644 --- a/http/cves/2020/CVE-2020-2140.yaml +++ b/http/cves/2020/CVE-2020-2140.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-2140 cwe-id: CWE-79 epss-score: 0.00181 - epss-percentile: 0.55477 + epss-percentile: 0.54462 cpe: cpe:2.3:a:jenkins:audit_trail:*:*:*:*:*:jenkins:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-22209.yaml b/http/cves/2020/CVE-2020-22209.yaml index 527d5551a5..f75d20436b 100644 --- a/http/cves/2020/CVE-2020-22209.yaml +++ b/http/cves/2020/CVE-2020-22209.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-22209 cwe-id: CWE-89 - epss-score: 0.20254 - epss-percentile: 0.95933 + epss-score: 0.15522 + epss-percentile: 0.95775 cpe: cpe:2.3:a:74cms:74cms:3.2.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-23015.yaml b/http/cves/2020/CVE-2020-23015.yaml index e258fc19c7..ec75e5aef7 100644 --- a/http/cves/2020/CVE-2020-23015.yaml +++ b/http/cves/2020/CVE-2020-23015.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-23015 cwe-id: CWE-601 epss-score: 0.00179 - epss-percentile: 0.55193 + epss-percentile: 0.54178 cpe: cpe:2.3:a:opnsense:opnsense:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-23517.yaml b/http/cves/2020/CVE-2020-23517.yaml index 4dda20d7f8..1abfb0fce0 100644 --- a/http/cves/2020/CVE-2020-23517.yaml +++ b/http/cves/2020/CVE-2020-23517.yaml @@ -12,13 +12,16 @@ info: reference: - https://vulnerabilitypublishing.blogspot.com/2021/03/aryanic-highmail-high-cms-reflected.html - https://nvd.nist.gov/vuln/detail/CVE-2020-23517 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/Elsfa7-110/kenzer-templates + - https://github.com/d4n-sec/d4n-sec.github.io classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2020-23517 cwe-id: CWE-79 epss-score: 0.00132 - epss-percentile: 0.47953 + epss-percentile: 0.47292 cpe: cpe:2.3:a:aryanic:high_cms:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-23972.yaml b/http/cves/2020/CVE-2020-23972.yaml index 9b3e9810cb..92ef711f50 100644 --- a/http/cves/2020/CVE-2020-23972.yaml +++ b/http/cves/2020/CVE-2020-23972.yaml @@ -16,13 +16,14 @@ info: - https://raw.githubusercontent.com/me4yoursecurity/Reports/master/README.md - http://packetstormsecurity.com/files/159072/Joomla-GMapFP-J3.5-J3.5F-Arbitrary-File-Upload.html - https://nvd.nist.gov/vuln/detail/CVE-2020-23972 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N cvss-score: 7.5 cve-id: CVE-2020-23972 cwe-id: CWE-434 - epss-score: 0.5953 - epss-percentile: 0.97461 + epss-score: 0.53621 + epss-percentile: 0.9756 cpe: cpe:2.3:a:gmapfp:gmapfp:j3.5:*:*:*:-:joomla\!:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-24148.yaml b/http/cves/2020/CVE-2020-24148.yaml index 6ff348c34f..0ac4787c65 100644 --- a/http/cves/2020/CVE-2020-24148.yaml +++ b/http/cves/2020/CVE-2020-24148.yaml @@ -5,29 +5,29 @@ info: author: dwisiswant0 severity: critical description: WordPress plugin Import XML and RSS Feeds (import-xml-feed) plugin 2.0.1 contains a server-side request forgery (SSRF) vulnerability via the data parameter in a moove_read_xml action. + remediation: | + Update to the latest version of the Import XML & RSS Feeds WordPress Plugin (2.0.2 or higher) to mitigate the vulnerability. reference: - https://github.com/dwisiswant0/CVE-2020-24148 - https://wordpress.org/plugins/import-xml-feed/#developers - https://nvd.nist.gov/vuln/detail/CVE-2020-24148 - https://github.com/secwx/research/blob/main/cve/CVE-2020-24148.md - remediation: | - Update to the latest version of the Import XML & RSS Feeds WordPress Plugin (2.0.2 or higher) to mitigate the vulnerability. + - https://github.com/nomi-sec/PoC-in-GitHub classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H cvss-score: 9.1 cve-id: CVE-2020-24148 cwe-id: CWE-918 + epss-score: 0.15451 + epss-percentile: 0.95765 cpe: cpe:2.3:a:mooveagency:import_xml_and_rss_feeds:2.0.1:*:*:*:*:wordpress:*:* - epss-score: 0.10229 - epss-percentile: 0.94371 metadata: - fofa-query: body="import-xml-feed" - framework: wordpress max-request: 2 - product: import_xml_and_rss_feeds vendor: mooveagency + product: import_xml_and_rss_feeds + framework: wordpress + fofa-query: body="import-xml-feed" tags: cve,cve2020,wordpress,wp-plugin,ssrf,mooveagency - flow: http(1) && http(2) http: diff --git a/http/cves/2020/CVE-2020-24186.yaml b/http/cves/2020/CVE-2020-24186.yaml index 7daf018d96..785864a1c6 100644 --- a/http/cves/2020/CVE-2020-24186.yaml +++ b/http/cves/2020/CVE-2020-24186.yaml @@ -14,13 +14,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2020-24186 - https://www.wordfence.com/blog/2020/07/critical-arbitrary-file-upload-vulnerability-patched-in-wpdiscuz-plugin/ - http://packetstormsecurity.com/files/162983/WordPress-wpDiscuz-7.0.4-Shell-Upload.html + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H cvss-score: 10 cve-id: CVE-2020-24186 cwe-id: CWE-434 - epss-score: 0.97374 - epss-percentile: 0.99893 + epss-score: 0.97448 + epss-percentile: 0.99947 cpe: cpe:2.3:a:gvectors:wpdiscuz:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-24223.yaml b/http/cves/2020/CVE-2020-24223.yaml index 6fa05cc94d..cea31e69d2 100644 --- a/http/cves/2020/CVE-2020-24223.yaml +++ b/http/cves/2020/CVE-2020-24223.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-24223 cwe-id: CWE-79 epss-score: 0.0069 - epss-percentile: 0.79602 + epss-percentile: 0.79693 cpe: cpe:2.3:a:mara_cms_project:mara_cms:7.5:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-24391.yaml b/http/cves/2020/CVE-2020-24391.yaml index 8702004e34..5d2482840d 100644 --- a/http/cves/2020/CVE-2020-24391.yaml +++ b/http/cves/2020/CVE-2020-24391.yaml @@ -19,8 +19,8 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2020-24391 - epss-score: 0.48716 - epss-percentile: 0.97207 + epss-score: 0.55667 + epss-percentile: 0.97606 cpe: cpe:2.3:a:mongo-express_project:mongo-express:*:*:*:*:*:node.js:*:* metadata: max-request: 3 diff --git a/http/cves/2020/CVE-2020-24571.yaml b/http/cves/2020/CVE-2020-24571.yaml index 4169d1c502..36def8f5dc 100644 --- a/http/cves/2020/CVE-2020-24571.yaml +++ b/http/cves/2020/CVE-2020-24571.yaml @@ -12,13 +12,16 @@ info: reference: - https://www.nexusdb.com/mantis/bug_view_advanced_page.php?bug_id=2371 - https://nvd.nist.gov/vuln/detail/CVE-2020-24571 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/HimmelAward/Goby_POC + - https://github.com/StarCrossPortal/scalpel classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2020-24571 cwe-id: CWE-22 - epss-score: 0.04939 - epss-percentile: 0.92017 + epss-score: 0.09103 + epss-percentile: 0.94485 cpe: cpe:2.3:a:nexusdb:nexusdb:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-24579.yaml b/http/cves/2020/CVE-2020-24579.yaml index 6f610f68fb..7c7e532324 100644 --- a/http/cves/2020/CVE-2020-24579.yaml +++ b/http/cves/2020/CVE-2020-24579.yaml @@ -13,13 +13,15 @@ info: - https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/d-link-multiple-security-vulnerabilities-leading-to-rce/ - https://www.trustwave.com/en-us/resources/security-resources/security-advisories/ - https://nvd.nist.gov/vuln/detail/CVE-2020-24579 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/Elsfa7-110/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.8 cve-id: CVE-2020-24579 cwe-id: CWE-287 epss-score: 0.04563 - epss-percentile: 0.91666 + epss-percentile: 0.9232 cpe: cpe:2.3:o:dlink:dsl2888a_firmware:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-24589.yaml b/http/cves/2020/CVE-2020-24589.yaml index 32f0a30ee3..3199e160d5 100644 --- a/http/cves/2020/CVE-2020-24589.yaml +++ b/http/cves/2020/CVE-2020-24589.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.1 cve-id: CVE-2020-24589 cwe-id: CWE-611 - epss-score: 0.65062 - epss-percentile: 0.97613 + epss-score: 0.65955 + epss-percentile: 0.97835 cpe: cpe:2.3:a:wso2:api_manager:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-24701.yaml b/http/cves/2020/CVE-2020-24701.yaml index 52625ac178..073da25b17 100644 --- a/http/cves/2020/CVE-2020-24701.yaml +++ b/http/cves/2020/CVE-2020-24701.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2020-24701 cwe-id: CWE-79 epss-score: 0.00818 - epss-percentile: 0.79991 + epss-percentile: 0.81463 cpe: cpe:2.3:a:open-xchange:open-xchange_appsuite:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-24902.yaml b/http/cves/2020/CVE-2020-24902.yaml index 7c3eba56a0..5bf01eb016 100644 --- a/http/cves/2020/CVE-2020-24902.yaml +++ b/http/cves/2020/CVE-2020-24902.yaml @@ -13,13 +13,14 @@ info: reference: - https://dl.packetstormsecurity.net/1804-exploits/quixplorer241beta-xss.txt - https://nvd.nist.gov/vuln/detail/CVE-2020-24902 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2020-24902 cwe-id: CWE-79 epss-score: 0.00195 - epss-percentile: 0.57403 + epss-percentile: 0.56453 cpe: cpe:2.3:a:quixplorer_project:quixplorer:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-24903.yaml b/http/cves/2020/CVE-2020-24903.yaml index c292c7c9b3..12ed3c6bd1 100644 --- a/http/cves/2020/CVE-2020-24903.yaml +++ b/http/cves/2020/CVE-2020-24903.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2020-24903 cwe-id: CWE-79 epss-score: 0.00269 - epss-percentile: 0.64417 + epss-percentile: 0.67095 cpe: cpe:2.3:a:cutesoft:cute_editor:6.4:*:*:*:*:asp.net:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-24912.yaml b/http/cves/2020/CVE-2020-24912.yaml index eae1fcc7a3..26e6baa8d3 100644 --- a/http/cves/2020/CVE-2020-24912.yaml +++ b/http/cves/2020/CVE-2020-24912.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2020-24912 cwe-id: CWE-79 - epss-score: 0.0018 - epss-percentile: 0.55295 + epss-score: 0.00346 + epss-percentile: 0.7108 cpe: cpe:2.3:a:qcubed:qcubed:*:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2020/CVE-2020-24949.yaml b/http/cves/2020/CVE-2020-24949.yaml index dd4e14e331..615d74e53e 100644 --- a/http/cves/2020/CVE-2020-24949.yaml +++ b/http/cves/2020/CVE-2020-24949.yaml @@ -20,8 +20,8 @@ info: cvss-score: 8.8 cve-id: CVE-2020-24949 cwe-id: CWE-77 - epss-score: 0.96298 - epss-percentile: 0.99435 + epss-score: 0.95694 + epss-percentile: 0.99372 cpe: cpe:2.3:a:php-fusion:php-fusion:9.03.50:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-25078.yaml b/http/cves/2020/CVE-2020-25078.yaml index d2cae6142e..2eaec126e8 100644 --- a/http/cves/2020/CVE-2020-25078.yaml +++ b/http/cves/2020/CVE-2020-25078.yaml @@ -19,8 +19,8 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2020-25078 - epss-score: 0.80702 - epss-percentile: 0.98057 + epss-score: 0.82526 + epss-percentile: 0.98323 cpe: cpe:2.3:o:dlink:dcs-2530l_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-25506.yaml b/http/cves/2020/CVE-2020-25506.yaml index eac658a3c3..34ae19c268 100644 --- a/http/cves/2020/CVE-2020-25506.yaml +++ b/http/cves/2020/CVE-2020-25506.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-25506 cwe-id: CWE-78 - epss-score: 0.9743 - epss-percentile: 0.99933 + epss-score: 0.97383 + epss-percentile: 0.99903 cpe: cpe:2.3:o:dlink:dns-320_firmware:2.06b01:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-25540.yaml b/http/cves/2020/CVE-2020-25540.yaml index 3a90d7eb92..530f95943d 100644 --- a/http/cves/2020/CVE-2020-25540.yaml +++ b/http/cves/2020/CVE-2020-25540.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2020-25540 cwe-id: CWE-22 - epss-score: 0.96345 - epss-percentile: 0.99454 + epss-score: 0.96711 + epss-percentile: 0.99631 cpe: cpe:2.3:a:thinkadmin:thinkadmin:6.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-25780.yaml b/http/cves/2020/CVE-2020-25780.yaml index 20447cfb02..5bc440de62 100644 --- a/http/cves/2020/CVE-2020-25780.yaml +++ b/http/cves/2020/CVE-2020-25780.yaml @@ -13,13 +13,15 @@ info: - https://srcincite.io/blog/2021/11/22/unlocking-the-vault.html - http://kb.commvault.com/article/63264 - https://nvd.nist.gov/vuln/detail/CVE-2020-25780 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2020-25780 cwe-id: CWE-22 - epss-score: 0.01621 - epss-percentile: 0.86106 + epss-score: 0.04166 + epss-percentile: 0.92003 cpe: cpe:2.3:a:commvault:commcell:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-25864.yaml b/http/cves/2020/CVE-2020-25864.yaml index 172b7f2d26..afa98d4f71 100644 --- a/http/cves/2020/CVE-2020-25864.yaml +++ b/http/cves/2020/CVE-2020-25864.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-25864 cwe-id: CWE-79 epss-score: 0.00324 - epss-percentile: 0.67732 + epss-percentile: 0.70154 cpe: cpe:2.3:a:hashicorp:consul:*:*:*:*:-:*:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-26217.yaml b/http/cves/2020/CVE-2020-26217.yaml index 12ee4c91b0..9f4fa407fc 100644 --- a/http/cves/2020/CVE-2020-26217.yaml +++ b/http/cves/2020/CVE-2020-26217.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-26217 cwe-id: CWE-78 epss-score: 0.97384 - epss-percentile: 0.999 + epss-percentile: 0.99904 cpe: cpe:2.3:a:xstream_project:xstream:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-26248.yaml b/http/cves/2020/CVE-2020-26248.yaml index 594cc306b5..2608352108 100644 --- a/http/cves/2020/CVE-2020-26248.yaml +++ b/http/cves/2020/CVE-2020-26248.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-26248 cwe-id: CWE-89 epss-score: 0.01617 - epss-percentile: 0.86085 + epss-percentile: 0.87187 cpe: cpe:2.3:a:prestashop:productcomments:*:*:*:*:*:prestashop:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-26258.yaml b/http/cves/2020/CVE-2020-26258.yaml index 42cbe6ad68..eb17b5ee54 100644 --- a/http/cves/2020/CVE-2020-26258.yaml +++ b/http/cves/2020/CVE-2020-26258.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.7 cve-id: CVE-2020-26258 cwe-id: CWE-918 - epss-score: 0.88051 - epss-percentile: 0.98412 + epss-score: 0.90088 + epss-percentile: 0.98718 cpe: cpe:2.3:a:xstream_project:xstream:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-26919.yaml b/http/cves/2020/CVE-2020-26919.yaml index 620a965e03..a20f8e8368 100644 --- a/http/cves/2020/CVE-2020-26919.yaml +++ b/http/cves/2020/CVE-2020-26919.yaml @@ -14,12 +14,13 @@ info: - https://unit42.paloaltonetworks.com/mirai-variant-iot-vulnerabilities/ - https://nvd.nist.gov/vuln/detail/CVE-2020-26919 - https://kb.netgear.com/000062334/Security-Advisory-for-Missing-Function-Level-Access-Control-on-JGS516PE-PSV-2020-0377 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2020-26919 - epss-score: 0.97346 - epss-percentile: 0.99878 + epss-score: 0.97285 + epss-percentile: 0.99849 cpe: cpe:2.3:o:netgear:jgs516pe_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-26948.yaml b/http/cves/2020/CVE-2020-26948.yaml index a13b169ddb..4d2207c93d 100644 --- a/http/cves/2020/CVE-2020-26948.yaml +++ b/http/cves/2020/CVE-2020-26948.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-26948 cwe-id: CWE-918 - epss-score: 0.16155 - epss-percentile: 0.955 + epss-score: 0.1449 + epss-percentile: 0.95606 cpe: cpe:2.3:a:emby:emby:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-27191.yaml b/http/cves/2020/CVE-2020-27191.yaml index 8884bf004b..557c928dbc 100644 --- a/http/cves/2020/CVE-2020-27191.yaml +++ b/http/cves/2020/CVE-2020-27191.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.5 cve-id: CVE-2020-27191 cwe-id: CWE-22 - epss-score: 0.00787 - epss-percentile: 0.79567 + epss-score: 0.01572 + epss-percentile: 0.86986 cpe: cpe:2.3:a:lionwiki:lionwiki:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-2733.yaml b/http/cves/2020/CVE-2020-2733.yaml index caea537191..0602c25b07 100644 --- a/http/cves/2020/CVE-2020-2733.yaml +++ b/http/cves/2020/CVE-2020-2733.yaml @@ -14,12 +14,14 @@ info: - https://redrays.io/cve-2020-2733-jd-edwards/ - https://www.oracle.com/security-alerts/cpuapr2020.html - https://nvd.nist.gov/vuln/detail/CVE-2020-2733 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2020-2733 epss-score: 0.29301 - epss-percentile: 0.96461 + epss-percentile: 0.96779 cpe: cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-27467.yaml b/http/cves/2020/CVE-2020-27467.yaml index 269bd4e2c8..fda0c0b5ce 100644 --- a/http/cves/2020/CVE-2020-27467.yaml +++ b/http/cves/2020/CVE-2020-27467.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2020-27467 cwe-id: CWE-22 - epss-score: 0.01491 - epss-percentile: 0.85503 + epss-score: 0.01056 + epss-percentile: 0.83739 cpe: cpe:2.3:a:processwire:processwire:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-27735.yaml b/http/cves/2020/CVE-2020-27735.yaml index d646b24ae0..103b2965ba 100644 --- a/http/cves/2020/CVE-2020-27735.yaml +++ b/http/cves/2020/CVE-2020-27735.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2020-27735 cwe-id: CWE-79 epss-score: 0.00228 - epss-percentile: 0.61095 + epss-percentile: 0.60318 cpe: cpe:2.3:a:wftpserver:wing_ftp_server:6.4.4:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-27986.yaml b/http/cves/2020/CVE-2020-27986.yaml index 7538b03b08..b9df82318b 100644 --- a/http/cves/2020/CVE-2020-27986.yaml +++ b/http/cves/2020/CVE-2020-27986.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2020-27986 cwe-id: CWE-306 - epss-score: 0.11967 - epss-percentile: 0.94859 + epss-score: 0.25376 + epss-percentile: 0.96582 cpe: cpe:2.3:a:sonarsource:sonarqube:8.4.2.36762:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-28185.yaml b/http/cves/2020/CVE-2020-28185.yaml index 95fe8b2acd..18bb25134f 100644 --- a/http/cves/2020/CVE-2020-28185.yaml +++ b/http/cves/2020/CVE-2020-28185.yaml @@ -21,7 +21,7 @@ info: cvss-score: 5.3 cve-id: CVE-2020-28185 epss-score: 0.00465 - epss-percentile: 0.72891 + epss-percentile: 0.74945 cpe: cpe:2.3:o:terra-master:tos:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-28188.yaml b/http/cves/2020/CVE-2020-28188.yaml index fb1d7278af..1e401dc616 100644 --- a/http/cves/2020/CVE-2020-28188.yaml +++ b/http/cves/2020/CVE-2020-28188.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-28188 cwe-id: CWE-78 epss-score: 0.97279 - epss-percentile: 0.99835 + epss-percentile: 0.99845 cpe: cpe:2.3:o:terra-master:tos:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-28208.yaml b/http/cves/2020/CVE-2020-28208.yaml index d88aead117..fef6430496 100644 --- a/http/cves/2020/CVE-2020-28208.yaml +++ b/http/cves/2020/CVE-2020-28208.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-28208 cwe-id: CWE-203 epss-score: 0.01197 - epss-percentile: 0.83641 + epss-percentile: 0.84869 cpe: cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-28351.yaml b/http/cves/2020/CVE-2020-28351.yaml index 096421e653..5399723738 100644 --- a/http/cves/2020/CVE-2020-28351.yaml +++ b/http/cves/2020/CVE-2020-28351.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-28351 cwe-id: CWE-79 epss-score: 0.0036 - epss-percentile: 0.69254 + epss-percentile: 0.71646 cpe: cpe:2.3:o:mitel:shoretel_firmware:19.46.1802.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-28871.yaml b/http/cves/2020/CVE-2020-28871.yaml index a9114c3ed8..65bc2772f6 100644 --- a/http/cves/2020/CVE-2020-28871.yaml +++ b/http/cves/2020/CVE-2020-28871.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-28871 cwe-id: CWE-434 - epss-score: 0.96996 - epss-percentile: 0.99688 + epss-score: 0.96907 + epss-percentile: 0.99693 cpe: cpe:2.3:a:monitorr:monitorr:1.7.6m:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-28976.yaml b/http/cves/2020/CVE-2020-28976.yaml index a13caba3c1..989df6769d 100644 --- a/http/cves/2020/CVE-2020-28976.yaml +++ b/http/cves/2020/CVE-2020-28976.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-28976 cwe-id: CWE-918 epss-score: 0.00616 - epss-percentile: 0.76542 + epss-percentile: 0.78321 cpe: cpe:2.3:a:canto:canto:1.3.0:*:*:*:*:wordpress:*:* metadata: max-request: 3 diff --git a/http/cves/2020/CVE-2020-29164.yaml b/http/cves/2020/CVE-2020-29164.yaml index 3889d32c51..bf1241fbba 100644 --- a/http/cves/2020/CVE-2020-29164.yaml +++ b/http/cves/2020/CVE-2020-29164.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-29164 cwe-id: CWE-79 epss-score: 0.00205 - epss-percentile: 0.58496 + epss-percentile: 0.5782 cpe: cpe:2.3:a:rainbowfishsoftware:pacsone_server:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-29395.yaml b/http/cves/2020/CVE-2020-29395.yaml index cff3bdebbe..dd63e3b16a 100644 --- a/http/cves/2020/CVE-2020-29395.yaml +++ b/http/cves/2020/CVE-2020-29395.yaml @@ -14,13 +14,14 @@ info: - https://www.myeventon.com/news/ - https://nvd.nist.gov/vuln/detail/CVE-2020-29395 - http://packetstormsecurity.com/files/160282/WordPress-EventON-Calendar-3.0.5-Cross-Site-Scripting.html + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2020-29395 cwe-id: CWE-79 epss-score: 0.05489 - epss-percentile: 0.92451 + epss-percentile: 0.93026 cpe: cpe:2.3:a:myeventon:eventon:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-29583.yaml b/http/cves/2020/CVE-2020-29583.yaml index 0629075174..7ef60b2740 100644 --- a/http/cves/2020/CVE-2020-29583.yaml +++ b/http/cves/2020/CVE-2020-29583.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2020-29583 cwe-id: CWE-522 epss-score: 0.96219 - epss-percentile: 0.99405 + epss-percentile: 0.99483 cpe: cpe:2.3:o:zyxel:usg20-vpn_firmware:4.60:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-29597.yaml b/http/cves/2020/CVE-2020-29597.yaml index 0addeeb82a..4c4a032937 100644 --- a/http/cves/2020/CVE-2020-29597.yaml +++ b/http/cves/2020/CVE-2020-29597.yaml @@ -15,13 +15,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2020-29597 - https://github.com/M4DM0e/m4dm0e.github.io/blob/gh-pages/_posts/2020-12-07-incom-insecure-up.md - https://m4dm0e.github.io/2020/12/07/incom-insecure-up.html + - https://github.com/trhacknon/CVE-2020-29597 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2020-29597 cwe-id: CWE-434 - epss-score: 0.83237 - epss-percentile: 0.98162 + epss-score: 0.78448 + epss-percentile: 0.9817 cpe: cpe:2.3:a:incomcms_project:incomcms:2.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-3187.yaml b/http/cves/2020/CVE-2020-3187.yaml index b95c8f0d52..6f21c44da0 100644 --- a/http/cves/2020/CVE-2020-3187.yaml +++ b/http/cves/2020/CVE-2020-3187.yaml @@ -14,13 +14,14 @@ info: - http://packetstormsecurity.com/files/158648/Cisco-Adaptive-Security-Appliance-Software-9.7-Arbitrary-File-Deletion.html - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-path-JE3azWw43 - https://nvd.nist.gov/vuln/detail/CVE-2020-3187 + - https://github.com/Threekiii/Awesome-POC classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N cvss-score: 9.1 cve-id: CVE-2020-3187 cwe-id: CWE-22 - epss-score: 0.97259 - epss-percentile: 0.99819 + epss-score: 0.97297 + epss-percentile: 0.99857 cpe: cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-35234.yaml b/http/cves/2020/CVE-2020-35234.yaml index 178342f153..93398613bf 100644 --- a/http/cves/2020/CVE-2020-35234.yaml +++ b/http/cves/2020/CVE-2020-35234.yaml @@ -12,13 +12,15 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2020-35234 - https://blog.nintechnet.com/wordpress-easy-wp-smtp-plugin-fixed-zero-day-vulnerability/ - https://wordpress.org/plugins/easy-wp-smtp/#developers + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2020-35234 cwe-id: CWE-532 - epss-score: 0.37453 - epss-percentile: 0.9684 + epss-score: 0.37649 + epss-percentile: 0.97105 cpe: cpe:2.3:a:wp-ecommerce:easy_wp_smtp:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-35338.yaml b/http/cves/2020/CVE-2020-35338.yaml index 99e85910c3..10fa0ce5f3 100644 --- a/http/cves/2020/CVE-2020-35338.yaml +++ b/http/cves/2020/CVE-2020-35338.yaml @@ -13,13 +13,15 @@ info: - https://jeyaseelans.medium.com/cve-2020-35338-9e841f48defa - https://nvd.nist.gov/vuln/detail/CVE-2020-35338 - https://www.mobileviewpoint.com/ + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2020-35338 cwe-id: CWE-798 - epss-score: 0.25616 - epss-percentile: 0.96262 + epss-score: 0.29702 + epss-percentile: 0.96805 cpe: cpe:2.3:a:mobileviewpoint:wireless_multiplex_terminal_playout_server:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-35580.yaml b/http/cves/2020/CVE-2020-35580.yaml index 341a6ee7dc..4a384aab42 100644 --- a/http/cves/2020/CVE-2020-35580.yaml +++ b/http/cves/2020/CVE-2020-35580.yaml @@ -13,13 +13,15 @@ info: - https://hateshape.github.io/general/2021/05/11/CVE-2020-35580.html - https://developer.searchblox.com/docs/getting-started-with-searchblox - https://nvd.nist.gov/vuln/detail/CVE-2020-35580 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2020-35580 cwe-id: CWE-22 - epss-score: 0.02047 - epss-percentile: 0.87773 + epss-score: 0.01833 + epss-percentile: 0.87972 cpe: cpe:2.3:a:searchblox:searchblox:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-35713.yaml b/http/cves/2020/CVE-2020-35713.yaml index 8945d0744a..a63538b0aa 100644 --- a/http/cves/2020/CVE-2020-35713.yaml +++ b/http/cves/2020/CVE-2020-35713.yaml @@ -14,13 +14,14 @@ info: - https://resolverblog.blogspot.com/2020/07/linksys-re6500-unauthenticated-rce-full.html - https://nvd.nist.gov/vuln/detail/CVE-2020-35713 - https://bugcrowd.com/disclosures/72d7246b-f77f-4f7f-9bd1-fdc35663cc92/linksys-re6500-unauthenticated-rce-working-across-multiple-fw-versions + - https://github.com/nomi-sec/PoC-in-GitHub classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2020-35713 cwe-id: CWE-78 - epss-score: 0.9714 - epss-percentile: 0.99756 + epss-score: 0.96729 + epss-percentile: 0.9964 cpe: cpe:2.3:o:linksys:re6500_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-35774.yaml b/http/cves/2020/CVE-2020-35774.yaml index 5b5b29e68e..9920cd0bf1 100644 --- a/http/cves/2020/CVE-2020-35774.yaml +++ b/http/cves/2020/CVE-2020-35774.yaml @@ -21,8 +21,8 @@ info: cvss-score: 5.4 cve-id: CVE-2020-35774 cwe-id: CWE-79 - epss-score: 0.97202 - epss-percentile: 0.9979 + epss-score: 0.97225 + epss-percentile: 0.99823 cpe: cpe:2.3:a:twitter:twitter-server:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-35846.yaml b/http/cves/2020/CVE-2020-35846.yaml index ba1f33d544..7e6f3789f3 100644 --- a/http/cves/2020/CVE-2020-35846.yaml +++ b/http/cves/2020/CVE-2020-35846.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-35846 cwe-id: CWE-89 - epss-score: 0.85589 - epss-percentile: 0.98278 + epss-score: 0.78767 + epss-percentile: 0.98182 cpe: cpe:2.3:a:agentejo:cockpit:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-35847.yaml b/http/cves/2020/CVE-2020-35847.yaml index 0814c91190..444494c079 100644 --- a/http/cves/2020/CVE-2020-35847.yaml +++ b/http/cves/2020/CVE-2020-35847.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-35847 cwe-id: CWE-89 - epss-score: 0.78248 - epss-percentile: 0.97981 + epss-score: 0.77399 + epss-percentile: 0.98139 cpe: cpe:2.3:a:agentejo:cockpit:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-35848.yaml b/http/cves/2020/CVE-2020-35848.yaml index 99bfa42068..3eff2e5d50 100644 --- a/http/cves/2020/CVE-2020-35848.yaml +++ b/http/cves/2020/CVE-2020-35848.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-35848 cwe-id: CWE-89 - epss-score: 0.76291 - epss-percentile: 0.97909 + epss-score: 0.75372 + epss-percentile: 0.98077 cpe: cpe:2.3:a:agentejo:cockpit:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-35984.yaml b/http/cves/2020/CVE-2020-35984.yaml index 7fd34e1526..26b748c66c 100644 --- a/http/cves/2020/CVE-2020-35984.yaml +++ b/http/cves/2020/CVE-2020-35984.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2020-35984 cwe-id: CWE-79 epss-score: 0.00127 - epss-percentile: 0.47225 + epss-percentile: 0.46456 cpe: cpe:2.3:a:rukovoditel:rukovoditel:2.7.2:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2020/CVE-2020-35985.yaml b/http/cves/2020/CVE-2020-35985.yaml index 2b62af8ea0..872672fd79 100644 --- a/http/cves/2020/CVE-2020-35985.yaml +++ b/http/cves/2020/CVE-2020-35985.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2020-35985 cwe-id: CWE-79 epss-score: 0.00127 - epss-percentile: 0.47225 + epss-percentile: 0.46456 cpe: cpe:2.3:a:rukovoditel:rukovoditel:2.7.2:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-35986.yaml b/http/cves/2020/CVE-2020-35986.yaml index 1943067d4f..83944858fb 100644 --- a/http/cves/2020/CVE-2020-35986.yaml +++ b/http/cves/2020/CVE-2020-35986.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2020-35986 cwe-id: CWE-79 epss-score: 0.00127 - epss-percentile: 0.47131 + epss-percentile: 0.46456 cpe: cpe:2.3:a:rukovoditel:rukovoditel:2.7.2:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2020/CVE-2020-36112.yaml b/http/cves/2020/CVE-2020-36112.yaml index 067fc4e2d3..9560a5f0ee 100644 --- a/http/cves/2020/CVE-2020-36112.yaml +++ b/http/cves/2020/CVE-2020-36112.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2020-36112 cwe-id: CWE-89 epss-score: 0.40407 - epss-percentile: 0.96938 + epss-percentile: 0.9718 cpe: cpe:2.3:a:cse_bookstore_project:cse_bookstore:1.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-36510.yaml b/http/cves/2020/CVE-2020-36510.yaml index 35a709f097..a2978f9594 100644 --- a/http/cves/2020/CVE-2020-36510.yaml +++ b/http/cves/2020/CVE-2020-36510.yaml @@ -13,13 +13,14 @@ info: reference: - https://wpscan.com/vulnerability/d1dbc6d7-7488-40c2-bc38-0674ea5b3c95 - https://nvd.nist.gov/vuln/detail/CVE-2020-36510 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2020-36510 cwe-id: CWE-79 epss-score: 0.00106 - epss-percentile: 0.42838 + epss-percentile: 0.42122 cpe: cpe:2.3:a:codetipi:15zine:*:*:*:*:*:wordpress:*:* metadata: verified: "false" diff --git a/http/cves/2020/CVE-2020-5284.yaml b/http/cves/2020/CVE-2020-5284.yaml index cc904e4db7..3304ac6069 100644 --- a/http/cves/2020/CVE-2020-5284.yaml +++ b/http/cves/2020/CVE-2020-5284.yaml @@ -19,8 +19,8 @@ info: cvss-score: 4.3 cve-id: CVE-2020-5284 cwe-id: CWE-22,CWE-23 - epss-score: 0.00152 - epss-percentile: 0.51455 + epss-score: 0.00213 + epss-percentile: 0.58675 cpe: cpe:2.3:a:zeit:next.js:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-5405.yaml b/http/cves/2020/CVE-2020-5405.yaml index c539e44955..bd1ee95cb3 100644 --- a/http/cves/2020/CVE-2020-5405.yaml +++ b/http/cves/2020/CVE-2020-5405.yaml @@ -12,13 +12,16 @@ info: reference: - https://pivotal.io/security/cve-2020-5405 - https://nvd.nist.gov/vuln/detail/CVE-2020-5405 + - https://github.com/Secxt/FINAL + - https://github.com/pen4uin/vulnerability-research-list + - https://github.com/sobinge/nuclei-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N cvss-score: 6.5 cve-id: CVE-2020-5405 cwe-id: CWE-22,CWE-23 epss-score: 0.00258 - epss-percentile: 0.63514 + epss-percentile: 0.64891 cpe: cpe:2.3:a:vmware:spring_cloud_config:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-5412.yaml b/http/cves/2020/CVE-2020-5412.yaml index ee5ebdd797..ac94d3cb38 100644 --- a/http/cves/2020/CVE-2020-5412.yaml +++ b/http/cves/2020/CVE-2020-5412.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.5 cve-id: CVE-2020-5412 cwe-id: CWE-610,CWE-441 - epss-score: 0.36725 - epss-percentile: 0.96799 + epss-score: 0.05469 + epss-percentile: 0.93009 cpe: cpe:2.3:a:vmware:spring_cloud_netflix:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-5776.yaml b/http/cves/2020/CVE-2020-5776.yaml index adc321f91b..6d03cd8a46 100644 --- a/http/cves/2020/CVE-2020-5776.yaml +++ b/http/cves/2020/CVE-2020-5776.yaml @@ -20,8 +20,8 @@ info: cvss-score: 8.8 cve-id: CVE-2020-5776 cwe-id: CWE-352 - epss-score: 0.53796 - epss-percentile: 0.97336 + epss-score: 0.50353 + epss-percentile: 0.97455 cpe: cpe:2.3:a:magmi_project:magmi:*:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2020/CVE-2020-5777.yaml b/http/cves/2020/CVE-2020-5777.yaml index 3eafc3a4c3..0dd207b491 100644 --- a/http/cves/2020/CVE-2020-5777.yaml +++ b/http/cves/2020/CVE-2020-5777.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-5777 cwe-id: CWE-287 epss-score: 0.04038 - epss-percentile: 0.91226 + epss-percentile: 0.91885 cpe: cpe:2.3:a:magmi_project:magmi:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-5847.yaml b/http/cves/2020/CVE-2020-5847.yaml index e530755af2..430b59b90b 100644 --- a/http/cves/2020/CVE-2020-5847.yaml +++ b/http/cves/2020/CVE-2020-5847.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2020-5847 cwe-id: CWE-94,CWE-668 epss-score: 0.97053 - epss-percentile: 0.99713 + epss-percentile: 0.99741 cpe: cpe:2.3:a:unraid:unraid:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-5902.yaml b/http/cves/2020/CVE-2020-5902.yaml index 7178439cd1..2deac2e69b 100644 --- a/http/cves/2020/CVE-2020-5902.yaml +++ b/http/cves/2020/CVE-2020-5902.yaml @@ -27,7 +27,7 @@ info: cvss-score: 9.8 cve-id: CVE-2020-5902 cwe-id: CWE-22 - epss-score: 0.97555 + epss-score: 0.97563 epss-percentile: 0.99998 cpe: cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* metadata: diff --git a/http/cves/2020/CVE-2020-6287.yaml b/http/cves/2020/CVE-2020-6287.yaml index 3c69b390fe..83f0159860 100644 --- a/http/cves/2020/CVE-2020-6287.yaml +++ b/http/cves/2020/CVE-2020-6287.yaml @@ -20,8 +20,8 @@ info: cvss-score: 10 cve-id: CVE-2020-6287 cwe-id: CWE-306 - epss-score: 0.97274 - epss-percentile: 0.99833 + epss-score: 0.97502 + epss-percentile: 0.99977 cpe: cpe:2.3:a:sap:netweaver_application_server_java:7.30:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-6308.yaml b/http/cves/2020/CVE-2020-6308.yaml index c5978026a9..259377fca3 100644 --- a/http/cves/2020/CVE-2020-6308.yaml +++ b/http/cves/2020/CVE-2020-6308.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2020-6308 cwe-id: CWE-918 epss-score: 0.004 - epss-percentile: 0.7093 + epss-percentile: 0.73121 cpe: cpe:2.3:a:sap:businessobjects_business_intelligence_platform:4.1:-:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-6950.yaml b/http/cves/2020/CVE-2020-6950.yaml index 8b78cfcb4a..e00e4798f4 100644 --- a/http/cves/2020/CVE-2020-6950.yaml +++ b/http/cves/2020/CVE-2020-6950.yaml @@ -17,8 +17,8 @@ info: cvss-score: 6.5 cve-id: CVE-2020-6950 cwe-id: CWE-22 - epss-score: 0.04665 - epss-percentile: 0.91775 + epss-score: 0.03924 + epss-percentile: 0.91792 cpe: cpe:2.3:a:eclipse:mojarra:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-7136.yaml b/http/cves/2020/CVE-2020-7136.yaml index a942590cfe..9f75b3a429 100644 --- a/http/cves/2020/CVE-2020-7136.yaml +++ b/http/cves/2020/CVE-2020-7136.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2020-7136 cwe-id: CWE-288 epss-score: 0.26929 - epss-percentile: 0.96346 + epss-percentile: 0.96662 cpe: cpe:2.3:a:hpe:smart_update_manager:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-7209.yaml b/http/cves/2020/CVE-2020-7209.yaml index 4dcb967838..4e65bb4765 100644 --- a/http/cves/2020/CVE-2020-7209.yaml +++ b/http/cves/2020/CVE-2020-7209.yaml @@ -19,8 +19,8 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2020-7209 - epss-score: 0.9719 - epss-percentile: 0.99779 + epss-score: 0.97202 + epss-percentile: 0.99806 cpe: cpe:2.3:a:hp:linuxki:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-7796.yaml b/http/cves/2020/CVE-2020-7796.yaml index e2ec25a827..5ef36a08da 100644 --- a/http/cves/2020/CVE-2020-7796.yaml +++ b/http/cves/2020/CVE-2020-7796.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-7796 cwe-id: CWE-918 - epss-score: 0.72496 - epss-percentile: 0.97814 + epss-score: 0.70648 + epss-percentile: 0.9795 cpe: cpe:2.3:a:synacor:zimbra_collaboration_suite:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-7980.yaml b/http/cves/2020/CVE-2020-7980.yaml index 72ca0cc90b..e57b89f0d2 100644 --- a/http/cves/2020/CVE-2020-7980.yaml +++ b/http/cves/2020/CVE-2020-7980.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-7980 cwe-id: CWE-78 epss-score: 0.97015 - epss-percentile: 0.99697 + epss-percentile: 0.99726 cpe: cpe:2.3:a:intelliantech:aptus_web:1.24:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-8115.yaml b/http/cves/2020/CVE-2020-8115.yaml index cabd59a260..a92e7fd034 100644 --- a/http/cves/2020/CVE-2020-8115.yaml +++ b/http/cves/2020/CVE-2020-8115.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-8115 cwe-id: CWE-79 epss-score: 0.0187 - epss-percentile: 0.8713 + epss-percentile: 0.88123 cpe: cpe:2.3:a:revive-adserver:revive_adserver:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-8193.yaml b/http/cves/2020/CVE-2020-8193.yaml index 375388bc75..ecb1df3682 100644 --- a/http/cves/2020/CVE-2020-8193.yaml +++ b/http/cves/2020/CVE-2020-8193.yaml @@ -14,13 +14,14 @@ info: - http://packetstormsecurity.com/files/160047/Citrix-ADC-NetScaler-Local-File-Inclusion.html - https://support.citrix.com/article/CTX276688 - https://nvd.nist.gov/vuln/detail/CVE-2020-8193 + - https://github.com/0ps/pocassistdb classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N cvss-score: 6.5 cve-id: CVE-2020-8193 cwe-id: CWE-287,CWE-284 - epss-score: 0.93307 - epss-percentile: 0.9889 + epss-score: 0.97463 + epss-percentile: 0.99954 cpe: cpe:2.3:o:citrix:application_delivery_controller_firmware:*:*:*:*:*:*:*:* metadata: max-request: 6 diff --git a/http/cves/2020/CVE-2020-8209.yaml b/http/cves/2020/CVE-2020-8209.yaml index 4f385fe7c7..cbcf3519bb 100644 --- a/http/cves/2020/CVE-2020-8209.yaml +++ b/http/cves/2020/CVE-2020-8209.yaml @@ -16,13 +16,17 @@ info: Apply the latest security patches or updates provided by Citrix to fix the vulnerability. reference: - https://support.citrix.com/article/CTX277457 + - https://github.com/Miraitowa70/POC-Notes + - https://github.com/dudek-marcin/Poc-Exp + - https://github.com/hectorgie/PoC-in-GitHub + - https://github.com/pen4uin/vulnerability-research classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2020-8209 cwe-id: CWE-22 - epss-score: 0.97043 - epss-percentile: 0.99702 + epss-score: 0.96834 + epss-percentile: 0.9967 cpe: cpe:2.3:a:citrix:xenmobile_server:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-8497.yaml b/http/cves/2020/CVE-2020-8497.yaml index 5955d4bf8f..7b4c8f55c9 100644 --- a/http/cves/2020/CVE-2020-8497.yaml +++ b/http/cves/2020/CVE-2020-8497.yaml @@ -12,13 +12,15 @@ info: reference: - https://k4m1ll0.com/cve-2020-8497.html - https://nvd.nist.gov/vuln/detail/CVE-2020-8497 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2020-8497 cwe-id: CWE-306 epss-score: 0.002 - epss-percentile: 0.5784 + epss-percentile: 0.56881 cpe: cpe:2.3:a:artica:pandora_fms:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-8512.yaml b/http/cves/2020/CVE-2020-8512.yaml index a063d889ab..8b00dc567a 100644 --- a/http/cves/2020/CVE-2020-8512.yaml +++ b/http/cves/2020/CVE-2020-8512.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2020-8512 cwe-id: CWE-79 - epss-score: 0.01373 - epss-percentile: 0.8485 + epss-score: 0.00692 + epss-percentile: 0.79726 cpe: cpe:2.3:a:icewarp:icewarp_server:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-8515.yaml b/http/cves/2020/CVE-2020-8515.yaml index 7051a059f6..bb9f131345 100644 --- a/http/cves/2020/CVE-2020-8515.yaml +++ b/http/cves/2020/CVE-2020-8515.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2020-8515 cwe-id: CWE-78 epss-score: 0.97079 - epss-percentile: 0.99727 + epss-percentile: 0.99754 cpe: cpe:2.3:o:draytek:vigor2960_firmware:1.3.1:beta:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-8615.yaml b/http/cves/2020/CVE-2020-8615.yaml index b0a9ffdd57..d1177ea36b 100644 --- a/http/cves/2020/CVE-2020-8615.yaml +++ b/http/cves/2020/CVE-2020-8615.yaml @@ -18,8 +18,8 @@ info: cvss-score: 6.5 cve-id: CVE-2020-8615 cwe-id: CWE-352 - epss-score: 0.00479 - epss-percentile: 0.73312 + epss-score: 0.00632 + epss-percentile: 0.78607 cpe: cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-8641.yaml b/http/cves/2020/CVE-2020-8641.yaml index b449381870..d031eafac9 100644 --- a/http/cves/2020/CVE-2020-8641.yaml +++ b/http/cves/2020/CVE-2020-8641.yaml @@ -13,13 +13,15 @@ info: - https://cxsecurity.com/issue/WLB-2020010234 - https://www.exploit-db.com/exploits/47985 - https://nvd.nist.gov/vuln/detail/CVE-2020-8641 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.8 cve-id: CVE-2020-8641 cwe-id: CWE-22 epss-score: 0.0071 - epss-percentile: 0.7833 + epss-percentile: 0.80028 cpe: cpe:2.3:a:lotus_core_cms_project:lotus_core_cms:1.0.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-8654.yaml b/http/cves/2020/CVE-2020-8654.yaml index c1224dfcfb..2ecaa61173 100644 --- a/http/cves/2020/CVE-2020-8654.yaml +++ b/http/cves/2020/CVE-2020-8654.yaml @@ -14,13 +14,14 @@ info: - https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/eyesofnetwork_autodiscovery_rce.rb - https://github.com/EyesOfNetworkCommunity/eonweb/issues/50 - https://nvd.nist.gov/vuln/detail/CVE-2020-8654 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.8 cve-id: CVE-2020-8654 cwe-id: CWE-78 epss-score: 0.04987 - epss-percentile: 0.9205 + epss-percentile: 0.92656 cpe: cpe:2.3:a:eyesofnetwork:eyesofnetwork:5.3-0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-8982.yaml b/http/cves/2020/CVE-2020-8982.yaml index caf7cb12d8..d4ad172dcb 100644 --- a/http/cves/2020/CVE-2020-8982.yaml +++ b/http/cves/2020/CVE-2020-8982.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2020-8982 cwe-id: CWE-22 - epss-score: 0.79861 - epss-percentile: 0.98035 + epss-score: 0.76583 + epss-percentile: 0.98117 cpe: cpe:2.3:a:citrix:sharefile_storagezones_controller:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-9036.yaml b/http/cves/2020/CVE-2020-9036.yaml index 1eecfea36e..fc67182234 100644 --- a/http/cves/2020/CVE-2020-9036.yaml +++ b/http/cves/2020/CVE-2020-9036.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-9036 cwe-id: CWE-79 epss-score: 0.00113 - epss-percentile: 0.44682 + epss-percentile: 0.43845 cpe: cpe:2.3:a:jeedom:jeedom:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-9047.yaml b/http/cves/2020/CVE-2020-9047.yaml index ffb6b92f9a..80d445dbc0 100644 --- a/http/cves/2020/CVE-2020-9047.yaml +++ b/http/cves/2020/CVE-2020-9047.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2020-9047 cwe-id: CWE-347 epss-score: 0.00782 - epss-percentile: 0.79503 + epss-percentile: 0.81009 cpe: cpe:2.3:a:johnsoncontrols:exacqvision_enterprise_manager:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-9315.yaml b/http/cves/2020/CVE-2020-9315.yaml index 0a2c71acf3..541a2fb083 100644 --- a/http/cves/2020/CVE-2020-9315.yaml +++ b/http/cves/2020/CVE-2020-9315.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2020-9315 cwe-id: CWE-306 - epss-score: 0.97318 - epss-percentile: 0.99864 + epss-score: 0.97337 + epss-percentile: 0.9988 cpe: cpe:2.3:a:oracle:iplanet_web_server:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2020/CVE-2020-9344.yaml b/http/cves/2020/CVE-2020-9344.yaml index 9fd6dc5e38..35503ed3cb 100644 --- a/http/cves/2020/CVE-2020-9344.yaml +++ b/http/cves/2020/CVE-2020-9344.yaml @@ -14,13 +14,14 @@ info: - https://kintosoft.atlassian.net/wiki/spaces/SVNALM/pages/753565697/Security+Bulletin - https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2020-007.txt - https://nvd.nist.gov/vuln/detail/CVE-2020-13483 + - https://github.com/merlinepedra/nuclei-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2020-9344 cwe-id: CWE-79 epss-score: 0.00205 - epss-percentile: 0.58416 + epss-percentile: 0.5782 cpe: cpe:2.3:a:atlassian:subversion_application_lifecycle_management:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2020/CVE-2020-9376.yaml b/http/cves/2020/CVE-2020-9376.yaml index 3cf81fa75e..e4a16ca0ab 100644 --- a/http/cves/2020/CVE-2020-9376.yaml +++ b/http/cves/2020/CVE-2020-9376.yaml @@ -23,7 +23,7 @@ info: cve-id: CVE-2020-9376 cwe-id: CWE-74 epss-score: 0.96966 - epss-percentile: 0.9968 + epss-percentile: 0.99713 cpe: cpe:2.3:o:dlink:dir-610_firmware:-:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-9402.yaml b/http/cves/2020/CVE-2020-9402.yaml index 37dd87d3f6..4691708397 100644 --- a/http/cves/2020/CVE-2020-9402.yaml +++ b/http/cves/2020/CVE-2020-9402.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2020-9402 cwe-id: CWE-89 epss-score: 0.14117 - epss-percentile: 0.95205 + epss-percentile: 0.95552 cpe: cpe:2.3:a:djangoproject:django:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-9483.yaml b/http/cves/2020/CVE-2020-9483.yaml index 53472e281c..cb85f2657c 100644 --- a/http/cves/2020/CVE-2020-9483.yaml +++ b/http/cves/2020/CVE-2020-9483.yaml @@ -13,13 +13,16 @@ info: reference: - https://github.com/apache/skywalking/pull/4639 - https://nvd.nist.gov/vuln/detail/CVE-2020-9483 + - https://github.com/Elsfa7-110/kenzer-templates + - https://github.com/developer3000S/PoC-in-GitHub + - https://github.com/pen4uin/awesome-vulnerability-research classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2020-9483 cwe-id: CWE-89 epss-score: 0.0522 - epss-percentile: 0.92246 + epss-percentile: 0.92833 cpe: cpe:2.3:a:apache:skywalking:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-9484.yaml b/http/cves/2020/CVE-2020-9484.yaml index 8c4dcf41c8..8b6c404f6a 100644 --- a/http/cves/2020/CVE-2020-9484.yaml +++ b/http/cves/2020/CVE-2020-9484.yaml @@ -26,8 +26,8 @@ info: cvss-score: 7 cve-id: CVE-2020-9484 cwe-id: CWE-502 - epss-score: 0.8875 - epss-percentile: 0.98456 + epss-score: 0.92769 + epss-percentile: 0.98967 cpe: cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-9496.yaml b/http/cves/2020/CVE-2020-9496.yaml index 6625d445fe..c14c9fee81 100644 --- a/http/cves/2020/CVE-2020-9496.yaml +++ b/http/cves/2020/CVE-2020-9496.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2020-9496 cwe-id: CWE-502 - epss-score: 0.9739 - epss-percentile: 0.99907 + epss-score: 0.89561 + epss-percentile: 0.98689 cpe: cpe:2.3:a:apache:ofbiz:17.12.03:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2020/CVE-2020-9757.yaml b/http/cves/2020/CVE-2020-9757.yaml index 281c0f5f83..a42acdd72d 100644 --- a/http/cves/2020/CVE-2020-9757.yaml +++ b/http/cves/2020/CVE-2020-9757.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2020-9757 cwe-id: CWE-74 - epss-score: 0.96795 - epss-percentile: 0.99619 + epss-score: 0.96518 + epss-percentile: 0.99576 cpe: cpe:2.3:a:craftcms:craft_cms:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-1472.yaml b/http/cves/2021/CVE-2021-1472.yaml index 68b88e46e7..361593f162 100644 --- a/http/cves/2021/CVE-2021-1472.yaml +++ b/http/cves/2021/CVE-2021-1472.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2021-1472 cwe-id: CWE-287,CWE-119 epss-score: 0.97174 - epss-percentile: 0.99773 + epss-percentile: 0.99793 cpe: cpe:2.3:o:cisco:rv160_firmware:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-1497.yaml b/http/cves/2021/CVE-2021-1497.yaml index 4c6bd4cd01..3f6d1ae77d 100644 --- a/http/cves/2021/CVE-2021-1497.yaml +++ b/http/cves/2021/CVE-2021-1497.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-1497 cwe-id: CWE-78 - epss-score: 0.97485 - epss-percentile: 0.99968 + epss-score: 0.97512 + epss-percentile: 0.99982 cpe: cpe:2.3:o:cisco:hyperflex_hx_data_platform:4.0\(2a\):*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-1498.yaml b/http/cves/2021/CVE-2021-1498.yaml index 06a45127db..8281d059af 100644 --- a/http/cves/2021/CVE-2021-1498.yaml +++ b/http/cves/2021/CVE-2021-1498.yaml @@ -22,8 +22,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-1498 cwe-id: CWE-78 - epss-score: 0.97518 - epss-percentile: 0.99986 + epss-score: 0.97512 + epss-percentile: 0.99982 cpe: cpe:2.3:o:cisco:hyperflex_hx_data_platform:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-1499.yaml b/http/cves/2021/CVE-2021-1499.yaml index 66c72c39a5..eaf55be982 100644 --- a/http/cves/2021/CVE-2021-1499.yaml +++ b/http/cves/2021/CVE-2021-1499.yaml @@ -20,8 +20,8 @@ info: cvss-score: 5.3 cve-id: CVE-2021-1499 cwe-id: CWE-306 - epss-score: 0.94981 - epss-percentile: 0.99137 + epss-score: 0.9652 + epss-percentile: 0.99578 cpe: cpe:2.3:o:cisco:hyperflex_hx_data_platform:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-20031.yaml b/http/cves/2021/CVE-2021-20031.yaml index 8ae371fc8b..2d138152a0 100644 --- a/http/cves/2021/CVE-2021-20031.yaml +++ b/http/cves/2021/CVE-2021-20031.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2021-20031 cwe-id: CWE-601 epss-score: 0.01202 - epss-percentile: 0.83735 + epss-percentile: 0.84903 cpe: cpe:2.3:o:sonicwall:sonicos:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-20038.yaml b/http/cves/2021/CVE-2021-20038.yaml index d50c5f7cb7..51c967e90f 100644 --- a/http/cves/2021/CVE-2021-20038.yaml +++ b/http/cves/2021/CVE-2021-20038.yaml @@ -14,13 +14,14 @@ info: - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0026 - https://nvd.nist.gov/vuln/detail/CVE-2021-20038 - https://github.com/jbaines-r7/badblood + - https://github.com/Ostorlab/KEV classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-20038 cwe-id: CWE-787,CWE-121 - epss-score: 0.95092 - epss-percentile: 0.99142 + epss-score: 0.95823 + epss-percentile: 0.99394 cpe: cpe:2.3:o:sonicwall:sma_200_firmware:10.2.0.8-37sv:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-20090.yaml b/http/cves/2021/CVE-2021-20090.yaml index 8ee33bf2f2..8aaebee5ea 100644 --- a/http/cves/2021/CVE-2021-20090.yaml +++ b/http/cves/2021/CVE-2021-20090.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-20090 cwe-id: CWE-22 - epss-score: 0.97203 - epss-percentile: 0.99792 + epss-score: 0.97465 + epss-percentile: 0.99955 cpe: cpe:2.3:o:buffalo:wsr-2533dhpl2-bk_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-20092.yaml b/http/cves/2021/CVE-2021-20092.yaml index cbaab2f473..13348b14b7 100644 --- a/http/cves/2021/CVE-2021-20092.yaml +++ b/http/cves/2021/CVE-2021-20092.yaml @@ -14,13 +14,15 @@ info: - https://www.tenable.com/security/research/tra-2021-13 - https://medium.com/tenable-techblog/bypassing-authentication-on-arcadyan-routers-with-cve-2021-20090-and-rooting-some-buffalo-ea1dd30980c2 - https://nvd.nist.gov/vuln/detail/CVE-2021-20091 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2021-20092 cwe-id: CWE-287 - epss-score: 0.01122 - epss-percentile: 0.83024 + epss-score: 0.01583 + epss-percentile: 0.87054 cpe: cpe:2.3:o:buffalo:wsr-2533dhpl2-bk_firmware:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-20114.yaml b/http/cves/2021/CVE-2021-20114.yaml index 040077c756..e72c3651e2 100644 --- a/http/cves/2021/CVE-2021-20114.yaml +++ b/http/cves/2021/CVE-2021-20114.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-20114 cwe-id: CWE-425 - epss-score: 0.01918 - epss-percentile: 0.87354 + epss-score: 0.01409 + epss-percentile: 0.86167 cpe: cpe:2.3:a:tecnick:tcexam:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-20123.yaml b/http/cves/2021/CVE-2021-20123.yaml index 44f1a6d80b..e3092ee1ca 100644 --- a/http/cves/2021/CVE-2021-20123.yaml +++ b/http/cves/2021/CVE-2021-20123.yaml @@ -13,13 +13,14 @@ info: reference: - https://www.tenable.com/security/research/tra-2021-42 - https://nvd.nist.gov/vuln/detail/CVE-2021-20123 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2021-20123 cwe-id: CWE-22 - epss-score: 0.03116 - epss-percentile: 0.90065 + epss-score: 0.03354 + epss-percentile: 0.91162 cpe: cpe:2.3:a:draytek:vigorconnect:1.6.0:beta3:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-20124.yaml b/http/cves/2021/CVE-2021-20124.yaml index 552179c1a4..8eed1c6e3b 100644 --- a/http/cves/2021/CVE-2021-20124.yaml +++ b/http/cves/2021/CVE-2021-20124.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-20124 cwe-id: CWE-22 - epss-score: 0.01234 - epss-percentile: 0.83989 + epss-score: 0.01331 + epss-percentile: 0.85744 cpe: cpe:2.3:a:draytek:vigorconnect:1.6.0:beta3:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-20137.yaml b/http/cves/2021/CVE-2021-20137.yaml index 60c252c4b0..c786f70ede 100644 --- a/http/cves/2021/CVE-2021-20137.yaml +++ b/http/cves/2021/CVE-2021-20137.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2021-20137 cwe-id: CWE-79 epss-score: 0.24456 - epss-percentile: 0.96208 + epss-percentile: 0.96515 cpe: cpe:2.3:o:gryphonconnect:gryphon_tower_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-20167.yaml b/http/cves/2021/CVE-2021-20167.yaml index 394fdf676a..d2f53010ec 100644 --- a/http/cves/2021/CVE-2021-20167.yaml +++ b/http/cves/2021/CVE-2021-20167.yaml @@ -10,13 +10,15 @@ info: - https://www.tenable.com/security/research/tra-2021-55 - https://nvd.nist.gov/vuln/detail/CVE-2021-20166 - https://nvd.nist.gov/vuln/detail/CVE-2021-20167 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 8 cve-id: CVE-2021-20167 cwe-id: CWE-77 - epss-score: 0.94785 - epss-percentile: 0.99096 + epss-score: 0.94822 + epss-percentile: 0.99222 cpe: cpe:2.3:o:netgear:rax43_firmware:1.0.3.96:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-20323.yaml b/http/cves/2021/CVE-2021-20323.yaml index de879dce78..a39c71bdba 100644 --- a/http/cves/2021/CVE-2021-20323.yaml +++ b/http/cves/2021/CVE-2021-20323.yaml @@ -23,7 +23,7 @@ info: cve-id: CVE-2021-20323 cwe-id: CWE-79 epss-score: 0.00173 - epss-percentile: 0.54515 + epss-percentile: 0.53461 cpe: cpe:2.3:a:redhat:keycloak:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-20792.yaml b/http/cves/2021/CVE-2021-20792.yaml index e8f4be2bfb..dc904e0efa 100644 --- a/http/cves/2021/CVE-2021-20792.yaml +++ b/http/cves/2021/CVE-2021-20792.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2021-20792 cwe-id: CWE-79 - epss-score: 0.002 - epss-percentile: 0.57896 + epss-score: 0.00183 + epss-percentile: 0.54675 cpe: cpe:2.3:a:expresstech:quiz_and_survey_master:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-21087.yaml b/http/cves/2021/CVE-2021-21087.yaml index dbb6ef375e..853867fde8 100644 --- a/http/cves/2021/CVE-2021-21087.yaml +++ b/http/cves/2021/CVE-2021-21087.yaml @@ -14,13 +14,15 @@ info: - https://helpx.adobe.com/security/products/coldfusion/apsb21-16.html - https://twitter.com/Daviey/status/1374070630283415558 - https://nvd.nist.gov/vuln/detail/CVE-2021-21087 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N cvss-score: 5.4 cve-id: CVE-2021-21087 cwe-id: CWE-79 - epss-score: 0.00326 - epss-percentile: 0.67709 + epss-score: 0.00186 + epss-percentile: 0.54967 cpe: cpe:2.3:a:adobe:coldfusion:2016:-:*:*:*:*:*:* metadata: max-request: 7 diff --git a/http/cves/2021/CVE-2021-21307.yaml b/http/cves/2021/CVE-2021-21307.yaml index effce008ae..eecf623e30 100644 --- a/http/cves/2021/CVE-2021-21307.yaml +++ b/http/cves/2021/CVE-2021-21307.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2021-21307 cwe-id: CWE-862 epss-score: 0.97312 - epss-percentile: 0.99858 + epss-percentile: 0.99864 cpe: cpe:2.3:a:lucee:lucee_server:*:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2021/CVE-2021-21315.yaml b/http/cves/2021/CVE-2021-21315.yaml index 69861c9292..a7063a2a21 100644 --- a/http/cves/2021/CVE-2021-21315.yaml +++ b/http/cves/2021/CVE-2021-21315.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.8 cve-id: CVE-2021-21315 cwe-id: CWE-78 - epss-score: 0.96949 - epss-percentile: 0.99673 + epss-score: 0.97233 + epss-percentile: 0.99827 cpe: cpe:2.3:a:systeminformation:systeminformation:*:*:*:*:*:node.js:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-21351.yaml b/http/cves/2021/CVE-2021-21351.yaml index 3dd1cdb48c..f34e6251c5 100644 --- a/http/cves/2021/CVE-2021-21351.yaml +++ b/http/cves/2021/CVE-2021-21351.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.1 cve-id: CVE-2021-21351 cwe-id: CWE-434 - epss-score: 0.73239 - epss-percentile: 0.97833 + epss-score: 0.73084 + epss-percentile: 0.98014 cpe: cpe:2.3:a:xstream_project:xstream:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-21389.yaml b/http/cves/2021/CVE-2021-21389.yaml index c068a7e4e9..a1591ee67d 100644 --- a/http/cves/2021/CVE-2021-21389.yaml +++ b/http/cves/2021/CVE-2021-21389.yaml @@ -19,8 +19,8 @@ info: cvss-score: 8.8 cve-id: CVE-2021-21389 cwe-id: CWE-863 - epss-score: 0.80915 - epss-percentile: 0.98067 + epss-score: 0.83143 + epss-percentile: 0.98347 cpe: cpe:2.3:a:buddypress:buddypress:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-21402.yaml b/http/cves/2021/CVE-2021-21402.yaml index 00446a88e2..403275b5d6 100644 --- a/http/cves/2021/CVE-2021-21402.yaml +++ b/http/cves/2021/CVE-2021-21402.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-21402 cwe-id: CWE-22 epss-score: 0.15589 - epss-percentile: 0.9539 + epss-percentile: 0.95782 cpe: cpe:2.3:a:jellyfin:jellyfin:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-21745.yaml b/http/cves/2021/CVE-2021-21745.yaml index f805a2a99e..1ea1d0db2f 100644 --- a/http/cves/2021/CVE-2021-21745.yaml +++ b/http/cves/2021/CVE-2021-21745.yaml @@ -15,13 +15,14 @@ info: - https://www.talosintelligence.com/vulnerability_reports/TALOS-2021-1317 - https://nvd.nist.gov/vuln/detail/CVE-2021-21745 - https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1019764 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N cvss-score: 4.3 cve-id: CVE-2021-21745 cwe-id: CWE-352 - epss-score: 0.42121 - epss-percentile: 0.96978 + epss-score: 0.26168 + epss-percentile: 0.96622 cpe: cpe:2.3:o:zte:mf971r_firmware:v1.0.0b05:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-21800.yaml b/http/cves/2021/CVE-2021-21800.yaml index 5710a8f612..9e47f9c8cd 100644 --- a/http/cves/2021/CVE-2021-21800.yaml +++ b/http/cves/2021/CVE-2021-21800.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2021-21800 cwe-id: CWE-79 - epss-score: 0.83144 - epss-percentile: 0.98185 + epss-score: 0.80604 + epss-percentile: 0.98232 cpe: cpe:2.3:a:advantech:r-seenet:2.4.12:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-21802.yaml b/http/cves/2021/CVE-2021-21802.yaml index 9afe470e2e..8c25e1ac92 100644 --- a/http/cves/2021/CVE-2021-21802.yaml +++ b/http/cves/2021/CVE-2021-21802.yaml @@ -12,13 +12,15 @@ info: reference: - https://talosintelligence.com/vulnerability_reports/TALOS-2021-1272 - https://nvd.nist.gov/vuln/detail/CVE-2021-21801 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-21802 cwe-id: CWE-79 - epss-score: 0.83144 - epss-percentile: 0.98156 + epss-score: 0.80604 + epss-percentile: 0.98232 cpe: cpe:2.3:a:advantech:r-seenet:2.4.12:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-21803.yaml b/http/cves/2021/CVE-2021-21803.yaml index 317151b6ba..a9a4a96247 100644 --- a/http/cves/2021/CVE-2021-21803.yaml +++ b/http/cves/2021/CVE-2021-21803.yaml @@ -12,13 +12,15 @@ info: reference: - https://talosintelligence.com/vulnerability_reports/TALOS-2021-1272 - https://nvd.nist.gov/vuln/detail/CVE-2021-21803 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-21803 cwe-id: CWE-79 - epss-score: 0.83144 - epss-percentile: 0.98156 + epss-score: 0.80604 + epss-percentile: 0.98232 cpe: cpe:2.3:a:advantech:r-seenet:2.4.12:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-21816.yaml b/http/cves/2021/CVE-2021-21816.yaml index 68c5cdf696..3a910e927e 100644 --- a/http/cves/2021/CVE-2021-21816.yaml +++ b/http/cves/2021/CVE-2021-21816.yaml @@ -12,13 +12,15 @@ info: reference: - https://talosintelligence.com/vulnerability_reports/TALOS-2021-1281 - https://nvd.nist.gov/vuln/detail/CVE-2021-21816 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N cvss-score: 4.3 cve-id: CVE-2021-21816 cwe-id: CWE-200 - epss-score: 0.00255 - epss-percentile: 0.63372 + epss-score: 0.00229 + epss-percentile: 0.60334 cpe: cpe:2.3:o:dlink:dir-3040_firmware:1.13b03:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-21881.yaml b/http/cves/2021/CVE-2021-21881.yaml index 69805e35d5..42565935ce 100644 --- a/http/cves/2021/CVE-2021-21881.yaml +++ b/http/cves/2021/CVE-2021-21881.yaml @@ -12,13 +12,15 @@ info: reference: - https://talosintelligence.com/vulnerability_reports/TALOS-2021-1325 - https://nvd.nist.gov/vuln/detail/CVE-2021-21881 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H cvss-score: 9.9 cve-id: CVE-2021-21881 cwe-id: CWE-78 - epss-score: 0.9711 - epss-percentile: 0.99739 + epss-score: 0.97001 + epss-percentile: 0.99723 cpe: cpe:2.3:o:lantronix:premierwave_2050_firmware:8.9.0.0:r4:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-21972.yaml b/http/cves/2021/CVE-2021-21972.yaml index f803137478..85ba36bf6f 100644 --- a/http/cves/2021/CVE-2021-21972.yaml +++ b/http/cves/2021/CVE-2021-21972.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-21972 cwe-id: CWE-22 - epss-score: 0.97391 - epss-percentile: 0.99907 + epss-score: 0.97299 + epss-percentile: 0.99858 cpe: cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-21973.yaml b/http/cves/2021/CVE-2021-21973.yaml index d3c277eede..0aff31ee96 100644 --- a/http/cves/2021/CVE-2021-21973.yaml +++ b/http/cves/2021/CVE-2021-21973.yaml @@ -20,8 +20,8 @@ info: cvss-score: 5.3 cve-id: CVE-2021-21973 cwe-id: CWE-918 - epss-score: 0.31709 - epss-percentile: 0.96596 + epss-score: 0.15857 + epss-percentile: 0.95819 cpe: cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-21978.yaml b/http/cves/2021/CVE-2021-21978.yaml index 82f65eade6..8737a6d1d9 100644 --- a/http/cves/2021/CVE-2021-21978.yaml +++ b/http/cves/2021/CVE-2021-21978.yaml @@ -17,13 +17,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2021-21978 - https://www.vmware.com/security/advisories/VMSA-2021-0003.html - http://packetstormsecurity.com/files/161879/VMware-View-Planner-4.6-Remote-Code-Execution.html + - https://github.com/HimmelAward/Goby_POC classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-21978 cwe-id: CWE-20 - epss-score: 0.97364 - epss-percentile: 0.99887 + epss-score: 0.97469 + epss-percentile: 0.99959 cpe: cpe:2.3:a:vmware:view_planner:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-21985.yaml b/http/cves/2021/CVE-2021-21985.yaml index 06fe8f9502..4954a86339 100644 --- a/http/cves/2021/CVE-2021-21985.yaml +++ b/http/cves/2021/CVE-2021-21985.yaml @@ -15,13 +15,14 @@ info: - https://github.com/alt3kx/CVE-2021-21985_PoC - https://nvd.nist.gov/vuln/detail/CVE-2021-21985 - http://packetstormsecurity.com/files/162812/VMware-Security-Advisory-2021-0010.html + - https://github.com/onSec-fr/CVE-2021-21985-Checker classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-21985 cwe-id: CWE-20 - epss-score: 0.9741 - epss-percentile: 0.99919 + epss-score: 0.97407 + epss-percentile: 0.9992 cpe: cpe:2.3:a:vmware:vcenter_server:6.5:-:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-22005.yaml b/http/cves/2021/CVE-2021-22005.yaml index 64dac287ff..7ee90310fc 100644 --- a/http/cves/2021/CVE-2021-22005.yaml +++ b/http/cves/2021/CVE-2021-22005.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-22005 cwe-id: CWE-22 - epss-score: 0.97289 - epss-percentile: 0.99843 + epss-score: 0.97389 + epss-percentile: 0.99909 cpe: cpe:2.3:a:vmware:cloud_foundation:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-22054.yaml b/http/cves/2021/CVE-2021-22054.yaml index f57d0970f5..2519c3ad45 100644 --- a/http/cves/2021/CVE-2021-22054.yaml +++ b/http/cves/2021/CVE-2021-22054.yaml @@ -13,13 +13,15 @@ info: - https://blog.assetnote.io/2022/04/27/vmware-workspace-one-uem-ssrf/ - https://www.vmware.com/security/advisories/VMSA-2021-0029.html - https://nvd.nist.gov/vuln/detail/CVE-2021-22054 + - https://github.com/fardeen-ahmed/Bug-bounty-Writeups + - https://github.com/nomi-sec/PoC-in-GitHub classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2021-22054 cwe-id: CWE-918 - epss-score: 0.74 - epss-percentile: 0.97848 + epss-score: 0.74813 + epss-percentile: 0.98065 cpe: cpe:2.3:a:vmware:workspace_one_uem_console:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-22145.yaml b/http/cves/2021/CVE-2021-22145.yaml index d010df3497..a8047853f5 100644 --- a/http/cves/2021/CVE-2021-22145.yaml +++ b/http/cves/2021/CVE-2021-22145.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.5 cve-id: CVE-2021-22145 cwe-id: CWE-209 - epss-score: 0.96315 - epss-percentile: 0.99434 + epss-score: 0.96279 + epss-percentile: 0.99499 cpe: cpe:2.3:a:elastic:elasticsearch:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-22214.yaml b/http/cves/2021/CVE-2021-22214.yaml index 5137ebb078..f518dfbb51 100644 --- a/http/cves/2021/CVE-2021-22214.yaml +++ b/http/cves/2021/CVE-2021-22214.yaml @@ -24,8 +24,8 @@ info: cvss-score: 8.6 cve-id: CVE-2021-22214 cwe-id: CWE-918 - epss-score: 0.12047 - epss-percentile: 0.94831 + epss-score: 0.09317 + epss-percentile: 0.94551 cpe: cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-22502.yaml b/http/cves/2021/CVE-2021-22502.yaml index 0ec25e1895..c384d9b8e8 100644 --- a/http/cves/2021/CVE-2021-22502.yaml +++ b/http/cves/2021/CVE-2021-22502.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-22502 cwe-id: CWE-78 - epss-score: 0.96129 - epss-percentile: 0.99379 + epss-score: 0.95993 + epss-percentile: 0.99434 cpe: cpe:2.3:a:microfocus:operation_bridge_reporter:10.40:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-22707.yaml b/http/cves/2021/CVE-2021-22707.yaml index a39342219f..c7b740befc 100644 --- a/http/cves/2021/CVE-2021-22707.yaml +++ b/http/cves/2021/CVE-2021-22707.yaml @@ -17,8 +17,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-22707 cwe-id: CWE-798 - epss-score: 0.29966 - epss-percentile: 0.96514 + epss-score: 0.27092 + epss-percentile: 0.96671 cpe: cpe:2.3:o:schneider-electric:evlink_city_evc1s22p4_firmware:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-22873.yaml b/http/cves/2021/CVE-2021-22873.yaml index 66bb1175d3..360ca6f169 100644 --- a/http/cves/2021/CVE-2021-22873.yaml +++ b/http/cves/2021/CVE-2021-22873.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-22873 cwe-id: CWE-601 epss-score: 0.00922 - epss-percentile: 0.82474 + epss-percentile: 0.82556 cpe: cpe:2.3:a:revive-adserver:revive_adserver:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-22911.yaml b/http/cves/2021/CVE-2021-22911.yaml index 9036a5381b..0ff388c015 100644 --- a/http/cves/2021/CVE-2021-22911.yaml +++ b/http/cves/2021/CVE-2021-22911.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-22911 cwe-id: CWE-75,NVD-CWE-Other - epss-score: 0.95312 - epss-percentile: 0.99208 + epss-score: 0.94773 + epss-percentile: 0.99209 cpe: cpe:2.3:a:rocket.chat:rocket.chat:3.11.0:-:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-23241.yaml b/http/cves/2021/CVE-2021-23241.yaml index 973e48734f..3b7c4ff6c4 100644 --- a/http/cves/2021/CVE-2021-23241.yaml +++ b/http/cves/2021/CVE-2021-23241.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-23241 cwe-id: CWE-22 epss-score: 0.00365 - epss-percentile: 0.69601 + epss-percentile: 0.71874 cpe: cpe:2.3:o:mercusys:mercury_x18g_firmware:1.0.5:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24146.yaml b/http/cves/2021/CVE-2021-24146.yaml index 54bce61d75..3ecc4f1920 100644 --- a/http/cves/2021/CVE-2021-24146.yaml +++ b/http/cves/2021/CVE-2021-24146.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-24146 cwe-id: CWE-862,CWE-284 - epss-score: 0.03582 - epss-percentile: 0.90732 + epss-score: 0.02727 + epss-percentile: 0.90292 cpe: cpe:2.3:a:webnus:modern_events_calendar_lite:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24165.yaml b/http/cves/2021/CVE-2021-24165.yaml index 3c7d122fa3..23bee3ade8 100644 --- a/http/cves/2021/CVE-2021-24165.yaml +++ b/http/cves/2021/CVE-2021-24165.yaml @@ -14,13 +14,15 @@ info: - https://wpscan.com/vulnerability/6147acf5-e43f-47e6-ab56-c9c8be584818 - https://www.wordfence.com/blog/2021/02/one-million-sites-affected-four-severe-vulnerabilities-patched-in-ninja-forms/ - https://nvd.nist.gov/vuln/detail/CVE-2021-24165 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-24165 cwe-id: CWE-601 epss-score: 0.00129 - epss-percentile: 0.47461 + epss-percentile: 0.46774 cpe: cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-24169.yaml b/http/cves/2021/CVE-2021-24169.yaml index b849f9285c..f86eff0e9d 100644 --- a/http/cves/2021/CVE-2021-24169.yaml +++ b/http/cves/2021/CVE-2021-24169.yaml @@ -14,13 +14,14 @@ info: - https://www.exploit-db.com/exploits/50324 - https://wordpress.org/plugins/woo-order-export-lite/ - https://nvd.nist.gov/vuln/detail/CVE-2021-24169 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-24169 cwe-id: CWE-79 epss-score: 0.0021 - epss-percentile: 0.58865 + epss-percentile: 0.58287 cpe: cpe:2.3:a:algolplus:advanced_order_export:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24214.yaml b/http/cves/2021/CVE-2021-24214.yaml index eb04c0b182..99a2d6f8f5 100644 --- a/http/cves/2021/CVE-2021-24214.yaml +++ b/http/cves/2021/CVE-2021-24214.yaml @@ -13,13 +13,15 @@ info: - https://wpscan.com/vulnerability/31cf0dfb-4025-4898-a5f4-fc7115565a10 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24214 - https://nvd.nist.gov/vuln/detail/CVE-2021-24214 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-24214 cwe-id: CWE-79 - epss-score: 0.00317 - epss-percentile: 0.67249 + epss-score: 0.00337 + epss-percentile: 0.7074 cpe: cpe:2.3:a:daggerhartlab:openid_connect_generic_client:3.8.0:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24215.yaml b/http/cves/2021/CVE-2021-24215.yaml index 36f7cd3692..1bac2e2612 100644 --- a/http/cves/2021/CVE-2021-24215.yaml +++ b/http/cves/2021/CVE-2021-24215.yaml @@ -18,8 +18,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-24215 cwe-id: CWE-425,CWE-284 - epss-score: 0.11443 - epss-percentile: 0.94736 + epss-score: 0.19113 + epss-percentile: 0.9615 cpe: cpe:2.3:a:wpruby:controlled_admin_access:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24226.yaml b/http/cves/2021/CVE-2021-24226.yaml index d907f94aef..22ce35de18 100644 --- a/http/cves/2021/CVE-2021-24226.yaml +++ b/http/cves/2021/CVE-2021-24226.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-24226 cwe-id: CWE-200 - epss-score: 0.03271 - epss-percentile: 0.90337 + epss-score: 0.03058 + epss-percentile: 0.90773 cpe: cpe:2.3:a:accessally:accessally:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24227.yaml b/http/cves/2021/CVE-2021-24227.yaml index feb4606a09..039954402b 100644 --- a/http/cves/2021/CVE-2021-24227.yaml +++ b/http/cves/2021/CVE-2021-24227.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-24227 cwe-id: CWE-200 - epss-score: 0.02789 - epss-percentile: 0.89603 + epss-score: 0.02607 + epss-percentile: 0.9006 cpe: cpe:2.3:a:patreon:patreon_wordpress:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24237.yaml b/http/cves/2021/CVE-2021-24237.yaml index 95cd74d871..b2d56423b6 100644 --- a/http/cves/2021/CVE-2021-24237.yaml +++ b/http/cves/2021/CVE-2021-24237.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-24237 cwe-id: CWE-79 epss-score: 0.00265 - epss-percentile: 0.64186 + epss-percentile: 0.65501 cpe: cpe:2.3:a:purethemes:findeo:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24245.yaml b/http/cves/2021/CVE-2021-24245.yaml index 53447e7903..3e65c3f10a 100644 --- a/http/cves/2021/CVE-2021-24245.yaml +++ b/http/cves/2021/CVE-2021-24245.yaml @@ -14,13 +14,14 @@ info: - https://wpscan.com/vulnerability/5e7accd6-08dc-4c6e-9d19-73e2d7e97735 - https://nvd.nist.gov/vuln/detail/CVE-2021-24245 - http://packetstormsecurity.com/files/162623/WordPress-Stop-Spammers-2021.8-Cross-Site-Scripting.html + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-24245 cwe-id: CWE-79 - epss-score: 0.00177 - epss-percentile: 0.54879 + epss-score: 0.00231 + epss-percentile: 0.60494 cpe: cpe:2.3:a:trumani:stop_spammers:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24274.yaml b/http/cves/2021/CVE-2021-24274.yaml index f5ffe315a6..9d7020602b 100644 --- a/http/cves/2021/CVE-2021-24274.yaml +++ b/http/cves/2021/CVE-2021-24274.yaml @@ -13,13 +13,15 @@ info: - https://wpscan.com/vulnerability/200a3031-7c42-4189-96b1-bed9e0ab7c1d - http://packetstormsecurity.com/files/164316/WordPress-Ultimate-Maps-1.2.4-Cross-Site-Scripting.html - https://nvd.nist.gov/vuln/detail/CVE-2021-24274 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-24274 cwe-id: CWE-79 - epss-score: 0.00154 - epss-percentile: 0.51591 + epss-score: 0.00201 + epss-percentile: 0.56972 cpe: cpe:2.3:a:supsystic:ultimate_maps:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24275.yaml b/http/cves/2021/CVE-2021-24275.yaml index 6f18c5b62a..4473590ccb 100644 --- a/http/cves/2021/CVE-2021-24275.yaml +++ b/http/cves/2021/CVE-2021-24275.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2021-24275 cwe-id: CWE-79 - epss-score: 0.00203 - epss-percentile: 0.58305 + epss-score: 0.00231 + epss-percentile: 0.60494 cpe: cpe:2.3:a:supsystic:popup:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24276.yaml b/http/cves/2021/CVE-2021-24276.yaml index df91a5bdf0..05da0bf3f8 100644 --- a/http/cves/2021/CVE-2021-24276.yaml +++ b/http/cves/2021/CVE-2021-24276.yaml @@ -13,13 +13,15 @@ info: - https://wpscan.com/vulnerability/1301123c-5e63-432a-ab90-3221ca532d9c - http://packetstormsecurity.com/files/164308/WordPress-Contact-Form-1.7.14-Cross-Site-Scripting.html - https://nvd.nist.gov/vuln/detail/CVE-2021-24276 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-24276 cwe-id: CWE-79 - epss-score: 0.00177 - epss-percentile: 0.54879 + epss-score: 0.00231 + epss-percentile: 0.60494 cpe: cpe:2.3:a:supsystic:contact_form:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24278.yaml b/http/cves/2021/CVE-2021-24278.yaml index 3f51903fe2..c0595cc370 100644 --- a/http/cves/2021/CVE-2021-24278.yaml +++ b/http/cves/2021/CVE-2021-24278.yaml @@ -13,13 +13,15 @@ info: - https://wpscan.com/vulnerability/99f30604-d62b-4e30-afcd-b482f8d66413 - https://www.wordfence.com/blog/2021/04/severe-vulnerabilities-patched-in-redirection-for-contact-form-7-plugin/ - https://nvd.nist.gov/vuln/detail/CVE-2021-24278 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2021-24278 cwe-id: CWE-863 - epss-score: 0.06115 - epss-percentile: 0.92804 + epss-score: 0.05506 + epss-percentile: 0.93039 cpe: cpe:2.3:a:querysol:redirection_for_contact_form_7:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24284.yaml b/http/cves/2021/CVE-2021-24284.yaml index bdad00a7de..dffdf89c99 100644 --- a/http/cves/2021/CVE-2021-24284.yaml +++ b/http/cves/2021/CVE-2021-24284.yaml @@ -22,8 +22,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-24284 cwe-id: CWE-434 - epss-score: 0.9676 - epss-percentile: 0.99595 + epss-score: 0.96657 + epss-percentile: 0.99614 cpe: cpe:2.3:a:kaswara_project:kaswara:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-24286.yaml b/http/cves/2021/CVE-2021-24286.yaml index e3ad087f39..3804f34b90 100644 --- a/http/cves/2021/CVE-2021-24286.yaml +++ b/http/cves/2021/CVE-2021-24286.yaml @@ -12,13 +12,14 @@ info: - https://www.exploit-db.com/exploits/50350 - https://nvd.nist.gov/vuln/detail/CVE-2021-24286 - https://wordpress.org/plugins/redirect-404-to-parent/ + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-24286 cwe-id: CWE-79 - epss-score: 0.00177 - epss-percentile: 0.54879 + epss-score: 0.00231 + epss-percentile: 0.60494 cpe: cpe:2.3:a:mooveagency:redirect_404_to_parent:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24287.yaml b/http/cves/2021/CVE-2021-24287.yaml index fcd4a53a25..dd2d9fb9dc 100644 --- a/http/cves/2021/CVE-2021-24287.yaml +++ b/http/cves/2021/CVE-2021-24287.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2021-24287 cwe-id: CWE-79 - epss-score: 0.00203 - epss-percentile: 0.58305 + epss-score: 0.00231 + epss-percentile: 0.60494 cpe: cpe:2.3:a:mooveagency:select_all_categories_and_taxonomies\,_change_checkbox_to_radio_buttons:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24298.yaml b/http/cves/2021/CVE-2021-24298.yaml index fec99780ef..2398a39224 100644 --- a/http/cves/2021/CVE-2021-24298.yaml +++ b/http/cves/2021/CVE-2021-24298.yaml @@ -14,13 +14,15 @@ info: - https://codevigilant.com/disclosure/2021/wp-plugin-giveasap-xss/ - https://wpscan.com/vulnerability/30aebded-3eb3-4dda-90b5-12de5e622c91 - https://nvd.nist.gov/vuln/detail/CVE-2021-24298 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-24298 cwe-id: CWE-79 - epss-score: 0.00116 - epss-percentile: 0.45185 + epss-score: 0.00123 + epss-percentile: 0.45761 cpe: cpe:2.3:a:ibenic:simple_giveaways:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24300.yaml b/http/cves/2021/CVE-2021-24300.yaml index 0d3893c5a4..7f3600493c 100644 --- a/http/cves/2021/CVE-2021-24300.yaml +++ b/http/cves/2021/CVE-2021-24300.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2021-24300 cwe-id: CWE-79 - epss-score: 0.00259 - epss-percentile: 0.63706 + epss-score: 0.00338 + epss-percentile: 0.70768 cpe: cpe:2.3:a:pickplugins:product_slider_for_woocommerce:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-24316.yaml b/http/cves/2021/CVE-2021-24316.yaml index 8d2865d664..6a6b2bf993 100644 --- a/http/cves/2021/CVE-2021-24316.yaml +++ b/http/cves/2021/CVE-2021-24316.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2021-24316 cwe-id: CWE-79 - epss-score: 0.00298 - epss-percentile: 0.66299 + epss-score: 0.00317 + epss-percentile: 0.69851 cpe: cpe:2.3:a:wowthemes:mediumish:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24335.yaml b/http/cves/2021/CVE-2021-24335.yaml index 4145d72393..83d91d2c74 100644 --- a/http/cves/2021/CVE-2021-24335.yaml +++ b/http/cves/2021/CVE-2021-24335.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2021-24335 cwe-id: CWE-79 - epss-score: 0.0017 - epss-percentile: 0.54119 + epss-score: 0.00181 + epss-percentile: 0.54412 cpe: cpe:2.3:a:smartdatasoft:car_repair_services_\&_auto_mechanic:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24340.yaml b/http/cves/2021/CVE-2021-24340.yaml index 5e6b85f3ec..addbff275a 100644 --- a/http/cves/2021/CVE-2021-24340.yaml +++ b/http/cves/2021/CVE-2021-24340.yaml @@ -18,8 +18,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-24340 cwe-id: CWE-89 - epss-score: 0.0287 - epss-percentile: 0.89694 + epss-score: 0.01937 + epss-percentile: 0.88371 cpe: cpe:2.3:a:veronalabs:wp_statistics:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-24342.yaml b/http/cves/2021/CVE-2021-24342.yaml index 5ccdbe9558..1fcfa36d49 100644 --- a/http/cves/2021/CVE-2021-24342.yaml +++ b/http/cves/2021/CVE-2021-24342.yaml @@ -12,13 +12,15 @@ info: reference: - https://wpscan.com/vulnerability/415ca763-fe65-48cb-acd3-b375a400217e - https://nvd.nist.gov/vuln/detail/CVE-2021-24342 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-24342 cwe-id: CWE-79 - epss-score: 0.00106 - epss-percentile: 0.42876 + epss-score: 0.00113 + epss-percentile: 0.43845 cpe: cpe:2.3:a:jnews:jnews:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24351.yaml b/http/cves/2021/CVE-2021-24351.yaml index b84d81bad7..ad3657c269 100644 --- a/http/cves/2021/CVE-2021-24351.yaml +++ b/http/cves/2021/CVE-2021-24351.yaml @@ -14,13 +14,15 @@ info: - https://wpscan.com/vulnerability/2ee62f85-7aea-4b7d-8b2d-5d86d9fb8016 - https://theplusaddons.com/changelog/ - https://nvd.nist.gov/vuln/detail/CVE-2021-24351 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/JoshMorrison99/my-nuceli-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-24351 cwe-id: CWE-79 - epss-score: 0.00145 - epss-percentile: 0.50234 + epss-score: 0.00154 + epss-percentile: 0.50743 cpe: cpe:2.3:a:posimyth:the_plus_addons_for_elementor:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24358.yaml b/http/cves/2021/CVE-2021-24358.yaml index 5cf5d66a85..f0ad714c81 100644 --- a/http/cves/2021/CVE-2021-24358.yaml +++ b/http/cves/2021/CVE-2021-24358.yaml @@ -13,13 +13,14 @@ info: - https://wpscan.com/vulnerability/fd4352ad-dae0-4404-94d1-11083cb1f44d - https://nvd.nist.gov/vuln/detail/CVE-2021-24358 - https://theplusaddons.com/changelog/ + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-24358 cwe-id: CWE-601 - epss-score: 0.00255 - epss-percentile: 0.63338 + epss-score: 0.00329 + epss-percentile: 0.70388 cpe: cpe:2.3:a:posimyth:the_plus_addons_for_elementor:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-24364.yaml b/http/cves/2021/CVE-2021-24364.yaml index 9eadf5aadd..b9aeb55cd1 100644 --- a/http/cves/2021/CVE-2021-24364.yaml +++ b/http/cves/2021/CVE-2021-24364.yaml @@ -14,13 +14,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2021-24364 - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/ARPSyndicate/cvemon + - https://github.com/crpytoscooby/resourses_web classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-24364 cwe-id: CWE-79 - epss-score: 0.00106 - epss-percentile: 0.42939 + epss-score: 0.00113 + epss-percentile: 0.43845 cpe: cpe:2.3:a:tielabs:jannah:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24370.yaml b/http/cves/2021/CVE-2021-24370.yaml index 94cfbc5f3e..27075a2916 100644 --- a/http/cves/2021/CVE-2021-24370.yaml +++ b/http/cves/2021/CVE-2021-24370.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-24370 cwe-id: CWE-434 - epss-score: 0.1228 - epss-percentile: 0.94912 + epss-score: 0.11015 + epss-percentile: 0.95013 cpe: cpe:2.3:a:radykal:fancy_product_designer:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24387.yaml b/http/cves/2021/CVE-2021-24387.yaml index 6a2f231087..b4e94057ea 100644 --- a/http/cves/2021/CVE-2021-24387.yaml +++ b/http/cves/2021/CVE-2021-24387.yaml @@ -15,13 +15,14 @@ info: - https://wpscan.com/vulnerability/27264f30-71d5-4d2b-8f36-4009a2be6745 - https://contempothemes.com/wp-real-estate-7/changelog/ - https://nvd.nist.gov/vuln/detail/CVE-2021-24387 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-24387 cwe-id: CWE-79 - epss-score: 0.00145 - epss-percentile: 0.50234 + epss-score: 0.00154 + epss-percentile: 0.50743 cpe: cpe:2.3:a:contempothemes:real_estate_7:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24389.yaml b/http/cves/2021/CVE-2021-24389.yaml index 535e249c31..aa6c3b8b1c 100644 --- a/http/cves/2021/CVE-2021-24389.yaml +++ b/http/cves/2021/CVE-2021-24389.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2021-24389 cwe-id: CWE-79 - epss-score: 0.00158 - epss-percentile: 0.52233 + epss-score: 0.00168 + epss-percentile: 0.526 cpe: cpe:2.3:a:chimpgroup:foodbakery:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24406.yaml b/http/cves/2021/CVE-2021-24406.yaml index 16d37241ff..719b72a6a6 100644 --- a/http/cves/2021/CVE-2021-24406.yaml +++ b/http/cves/2021/CVE-2021-24406.yaml @@ -12,13 +12,15 @@ info: reference: - https://wpscan.com/vulnerability/a9284931-555b-4c96-86a3-09e1040b0388 - https://nvd.nist.gov/vuln/detail/CVE-2021-24406 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-24406 cwe-id: CWE-601 - epss-score: 0.0015 - epss-percentile: 0.51077 + epss-score: 0.00137 + epss-percentile: 0.48279 cpe: cpe:2.3:a:gvectors:wpforo_forum:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24407.yaml b/http/cves/2021/CVE-2021-24407.yaml index 5680f24718..c91e2938d5 100644 --- a/http/cves/2021/CVE-2021-24407.yaml +++ b/http/cves/2021/CVE-2021-24407.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2021-24407 cwe-id: CWE-79 - epss-score: 0.00161 - epss-percentile: 0.52665 + epss-score: 0.00207 + epss-percentile: 0.58055 cpe: cpe:2.3:a:tielabs:jannah:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24409.yaml b/http/cves/2021/CVE-2021-24409.yaml index 4b4462a64a..1a920bc825 100644 --- a/http/cves/2021/CVE-2021-24409.yaml +++ b/http/cves/2021/CVE-2021-24409.yaml @@ -17,8 +17,8 @@ info: cvss-score: 6.1 cve-id: CVE-2021-24409 cwe-id: CWE-79 - epss-score: 0.00188 - epss-percentile: 0.5634 + epss-score: 0.00161 + epss-percentile: 0.51755 cpe: cpe:2.3:a:plugin-planet:prismatic:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24435.yaml b/http/cves/2021/CVE-2021-24435.yaml index 32450ca625..0e6b563758 100644 --- a/http/cves/2021/CVE-2021-24435.yaml +++ b/http/cves/2021/CVE-2021-24435.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-24435 cwe-id: CWE-79 epss-score: 0.0014 - epss-percentile: 0.49496 + epss-percentile: 0.4866 cpe: cpe:2.3:a:gambit:titan_framework:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24436.yaml b/http/cves/2021/CVE-2021-24436.yaml index e2e7655176..a25d21f924 100644 --- a/http/cves/2021/CVE-2021-24436.yaml +++ b/http/cves/2021/CVE-2021-24436.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-24436 cwe-id: CWE-79 epss-score: 0.001 - epss-percentile: 0.40831 + epss-percentile: 0.4009 cpe: cpe:2.3:a:boldgrid:w3_total_cache:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24442.yaml b/http/cves/2021/CVE-2021-24442.yaml index 8fbe8ba864..2a85fac71d 100644 --- a/http/cves/2021/CVE-2021-24442.yaml +++ b/http/cves/2021/CVE-2021-24442.yaml @@ -26,7 +26,7 @@ info: product: poll\,_survey\,_questionnaire_and_voting_system framework: wordpress publicwww-query: "/wp-content/plugins/polls-widget/" - tags: wpscan,cve,cve2021,wp,wp-plugin,wpscan,wordpress,polls-widget,sqli + tags: wpscan,cve,cve2021,wp,wp-plugin,wordpress,polls-widget,sqli http: - raw: diff --git a/http/cves/2021/CVE-2021-24472.yaml b/http/cves/2021/CVE-2021-24472.yaml index cce078595f..4e51c07243 100644 --- a/http/cves/2021/CVE-2021-24472.yaml +++ b/http/cves/2021/CVE-2021-24472.yaml @@ -13,13 +13,15 @@ info: reference: - https://wpscan.com/vulnerability/17591ac5-88fa-4cae-a61a-4dcf5dc0b72a - https://nvd.nist.gov/vuln/detail/CVE-2021-24472 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-24472 cwe-id: CWE-918 - epss-score: 0.03476 - epss-percentile: 0.90575 + epss-score: 0.04362 + epss-percentile: 0.92159 cpe: cpe:2.3:a:qantumthemes:kentharadio:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24495.yaml b/http/cves/2021/CVE-2021-24495.yaml index cc56af8899..e069f58f6f 100644 --- a/http/cves/2021/CVE-2021-24495.yaml +++ b/http/cves/2021/CVE-2021-24495.yaml @@ -14,13 +14,14 @@ info: - https://wordpress.org/plugins/marmoset-viewer/#developers - https://wpscan.com/vulnerability/d11b79a3-f762-49ab-b7c8-3174624d7638 - https://nvd.nist.gov/vuln/detail/CVE-2021-24495 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-24495 cwe-id: CWE-79 epss-score: 0.00116 - epss-percentile: 0.45185 + epss-percentile: 0.44405 cpe: cpe:2.3:a:marmoset:marmoset_viewer:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-24498.yaml b/http/cves/2021/CVE-2021-24498.yaml index 4132003a4a..e6f98d894c 100644 --- a/http/cves/2021/CVE-2021-24498.yaml +++ b/http/cves/2021/CVE-2021-24498.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2021-24498 cwe-id: CWE-79 - epss-score: 0.00188 - epss-percentile: 0.5634 + epss-score: 0.00161 + epss-percentile: 0.51755 cpe: cpe:2.3:a:dwbooster:calendar_event_multi_view:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24499.yaml b/http/cves/2021/CVE-2021-24499.yaml index 0dfa76d1ae..2c2db7adc3 100644 --- a/http/cves/2021/CVE-2021-24499.yaml +++ b/http/cves/2021/CVE-2021-24499.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-24499 cwe-id: CWE-434 - epss-score: 0.1914 - epss-percentile: 0.95833 + epss-score: 0.16767 + epss-percentile: 0.9591 cpe: cpe:2.3:a:amentotech:workreap:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-24627.yaml b/http/cves/2021/CVE-2021-24627.yaml index 4f2fc3d6cc..9d6f5e0275 100644 --- a/http/cves/2021/CVE-2021-24627.yaml +++ b/http/cves/2021/CVE-2021-24627.yaml @@ -16,8 +16,8 @@ info: cvss-score: 7.2 cve-id: CVE-2021-24627 cwe-id: CWE-89 - epss-score: 0.15547 - epss-percentile: 0.9542 + epss-score: 0.14515 + epss-percentile: 0.95609 cpe: cpe:2.3:a:g_auto-hyperlink_project:g_auto-hyperlink:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24647.yaml b/http/cves/2021/CVE-2021-24647.yaml index 53ea093f29..73efe5ee6e 100644 --- a/http/cves/2021/CVE-2021-24647.yaml +++ b/http/cves/2021/CVE-2021-24647.yaml @@ -18,8 +18,8 @@ info: cvss-score: 8.1 cve-id: CVE-2021-24647 cwe-id: CWE-287 - epss-score: 0.2135 - epss-percentile: 0.95991 + epss-score: 0.22598 + epss-percentile: 0.96397 cpe: cpe:2.3:a:genetechsolutions:pie_register:*:*:*:*:*:wordpress:*:* metadata: verified: "true" diff --git a/http/cves/2021/CVE-2021-24666.yaml b/http/cves/2021/CVE-2021-24666.yaml index fe56a7988a..6c6f541047 100644 --- a/http/cves/2021/CVE-2021-24666.yaml +++ b/http/cves/2021/CVE-2021-24666.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-24666 cwe-id: CWE-89 - epss-score: 0.23542 - epss-percentile: 0.96151 + epss-score: 0.28174 + epss-percentile: 0.96727 cpe: cpe:2.3:a:podlove:podlove_podcast_publisher:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24731.yaml b/http/cves/2021/CVE-2021-24731.yaml index 4c8e75beba..bd9f950b46 100644 --- a/http/cves/2021/CVE-2021-24731.yaml +++ b/http/cves/2021/CVE-2021-24731.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2021-24731 cwe-id: CWE-89 epss-score: 0.14786 - epss-percentile: 0.95303 + epss-percentile: 0.95651 cpe: cpe:2.3:a:genetechsolutions:pie_register:*:*:*:*:*:wordpress:*:* metadata: verified: "true" diff --git a/http/cves/2021/CVE-2021-24746.yaml b/http/cves/2021/CVE-2021-24746.yaml index f3fb80b719..5d2d400e9f 100644 --- a/http/cves/2021/CVE-2021-24746.yaml +++ b/http/cves/2021/CVE-2021-24746.yaml @@ -12,13 +12,14 @@ info: reference: - https://wpscan.com/vulnerability/99f4fb32-e312-4059-adaf-f4cbaa92d4fa - https://nvd.nist.gov/vuln/detail/CVE-2021-24746 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-24746 cwe-id: CWE-79 epss-score: 0.00106 - epss-percentile: 0.42838 + epss-percentile: 0.42122 cpe: cpe:2.3:a:heateor:sassy_social_share:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-24791.yaml b/http/cves/2021/CVE-2021-24791.yaml index 7dd4576bf7..13c2115b57 100644 --- a/http/cves/2021/CVE-2021-24791.yaml +++ b/http/cves/2021/CVE-2021-24791.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2021-24791 cwe-id: CWE-89 epss-score: 0.10363 - epss-percentile: 0.94471 + epss-percentile: 0.94849 cpe: cpe:2.3:a:draftpress:header_footer_code_manager:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24849.yaml b/http/cves/2021/CVE-2021-24849.yaml index 9d11f20664..65ddc04984 100644 --- a/http/cves/2021/CVE-2021-24849.yaml +++ b/http/cves/2021/CVE-2021-24849.yaml @@ -6,28 +6,27 @@ info: severity: critical description: | The wcfm_ajax_controller AJAX action of the WCFM Marketplace WordPress plugin before 3.4.12, available to unauthenticated and authenticated user, does not properly sanitise multiple parameters before using them in SQL statements, leading to SQL injections. + remediation: Fixed in 3.4.12 reference: - https://wpscan.com/vulnerability/763c08a0-4b2b-4487-b91c-be6cc2b9322e/ - https://nvd.nist.gov/vuln/detail/CVE-2021-24849 - https://wordpress.org/plugins/wc-multivendor-marketplace/ - remediation: Fixed in 3.4.12 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-24849 cwe-id: CWE-89 + epss-score: 0.02367 + epss-percentile: 0.89583 cpe: cpe:2.3:a:wclovers:frontend_manager_for_woocommerce_along_with_bookings_subscription_listings_compatible:*:*:*:*:*:wordpress:*:* - epss-score: 0.00199 - epss-percentile: 0.56492 metadata: - product: "frontend_manager_for_woocommerce_along_with_bookings_subscription_listings_compatible" - framework: wordpress - publicwww-query: "/wp-content/plugins/wc-multivendor-marketplace" verified: true max-request: 3 vendor: wclovers - tags: wpscan,cve,cve2021,wp,wp-plugin,wordpress,wc-multivendor-marketplace,wpscan,sqli - + product: "frontend_manager_for_woocommerce_along_with_bookings_subscription_listings_compatible" + framework: wordpress + publicwww-query: "/wp-content/plugins/wc-multivendor-marketplace" + tags: wpscan,cve,cve2021,wp,wp-plugin,wordpress,wc-multivendor-marketplace,sqli flow: http(1) && http(2) http: diff --git a/http/cves/2021/CVE-2021-24910.yaml b/http/cves/2021/CVE-2021-24910.yaml index fe1843aab4..e66277d815 100644 --- a/http/cves/2021/CVE-2021-24910.yaml +++ b/http/cves/2021/CVE-2021-24910.yaml @@ -14,13 +14,14 @@ info: - https://github.com/MrTuxracer/advisories/blob/master/CVEs/CVE-2021-24910.txt - https://wpscan.com/vulnerability/b5cbebf4-5749-41a0-8be3-3333853fca17 - https://nvd.nist.gov/vuln/detail/CVE-2021-24910 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-24910 cwe-id: CWE-79 - epss-score: 0.00097 - epss-percentile: 0.40139 + epss-score: 0.00086 + epss-percentile: 0.35299 cpe: cpe:2.3:a:transposh:transposh_wordpress_translation:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24926.yaml b/http/cves/2021/CVE-2021-24926.yaml index 3f7e12468c..ca1362b8f1 100644 --- a/http/cves/2021/CVE-2021-24926.yaml +++ b/http/cves/2021/CVE-2021-24926.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2021-24926 cwe-id: CWE-79 epss-score: 0.00171 - epss-percentile: 0.54212 + epss-percentile: 0.53153 cpe: cpe:2.3:a:domaincheckplugin:domain_check:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-24943.yaml b/http/cves/2021/CVE-2021-24943.yaml index 771bc99857..00d9c0f226 100644 --- a/http/cves/2021/CVE-2021-24943.yaml +++ b/http/cves/2021/CVE-2021-24943.yaml @@ -16,8 +16,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-24943 cwe-id: CWE-89 - epss-score: 0.00199 - epss-percentile: 0.56492 + epss-score: 0.21158 + epss-percentile: 0.96299 cpe: cpe:2.3:a:roundupwp:registrations_for_the_events_calendar:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -26,8 +26,7 @@ info: product: registrations_for_the_events_calendar framework: wordpress publicwww-query: "/wp-content/plugins/registrations-for-the-events-calendar/" - tags: wpscan,cve,cve2021,wp,wp-plugin,wpscan,wordpress,sqli,registrations-for-the-events-calendar - + tags: wpscan,cve,cve2021,wp,wp-plugin,wordpress,sqli,registrations-for-the-events-calendar variables: text: "{{rand_base(5)}}" diff --git a/http/cves/2021/CVE-2021-24947.yaml b/http/cves/2021/CVE-2021-24947.yaml index 85cfd7ca45..86062c7e38 100644 --- a/http/cves/2021/CVE-2021-24947.yaml +++ b/http/cves/2021/CVE-2021-24947.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.5 cve-id: CVE-2021-24947 cwe-id: CWE-352,CWE-863 - epss-score: 0.00327 - epss-percentile: 0.67893 + epss-score: 0.00315 + epss-percentile: 0.69672 cpe: cpe:2.3:a:thinkupthemes:responsive_vector_maps:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-24956.yaml b/http/cves/2021/CVE-2021-24956.yaml index 825e15e3a0..c11f5edaef 100644 --- a/http/cves/2021/CVE-2021-24956.yaml +++ b/http/cves/2021/CVE-2021-24956.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2021-24956 cwe-id: CWE-79 epss-score: 0.00106 - epss-percentile: 0.42899 + epss-percentile: 0.42122 cpe: cpe:2.3:a:adenion:blog2social:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-24987.yaml b/http/cves/2021/CVE-2021-24987.yaml index 3c24e128e2..d9ea4c9512 100644 --- a/http/cves/2021/CVE-2021-24987.yaml +++ b/http/cves/2021/CVE-2021-24987.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2021-24987 cwe-id: CWE-79 epss-score: 0.00086 - epss-percentile: 0.35828 + epss-percentile: 0.35299 cpe: cpe:2.3:a:heateor:super_socializer:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-24991.yaml b/http/cves/2021/CVE-2021-24991.yaml index 2b9efd3412..2afc8f184d 100644 --- a/http/cves/2021/CVE-2021-24991.yaml +++ b/http/cves/2021/CVE-2021-24991.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2021-24991 cwe-id: CWE-79 epss-score: 0.00069 - epss-percentile: 0.2874 + epss-percentile: 0.28508 cpe: cpe:2.3:a:wpovernight:woocommerce_pdf_invoices\&_packing_slips:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-24997.yaml b/http/cves/2021/CVE-2021-24997.yaml index cde753aa6a..bb8175be6f 100644 --- a/http/cves/2021/CVE-2021-24997.yaml +++ b/http/cves/2021/CVE-2021-24997.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.5 cve-id: CVE-2021-24997 cwe-id: CWE-862 - epss-score: 0.00224 - epss-percentile: 0.60766 + epss-score: 0.0019 + epss-percentile: 0.55517 cpe: cpe:2.3:a:wp-guppy:wp_guppy:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-25003.yaml b/http/cves/2021/CVE-2021-25003.yaml index 101b251f86..48cb2bc751 100644 --- a/http/cves/2021/CVE-2021-25003.yaml +++ b/http/cves/2021/CVE-2021-25003.yaml @@ -14,13 +14,15 @@ info: - https://wpscan.com/vulnerability/5c21ad35-b2fb-4a51-858f-8ffff685de4a - https://wordpress.org/plugins/wpcargo/ - https://nvd.nist.gov/vuln/detail/CVE-2021-25003 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/WhooAmii/POC_to_review classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-25003 cwe-id: CWE-434,CWE-94 epss-score: 0.61252 - epss-percentile: 0.97521 + epss-percentile: 0.97725 cpe: cpe:2.3:a:wptaskforce:wpcargo_track_\&_trace:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-25008.yaml b/http/cves/2021/CVE-2021-25008.yaml index 517d6a78ff..93bf1fa0d8 100644 --- a/http/cves/2021/CVE-2021-25008.yaml +++ b/http/cves/2021/CVE-2021-25008.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2021-25008 cwe-id: CWE-79 epss-score: 0.00106 - epss-percentile: 0.42899 + epss-percentile: 0.42122 cpe: cpe:2.3:a:codesnippets:code_snippets:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-25016.yaml b/http/cves/2021/CVE-2021-25016.yaml index 83f209e1b7..b2be9f2aec 100644 --- a/http/cves/2021/CVE-2021-25016.yaml +++ b/http/cves/2021/CVE-2021-25016.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2021-25016 cwe-id: CWE-79 epss-score: 0.00106 - epss-percentile: 0.42899 + epss-percentile: 0.42122 cpe: cpe:2.3:a:premio:chaty:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-25033.yaml b/http/cves/2021/CVE-2021-25033.yaml index 40a35020ad..fa4913fc62 100644 --- a/http/cves/2021/CVE-2021-25033.yaml +++ b/http/cves/2021/CVE-2021-25033.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2021-25033 cwe-id: CWE-601 epss-score: 0.001 - epss-percentile: 0.40882 + epss-percentile: 0.40139 cpe: cpe:2.3:a:noptin:noptin:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-25052.yaml b/http/cves/2021/CVE-2021-25052.yaml index 80bb63b12b..2f5dbaeae1 100644 --- a/http/cves/2021/CVE-2021-25052.yaml +++ b/http/cves/2021/CVE-2021-25052.yaml @@ -13,13 +13,15 @@ info: - https://wpscan.com/vulnerability/a01844a0-0c43-4d96-b738-57fe5bfbd67a - https://nvd.nist.gov/vuln/detail/CVE-2021-25052 - https://plugins.trac.wordpress.org/changeset/2641639/button-generation + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H cvss-score: 8.8 cve-id: CVE-2021-25052 cwe-id: CWE-352 epss-score: 0.01998 - epss-percentile: 0.87597 + epss-percentile: 0.88568 cpe: cpe:2.3:a:wow-company:button_generator:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-25055.yaml b/http/cves/2021/CVE-2021-25055.yaml index 2e4d40182b..32a8c415fe 100644 --- a/http/cves/2021/CVE-2021-25055.yaml +++ b/http/cves/2021/CVE-2021-25055.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-25055 cwe-id: CWE-79 epss-score: 0.001 - epss-percentile: 0.40882 + epss-percentile: 0.40139 cpe: cpe:2.3:a:feedwordpress_project:feedwordpress:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-25065.yaml b/http/cves/2021/CVE-2021-25065.yaml index c8c93db389..6a6370d87b 100644 --- a/http/cves/2021/CVE-2021-25065.yaml +++ b/http/cves/2021/CVE-2021-25065.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2021-25065 cwe-id: CWE-79 epss-score: 0.00069 - epss-percentile: 0.285 + epss-percentile: 0.2831 cpe: cpe:2.3:a:smashballoon:smash_balloon_social_post_feed:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-25074.yaml b/http/cves/2021/CVE-2021-25074.yaml index 33e0067c63..296dee0e35 100644 --- a/http/cves/2021/CVE-2021-25074.yaml +++ b/http/cves/2021/CVE-2021-25074.yaml @@ -12,13 +12,15 @@ info: reference: - https://wpscan.com/vulnerability/f3c0a155-9563-4533-97d4-03b9bac83164 - https://nvd.nist.gov/vuln/detail/CVE-2021-25074 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-25074 cwe-id: CWE-601 epss-score: 0.00106 - epss-percentile: 0.42838 + epss-percentile: 0.42122 cpe: cpe:2.3:a:webp_converter_for_media_project:webp_converter_for_media:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-25075.yaml b/http/cves/2021/CVE-2021-25075.yaml index db9150dcfa..e90cb2bc4d 100644 --- a/http/cves/2021/CVE-2021-25075.yaml +++ b/http/cves/2021/CVE-2021-25075.yaml @@ -13,13 +13,15 @@ info: - https://wpscan.com/vulnerability/db5a0431-af4d-45b7-be4e-36b6c90a601b - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25075 - https://nvd.nist.gov/vuln/detail/CVE-2021-25075 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/kazet/wpgarlic classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N cvss-score: 3.5 cve-id: CVE-2021-25075 cwe-id: CWE-862 epss-score: 0.00071 - epss-percentile: 0.29136 + epss-percentile: 0.28959 cpe: cpe:2.3:a:wpdevart:duplicate_page_or_post:*:*:*:*:*:wordpress:*:* metadata: max-request: 3 diff --git a/http/cves/2021/CVE-2021-25078.yaml b/http/cves/2021/CVE-2021-25078.yaml index 4e9efdda47..cfe38989dd 100644 --- a/http/cves/2021/CVE-2021-25078.yaml +++ b/http/cves/2021/CVE-2021-25078.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2021-25078 cwe-id: CWE-79 epss-score: 0.00382 - epss-percentile: 0.70275 + epss-percentile: 0.72505 cpe: cpe:2.3:a:wpaffiliatemanager:affiliates_manager:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-25085.yaml b/http/cves/2021/CVE-2021-25085.yaml index 098c9efebc..f30e7e60bd 100644 --- a/http/cves/2021/CVE-2021-25085.yaml +++ b/http/cves/2021/CVE-2021-25085.yaml @@ -14,13 +14,14 @@ info: - https://wpscan.com/vulnerability/b7dd81c6-6af1-4976-b928-421ca69bfa90 - https://plugins.trac.wordpress.org/changeset/2648751 - https://nvd.nist.gov/vuln/detail/CVE-2021-25085 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-25085 cwe-id: CWE-79 epss-score: 0.001 - epss-percentile: 0.40832 + epss-percentile: 0.40139 cpe: cpe:2.3:a:pluginus:woocommerce_products_filter:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-25099.yaml b/http/cves/2021/CVE-2021-25099.yaml index 39a93fd1dd..b5a79002f5 100644 --- a/http/cves/2021/CVE-2021-25099.yaml +++ b/http/cves/2021/CVE-2021-25099.yaml @@ -15,13 +15,14 @@ info: - https://wordpress.org/plugins/give/ - https://nvd.nist.gov/vuln/detail/CVE-2021-25099 - https://plugins.trac.wordpress.org/changeset/2659032 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-25099 cwe-id: CWE-79 epss-score: 0.001 - epss-percentile: 0.40832 + epss-percentile: 0.40139 cpe: cpe:2.3:a:givewp:givewp:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-25104.yaml b/http/cves/2021/CVE-2021-25104.yaml index e5ebd9a36e..31b18cc629 100644 --- a/http/cves/2021/CVE-2021-25104.yaml +++ b/http/cves/2021/CVE-2021-25104.yaml @@ -12,13 +12,15 @@ info: - https://wpscan.com/vulnerability/2ee6f1d8-3803-42f6-9193-3dd8f416b558 - https://wordpress.org/plugins/ocean-extra/ - https://nvd.nist.gov/vuln/detail/CVE-2021-25104 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-25104 cwe-id: CWE-79 epss-score: 0.00106 - epss-percentile: 0.42838 + epss-percentile: 0.42122 cpe: cpe:2.3:a:oceanwp:ocean_extra:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-25111.yaml b/http/cves/2021/CVE-2021-25111.yaml index 687e29af61..c0a2cde3d8 100644 --- a/http/cves/2021/CVE-2021-25111.yaml +++ b/http/cves/2021/CVE-2021-25111.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2021-25111 cwe-id: CWE-601 epss-score: 0.00106 - epss-percentile: 0.42899 + epss-percentile: 0.42122 cpe: cpe:2.3:a:english_wordpress_admin_project:english_wordpress_admin:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-25112.yaml b/http/cves/2021/CVE-2021-25112.yaml index dda4665017..166af1dcb3 100644 --- a/http/cves/2021/CVE-2021-25112.yaml +++ b/http/cves/2021/CVE-2021-25112.yaml @@ -14,13 +14,14 @@ info: - https://wpscan.com/vulnerability/4aae2dd9-8d51-4633-91bc-ddb53ca3471c - https://plugins.trac.wordpress.org/changeset/2659751 - https://nvd.nist.gov/vuln/detail/CVE-2021-25112 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-25112 cwe-id: CWE-79 epss-score: 0.001 - epss-percentile: 0.40832 + epss-percentile: 0.40139 cpe: cpe:2.3:a:i-plugins:whmcs_bridge:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-25114.yaml b/http/cves/2021/CVE-2021-25114.yaml index 6bd96efac4..09e2f4dcd5 100644 --- a/http/cves/2021/CVE-2021-25114.yaml +++ b/http/cves/2021/CVE-2021-25114.yaml @@ -15,13 +15,14 @@ info: - https://wordpress.org/plugins/paid-memberships-pro/ - https://nvd.nist.gov/vuln/detail/CVE-2021-25114 - https://www.paidmembershipspro.com/pmpro-update-2-6-7-security-release/ + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-25114 cwe-id: CWE-89 - epss-score: 0.04131 - epss-percentile: 0.9129 + epss-score: 0.0412 + epss-percentile: 0.91962 cpe: cpe:2.3:a:strangerstudios:paid_memberships_pro:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-25118.yaml b/http/cves/2021/CVE-2021-25118.yaml index f20046a21f..c3ea4673f5 100644 --- a/http/cves/2021/CVE-2021-25118.yaml +++ b/http/cves/2021/CVE-2021-25118.yaml @@ -12,13 +12,15 @@ info: - https://wpscan.com/vulnerability/2c3f9038-632d-40ef-a099-6ea202efb550 - https://plugins.trac.wordpress.org/changeset/2608691 - https://nvd.nist.gov/vuln/detail/CVE-2021-25118 + - https://github.com/20142995/sectool + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2021-25118 cwe-id: CWE-200 - epss-score: 0.00155 - epss-percentile: 0.51756 + epss-score: 0.00173 + epss-percentile: 0.5348 cpe: cpe:2.3:a:yoast:yoast_seo:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-25120.yaml b/http/cves/2021/CVE-2021-25120.yaml index e95d7b3533..5373039add 100644 --- a/http/cves/2021/CVE-2021-25120.yaml +++ b/http/cves/2021/CVE-2021-25120.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2021-25120 cwe-id: CWE-79 epss-score: 0.00106 - epss-percentile: 0.42899 + epss-percentile: 0.42122 cpe: cpe:2.3:a:easysocialfeed:easy_social_feed:*:*:*:*:pro:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-25281.yaml b/http/cves/2021/CVE-2021-25281.yaml index 6ef39f6cff..7cfc5d110d 100644 --- a/http/cves/2021/CVE-2021-25281.yaml +++ b/http/cves/2021/CVE-2021-25281.yaml @@ -18,8 +18,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-25281 cwe-id: CWE-287 - epss-score: 0.85046 - epss-percentile: 0.98273 + epss-score: 0.87406 + epss-percentile: 0.98556 cpe: cpe:2.3:a:saltstack:salt:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-25297.yaml b/http/cves/2021/CVE-2021-25297.yaml index d1bcd46cac..5bb12e1f47 100644 --- a/http/cves/2021/CVE-2021-25297.yaml +++ b/http/cves/2021/CVE-2021-25297.yaml @@ -21,8 +21,8 @@ info: cvss-score: 8.8 cve-id: CVE-2021-25297 cwe-id: CWE-78 - epss-score: 0.89514 - epss-percentile: 0.98532 + epss-score: 0.90211 + epss-percentile: 0.98732 cpe: cpe:2.3:a:nagios:nagios_xi:5.7.5:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-25646.yaml b/http/cves/2021/CVE-2021-25646.yaml index 564fb6085c..c7054bb570 100644 --- a/http/cves/2021/CVE-2021-25646.yaml +++ b/http/cves/2021/CVE-2021-25646.yaml @@ -21,8 +21,8 @@ info: cvss-score: 8.8 cve-id: CVE-2021-25646 cwe-id: CWE-732 - epss-score: 0.97324 - epss-percentile: 0.99865 + epss-score: 0.97323 + epss-percentile: 0.99871 cpe: cpe:2.3:a:apache:druid:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-25864.yaml b/http/cves/2021/CVE-2021-25864.yaml index 0b541ba0aa..83e4ba42e7 100644 --- a/http/cves/2021/CVE-2021-25864.yaml +++ b/http/cves/2021/CVE-2021-25864.yaml @@ -12,13 +12,15 @@ info: reference: - https://github.com/Foddy/node-red-contrib-huemagic/issues/217 - https://nvd.nist.gov/vuln/detail/CVE-2021-25864 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2021-25864 cwe-id: CWE-22 - epss-score: 0.33276 - epss-percentile: 0.96644 + epss-score: 0.29108 + epss-percentile: 0.96769 cpe: cpe:2.3:a:dgtl:huemagic:3.0.0:*:*:*:*:node.js:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-25899.yaml b/http/cves/2021/CVE-2021-25899.yaml index 23182b7cb9..89a2517ce1 100644 --- a/http/cves/2021/CVE-2021-25899.yaml +++ b/http/cves/2021/CVE-2021-25899.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-25899 cwe-id: CWE-89 - epss-score: 0.53647 - epss-percentile: 0.97334 + epss-score: 0.50721 + epss-percentile: 0.9747 cpe: cpe:2.3:a:void:aurall_rec_monitor:9.0.0.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-26084.yaml b/http/cves/2021/CVE-2021-26084.yaml index a5007847b0..9afb52671f 100644 --- a/http/cves/2021/CVE-2021-26084.yaml +++ b/http/cves/2021/CVE-2021-26084.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-26084 cwe-id: CWE-917 - epss-score: 0.97235 - epss-percentile: 0.99813 + epss-score: 0.97414 + epss-percentile: 0.99924 cpe: cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:* metadata: max-request: 13 diff --git a/http/cves/2021/CVE-2021-26247.yaml b/http/cves/2021/CVE-2021-26247.yaml index 0c0f98090d..28e40ebb52 100644 --- a/http/cves/2021/CVE-2021-26247.yaml +++ b/http/cves/2021/CVE-2021-26247.yaml @@ -12,13 +12,15 @@ info: reference: - https://www.cacti.net/info/changelog - https://nvd.nist.gov/vuln/detail/CVE-2021-26247 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-26247 cwe-id: CWE-79 epss-score: 0.00255 - epss-percentile: 0.63314 + epss-percentile: 0.647 cpe: cpe:2.3:a:cacti:cacti:0.8.7g:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-26294.yaml b/http/cves/2021/CVE-2021-26294.yaml index 2b467d514c..bf62995225 100644 --- a/http/cves/2021/CVE-2021-26294.yaml +++ b/http/cves/2021/CVE-2021-26294.yaml @@ -9,13 +9,16 @@ info: reference: - https://github.com/E3SEC/AfterLogic/blob/main/CVE-2021-26294-exposure-of-sensitive-information-vulnerability.md - https://nvd.nist.gov/vuln/detail/CVE-2021-26294 + - https://github.com/Threekiii/Awesome-POC + - https://github.com/soosmile/POC + - https://github.com/tzwlhack/Vulnerability classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2021-26294 cwe-id: CWE-22 - epss-score: 0.23427 - epss-percentile: 0.96125 + epss-score: 0.25543 + epss-percentile: 0.96591 cpe: cpe:2.3:a:afterlogic:aurora:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-26295.yaml b/http/cves/2021/CVE-2021-26295.yaml index 41a7b18492..d5e81928ec 100644 --- a/http/cves/2021/CVE-2021-26295.yaml +++ b/http/cves/2021/CVE-2021-26295.yaml @@ -22,8 +22,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-26295 cwe-id: CWE-502 - epss-score: 0.97458 - epss-percentile: 0.99953 + epss-score: 0.97465 + epss-percentile: 0.99956 cpe: cpe:2.3:a:apache:ofbiz:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-26475.yaml b/http/cves/2021/CVE-2021-26475.yaml index 9985d391d7..5dfb174b9f 100644 --- a/http/cves/2021/CVE-2021-26475.yaml +++ b/http/cves/2021/CVE-2021-26475.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-26475 cwe-id: CWE-79 epss-score: 0.00187 - epss-percentile: 0.56089 + epss-percentile: 0.55045 cpe: cpe:2.3:a:eprints:eprints:3.4.2:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-26702.yaml b/http/cves/2021/CVE-2021-26702.yaml index 0302f05d1a..e9eafe221e 100644 --- a/http/cves/2021/CVE-2021-26702.yaml +++ b/http/cves/2021/CVE-2021-26702.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-26702 cwe-id: CWE-79 epss-score: 0.00187 - epss-percentile: 0.56089 + epss-percentile: 0.55045 cpe: cpe:2.3:a:eprints:eprints:3.4.2:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-26855.yaml b/http/cves/2021/CVE-2021-26855.yaml index ea5d338955..9d5bc94aa9 100644 --- a/http/cves/2021/CVE-2021-26855.yaml +++ b/http/cves/2021/CVE-2021-26855.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.1 cve-id: CVE-2021-26855 cwe-id: CWE-918 - epss-score: 0.97468 - epss-percentile: 0.99958 + epss-score: 0.97507 + epss-percentile: 0.9998 cpe: cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_21:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-27124.yaml b/http/cves/2021/CVE-2021-27124.yaml index a196256b63..410f97abc8 100644 --- a/http/cves/2021/CVE-2021-27124.yaml +++ b/http/cves/2021/CVE-2021-27124.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.5 cve-id: CVE-2021-27124 cwe-id: CWE-89 - epss-score: 0.01677 - epss-percentile: 0.86307 + epss-score: 0.01251 + epss-percentile: 0.85241 cpe: cpe:2.3:a:doctor_appointment_system_project:doctor_appointment_system:1.0:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2021/CVE-2021-27132.yaml b/http/cves/2021/CVE-2021-27132.yaml index 14375f3e36..6be7e6fd8e 100644 --- a/http/cves/2021/CVE-2021-27132.yaml +++ b/http/cves/2021/CVE-2021-27132.yaml @@ -13,13 +13,15 @@ info: - https://cybertuz.com/blog/post/crlf-injection-CVE-2021-27132 - http://sercomm.com - https://nvd.nist.gov/vuln/detail/CVE-2021-27132 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-27132 cwe-id: CWE-74 - epss-score: 0.02853 - epss-percentile: 0.8967 + epss-score: 0.04569 + epss-percentile: 0.92334 cpe: cpe:2.3:o:sercomm:agcombo_vd625_firmware:agsot_2.1.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-27315.yaml b/http/cves/2021/CVE-2021-27315.yaml index 92e3db1739..506ef7acfb 100644 --- a/http/cves/2021/CVE-2021-27315.yaml +++ b/http/cves/2021/CVE-2021-27315.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-27315 cwe-id: CWE-89 - epss-score: 0.08052 - epss-percentile: 0.9371 + epss-score: 0.06768 + epss-percentile: 0.93718 cpe: cpe:2.3:a:doctor_appointment_system_project:doctor_appointment_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-27316.yaml b/http/cves/2021/CVE-2021-27316.yaml index f21fcde33f..06e4ab4c04 100644 --- a/http/cves/2021/CVE-2021-27316.yaml +++ b/http/cves/2021/CVE-2021-27316.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-27316 cwe-id: CWE-89 - epss-score: 0.08052 - epss-percentile: 0.93683 + epss-score: 0.06768 + epss-percentile: 0.93718 cpe: cpe:2.3:a:doctor_appointment_system_project:doctor_appointment_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-27330.yaml b/http/cves/2021/CVE-2021-27330.yaml index 0cc02a4159..081299611d 100644 --- a/http/cves/2021/CVE-2021-27330.yaml +++ b/http/cves/2021/CVE-2021-27330.yaml @@ -15,13 +15,14 @@ info: - http://www.triconsole.com/ - http://www.triconsole.com/php/calendar_datepicker.php - https://nvd.nist.gov/vuln/detail/CVE-2021-27330 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-27330 cwe-id: CWE-79 epss-score: 0.00437 - epss-percentile: 0.72015 + epss-percentile: 0.74213 cpe: cpe:2.3:a:triconsole:datepicker_calendar:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-27358.yaml b/http/cves/2021/CVE-2021-27358.yaml index d004edb04c..51f2de7ccd 100644 --- a/http/cves/2021/CVE-2021-27358.yaml +++ b/http/cves/2021/CVE-2021-27358.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-27358 cwe-id: CWE-306 - epss-score: 0.02992 - epss-percentile: 0.89874 + epss-score: 0.02415 + epss-percentile: 0.89689 cpe: cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-27519.yaml b/http/cves/2021/CVE-2021-27519.yaml index 11a9cb000d..f52b26f4db 100644 --- a/http/cves/2021/CVE-2021-27519.yaml +++ b/http/cves/2021/CVE-2021-27519.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2021-27519 cwe-id: CWE-79 epss-score: 0.00217 - epss-percentile: 0.59704 + epss-percentile: 0.59015 cpe: cpe:2.3:a:fudforum:fudforum:3.1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-27520.yaml b/http/cves/2021/CVE-2021-27520.yaml index 0410bda547..8c8bf8d640 100644 --- a/http/cves/2021/CVE-2021-27520.yaml +++ b/http/cves/2021/CVE-2021-27520.yaml @@ -15,13 +15,14 @@ info: - https://github.com/fudforum/FUDforum/issues/2 - http://packetstormsecurity.com/files/162942/FUDForum-3.1.0-Cross-Site-Scripting.html - https://nvd.nist.gov/vuln/detail/CVE-2021-27520 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-27520 cwe-id: CWE-79 epss-score: 0.00217 - epss-percentile: 0.59618 + epss-percentile: 0.59015 cpe: cpe:2.3:a:fudforum:fudforum:3.1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-27651.yaml b/http/cves/2021/CVE-2021-27651.yaml index e45d2761c2..bba5841bad 100644 --- a/http/cves/2021/CVE-2021-27651.yaml +++ b/http/cves/2021/CVE-2021-27651.yaml @@ -13,13 +13,15 @@ info: - https://github.com/samwcyo/CVE-2021-27651-PoC/blob/main/RCE.md - https://nvd.nist.gov/vuln/detail/CVE-2021-27651 - https://collaborate.pega.com/discussion/pega-security-advisory-a21-hotfix-matrix + - https://github.com/nomi-sec/PoC-in-GitHub + - https://github.com/orangmuda/CVE-2021-27651 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-27651 cwe-id: CWE-287 - epss-score: 0.04655 - epss-percentile: 0.9176 + epss-score: 0.07705 + epss-percentile: 0.94021 cpe: cpe:2.3:a:pega:infinity:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-27670.yaml b/http/cves/2021/CVE-2021-27670.yaml index 048c084e8d..fb60bb18ef 100644 --- a/http/cves/2021/CVE-2021-27670.yaml +++ b/http/cves/2021/CVE-2021-27670.yaml @@ -12,13 +12,16 @@ info: reference: - https://github.com/h3110mb/PoCSSrfApp - https://nvd.nist.gov/vuln/detail/CVE-2021-27670 + - https://github.com/ArrestX/--POC + - https://github.com/KayCHENvip/vulnerability-poc + - https://github.com/Miraitowa70/POC-Notes classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-27670 cwe-id: CWE-918 - epss-score: 0.43531 - epss-percentile: 0.97021 + epss-score: 0.58348 + epss-percentile: 0.97664 cpe: cpe:2.3:a:appspace:appspace:6.2.4:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-28149.yaml b/http/cves/2021/CVE-2021-28149.yaml index 59a3b41ce5..8dbf1d1c9c 100644 --- a/http/cves/2021/CVE-2021-28149.yaml +++ b/http/cves/2021/CVE-2021-28149.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2021-28149 cwe-id: CWE-22 epss-score: 0.05499 - epss-percentile: 0.92473 + epss-percentile: 0.93036 cpe: cpe:2.3:o:hongdian:h8922_firmware:3.0.5:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-28164.yaml b/http/cves/2021/CVE-2021-28164.yaml index dc386d36e2..71d0cba7d8 100644 --- a/http/cves/2021/CVE-2021-28164.yaml +++ b/http/cves/2021/CVE-2021-28164.yaml @@ -21,15 +21,14 @@ info: cvss-score: 5.3 cve-id: CVE-2021-28164 cwe-id: CWE-200,NVD-CWE-Other - epss-score: 0.03819 - epss-percentile: 0.9092 + epss-score: 0.04805 + epss-percentile: 0.9254 cpe: cpe:2.3:a:eclipse:jetty:9.4.37:20210219:*:*:*:*:*:* metadata: max-request: 2 vendor: eclipse product: jetty tags: cve2021,cve,packetstorm,vulhub,jetty,exposure,eclipse - flow: http(1) && http(2) http: diff --git a/http/cves/2021/CVE-2021-29156.yaml b/http/cves/2021/CVE-2021-29156.yaml index 21b4918aca..5ff78f4069 100644 --- a/http/cves/2021/CVE-2021-29156.yaml +++ b/http/cves/2021/CVE-2021-29156.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-29156 cwe-id: CWE-74 - epss-score: 0.33973 - epss-percentile: 0.96686 + epss-score: 0.30859 + epss-percentile: 0.96857 cpe: cpe:2.3:a:forgerock:openam:*:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2021/CVE-2021-29441.yaml b/http/cves/2021/CVE-2021-29441.yaml index c8fa687cf5..06dacca380 100644 --- a/http/cves/2021/CVE-2021-29441.yaml +++ b/http/cves/2021/CVE-2021-29441.yaml @@ -27,8 +27,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-29441 cwe-id: CWE-290 - epss-score: 0.96709 - epss-percentile: 0.99582 + epss-score: 0.96598 + epss-percentile: 0.99603 cpe: cpe:2.3:a:alibaba:nacos:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-29490.yaml b/http/cves/2021/CVE-2021-29490.yaml index a3232698c6..8f18205124 100644 --- a/http/cves/2021/CVE-2021-29490.yaml +++ b/http/cves/2021/CVE-2021-29490.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-29490 cwe-id: CWE-918 epss-score: 0.00159 - epss-percentile: 0.52386 + epss-percentile: 0.51433 cpe: cpe:2.3:a:jellyfin:jellyfin:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-3002.yaml b/http/cves/2021/CVE-2021-3002.yaml index 1862721349..457f2bff2d 100644 --- a/http/cves/2021/CVE-2021-3002.yaml +++ b/http/cves/2021/CVE-2021-3002.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-3002 cwe-id: CWE-79 epss-score: 0.00143 - epss-percentile: 0.50151 + epss-percentile: 0.49273 cpe: cpe:2.3:a:seopanel:seo_panel:4.8.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-30049.yaml b/http/cves/2021/CVE-2021-30049.yaml index 9a63e381a5..127bbf4d55 100644 --- a/http/cves/2021/CVE-2021-30049.yaml +++ b/http/cves/2021/CVE-2021-30049.yaml @@ -12,13 +12,15 @@ info: reference: - https://eh337.net/2021/03/30/sysaid/ - https://nvd.nist.gov/vuln/detail/CVE-2021-30049 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-30049 cwe-id: CWE-79 - epss-score: 0.00102 - epss-percentile: 0.4118 + epss-score: 0.00106 + epss-percentile: 0.42156 cpe: cpe:2.3:a:sysaid:sysaid:20.3.64:b14:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-30128.yaml b/http/cves/2021/CVE-2021-30128.yaml index 08765f76fe..b2292bdf50 100644 --- a/http/cves/2021/CVE-2021-30128.yaml +++ b/http/cves/2021/CVE-2021-30128.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-30128 cwe-id: CWE-502 - epss-score: 0.65128 - epss-percentile: 0.97606 + epss-score: 0.62199 + epss-percentile: 0.97748 cpe: cpe:2.3:a:apache:ofbiz:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-30151.yaml b/http/cves/2021/CVE-2021-30151.yaml index d943e4804e..2653f8b121 100644 --- a/http/cves/2021/CVE-2021-30151.yaml +++ b/http/cves/2021/CVE-2021-30151.yaml @@ -14,13 +14,14 @@ info: - https://lists.debian.org/debian-lts-announce/2022/03/msg00015.html - https://nvd.nist.gov/vuln/detail/CVE-2021-30151 - https://lists.debian.org/debian-lts-announce/2023/03/msg00011.html + - https://github.com/Elsfa7-110/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-30151 cwe-id: CWE-79 - epss-score: 0.00404 - epss-percentile: 0.7096 + epss-score: 0.00574 + epss-percentile: 0.77475 cpe: cpe:2.3:a:contribsys:sidekiq:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-3017.yaml b/http/cves/2021/CVE-2021-3017.yaml index 031d0df08e..be644137f0 100644 --- a/http/cves/2021/CVE-2021-3017.yaml +++ b/http/cves/2021/CVE-2021-3017.yaml @@ -20,7 +20,7 @@ info: cvss-score: 7.5 cve-id: CVE-2021-3017 epss-score: 0.01527 - epss-percentile: 0.85724 + epss-percentile: 0.86768 cpe: cpe:2.3:o:intelbras:win_300_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-30175.yaml b/http/cves/2021/CVE-2021-30175.yaml index 8673844090..5d1b8d74c0 100644 --- a/http/cves/2021/CVE-2021-30175.yaml +++ b/http/cves/2021/CVE-2021-30175.yaml @@ -14,13 +14,14 @@ info: - https://github.com/awillix/research/blob/main/cve/CVE-2021-30175.md - https://nvd.nist.gov/vuln/detail/CVE-2021-30175 - https://pro.zerof.ru + - https://github.com/awillix/research classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-30175 cwe-id: CWE-89 - epss-score: 0.03658 - epss-percentile: 0.90791 + epss-score: 0.05126 + epss-percentile: 0.92775 cpe: cpe:2.3:a:zerof:web_server:1.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-3019.yaml b/http/cves/2021/CVE-2021-3019.yaml index 35ec3cf039..6d9153e670 100644 --- a/http/cves/2021/CVE-2021-3019.yaml +++ b/http/cves/2021/CVE-2021-3019.yaml @@ -13,13 +13,15 @@ info: - https://github.com/ffay/lanproxy/commits/master - https://github.com/maybe-why-not/lanproxy/issues/1 - https://nvd.nist.gov/vuln/detail/CVE-2021-3019 + - https://github.com/manas3c/CVE-POC + - https://github.com/sobinge/nuclei-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2021-3019 cwe-id: CWE-22 - epss-score: 0.00974 - epss-percentile: 0.8168 + epss-score: 0.00832 + epss-percentile: 0.81646 cpe: cpe:2.3:a:lanproxy_project:lanproxy:0.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-30213.yaml b/http/cves/2021/CVE-2021-30213.yaml index b5baf34c29..a25aa8926a 100644 --- a/http/cves/2021/CVE-2021-30213.yaml +++ b/http/cves/2021/CVE-2021-30213.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-30213 cwe-id: CWE-79 epss-score: 0.00106 - epss-percentile: 0.42925 + epss-percentile: 0.42145 cpe: cpe:2.3:a:eng:knowage:7.3.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-30497.yaml b/http/cves/2021/CVE-2021-30497.yaml index 6620ed12c8..e3927b2daf 100644 --- a/http/cves/2021/CVE-2021-30497.yaml +++ b/http/cves/2021/CVE-2021-30497.yaml @@ -14,13 +14,14 @@ info: - https://forums.ivanti.com/s/article/Security-Alert-CVE-2021-30497-Directory-Traversal-Vulnerability?language=en_US - https://help.ivanti.com/wl/help/en_us/aod/5.4/Avalanche/Console/Launching_the_Avalanche.htm - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30497 + - https://github.com/StarCrossPortal/scalpel classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2021-30497 cwe-id: CWE-22 - epss-score: 0.96355 - epss-percentile: 0.99448 + epss-score: 0.95284 + epss-percentile: 0.99297 cpe: cpe:2.3:a:ivanti:avalanche:6.3.2:*:*:*:*:windows:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-3110.yaml b/http/cves/2021/CVE-2021-3110.yaml index 1fcbe04a05..908c3970cd 100644 --- a/http/cves/2021/CVE-2021-3110.yaml +++ b/http/cves/2021/CVE-2021-3110.yaml @@ -15,13 +15,14 @@ info: - https://www.exploit-db.com/exploits/49410 - https://nvd.nist.gov/vuln/detail/CVE-2021-3110 - https://medium.com/%40gondaliyajaimin797/cve-2021-3110-75a24943ca5e + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-3110 cwe-id: CWE-89 epss-score: 0.83896 - epss-percentile: 0.98189 + epss-percentile: 0.98387 cpe: cpe:2.3:a:prestashop:prestashop:1.7.7.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-31195.yaml b/http/cves/2021/CVE-2021-31195.yaml index e8850c40e4..d179092fbf 100644 --- a/http/cves/2021/CVE-2021-31195.yaml +++ b/http/cves/2021/CVE-2021-31195.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.5 cve-id: CVE-2021-31195 cwe-id: CWE-79 - epss-score: 0.92344 - epss-percentile: 0.98782 + epss-score: 0.92095 + epss-percentile: 0.98883 cpe: cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-3129.yaml b/http/cves/2021/CVE-2021-3129.yaml index 26b0652ed4..e469f4fc96 100644 --- a/http/cves/2021/CVE-2021-3129.yaml +++ b/http/cves/2021/CVE-2021-3129.yaml @@ -14,12 +14,13 @@ info: - https://github.com/vulhub/vulhub/tree/master/laravel/CVE-2021-3129 - https://nvd.nist.gov/vuln/detail/CVE-2021-3129 - https://github.com/facade/ignition/pull/334 + - https://github.com/d4n-sec/d4n-sec.github.io classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-3129 - epss-score: 0.97482 - epss-percentile: 0.99964 + epss-score: 0.97468 + epss-percentile: 0.99958 cpe: cpe:2.3:a:facade:ignition:*:*:*:*:*:laravel:*:* metadata: max-request: 6 diff --git a/http/cves/2021/CVE-2021-31537.yaml b/http/cves/2021/CVE-2021-31537.yaml index d2c82b7b64..c5d88163af 100644 --- a/http/cves/2021/CVE-2021-31537.yaml +++ b/http/cves/2021/CVE-2021-31537.yaml @@ -14,13 +14,14 @@ info: - http://seclists.org/fulldisclosure/2021/May/20 - https://sisinformatik.com/rewe-go/ - https://nvd.nist.gov/vuln/detail/CVE-2021-31537 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-31537 cwe-id: CWE-79 - epss-score: 0.00328 - epss-percentile: 0.67835 + epss-score: 0.00355 + epss-percentile: 0.71454 cpe: cpe:2.3:a:sisinformatik:sis-rewe_go:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-31602.yaml b/http/cves/2021/CVE-2021-31602.yaml index 06b40f21cc..bfe7d99935 100644 --- a/http/cves/2021/CVE-2021-31602.yaml +++ b/http/cves/2021/CVE-2021-31602.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-31602 cwe-id: CWE-287 epss-score: 0.36115 - epss-percentile: 0.96774 + epss-percentile: 0.97042 cpe: cpe:2.3:a:hitachi:vantara_pentaho:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-31682.yaml b/http/cves/2021/CVE-2021-31682.yaml index 592548d693..f34d1f4927 100644 --- a/http/cves/2021/CVE-2021-31682.yaml +++ b/http/cves/2021/CVE-2021-31682.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2021-31682 cwe-id: CWE-79 - epss-score: 0.01071 - epss-percentile: 0.8266 + epss-score: 0.01492 + epss-percentile: 0.86569 cpe: cpe:2.3:a:automatedlogic:webctrl:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-31755.yaml b/http/cves/2021/CVE-2021-31755.yaml index 9c295bb2a5..31cd0555ba 100644 --- a/http/cves/2021/CVE-2021-31755.yaml +++ b/http/cves/2021/CVE-2021-31755.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-31755 cwe-id: CWE-787 - epss-score: 0.95917 - epss-percentile: 0.99341 + epss-score: 0.96978 + epss-percentile: 0.99717 cpe: cpe:2.3:o:tenda:ac11_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-31805.yaml b/http/cves/2021/CVE-2021-31805.yaml index f8a0a108d6..468e988b47 100644 --- a/http/cves/2021/CVE-2021-31805.yaml +++ b/http/cves/2021/CVE-2021-31805.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-31805 cwe-id: CWE-917 - epss-score: 0.11237 - epss-percentile: 0.94694 + epss-score: 0.18558 + epss-percentile: 0.961 cpe: cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-31856.yaml b/http/cves/2021/CVE-2021-31856.yaml index cbe3b5acf2..e0ade48f36 100644 --- a/http/cves/2021/CVE-2021-31856.yaml +++ b/http/cves/2021/CVE-2021-31856.yaml @@ -14,13 +14,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2021-31856 - https://meshery.io - https://github.com/layer5io/meshery/pull/2745 + - https://github.com/ssst0n3/my_vulnerabilities classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-31856 cwe-id: CWE-89 - epss-score: 0.03993 - epss-percentile: 0.91153 + epss-score: 0.03274 + epss-percentile: 0.91056 cpe: cpe:2.3:a:layer5:meshery:0.5.2:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-31862.yaml b/http/cves/2021/CVE-2021-31862.yaml index a03ab00c89..a65a47ae7d 100644 --- a/http/cves/2021/CVE-2021-31862.yaml +++ b/http/cves/2021/CVE-2021-31862.yaml @@ -13,13 +13,15 @@ info: - https://github.com/RobertDra/CVE-2021-31862/blob/main/README.md - https://www.sysaid.com/product/on-premise/latest-release - https://nvd.nist.gov/vuln/detail/CVE-2021-31862 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-31862 cwe-id: CWE-79 epss-score: 0.00141 - epss-percentile: 0.49752 + epss-percentile: 0.48947 cpe: cpe:2.3:a:sysaid:sysaid:20.4.74:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-32030.yaml b/http/cves/2021/CVE-2021-32030.yaml index e76016d732..797d81d842 100644 --- a/http/cves/2021/CVE-2021-32030.yaml +++ b/http/cves/2021/CVE-2021-32030.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-32030 cwe-id: CWE-287 - epss-score: 0.57497 - epss-percentile: 0.97427 + epss-score: 0.48092 + epss-percentile: 0.9739 cpe: cpe:2.3:o:asus:gt-ac2900_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-32172.yaml b/http/cves/2021/CVE-2021-32172.yaml index 8059c56b5e..4efb3655e5 100644 --- a/http/cves/2021/CVE-2021-32172.yaml +++ b/http/cves/2021/CVE-2021-32172.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-32172 cwe-id: CWE-862 - epss-score: 0.26253 - epss-percentile: 0.96311 + epss-score: 0.26906 + epss-percentile: 0.9666 cpe: cpe:2.3:a:maianscriptworld:maian_cart:3.8:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2021/CVE-2021-3223.yaml b/http/cves/2021/CVE-2021-3223.yaml index 50cabe1922..b6a821929e 100644 --- a/http/cves/2021/CVE-2021-3223.yaml +++ b/http/cves/2021/CVE-2021-3223.yaml @@ -14,13 +14,14 @@ info: - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3223 - https://github.com/node-red/node-red-dashboard/releases/tag/2.26.2 - https://nvd.nist.gov/vuln/detail/CVE-2021-3223 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2021-3223 cwe-id: CWE-22 - epss-score: 0.11532 - epss-percentile: 0.9472 + epss-score: 0.09614 + epss-percentile: 0.94637 cpe: cpe:2.3:a:nodered:node-red-dashboard:*:*:*:*:*:node.js:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-32618.yaml b/http/cves/2021/CVE-2021-32618.yaml index 10d325efd9..42d068400b 100644 --- a/http/cves/2021/CVE-2021-32618.yaml +++ b/http/cves/2021/CVE-2021-32618.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2021-32618 cwe-id: CWE-601 - epss-score: 0.00106 - epss-percentile: 0.42835 + epss-score: 0.00113 + epss-percentile: 0.43765 cpe: cpe:2.3:a:flask-security_project:flask-security:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-32682.yaml b/http/cves/2021/CVE-2021-32682.yaml index 9477a92146..22ad88760f 100644 --- a/http/cves/2021/CVE-2021-32682.yaml +++ b/http/cves/2021/CVE-2021-32682.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-32682 cwe-id: CWE-22 - epss-score: 0.97283 - epss-percentile: 0.99839 + epss-score: 0.97293 + epss-percentile: 0.99854 cpe: cpe:2.3:a:std42:elfinder:*:*:*:*:*:*:*:* metadata: max-request: 9 diff --git a/http/cves/2021/CVE-2021-32789.yaml b/http/cves/2021/CVE-2021-32789.yaml index d31de84d05..2fcd2025c4 100644 --- a/http/cves/2021/CVE-2021-32789.yaml +++ b/http/cves/2021/CVE-2021-32789.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-32789 cwe-id: CWE-89 - epss-score: 0.01342 - epss-percentile: 0.84625 + epss-score: 0.09336 + epss-percentile: 0.94559 cpe: cpe:2.3:a:automattic:woocommerce_blocks:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-32819.yaml b/http/cves/2021/CVE-2021-32819.yaml index c79a9539f1..1516fccd08 100644 --- a/http/cves/2021/CVE-2021-32819.yaml +++ b/http/cves/2021/CVE-2021-32819.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2021-32819 cwe-id: CWE-200,NVD-CWE-noinfo epss-score: 0.82753 - epss-percentile: 0.98169 + epss-percentile: 0.98332 cpe: cpe:2.3:a:squirrelly:squirrelly:8.0.8:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-32820.yaml b/http/cves/2021/CVE-2021-32820.yaml index 0acba13613..8990bc9f99 100644 --- a/http/cves/2021/CVE-2021-32820.yaml +++ b/http/cves/2021/CVE-2021-32820.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-32820 cwe-id: CWE-94,CWE-200 epss-score: 0.01304 - epss-percentile: 0.84467 + epss-percentile: 0.85598 cpe: cpe:2.3:a:express_handlebars_project:express_handlebars:*:*:*:*:*:node.js:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-3293.yaml b/http/cves/2021/CVE-2021-3293.yaml index eee4b8aca1..957f170f1e 100644 --- a/http/cves/2021/CVE-2021-3293.yaml +++ b/http/cves/2021/CVE-2021-3293.yaml @@ -13,13 +13,15 @@ info: - https://github.com/emlog/emlog/issues/62 - https://github.com/thinkgad/Bugs/blob/main/emlog%20v5.3.1%20has%20Full%20Path%20Disclosure%20vulnerability.md - https://nvd.nist.gov/vuln/detail/CVE-2021-3293 + - https://github.com/Z0fhack/Goby_POC + - https://github.com/20142995/Goby classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2021-3293 cwe-id: CWE-22 epss-score: 0.003 - epss-percentile: 0.66269 + epss-percentile: 0.68887 cpe: cpe:2.3:a:emlog:emlog:5.3.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-3297.yaml b/http/cves/2021/CVE-2021-3297.yaml index 3cd9637a39..0396fd1ce2 100644 --- a/http/cves/2021/CVE-2021-3297.yaml +++ b/http/cves/2021/CVE-2021-3297.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-3297 cwe-id: CWE-287 epss-score: 0.1939 - epss-percentile: 0.9586 + epss-percentile: 0.96173 cpe: cpe:2.3:o:zyxel:nbg2105_firmware:v1.00\(aagu.2\)c0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-33357.yaml b/http/cves/2021/CVE-2021-33357.yaml index 072476d176..524a111be8 100644 --- a/http/cves/2021/CVE-2021-33357.yaml +++ b/http/cves/2021/CVE-2021-33357.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-33357 cwe-id: CWE-78 - epss-score: 0.96667 - epss-percentile: 0.99565 + epss-score: 0.96502 + epss-percentile: 0.99569 cpe: cpe:2.3:a:raspap:raspap:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-33564.yaml b/http/cves/2021/CVE-2021-33564.yaml index a12834df8b..552c355adf 100644 --- a/http/cves/2021/CVE-2021-33564.yaml +++ b/http/cves/2021/CVE-2021-33564.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-33564 cwe-id: CWE-88 - epss-score: 0.09259 - epss-percentile: 0.94099 + epss-score: 0.07547 + epss-percentile: 0.93983 cpe: cpe:2.3:a:dragonfly_project:dragonfly:*:*:*:*:*:ruby:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-33690.yaml b/http/cves/2021/CVE-2021-33690.yaml index c1bf2aa3a9..e7aa3fe3f6 100644 --- a/http/cves/2021/CVE-2021-33690.yaml +++ b/http/cves/2021/CVE-2021-33690.yaml @@ -12,13 +12,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2021-33690 - https://launchpad.support.sap.com/#/notes/3072955 - https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=582222806 + - https://github.com/redrays-io/CVE-2021-33690 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H cvss-score: 9.9 cve-id: CVE-2021-33690 cwe-id: CWE-918 - epss-score: 0.37614 - epss-percentile: 0.9685 + epss-score: 0.3856 + epss-percentile: 0.97133 cpe: cpe:2.3:a:sap:netweaver_development_infrastructure:7.11:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-3377.yaml b/http/cves/2021/CVE-2021-3377.yaml index b655d8c7b1..9038b46a23 100644 --- a/http/cves/2021/CVE-2021-3377.yaml +++ b/http/cves/2021/CVE-2021-3377.yaml @@ -12,13 +12,15 @@ info: - https://doyensec.com/resources/Doyensec_Advisory_ansi_up4_XSS.pdf - https://github.com/drudru/ansi_up/commit/c8c726ed1db979bae4f257b7fa41775155ba2e27 - https://nvd.nist.gov/vuln/detail/CVE-2021-3377 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-3377 cwe-id: CWE-79 epss-score: 0.00129 - epss-percentile: 0.47461 + epss-percentile: 0.46774 cpe: cpe:2.3:a:ansi_up_project:ansi_up:*:*:*:*:*:node.js:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-3378.yaml b/http/cves/2021/CVE-2021-3378.yaml index 60158fda50..e28b6371dd 100644 --- a/http/cves/2021/CVE-2021-3378.yaml +++ b/http/cves/2021/CVE-2021-3378.yaml @@ -15,13 +15,14 @@ info: - https://github.com/erberkan/fortilogger_arbitrary_fileupload - http://packetstormsecurity.com/files/161601/FortiLogger-4.4.2.2-Arbitrary-File-Upload.html - http://packetstormsecurity.com/files/161974/FortiLogger-Arbitrary-File-Upload.html + - https://github.com/SYRTI/POC_to_review classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-3378 cwe-id: CWE-434 - epss-score: 0.43358 - epss-percentile: 0.97016 + epss-score: 0.46039 + epss-percentile: 0.97333 cpe: cpe:2.3:a:fortilogger:fortilogger:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-33807.yaml b/http/cves/2021/CVE-2021-33807.yaml index 50a087a62e..4623c553d8 100644 --- a/http/cves/2021/CVE-2021-33807.yaml +++ b/http/cves/2021/CVE-2021-33807.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-33807 cwe-id: CWE-22 - epss-score: 0.02331 - epss-percentile: 0.88655 + epss-score: 0.02187 + epss-percentile: 0.89167 cpe: cpe:2.3:a:gespage:gespage:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-33851.yaml b/http/cves/2021/CVE-2021-33851.yaml index af36447daf..71d6e4d7b2 100644 --- a/http/cves/2021/CVE-2021-33851.yaml +++ b/http/cves/2021/CVE-2021-33851.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2021-33851 cwe-id: CWE-79 epss-score: 0.00069 - epss-percentile: 0.28533 + epss-percentile: 0.2831 cpe: cpe:2.3:a:apasionados:customize_login_image:3.4:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-33904.yaml b/http/cves/2021/CVE-2021-33904.yaml index 3e8465a3fe..82558ded22 100644 --- a/http/cves/2021/CVE-2021-33904.yaml +++ b/http/cves/2021/CVE-2021-33904.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2021-33904 cwe-id: CWE-79 - epss-score: 0.00159 - epss-percentile: 0.52423 + epss-score: 0.00182 + epss-percentile: 0.54617 cpe: cpe:2.3:a:accela:civic_platform:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-34429.yaml b/http/cves/2021/CVE-2021-34429.yaml index a0f14aad6d..098db212b0 100644 --- a/http/cves/2021/CVE-2021-34429.yaml +++ b/http/cves/2021/CVE-2021-34429.yaml @@ -21,8 +21,8 @@ info: cvss-score: 5.3 cve-id: CVE-2021-34429 cwe-id: CWE-200,NVD-CWE-Other - epss-score: 0.45742 - epss-percentile: 0.97082 + epss-score: 0.45704 + epss-percentile: 0.97324 cpe: cpe:2.3:a:eclipse:jetty:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-34473.yaml b/http/cves/2021/CVE-2021-34473.yaml index bf1be0d98d..50414c1fa2 100644 --- a/http/cves/2021/CVE-2021-34473.yaml +++ b/http/cves/2021/CVE-2021-34473.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.1 cve-id: CVE-2021-34473 cwe-id: CWE-918 - epss-score: 0.97078 - epss-percentile: 0.99722 + epss-score: 0.97285 + epss-percentile: 0.99848 cpe: cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-34643.yaml b/http/cves/2021/CVE-2021-34643.yaml index 8da88881f5..eb5f4ef91d 100644 --- a/http/cves/2021/CVE-2021-34643.yaml +++ b/http/cves/2021/CVE-2021-34643.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-34643 cwe-id: CWE-79 epss-score: 0.00116 - epss-percentile: 0.45256 + epss-percentile: 0.44405 cpe: cpe:2.3:a:skaut-bazar_project:skaut-bazar:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-34805.yaml b/http/cves/2021/CVE-2021-34805.yaml index 44ca293187..029af52817 100644 --- a/http/cves/2021/CVE-2021-34805.yaml +++ b/http/cves/2021/CVE-2021-34805.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-34805 cwe-id: CWE-22 - epss-score: 0.0554 - epss-percentile: 0.92512 + epss-score: 0.17035 + epss-percentile: 0.95944 cpe: cpe:2.3:a:land-software:faust_iserver:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-35250.yaml b/http/cves/2021/CVE-2021-35250.yaml index 34d0ba1a84..7ef2daee80 100644 --- a/http/cves/2021/CVE-2021-35250.yaml +++ b/http/cves/2021/CVE-2021-35250.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-35250 cwe-id: CWE-22 - epss-score: 0.06268 - epss-percentile: 0.92929 + epss-score: 0.05835 + epss-percentile: 0.93245 cpe: cpe:2.3:a:solarwinds:serv-u:15.3:-:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-35265.yaml b/http/cves/2021/CVE-2021-35265.yaml index 386c10cf7b..00c1d242af 100644 --- a/http/cves/2021/CVE-2021-35265.yaml +++ b/http/cves/2021/CVE-2021-35265.yaml @@ -14,13 +14,15 @@ info: - https://github.com/maxsite/cms/issues/414#issue-726249183 - https://nvd.nist.gov/vuln/detail/CVE-2021-35265 - https://github.com/maxsite/cms/commit/6b0ab1de9f3d471485d1347e800a9ce43fedbf1a + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-35265 cwe-id: CWE-79 - epss-score: 0.00127 - epss-percentile: 0.47114 + epss-score: 0.00133 + epss-percentile: 0.47461 cpe: cpe:2.3:a:maxsite:maxsite_cms:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-35336.yaml b/http/cves/2021/CVE-2021-35336.yaml index fad616f8ba..298162c3ec 100644 --- a/http/cves/2021/CVE-2021-35336.yaml +++ b/http/cves/2021/CVE-2021-35336.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-35336 cwe-id: CWE-1188 - epss-score: 0.07599 - epss-percentile: 0.93521 + epss-score: 0.0793 + epss-percentile: 0.94105 cpe: cpe:2.3:o:tieline:ip_audtio_gateway_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-35488.yaml b/http/cves/2021/CVE-2021-35488.yaml index 4520932d53..a17a2a1577 100644 --- a/http/cves/2021/CVE-2021-35488.yaml +++ b/http/cves/2021/CVE-2021-35488.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2021-35488 cwe-id: CWE-79 epss-score: 0.00145 - epss-percentile: 0.50298 + epss-percentile: 0.49429 cpe: cpe:2.3:a:thruk:thruk:2.40-2:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-36356.yaml b/http/cves/2021/CVE-2021-36356.yaml index 3ea426c580..2108abb5d5 100644 --- a/http/cves/2021/CVE-2021-36356.yaml +++ b/http/cves/2021/CVE-2021-36356.yaml @@ -12,13 +12,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2021-36356 - https://nvd.nist.gov/vuln/detail/CVE-2021-35064 - https://write-up.github.io/kramerav/ + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-36356 cwe-id: CWE-434 - epss-score: 0.93009 - epss-percentile: 0.98853 + epss-score: 0.90558 + epss-percentile: 0.98752 cpe: cpe:2.3:a:kramerav:viaware:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-3654.yaml b/http/cves/2021/CVE-2021-3654.yaml index 3619b3f432..4d86e9e486 100644 --- a/http/cves/2021/CVE-2021-3654.yaml +++ b/http/cves/2021/CVE-2021-3654.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-3654 cwe-id: CWE-601 epss-score: 0.92596 - epss-percentile: 0.98805 + epss-percentile: 0.98944 cpe: cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-36580.yaml b/http/cves/2021/CVE-2021-36580.yaml index d6f77d5ebc..8682f6808d 100644 --- a/http/cves/2021/CVE-2021-36580.yaml +++ b/http/cves/2021/CVE-2021-36580.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.1 cve-id: CVE-2021-36580 cwe-id: CWE-601 - epss-score: 0.00162 - epss-percentile: 0.52783 + epss-score: 0.00233 + epss-percentile: 0.60652 cpe: cpe:2.3:a:icewarp:icewarp_server:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-36748.yaml b/http/cves/2021/CVE-2021-36748.yaml index 525d09ddd1..0d24801580 100644 --- a/http/cves/2021/CVE-2021-36748.yaml +++ b/http/cves/2021/CVE-2021-36748.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-36748 cwe-id: CWE-89 epss-score: 0.0061 - epss-percentile: 0.76373 + epss-percentile: 0.78175 cpe: cpe:2.3:a:prestahome:blog:*:*:*:*:*:prestashop:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-36749.yaml b/http/cves/2021/CVE-2021-36749.yaml index a84b0d1395..1c2ffb4512 100644 --- a/http/cves/2021/CVE-2021-36749.yaml +++ b/http/cves/2021/CVE-2021-36749.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.5 cve-id: CVE-2021-36749 cwe-id: CWE-863 - epss-score: 0.80294 - epss-percentile: 0.98047 + epss-score: 0.79504 + epss-percentile: 0.98204 cpe: cpe:2.3:a:apache:druid:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-36873.yaml b/http/cves/2021/CVE-2021-36873.yaml index 691e6712d2..9e1e8c4d08 100644 --- a/http/cves/2021/CVE-2021-36873.yaml +++ b/http/cves/2021/CVE-2021-36873.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2021-36873 cwe-id: CWE-79 epss-score: 0.00131 - epss-percentile: 0.4793 + epss-percentile: 0.47179 cpe: cpe:2.3:a:webence:iq_block_country:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-37216.yaml b/http/cves/2021/CVE-2021-37216.yaml index 2d174c04ed..82889451ea 100644 --- a/http/cves/2021/CVE-2021-37216.yaml +++ b/http/cves/2021/CVE-2021-37216.yaml @@ -13,13 +13,15 @@ info: reference: - https://www.twcert.org.tw/tw/cp-132-4962-44cd2-1.html - https://nvd.nist.gov/vuln/detail/CVE-2021-37216 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-37216 cwe-id: CWE-79 - epss-score: 0.00106 - epss-percentile: 0.42861 + epss-score: 0.00108 + epss-percentile: 0.42604 cpe: cpe:2.3:o:qsan:xn8024r_firmware:3.1.5:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-37304.yaml b/http/cves/2021/CVE-2021-37304.yaml index d1ad88418b..062fc1efb6 100644 --- a/http/cves/2021/CVE-2021-37304.yaml +++ b/http/cves/2021/CVE-2021-37304.yaml @@ -18,8 +18,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-37304 cwe-id: CWE-732 - epss-score: 0.00917 - epss-percentile: 0.81102 + epss-score: 0.00703 + epss-percentile: 0.79899 cpe: cpe:2.3:a:jeecg:jeecg:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-37305.yaml b/http/cves/2021/CVE-2021-37305.yaml index b14523a00a..fb6be36cf4 100644 --- a/http/cves/2021/CVE-2021-37305.yaml +++ b/http/cves/2021/CVE-2021-37305.yaml @@ -18,8 +18,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-37305 cwe-id: CWE-732 - epss-score: 0.0029 - epss-percentile: 0.65718 + epss-score: 0.00416 + epss-percentile: 0.73616 cpe: cpe:2.3:a:jeecg:jeecg:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-37416.yaml b/http/cves/2021/CVE-2021-37416.yaml index 636cf9ff29..69454070e8 100644 --- a/http/cves/2021/CVE-2021-37416.yaml +++ b/http/cves/2021/CVE-2021-37416.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2021-37416 cwe-id: CWE-79 epss-score: 0.00118 - epss-percentile: 0.45727 + epss-percentile: 0.44933 cpe: cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-37538.yaml b/http/cves/2021/CVE-2021-37538.yaml index 5cad9f041c..c747bb7b6c 100644 --- a/http/cves/2021/CVE-2021-37538.yaml +++ b/http/cves/2021/CVE-2021-37538.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-37538 cwe-id: CWE-89 epss-score: 0.02819 - epss-percentile: 0.89656 + epss-percentile: 0.90434 cpe: cpe:2.3:a:smartdatasoft:smartblog:*:*:*:*:*:prestashop:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-37573.yaml b/http/cves/2021/CVE-2021-37573.yaml index bf58fa9191..b94d80dd3b 100644 --- a/http/cves/2021/CVE-2021-37573.yaml +++ b/http/cves/2021/CVE-2021-37573.yaml @@ -14,13 +14,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2021-37573 - https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-042.txt - http://seclists.org/fulldisclosure/2021/Aug/13 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-37573 cwe-id: CWE-79 epss-score: 0.00303 - epss-percentile: 0.6643 + epss-percentile: 0.69043 cpe: cpe:2.3:a:tiny_java_web_server_project:tiny_java_web_server:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-37704.yaml b/http/cves/2021/CVE-2021-37704.yaml index 1df1fb2acd..ed8413c89e 100644 --- a/http/cves/2021/CVE-2021-37704.yaml +++ b/http/cves/2021/CVE-2021-37704.yaml @@ -19,9 +19,9 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N cvss-score: 4.3 cve-id: CVE-2021-37704 - cwe-id: CWE-200,CWE-668 - epss-score: 0.00372 - epss-percentile: 0.6977 + cwe-id: CWE-668,CWE-200 + epss-score: 0.00547 + epss-percentile: 0.76969 cpe: cpe:2.3:a:phpfastcache:phpfastcache:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-37833.yaml b/http/cves/2021/CVE-2021-37833.yaml index ac019e23c6..c60e1b330a 100644 --- a/http/cves/2021/CVE-2021-37833.yaml +++ b/http/cves/2021/CVE-2021-37833.yaml @@ -13,13 +13,15 @@ info: - https://github.com/dievus/CVE-2021-37833 - https://www.hoteldruid.com - https://nvd.nist.gov/vuln/detail/CVE-2021-37833 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-37833 cwe-id: CWE-79 - epss-score: 0.0009 - epss-percentile: 0.37672 + epss-score: 0.0019 + epss-percentile: 0.55493 cpe: cpe:2.3:a:digitaldruid:hoteldruid:3.0.2:*:*:*:*:*:*:* metadata: max-request: 4 diff --git a/http/cves/2021/CVE-2021-38704.yaml b/http/cves/2021/CVE-2021-38704.yaml index 81b5239397..768b7dd0f8 100644 --- a/http/cves/2021/CVE-2021-38704.yaml +++ b/http/cves/2021/CVE-2021-38704.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-38704 cwe-id: CWE-79 epss-score: 0.00141 - epss-percentile: 0.49786 + epss-percentile: 0.48901 cpe: cpe:2.3:a:cliniccases:cliniccases:7.3.3:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-39141.yaml b/http/cves/2021/CVE-2021-39141.yaml index fdf0f06a39..9004741261 100644 --- a/http/cves/2021/CVE-2021-39141.yaml +++ b/http/cves/2021/CVE-2021-39141.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2021-39141 cwe-id: CWE-434 epss-score: 0.25418 - epss-percentile: 0.96265 + epss-percentile: 0.96584 cpe: cpe:2.3:a:xstream_project:xstream:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-39165.yaml b/http/cves/2021/CVE-2021-39165.yaml index 9431dced0d..0d42734b0a 100644 --- a/http/cves/2021/CVE-2021-39165.yaml +++ b/http/cves/2021/CVE-2021-39165.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.5 cve-id: CVE-2021-39165 cwe-id: CWE-287 - epss-score: 0.06796 - epss-percentile: 0.93198 + epss-score: 0.04786 + epss-percentile: 0.92528 cpe: cpe:2.3:a:chachethq:cachet:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-39211.yaml b/http/cves/2021/CVE-2021-39211.yaml index c13ee445e0..f4c494c40d 100644 --- a/http/cves/2021/CVE-2021-39211.yaml +++ b/http/cves/2021/CVE-2021-39211.yaml @@ -19,8 +19,8 @@ info: cvss-score: 5.3 cve-id: CVE-2021-39211 cwe-id: CWE-200,NVD-CWE-noinfo - epss-score: 0.00166 - epss-percentile: 0.53303 + epss-score: 0.00161 + epss-percentile: 0.51768 cpe: cpe:2.3:a:glpi-project:glpi:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-39226.yaml b/http/cves/2021/CVE-2021-39226.yaml index cb472671f9..a323e36d77 100644 --- a/http/cves/2021/CVE-2021-39226.yaml +++ b/http/cves/2021/CVE-2021-39226.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.3 cve-id: CVE-2021-39226 cwe-id: CWE-287 - epss-score: 0.92988 - epss-percentile: 0.98851 + epss-score: 0.97206 + epss-percentile: 0.9981 cpe: cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-39312.yaml b/http/cves/2021/CVE-2021-39312.yaml index 56aa97ca37..35ea733621 100644 --- a/http/cves/2021/CVE-2021-39312.yaml +++ b/http/cves/2021/CVE-2021-39312.yaml @@ -11,13 +11,14 @@ info: - https://www.wordfence.com/vulnerability-advisories/#CVE-2021-39312 - https://plugins.trac.wordpress.org/browser/seo-local-rank/tags/2.2.2/admin/vendor/datatables/examples/resources/examples.php - https://nvd.nist.gov/vuln/detail/CVE-2021-39312 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2021-39312 cwe-id: CWE-22 - epss-score: 0.14099 - epss-percentile: 0.95161 + epss-score: 0.16864 + epss-percentile: 0.95927 cpe: cpe:2.3:a:trueranker:true_ranker:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-39320.yaml b/http/cves/2021/CVE-2021-39320.yaml index c7c64aff07..5e423551e0 100644 --- a/http/cves/2021/CVE-2021-39320.yaml +++ b/http/cves/2021/CVE-2021-39320.yaml @@ -14,13 +14,15 @@ info: - https://wpscan.com/vulnerability/49ae1df0-d6d2-4cbb-9a9d-bf3599429875 - https://www.wordfence.com/vulnerability-advisories/#CVE-2021-39320 - https://nvd.nist.gov/vuln/detail/CVE-2021-39320 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-39320 cwe-id: CWE-79 epss-score: 0.0021 - epss-percentile: 0.58906 + epss-percentile: 0.58322 cpe: cpe:2.3:a:underconstruction_project:underconstruction:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-39322.yaml b/http/cves/2021/CVE-2021-39322.yaml index 4785c1dc63..2dd5d902cd 100644 --- a/http/cves/2021/CVE-2021-39322.yaml +++ b/http/cves/2021/CVE-2021-39322.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-39322 cwe-id: CWE-79 epss-score: 0.00234 - epss-percentile: 0.6149 + epss-percentile: 0.60718 cpe: cpe:2.3:a:cybernetikz:easy_social_icons:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-39327.yaml b/http/cves/2021/CVE-2021-39327.yaml index 68ac4ce185..c13fec0446 100644 --- a/http/cves/2021/CVE-2021-39327.yaml +++ b/http/cves/2021/CVE-2021-39327.yaml @@ -19,9 +19,9 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2021-39327 - cwe-id: CWE-200,CWE-459 - epss-score: 0.14919 - epss-percentile: 0.95277 + cwe-id: CWE-459,CWE-200 + epss-score: 0.16259 + epss-percentile: 0.95861 cpe: cpe:2.3:a:ait-pro:bulletproof_security:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-39433.yaml b/http/cves/2021/CVE-2021-39433.yaml index 35bf87c6e0..f5e8a638e4 100644 --- a/http/cves/2021/CVE-2021-39433.yaml +++ b/http/cves/2021/CVE-2021-39433.yaml @@ -20,7 +20,7 @@ info: cvss-score: 7.5 cve-id: CVE-2021-39433 epss-score: 0.00637 - epss-percentile: 0.76928 + epss-percentile: 0.78687 cpe: cpe:2.3:a:biqs:biqsdrive:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-39501.yaml b/http/cves/2021/CVE-2021-39501.yaml index 1e54484971..ffb6fe7da4 100644 --- a/http/cves/2021/CVE-2021-39501.yaml +++ b/http/cves/2021/CVE-2021-39501.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-39501 cwe-id: CWE-601 epss-score: 0.00093 - epss-percentile: 0.39147 + epss-percentile: 0.38461 cpe: cpe:2.3:a:eyoucms:eyoucms:1.5.4:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-40149.yaml b/http/cves/2021/CVE-2021-40149.yaml index af88a9c582..d85f63421a 100644 --- a/http/cves/2021/CVE-2021-40149.yaml +++ b/http/cves/2021/CVE-2021-40149.yaml @@ -15,13 +15,14 @@ info: - https://github.com/MrTuxracer/advisories/blob/master/CVEs/CVE-2021-40149.txt - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40149 - http://packetstormsecurity.com/files/167407/Reolink-E1-Zoom-Camera-3.0.0.716-Private-Key-Disclosure.html + - https://github.com/MrTuxracer/advisories classification: cvss-metrics: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 5.9 cve-id: CVE-2021-40149 cwe-id: CWE-552 - epss-score: 0.00888 - epss-percentile: 0.8079 + epss-score: 0.00942 + epss-percentile: 0.82739 cpe: cpe:2.3:o:reolink:e1_zoom_firmware:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-40323.yaml b/http/cves/2021/CVE-2021-40323.yaml index e594b7657a..b162cf5be3 100644 --- a/http/cves/2021/CVE-2021-40323.yaml +++ b/http/cves/2021/CVE-2021-40323.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-40323 cwe-id: CWE-94 - epss-score: 0.02948 - epss-percentile: 0.89814 + epss-score: 0.03051 + epss-percentile: 0.90763 cpe: cpe:2.3:a:cobbler_project:cobbler:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-40438.yaml b/http/cves/2021/CVE-2021-40438.yaml index dae55e0f81..8597651f7c 100644 --- a/http/cves/2021/CVE-2021-40438.yaml +++ b/http/cves/2021/CVE-2021-40438.yaml @@ -17,12 +17,12 @@ info: cvss-score: 9 cve-id: CVE-2021-40438 cwe-id: CWE-918 - epss-score: 0.9712 - epss-percentile: 0.99749 + epss-score: 0.97372 + epss-percentile: 0.99897 cpe: cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:* metadata: - max-request: 1 verified: true + max-request: 1 vendor: apache product: http_server tags: cve2021,cve,ssrf,apache,mod-proxy,kev diff --git a/http/cves/2021/CVE-2021-40539.yaml b/http/cves/2021/CVE-2021-40539.yaml index 509955ecdf..259541c72b 100644 --- a/http/cves/2021/CVE-2021-40539.yaml +++ b/http/cves/2021/CVE-2021-40539.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-40539 cwe-id: CWE-706 - epss-score: 0.97412 - epss-percentile: 0.9992 + epss-score: 0.97499 + epss-percentile: 0.99976 cpe: cpe:2.3:a:zohocorp:manageengine_adselfservice_plus:4.5:4510:*:*:*:*:*:* metadata: max-request: 4 diff --git a/http/cves/2021/CVE-2021-40542.yaml b/http/cves/2021/CVE-2021-40542.yaml index 38687b1ca0..f98db75352 100644 --- a/http/cves/2021/CVE-2021-40542.yaml +++ b/http/cves/2021/CVE-2021-40542.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-40542 cwe-id: CWE-79 epss-score: 0.00643 - epss-percentile: 0.77065 + epss-percentile: 0.78811 cpe: cpe:2.3:a:os4ed:opensis:8.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-40651.yaml b/http/cves/2021/CVE-2021-40651.yaml index 2fda1838ae..ba5e144796 100644 --- a/http/cves/2021/CVE-2021-40651.yaml +++ b/http/cves/2021/CVE-2021-40651.yaml @@ -18,8 +18,8 @@ info: cwe-id: CWE-22 cpe: cpe:2.3:a:os4ed:opensis:8.0:*:*:*:community:*:*:* metadata: - shodan-query: "title:\"openSIS\"" max-request: 2 + shodan-query: "title:\"openSIS\"" tags: cve,cve2021,lfi,os4ed,opensis,authenticated http: diff --git a/http/cves/2021/CVE-2021-40661.yaml b/http/cves/2021/CVE-2021-40661.yaml index 9c8fb0b2eb..5a60fd8b86 100644 --- a/http/cves/2021/CVE-2021-40661.yaml +++ b/http/cves/2021/CVE-2021-40661.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-40661 cwe-id: CWE-22 - epss-score: 0.01163 - epss-percentile: 0.83404 + epss-score: 0.01137 + epss-percentile: 0.84411 cpe: cpe:2.3:o:mt:ind780_firmware:7.2.10:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-40822.yaml b/http/cves/2021/CVE-2021-40822.yaml index 924576f0ad..1bf6622703 100644 --- a/http/cves/2021/CVE-2021-40822.yaml +++ b/http/cves/2021/CVE-2021-40822.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-40822 cwe-id: CWE-918 epss-score: 0.68366 - epss-percentile: 0.97693 + epss-percentile: 0.97892 cpe: cpe:2.3:a:osgeo:geoserver:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-40856.yaml b/http/cves/2021/CVE-2021-40856.yaml index f7dffe7e82..f3a8c47a12 100644 --- a/http/cves/2021/CVE-2021-40856.yaml +++ b/http/cves/2021/CVE-2021-40856.yaml @@ -14,13 +14,14 @@ info: - https://www.redteam-pentesting.de/en/advisories/rt-sa-2021-004/-auerswald-comfortel-1400-2600-3600-ip-authentication-bypass - https://www.redteam-pentesting.de/en/advisories/-advisories-publicised-vulnerability-analyses - http://packetstormsecurity.com/files/165162/Auerswald-COMfortel-1400-2600-3600-IP-2.8F-Authentication-Bypass.html + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2021-40856 cwe-id: CWE-706 epss-score: 0.19673 - epss-percentile: 0.95858 + epss-percentile: 0.96195 cpe: cpe:2.3:o:auerswald:comfortel_3600_ip_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-40868.yaml b/http/cves/2021/CVE-2021-40868.yaml index cb4bb97fbb..aeea772ae8 100644 --- a/http/cves/2021/CVE-2021-40868.yaml +++ b/http/cves/2021/CVE-2021-40868.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2021-40868 cwe-id: CWE-79 epss-score: 0.00379 - epss-percentile: 0.70165 + epss-percentile: 0.72411 cpe: cpe:2.3:a:cloudron:cloudron:6.2:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-40875.yaml b/http/cves/2021/CVE-2021-40875.yaml index ac01ff0e2c..ac951d6fdb 100644 --- a/http/cves/2021/CVE-2021-40875.yaml +++ b/http/cves/2021/CVE-2021-40875.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-40875 cwe-id: CWE-425 epss-score: 0.25891 - epss-percentile: 0.96278 + epss-percentile: 0.96608 cpe: cpe:2.3:a:gurock:testrail:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-40968.yaml b/http/cves/2021/CVE-2021-40968.yaml index 3e88e9d56e..1723cff89e 100644 --- a/http/cves/2021/CVE-2021-40968.yaml +++ b/http/cves/2021/CVE-2021-40968.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2021-40968 cwe-id: CWE-79 epss-score: 0.00152 - epss-percentile: 0.51404 + epss-percentile: 0.50482 cpe: cpe:2.3:a:spotweb_project:spotweb:*:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2021/CVE-2021-40970.yaml b/http/cves/2021/CVE-2021-40970.yaml index edf6b23acb..a1c3a59510 100644 --- a/http/cves/2021/CVE-2021-40970.yaml +++ b/http/cves/2021/CVE-2021-40970.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2021-40970 cwe-id: CWE-79 epss-score: 0.00152 - epss-percentile: 0.51305 + epss-percentile: 0.50482 cpe: cpe:2.3:a:spotweb_project:spotweb:*:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2021/CVE-2021-40971.yaml b/http/cves/2021/CVE-2021-40971.yaml index 0a834f9dec..135fa2dea4 100644 --- a/http/cves/2021/CVE-2021-40971.yaml +++ b/http/cves/2021/CVE-2021-40971.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2021-40971 cwe-id: CWE-79 epss-score: 0.00152 - epss-percentile: 0.51404 + epss-percentile: 0.50482 cpe: cpe:2.3:a:spotweb_project:spotweb:*:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2021/CVE-2021-40972.yaml b/http/cves/2021/CVE-2021-40972.yaml index 780f4b260f..57d9034505 100644 --- a/http/cves/2021/CVE-2021-40972.yaml +++ b/http/cves/2021/CVE-2021-40972.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2021-40972 cwe-id: CWE-79 epss-score: 0.00152 - epss-percentile: 0.51305 + epss-percentile: 0.50482 cpe: cpe:2.3:a:spotweb_project:spotweb:*:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2021/CVE-2021-41174.yaml b/http/cves/2021/CVE-2021-41174.yaml index 2e2d9b0219..a0db4de418 100644 --- a/http/cves/2021/CVE-2021-41174.yaml +++ b/http/cves/2021/CVE-2021-41174.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2021-41174 cwe-id: CWE-79 - epss-score: 0.96439 - epss-percentile: 0.99477 + epss-score: 0.96194 + epss-percentile: 0.99478 cpe: cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-41266.yaml b/http/cves/2021/CVE-2021-41266.yaml index 415f14a336..8a1e313d10 100644 --- a/http/cves/2021/CVE-2021-41266.yaml +++ b/http/cves/2021/CVE-2021-41266.yaml @@ -13,13 +13,15 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2021-41266 - https://github.com/minio/console/security/advisories/GHSA-4999-659w-mq36 - https://github.com/minio/console/pull/1217 + - https://github.com/HimmelAward/Goby_POC + - https://github.com/StarCrossPortal/scalpel classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-41266 cwe-id: CWE-306 epss-score: 0.05383 - epss-percentile: 0.9237 + epss-percentile: 0.92945 cpe: cpe:2.3:a:min:minio_console:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-41277.yaml b/http/cves/2021/CVE-2021-41277.yaml index 6ae4c1bd29..dc07bb45b2 100644 --- a/http/cves/2021/CVE-2021-41277.yaml +++ b/http/cves/2021/CVE-2021-41277.yaml @@ -13,13 +13,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2021-41277 - https://twitter.com/90security/status/1461923313819832324 - https://github.com/metabase/metabase/commit/042a36e49574c749f944e19cf80360fd3dc322f0 + - https://github.com/pen4uin/vulnerability-research-list classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2021-41277 cwe-id: CWE-22,CWE-200 - epss-score: 0.05804 - epss-percentile: 0.92626 + epss-score: 0.95622 + epss-percentile: 0.99363 cpe: cpe:2.3:a:metabase:metabase:0.40.0:-:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-41282.yaml b/http/cves/2021/CVE-2021-41282.yaml index 8be84bf8ec..b2816701b5 100644 --- a/http/cves/2021/CVE-2021-41282.yaml +++ b/http/cves/2021/CVE-2021-41282.yaml @@ -21,8 +21,8 @@ info: cvss-score: 8.8 cve-id: CVE-2021-41282 cwe-id: CWE-74 - epss-score: 0.97392 - epss-percentile: 0.99908 + epss-score: 0.97305 + epss-percentile: 0.9986 cpe: cpe:2.3:a:pfsense:pfsense:2.5.2:*:*:*:*:*:*:* metadata: max-request: 4 diff --git a/http/cves/2021/CVE-2021-41293.yaml b/http/cves/2021/CVE-2021-41293.yaml index bac0c62de5..8e3dcb233f 100644 --- a/http/cves/2021/CVE-2021-41293.yaml +++ b/http/cves/2021/CVE-2021-41293.yaml @@ -11,13 +11,15 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2021-41293 - https://www.zeroscience.mk/en/vulnerabilities/ZSL-2021-5679.php - https://www.twcert.org.tw/tw/cp-132-5129-7e623-1.html + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2021-41293 cwe-id: CWE-22 - epss-score: 0.03741 - epss-percentile: 0.90901 + epss-score: 0.05376 + epss-percentile: 0.92942 cpe: cpe:2.3:o:ecoa:ecs_router_controller-ecs_firmware:-:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-41349.yaml b/http/cves/2021/CVE-2021-41349.yaml index 61d52e3c92..36d74c9278 100644 --- a/http/cves/2021/CVE-2021-41349.yaml +++ b/http/cves/2021/CVE-2021-41349.yaml @@ -19,8 +19,8 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N cvss-score: 6.5 cve-id: CVE-2021-41349 - epss-score: 0.84327 - epss-percentile: 0.9821 + epss-score: 0.96172 + epss-percentile: 0.99474 cpe: cpe:2.3:a:microsoft:exchange_server:2013:cumulative_update_23:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-41432.yaml b/http/cves/2021/CVE-2021-41432.yaml index 0021370caf..dc95357e1f 100644 --- a/http/cves/2021/CVE-2021-41432.yaml +++ b/http/cves/2021/CVE-2021-41432.yaml @@ -13,13 +13,16 @@ info: reference: - https://github.com/flatpressblog/flatpress/issues/88 - https://nvd.nist.gov/vuln/detail/CVE-2021-41432 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/martinkubecka/CVE-References + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N cvss-score: 5.4 cve-id: CVE-2021-41432 cwe-id: CWE-79 epss-score: 0.00067 - epss-percentile: 0.27822 + epss-percentile: 0.27705 cpe: cpe:2.3:a:flatpress:flatpress:1.2.1:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-41460.yaml b/http/cves/2021/CVE-2021-41460.yaml index 3b659a4e27..4271b31d2e 100644 --- a/http/cves/2021/CVE-2021-41460.yaml +++ b/http/cves/2021/CVE-2021-41460.yaml @@ -18,8 +18,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-41460 cwe-id: CWE-89 - epss-score: 0.00959 - epss-percentile: 0.81589 + epss-score: 0.00992 + epss-percentile: 0.83223 cpe: cpe:2.3:a:shopex:ecshop:4.1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-41569.yaml b/http/cves/2021/CVE-2021-41569.yaml index 24d66c1678..5dd5ccd2ed 100644 --- a/http/cves/2021/CVE-2021-41569.yaml +++ b/http/cves/2021/CVE-2021-41569.yaml @@ -13,13 +13,14 @@ info: - https://www.mindpointgroup.com/blog/high-risk-vulnerability-discovery-localfileinclusion-sas - https://support.sas.com/kb/68/641.html - https://nvd.nist.gov/vuln/detail/CVE-2021-41569 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2021-41569 cwe-id: CWE-829 epss-score: 0.0083 - epss-percentile: 0.80096 + epss-percentile: 0.81604 cpe: cpe:2.3:a:sas:sas\/intrnet:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-41648.yaml b/http/cves/2021/CVE-2021-41648.yaml index 84946a64bb..1b0606a556 100644 --- a/http/cves/2021/CVE-2021-41648.yaml +++ b/http/cves/2021/CVE-2021-41648.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-41648 cwe-id: CWE-89 epss-score: 0.06237 - epss-percentile: 0.92912 + epss-percentile: 0.93438 cpe: cpe:2.3:a:online-shopping-system-advanced_project:online-shopping-system-advanced:-:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-41773.yaml b/http/cves/2021/CVE-2021-41773.yaml index 379445685d..2eecb663a4 100644 --- a/http/cves/2021/CVE-2021-41773.yaml +++ b/http/cves/2021/CVE-2021-41773.yaml @@ -22,8 +22,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-41773 cwe-id: CWE-22 - epss-score: 0.97386 - epss-percentile: 0.99902 + epss-score: 0.97456 + epss-percentile: 0.9995 cpe: cpe:2.3:a:apache:http_server:2.4.49:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-41826.yaml b/http/cves/2021/CVE-2021-41826.yaml index e05839b793..5815be9175 100644 --- a/http/cves/2021/CVE-2021-41826.yaml +++ b/http/cves/2021/CVE-2021-41826.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-41826 cwe-id: CWE-601 epss-score: 0.93913 - epss-percentile: 0.98974 + epss-percentile: 0.99086 cpe: cpe:2.3:a:place:placeos_authentication:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-41951.yaml b/http/cves/2021/CVE-2021-41951.yaml index 13f0b6cfd0..4a05bb3c89 100644 --- a/http/cves/2021/CVE-2021-41951.yaml +++ b/http/cves/2021/CVE-2021-41951.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2021-41951 cwe-id: CWE-79 - epss-score: 0.77372 - epss-percentile: 0.97949 + epss-score: 0.74322 + epss-percentile: 0.9805 cpe: cpe:2.3:a:montala:resourcespace:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-42013.yaml b/http/cves/2021/CVE-2021-42013.yaml index 829a69b8ca..6f910743b5 100644 --- a/http/cves/2021/CVE-2021-42013.yaml +++ b/http/cves/2021/CVE-2021-42013.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: "CVE-2021-42013" cwe-id: CWE-22 - epss-score: 0.97287 - epss-percentile: 0.99841 + epss-score: 0.97391 + epss-percentile: 0.9991 cpe: cpe:2.3:a:apache:http_server:2.4.49:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-42063.yaml b/http/cves/2021/CVE-2021-42063.yaml index d4c3d4efd1..d7ecb716a1 100644 --- a/http/cves/2021/CVE-2021-42063.yaml +++ b/http/cves/2021/CVE-2021-42063.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2021-42063 cwe-id: CWE-79 epss-score: 0.00418 - epss-percentile: 0.71432 + epss-percentile: 0.73669 cpe: cpe:2.3:a:sap:knowledge_warehouse:7.30:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-42071.yaml b/http/cves/2021/CVE-2021-42071.yaml index 2d022d5c2c..473553b1db 100644 --- a/http/cves/2021/CVE-2021-42071.yaml +++ b/http/cves/2021/CVE-2021-42071.yaml @@ -13,13 +13,15 @@ info: - https://www.exploit-db.com/exploits/50098 - https://nvd.nist.gov/vuln/detail/CVE-2021-42071 - https://visual-tools.com/ + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-42071 cwe-id: CWE-78 epss-score: 0.95674 - epss-percentile: 0.99279 + epss-percentile: 0.99369 cpe: cpe:2.3:o:visual-tools:dvr_vx16_firmware:4.2.28.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-42192.yaml b/http/cves/2021/CVE-2021-42192.yaml index 9bb0e0eb53..94e08de77a 100644 --- a/http/cves/2021/CVE-2021-42192.yaml +++ b/http/cves/2021/CVE-2021-42192.yaml @@ -20,8 +20,8 @@ info: cvss-score: 8.8 cve-id: CVE-2021-42192 cwe-id: CWE-863 - epss-score: 0.03284 - epss-percentile: 0.90317 + epss-score: 0.04146 + epss-percentile: 0.91987 cpe: cpe:2.3:a:konga_project:konga:0.14.9:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2021/CVE-2021-42258.yaml b/http/cves/2021/CVE-2021-42258.yaml index 0856ae586b..7325c52724 100644 --- a/http/cves/2021/CVE-2021-42258.yaml +++ b/http/cves/2021/CVE-2021-42258.yaml @@ -12,13 +12,16 @@ info: reference: - https://www.huntress.com/blog/threat-advisory-hackers-are-exploiting-a-vulnerability-in-popular-billing-software-to-deploy-ransomware - https://nvd.nist.gov/vuln/detail/CVE-2021-42258 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/Ostorlab/KEV + - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-42258 cwe-id: CWE-89 - epss-score: 0.96873 - epss-percentile: 0.9964 + epss-score: 0.9738 + epss-percentile: 0.99901 cpe: cpe:2.3:a:bqe:billquick_web_suite:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-42565.yaml b/http/cves/2021/CVE-2021-42565.yaml index 6a394d2a39..fdf2bd2afd 100644 --- a/http/cves/2021/CVE-2021-42565.yaml +++ b/http/cves/2021/CVE-2021-42565.yaml @@ -13,13 +13,15 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2021-42565 - https://www.redteam-pentesting.de/en/advisories/rt-sa-2021-001/-cross-site-scripting-in-myfactory-fms - https://www.redteam-pentesting.de/advisories/rt-sa-2021-001 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-42565 cwe-id: CWE-79 epss-score: 0.00102 - epss-percentile: 0.4118 + epss-percentile: 0.40517 cpe: cpe:2.3:a:myfactory:fms:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-42566.yaml b/http/cves/2021/CVE-2021-42566.yaml index a6b1adf09a..cf56c13bd0 100644 --- a/http/cves/2021/CVE-2021-42566.yaml +++ b/http/cves/2021/CVE-2021-42566.yaml @@ -14,13 +14,14 @@ info: - https://www.redteam-pentesting.de/en/advisories/rt-sa-2021-001/-cross-site-scripting-in-myfactory-fms - https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-42566 - https://www.redteam-pentesting.de/advisories/rt-sa-2021-001 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-42566 cwe-id: CWE-79 epss-score: 0.00102 - epss-percentile: 0.4118 + epss-percentile: 0.40517 cpe: cpe:2.3:a:myfactory:fms:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-42567.yaml b/http/cves/2021/CVE-2021-42567.yaml index c9a9813955..9671bbc2d7 100644 --- a/http/cves/2021/CVE-2021-42567.yaml +++ b/http/cves/2021/CVE-2021-42567.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-42567 cwe-id: CWE-79 epss-score: 0.25981 - epss-percentile: 0.96296 + epss-percentile: 0.96613 cpe: cpe:2.3:a:apereo:central_authentication_service:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-42627.yaml b/http/cves/2021/CVE-2021-42627.yaml index 6330f1d588..a69430fc2a 100644 --- a/http/cves/2021/CVE-2021-42627.yaml +++ b/http/cves/2021/CVE-2021-42627.yaml @@ -20,8 +20,8 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-42627 - epss-score: 0.06041 - epss-percentile: 0.92756 + epss-score: 0.16383 + epss-percentile: 0.95867 cpe: cpe:2.3:o:dlink:dir-615_firmware:20.06:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-42887.yaml b/http/cves/2021/CVE-2021-42887.yaml index 43a50c42b9..54c83bfae2 100644 --- a/http/cves/2021/CVE-2021-42887.yaml +++ b/http/cves/2021/CVE-2021-42887.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-42887 cwe-id: CWE-287 - epss-score: 0.07357 - epss-percentile: 0.93441 + epss-score: 0.08034 + epss-percentile: 0.9414 cpe: cpe:2.3:o:totolink:ex1200t_firmware:4.1.2cu.5215:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2021/CVE-2021-43062.yaml b/http/cves/2021/CVE-2021-43062.yaml index 1ca4c8662d..e7d9c08ee7 100644 --- a/http/cves/2021/CVE-2021-43062.yaml +++ b/http/cves/2021/CVE-2021-43062.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2021-43062 cwe-id: CWE-79 epss-score: 0.00709 - epss-percentile: 0.78348 + epss-percentile: 0.79992 cpe: cpe:2.3:a:fortinet:fortimail:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-43421.yaml b/http/cves/2021/CVE-2021-43421.yaml index f2234cae8e..7ba28e66ce 100644 --- a/http/cves/2021/CVE-2021-43421.yaml +++ b/http/cves/2021/CVE-2021-43421.yaml @@ -14,13 +14,14 @@ info: - https://github.com/Studio-42/elFinder/issues/3429 - https://twitter.com/infosec_90/status/1455180286354919425 - https://nvd.nist.gov/vuln/detail/CVE-2021-43421 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-43421 cwe-id: CWE-434 epss-score: 0.06629 - epss-percentile: 0.93112 + epss-percentile: 0.93651 cpe: cpe:2.3:a:std42:elfinder:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-43510.yaml b/http/cves/2021/CVE-2021-43510.yaml index 5a7846147f..61b0264a28 100644 --- a/http/cves/2021/CVE-2021-43510.yaml +++ b/http/cves/2021/CVE-2021-43510.yaml @@ -14,13 +14,15 @@ info: - https://github.com/r4hn1/Simple-Client-Management-System-Exploit/blob/main/CVE-2021-43510 - https://www.sourcecodester.com/php/15027/simple-client-management-system-php-source-code.html - https://nvd.nist.gov/vuln/detail/CVE-2021-43510 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/r4hn1/Simple-Client-Management-System-Exploit classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-43510 cwe-id: CWE-89 - epss-score: 0.03948 - epss-percentile: 0.91118 + epss-score: 0.03977 + epss-percentile: 0.9183 cpe: cpe:2.3:a:simple_client_management_system_project:simple_client_management_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-43574.yaml b/http/cves/2021/CVE-2021-43574.yaml index a3e813843b..556b3edc8e 100644 --- a/http/cves/2021/CVE-2021-43574.yaml +++ b/http/cves/2021/CVE-2021-43574.yaml @@ -15,13 +15,14 @@ info: - https://help.atmail.com/hc/en-us/sections/115003283988 - https://nvd.nist.gov/vuln/detail/CVE-2021-43574 - https://medium.com/%40bhattronit96/cve-2021-43574-696041dcab9e + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-43574 cwe-id: CWE-79 - epss-score: 0.0019 - epss-percentile: 0.5661 + epss-score: 0.00132 + epss-percentile: 0.47351 cpe: cpe:2.3:a:atmail:atmail:6.5.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-43778.yaml b/http/cves/2021/CVE-2021-43778.yaml index fc4886ef44..756fe6dba7 100644 --- a/http/cves/2021/CVE-2021-43778.yaml +++ b/http/cves/2021/CVE-2021-43778.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-43778 cwe-id: CWE-22 - epss-score: 0.68846 - epss-percentile: 0.97701 + epss-score: 0.53541 + epss-percentile: 0.97558 cpe: cpe:2.3:a:glpi-project:barcode:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-43798.yaml b/http/cves/2021/CVE-2021-43798.yaml index 3b94947287..ff3cb566c6 100644 --- a/http/cves/2021/CVE-2021-43798.yaml +++ b/http/cves/2021/CVE-2021-43798.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-43798 cwe-id: CWE-22 - epss-score: 0.97105 - epss-percentile: 0.99736 + epss-score: 0.97474 + epss-percentile: 0.99963 cpe: cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2021/CVE-2021-43810.yaml b/http/cves/2021/CVE-2021-43810.yaml index 15d1e9d192..ca42f279f5 100644 --- a/http/cves/2021/CVE-2021-43810.yaml +++ b/http/cves/2021/CVE-2021-43810.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2021-43810 cwe-id: CWE-79 - epss-score: 0.00513 - epss-percentile: 0.74103 + epss-score: 0.00369 + epss-percentile: 0.72044 cpe: cpe:2.3:a:admidio:admidio:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-44077.yaml b/http/cves/2021/CVE-2021-44077.yaml index 7a4af9eb3a..3dc3add14f 100644 --- a/http/cves/2021/CVE-2021-44077.yaml +++ b/http/cves/2021/CVE-2021-44077.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-44077 cwe-id: CWE-306 - epss-score: 0.97254 - epss-percentile: 0.99817 + epss-score: 0.97367 + epss-percentile: 0.99895 cpe: cpe:2.3:a:zohocorp:manageengine_servicedesk_plus:11.1:11138:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-44138.yaml b/http/cves/2021/CVE-2021-44138.yaml index a2943d9601..2a139c15c8 100644 --- a/http/cves/2021/CVE-2021-44138.yaml +++ b/http/cves/2021/CVE-2021-44138.yaml @@ -18,8 +18,8 @@ info: cvss-score: 7.5 cve-id: CVE-2021-44138 cwe-id: CWE-22 - epss-score: 0.01291 - epss-percentile: 0.84342 + epss-score: 0.01258 + epss-percentile: 0.8528 cpe: cpe:2.3:a:caucho:resin:*:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2021/CVE-2021-44152.yaml b/http/cves/2021/CVE-2021-44152.yaml index 6d099ba667..46ba43cf89 100644 --- a/http/cves/2021/CVE-2021-44152.yaml +++ b/http/cves/2021/CVE-2021-44152.yaml @@ -15,13 +15,14 @@ info: - http://packetstormsecurity.com/files/165186/Reprise-License-Manager-14.2-Unauthenticated-Password-Change.html - https://nvd.nist.gov/vuln/detail/CVE-2021-44152 - https://www.reprisesoftware.com/RELEASE_NOTES + - https://github.com/anonymous364872/Rapier_Tool classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-44152 cwe-id: CWE-306 - epss-score: 0.86597 - epss-percentile: 0.98335 + epss-score: 0.86031 + epss-percentile: 0.98489 cpe: cpe:2.3:a:reprisesoftware:reprise_license_manager:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-44427.yaml b/http/cves/2021/CVE-2021-44427.yaml index 444daefd36..037ef4d158 100644 --- a/http/cves/2021/CVE-2021-44427.yaml +++ b/http/cves/2021/CVE-2021-44427.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-44427 cwe-id: CWE-89 - epss-score: 0.03504 - epss-percentile: 0.90641 + epss-score: 0.03844 + epss-percentile: 0.91709 cpe: cpe:2.3:a:rosariosis:rosariosis:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-44529.yaml b/http/cves/2021/CVE-2021-44529.yaml index ca4f81f42d..80105ecc0a 100644 --- a/http/cves/2021/CVE-2021-44529.yaml +++ b/http/cves/2021/CVE-2021-44529.yaml @@ -14,13 +14,14 @@ info: - https://twitter.com/Dinosn/status/1505273954478530569 - https://nvd.nist.gov/vuln/detail/CVE-2021-44529 - http://packetstormsecurity.com/files/166383/Ivanti-Endpoint-Manager-CSA-4.5-4.6-Remote-Code-Execution.html + - https://github.com/SYRTI/POC_to_review classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-44529 cwe-id: CWE-94 - epss-score: 0.95206 - epss-percentile: 0.99171 + epss-score: 0.95621 + epss-percentile: 0.99362 cpe: cpe:2.3:a:ivanti:endpoint_manager_cloud_services_appliance:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-44848.yaml b/http/cves/2021/CVE-2021-44848.yaml index 258f5826f7..b291931689 100644 --- a/http/cves/2021/CVE-2021-44848.yaml +++ b/http/cves/2021/CVE-2021-44848.yaml @@ -20,8 +20,8 @@ info: cvss-score: 5.3 cve-id: CVE-2021-44848 cwe-id: CWE-203 - epss-score: 0.01603 - epss-percentile: 0.86093 + epss-score: 0.02038 + epss-percentile: 0.8871 cpe: cpe:2.3:a:cybelesoft:thinfinity_virtualui:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-45092.yaml b/http/cves/2021/CVE-2021-45092.yaml index c6ff3ea4b3..843e01eea5 100644 --- a/http/cves/2021/CVE-2021-45092.yaml +++ b/http/cves/2021/CVE-2021-45092.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-45092 cwe-id: CWE-74 - epss-score: 0.0618 - epss-percentile: 0.92886 + epss-score: 0.05776 + epss-percentile: 0.93213 cpe: cpe:2.3:a:cybelesoft:thinfinity_virtualui:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-45380.yaml b/http/cves/2021/CVE-2021-45380.yaml index 4123c0234b..a9e2446b54 100644 --- a/http/cves/2021/CVE-2021-45380.yaml +++ b/http/cves/2021/CVE-2021-45380.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2021-45380 cwe-id: CWE-79 epss-score: 0.00314 - epss-percentile: 0.67166 + epss-percentile: 0.69628 cpe: cpe:2.3:a:appcms:appcms:2.0.101:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-45382.yaml b/http/cves/2021/CVE-2021-45382.yaml index 63a801fed5..004f0cbbd4 100644 --- a/http/cves/2021/CVE-2021-45382.yaml +++ b/http/cves/2021/CVE-2021-45382.yaml @@ -12,13 +12,15 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2021-45382 - https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10264 - https://github.com/doudoudedi/D-LINK_Command_Injection1/blob/main/D-LINK_Command_injection.md#poc + - https://github.com/ARPSyndicate/cvemon + - https://github.com/Ostorlab/KEV classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-45382 cwe-id: CWE-78 - epss-score: 0.96871 - epss-percentile: 0.99639 + epss-score: 0.96989 + epss-percentile: 0.9972 cpe: cpe:2.3:o:dlink:dir-820l_firmware:-:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-45428.yaml b/http/cves/2021/CVE-2021-45428.yaml index e0593f0f60..ccfa6dbe97 100644 --- a/http/cves/2021/CVE-2021-45428.yaml +++ b/http/cves/2021/CVE-2021-45428.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2021-45428 cwe-id: CWE-639 epss-score: 0.08441 - epss-percentile: 0.93836 + epss-percentile: 0.94265 cpe: cpe:2.3:o:telesquare:tlr-2005ksh_firmware:-:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-45967.yaml b/http/cves/2021/CVE-2021-45967.yaml index 628db15feb..947d656822 100644 --- a/http/cves/2021/CVE-2021-45967.yaml +++ b/http/cves/2021/CVE-2021-45967.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-45967 cwe-id: CWE-22 - epss-score: 0.74039 - epss-percentile: 0.97858 + epss-score: 0.72601 + epss-percentile: 0.98001 cpe: cpe:2.3:a:pascom:cloud_phone_system:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-46068.yaml b/http/cves/2021/CVE-2021-46068.yaml index b98001f02f..8b554a3dfa 100644 --- a/http/cves/2021/CVE-2021-46068.yaml +++ b/http/cves/2021/CVE-2021-46068.yaml @@ -15,13 +15,14 @@ info: - https://www.plsanu.com/vehicle-service-management-system-myaccount-stored-cross-site-scripting-xss - https://www.sourcecodester.com/php/14972/vehicle-service-management-system-php-free-source-code.html - https://nvd.nist.gov/vuln/detail/CVE-2021-46068 + - https://github.com/zecool/cve classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N cvss-score: 4.8 cve-id: CVE-2021-46068 cwe-id: CWE-79 epss-score: 0.00084 - epss-percentile: 0.34831 + epss-percentile: 0.34354 cpe: cpe:2.3:a:vehicle_service_management_system_project:vehicle_service_management_system:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-46072.yaml b/http/cves/2021/CVE-2021-46072.yaml index bd67111b9b..03292f9276 100644 --- a/http/cves/2021/CVE-2021-46072.yaml +++ b/http/cves/2021/CVE-2021-46072.yaml @@ -15,13 +15,14 @@ info: - https://www.plsanu.com/vehicle-service-management-system-service-list-stored-cross-site-scripting-xss - https://www.sourcecodester.com/php/14972/vehicle-service-management-system-php-free-source-code.html - https://nvd.nist.gov/vuln/detail/CVE-2021-46072 + - https://github.com/soosmile/POC classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N cvss-score: 4.8 cve-id: CVE-2021-46072 cwe-id: CWE-79 epss-score: 0.00084 - epss-percentile: 0.34831 + epss-percentile: 0.34354 cpe: cpe:2.3:a:vehicle_service_management_system_project:vehicle_service_management_system:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-46073.yaml b/http/cves/2021/CVE-2021-46073.yaml index 23f2585d51..2c5ed012d7 100644 --- a/http/cves/2021/CVE-2021-46073.yaml +++ b/http/cves/2021/CVE-2021-46073.yaml @@ -15,13 +15,14 @@ info: - https://www.plsanu.com/vehicle-service-management-system-user-list-stored-cross-site-scripting-xss - https://www.sourcecodester.com/php/14972/vehicle-service-management-system-php-free-source-code.html - https://nvd.nist.gov/vuln/detail/CVE-2021-46073 + - https://github.com/SYRTI/POC_to_review classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N cvss-score: 4.8 cve-id: CVE-2021-46073 cwe-id: CWE-79 epss-score: 0.00084 - epss-percentile: 0.34831 + epss-percentile: 0.34354 cpe: cpe:2.3:a:vehicle_service_management_system_project:vehicle_service_management_system:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-46107.yaml b/http/cves/2021/CVE-2021-46107.yaml index 43da34147f..2312756504 100644 --- a/http/cves/2021/CVE-2021-46107.yaml +++ b/http/cves/2021/CVE-2021-46107.yaml @@ -14,13 +14,15 @@ info: - https://raw.githubusercontent.com/Orange-Cyberdefense/CVE-repository/master/PoCs/POC_CVE-2021-46107.py - https://nvd.nist.gov/vuln/detail/CVE-2021-46107 - https://owasp.org/Top10/A10_2021-Server-Side_Request_Forgery_%28SSRF%29/ + - https://github.com/Transmetal/CVE-repository-master + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2021-46107 cwe-id: CWE-918 - epss-score: 0.01739 - epss-percentile: 0.86557 + epss-score: 0.01673 + epss-percentile: 0.87383 cpe: cpe:2.3:a:ligeo-archives:ligeo_basics:02_01-2022:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-46379.yaml b/http/cves/2021/CVE-2021-46379.yaml index 5a99a217ba..6522980d6b 100644 --- a/http/cves/2021/CVE-2021-46379.yaml +++ b/http/cves/2021/CVE-2021-46379.yaml @@ -14,13 +14,14 @@ info: - https://drive.google.com/file/d/1rrlwnIxSHEoO4SMAHRPKZSRzK5MwZQRf/view - https://www.dlink.com/en/security-bulletin - https://www.dlink.com/en/security-bulletin/ + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-46379 cwe-id: CWE-601 - epss-score: 0.00267 - epss-percentile: 0.64198 + epss-score: 0.00306 + epss-percentile: 0.69219 cpe: cpe:2.3:o:dlink:dir-850l_firmware:1.08trb03:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-46381.yaml b/http/cves/2021/CVE-2021-46381.yaml index cbb9d7b6b1..e9d0636a2a 100644 --- a/http/cves/2021/CVE-2021-46381.yaml +++ b/http/cves/2021/CVE-2021-46381.yaml @@ -14,13 +14,14 @@ info: - https://www.dlink.com/en/security-bulletin/ - https://nvd.nist.gov/vuln/detail/CVE-2021-46381 - http://packetstormsecurity.com/files/167070/DLINK-DAP-1620-A1-1.01-Directory-Traversal.html + - https://github.com/SYRTI/POC_to_review classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2021-46381 cwe-id: CWE-22 epss-score: 0.02202 - epss-percentile: 0.88284 + epss-percentile: 0.892 cpe: cpe:2.3:o:dlink:dap-1620_firmware:-:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2021/CVE-2021-46422.yaml b/http/cves/2021/CVE-2021-46422.yaml index 7ea88c9f2b..b3c8aaa47f 100644 --- a/http/cves/2021/CVE-2021-46422.yaml +++ b/http/cves/2021/CVE-2021-46422.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-46422 cwe-id: CWE-78 - epss-score: 0.95223 - epss-percentile: 0.99177 + epss-score: 0.95567 + epss-percentile: 0.99348 cpe: cpe:2.3:o:telesquare:sdt-cs3b1_firmware:1.1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2021/CVE-2021-46704.yaml b/http/cves/2021/CVE-2021-46704.yaml index becd313482..abbf710fa7 100644 --- a/http/cves/2021/CVE-2021-46704.yaml +++ b/http/cves/2021/CVE-2021-46704.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2021-46704 cwe-id: CWE-78 - epss-score: 0.95412 - epss-percentile: 0.9923 + epss-score: 0.94392 + epss-percentile: 0.99153 cpe: cpe:2.3:a:genieacs:genieacs:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0087.yaml b/http/cves/2022/CVE-2022-0087.yaml index c991b35653..cf97e63a60 100644 --- a/http/cves/2022/CVE-2022-0087.yaml +++ b/http/cves/2022/CVE-2022-0087.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2022-0087 cwe-id: CWE-79 epss-score: 0.001 - epss-percentile: 0.40832 + epss-percentile: 0.40139 cpe: cpe:2.3:a:keystonejs:keystone:*:*:*:*:*:node.js:*:* metadata: max-request: 2 diff --git a/http/cves/2022/CVE-2022-0140.yaml b/http/cves/2022/CVE-2022-0140.yaml index da1025a5e8..ff914eb8c6 100644 --- a/http/cves/2022/CVE-2022-0140.yaml +++ b/http/cves/2022/CVE-2022-0140.yaml @@ -14,13 +14,15 @@ info: - https://wpscan.com/vulnerability/9fa2b3b6-2fe3-40f0-8f71-371dd58fe336 - https://www.fortiguard.com/zeroday/FG-VD-21-082 - https://nvd.nist.gov/vuln/detail/cve-2022-0140 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2022-0140 cwe-id: CWE-306 epss-score: 0.00966 - epss-percentile: 0.81608 + epss-percentile: 0.8297 cpe: cpe:2.3:a:vfbpro:visual_form_builder:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-0149.yaml b/http/cves/2022/CVE-2022-0149.yaml index d2b16d5d6a..9713a7de50 100644 --- a/http/cves/2022/CVE-2022-0149.yaml +++ b/http/cves/2022/CVE-2022-0149.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-0149 cwe-id: CWE-79 epss-score: 0.001 - epss-percentile: 0.40882 + epss-percentile: 0.40139 cpe: cpe:2.3:a:visser:store_exporter_for_woocommerce:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2022/CVE-2022-0165.yaml b/http/cves/2022/CVE-2022-0165.yaml index 5a8bbbc749..ab4f6c8f37 100644 --- a/http/cves/2022/CVE-2022-0165.yaml +++ b/http/cves/2022/CVE-2022-0165.yaml @@ -12,13 +12,16 @@ info: reference: - https://wpscan.com/vulnerability/906d0c31-370e-46b4-af1f-e52fbddd00cb - https://nvd.nist.gov/vuln/detail/CVE-2022-0165 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/K3ysTr0K3R/CVE-2022-0165-EXPLOIT classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-0165 cwe-id: CWE-601 epss-score: 0.001 - epss-percentile: 0.40839 + epss-percentile: 0.40148 cpe: cpe:2.3:a:king-theme:kingcomposer:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-0169.yaml b/http/cves/2022/CVE-2022-0169.yaml index 9174784f0d..0aa950aa5e 100644 --- a/http/cves/2022/CVE-2022-0169.yaml +++ b/http/cves/2022/CVE-2022-0169.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-0169 cwe-id: CWE-89 - epss-score: 0.01284 - epss-percentile: 0.84353 + epss-score: 0.01246 + epss-percentile: 0.85214 cpe: cpe:2.3:a:10web:photo_gallery:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0189.yaml b/http/cves/2022/CVE-2022-0189.yaml index 013da77646..335b1a4cba 100644 --- a/http/cves/2022/CVE-2022-0189.yaml +++ b/http/cves/2022/CVE-2022-0189.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-0189 cwe-id: CWE-79 epss-score: 0.001 - epss-percentile: 0.40882 + epss-percentile: 0.40139 cpe: cpe:2.3:a:wprssaggregator:wp_rss_aggregator:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2022/CVE-2022-0206.yaml b/http/cves/2022/CVE-2022-0206.yaml index 144ebaeba8..c0e0089db0 100644 --- a/http/cves/2022/CVE-2022-0206.yaml +++ b/http/cves/2022/CVE-2022-0206.yaml @@ -13,13 +13,14 @@ info: - https://wpscan.com/vulnerability/ce12437a-d440-4c4a-9247-95a8f39d00b9 - https://wordpress.org/plugins/newstatpress - https://nvd.nist.gov/vuln/detail/CVE-2022-0206 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-0206 cwe-id: CWE-79 epss-score: 0.00106 - epss-percentile: 0.42838 + epss-percentile: 0.42122 cpe: cpe:2.3:a:newstatpress_project:newstatpress:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0208.yaml b/http/cves/2022/CVE-2022-0208.yaml index 1e80694b02..ce4b050c01 100644 --- a/http/cves/2022/CVE-2022-0208.yaml +++ b/http/cves/2022/CVE-2022-0208.yaml @@ -13,13 +13,15 @@ info: reference: - https://wpscan.com/vulnerability/59a2abd0-4aee-47aa-ad3a-865f624fa0fc - https://nvd.nist.gov/vuln/detail/CVE-2022-0208 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-0208 cwe-id: CWE-79 epss-score: 0.00106 - epss-percentile: 0.42838 + epss-percentile: 0.42122 cpe: cpe:2.3:a:mappresspro:mappress:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-0212.yaml b/http/cves/2022/CVE-2022-0212.yaml index 6fe087af19..c9a4417ac4 100644 --- a/http/cves/2022/CVE-2022-0212.yaml +++ b/http/cves/2022/CVE-2022-0212.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2022-0212 cwe-id: CWE-79 epss-score: 0.00086 - epss-percentile: 0.35806 + epss-percentile: 0.35299 cpe: cpe:2.3:a:10web:spidercalendar:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0218.yaml b/http/cves/2022/CVE-2022-0218.yaml index 6482655558..745ddfc5d3 100644 --- a/http/cves/2022/CVE-2022-0218.yaml +++ b/http/cves/2022/CVE-2022-0218.yaml @@ -14,13 +14,14 @@ info: - https://wordpress.org/plugins/wp-html-mail/ - https://nvd.nist.gov/vuln/detail/CVE-2022-0218 - https://plugins.trac.wordpress.org/changeset/2656984/wp-html-mail/trunk/includes/class-template-designer.php + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-0218 cwe-id: CWE-79 epss-score: 0.03872 - epss-percentile: 0.91041 + epss-percentile: 0.9173 cpe: cpe:2.3:a:codemiq:wordpress_email_template_designer:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-0228.yaml b/http/cves/2022/CVE-2022-0228.yaml index 92633720c9..0c08500745 100644 --- a/http/cves/2022/CVE-2022-0228.yaml +++ b/http/cves/2022/CVE-2022-0228.yaml @@ -11,13 +11,14 @@ info: - https://wpscan.com/vulnerability/22facac2-52f4-4e5f-be59-1d2934b260d9 - https://nvd.nist.gov/vuln/detail/CVE-2022-0228 - https://plugins.trac.wordpress.org/changeset/2659117 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H cvss-score: 7.2 cve-id: CVE-2022-0228 cwe-id: CWE-89 - epss-score: 0.03432 - epss-percentile: 0.90525 + epss-score: 0.03069 + epss-percentile: 0.90788 cpe: cpe:2.3:a:sygnoos:popup_builder:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0234.yaml b/http/cves/2022/CVE-2022-0234.yaml index d285c9becb..78074da5ee 100644 --- a/http/cves/2022/CVE-2022-0234.yaml +++ b/http/cves/2022/CVE-2022-0234.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-0234 cwe-id: CWE-79 epss-score: 0.001 - epss-percentile: 0.40882 + epss-percentile: 0.40139 cpe: cpe:2.3:a:pluginus:woocs:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0271.yaml b/http/cves/2022/CVE-2022-0271.yaml index 752f34beaf..49ae3c6d22 100644 --- a/http/cves/2022/CVE-2022-0271.yaml +++ b/http/cves/2022/CVE-2022-0271.yaml @@ -14,13 +14,15 @@ info: - https://wpscan.com/vulnerability/ad07d9cd-8a75-4f7c-bbbe-3b6b89b699f2 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0271 - https://nvd.nist.gov/vuln/detail/cve-2022-0271 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-0271 cwe-id: CWE-79 epss-score: 0.00106 - epss-percentile: 0.42838 + epss-percentile: 0.42122 cpe: cpe:2.3:a:thimpress:learnpress:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-0288.yaml b/http/cves/2022/CVE-2022-0288.yaml index 9b223fd736..6d48cfffff 100644 --- a/http/cves/2022/CVE-2022-0288.yaml +++ b/http/cves/2022/CVE-2022-0288.yaml @@ -12,13 +12,15 @@ info: reference: - https://wpscan.com/vulnerability/27b64412-33a4-462c-bc45-f81697e4fe42 - https://nvd.nist.gov/vuln/detail/CVE-2022-0288 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-0288 cwe-id: CWE-79 epss-score: 0.00106 - epss-percentile: 0.42838 + epss-percentile: 0.42122 cpe: cpe:2.3:a:ad_inserter_pro_project:ad_inserter_pro:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-0342.yaml b/http/cves/2022/CVE-2022-0342.yaml index b409fe15fd..76542b8a43 100644 --- a/http/cves/2022/CVE-2022-0342.yaml +++ b/http/cves/2022/CVE-2022-0342.yaml @@ -17,8 +17,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-0342 cwe-id: CWE-287 - epss-score: 0.07467 - epss-percentile: 0.93479 + epss-score: 0.08015 + epss-percentile: 0.94132 cpe: cpe:2.3:o:zyxel:usg40_firmware:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0346.yaml b/http/cves/2022/CVE-2022-0346.yaml index 9c75cde5fb..3912dea94c 100644 --- a/http/cves/2022/CVE-2022-0346.yaml +++ b/http/cves/2022/CVE-2022-0346.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-0346 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36967 + epss-percentile: 0.36353 cpe: cpe:2.3:a:xmlsitemapgenerator:xml_sitemap_generator:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0349.yaml b/http/cves/2022/CVE-2022-0349.yaml index 7b819cc902..c80ba86924 100644 --- a/http/cves/2022/CVE-2022-0349.yaml +++ b/http/cves/2022/CVE-2022-0349.yaml @@ -14,13 +14,15 @@ info: - https://wpscan.com/vulnerability/1d0dd7be-29f3-4043-a9c6-67d02746463a - https://wordpress.org/plugins/notificationx/advanced/ - https://nvd.nist.gov/vuln/detail/CVE-2022-0349 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-0349 cwe-id: CWE-89 - epss-score: 0.03383 - epss-percentile: 0.90457 + epss-score: 0.02414 + epss-percentile: 0.89687 cpe: cpe:2.3:a:wpdeveloper:notificationx:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0378.yaml b/http/cves/2022/CVE-2022-0378.yaml index 744a4e985c..fc81417d58 100644 --- a/http/cves/2022/CVE-2022-0378.yaml +++ b/http/cves/2022/CVE-2022-0378.yaml @@ -13,13 +13,15 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2022-0378 - https://github.com/microweber/microweber/commit/fc7e1a026735b93f0e0047700d08c44954fce9ce - https://huntr.dev/bounties/529b65c0-5be7-49d4-9419-f905b8153d31 + - https://github.com/vohvelikissa/bugbouncing + - https://github.com/x86trace/Oneliners classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N cvss-score: 5.4 cve-id: CVE-2022-0378 cwe-id: CWE-79 epss-score: 0.001 - epss-percentile: 0.40832 + epss-percentile: 0.40139 cpe: cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-0381.yaml b/http/cves/2022/CVE-2022-0381.yaml index 35b88759fd..1e407e664c 100644 --- a/http/cves/2022/CVE-2022-0381.yaml +++ b/http/cves/2022/CVE-2022-0381.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-0381 cwe-id: CWE-79 epss-score: 0.00218 - epss-percentile: 0.59831 + epss-percentile: 0.59134 cpe: cpe:2.3:a:embed_swagger_project:embed_swagger:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-0412.yaml b/http/cves/2022/CVE-2022-0412.yaml index 137771e389..4005ccd3ac 100644 --- a/http/cves/2022/CVE-2022-0412.yaml +++ b/http/cves/2022/CVE-2022-0412.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-0412 cwe-id: CWE-89 - epss-score: 0.09127 - epss-percentile: 0.94083 + epss-score: 0.10259 + epss-percentile: 0.94816 cpe: cpe:2.3:a:templateinvaders:ti_woocommerce_wishlist:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0422.yaml b/http/cves/2022/CVE-2022-0422.yaml index 1c4773ec94..9eef7fae6c 100644 --- a/http/cves/2022/CVE-2022-0422.yaml +++ b/http/cves/2022/CVE-2022-0422.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-0422 cwe-id: CWE-79 epss-score: 0.001 - epss-percentile: 0.40882 + epss-percentile: 0.40139 cpe: cpe:2.3:a:videousermanuals:white_label_cms:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-0432.yaml b/http/cves/2022/CVE-2022-0432.yaml index caa89a262f..b57cc18386 100644 --- a/http/cves/2022/CVE-2022-0432.yaml +++ b/http/cves/2022/CVE-2022-0432.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-0432 cwe-id: CWE-1321 epss-score: 0.001 - epss-percentile: 0.40882 + epss-percentile: 0.40139 cpe: cpe:2.3:a:joinmastodon:mastodon:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-0533.yaml b/http/cves/2022/CVE-2022-0533.yaml index 1f8c906db9..7127ab1807 100644 --- a/http/cves/2022/CVE-2022-0533.yaml +++ b/http/cves/2022/CVE-2022-0533.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2022-0533 cwe-id: CWE-79 epss-score: 0.001 - epss-percentile: 0.40882 + epss-percentile: 0.40139 cpe: cpe:2.3:a:metaphorcreations:ditty:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0535.yaml b/http/cves/2022/CVE-2022-0535.yaml index 47812d3461..6c74cebd34 100644 --- a/http/cves/2022/CVE-2022-0535.yaml +++ b/http/cves/2022/CVE-2022-0535.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-0535 cwe-id: CWE-79 epss-score: 0.00084 - epss-percentile: 0.34822 + epss-percentile: 0.34344 cpe: cpe:2.3:a:e2pdf:e2pdf:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0540.yaml b/http/cves/2022/CVE-2022-0540.yaml index 29781d4737..41d08e32eb 100644 --- a/http/cves/2022/CVE-2022-0540.yaml +++ b/http/cves/2022/CVE-2022-0540.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-0540 cwe-id: CWE-287 - epss-score: 0.25982 - epss-percentile: 0.96297 + epss-score: 0.2507 + epss-percentile: 0.96565 cpe: cpe:2.3:a:atlassian:jira_data_center:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-0594.yaml b/http/cves/2022/CVE-2022-0594.yaml index 4299984851..c97f1215ab 100644 --- a/http/cves/2022/CVE-2022-0594.yaml +++ b/http/cves/2022/CVE-2022-0594.yaml @@ -20,8 +20,8 @@ info: cvss-score: 5.3 cve-id: CVE-2022-0594 cwe-id: CWE-863 - epss-score: 0.0025 - epss-percentile: 0.63027 + epss-score: 0.00188 + epss-percentile: 0.55305 cpe: cpe:2.3:a:shareaholic:shareaholic:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0595.yaml b/http/cves/2022/CVE-2022-0595.yaml index 6f7d25afc8..56fb7e108e 100644 --- a/http/cves/2022/CVE-2022-0595.yaml +++ b/http/cves/2022/CVE-2022-0595.yaml @@ -13,13 +13,15 @@ info: reference: - https://wpscan.com/vulnerability/1b849957-eaca-47ea-8f84-23a3a98cc8de - https://plugins.trac.wordpress.org/changeset/2686614 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N cvss-score: 5.4 cve-id: CVE-2022-0595 cwe-id: CWE-79 epss-score: 0.00102 - epss-percentile: 0.41202 + epss-percentile: 0.40538 cpe: cpe:2.3:a:codedropz:drag_and_drop_multiple_file_upload_-_contact_form_7:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2022/CVE-2022-0599.yaml b/http/cves/2022/CVE-2022-0599.yaml index b2898d83fd..890bd9c26d 100644 --- a/http/cves/2022/CVE-2022-0599.yaml +++ b/http/cves/2022/CVE-2022-0599.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-0599 cwe-id: CWE-79 epss-score: 0.00106 - epss-percentile: 0.42899 + epss-percentile: 0.42122 cpe: cpe:2.3:a:mapping_multiple_urls_redirect_same_page_project:mapping_multiple_urls_redirect_same_page:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2022/CVE-2022-0658.yaml b/http/cves/2022/CVE-2022-0658.yaml index 02721bfd0b..6a22b416c2 100644 --- a/http/cves/2022/CVE-2022-0658.yaml +++ b/http/cves/2022/CVE-2022-0658.yaml @@ -11,13 +11,14 @@ info: - https://wpscan.com/vulnerability/d7f0805a-61ce-454a-96fb-5ecacd767578 - https://wordpress.org/plugins/commonsbooking/ - https://nvd.nist.gov/vuln/detail/CVE-2022-0658 + - https://github.com/cyllective/CVEs classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-0658 cwe-id: CWE-89 - epss-score: 0.03633 - epss-percentile: 0.90761 + epss-score: 0.04032 + epss-percentile: 0.91879 cpe: cpe:2.3:a:wielebenwir:commonsbooking:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0678.yaml b/http/cves/2022/CVE-2022-0678.yaml index 827145d734..89367a99ae 100644 --- a/http/cves/2022/CVE-2022-0678.yaml +++ b/http/cves/2022/CVE-2022-0678.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-0678 cwe-id: CWE-79 - epss-score: 0.00143 - epss-percentile: 0.50027 + epss-score: 0.00138 + epss-percentile: 0.48373 cpe: cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0679.yaml b/http/cves/2022/CVE-2022-0679.yaml index 393eee8c2d..55bf947457 100644 --- a/http/cves/2022/CVE-2022-0679.yaml +++ b/http/cves/2022/CVE-2022-0679.yaml @@ -13,13 +13,16 @@ info: reference: - https://wpscan.com/vulnerability/0ea79eb1-6561-4c21-a20b-a1870863b0a8 - https://nvd.nist.gov/vuln/detail/CVE-2022-0679 + - https://github.com/cyllective/CVEs + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-0679 cwe-id: CWE-22 epss-score: 0.03099 - epss-percentile: 0.90037 + epss-percentile: 0.90827 cpe: cpe:2.3:a:narnoo_distributor_project:narnoo_distributor:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0692.yaml b/http/cves/2022/CVE-2022-0692.yaml index ba7fb32056..e846d9c54a 100644 --- a/http/cves/2022/CVE-2022-0692.yaml +++ b/http/cves/2022/CVE-2022-0692.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-0692 cwe-id: CWE-601 epss-score: 0.001 - epss-percentile: 0.40882 + epss-percentile: 0.40139 cpe: cpe:2.3:a:alltube_project:alltube:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-0747.yaml b/http/cves/2022/CVE-2022-0747.yaml index 7a96e0a8d9..be95509869 100644 --- a/http/cves/2022/CVE-2022-0747.yaml +++ b/http/cves/2022/CVE-2022-0747.yaml @@ -14,13 +14,14 @@ info: - https://wordpress.org/plugins/infographic-and-list-builder-ilist/ - https://nvd.nist.gov/vuln/detail/CVE-2022-0747 - https://plugins.trac.wordpress.org/changeset/2684336 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-0747 cwe-id: CWE-89 - epss-score: 0.03399 - epss-percentile: 0.9048 + epss-score: 0.02705 + epss-percentile: 0.90254 cpe: cpe:2.3:a:quantumcloud:infographic_maker:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0769.yaml b/http/cves/2022/CVE-2022-0769.yaml index 9e180d51c2..9b35b8eb81 100644 --- a/http/cves/2022/CVE-2022-0769.yaml +++ b/http/cves/2022/CVE-2022-0769.yaml @@ -15,13 +15,14 @@ info: - https://wordpress.org/plugins/users-ultra/ - https://nvd.nist.gov/vuln/detail/CVE-2022-0769 - https://github.com/ARPSyndicate/cvemon + - https://github.com/cyllective/CVEs classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-0769 cwe-id: CWE-89 epss-score: 0.02977 - epss-percentile: 0.89892 + epss-percentile: 0.90654 cpe: cpe:2.3:a:usersultra:users_ultra:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0776.yaml b/http/cves/2022/CVE-2022-0776.yaml index 03311a84eb..c32b9e823a 100644 --- a/http/cves/2022/CVE-2022-0776.yaml +++ b/http/cves/2022/CVE-2022-0776.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-0776 cwe-id: CWE-79 epss-score: 0.001 - epss-percentile: 0.40075 + epss-percentile: 0.40139 cpe: cpe:2.3:a:revealjs:reveal.js:*:*:*:*:*:node.js:*:* metadata: vendor: revealjs diff --git a/http/cves/2022/CVE-2022-0781.yaml b/http/cves/2022/CVE-2022-0781.yaml index e591467e79..174d9480a9 100644 --- a/http/cves/2022/CVE-2022-0781.yaml +++ b/http/cves/2022/CVE-2022-0781.yaml @@ -14,13 +14,15 @@ info: - https://wpscan.com/vulnerability/1a8f9c7b-a422-4f45-a516-c3c14eb05161 - https://wordpress.org/plugins/nirweb-support/ - https://nvd.nist.gov/vuln/detail/CVE-2022-0781 + - https://github.com/cyllective/CVEs + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-0781 cwe-id: CWE-89 - epss-score: 0.01619 - epss-percentile: 0.86091 + epss-score: 0.01147 + epss-percentile: 0.84479 cpe: cpe:2.3:a:nirweb:nirweb_support:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0784.yaml b/http/cves/2022/CVE-2022-0784.yaml index 29d42210cc..ba36240c2d 100644 --- a/http/cves/2022/CVE-2022-0784.yaml +++ b/http/cves/2022/CVE-2022-0784.yaml @@ -14,13 +14,15 @@ info: - https://wpscan.com/vulnerability/6672b59f-14bc-4a22-9e0b-fcab4e01d97f - https://wordpress.org/plugins/wp-experiments-free/ - https://nvd.nist.gov/vuln/detail/CVE-2022-0784 + - https://github.com/cyllective/CVEs + - https://github.com/superlink996/chunqiuyunjingbachang classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-0784 cwe-id: CWE-89 - epss-score: 0.03633 - epss-percentile: 0.90761 + epss-score: 0.04043 + epss-percentile: 0.91894 cpe: cpe:2.3:a:title_experiments_free_project:title_experiments_free:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0785.yaml b/http/cves/2022/CVE-2022-0785.yaml index 384503a460..8d63b1e2b3 100644 --- a/http/cves/2022/CVE-2022-0785.yaml +++ b/http/cves/2022/CVE-2022-0785.yaml @@ -14,13 +14,15 @@ info: - https://wpscan.com/vulnerability/e1e09f56-89a4-4d6f-907b-3fb2cb825255 - https://wordpress.org/plugins/daily-prayer-time-for-mosques/ - https://nvd.nist.gov/vuln/detail/CVE-2022-0785 + - https://github.com/20142995/sectool + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-0785 cwe-id: CWE-89 - epss-score: 0.05057 - epss-percentile: 0.92125 + epss-score: 0.04043 + epss-percentile: 0.91894 cpe: cpe:2.3:a:daily_prayer_time_project:daily_prayer_time:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0786.yaml b/http/cves/2022/CVE-2022-0786.yaml index 4f0fd3feb8..c81c324992 100644 --- a/http/cves/2022/CVE-2022-0786.yaml +++ b/http/cves/2022/CVE-2022-0786.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-0786 cwe-id: CWE-89 - epss-score: 0.03032 - epss-percentile: 0.89973 + epss-score: 0.03633 + epss-percentile: 0.91467 cpe: cpe:2.3:a:iqonic:kivicare:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0787.yaml b/http/cves/2022/CVE-2022-0787.yaml index 176d11adc5..bb6b26927d 100644 --- a/http/cves/2022/CVE-2022-0787.yaml +++ b/http/cves/2022/CVE-2022-0787.yaml @@ -11,13 +11,14 @@ info: - https://wpscan.com/vulnerability/69329a8a-2cbe-4f99-a367-b152bd85b3dd - https://wordpress.org/plugins/wp-limit-failed-login-attempts/ - https://nvd.nist.gov/vuln/detail/CVE-2022-0787 + - https://github.com/cyllective/CVEs classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-0787 cwe-id: CWE-89 - epss-score: 0.03633 - epss-percentile: 0.90796 + epss-score: 0.04043 + epss-percentile: 0.91894 cpe: cpe:2.3:a:limit_login_attempts_project:limit_login_attempts:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0788.yaml b/http/cves/2022/CVE-2022-0788.yaml index 03e09dc690..5ff2510764 100644 --- a/http/cves/2022/CVE-2022-0788.yaml +++ b/http/cves/2022/CVE-2022-0788.yaml @@ -14,13 +14,15 @@ info: - https://wpscan.com/vulnerability/fbc71710-123f-4c61-9796-a6a4fd354828 - https://wordpress.org/plugins/wp-fundraising-donation/ - https://nvd.nist.gov/vuln/detail/CVE-2022-0788 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/cyllective/CVEs classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-0788 cwe-id: CWE-89 - epss-score: 0.03032 - epss-percentile: 0.89931 + epss-score: 0.03633 + epss-percentile: 0.91467 cpe: cpe:2.3:a:wpmet:wp_fundraising_donation_and_crowdfunding_platform:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0814.yaml b/http/cves/2022/CVE-2022-0814.yaml index 8808bfca0e..cbc13d26ce 100644 --- a/http/cves/2022/CVE-2022-0814.yaml +++ b/http/cves/2022/CVE-2022-0814.yaml @@ -11,13 +11,14 @@ info: - https://wpscan.com/vulnerability/fd84dc08-0079-4fcf-81c3-a61d652e3269 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0814 - https://wordpress.org/plugins/ubigeo-peru/ + - https://github.com/cyllective/CVEs classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-0814 cwe-id: CWE-89 - epss-score: 0.05057 - epss-percentile: 0.92125 + epss-score: 0.03633 + epss-percentile: 0.91467 cpe: cpe:2.3:a:ubigeo_de_peru_para_woocommerce_project:ubigeo_de_peru_para_woocommerce:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0817.yaml b/http/cves/2022/CVE-2022-0817.yaml index f71ebd9556..751ae0a1dc 100644 --- a/http/cves/2022/CVE-2022-0817.yaml +++ b/http/cves/2022/CVE-2022-0817.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-0817 cwe-id: CWE-89 - epss-score: 0.05057 - epss-percentile: 0.92143 + epss-score: 0.03633 + epss-percentile: 0.91467 cpe: cpe:2.3:a:badgeos:badgeos:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0827.yaml b/http/cves/2022/CVE-2022-0827.yaml index e1f7fd7fbb..7635cac8f1 100644 --- a/http/cves/2022/CVE-2022-0827.yaml +++ b/http/cves/2022/CVE-2022-0827.yaml @@ -14,13 +14,15 @@ info: - https://wpscan.com/vulnerability/0d208ebc-7805-457b-aa5f-ffd5adb2f3be - https://wordpress.org/plugins/bestbooks/ - https://nvd.nist.gov/vuln/detail/CVE-2022-0827 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/cyllective/CVEs classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-0827 cwe-id: CWE-89 - epss-score: 0.03032 - epss-percentile: 0.89931 + epss-score: 0.03633 + epss-percentile: 0.91467 cpe: cpe:2.3:a:presspage:bestbooks:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0864.yaml b/http/cves/2022/CVE-2022-0864.yaml index 15774cd909..cb1bf9b07b 100644 --- a/http/cves/2022/CVE-2022-0864.yaml +++ b/http/cves/2022/CVE-2022-0864.yaml @@ -14,13 +14,14 @@ info: - https://wpscan.com/vulnerability/7337543f-4c2c-4365-aebf-3423e9d2f872 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0864 - https://wordpress.org/plugins/updraftplus + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-0864 cwe-id: CWE-79 epss-score: 0.00242 - epss-percentile: 0.62097 + epss-percentile: 0.63565 cpe: cpe:2.3:a:updraftplus:updraftplus:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0867.yaml b/http/cves/2022/CVE-2022-0867.yaml index 8469159d93..7d22b8eec5 100644 --- a/http/cves/2022/CVE-2022-0867.yaml +++ b/http/cves/2022/CVE-2022-0867.yaml @@ -14,13 +14,15 @@ info: - https://wpscan.com/vulnerability/62803aae-9896-410b-9398-3497a838e494 - https://wordpress.org/plugins/arprice-responsive-pricing-table/ - https://nvd.nist.gov/vuln/detail/CVE-2022-0867 + - https://github.com/20142995/sectool + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-0867 cwe-id: CWE-89 epss-score: 0.09183 - epss-percentile: 0.94075 + epss-percentile: 0.9451 cpe: cpe:2.3:a:reputeinfosystems:pricing_table:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0869.yaml b/http/cves/2022/CVE-2022-0869.yaml index d7c4b3c55b..62a2b646ca 100644 --- a/http/cves/2022/CVE-2022-0869.yaml +++ b/http/cves/2022/CVE-2022-0869.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2022-0869 cwe-id: CWE-601 epss-score: 0.00115 - epss-percentile: 0.4495 + epss-percentile: 0.4417 cpe: cpe:2.3:a:spirit-project:spirit:*:*:*:*:*:*:*:* metadata: max-request: 4 diff --git a/http/cves/2022/CVE-2022-0870.yaml b/http/cves/2022/CVE-2022-0870.yaml index 9fbfb000a2..31f3cedb71 100644 --- a/http/cves/2022/CVE-2022-0870.yaml +++ b/http/cves/2022/CVE-2022-0870.yaml @@ -13,13 +13,15 @@ info: - https://github.com/gogs/gogs/commit/91f2cde5e95f146bfe4765e837e7282df6c7cabb - https://huntr.dev/bounties/327797d7-ae41-498f-9bff-cc0bf98cf531 - https://nvd.nist.gov/vuln/detail/CVE-2022-0870 + - https://github.com/cokeBeer/go-cves + - https://github.com/michaellrowley/michaellrowley classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2022-0870 cwe-id: CWE-918 - epss-score: 0.00197 - epss-percentile: 0.57573 + epss-score: 0.00179 + epss-percentile: 0.54242 cpe: cpe:2.3:a:gogs:gogs:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0899.yaml b/http/cves/2022/CVE-2022-0899.yaml index 92c072806d..f353d77390 100644 --- a/http/cves/2022/CVE-2022-0899.yaml +++ b/http/cves/2022/CVE-2022-0899.yaml @@ -14,8 +14,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-0899 cwe-id: CWE-79 - epss-score: 0.00141 - epss-percentile: 0.49748 + epss-score: 0.00106 + epss-percentile: 0.42122 cpe: cpe:2.3:a:draftpress:header_footer_code_manager:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0949.yaml b/http/cves/2022/CVE-2022-0949.yaml index b2f41458f3..526fb4e0ae 100644 --- a/http/cves/2022/CVE-2022-0949.yaml +++ b/http/cves/2022/CVE-2022-0949.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-0949 cwe-id: CWE-89 - epss-score: 0.03633 - epss-percentile: 0.90796 + epss-score: 0.04043 + epss-percentile: 0.91894 cpe: cpe:2.3:a:stopbadbots:block_and_stop_bad_bots:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0952.yaml b/http/cves/2022/CVE-2022-0952.yaml index 61b52b3c4c..9639a43c00 100644 --- a/http/cves/2022/CVE-2022-0952.yaml +++ b/http/cves/2022/CVE-2022-0952.yaml @@ -21,8 +21,8 @@ info: cvss-score: 8.8 cve-id: CVE-2022-0952 cwe-id: CWE-352 - epss-score: 0.08361 - epss-percentile: 0.93809 + epss-score: 0.33816 + epss-percentile: 0.96965 cpe: cpe:2.3:a:sitemap_project:sitemap:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-0968.yaml b/http/cves/2022/CVE-2022-0968.yaml index 39a0c59a71..77dfbdd534 100644 --- a/http/cves/2022/CVE-2022-0968.yaml +++ b/http/cves/2022/CVE-2022-0968.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-0968 cwe-id: CWE-190 epss-score: 0.00076 - epss-percentile: 0.31127 + epss-percentile: 0.30933 cpe: cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2022/CVE-2022-1007.yaml b/http/cves/2022/CVE-2022-1007.yaml index 0562ae5366..630f9b3844 100644 --- a/http/cves/2022/CVE-2022-1007.yaml +++ b/http/cves/2022/CVE-2022-1007.yaml @@ -15,13 +15,14 @@ info: - https://wordpress.org/plugins/advanced-booking-calendar/ - https://nvd.nist.gov/vuln/detail/cve-2022-1007 - https://plugins.trac.wordpress.org/changeset/2695427 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-1007 cwe-id: CWE-79 epss-score: 0.001 - epss-percentile: 0.40832 + epss-percentile: 0.40139 cpe: cpe:2.3:a:elbtide:advanced_booking_calendar:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-1013.yaml b/http/cves/2022/CVE-2022-1013.yaml index cd1ea311df..9776ea8c5c 100644 --- a/http/cves/2022/CVE-2022-1013.yaml +++ b/http/cves/2022/CVE-2022-1013.yaml @@ -13,13 +13,15 @@ info: - https://wpscan.com/vulnerability/eed70659-9e3e-42a2-b427-56c52e0fbc0d - https://wordpress.org/plugins/personal-dictionary/ - https://nvd.nist.gov/vuln/detail/CVE-2022-1013 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-1013 cwe-id: CWE-89 - epss-score: 0.02036 - epss-percentile: 0.87728 + epss-score: 0.02031 + epss-percentile: 0.88685 cpe: cpe:2.3:a:ays-pro:personal_dictionary:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-1040.yaml b/http/cves/2022/CVE-2022-1040.yaml index 3f5d531e56..1acb83212a 100644 --- a/http/cves/2022/CVE-2022-1040.yaml +++ b/http/cves/2022/CVE-2022-1040.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-1040 cwe-id: CWE-287 - epss-score: 0.97067 - epss-percentile: 0.99719 + epss-score: 0.97434 + epss-percentile: 0.99939 cpe: cpe:2.3:o:sophos:sfos:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-1054.yaml b/http/cves/2022/CVE-2022-1054.yaml index cc4d53c0a7..3eabb8c9b9 100644 --- a/http/cves/2022/CVE-2022-1054.yaml +++ b/http/cves/2022/CVE-2022-1054.yaml @@ -11,13 +11,15 @@ info: Update the WordPress RSVP and Event Management plugin to version 2.7.8 or later. reference: - https://wpscan.com/vulnerability/95a5fad1-e823-4571-8640-19bf5436578d + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2022-1054 cwe-id: CWE-862 epss-score: 0.00292 - epss-percentile: 0.65845 + epss-percentile: 0.68538 cpe: cpe:2.3:a:wpchill:rsvp_and_event_management:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-1057.yaml b/http/cves/2022/CVE-2022-1057.yaml index 567c31cdc6..27a3611f71 100644 --- a/http/cves/2022/CVE-2022-1057.yaml +++ b/http/cves/2022/CVE-2022-1057.yaml @@ -14,13 +14,15 @@ info: - https://wpscan.com/vulnerability/7c33ffc3-84d1-4a0f-a837-794cdc3ad243 - https://wordpress.org/plugins/pricing-deals-for-woocommerce/ - https://nvd.nist.gov/vuln/detail/CVE-2022-1057 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-1057 cwe-id: CWE-89 - epss-score: 0.02409 - epss-percentile: 0.88812 + epss-score: 0.05057 + epss-percentile: 0.92729 cpe: cpe:2.3:a:varktech:pricing_deals_for_woocommerce:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-1119.yaml b/http/cves/2022/CVE-2022-1119.yaml index 76d4e671bf..21ba3faee6 100644 --- a/http/cves/2022/CVE-2022-1119.yaml +++ b/http/cves/2022/CVE-2022-1119.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-1119 cwe-id: CWE-22 epss-score: 0.42222 - epss-percentile: 0.96983 + epss-percentile: 0.97228 cpe: cpe:2.3:a:simplefilelist:simple-file-list:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-1162.yaml b/http/cves/2022/CVE-2022-1162.yaml index c2fb606cc3..a1aa0bd099 100644 --- a/http/cves/2022/CVE-2022-1162.yaml +++ b/http/cves/2022/CVE-2022-1162.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-1162 cwe-id: CWE-798 - epss-score: 0.19954 - epss-percentile: 0.95889 + epss-score: 0.24455 + epss-percentile: 0.96514 cpe: cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-1168.yaml b/http/cves/2022/CVE-2022-1168.yaml index 483b4ada35..f7f866c0c8 100644 --- a/http/cves/2022/CVE-2022-1168.yaml +++ b/http/cves/2022/CVE-2022-1168.yaml @@ -12,13 +12,15 @@ info: - https://wpscan.com/vulnerability/bcf38e87-011e-4540-8bfb-c93443a4a490 - https://codecanyon.net/item/jobsearch-wp-job-board-wordpress-plugin/21066856 - https://nvd.nist.gov/vuln/detail/CVE-2022-1168 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-1168 cwe-id: CWE-79 epss-score: 0.001 - epss-percentile: 0.40832 + epss-percentile: 0.40139 cpe: cpe:2.3:a:eyecix:jobsearch_wp_job_board:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-1170.yaml b/http/cves/2022/CVE-2022-1170.yaml index 8fa2d46aae..f6d7ad959f 100644 --- a/http/cves/2022/CVE-2022-1170.yaml +++ b/http/cves/2022/CVE-2022-1170.yaml @@ -16,7 +16,7 @@ info: cve-id: CVE-2022-1170 cwe-id: CWE-79 epss-score: 0.001 - epss-percentile: 0.40832 + epss-percentile: 0.40139 cpe: cpe:2.3:a:nootheme:jobmonster:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-1329.yaml b/http/cves/2022/CVE-2022-1329.yaml index ab88dc72a6..d3581bb8f6 100644 --- a/http/cves/2022/CVE-2022-1329.yaml +++ b/http/cves/2022/CVE-2022-1329.yaml @@ -14,13 +14,14 @@ info: - https://wordpress.org/plugins/elementor/ - https://plugins.trac.wordpress.org/changeset/2708766/elementor/trunk/core/app/modules/onboarding/module.php - https://nvd.nist.gov/vuln/detail/CVE-2022-1329 + - https://github.com/dexit/CVE-2022-1329 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.8 cve-id: CVE-2022-1329 - cwe-id: CWE-434,CWE-862 - epss-score: 0.96427 - epss-percentile: 0.99471 + cwe-id: CWE-862,CWE-434 + epss-score: 0.96079 + epss-percentile: 0.99457 cpe: cpe:2.3:a:elementor:website_builder:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-1386.yaml b/http/cves/2022/CVE-2022-1386.yaml index 57a354adc0..007f11c577 100644 --- a/http/cves/2022/CVE-2022-1386.yaml +++ b/http/cves/2022/CVE-2022-1386.yaml @@ -15,18 +15,19 @@ info: - https://www.rootshellsecurity.net/rootshell-discovered-a-critical-vulnerability-in-top-wordpress-theme/ - https://theme-fusion.com/version-7-6-2-security-update/ - https://nvd.nist.gov/vuln/detail/CVE-2022-1386 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-1386 cwe-id: CWE-918 - epss-score: 0.34969 - epss-percentile: 0.96732 - cpe: cpe:2.3:a:theme-fusion:avada:*:*:*:*:*:wordpress:*:* + epss-score: 0.32824 + epss-percentile: 0.96921 + cpe: cpe:2.3:a:fusion_builder_project:fusion_builder:*:*:*:*:*:wordpress:*:* metadata: max-request: 2 - vendor: theme-fusion - product: avada + vendor: fusion_builder_project + product: fusion_builder framework: wordpress tags: cve,cve2022,wpscan,wordpress,ssrf,themefusion,wp,fusion,avada,intrusive,theme-fusion diff --git a/http/cves/2022/CVE-2022-1388.yaml b/http/cves/2022/CVE-2022-1388.yaml index e0915f1d22..063d5dbf77 100644 --- a/http/cves/2022/CVE-2022-1388.yaml +++ b/http/cves/2022/CVE-2022-1388.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-1388 cwe-id: CWE-306 - epss-score: 0.97318 - epss-percentile: 0.99863 + epss-score: 0.97477 + epss-percentile: 0.99964 cpe: cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-1390.yaml b/http/cves/2022/CVE-2022-1390.yaml index 058d410405..148be8bb9c 100644 --- a/http/cves/2022/CVE-2022-1390.yaml +++ b/http/cves/2022/CVE-2022-1390.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-1390 cwe-id: CWE-22 epss-score: 0.96052 - epss-percentile: 0.99371 + epss-percentile: 0.99452 cpe: cpe:2.3:a:admin_word_count_column_project:admin_word_count_column:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-1391.yaml b/http/cves/2022/CVE-2022-1391.yaml index e2b712cee1..b97dc90857 100644 --- a/http/cves/2022/CVE-2022-1391.yaml +++ b/http/cves/2022/CVE-2022-1391.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-1391 cwe-id: CWE-22 epss-score: 0.03037 - epss-percentile: 0.89994 + epss-percentile: 0.9075 cpe: cpe:2.3:a:kanev:cab_fare_calculator:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-1398.yaml b/http/cves/2022/CVE-2022-1398.yaml index 42a47d17ce..6fc2483ed8 100644 --- a/http/cves/2022/CVE-2022-1398.yaml +++ b/http/cves/2022/CVE-2022-1398.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.5 cve-id: CVE-2022-1398 cwe-id: CWE-918 - epss-score: 0.00725 - epss-percentile: 0.78658 + epss-score: 0.00516 + epss-percentile: 0.76247 cpe: cpe:2.3:a:external_media_without_import_project:external_media_without_import:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-1439.yaml b/http/cves/2022/CVE-2022-1439.yaml index 9f975d5ebc..42fd001e5c 100644 --- a/http/cves/2022/CVE-2022-1439.yaml +++ b/http/cves/2022/CVE-2022-1439.yaml @@ -14,13 +14,14 @@ info: - https://huntr.dev/bounties/86f6a762-0f3d-443d-a676-20f8496907e0 - https://github.com/microweber/microweber/commit/ad3928f67b2cd4443f4323d858b666d35a919ba8 - https://nvd.nist.gov/vuln/detail/CVE-2022-1439 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-1439 cwe-id: CWE-79 epss-score: 0.001 - epss-percentile: 0.40832 + epss-percentile: 0.40139 cpe: cpe:2.3:a:microweber:microweber:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-1574.yaml b/http/cves/2022/CVE-2022-1574.yaml index ba386232a7..27a6c2cadf 100644 --- a/http/cves/2022/CVE-2022-1574.yaml +++ b/http/cves/2022/CVE-2022-1574.yaml @@ -14,13 +14,14 @@ info: - https://wpscan.com/vulnerability/c36d0ea8-bf5c-4af9-bd3d-911eb02adc14 - https://wordpress.org/plugins/html2wp/ - https://nvd.nist.gov/vuln/detail/CVE-2022-1574 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-1574 cwe-id: CWE-352 - epss-score: 0.04337 - epss-percentile: 0.91477 + epss-score: 0.03019 + epss-percentile: 0.90712 cpe: cpe:2.3:a:html2wp_project:html2wp:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-1597.yaml b/http/cves/2022/CVE-2022-1597.yaml index c37fcfdc87..5f20fe6345 100644 --- a/http/cves/2022/CVE-2022-1597.yaml +++ b/http/cves/2022/CVE-2022-1597.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-1597 cwe-id: CWE-79 epss-score: 0.00188 - epss-percentile: 0.5634 + epss-percentile: 0.55258 cpe: cpe:2.3:a:2code:wpqa_builder:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-1598.yaml b/http/cves/2022/CVE-2022-1598.yaml index 1197b9635d..0ad0bcfa85 100644 --- a/http/cves/2022/CVE-2022-1598.yaml +++ b/http/cves/2022/CVE-2022-1598.yaml @@ -14,13 +14,15 @@ info: - https://wpscan.com/vulnerability/0416ae2f-5670-4080-a88d-3484bb19d8c8 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1598 - https://nvd.nist.gov/vuln/detail/CVE-2022-1598 + - https://github.com/20142995/Goby + - https://github.com/WhooAmii/POC_to_review classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2022-1598 cwe-id: CWE-306 - epss-score: 0.01562 - epss-percentile: 0.85821 + epss-score: 0.01171 + epss-percentile: 0.84672 cpe: cpe:2.3:a:2code:wpqa_builder:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-1609.yaml b/http/cves/2022/CVE-2022-1609.yaml index 72e27f8fea..ad106442c7 100644 --- a/http/cves/2022/CVE-2022-1609.yaml +++ b/http/cves/2022/CVE-2022-1609.yaml @@ -12,14 +12,23 @@ info: reference: - https://wpscan.com/vulnerability/e2d546c9-85b6-47a4-b951-781b9ae5d0f2 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1609 + - https://github.com/nastar-id/WP-school-management-RCE + - https://github.com/nomi-sec/PoC-in-GitHub + - https://github.com/0x007f/cve-2022-1609-exploit classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H - cvss-score: 10 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 cve-id: CVE-2022-1609 - cwe-id: CWE-77 + cwe-id: CWE-94 + epss-score: 0.11941 + epss-percentile: 0.95204 + cpe: cpe:2.3:a:weblizar:school_management:*:*:*:*:pro:wordpress:*:* metadata: verified: false max-request: 1 + vendor: weblizar + product: school_management + framework: wordpress tags: cve,cve2022,rce,wp,backdoor,wpscan,wordpress variables: cmd: "echo CVE-2022-1609 | rev" diff --git a/http/cves/2022/CVE-2022-1713.yaml b/http/cves/2022/CVE-2022-1713.yaml index 6fd60675ea..4fffc8d760 100644 --- a/http/cves/2022/CVE-2022-1713.yaml +++ b/http/cves/2022/CVE-2022-1713.yaml @@ -14,13 +14,14 @@ info: - https://huntr.dev/bounties/cad3902f-3afb-4ed2-abd0-9f96a248de11 - https://github.com/jgraph/drawio/commit/283d41ec80ad410d68634245cf56114bc19331ee - https://nvd.nist.gov/vuln/detail/CVE-2022-1713 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2022-1713 cwe-id: CWE-918 epss-score: 0.0258 - epss-percentile: 0.89152 + epss-percentile: 0.90003 cpe: cpe:2.3:a:diagrams:drawio:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-1724.yaml b/http/cves/2022/CVE-2022-1724.yaml index 230aa8a3be..7037c42af5 100644 --- a/http/cves/2022/CVE-2022-1724.yaml +++ b/http/cves/2022/CVE-2022-1724.yaml @@ -14,13 +14,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2022-1724 - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/cyllective/CVEs classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-1724 cwe-id: CWE-79 epss-score: 0.00106 - epss-percentile: 0.42899 + epss-percentile: 0.42122 cpe: cpe:2.3:a:simple-membership-plugin:simple_membership:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-1815.yaml b/http/cves/2022/CVE-2022-1815.yaml index 5c45250bdf..dc263b27f5 100644 --- a/http/cves/2022/CVE-2022-1815.yaml +++ b/http/cves/2022/CVE-2022-1815.yaml @@ -15,13 +15,14 @@ info: - https://huntr.dev/bounties/6e856a25-9117-47c6-9375-52f78876902f - https://github.com/jgraph/drawio/commit/c287bef9101d024b1fd59d55ecd530f25000f9d8 - https://nvd.nist.gov/vuln/detail/CVE-2022-1815 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2022-1815 - cwe-id: CWE-200,CWE-918 + cwe-id: CWE-918,CWE-200 epss-score: 0.02327 - epss-percentile: 0.88615 + epss-percentile: 0.89496 cpe: cpe:2.3:a:diagrams:drawio:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-1883.yaml b/http/cves/2022/CVE-2022-1883.yaml index 9f1b154e2c..6fbac40edc 100644 --- a/http/cves/2022/CVE-2022-1883.yaml +++ b/http/cves/2022/CVE-2022-1883.yaml @@ -15,13 +15,14 @@ info: - https://github.com/camptocamp/terraboard/commit/2a5dbaac015dc0714b41a59995e24f5767f89ddc - https://huntr.dev/bounties/a25d15bd-cd23-487e-85cd-587960f1b9e7 - https://nvd.nist.gov/vuln/detail/CVE-2022-1883 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.8 cve-id: CVE-2022-1883 cwe-id: CWE-89 epss-score: 0.1005 - epss-percentile: 0.94357 + epss-percentile: 0.94774 cpe: cpe:2.3:a:camptocamp:terraboard:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-1904.yaml b/http/cves/2022/CVE-2022-1904.yaml index a3aa9b12cc..3fc634794a 100644 --- a/http/cves/2022/CVE-2022-1904.yaml +++ b/http/cves/2022/CVE-2022-1904.yaml @@ -13,13 +13,16 @@ info: reference: - https://wpscan.com/vulnerability/92215d07-d129-49b4-a838-0de1a944c06b - https://nvd.nist.gov/vuln/detail/CVE-2022-1904 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/cyllective/CVEs classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-1904 cwe-id: CWE-79 - epss-score: 0.00099 - epss-percentile: 0.40609 + epss-score: 0.00086 + epss-percentile: 0.35299 cpe: cpe:2.3:a:fatcatapps:easy_pricing_tables:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-1906.yaml b/http/cves/2022/CVE-2022-1906.yaml index bc34fd728d..61be7deda3 100644 --- a/http/cves/2022/CVE-2022-1906.yaml +++ b/http/cves/2022/CVE-2022-1906.yaml @@ -14,13 +14,14 @@ info: - https://wpscan.com/vulnerability/af4f459e-e60b-4384-aad9-0dc18aa3b338 - https://nvd.nist.gov/vuln/detail/CVE-2022-1906 - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/cyllective/CVEs classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-1906 cwe-id: CWE-79 - epss-score: 0.00115 - epss-percentile: 0.45124 + epss-score: 0.00086 + epss-percentile: 0.35299 cpe: cpe:2.3:a:digiprove:copyright_proof:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-1916.yaml b/http/cves/2022/CVE-2022-1916.yaml index 7b8932c612..4b4ed5e82d 100644 --- a/http/cves/2022/CVE-2022-1916.yaml +++ b/http/cves/2022/CVE-2022-1916.yaml @@ -13,18 +13,20 @@ info: reference: - https://wpscan.com/vulnerability/d16a0c3d-4318-4ecd-9e65-fc4165af8808 - https://nvd.nist.gov/vuln/detail/CVE-2022-1916 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/cyllective/CVEs classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-1916 cwe-id: CWE-79 - epss-score: 0.00099 - epss-percentile: 0.40609 - cpe: cpe:2.3:a:pluginus:active_products_tables_for_woocommerce:*:*:*:*:*:wordpress:*:* + epss-score: 0.00086 + epss-percentile: 0.35299 + cpe: cpe:2.3:a:pluginus:woot:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 vendor: pluginus - product: active_products_tables_for_woocommerce + product: woot framework: wordpress tags: cve,cve2022,wordpress,wp-plugin,xss,wpscan,wp,pluginus diff --git a/http/cves/2022/CVE-2022-1933.yaml b/http/cves/2022/CVE-2022-1933.yaml index e9c88fc78c..eb26ec76af 100644 --- a/http/cves/2022/CVE-2022-1933.yaml +++ b/http/cves/2022/CVE-2022-1933.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-1933 cwe-id: CWE-79 - epss-score: 0.00099 - epss-percentile: 0.40661 + epss-score: 0.00086 + epss-percentile: 0.35299 cpe: cpe:2.3:a:collect_and_deliver_interface_for_woocommerce_project:collect_and_deliver_interface_for_woocommerce:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-1937.yaml b/http/cves/2022/CVE-2022-1937.yaml index 386dccfb22..3014afed0c 100644 --- a/http/cves/2022/CVE-2022-1937.yaml +++ b/http/cves/2022/CVE-2022-1937.yaml @@ -14,13 +14,14 @@ info: - https://wpscan.com/vulnerability/eb40ea5d-a463-4947-9a40-d55911ff50e9 - https://nvd.nist.gov/vuln/detail/CVE-2022-1937 - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/cyllective/CVEs classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-1937 cwe-id: CWE-79 - epss-score: 0.00099 - epss-percentile: 0.40661 + epss-score: 0.00086 + epss-percentile: 0.35299 cpe: cpe:2.3:a:awin:awin_data_feed:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-1952.yaml b/http/cves/2022/CVE-2022-1952.yaml index 9018c0a8e0..0a4749cc44 100644 --- a/http/cves/2022/CVE-2022-1952.yaml +++ b/http/cves/2022/CVE-2022-1952.yaml @@ -14,13 +14,15 @@ info: - https://wpscan.com/vulnerability/ecf61d17-8b07-4cb6-93a8-64c2c4fbbe04 - https://wordpress.org/plugins/easync-booking/ - https://nvd.nist.gov/vuln/detail/CVE-2022-1952 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/cyllective/CVEs classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-1952 cwe-id: CWE-434 - epss-score: 0.94802 - epss-percentile: 0.99101 + epss-score: 0.93584 + epss-percentile: 0.99051 cpe: cpe:2.3:a:syntactics:free_booking_plugin_for_hotels\,_restaurant_and_car_rental:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-2034.yaml b/http/cves/2022/CVE-2022-2034.yaml index feb23e7198..655cef27e3 100644 --- a/http/cves/2022/CVE-2022-2034.yaml +++ b/http/cves/2022/CVE-2022-2034.yaml @@ -19,8 +19,8 @@ info: cvss-score: 5.3 cve-id: CVE-2022-2034 cwe-id: CWE-639 - epss-score: 0.00473 - epss-percentile: 0.73121 + epss-score: 0.00506 + epss-percentile: 0.76026 cpe: cpe:2.3:a:automattic:sensei_lms:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-21500.yaml b/http/cves/2022/CVE-2022-21500.yaml index b8e7d43fd8..f29c62f33c 100644 --- a/http/cves/2022/CVE-2022-21500.yaml +++ b/http/cves/2022/CVE-2022-21500.yaml @@ -20,8 +20,8 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2022-21500 - epss-score: 0.24528 - epss-percentile: 0.96196 + epss-score: 0.92631 + epss-percentile: 0.98947 cpe: cpe:2.3:a:oracle:e-business_suite:12.2:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-21587.yaml b/http/cves/2022/CVE-2022-21587.yaml index 740f479f68..785245a7af 100644 --- a/http/cves/2022/CVE-2022-21587.yaml +++ b/http/cves/2022/CVE-2022-21587.yaml @@ -13,13 +13,14 @@ info: - https://www.oracle.com/security-alerts/cpuoct2022.html - https://nvd.nist.gov/vuln/detail/CVE-2022-21587 - http://packetstormsecurity.com/files/171208/Oracle-E-Business-Suite-EBS-Unauthenticated-Arbitrary-File-Upload.html + - https://github.com/manas3c/CVE-POC classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-21587 cwe-id: CWE-306 - epss-score: 0.96418 - epss-percentile: 0.99469 + epss-score: 0.97315 + epss-percentile: 0.99868 cpe: cpe:2.3:a:oracle:e-business_suite:*:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2022/CVE-2022-21661.yaml b/http/cves/2022/CVE-2022-21661.yaml index 312639f08d..7b1fa0cafc 100644 --- a/http/cves/2022/CVE-2022-21661.yaml +++ b/http/cves/2022/CVE-2022-21661.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2022-21661 cwe-id: CWE-89 - epss-score: 0.94068 - epss-percentile: 0.98994 + epss-score: 0.93536 + epss-percentile: 0.99044 cpe: cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-21705.yaml b/http/cves/2022/CVE-2022-21705.yaml index 5a154d6349..714ce9f0fd 100644 --- a/http/cves/2022/CVE-2022-21705.yaml +++ b/http/cves/2022/CVE-2022-21705.yaml @@ -15,13 +15,14 @@ info: - https://github.com/octobercms/october/security/advisories/GHSA-79jw-2f46-wv22 - https://cyllective.com/blog/post/octobercms-cve-2022-21705/ - https://nvd.nist.gov/vuln/detail/CVE-2022-21705 + - https://github.com/cyllective/CVEs classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H cvss-score: 7.2 cve-id: CVE-2022-21705 cwe-id: CWE-74,NVD-CWE-Other epss-score: 0.00522 - epss-percentile: 0.74345 + epss-percentile: 0.76405 cpe: cpe:2.3:a:octobercms:october:*:*:*:*:*:*:*:* metadata: max-request: 5 diff --git a/http/cves/2022/CVE-2022-2185.yaml b/http/cves/2022/CVE-2022-2185.yaml index 382e0b38f7..01e21c2cc2 100644 --- a/http/cves/2022/CVE-2022-2185.yaml +++ b/http/cves/2022/CVE-2022-2185.yaml @@ -20,8 +20,8 @@ info: cvss-score: 8.8 cve-id: CVE-2022-2185 cwe-id: CWE-78 - epss-score: 0.50111 - epss-percentile: 0.9723 + epss-score: 0.5071 + epss-percentile: 0.97469 cpe: cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-2219.yaml b/http/cves/2022/CVE-2022-2219.yaml index 8c18f4c719..d783a25275 100644 --- a/http/cves/2022/CVE-2022-2219.yaml +++ b/http/cves/2022/CVE-2022-2219.yaml @@ -12,13 +12,14 @@ info: reference: - https://wpscan.com/vulnerability/1240797c-7f45-4c36-83f0-501c544ce76a - https://nvd.nist.gov/vuln/detail/CVE-2022-2219 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N cvss-score: 7.2 cve-id: CVE-2022-2219 cwe-id: CWE-79 - epss-score: 0.00212 - epss-percentile: 0.5901 + epss-score: 0.00159 + epss-percentile: 0.51461 cpe: cpe:2.3:a:brizy:unyson:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-22242.yaml b/http/cves/2022/CVE-2022-22242.yaml index ed903cd944..e6925b579b 100644 --- a/http/cves/2022/CVE-2022-22242.yaml +++ b/http/cves/2022/CVE-2022-22242.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-22242 cwe-id: CWE-79 - epss-score: 0.04391 - epss-percentile: 0.91557 + epss-score: 0.41023 + epss-percentile: 0.972 cpe: cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-22536.yaml b/http/cves/2022/CVE-2022-22536.yaml index 728d7f7f67..23f22c4f91 100644 --- a/http/cves/2022/CVE-2022-22536.yaml +++ b/http/cves/2022/CVE-2022-22536.yaml @@ -20,8 +20,8 @@ info: cvss-score: 10 cve-id: CVE-2022-22536 cwe-id: CWE-444 - epss-score: 0.95569 - epss-percentile: 0.99268 + epss-score: 0.96507 + epss-percentile: 0.99572 cpe: cpe:2.3:a:sap:content_server:7.53:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2022/CVE-2022-22733.yaml b/http/cves/2022/CVE-2022-22733.yaml index 46504fc2d1..059fb8698c 100644 --- a/http/cves/2022/CVE-2022-22733.yaml +++ b/http/cves/2022/CVE-2022-22733.yaml @@ -15,13 +15,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2022-22733 - https://lists.apache.org/thread/qpdsm936n9bhksb0rzn6bq1h7ord2nm6 - http://www.openwall.com/lists/oss-security/2022/01/20/2 + - https://github.com/Zeyad-Azima/CVE-2022-22733 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N cvss-score: 6.5 cve-id: CVE-2022-22733 cwe-id: CWE-200 - epss-score: 0.15006 - epss-percentile: 0.95289 + epss-score: 0.12656 + epss-percentile: 0.95328 cpe: cpe:2.3:a:apache:shardingsphere_elasticjob-ui:3.0.0:-:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-2290.yaml b/http/cves/2022/CVE-2022-2290.yaml index 42d0434ebf..02a8b7a18b 100644 --- a/http/cves/2022/CVE-2022-2290.yaml +++ b/http/cves/2022/CVE-2022-2290.yaml @@ -14,13 +14,14 @@ info: - https://github.com/zadam/trilium - https://github.com/zadam/trilium/commit/3faae63b849a1fabc31b823bb7af3a84d32256a7 - https://nvd.nist.gov/vuln/detail/CVE-2022-2290 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-2290 cwe-id: CWE-79 - epss-score: 0.00115 - epss-percentile: 0.44926 + epss-score: 0.001 + epss-percentile: 0.40139 cpe: cpe:2.3:a:trilium_project:trilium:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-22963.yaml b/http/cves/2022/CVE-2022-22963.yaml index 6701cfcf29..4f79c19a62 100644 --- a/http/cves/2022/CVE-2022-22963.yaml +++ b/http/cves/2022/CVE-2022-22963.yaml @@ -21,9 +21,9 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-22963 - cwe-id: CWE-917,CWE-94 - epss-score: 0.97528 - epss-percentile: 0.99991 + cwe-id: CWE-94,CWE-917 + epss-score: 0.97537 + epss-percentile: 0.99993 cpe: cpe:2.3:a:vmware:spring_cloud_function:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-22965.yaml b/http/cves/2022/CVE-2022-22965.yaml index 1b77abf64d..e22aba8270 100644 --- a/http/cves/2022/CVE-2022-22965.yaml +++ b/http/cves/2022/CVE-2022-22965.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-22965 cwe-id: CWE-94 - epss-score: 0.97424 - epss-percentile: 0.99927 + epss-score: 0.97493 + epss-percentile: 0.99972 cpe: cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:* metadata: max-request: 4 diff --git a/http/cves/2022/CVE-2022-23102.yaml b/http/cves/2022/CVE-2022-23102.yaml index 356fab7452..47f33955f0 100644 --- a/http/cves/2022/CVE-2022-23102.yaml +++ b/http/cves/2022/CVE-2022-23102.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-23102 cwe-id: CWE-601 epss-score: 0.00366 - epss-percentile: 0.69645 + epss-percentile: 0.71925 cpe: cpe:2.3:a:siemens:sinema_remote_connect_server:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2022/CVE-2022-23178.yaml b/http/cves/2022/CVE-2022-23178.yaml index 80e58a6a82..2fa3355981 100644 --- a/http/cves/2022/CVE-2022-23178.yaml +++ b/http/cves/2022/CVE-2022-23178.yaml @@ -14,13 +14,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2022-23178 - https://de.crestron.com/Products/Video/HDMI-Solutions/HDMI-Switchers/HD-MD4X2-4K-E - https://www.redteam-pentesting.de/advisories/rt-sa-2021-009 + - https://github.com/Threekiii/Awesome-POC classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-23178 cwe-id: CWE-287 epss-score: 0.03228 - epss-percentile: 0.90237 + epss-percentile: 0.90998 cpe: cpe:2.3:o:crestron:hd-md4x2-4k-e_firmware:1.0.0.2159:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-23347.yaml b/http/cves/2022/CVE-2022-23347.yaml index 28dd0f5522..ac57711fce 100644 --- a/http/cves/2022/CVE-2022-23347.yaml +++ b/http/cves/2022/CVE-2022-23347.yaml @@ -14,13 +14,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2022-23347 - http://bigant.com - https://www.bigantsoft.com/ + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2022-23347 cwe-id: CWE-22 epss-score: 0.1468 - epss-percentile: 0.95244 + epss-percentile: 0.95635 cpe: cpe:2.3:a:bigantsoft:bigant_server:5.6.06:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-2373.yaml b/http/cves/2022/CVE-2022-2373.yaml index 826f1a2262..b743fbc5e5 100644 --- a/http/cves/2022/CVE-2022-2373.yaml +++ b/http/cves/2022/CVE-2022-2373.yaml @@ -21,8 +21,8 @@ info: cvss-score: 5.3 cve-id: CVE-2022-2373 cwe-id: CWE-862 - epss-score: 0.00328 - epss-percentile: 0.67961 + epss-score: 0.00292 + epss-percentile: 0.68538 cpe: cpe:2.3:a:nsqua:simply_schedule_appointments:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-2376.yaml b/http/cves/2022/CVE-2022-2376.yaml index b7b10ff989..ba488526d6 100644 --- a/http/cves/2022/CVE-2022-2376.yaml +++ b/http/cves/2022/CVE-2022-2376.yaml @@ -12,13 +12,15 @@ info: - https://wpscan.com/vulnerability/437c4330-376a-4392-86c6-c4c7ed9583ad - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2376 - https://nvd.nist.gov/vuln/detail/CVE-2022-2376 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2022-2376 cwe-id: CWE-862 - epss-score: 0.04117 - epss-percentile: 0.91273 + epss-score: 0.04177 + epss-percentile: 0.92016 cpe: cpe:2.3:a:wpwax:directorist:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-23779.yaml b/http/cves/2022/CVE-2022-23779.yaml index b5e410206d..35dfe02277 100644 --- a/http/cves/2022/CVE-2022-23779.yaml +++ b/http/cves/2022/CVE-2022-23779.yaml @@ -13,13 +13,15 @@ info: - https://www.manageengine.com/products/desktop-central/cve-2022-23779.html - https://github.com/fbusr/CVE-2022-23779 - https://nvd.nist.gov/vuln/detail/CVE-2022-23779 + - https://github.com/soosmile/POC + - https://github.com/zecool/cve classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2022-23779 cwe-id: CWE-200 - epss-score: 0.01697 - epss-percentile: 0.86382 + epss-score: 0.00667 + epss-percentile: 0.79289 cpe: cpe:2.3:a:zohocorp:manageengine_desktop_central:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-23854.yaml b/http/cves/2022/CVE-2022-23854.yaml index 42b560a3a1..15843dd5b4 100644 --- a/http/cves/2022/CVE-2022-23854.yaml +++ b/http/cves/2022/CVE-2022-23854.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2022-23854 cwe-id: CWE-22,CWE-23 - epss-score: 0.82863 - epss-percentile: 0.98149 + epss-score: 0.66314 + epss-percentile: 0.97841 cpe: cpe:2.3:a:aveva:intouch_access_anywhere:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-23881.yaml b/http/cves/2022/CVE-2022-23881.yaml index 5d8d07efdd..0844f96bc3 100644 --- a/http/cves/2022/CVE-2022-23881.yaml +++ b/http/cves/2022/CVE-2022-23881.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-23881 cwe-id: CWE-77 - epss-score: 0.19726 - epss-percentile: 0.95888 + epss-score: 0.16723 + epss-percentile: 0.95904 cpe: cpe:2.3:a:zzzcms:zzzphp:2.1.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-23898.yaml b/http/cves/2022/CVE-2022-23898.yaml index e1b11ec8b3..7815cef4c7 100644 --- a/http/cves/2022/CVE-2022-23898.yaml +++ b/http/cves/2022/CVE-2022-23898.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-23898 cwe-id: CWE-89 - epss-score: 0.02031 - epss-percentile: 0.87755 + epss-score: 0.0161 + epss-percentile: 0.87161 cpe: cpe:2.3:a:mingsoft:mcms:5.2.5:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-24124.yaml b/http/cves/2022/CVE-2022-24124.yaml index c07d0dd02b..1432ac2db6 100644 --- a/http/cves/2022/CVE-2022-24124.yaml +++ b/http/cves/2022/CVE-2022-24124.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-24124 cwe-id: CWE-89 epss-score: 0.07543 - epss-percentile: 0.93505 + epss-percentile: 0.93981 cpe: cpe:2.3:a:casbin:casdoor:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-24181.yaml b/http/cves/2022/CVE-2022-24181.yaml index 10fb448416..bf04b07faa 100644 --- a/http/cves/2022/CVE-2022-24181.yaml +++ b/http/cves/2022/CVE-2022-24181.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-24181 cwe-id: CWE-79 epss-score: 0.0017 - epss-percentile: 0.54089 + epss-percentile: 0.53018 cpe: cpe:2.3:a:public_knowledge_project:open_journal_systems:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-24223.yaml b/http/cves/2022/CVE-2022-24223.yaml index e6e2a0c1ae..55453399a2 100644 --- a/http/cves/2022/CVE-2022-24223.yaml +++ b/http/cves/2022/CVE-2022-24223.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-24223 cwe-id: CWE-89 - epss-score: 0.2364 - epss-percentile: 0.96161 + epss-score: 0.27442 + epss-percentile: 0.96689 cpe: cpe:2.3:a:thedigitalcraft:atomcms:2.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-24260.yaml b/http/cves/2022/CVE-2022-24260.yaml index f19d996703..ca76cb2eb1 100644 --- a/http/cves/2022/CVE-2022-24260.yaml +++ b/http/cves/2022/CVE-2022-24260.yaml @@ -13,13 +13,15 @@ info: - https://kerbit.io/research/read/blog/3 - https://nvd.nist.gov/vuln/detail/CVE-2022-24260 - https://www.voipmonitor.org/changelog-gui?major=5 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-24260 cwe-id: CWE-89 - epss-score: 0.35139 - epss-percentile: 0.96737 + epss-score: 0.28138 + epss-percentile: 0.96726 cpe: cpe:2.3:a:voipmonitor:voipmonitor:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-24265.yaml b/http/cves/2022/CVE-2022-24265.yaml index 80025b8891..6860c7dd20 100644 --- a/http/cves/2022/CVE-2022-24265.yaml +++ b/http/cves/2022/CVE-2022-24265.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2022-24265 cwe-id: CWE-89 - epss-score: 0.04717 - epss-percentile: 0.91844 + epss-score: 0.05054 + epss-percentile: 0.92726 cpe: cpe:2.3:a:cuppacms:cuppacms:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-24266.yaml b/http/cves/2022/CVE-2022-24266.yaml index a51c1096b3..980538bae5 100644 --- a/http/cves/2022/CVE-2022-24266.yaml +++ b/http/cves/2022/CVE-2022-24266.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2022-24266 cwe-id: CWE-89 - epss-score: 0.0318 - epss-percentile: 0.90197 + epss-score: 0.03412 + epss-percentile: 0.91229 cpe: cpe:2.3:a:cuppacms:cuppacms:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-24288.yaml b/http/cves/2022/CVE-2022-24288.yaml index 13d6b298f4..057e7e2b17 100644 --- a/http/cves/2022/CVE-2022-24288.yaml +++ b/http/cves/2022/CVE-2022-24288.yaml @@ -13,13 +13,15 @@ info: - https://github.com/advisories/GHSA-3v7g-4pg3-7r6j - https://nvd.nist.gov/vuln/detail/CVE-2022-24288 - https://lists.apache.org/thread/dbw5ozcmr0h0lhs0yjph7xdc64oht23t + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/Hax0rG1rl/my_cve_and_bounty_poc classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.8 cve-id: CVE-2022-24288 cwe-id: CWE-78 - epss-score: 0.88581 - epss-percentile: 0.98442 + epss-score: 0.81676 + epss-percentile: 0.98279 cpe: cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-2462.yaml b/http/cves/2022/CVE-2022-2462.yaml index 8cc3673d71..48a84943cc 100644 --- a/http/cves/2022/CVE-2022-2462.yaml +++ b/http/cves/2022/CVE-2022-2462.yaml @@ -21,8 +21,8 @@ info: cvss-score: 5.3 cve-id: CVE-2022-2462 cwe-id: CWE-200 - epss-score: 0.01405 - epss-percentile: 0.85028 + epss-score: 0.02698 + epss-percentile: 0.90234 cpe: cpe:2.3:a:transposh:transposh_wordpress_translation:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-24716.yaml b/http/cves/2022/CVE-2022-24716.yaml index 98c1add69d..3388a6c250 100644 --- a/http/cves/2022/CVE-2022-24716.yaml +++ b/http/cves/2022/CVE-2022-24716.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2022-24716 cwe-id: CWE-22 - epss-score: 0.22439 - epss-percentile: 0.96082 + epss-score: 0.25375 + epss-percentile: 0.96582 cpe: cpe:2.3:a:icinga:icinga_web_2:*:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2022/CVE-2022-24816.yaml b/http/cves/2022/CVE-2022-24816.yaml index 9bd34eaedf..682f885cbe 100644 --- a/http/cves/2022/CVE-2022-24816.yaml +++ b/http/cves/2022/CVE-2022-24816.yaml @@ -14,13 +14,14 @@ info: - https://github.com/geosolutions-it/jai-ext/security/advisories/GHSA-v92f-jx6p-73rx - https://github.com/geosolutions-it/jai-ext/commit/cb1d6565d38954676b0a366da4f965fef38da1cb - https://nvd.nist.gov/vuln/detail/CVE-2022-24816 + - https://github.com/tanjiti/sec_profile classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-24816 cwe-id: CWE-94 - epss-score: 0.86507 - epss-percentile: 0.98326 + epss-score: 0.86265 + epss-percentile: 0.98506 cpe: cpe:2.3:a:geosolutionsgroup:jai-ext:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-24856.yaml b/http/cves/2022/CVE-2022-24856.yaml index 5f77f4427c..2567f01bcb 100644 --- a/http/cves/2022/CVE-2022-24856.yaml +++ b/http/cves/2022/CVE-2022-24856.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2022-24856 cwe-id: CWE-918 - epss-score: 0.07548 - epss-percentile: 0.93507 + epss-score: 0.08397 + epss-percentile: 0.94255 cpe: cpe:2.3:a:flyte:flyte_console:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-2486.yaml b/http/cves/2022/CVE-2022-2486.yaml index 9123d1346b..8b479ef1fb 100644 --- a/http/cves/2022/CVE-2022-2486.yaml +++ b/http/cves/2022/CVE-2022-2486.yaml @@ -15,13 +15,14 @@ info: - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2486 - https://vuldb.com/?id.204537 - https://nvd.nist.gov/vuln/detail/CVE-2022-2486 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-2486 cwe-id: CWE-78 - epss-score: 0.97301 - epss-percentile: 0.99853 + epss-score: 0.97331 + epss-percentile: 0.99879 cpe: cpe:2.3:o:wavlink:wl-wn535k2_firmware:-:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-24899.yaml b/http/cves/2022/CVE-2022-24899.yaml index 3093562979..a44c2d06ae 100644 --- a/http/cves/2022/CVE-2022-24899.yaml +++ b/http/cves/2022/CVE-2022-24899.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-24899 cwe-id: CWE-79 epss-score: 0.00342 - epss-percentile: 0.68575 + epss-percentile: 0.70926 cpe: cpe:2.3:a:contao:contao:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-24990.yaml b/http/cves/2022/CVE-2022-24990.yaml index f42a2d5cf0..5fdbc53797 100644 --- a/http/cves/2022/CVE-2022-24990.yaml +++ b/http/cves/2022/CVE-2022-24990.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2022-24990 cwe-id: CWE-306 - epss-score: 0.91953 - epss-percentile: 0.98735 + epss-score: 0.9593 + epss-percentile: 0.99416 cpe: cpe:2.3:o:terra-master:terramaster_operating_system:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-25082.yaml b/http/cves/2022/CVE-2022-25082.yaml index bde19773c2..e221a82dcb 100644 --- a/http/cves/2022/CVE-2022-25082.yaml +++ b/http/cves/2022/CVE-2022-25082.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2022-25082 cwe-id: CWE-78 epss-score: 0.0417 - epss-percentile: 0.91362 + epss-percentile: 0.92009 cpe: cpe:2.3:o:totolink:a950rg_firmware:4.1.2cu.5204_b20210112:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2022/CVE-2022-25149.yaml b/http/cves/2022/CVE-2022-25149.yaml index 2e8489c227..5b3b6979a9 100644 --- a/http/cves/2022/CVE-2022-25149.yaml +++ b/http/cves/2022/CVE-2022-25149.yaml @@ -17,8 +17,8 @@ info: cvss-score: 7.5 cve-id: CVE-2022-25149 cwe-id: CWE-89 - epss-score: 0.34697 - epss-percentile: 0.96721 + epss-score: 0.36793 + epss-percentile: 0.97067 cpe: cpe:2.3:a:veronalabs:wp_statistics:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-25216.yaml b/http/cves/2022/CVE-2022-25216.yaml index a7cc070244..7bfe2fbd85 100644 --- a/http/cves/2022/CVE-2022-25216.yaml +++ b/http/cves/2022/CVE-2022-25216.yaml @@ -12,13 +12,15 @@ info: reference: - https://www.tenable.com/security/research/tra-2022-07 - https://nvd.nist.gov/vuln/detail/CVE-2022-25216 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2022-25216 cwe-id: CWE-22 - epss-score: 0.01312 - epss-percentile: 0.84466 + epss-score: 0.01345 + epss-percentile: 0.85828 cpe: cpe:2.3:a:dvdfab:12_player:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-2535.yaml b/http/cves/2022/CVE-2022-2535.yaml index 8094a87d9b..d81472bc9c 100644 --- a/http/cves/2022/CVE-2022-2535.yaml +++ b/http/cves/2022/CVE-2022-2535.yaml @@ -10,13 +10,14 @@ info: reference: - https://wpscan.com/vulnerability/0e13c375-044c-4c2e-ab8e-48cb89d90d02 - https://nvd.nist.gov/vuln/detail/CVE-2022-2535 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2022-2535 cwe-id: CWE-639 - epss-score: 0.00223 - epss-percentile: 0.60539 + epss-score: 0.00198 + epss-percentile: 0.56687 cpe: cpe:2.3:a:searchwp:searchwp_live_ajax_search:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-25356.yaml b/http/cves/2022/CVE-2022-25356.yaml index 9a4f9cc32f..b5ace9a885 100644 --- a/http/cves/2022/CVE-2022-25356.yaml +++ b/http/cves/2022/CVE-2022-25356.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-25356 cwe-id: CWE-91 epss-score: 0.00425 - epss-percentile: 0.71709 + epss-percentile: 0.73853 cpe: cpe:2.3:a:altn:securitygateway:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-2546.yaml b/http/cves/2022/CVE-2022-2546.yaml index f4cb61ed18..ac62134a34 100644 --- a/http/cves/2022/CVE-2022-2546.yaml +++ b/http/cves/2022/CVE-2022-2546.yaml @@ -15,13 +15,14 @@ info: - https://wordpress.org/plugins/all-in-one-wp-migration/ - https://patchstack.com/database/vulnerability/all-in-one-wp-migration/wordpress-all-in-one-wp-migration-plugin-7-62-unauthenticated-reflected-cross-site-scripting-xss-vulnerability - https://nvd.nist.gov/vuln/detail/CVE-2022-2546 + - https://github.com/0xvinix/CVE-2022-2546 classification: cvss-metrics: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 4.7 cve-id: CVE-2022-2546 cwe-id: CWE-79 - epss-score: 0.00165 - epss-percentile: 0.53101 + epss-score: 0.00252 + epss-percentile: 0.64447 cpe: cpe:2.3:a:servmask:all-in-one_wp_migration:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-25481.yaml b/http/cves/2022/CVE-2022-25481.yaml index 2b94247cc5..df1604ce4e 100644 --- a/http/cves/2022/CVE-2022-25481.yaml +++ b/http/cves/2022/CVE-2022-25481.yaml @@ -13,13 +13,16 @@ info: reference: - https://github.com/Lyther/VulnDiscover/blob/master/Web/ThinkPHP_InfoLeak.md - https://nvd.nist.gov/vuln/detail/CVE-2022-25481 + - https://github.com/20142995/sectool + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2022-25481 cwe-id: CWE-668 - epss-score: 0.01311 - epss-percentile: 0.8446 + epss-score: 0.01261 + epss-percentile: 0.85321 cpe: cpe:2.3:a:thinkphp:thinkphp:5.0.24:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-25485.yaml b/http/cves/2022/CVE-2022-25485.yaml index e3d87a26b5..f92d3a6beb 100644 --- a/http/cves/2022/CVE-2022-25485.yaml +++ b/http/cves/2022/CVE-2022-25485.yaml @@ -13,13 +13,14 @@ info: reference: - https://github.com/CuppaCMS/CuppaCMS - https://nvd.nist.gov/vuln/detail/CVE-2022-25485 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H cvss-score: 7.8 cve-id: CVE-2022-25485 cwe-id: CWE-829 epss-score: 0.00648 - epss-percentile: 0.77084 + epss-percentile: 0.78876 cpe: cpe:2.3:a:cuppacms:cuppacms:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-25487.yaml b/http/cves/2022/CVE-2022-25487.yaml index b046362ec3..064f4fb21c 100644 --- a/http/cves/2022/CVE-2022-25487.yaml +++ b/http/cves/2022/CVE-2022-25487.yaml @@ -13,13 +13,15 @@ info: - https://packetstormsecurity.com/files/166532/Atom-CMS-1.0.2-Shell-Upload.html - https://github.com/thedigicraft/Atom.CMS/issues/256 - https://nvd.nist.gov/vuln/detail/CVE-2022-25487 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/shikari00007/Atom-CMS-2.0---File-Upload-Remote-Code-Execution-Un-Authenticated-POC classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-25487 cwe-id: CWE-434 - epss-score: 0.88802 - epss-percentile: 0.98459 + epss-score: 0.84615 + epss-percentile: 0.98422 cpe: cpe:2.3:a:thedigitalcraft:atomcms:2.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-25488.yaml b/http/cves/2022/CVE-2022-25488.yaml index c536936e36..d82926e62c 100644 --- a/http/cves/2022/CVE-2022-25488.yaml +++ b/http/cves/2022/CVE-2022-25488.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-25488 cwe-id: CWE-89 - epss-score: 0.02031 - epss-percentile: 0.87755 + epss-score: 0.0161 + epss-percentile: 0.87161 cpe: cpe:2.3:a:thedigitalcraft:atomcms:2.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-25489.yaml b/http/cves/2022/CVE-2022-25489.yaml index bae550ac14..8707c9954f 100644 --- a/http/cves/2022/CVE-2022-25489.yaml +++ b/http/cves/2022/CVE-2022-25489.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2022-25489 cwe-id: CWE-79 epss-score: 0.00134 - epss-percentile: 0.48506 + epss-percentile: 0.47681 cpe: cpe:2.3:a:thedigitalcraft:atomcms:2.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-25497.yaml b/http/cves/2022/CVE-2022-25497.yaml index ca6987c305..93b193e06b 100644 --- a/http/cves/2022/CVE-2022-25497.yaml +++ b/http/cves/2022/CVE-2022-25497.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2022-25497 cwe-id: CWE-552 epss-score: 0.00508 - epss-percentile: 0.74077 + epss-percentile: 0.76089 cpe: cpe:2.3:a:cuppacms:cuppacms:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-2551.yaml b/http/cves/2022/CVE-2022-2551.yaml index e00157c046..159f7c4b64 100644 --- a/http/cves/2022/CVE-2022-2551.yaml +++ b/http/cves/2022/CVE-2022-2551.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2022-2551 cwe-id: CWE-425 - epss-score: 0.75241 - epss-percentile: 0.97888 + epss-score: 0.72442 + epss-percentile: 0.97997 cpe: cpe:2.3:a:snapcreek:duplicator:*:*:*:*:lite:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-2599.yaml b/http/cves/2022/CVE-2022-2599.yaml index fc99092981..cb841a50b4 100644 --- a/http/cves/2022/CVE-2022-2599.yaml +++ b/http/cves/2022/CVE-2022-2599.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-2599 cwe-id: CWE-79 - epss-score: 0.00119 - epss-percentile: 0.45981 + epss-score: 0.00106 + epss-percentile: 0.42122 cpe: cpe:2.3:a:anti-malware_security_and_brute-force_firewall_project:anti-malware_security_and_brute-force_firewall:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-26134.yaml b/http/cves/2022/CVE-2022-26134.yaml index 1b0142ae72..056b4805fa 100644 --- a/http/cves/2022/CVE-2022-26134.yaml +++ b/http/cves/2022/CVE-2022-26134.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-26134 cwe-id: CWE-917 - epss-score: 0.97535 - epss-percentile: 0.99993 + epss-score: 0.97528 + epss-percentile: 0.9999 cpe: cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-26138.yaml b/http/cves/2022/CVE-2022-26138.yaml index 839dde00bb..f0881f5def 100644 --- a/http/cves/2022/CVE-2022-26138.yaml +++ b/http/cves/2022/CVE-2022-26138.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-26138 cwe-id: CWE-798 - epss-score: 0.96601 - epss-percentile: 0.99537 + epss-score: 0.97262 + epss-percentile: 0.99834 cpe: cpe:2.3:a:atlassian:questions_for_confluence:2.7.34:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-26148.yaml b/http/cves/2022/CVE-2022-26148.yaml index 10da882854..87ad32b9d8 100644 --- a/http/cves/2022/CVE-2022-26148.yaml +++ b/http/cves/2022/CVE-2022-26148.yaml @@ -14,13 +14,15 @@ info: - https://2k8.org/post-319.html - https://security.netapp.com/advisory/ntap-20220425-0005/ - https://nvd.nist.gov/vuln/detail/CVE-2022-26148 + - https://github.com/HimmelAward/Goby_POC + - https://github.com/Z0fhack/Goby_POC classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-26148 cwe-id: CWE-312 epss-score: 0.15727 - epss-percentile: 0.95407 + epss-percentile: 0.95795 cpe: cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-26263.yaml b/http/cves/2022/CVE-2022-26263.yaml index eb357ee240..0414510dbe 100644 --- a/http/cves/2022/CVE-2022-26263.yaml +++ b/http/cves/2022/CVE-2022-26263.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-26263 cwe-id: CWE-79 epss-score: 0.00147 - epss-percentile: 0.49633 + epss-percentile: 0.49736 cpe: cpe:2.3:a:yonyou:u8\+:13.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-2627.yaml b/http/cves/2022/CVE-2022-2627.yaml index 2ab343ce2d..ba1c9fb358 100644 --- a/http/cves/2022/CVE-2022-2627.yaml +++ b/http/cves/2022/CVE-2022-2627.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2022-2627 cwe-id: CWE-79 epss-score: 0.00119 - epss-percentile: 0.45893 + epss-percentile: 0.45193 cpe: cpe:2.3:a:tagdiv:newspaper:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-26352.yaml b/http/cves/2022/CVE-2022-26352.yaml index 37cd15e0a1..02c94c600e 100644 --- a/http/cves/2022/CVE-2022-26352.yaml +++ b/http/cves/2022/CVE-2022-26352.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-26352 cwe-id: CWE-22 - epss-score: 0.97526 - epss-percentile: 0.9999 + epss-score: 0.97527 + epss-percentile: 0.99989 cpe: cpe:2.3:a:dotcms:dotcms:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2022/CVE-2022-26564.yaml b/http/cves/2022/CVE-2022-26564.yaml index 5fe6a59cac..34ca3333c0 100644 --- a/http/cves/2022/CVE-2022-26564.yaml +++ b/http/cves/2022/CVE-2022-26564.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-26564 cwe-id: CWE-79 epss-score: 0.00097 - epss-percentile: 0.40134 + epss-percentile: 0.39401 cpe: cpe:2.3:a:digitaldruid:hoteldruid:3.0.3:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2022/CVE-2022-26833.yaml b/http/cves/2022/CVE-2022-26833.yaml index 08babbc66b..4048bf7acb 100644 --- a/http/cves/2022/CVE-2022-26833.yaml +++ b/http/cves/2022/CVE-2022-26833.yaml @@ -14,13 +14,14 @@ info: - https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1513 - https://nvd.nist.gov/vuln/detail/CVE-2022-26833 - https://talosintelligence.com/vulnerability_reports/TALOS-2022-1513 + - https://github.com/ARPSyndicate/cvemon classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - cvss-score: 9.8 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H + cvss-score: 9.4 cve-id: CVE-2022-26833 cwe-id: CWE-306 - epss-score: 0.03208 - epss-percentile: 0.90206 + epss-score: 0.0166 + epss-percentile: 0.87336 cpe: cpe:2.3:a:openautomationsoftware:oas_platform:16.00.0112:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-26960.yaml b/http/cves/2022/CVE-2022-26960.yaml index d3e5150b44..c15f3e8c37 100644 --- a/http/cves/2022/CVE-2022-26960.yaml +++ b/http/cves/2022/CVE-2022-26960.yaml @@ -15,13 +15,14 @@ info: - https://github.com/Studio-42/elFinder/commit/3b758495538a448ac8830ee3559e7fb2c260c6db - https://www.synacktiv.com/publications.html - https://nvd.nist.gov/vuln/detail/CVE-2022-26960 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N cvss-score: 9.1 cve-id: CVE-2022-26960 cwe-id: CWE-22 - epss-score: 0.88417 - epss-percentile: 0.98433 + epss-score: 0.85922 + epss-percentile: 0.98481 cpe: cpe:2.3:a:std42:elfinder:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-2733.yaml b/http/cves/2022/CVE-2022-2733.yaml index 485997c24f..c14b42e8cb 100644 --- a/http/cves/2022/CVE-2022-2733.yaml +++ b/http/cves/2022/CVE-2022-2733.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-2733 cwe-id: CWE-79 - epss-score: 0.0019 - epss-percentile: 0.56641 + epss-score: 0.00143 + epss-percentile: 0.49164 cpe: cpe:2.3:a:open-emr:openemr:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-2756.yaml b/http/cves/2022/CVE-2022-2756.yaml index 49753ae4d1..91b57bb9ff 100644 --- a/http/cves/2022/CVE-2022-2756.yaml +++ b/http/cves/2022/CVE-2022-2756.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.5 cve-id: CVE-2022-2756 cwe-id: CWE-918 - epss-score: 0.01379 - epss-percentile: 0.8488 + epss-score: 0.01579 + epss-percentile: 0.87037 cpe: cpe:2.3:a:kavitareader:kavita:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-27593.yaml b/http/cves/2022/CVE-2022-27593.yaml index 5ee7f04c22..e95e56b2b6 100644 --- a/http/cves/2022/CVE-2022-27593.yaml +++ b/http/cves/2022/CVE-2022-27593.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.1 cve-id: CVE-2022-27593 cwe-id: CWE-610 - epss-score: 0.44245 - epss-percentile: 0.97055 + epss-score: 0.56352 + epss-percentile: 0.97624 cpe: cpe:2.3:a:qnap:photo_station:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-27849.yaml b/http/cves/2022/CVE-2022-27849.yaml index b62e17ca9c..4454d29eed 100644 --- a/http/cves/2022/CVE-2022-27849.yaml +++ b/http/cves/2022/CVE-2022-27849.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2022-27849 cwe-id: CWE-200 - epss-score: 0.00732 - epss-percentile: 0.78773 + epss-score: 0.00713 + epss-percentile: 0.80067 cpe: cpe:2.3:a:plugin-planet:simple_ajax_chat:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-27985.yaml b/http/cves/2022/CVE-2022-27985.yaml index 0272b97d9b..dfd78af5e3 100644 --- a/http/cves/2022/CVE-2022-27985.yaml +++ b/http/cves/2022/CVE-2022-27985.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-27985 cwe-id: CWE-89 - epss-score: 0.03284 - epss-percentile: 0.90318 + epss-score: 0.02343 + epss-percentile: 0.89527 cpe: cpe:2.3:a:cuppacms:cuppacms:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-28023.yaml b/http/cves/2022/CVE-2022-28023.yaml index 1674161c0d..01e691d3a5 100644 --- a/http/cves/2022/CVE-2022-28023.yaml +++ b/http/cves/2022/CVE-2022-28023.yaml @@ -14,13 +14,15 @@ info: - https://github.com/debug601/bug_report/blob/main/vendors/oretnom23/purchase-order-management-system/SQLi-2.md - https://www.sourcecodester.com/php/14935/purchase-order-management-system-using-php-free-source-code.html - https://nvd.nist.gov/vuln/detail/CVE-2022-28023 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/debug601/bug_report classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-28023 cwe-id: CWE-89 - epss-score: 0.02852 - epss-percentile: 0.89667 + epss-score: 0.02266 + epss-percentile: 0.8936 cpe: cpe:2.3:a:purchase_order_management_system_project:purchase_order_management_system:1.0:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2022/CVE-2022-28032.yaml b/http/cves/2022/CVE-2022-28032.yaml index e584dcd950..b5090af060 100644 --- a/http/cves/2022/CVE-2022-28032.yaml +++ b/http/cves/2022/CVE-2022-28032.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-28032 cwe-id: CWE-89 - epss-score: 0.02031 - epss-percentile: 0.87755 + epss-score: 0.02266 + epss-percentile: 0.8936 cpe: cpe:2.3:a:thedigitalcraft:atomcms:2.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-28080.yaml b/http/cves/2022/CVE-2022-28080.yaml index 73cde5e960..989deca8c2 100644 --- a/http/cves/2022/CVE-2022-28080.yaml +++ b/http/cves/2022/CVE-2022-28080.yaml @@ -21,8 +21,8 @@ info: cvss-score: 8.8 cve-id: CVE-2022-28080 cwe-id: CWE-89 - epss-score: 0.01488 - epss-percentile: 0.85428 + epss-score: 0.01461 + epss-percentile: 0.86424 cpe: cpe:2.3:a:event_management_system_project:event_management_system:1.0:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2022/CVE-2022-28290.yaml b/http/cves/2022/CVE-2022-28290.yaml index 3f5af3f7b4..6280f72923 100644 --- a/http/cves/2022/CVE-2022-28290.yaml +++ b/http/cves/2022/CVE-2022-28290.yaml @@ -14,13 +14,14 @@ info: - https://wpscan.com/vulnerability/6c5a4bce-6266-4cfc-bc87-4fc3e36cb479 - https://cybersecurityworks.com/zerodays/cve-2022-28290-reflected-cross-site-scripting-in-welaunch.html - https://nvd.nist.gov/vuln/detail/CVE-2022-28290 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-28290 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36947 + epss-percentile: 0.36353 cpe: cpe:2.3:a:welaunch:wordpress_country_selector:1.6.5:*:*:*:*:wordpress:*:* metadata: max-request: 2 diff --git a/http/cves/2022/CVE-2022-28363.yaml b/http/cves/2022/CVE-2022-28363.yaml index cae8d91a37..5cda1f8025 100644 --- a/http/cves/2022/CVE-2022-28363.yaml +++ b/http/cves/2022/CVE-2022-28363.yaml @@ -15,13 +15,14 @@ info: - https://github.com/advisories/GHSA-rpvc-qgrm-r54f - http://packetstormsecurity.com/files/166647/Reprise-License-Manager-14.2-Cross-Site-Scripting-Information-Disclosure.html - https://nvd.nist.gov/vuln/detail/CVE-2022-28363 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-28363 cwe-id: CWE-79 epss-score: 0.00237 - epss-percentile: 0.61755 + epss-percentile: 0.61062 cpe: cpe:2.3:a:reprisesoftware:reprise_license_manager:14.2:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-2863.yaml b/http/cves/2022/CVE-2022-2863.yaml index 47fec4498f..511fe0158b 100644 --- a/http/cves/2022/CVE-2022-2863.yaml +++ b/http/cves/2022/CVE-2022-2863.yaml @@ -19,8 +19,8 @@ info: cvss-score: 4.9 cve-id: CVE-2022-2863 cwe-id: CWE-22 - epss-score: 0.54582 - epss-percentile: 0.97355 + epss-score: 0.43289 + epss-percentile: 0.97257 cpe: cpe:2.3:a:wpvivid:migration\,_backup\,_staging:*:*:*:*:*:wordpress:*:* metadata: max-request: 3 diff --git a/http/cves/2022/CVE-2022-28955.yaml b/http/cves/2022/CVE-2022-28955.yaml index 4c6dea0038..8ed1d5ed20 100644 --- a/http/cves/2022/CVE-2022-28955.yaml +++ b/http/cves/2022/CVE-2022-28955.yaml @@ -14,13 +14,15 @@ info: - https://github.com/shijin0925/IOT/blob/master/DIR816/1.md - https://www.dlink.com/en/security-bulletin/ - https://nvd.nist.gov/vuln/detail/CVE-2022-28955 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2022-28955 cwe-id: CWE-287 epss-score: 0.02487 - epss-percentile: 0.88982 + epss-percentile: 0.89836 cpe: cpe:2.3:o:dlink:dir-816l_firmware:206b01:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-29004.yaml b/http/cves/2022/CVE-2022-29004.yaml index 2d2683bdd4..a92d8576e3 100644 --- a/http/cves/2022/CVE-2022-29004.yaml +++ b/http/cves/2022/CVE-2022-29004.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-29004 cwe-id: CWE-79 epss-score: 0.00218 - epss-percentile: 0.59831 + epss-percentile: 0.59134 cpe: cpe:2.3:a:phpgurukul:e-diary_management_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-29006.yaml b/http/cves/2022/CVE-2022-29006.yaml index 15b79d4e01..5127137d91 100644 --- a/http/cves/2022/CVE-2022-29006.yaml +++ b/http/cves/2022/CVE-2022-29006.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-29006 cwe-id: CWE-89 - epss-score: 0.15861 - epss-percentile: 0.95469 + epss-score: 0.21257 + epss-percentile: 0.96305 cpe: cpe:2.3:a:phpgurukul:directory_management_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-29009.yaml b/http/cves/2022/CVE-2022-29009.yaml index 6eb8cd707b..57e4c481a1 100644 --- a/http/cves/2022/CVE-2022-29009.yaml +++ b/http/cves/2022/CVE-2022-29009.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-29009 cwe-id: CWE-89 - epss-score: 0.15861 - epss-percentile: 0.95469 + epss-score: 0.21257 + epss-percentile: 0.96305 cpe: cpe:2.3:a:phpgurukul:cyber_cafe_management_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-29014.yaml b/http/cves/2022/CVE-2022-29014.yaml index c72cb4ffba..fb300306f9 100644 --- a/http/cves/2022/CVE-2022-29014.yaml +++ b/http/cves/2022/CVE-2022-29014.yaml @@ -14,12 +14,13 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2022-29014 - https://www2.razer.com/ap-en/desktops-and-networking/razer-sila - https://packetstormsecurity.com/files/166683/Razer-Sila-2.0.418-Local-File-Inclusion.html + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2022-29014 epss-score: 0.77285 - epss-percentile: 0.97938 + epss-percentile: 0.98135 cpe: cpe:2.3:o:razer:sila_firmware:2.0.441_api-2.0.418:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-29078.yaml b/http/cves/2022/CVE-2022-29078.yaml index 9361b26f6a..84aedb33a9 100644 --- a/http/cves/2022/CVE-2022-29078.yaml +++ b/http/cves/2022/CVE-2022-29078.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-29078 cwe-id: CWE-94 - epss-score: 0.34975 - epss-percentile: 0.96733 + epss-score: 0.34849 + epss-percentile: 0.97005 cpe: cpe:2.3:a:ejs:ejs:3.1.6:*:*:*:*:node.js:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-29153.yaml b/http/cves/2022/CVE-2022-29153.yaml index 8b4526d477..43b3644f47 100644 --- a/http/cves/2022/CVE-2022-29153.yaml +++ b/http/cves/2022/CVE-2022-29153.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2022-29153 cwe-id: CWE-918 - epss-score: 0.02619 - epss-percentile: 0.89273 + epss-score: 0.02376 + epss-percentile: 0.89603 cpe: cpe:2.3:a:hashicorp:consul:*:*:*:*:-:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-29298.yaml b/http/cves/2022/CVE-2022-29298.yaml index 82f0d91c13..94c1340eaa 100644 --- a/http/cves/2022/CVE-2022-29298.yaml +++ b/http/cves/2022/CVE-2022-29298.yaml @@ -14,13 +14,14 @@ info: - https://drive.google.com/file/d/1-RHw9ekVidP8zc0xpbzBXnse2gSY1xbH/view - https://drive.google.com/file/d/1-RHw9ekVidP8zc0xpbzBXnse2gSY1xbH/view?usp=sharing - https://nvd.nist.gov/vuln/detail/CVE-2022-29298 + - https://github.com/20142995/pocsuite3 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2022-29298 cwe-id: CWE-22 epss-score: 0.1374 - epss-percentile: 0.95105 + epss-percentile: 0.95497 cpe: cpe:2.3:o:contec:sv-cpt-mc310_firmware:6.00:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-29299.yaml b/http/cves/2022/CVE-2022-29299.yaml index 49218c3954..7e8be5ef43 100644 --- a/http/cves/2022/CVE-2022-29299.yaml +++ b/http/cves/2022/CVE-2022-29299.yaml @@ -17,6 +17,8 @@ info: - https://github.com/ARPSyndicate/kenzer-templates classification: cve-id: CVE-2022-29299 + epss-score: 0.00175 + epss-percentile: 0.53704 metadata: verified: true max-request: 1 diff --git a/http/cves/2022/CVE-2022-29303.yaml b/http/cves/2022/CVE-2022-29303.yaml index 6c5e016cea..08e1e1b8cf 100644 --- a/http/cves/2022/CVE-2022-29303.yaml +++ b/http/cves/2022/CVE-2022-29303.yaml @@ -15,13 +15,14 @@ info: - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29303 - https://drive.google.com/drive/folders/1tGr-WExbpfvhRg31XCoaZOFLWyt3r60g?usp=sharing - http://packetstormsecurity.com/files/167183/SolarView-Compact-6.0-Command-Injection.html + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-29303 cwe-id: CWE-78 - epss-score: 0.95299 - epss-percentile: 0.99193 + epss-score: 0.9598 + epss-percentile: 0.99429 cpe: cpe:2.3:o:contec:sv-cpt-mc310_firmware:6.00:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-29383.yaml b/http/cves/2022/CVE-2022-29383.yaml index 59f078f000..eefc57a1b0 100644 --- a/http/cves/2022/CVE-2022-29383.yaml +++ b/http/cves/2022/CVE-2022-29383.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-29383 cwe-id: CWE-89 - epss-score: 0.47914 - epss-percentile: 0.97161 + epss-score: 0.39819 + epss-percentile: 0.9716 cpe: cpe:2.3:o:netgear:ssl312_firmware:fvs336gv2:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-29464.yaml b/http/cves/2022/CVE-2022-29464.yaml index d90d7b7938..6f403c6211 100644 --- a/http/cves/2022/CVE-2022-29464.yaml +++ b/http/cves/2022/CVE-2022-29464.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-29464 cwe-id: CWE-22 - epss-score: 0.97235 - epss-percentile: 0.99812 + epss-score: 0.97146 + epss-percentile: 0.99783 cpe: cpe:2.3:a:wso2:api_manager:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2022/CVE-2022-29548.yaml b/http/cves/2022/CVE-2022-29548.yaml index 2f39916c3f..d634faa971 100644 --- a/http/cves/2022/CVE-2022-29548.yaml +++ b/http/cves/2022/CVE-2022-29548.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-29548 cwe-id: CWE-79 epss-score: 0.00299 - epss-percentile: 0.66346 + epss-percentile: 0.68867 cpe: cpe:2.3:a:wso2:api_manager:2.2.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-30073.yaml b/http/cves/2022/CVE-2022-30073.yaml index 10f0c0f1bc..c29bc4ab47 100644 --- a/http/cves/2022/CVE-2022-30073.yaml +++ b/http/cves/2022/CVE-2022-30073.yaml @@ -14,13 +14,14 @@ info: - https://github.com/APTX-4879/CVE - https://github.com/APTX-4879/CVE/blob/main/CVE-2022-30073.pdf - https://nvd.nist.gov/vuln/detail/CVE-2022-30073 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N cvss-score: 5.4 cve-id: CVE-2022-30073 cwe-id: CWE-79 epss-score: 0.00205 - epss-percentile: 0.58384 + epss-percentile: 0.57793 cpe: cpe:2.3:a:wbce:wbce_cms:1.5.2:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-30513.yaml b/http/cves/2022/CVE-2022-30513.yaml index 83497f9dd7..2ccf3faffb 100644 --- a/http/cves/2022/CVE-2022-30513.yaml +++ b/http/cves/2022/CVE-2022-30513.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-30513 cwe-id: CWE-79 epss-score: 0.00097 - epss-percentile: 0.40134 + epss-percentile: 0.39401 cpe: cpe:2.3:a:school_dormitory_management_system_project:school_dormitory_management_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-30514.yaml b/http/cves/2022/CVE-2022-30514.yaml index 61acf40030..81a1e1c3e1 100644 --- a/http/cves/2022/CVE-2022-30514.yaml +++ b/http/cves/2022/CVE-2022-30514.yaml @@ -15,13 +15,14 @@ info: - https://www.sourcecodester.com/php/15319/school-dormitory-management-system-phpoop-free-source-code.html - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30514 - https://nvd.nist.gov/vuln/detail/CVE-2022-30514 + - https://github.com/Marcuccio/kevin classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-30514 cwe-id: CWE-79 epss-score: 0.00097 - epss-percentile: 0.40092 + epss-percentile: 0.39401 cpe: cpe:2.3:a:school_dormitory_management_system_project:school_dormitory_management_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-30525.yaml b/http/cves/2022/CVE-2022-30525.yaml index ba78dc44bb..4db3362f93 100644 --- a/http/cves/2022/CVE-2022-30525.yaml +++ b/http/cves/2022/CVE-2022-30525.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-30525 cwe-id: CWE-78 - epss-score: 0.97465 - epss-percentile: 0.99956 + epss-score: 0.97482 + epss-percentile: 0.99967 cpe: cpe:2.3:o:zyxel:usg_flex_100w_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-31126.yaml b/http/cves/2022/CVE-2022-31126.yaml index edc74ea120..f84be2943d 100644 --- a/http/cves/2022/CVE-2022-31126.yaml +++ b/http/cves/2022/CVE-2022-31126.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-31126 cwe-id: CWE-74 - epss-score: 0.85981 - epss-percentile: 0.98316 + epss-score: 0.84229 + epss-percentile: 0.98401 cpe: cpe:2.3:a:roxy-wi:roxy-wi:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-31269.yaml b/http/cves/2022/CVE-2022-31269.yaml index fc5c2e0ac9..e1f629eee9 100644 --- a/http/cves/2022/CVE-2022-31269.yaml +++ b/http/cves/2022/CVE-2022-31269.yaml @@ -15,13 +15,14 @@ info: - https://www.nortekcontrol.com/access-control/ - https://eg.linkedin.com/in/omar-1-hashem - https://nvd.nist.gov/vuln/detail/CVE-2022-31269 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N cvss-score: 8.2 cve-id: CVE-2022-31269 cwe-id: CWE-798 - epss-score: 0.00174 - epss-percentile: 0.54513 + epss-score: 0.00231 + epss-percentile: 0.6049 cpe: cpe:2.3:o:nortekcontrol:emerge_e3_firmware:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-31299.yaml b/http/cves/2022/CVE-2022-31299.yaml index 8d4b846826..c6bb460d0d 100644 --- a/http/cves/2022/CVE-2022-31299.yaml +++ b/http/cves/2022/CVE-2022-31299.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-31299 cwe-id: CWE-79 epss-score: 0.00209 - epss-percentile: 0.58894 + epss-percentile: 0.58245 cpe: cpe:2.3:a:angtech:haraj:3.7:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-31373.yaml b/http/cves/2022/CVE-2022-31373.yaml index 2577e36630..a48dc93224 100644 --- a/http/cves/2022/CVE-2022-31373.yaml +++ b/http/cves/2022/CVE-2022-31373.yaml @@ -13,13 +13,16 @@ info: reference: - https://github.com/badboycxcc/SolarView_Compact_6.0_xss - https://nvd.nist.gov/vuln/detail/CVE-2022-31373 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/badboycxcc/badboycxcc classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-31373 cwe-id: CWE-79 epss-score: 0.00088 - epss-percentile: 0.36947 + epss-percentile: 0.36353 cpe: cpe:2.3:o:contec:sv-cpt-mc310_firmware:6.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-3142.yaml b/http/cves/2022/CVE-2022-3142.yaml index 2057080e62..230d9562c9 100644 --- a/http/cves/2022/CVE-2022-3142.yaml +++ b/http/cves/2022/CVE-2022-3142.yaml @@ -18,8 +18,8 @@ info: cvss-score: 8.8 cve-id: CVE-2022-3142 cwe-id: CWE-89 - epss-score: 0.00318 - epss-percentile: 0.67316 + epss-score: 0.00356 + epss-percentile: 0.71515 cpe: cpe:2.3:a:basixonline:nex-forms:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-31474.yaml b/http/cves/2022/CVE-2022-31474.yaml index a7553d6c13..1f90b581a0 100644 --- a/http/cves/2022/CVE-2022-31474.yaml +++ b/http/cves/2022/CVE-2022-31474.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.5 cve-id: CVE-2022-31474 cwe-id: CWE-22 - epss-score: 0.00531 - epss-percentile: 0.74642 + epss-score: 0.0063 + epss-percentile: 0.78579 cpe: cpe:2.3:a:ithemes:backupbuddy:*:*:*:*:*:wordpress:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-31656.yaml b/http/cves/2022/CVE-2022-31656.yaml index 28ed367743..1d3334694b 100644 --- a/http/cves/2022/CVE-2022-31656.yaml +++ b/http/cves/2022/CVE-2022-31656.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-31656 cwe-id: CWE-287 - epss-score: 0.81964 - epss-percentile: 0.98126 + epss-score: 0.75034 + epss-percentile: 0.98069 cpe: cpe:2.3:a:vmware:identity_manager:3.3.4:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-31798.yaml b/http/cves/2022/CVE-2022-31798.yaml index fa931dcb1d..d411b9c192 100644 --- a/http/cves/2022/CVE-2022-31798.yaml +++ b/http/cves/2022/CVE-2022-31798.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-31798 cwe-id: CWE-384 - epss-score: 0.0012 - epss-percentile: 0.46173 + epss-score: 0.00126 + epss-percentile: 0.46259 cpe: cpe:2.3:o:nortekcontrol:emerge_e3_firmware:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-31854.yaml b/http/cves/2022/CVE-2022-31854.yaml index 8c24843755..efca6e1075 100644 --- a/http/cves/2022/CVE-2022-31854.yaml +++ b/http/cves/2022/CVE-2022-31854.yaml @@ -15,13 +15,14 @@ info: - https://codoforum.com - https://vikaran101.medium.com/codoforum-v5-1-authenticated-rce-my-first-cve-f49e19b8bc - https://nvd.nist.gov/vuln/detail/CVE-2022-31854 + - https://github.com/trhacknon/Pocingit classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H cvss-score: 7.2 cve-id: CVE-2022-31854 cwe-id: CWE-434 - epss-score: 0.08519 - epss-percentile: 0.93839 + epss-score: 0.17108 + epss-percentile: 0.95958 cpe: cpe:2.3:a:codologic:codoforum:5.1:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-31978.yaml b/http/cves/2022/CVE-2022-31978.yaml index 6dbd7aa8af..faad06e36d 100644 --- a/http/cves/2022/CVE-2022-31978.yaml +++ b/http/cves/2022/CVE-2022-31978.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-31978 cwe-id: CWE-89 - epss-score: 0.01192 - epss-percentile: 0.83594 + epss-score: 0.02031 + epss-percentile: 0.88685 cpe: cpe:2.3:a:online_fire_reporting_system_project:online_fire_reporting_system:1.0:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2022/CVE-2022-31981.yaml b/http/cves/2022/CVE-2022-31981.yaml index a672365031..836a3bbfb4 100644 --- a/http/cves/2022/CVE-2022-31981.yaml +++ b/http/cves/2022/CVE-2022-31981.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.2 cve-id: CVE-2022-31981 cwe-id: CWE-89 - epss-score: 0.01429 - epss-percentile: 0.85199 + epss-score: 0.01426 + epss-percentile: 0.8625 cpe: cpe:2.3:a:online_fire_reporting_system_project:online_fire_reporting_system:1.0:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2022/CVE-2022-31982.yaml b/http/cves/2022/CVE-2022-31982.yaml index 32f2710a90..1893bfceed 100644 --- a/http/cves/2022/CVE-2022-31982.yaml +++ b/http/cves/2022/CVE-2022-31982.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.2 cve-id: CVE-2022-31982 cwe-id: CWE-89 - epss-score: 0.01429 - epss-percentile: 0.85199 + epss-score: 0.01426 + epss-percentile: 0.8625 cpe: cpe:2.3:a:online_fire_reporting_system_project:online_fire_reporting_system:1.0:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2022/CVE-2022-31984.yaml b/http/cves/2022/CVE-2022-31984.yaml index c9a613e0e4..d32244b9e5 100644 --- a/http/cves/2022/CVE-2022-31984.yaml +++ b/http/cves/2022/CVE-2022-31984.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.2 cve-id: CVE-2022-31984 cwe-id: CWE-89 - epss-score: 0.00834 - epss-percentile: 0.80157 + epss-score: 0.01426 + epss-percentile: 0.8625 cpe: cpe:2.3:a:online_fire_reporting_system_project:online_fire_reporting_system:1.0:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2022/CVE-2022-32015.yaml b/http/cves/2022/CVE-2022-32015.yaml index a9aa333901..2f0fa798ac 100644 --- a/http/cves/2022/CVE-2022-32015.yaml +++ b/http/cves/2022/CVE-2022-32015.yaml @@ -11,13 +11,14 @@ info: reference: - https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/online-job-search-system/SQLi-8.md - https://nvd.nist.gov/vuln/detail/CVE-2022-32015 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H cvss-score: 7.2 cve-id: CVE-2022-32015 cwe-id: CWE-89 - epss-score: 0.00834 - epss-percentile: 0.80157 + epss-score: 0.01426 + epss-percentile: 0.8625 cpe: cpe:2.3:a:complete_online_job_search_system_project:complete_online_job_search_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-32018.yaml b/http/cves/2022/CVE-2022-32018.yaml index 9545007207..3f0068e603 100644 --- a/http/cves/2022/CVE-2022-32018.yaml +++ b/http/cves/2022/CVE-2022-32018.yaml @@ -13,13 +13,14 @@ info: reference: - https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/online-job-search-system/SQLi-12.md - https://nvd.nist.gov/vuln/detail/CVE-2022-32018 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H cvss-score: 7.2 cve-id: CVE-2022-32018 cwe-id: CWE-89 - epss-score: 0.00834 - epss-percentile: 0.80157 + epss-score: 0.01426 + epss-percentile: 0.8625 cpe: cpe:2.3:a:complete_online_job_search_system_project:complete_online_job_search_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-32025.yaml b/http/cves/2022/CVE-2022-32025.yaml index 327505d0f6..4e1b75a49f 100644 --- a/http/cves/2022/CVE-2022-32025.yaml +++ b/http/cves/2022/CVE-2022-32025.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.2 cve-id: CVE-2022-32025 cwe-id: CWE-89 - epss-score: 0.01429 - epss-percentile: 0.85199 + epss-score: 0.01426 + epss-percentile: 0.8625 cpe: cpe:2.3:a:car_rental_management_system_project:car_rental_management_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-32026.yaml b/http/cves/2022/CVE-2022-32026.yaml index 3fa571c726..d9828ea4fe 100644 --- a/http/cves/2022/CVE-2022-32026.yaml +++ b/http/cves/2022/CVE-2022-32026.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.2 cve-id: CVE-2022-32026 cwe-id: CWE-89 - epss-score: 0.01429 - epss-percentile: 0.85199 + epss-score: 0.01426 + epss-percentile: 0.8625 cpe: cpe:2.3:a:car_rental_management_system_project:car_rental_management_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-32028.yaml b/http/cves/2022/CVE-2022-32028.yaml index 137d8e8139..affb9681aa 100644 --- a/http/cves/2022/CVE-2022-32028.yaml +++ b/http/cves/2022/CVE-2022-32028.yaml @@ -13,13 +13,14 @@ info: reference: - https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/car-rental-management-system/SQLi-8.md - https://nvd.nist.gov/vuln/detail/CVE-2022-32028 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H cvss-score: 7.2 cve-id: CVE-2022-32028 cwe-id: CWE-89 - epss-score: 0.00834 - epss-percentile: 0.80157 + epss-score: 0.01426 + epss-percentile: 0.8625 cpe: cpe:2.3:a:car_rental_management_system_project:car_rental_management_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-32195.yaml b/http/cves/2022/CVE-2022-32195.yaml index 1f6939836e..4684743d0f 100644 --- a/http/cves/2022/CVE-2022-32195.yaml +++ b/http/cves/2022/CVE-2022-32195.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-32195 cwe-id: CWE-79 epss-score: 0.00112 - epss-percentile: 0.44578 + epss-percentile: 0.43735 cpe: cpe:2.3:a:edx:open_edx:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-32409.yaml b/http/cves/2022/CVE-2022-32409.yaml index a4d3cfb4f4..399023cf2b 100644 --- a/http/cves/2022/CVE-2022-32409.yaml +++ b/http/cves/2022/CVE-2022-32409.yaml @@ -13,13 +13,15 @@ info: - https://github.com/wagnerdracha/ProofOfConcept/blob/main/i3geo_proof_of_concept.txt - https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/07-Input_Validation_Testing/11.1-Testing_for_Local_File_Inclusion - https://nvd.nist.gov/vuln/detail/CVE-2022-32409 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-32409 cwe-id: CWE-22 - epss-score: 0.59439 - epss-percentile: 0.97459 + epss-score: 0.47251 + epss-percentile: 0.97372 cpe: cpe:2.3:a:softwarepublico:i3geo:7.0.5:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-32429.yaml b/http/cves/2022/CVE-2022-32429.yaml index 82af5a9702..30924d16b2 100644 --- a/http/cves/2022/CVE-2022-32429.yaml +++ b/http/cves/2022/CVE-2022-32429.yaml @@ -15,13 +15,14 @@ info: - https://elifulkerson.com/CVE-2022-32429/ - https://nvd.nist.gov/vuln/detail/CVE-2022-32429 - http://packetstormsecurity.com/files/169819/MSNSwitch-Firmware-MNT.2408-Remote-Code-Execution.html + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-32429 cwe-id: CWE-287 - epss-score: 0.0549 - epss-percentile: 0.92452 + epss-score: 0.15342 + epss-percentile: 0.95742 cpe: cpe:2.3:o:megatech:msnswitch_firmware:mnt.2408:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-32771.yaml b/http/cves/2022/CVE-2022-32771.yaml index 8102896ec5..9070804ad0 100644 --- a/http/cves/2022/CVE-2022-32771.yaml +++ b/http/cves/2022/CVE-2022-32771.yaml @@ -14,13 +14,15 @@ info: - https://talosintelligence.com/vulnerability_reports/TALOS-2022-1538 - https://github.com/WWBN/AVideo/blob/e04b1cd7062e16564157a82bae389eedd39fa088/updatedb/updateDb.v12.0.sql - https://nvd.nist.gov/vuln/detail/CVE-2022-32771 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-32771 cwe-id: CWE-79 - epss-score: 0.00056 - epss-percentile: 0.21026 + epss-score: 0.00074 + epss-percentile: 0.30395 cpe: cpe:2.3:a:wwbn:avideo:11.6:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-33119.yaml b/http/cves/2022/CVE-2022-33119.yaml index 2f14a547ca..719f8b64e7 100644 --- a/http/cves/2022/CVE-2022-33119.yaml +++ b/http/cves/2022/CVE-2022-33119.yaml @@ -13,13 +13,16 @@ info: reference: - https://github.com/badboycxcc/nuuo-xss/blob/main/README.md - https://nvd.nist.gov/vuln/detail/CVE-2022-33119 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/badboycxcc/badboycxcc classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-33119 cwe-id: CWE-79 - epss-score: 0.02148 - epss-percentile: 0.8813 + epss-score: 0.0157 + epss-percentile: 0.86981 cpe: cpe:2.3:o:nuuo:nvrsolo_firmware:03.06.02:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-33174.yaml b/http/cves/2022/CVE-2022-33174.yaml index 785d441779..17c5ced2d1 100644 --- a/http/cves/2022/CVE-2022-33174.yaml +++ b/http/cves/2022/CVE-2022-33174.yaml @@ -13,13 +13,16 @@ info: reference: - https://gynvael.coldwind.pl/?lang=en&id=748 - https://nvd.nist.gov/vuln/detail/CVE-2022-33174 + - https://github.com/Henry4E36/CVE-2022-33174 + - https://github.com/k0mi-tg/CVE-POC + - https://github.com/nomi-sec/PoC-in-GitHub classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2022-33174 cwe-id: CWE-863 - epss-score: 0.00593 - epss-percentile: 0.7598 + epss-score: 0.01241 + epss-percentile: 0.85189 cpe: cpe:2.3:o:powertekpdus:basic_pdu_firmware:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-33891.yaml b/http/cves/2022/CVE-2022-33891.yaml index 621e4629a6..9a80d1ca74 100644 --- a/http/cves/2022/CVE-2022-33891.yaml +++ b/http/cves/2022/CVE-2022-33891.yaml @@ -21,8 +21,8 @@ info: cvss-score: 8.8 cve-id: CVE-2022-33891 cwe-id: CWE-78 - epss-score: 0.97069 - epss-percentile: 0.99721 + epss-score: 0.97289 + epss-percentile: 0.99851 cpe: cpe:2.3:a:apache:spark:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-33901.yaml b/http/cves/2022/CVE-2022-33901.yaml index 789bad7c48..fb79a170a9 100644 --- a/http/cves/2022/CVE-2022-33901.yaml +++ b/http/cves/2022/CVE-2022-33901.yaml @@ -15,12 +15,13 @@ info: - https://wordpress.org/plugins/multisafepay/#developers - https://patchstack.com/database/vulnerability/multisafepay/wordpress-multisafepay-plugin-for-woocommerce-plugin-4-13-1-unauthenticated-arbitrary-file-read-vulnerability - https://nvd.nist.gov/vuln/detail/CVE-2022-33901 + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2022-33901 - epss-score: 0.00701 - epss-percentile: 0.78159 + epss-score: 0.00779 + epss-percentile: 0.80981 cpe: cpe:2.3:a:multisafepay:multisafepay_plugin_for_woocommerce:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-34045.yaml b/http/cves/2022/CVE-2022-34045.yaml index 964b3d7f4c..d89fbb2666 100644 --- a/http/cves/2022/CVE-2022-34045.yaml +++ b/http/cves/2022/CVE-2022-34045.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-34045 cwe-id: CWE-798 - epss-score: 0.04333 - epss-percentile: 0.9151 + epss-score: 0.05662 + epss-percentile: 0.93156 cpe: cpe:2.3:o:wavlink:wl-wn530hg4_firmware:m30hg4.v5030.191116:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-34046.yaml b/http/cves/2022/CVE-2022-34046.yaml index 3489bd24d7..dd16fd0513 100644 --- a/http/cves/2022/CVE-2022-34046.yaml +++ b/http/cves/2022/CVE-2022-34046.yaml @@ -15,13 +15,14 @@ info: - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34046 - http://packetstormsecurity.com/files/167890/Wavlink-WN533A8-Password-Disclosure.html - https://nvd.nist.gov/vuln/detail/CVE-2022-34046 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2022-34046 cwe-id: CWE-863 - epss-score: 0.18248 - epss-percentile: 0.9572 + epss-score: 0.14292 + epss-percentile: 0.95577 cpe: cpe:2.3:o:wavlink:wn533a8_firmware:m33a8.v5030.190716:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-34047.yaml b/http/cves/2022/CVE-2022-34047.yaml index c7a93d7d07..140890449d 100644 --- a/http/cves/2022/CVE-2022-34047.yaml +++ b/http/cves/2022/CVE-2022-34047.yaml @@ -15,13 +15,14 @@ info: - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34047 - http://packetstormsecurity.com/files/167891/Wavlink-WN530HG4-Password-Disclosure.html - https://nvd.nist.gov/vuln/detail/CVE-2022-34047 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2022-34047 cwe-id: CWE-668 - epss-score: 0.19689 - epss-percentile: 0.9586 + epss-score: 0.14292 + epss-percentile: 0.95577 cpe: cpe:2.3:o:wavlink:wl-wn530hg4_firmware:m30hg4.v5030.191116:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-34093.yaml b/http/cves/2022/CVE-2022-34093.yaml index f058da1c84..fab09459b0 100644 --- a/http/cves/2022/CVE-2022-34093.yaml +++ b/http/cves/2022/CVE-2022-34093.yaml @@ -11,13 +11,14 @@ info: - https://github.com/wagnerdracha/ProofOfConcept/blob/main/i3geo_proof_of_concept.txt#L44 - https://owasp.org/www-community/attacks/xss/ - https://softwarepublico.gov.br/social/i3geo + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-34093 cwe-id: CWE-79 - epss-score: 0.00274 - epss-percentile: 0.64649 + epss-score: 0.00266 + epss-percentile: 0.65533 cpe: cpe:2.3:a:softwarepublico:i3geo:7.0.5:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-34094.yaml b/http/cves/2022/CVE-2022-34094.yaml index ce6d9d90b8..a7d0ed715b 100644 --- a/http/cves/2022/CVE-2022-34094.yaml +++ b/http/cves/2022/CVE-2022-34094.yaml @@ -11,13 +11,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2022-34093 - https://owasp.org/www-community/attacks/xss/ - https://softwarepublico.gov.br/social/i3geo + - https://github.com/wagnerdracha/ProofOfConcept classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-34094 cwe-id: CWE-79 - epss-score: 0.00274 - epss-percentile: 0.64649 + epss-score: 0.00266 + epss-percentile: 0.65533 cpe: cpe:2.3:a:softwarepublico:i3geo:7.0.5:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-34121.yaml b/http/cves/2022/CVE-2022-34121.yaml index bf4f0409e3..7b1cb461a6 100644 --- a/http/cves/2022/CVE-2022-34121.yaml +++ b/http/cves/2022/CVE-2022-34121.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2022-34121 cwe-id: CWE-829 - epss-score: 0.72485 - epss-percentile: 0.97813 + epss-score: 0.66943 + epss-percentile: 0.97855 cpe: cpe:2.3:a:cuppacms:cuppacms:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-34576.yaml b/http/cves/2022/CVE-2022-34576.yaml index 219fb8a0f2..dffb19d3ba 100644 --- a/http/cves/2022/CVE-2022-34576.yaml +++ b/http/cves/2022/CVE-2022-34576.yaml @@ -13,12 +13,15 @@ info: reference: - https://github.com/pghuanghui/CVE_Request/blob/main/WAVLINK%20WN535%20G3_Sensitive%20information%20leakage.md - https://nvd.nist.gov/vuln/detail/CVE-2022-34576 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/tr3ss/gofetch classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2022-34576 - epss-score: 0.02934 - epss-percentile: 0.89796 + epss-score: 0.03075 + epss-percentile: 0.90796 cpe: cpe:2.3:o:wavlink:wn535g3_firmware:m35g3r.v5030.180927:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-34590.yaml b/http/cves/2022/CVE-2022-34590.yaml index 05fc193123..558ac72187 100644 --- a/http/cves/2022/CVE-2022-34590.yaml +++ b/http/cves/2022/CVE-2022-34590.yaml @@ -13,13 +13,16 @@ info: reference: - https://github.com/Renrao/bug_report/blob/master/blob/main/vendors/itsourcecode.com/hospital-management-system/sql_injection.md - https://nvd.nist.gov/vuln/detail/CVE-2022-34590 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/StarCrossPortal/scalpel classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H cvss-score: 7.2 cve-id: CVE-2022-34590 cwe-id: CWE-89 - epss-score: 0.00666 - epss-percentile: 0.77508 + epss-score: 0.01429 + epss-percentile: 0.86269 cpe: cpe:2.3:a:hospital_management_system_project:hospital_management_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-34753.yaml b/http/cves/2022/CVE-2022-34753.yaml index 6b7086a7eb..7be33fda23 100644 --- a/http/cves/2022/CVE-2022-34753.yaml +++ b/http/cves/2022/CVE-2022-34753.yaml @@ -21,8 +21,8 @@ info: cvss-score: 8.8 cve-id: CVE-2022-34753 cwe-id: CWE-78 - epss-score: 0.95902 - epss-percentile: 0.99337 + epss-score: 0.96923 + epss-percentile: 0.99698 cpe: cpe:2.3:o:schneider-electric:spacelogic_c-bus_home_controller_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-35151.yaml b/http/cves/2022/CVE-2022-35151.yaml index 58028f9e5d..5b826b8261 100644 --- a/http/cves/2022/CVE-2022-35151.yaml +++ b/http/cves/2022/CVE-2022-35151.yaml @@ -13,13 +13,16 @@ info: reference: - https://github.com/kekingcn/kkFileView/issues/366 - https://nvd.nist.gov/vuln/detail/CVE-2022-35151 + - https://github.com/StarCrossPortal/scalpel + - https://github.com/anonymous364872/Rapier_Tool + - https://github.com/youcans896768/APIV_Tool classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-35151 cwe-id: CWE-79 - epss-score: 0.012 - epss-percentile: 0.83658 + epss-score: 0.02148 + epss-percentile: 0.8906 cpe: cpe:2.3:a:keking:kkfileview:4.1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-35405.yaml b/http/cves/2022/CVE-2022-35405.yaml index 86586e07c5..b0872d03ed 100644 --- a/http/cves/2022/CVE-2022-35405.yaml +++ b/http/cves/2022/CVE-2022-35405.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-35405 cwe-id: CWE-502 - epss-score: 0.97461 - epss-percentile: 0.99955 + epss-score: 0.97471 + epss-percentile: 0.99962 cpe: cpe:2.3:a:zohocorp:manageengine_access_manager_plus:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-35413.yaml b/http/cves/2022/CVE-2022-35413.yaml index 682ffd4aeb..63dc94b9b3 100644 --- a/http/cves/2022/CVE-2022-35413.yaml +++ b/http/cves/2022/CVE-2022-35413.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-35413 cwe-id: CWE-798 - epss-score: 0.62257 - epss-percentile: 0.97544 + epss-score: 0.72077 + epss-percentile: 0.97989 cpe: cpe:2.3:a:pentasecurity:wapples:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-35416.yaml b/http/cves/2022/CVE-2022-35416.yaml index a5dfd41e6d..02a14eba93 100644 --- a/http/cves/2022/CVE-2022-35416.yaml +++ b/http/cves/2022/CVE-2022-35416.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-35416 cwe-id: CWE-79 - epss-score: 0.00101 - epss-percentile: 0.41055 + epss-score: 0.00088 + epss-percentile: 0.36353 cpe: cpe:2.3:a:h3c:ssl_vpn:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-35653.yaml b/http/cves/2022/CVE-2022-35653.yaml index c535a29171..a438f6fecb 100644 --- a/http/cves/2022/CVE-2022-35653.yaml +++ b/http/cves/2022/CVE-2022-35653.yaml @@ -17,8 +17,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-35653 cwe-id: CWE-79 - epss-score: 0.00815 - epss-percentile: 0.79909 + epss-score: 0.00921 + epss-percentile: 0.82544 cpe: cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-35914.yaml b/http/cves/2022/CVE-2022-35914.yaml index 0fd66fd028..3c15698def 100644 --- a/http/cves/2022/CVE-2022-35914.yaml +++ b/http/cves/2022/CVE-2022-35914.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-35914 cwe-id: CWE-74 - epss-score: 0.96908 - epss-percentile: 0.99653 + epss-score: 0.97399 + epss-percentile: 0.99914 cpe: cpe:2.3:a:glpi-project:glpi:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-36537.yaml b/http/cves/2022/CVE-2022-36537.yaml index 44fd9fa5e5..d272cad655 100644 --- a/http/cves/2022/CVE-2022-36537.yaml +++ b/http/cves/2022/CVE-2022-36537.yaml @@ -15,13 +15,14 @@ info: - https://tracker.zkoss.org/browse/ZK-5150 - https://nvd.nist.gov/vuln/detail/CVE-2022-36537 - https://www.bleepingcomputer.com/news/security/cisa-warns-of-hackers-exploiting-zk-java-framework-rce-flaw/ + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2022-36537 cwe-id: CWE-200 - epss-score: 0.89401 - epss-percentile: 0.98505 + epss-score: 0.95859 + epss-percentile: 0.99401 cpe: cpe:2.3:a:zkoss:zk_framework:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-36804.yaml b/http/cves/2022/CVE-2022-36804.yaml index 06d5274538..40a566c0b7 100644 --- a/http/cves/2022/CVE-2022-36804.yaml +++ b/http/cves/2022/CVE-2022-36804.yaml @@ -21,8 +21,8 @@ info: cvss-score: 8.8 cve-id: CVE-2022-36804 cwe-id: CWE-77 - epss-score: 0.97171 - epss-percentile: 0.99769 + epss-score: 0.97343 + epss-percentile: 0.99886 cpe: cpe:2.3:a:atlassian:bitbucket:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2022/CVE-2022-37042.yaml b/http/cves/2022/CVE-2022-37042.yaml index f8725655f5..7f7d5a80b7 100644 --- a/http/cves/2022/CVE-2022-37042.yaml +++ b/http/cves/2022/CVE-2022-37042.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-37042 cwe-id: CWE-22 - epss-score: 0.97483 - epss-percentile: 0.99965 + epss-score: 0.97539 + epss-percentile: 0.99994 cpe: cpe:2.3:a:zimbra:collaboration:8.8.15:-:*:*:*:*:*:* metadata: max-request: 4 diff --git a/http/cves/2022/CVE-2022-37153.yaml b/http/cves/2022/CVE-2022-37153.yaml index 99d1f46265..7212ed832a 100644 --- a/http/cves/2022/CVE-2022-37153.yaml +++ b/http/cves/2022/CVE-2022-37153.yaml @@ -11,13 +11,16 @@ info: reference: - https://github.com/Fjowel/CVE-2022-37153 - https://nvd.nist.gov/vuln/detail/CVE-2022-37153 + - https://github.com/SYRTI/POC_to_review + - https://github.com/WhooAmii/POC_to_review + - https://github.com/k0mi-tg/CVE-POC classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-37153 cwe-id: CWE-79 - epss-score: 0.00099 - epss-percentile: 0.40565 + epss-score: 0.0013 + epss-percentile: 0.47096 cpe: cpe:2.3:a:articatech:artica_proxy:4.30.000000:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-37299.yaml b/http/cves/2022/CVE-2022-37299.yaml index b5106667c1..248176fd84 100644 --- a/http/cves/2022/CVE-2022-37299.yaml +++ b/http/cves/2022/CVE-2022-37299.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.5 cve-id: CVE-2022-37299 cwe-id: CWE-22 - epss-score: 0.00593 - epss-percentile: 0.76034 + epss-score: 0.00772 + epss-percentile: 0.80878 cpe: cpe:2.3:a:shirne_cms_project:shirne_cms:1.2.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-38131.yaml b/http/cves/2022/CVE-2022-38131.yaml index cfcec81756..4677b5aeb0 100644 --- a/http/cves/2022/CVE-2022-38131.yaml +++ b/http/cves/2022/CVE-2022-38131.yaml @@ -6,29 +6,29 @@ info: severity: medium description: | RStudio Connect prior to 2023.01.0 is affected by an Open Redirect issue. The vulnerability could allow an attacker to redirect users to malicious websites. - reference: - - https://tenable.com/security/research/tra-2022-30 - - https://support.posit.co/hc/en-us/articles/10983374992023-CVE-2022-38131-configuration-issue-in-Posit-Connect - - https://github.com/JoshuaMart/JoshuaMart impact: | An attacker can exploit the vulnerability to redirect users to malicious websites, potentially leading to phishing attacks or other security breaches. remediation: | This issue is fixed in Connect v2023.05. Additionally, for users running Connect v1.7.2 and later, the issue is resolvable via a configuration setting mentioned in the support article. + reference: + - https://tenable.com/security/research/tra-2022-30 + - https://support.posit.co/hc/en-us/articles/10983374992023-CVE-2022-38131-configuration-issue-in-Posit-Connect + - https://github.com/JoshuaMart/JoshuaMart classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-38131 cwe-id: CWE-601 - cpe: cpe:2.3:a:rstudio:connect:*:*:*:*:*:*:*:* epss-score: 0.0006 epss-percentile: 0.23591 + cpe: cpe:2.3:a:rstudio:connect:*:*:*:*:*:*:*:* metadata: + verified: true + max-request: 1 + vendor: rstudio product: connect shodan-query: "http.favicon.hash:217119619" fofa-query: "app=\"RStudio-Connect\"" - max-request: 1 - verified: true - vendor: rstudio tags: tenable,cve,cve2022,redirect,rstudio http: diff --git a/http/cves/2022/CVE-2022-38463.yaml b/http/cves/2022/CVE-2022-38463.yaml index 93a53cce2d..87cdff6231 100644 --- a/http/cves/2022/CVE-2022-38463.yaml +++ b/http/cves/2022/CVE-2022-38463.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-38463 cwe-id: CWE-79 - epss-score: 0.00141 - epss-percentile: 0.49842 + epss-score: 0.00174 + epss-percentile: 0.53646 cpe: cpe:2.3:a:servicenow:servicenow:san_diego:patch_4:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-38467.yaml b/http/cves/2022/CVE-2022-38467.yaml index 56505982ce..5c7395b497 100644 --- a/http/cves/2022/CVE-2022-38467.yaml +++ b/http/cves/2022/CVE-2022-38467.yaml @@ -14,13 +14,14 @@ info: - https://wordpress.org/plugins/crm-perks-forms/ - https://nvd.nist.gov/vuln/detail/CVE-2022-38467 - https://patchstack.com/database/vulnerability/crm-perks-forms/wordpress-crm-perks-forms-plugin-1-1-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-38467 cwe-id: CWE-79 - epss-score: 0.00074 - epss-percentile: 0.30453 + epss-score: 0.00092 + epss-percentile: 0.37951 cpe: cpe:2.3:a:crmperks:crm_perks_forms:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-38637.yaml b/http/cves/2022/CVE-2022-38637.yaml index 6a30e273fd..2227d45a29 100644 --- a/http/cves/2022/CVE-2022-38637.yaml +++ b/http/cves/2022/CVE-2022-38637.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-38637 cwe-id: CWE-89 - epss-score: 0.01367 - epss-percentile: 0.84869 + epss-score: 0.01231 + epss-percentile: 0.85126 cpe: cpe:2.3:a:hospital_management_system_project:hospital_management_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-38870.yaml b/http/cves/2022/CVE-2022-38870.yaml index 9841808a7d..dfee9546a1 100644 --- a/http/cves/2022/CVE-2022-38870.yaml +++ b/http/cves/2022/CVE-2022-38870.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-38870 cwe-id: CWE-306 epss-score: 0.01064 - epss-percentile: 0.82602 + epss-percentile: 0.83839 cpe: cpe:2.3:a:free5gc:free5gc:3.2.1:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-39195.yaml b/http/cves/2022/CVE-2022-39195.yaml index 6b83b6f55c..39ef9ee18d 100644 --- a/http/cves/2022/CVE-2022-39195.yaml +++ b/http/cves/2022/CVE-2022-39195.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-39195 cwe-id: CWE-79 - epss-score: 0.00174 - epss-percentile: 0.54613 + epss-score: 0.00211 + epss-percentile: 0.58386 cpe: cpe:2.3:a:lsoft:listserv:17.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-3933.yaml b/http/cves/2022/CVE-2022-3933.yaml index 2f19fd3516..84f79c3436 100644 --- a/http/cves/2022/CVE-2022-3933.yaml +++ b/http/cves/2022/CVE-2022-3933.yaml @@ -14,13 +14,14 @@ info: - https://wordpress.org/plugins/essential-real-estate/advanced/ - https://nvd.nist.gov/vuln/detail/CVE-2022-3933 - https://github.com/ARPSyndicate/cvemon + - https://github.com/cyllective/CVEs classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N cvss-score: 5.4 cve-id: CVE-2022-3933 cwe-id: CWE-79 epss-score: 0.00092 - epss-percentile: 0.38676 + epss-percentile: 0.37956 cpe: cpe:2.3:a:g5theme:essential_real_estate:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-3934.yaml b/http/cves/2022/CVE-2022-3934.yaml index f42144ee5e..ce8a4e4e84 100644 --- a/http/cves/2022/CVE-2022-3934.yaml +++ b/http/cves/2022/CVE-2022-3934.yaml @@ -14,13 +14,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2022-3934 - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/ARPSyndicate/cvemon + - https://github.com/cyllective/CVEs classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N cvss-score: 5.4 cve-id: CVE-2022-3934 cwe-id: CWE-79 epss-score: 0.00092 - epss-percentile: 0.38676 + epss-percentile: 0.37956 cpe: cpe:2.3:a:mehanoid:flat_pm:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-3980.yaml b/http/cves/2022/CVE-2022-3980.yaml index 092591d06f..94abdbb8a4 100644 --- a/http/cves/2022/CVE-2022-3980.yaml +++ b/http/cves/2022/CVE-2022-3980.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2022-3980 cwe-id: CWE-611 epss-score: 0.49036 - epss-percentile: 0.97217 + epss-percentile: 0.97431 cpe: cpe:2.3:a:sophos:mobile:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-3982.yaml b/http/cves/2022/CVE-2022-3982.yaml index 8c652ce655..8a1274eb2b 100644 --- a/http/cves/2022/CVE-2022-3982.yaml +++ b/http/cves/2022/CVE-2022-3982.yaml @@ -13,13 +13,14 @@ info: - https://wpscan.com/vulnerability/4d91f3e1-4de9-46c1-b5ba-cc55b7726867 - https://wordpress.org/plugins/booking-calendar/ - https://nvd.nist.gov/vuln/detail/CVE-2022-3982 + - https://github.com/cyllective/CVEs classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-3982 cwe-id: CWE-434 - epss-score: 0.15593 - epss-percentile: 0.9539 + epss-score: 0.20211 + epss-percentile: 0.96236 cpe: cpe:2.3:a:wpdevart:booking_calendar:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-39952.yaml b/http/cves/2022/CVE-2022-39952.yaml index 5bf32b9643..6fc769671a 100644 --- a/http/cves/2022/CVE-2022-39952.yaml +++ b/http/cves/2022/CVE-2022-39952.yaml @@ -14,13 +14,14 @@ info: - https://www.horizon3.ai/fortinet-fortinac-cve-2022-39952-deep-dive-and-iocs/ - https://github.com/horizon3ai/CVE-2022-39952 - https://nvd.nist.gov/vuln/detail/CVE-2022-39952 + - https://github.com/1f3lse/taiE classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-39952 cwe-id: CWE-668,CWE-73 - epss-score: 0.87247 - epss-percentile: 0.98369 + epss-score: 0.96445 + epss-percentile: 0.99548 cpe: cpe:2.3:a:fortinet:fortinac:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-39986.yaml b/http/cves/2022/CVE-2022-39986.yaml index fcb08ca48d..99145e6283 100644 --- a/http/cves/2022/CVE-2022-39986.yaml +++ b/http/cves/2022/CVE-2022-39986.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-39986 cwe-id: CWE-77 - epss-score: 0.8322 - epss-percentile: 0.98189 + epss-score: 0.87977 + epss-percentile: 0.98588 cpe: cpe:2.3:a:raspap:raspap:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-40022.yaml b/http/cves/2022/CVE-2022-40022.yaml index a531b249ed..24fedbdf6c 100644 --- a/http/cves/2022/CVE-2022-40022.yaml +++ b/http/cves/2022/CVE-2022-40022.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-40022 cwe-id: CWE-77 - epss-score: 0.82544 - epss-percentile: 0.98138 + epss-score: 0.82869 + epss-percentile: 0.98341 cpe: cpe:2.3:o:microchip:syncserver_s650_firmware:-:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2022/CVE-2022-40047.yaml b/http/cves/2022/CVE-2022-40047.yaml index d82a970946..44d7324af3 100644 --- a/http/cves/2022/CVE-2022-40047.yaml +++ b/http/cves/2022/CVE-2022-40047.yaml @@ -16,7 +16,7 @@ info: cve-id: CVE-2022-40047 cwe-id: CWE-79 epss-score: 0.00535 - epss-percentile: 0.74743 + epss-percentile: 0.76696 cpe: cpe:2.3:a:flatpress:flatpress:1.2.1:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-40127.yaml b/http/cves/2022/CVE-2022-40127.yaml index 6853799254..ab415c2dbd 100644 --- a/http/cves/2022/CVE-2022-40127.yaml +++ b/http/cves/2022/CVE-2022-40127.yaml @@ -21,8 +21,8 @@ info: cvss-score: 8.8 cve-id: CVE-2022-40127 cwe-id: CWE-94 - epss-score: 0.156 - epss-percentile: 0.95426 + epss-score: 0.28782 + epss-percentile: 0.96752 cpe: cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-40359.yaml b/http/cves/2022/CVE-2022-40359.yaml index aded7eda78..0a6207336a 100644 --- a/http/cves/2022/CVE-2022-40359.yaml +++ b/http/cves/2022/CVE-2022-40359.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-40359 cwe-id: CWE-79 - epss-score: 0.00109 - epss-percentile: 0.43825 + epss-score: 0.00129 + epss-percentile: 0.46796 cpe: cpe:2.3:a:kfm_project:kfm:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-4049.yaml b/http/cves/2022/CVE-2022-4049.yaml index 19fd815ff2..f8cd964454 100644 --- a/http/cves/2022/CVE-2022-4049.yaml +++ b/http/cves/2022/CVE-2022-4049.yaml @@ -10,13 +10,14 @@ info: - https://wpscan.com/vulnerability/9b0781e2-ad62-4308-bafc-d45b9a2472be - https://wordpress.org/plugins/wp-user/ - https://nvd.nist.gov/vuln/detail/CVE-2022-4049 + - https://github.com/cyllective/CVEs classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-4049 cwe-id: CWE-89 - epss-score: 0.03472 - epss-percentile: 0.9061 + epss-score: 0.04217 + epss-percentile: 0.92045 cpe: cpe:2.3:a:wp_user_project:wp_user:*:*:*:*:*:wordpress:*:* metadata: verified: "true" diff --git a/http/cves/2022/CVE-2022-4050.yaml b/http/cves/2022/CVE-2022-4050.yaml index e09635755e..b0a873058b 100644 --- a/http/cves/2022/CVE-2022-4050.yaml +++ b/http/cves/2022/CVE-2022-4050.yaml @@ -14,13 +14,15 @@ info: - https://wpscan.com/vulnerability/5c96bb40-4c2d-4e91-8339-e0ddce25912f - https://wordpress.org/plugins/joomsport-sports-league-results-management/ - https://nvd.nist.gov/vuln/detail/CVE-2022-4050 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/cyllective/CVEs classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-4050 cwe-id: CWE-89 - epss-score: 0.03472 - epss-percentile: 0.90572 + epss-score: 0.04713 + epss-percentile: 0.9246 cpe: cpe:2.3:a:beardev:joomsport:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-4060.yaml b/http/cves/2022/CVE-2022-4060.yaml index fbad4bd075..6f3ee7f1b6 100644 --- a/http/cves/2022/CVE-2022-4060.yaml +++ b/http/cves/2022/CVE-2022-4060.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-4060 cwe-id: CWE-94 - epss-score: 0.02591 - epss-percentile: 0.8921 + epss-score: 0.03753 + epss-percentile: 0.91618 cpe: cpe:2.3:a:odude:user_post_gallery:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-4063.yaml b/http/cves/2022/CVE-2022-4063.yaml index dfdc0d6ee9..1dd30570c2 100644 --- a/http/cves/2022/CVE-2022-4063.yaml +++ b/http/cves/2022/CVE-2022-4063.yaml @@ -13,13 +13,15 @@ info: - https://wpscan.com/vulnerability/6bb07ec1-f1aa-4f4b-9717-c92f651a90a7 - https://wordpress.org/plugins/inpost-gallery/ - https://nvd.nist.gov/vuln/detail/CVE-2022-4063 + - https://github.com/cyllective/CVEs + - https://github.com/im-hanzou/INPGer classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-4063 cwe-id: CWE-22 - epss-score: 0.02826 - epss-percentile: 0.89619 + epss-score: 0.04425 + epss-percentile: 0.92213 cpe: cpe:2.3:a:pluginus:inpost_gallery:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-40684.yaml b/http/cves/2022/CVE-2022-40684.yaml index b9c39012a1..04902b17dc 100644 --- a/http/cves/2022/CVE-2022-40684.yaml +++ b/http/cves/2022/CVE-2022-40684.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-40684 cwe-id: CWE-287 - epss-score: 0.95976 - epss-percentile: 0.99351 + epss-score: 0.97217 + epss-percentile: 0.99817 cpe: cpe:2.3:a:fortinet:fortiproxy:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2022/CVE-2022-40843.yaml b/http/cves/2022/CVE-2022-40843.yaml index 9d254657f7..091199576c 100644 --- a/http/cves/2022/CVE-2022-40843.yaml +++ b/http/cves/2022/CVE-2022-40843.yaml @@ -18,8 +18,8 @@ info: cvss-score: 4.9 cve-id: CVE-2022-40843 cwe-id: CWE-287 - epss-score: 0.33771 - epss-percentile: 0.96664 + epss-score: 0.40937 + epss-percentile: 0.97197 cpe: cpe:2.3:o:tenda:w15e_firmware:15.11.0.10\(1576\):*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2022/CVE-2022-40879.yaml b/http/cves/2022/CVE-2022-40879.yaml index 140014c461..a97e64ad66 100644 --- a/http/cves/2022/CVE-2022-40879.yaml +++ b/http/cves/2022/CVE-2022-40879.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-40879 cwe-id: CWE-79 - epss-score: 0.01051 - epss-percentile: 0.82456 + epss-score: 0.03708 + epss-percentile: 0.91567 cpe: cpe:2.3:a:keking:kkfileview:4.1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-4117.yaml b/http/cves/2022/CVE-2022-4117.yaml index 8a0af32794..f4fcaa036e 100644 --- a/http/cves/2022/CVE-2022-4117.yaml +++ b/http/cves/2022/CVE-2022-4117.yaml @@ -14,13 +14,15 @@ info: - https://wpscan.com/vulnerability/1fac3eb4-13c0-442d-b27c-7b7736208193 - https://wordpress.org/plugins/iws-geo-form-fields/ - https://nvd.nist.gov/vuln/detail/CVE-2022-4117 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/cyllective/CVEs classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-4117 cwe-id: CWE-89 - epss-score: 0.03182 - epss-percentile: 0.90165 + epss-score: 0.03413 + epss-percentile: 0.9123 cpe: cpe:2.3:a:iws-geo-form-fields_project:iws-geo-form-fields:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-41441.yaml b/http/cves/2022/CVE-2022-41441.yaml index 544c64309f..aa1bd7857a 100644 --- a/http/cves/2022/CVE-2022-41441.yaml +++ b/http/cves/2022/CVE-2022-41441.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-41441 cwe-id: CWE-79 - epss-score: 0.00108 - epss-percentile: 0.43362 + epss-score: 0.00155 + epss-percentile: 0.5093 cpe: cpe:2.3:a:reqlogic:reqlogic:11.3:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-41473.yaml b/http/cves/2022/CVE-2022-41473.yaml index ca0cc5bdc8..0b79a264a1 100644 --- a/http/cves/2022/CVE-2022-41473.yaml +++ b/http/cves/2022/CVE-2022-41473.yaml @@ -13,13 +13,16 @@ info: reference: - https://github.com/ralap-z/rpcms/issues/1 - https://nvd.nist.gov/vuln/detail/CVE-2022-41473 + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/Henry4E36/POCS + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-41473 cwe-id: CWE-79 - epss-score: 0.02818 - epss-percentile: 0.89607 + epss-score: 0.012 + epss-percentile: 0.84884 cpe: cpe:2.3:a:rpcms:rpcms:3.0.2:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-42094.yaml b/http/cves/2022/CVE-2022-42094.yaml index 86c571ea67..3a3cb63e7b 100644 --- a/http/cves/2022/CVE-2022-42094.yaml +++ b/http/cves/2022/CVE-2022-42094.yaml @@ -15,13 +15,14 @@ info: - https://github.com/bypazs/CVE-2022-42094 - https://nvd.nist.gov/vuln/detail/CVE-2022-42094 - https://backdropcms.org + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N cvss-score: 4.8 cve-id: CVE-2022-42094 cwe-id: CWE-79 - epss-score: 0.00283 - epss-percentile: 0.65254 + epss-score: 0.0071 + epss-percentile: 0.80039 cpe: cpe:2.3:a:backdropcms:backdrop:1.23.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-4260.yaml b/http/cves/2022/CVE-2022-4260.yaml index 088e7e39b0..c25676de33 100644 --- a/http/cves/2022/CVE-2022-4260.yaml +++ b/http/cves/2022/CVE-2022-4260.yaml @@ -13,13 +13,14 @@ info: - https://wpscan.com/vulnerability/d0cf24be-df87-4e1f-aae7-e9684c88e7db - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4260 - https://drive.google.com/file/d/11nQ21cQ9irajYqNqsQtNrLJOkeRcwCXn/view?usp=drivesdk + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N cvss-score: 4.8 cve-id: CVE-2022-4260 cwe-id: CWE-79 epss-score: 0.00092 - epss-percentile: 0.38897 + epss-percentile: 0.38207 cpe: cpe:2.3:a:wp-ban_project:wp-ban:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-42746.yaml b/http/cves/2022/CVE-2022-42746.yaml index 6aab5f3b7f..93f7116ec9 100644 --- a/http/cves/2022/CVE-2022-42746.yaml +++ b/http/cves/2022/CVE-2022-42746.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-42746 cwe-id: CWE-79 epss-score: 0.00109 - epss-percentile: 0.43585 + epss-percentile: 0.42811 cpe: cpe:2.3:a:auieo:candidats:3.0.0:-:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-42748.yaml b/http/cves/2022/CVE-2022-42748.yaml index 8b155d63ef..e53ab59af2 100644 --- a/http/cves/2022/CVE-2022-42748.yaml +++ b/http/cves/2022/CVE-2022-42748.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2022-42748 cwe-id: CWE-79 epss-score: 0.00109 - epss-percentile: 0.43585 + epss-percentile: 0.42811 cpe: cpe:2.3:a:auieo:candidats:3.0.0:-:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-42749.yaml b/http/cves/2022/CVE-2022-42749.yaml index 5b4064d4f2..b3860a1e31 100644 --- a/http/cves/2022/CVE-2022-42749.yaml +++ b/http/cves/2022/CVE-2022-42749.yaml @@ -15,13 +15,14 @@ info: - https://fluidattacks.com/advisories/jcole/ - https://candidats.net/ - https://nvd.nist.gov/vuln/detail/CVE-2022-42749 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-42749 cwe-id: CWE-79 epss-score: 0.00109 - epss-percentile: 0.43507 + epss-percentile: 0.42811 cpe: cpe:2.3:a:auieo:candidats:3.0.0:-:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-4301.yaml b/http/cves/2022/CVE-2022-4301.yaml index 364dd76da4..caebfb868a 100644 --- a/http/cves/2022/CVE-2022-4301.yaml +++ b/http/cves/2022/CVE-2022-4301.yaml @@ -12,13 +12,16 @@ info: reference: - https://wpscan.com/vulnerability/a8dca528-fb70-44f3-8149-21385039179d - https://nvd.nist.gov/vuln/detail/CVE-2022-4301 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/cyllective/CVEs classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-4301 cwe-id: CWE-79 - epss-score: 0.00078 - epss-percentile: 0.32657 + epss-score: 0.00119 + epss-percentile: 0.45193 cpe: cpe:2.3:a:sunshinephotocart:sunshine_photo_cart:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-43014.yaml b/http/cves/2022/CVE-2022-43014.yaml index 5a096f2b0e..67f9ca10d3 100644 --- a/http/cves/2022/CVE-2022-43014.yaml +++ b/http/cves/2022/CVE-2022-43014.yaml @@ -13,13 +13,16 @@ info: reference: - https://github.com/hansmach1ne/opencats_zero-days/blob/main/XSS_in_joborderID.md - https://nvd.nist.gov/vuln/detail/CVE-2022-43014 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/Henry4E36/POCS classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-43014 cwe-id: CWE-79 epss-score: 0.00099 - epss-percentile: 0.40565 + epss-percentile: 0.39871 cpe: cpe:2.3:a:opencats:opencats:0.9.6:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-43015.yaml b/http/cves/2022/CVE-2022-43015.yaml index 964d615c61..c21d20e83b 100644 --- a/http/cves/2022/CVE-2022-43015.yaml +++ b/http/cves/2022/CVE-2022-43015.yaml @@ -13,13 +13,16 @@ info: reference: - https://github.com/hansmach1ne/opencats_zero-days/blob/main/XSS_in_entriesPerPage.md - https://nvd.nist.gov/vuln/detail/CVE-2022-43015 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/Henry4E36/POCS classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-43015 cwe-id: CWE-79 epss-score: 0.00099 - epss-percentile: 0.40565 + epss-percentile: 0.39871 cpe: cpe:2.3:a:opencats:opencats:0.9.6:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-43016.yaml b/http/cves/2022/CVE-2022-43016.yaml index c9d16375c9..aca53ba486 100644 --- a/http/cves/2022/CVE-2022-43016.yaml +++ b/http/cves/2022/CVE-2022-43016.yaml @@ -13,13 +13,16 @@ info: reference: - https://github.com/hansmach1ne/opencats_zero-days/blob/main/XSS_in_callback.md - https://nvd.nist.gov/vuln/detail/CVE-2022-43016 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/Henry4E36/POCS classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-43016 cwe-id: CWE-79 epss-score: 0.00099 - epss-percentile: 0.40565 + epss-percentile: 0.39871 cpe: cpe:2.3:a:opencats:opencats:0.9.6:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-4305.yaml b/http/cves/2022/CVE-2022-4305.yaml index ba0a664a4a..2fa1e8b470 100644 --- a/http/cves/2022/CVE-2022-4305.yaml +++ b/http/cves/2022/CVE-2022-4305.yaml @@ -10,13 +10,14 @@ info: reference: - https://wpscan.com/vulnerability/286d972d-7bda-455c-a226-fd9ce5f925bd - https://nvd.nist.gov/vuln/detail/CVE-2022-4305 + - https://github.com/cyllective/CVEs classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-4305 cwe-id: CWE-269 - epss-score: 0.03628 - epss-percentile: 0.90786 + epss-score: 0.04963 + epss-percentile: 0.92644 cpe: cpe:2.3:a:wp-buy:login_as_user_or_customer_\(user_switching\):*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-4306.yaml b/http/cves/2022/CVE-2022-4306.yaml index 29262d6995..c7fb80ac93 100644 --- a/http/cves/2022/CVE-2022-4306.yaml +++ b/http/cves/2022/CVE-2022-4306.yaml @@ -14,13 +14,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2022-4306 - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates + - https://github.com/cyllective/CVEs classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N cvss-score: 5.4 cve-id: CVE-2022-4306 cwe-id: CWE-79 - epss-score: 0.00086 - epss-percentile: 0.35637 + epss-score: 0.00092 + epss-percentile: 0.37956 cpe: cpe:2.3:a:panda_pods_repeater_field_project:panda_pods_repeater_field:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-43165.yaml b/http/cves/2022/CVE-2022-43165.yaml index 735f2e5f81..5db31667c9 100644 --- a/http/cves/2022/CVE-2022-43165.yaml +++ b/http/cves/2022/CVE-2022-43165.yaml @@ -19,8 +19,8 @@ info: cvss-score: 5.4 cve-id: CVE-2022-43165 cwe-id: CWE-79 - epss-score: 0.003 - epss-percentile: 0.66367 + epss-score: 0.00197 + epss-percentile: 0.56575 cpe: cpe:2.3:a:rukovoditel:rukovoditel:3.2.1:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-43166.yaml b/http/cves/2022/CVE-2022-43166.yaml index e396645b12..b919211b7a 100644 --- a/http/cves/2022/CVE-2022-43166.yaml +++ b/http/cves/2022/CVE-2022-43166.yaml @@ -19,8 +19,8 @@ info: cvss-score: 5.4 cve-id: CVE-2022-43166 cwe-id: CWE-79 - epss-score: 0.003 - epss-percentile: 0.66367 + epss-score: 0.00197 + epss-percentile: 0.56575 cpe: cpe:2.3:a:rukovoditel:rukovoditel:3.2.1:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-43167.yaml b/http/cves/2022/CVE-2022-43167.yaml index 41b7b2ed83..be541f4b7f 100644 --- a/http/cves/2022/CVE-2022-43167.yaml +++ b/http/cves/2022/CVE-2022-43167.yaml @@ -19,8 +19,8 @@ info: cvss-score: 5.4 cve-id: CVE-2022-43167 cwe-id: CWE-79 - epss-score: 0.00211 - epss-percentile: 0.5896 + epss-score: 0.00197 + epss-percentile: 0.56575 cpe: cpe:2.3:a:rukovoditel:rukovoditel:3.2.1:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2022/CVE-2022-44290.yaml b/http/cves/2022/CVE-2022-44290.yaml index f26da23f0c..87abba2381 100644 --- a/http/cves/2022/CVE-2022-44290.yaml +++ b/http/cves/2022/CVE-2022-44290.yaml @@ -16,8 +16,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-44290 cwe-id: CWE-89 - epss-score: 0.01189 - epss-percentile: 0.83631 + epss-score: 0.01336 + epss-percentile: 0.8578 cpe: cpe:2.3:a:webtareas_project:webtareas:2.4:p5:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-44291.yaml b/http/cves/2022/CVE-2022-44291.yaml index ccbe6d9a22..6876a33843 100644 --- a/http/cves/2022/CVE-2022-44291.yaml +++ b/http/cves/2022/CVE-2022-44291.yaml @@ -16,8 +16,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-44291 cwe-id: CWE-89 - epss-score: 0.01189 - epss-percentile: 0.83572 + epss-score: 0.01336 + epss-percentile: 0.8578 cpe: cpe:2.3:a:webtareas_project:webtareas:2.4:p5:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-44877.yaml b/http/cves/2022/CVE-2022-44877.yaml index 5e0a0b29ed..b549e2ab26 100644 --- a/http/cves/2022/CVE-2022-44877.yaml +++ b/http/cves/2022/CVE-2022-44877.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-44877 cwe-id: CWE-78 - epss-score: 0.97451 - epss-percentile: 0.9995 + epss-score: 0.97427 + epss-percentile: 0.99935 cpe: cpe:2.3:a:control-webpanel:webpanel:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-44944.yaml b/http/cves/2022/CVE-2022-44944.yaml index db95aefdb1..d4772b290a 100644 --- a/http/cves/2022/CVE-2022-44944.yaml +++ b/http/cves/2022/CVE-2022-44944.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-44944 cwe-id: CWE-79 epss-score: 0.00091 - epss-percentile: 0.38539 + epss-percentile: 0.37842 cpe: cpe:2.3:a:rukovoditel:rukovoditel:3.2.1:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-44949.yaml b/http/cves/2022/CVE-2022-44949.yaml index 282b66f29b..d5c25b47bb 100644 --- a/http/cves/2022/CVE-2022-44949.yaml +++ b/http/cves/2022/CVE-2022-44949.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-44949 cwe-id: CWE-79 epss-score: 0.00091 - epss-percentile: 0.38514 + epss-percentile: 0.37842 cpe: cpe:2.3:a:rukovoditel:rukovoditel:3.2.1:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-44950.yaml b/http/cves/2022/CVE-2022-44950.yaml index 774f9f08c1..0cbca36dbe 100644 --- a/http/cves/2022/CVE-2022-44950.yaml +++ b/http/cves/2022/CVE-2022-44950.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-44950 cwe-id: CWE-79 epss-score: 0.00091 - epss-percentile: 0.38539 + epss-percentile: 0.37842 cpe: cpe:2.3:a:rukovoditel:rukovoditel:3.2.1:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-44951.yaml b/http/cves/2022/CVE-2022-44951.yaml index dea3bd7f0f..1ddb530ce5 100644 --- a/http/cves/2022/CVE-2022-44951.yaml +++ b/http/cves/2022/CVE-2022-44951.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-44951 cwe-id: CWE-79 epss-score: 0.00091 - epss-percentile: 0.38539 + epss-percentile: 0.37842 cpe: cpe:2.3:a:rukovoditel:rukovoditel:3.2.1:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-44952.yaml b/http/cves/2022/CVE-2022-44952.yaml index 26805a0bce..b0385a0a8c 100644 --- a/http/cves/2022/CVE-2022-44952.yaml +++ b/http/cves/2022/CVE-2022-44952.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2022-44952 cwe-id: CWE-79 epss-score: 0.07295 - epss-percentile: 0.9342 + epss-percentile: 0.93905 cpe: cpe:2.3:a:rukovoditel:rukovoditel:3.2.1:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-44957.yaml b/http/cves/2022/CVE-2022-44957.yaml index edb4ba8980..4d60d21c69 100644 --- a/http/cves/2022/CVE-2022-44957.yaml +++ b/http/cves/2022/CVE-2022-44957.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2022-44957 cwe-id: CWE-79 epss-score: 0.00091 - epss-percentile: 0.38539 + epss-percentile: 0.37842 cpe: cpe:2.3:a:webtareas_project:webtareas:2.4:p5:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-45037.yaml b/http/cves/2022/CVE-2022-45037.yaml index f819f5641d..aba6f158f0 100644 --- a/http/cves/2022/CVE-2022-45037.yaml +++ b/http/cves/2022/CVE-2022-45037.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2022-45037 cwe-id: CWE-79 epss-score: 0.00092 - epss-percentile: 0.38648 + epss-percentile: 0.37956 cpe: cpe:2.3:a:wbce:wbce_cms:1.5.4:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-45038.yaml b/http/cves/2022/CVE-2022-45038.yaml index 60006bdfee..479dc6feb6 100644 --- a/http/cves/2022/CVE-2022-45038.yaml +++ b/http/cves/2022/CVE-2022-45038.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2022-45038 cwe-id: CWE-79 epss-score: 0.00092 - epss-percentile: 0.38648 + epss-percentile: 0.37956 cpe: cpe:2.3:a:wbce:wbce_cms:1.5.4:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-45354.yaml b/http/cves/2022/CVE-2022-45354.yaml index 8d29739aaf..8f8c43b76f 100644 --- a/http/cves/2022/CVE-2022-45354.yaml +++ b/http/cves/2022/CVE-2022-45354.yaml @@ -14,12 +14,13 @@ info: - https://github.com/RandomRobbieBF/CVE-2022-45354 - https://wordpress.org/plugins/download-monitor/ - https://patchstack.com/database/vulnerability/download-monitor/wordpress-download-monitor-plugin-4-7-60-sensitive-data-exposure-vulnerability?_s_id=cve + - https://github.com/nomi-sec/PoC-in-GitHub classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2022-45354 - epss-score: 0.00553 - epss-percentile: 0.75108 + epss-score: 0.00408 + epss-percentile: 0.73349 cpe: cpe:2.3:a:wpchill:download_monitor:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-45365.yaml b/http/cves/2022/CVE-2022-45365.yaml index 1f5bbb6e66..0454ac33b4 100644 --- a/http/cves/2022/CVE-2022-45365.yaml +++ b/http/cves/2022/CVE-2022-45365.yaml @@ -18,8 +18,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-45365 cwe-id: CWE-79 - epss-score: 0.00096 - epss-percentile: 0.39872 + epss-score: 0.00064 + epss-percentile: 0.26193 cpe: cpe:2.3:a:urosevic:stock_ticker:*:*:*:*:*:wordpress:*:* metadata: verified: "true" diff --git a/http/cves/2022/CVE-2022-45805.yaml b/http/cves/2022/CVE-2022-45805.yaml index 66aefcecd0..2cda9505b5 100644 --- a/http/cves/2022/CVE-2022-45805.yaml +++ b/http/cves/2022/CVE-2022-45805.yaml @@ -14,13 +14,14 @@ info: - https://wordpress.org/plugins/paytm-payments/ - https://nvd.nist.gov/vuln/detail/CVE-2022-45805 - https://patchstack.com/database/vulnerability/paytm-payments/wordpress-paytm-payment-gateway-plugin-2-7-3-auth-sql-injection-sqli-vulnerability?_s_id=cve + - https://github.com/ARPSyndicate/kenzer-templates classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-45805 cwe-id: CWE-89 - epss-score: 0.00403 - epss-percentile: 0.70919 + epss-score: 0.00486 + epss-percentile: 0.75524 cpe: cpe:2.3:a:paytm:payment_gateway:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-45835.yaml b/http/cves/2022/CVE-2022-45835.yaml index a784381b6e..ce04fe0886 100644 --- a/http/cves/2022/CVE-2022-45835.yaml +++ b/http/cves/2022/CVE-2022-45835.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.5 cve-id: CVE-2022-45835 cwe-id: CWE-918 - epss-score: 0.00404 - epss-percentile: 0.70943 + epss-score: 0.00359 + epss-percentile: 0.71627 cpe: cpe:2.3:a:phonepe:phonepe:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-45933.yaml b/http/cves/2022/CVE-2022-45933.yaml index 8dd6ccadbb..30f12a225d 100644 --- a/http/cves/2022/CVE-2022-45933.yaml +++ b/http/cves/2022/CVE-2022-45933.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-45933 cwe-id: CWE-306 - epss-score: 0.00808 - epss-percentile: 0.79889 + epss-score: 0.00908 + epss-percentile: 0.82406 cpe: cpe:2.3:a:kubeview_project:kubeview:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-46020.yaml b/http/cves/2022/CVE-2022-46020.yaml index 7e172bfe12..5f6fdc0e26 100644 --- a/http/cves/2022/CVE-2022-46020.yaml +++ b/http/cves/2022/CVE-2022-46020.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-46020 cwe-id: CWE-434 - epss-score: 0.01665 - epss-percentile: 0.86271 + epss-score: 0.02743 + epss-percentile: 0.90317 cpe: cpe:2.3:a:wbce:wbce_cms:1.5.4:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-46071.yaml b/http/cves/2022/CVE-2022-46071.yaml index aaf540360b..e13c760120 100644 --- a/http/cves/2022/CVE-2022-46071.yaml +++ b/http/cves/2022/CVE-2022-46071.yaml @@ -18,8 +18,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-46071 cwe-id: CWE-89 - epss-score: 0.01295 - epss-percentile: 0.84411 + epss-score: 0.01454 + epss-percentile: 0.86393 cpe: cpe:2.3:a:helmet_store_showroom_site_project:helmet_store_showroom_site:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-46073.yaml b/http/cves/2022/CVE-2022-46073.yaml index 098928a9dd..fd2e640292 100644 --- a/http/cves/2022/CVE-2022-46073.yaml +++ b/http/cves/2022/CVE-2022-46073.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-46073 cwe-id: CWE-79 - epss-score: 0.00086 - epss-percentile: 0.35505 + epss-score: 0.00094 + epss-percentile: 0.38558 cpe: cpe:2.3:a:helmet_store_showroom_project:helmet_store_showroom:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-46169.yaml b/http/cves/2022/CVE-2022-46169.yaml index be0a574916..739fe38250 100644 --- a/http/cves/2022/CVE-2022-46169.yaml +++ b/http/cves/2022/CVE-2022-46169.yaml @@ -20,9 +20,9 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-46169 - cwe-id: CWE-74,CWE-78 - epss-score: 0.9654 - epss-percentile: 0.99515 + cwe-id: CWE-78,CWE-74 + epss-score: 0.96526 + epss-percentile: 0.9958 cpe: cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-46381.yaml b/http/cves/2022/CVE-2022-46381.yaml index 71dcdb4f21..3676dde431 100644 --- a/http/cves/2022/CVE-2022-46381.yaml +++ b/http/cves/2022/CVE-2022-46381.yaml @@ -14,13 +14,15 @@ info: - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46381 - https://github.com/omarhashem123/Security-Research/blob/main/CVE-2022-46381/CVE-2022-46381.txt - https://nvd.nist.gov/vuln/detail/CVE-2022-46381 + - https://github.com/amitlttwo/CVE-2022-46381 + - https://github.com/k0mi-tg/CVE-POC classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2022-46381 cwe-id: CWE-79 - epss-score: 0.001 - epss-percentile: 0.40788 + epss-score: 0.00099 + epss-percentile: 0.39871 cpe: cpe:2.3:o:niceforyou:linear_emerge_e3_access_control_firmware:0.32-07e:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-46443.yaml b/http/cves/2022/CVE-2022-46443.yaml index e6974c118b..4cf6713209 100644 --- a/http/cves/2022/CVE-2022-46443.yaml +++ b/http/cves/2022/CVE-2022-46443.yaml @@ -13,13 +13,14 @@ info: reference: - https://yuyudhn.github.io/CVE-2022-46443/ - https://nvd.nist.gov/vuln/detail/CVE-2022-46443 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.8 cve-id: CVE-2022-46443 cwe-id: CWE-89 - epss-score: 0.0501 - epss-percentile: 0.92086 + epss-score: 0.05592 + epss-percentile: 0.93095 cpe: cpe:2.3:a:bangresto_project:bangresto:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-46463.yaml b/http/cves/2022/CVE-2022-46463.yaml index cf808c9275..0f51e26e8f 100644 --- a/http/cves/2022/CVE-2022-46463.yaml +++ b/http/cves/2022/CVE-2022-46463.yaml @@ -15,13 +15,14 @@ info: - https://github.com/Vad1mo - https://github.com/lanqingaa/123/blob/main/README.md - https://github.com/lanqingaa/123/tree/bb48caa844d88b0e41e69157f2a2734311abf02d + - https://github.com/lanqingaa/123 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2022-46463 cwe-id: CWE-306 - epss-score: 0.00995 - epss-percentile: 0.81915 + epss-score: 0.01473 + epss-percentile: 0.86471 cpe: cpe:2.3:a:linuxfoundation:harbor:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-47002.yaml b/http/cves/2022/CVE-2022-47002.yaml index 130418c8ba..f1687f0b4d 100644 --- a/http/cves/2022/CVE-2022-47002.yaml +++ b/http/cves/2022/CVE-2022-47002.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-47002 cwe-id: CWE-863 - epss-score: 0.03466 - epss-percentile: 0.9056 + epss-score: 0.0395 + epss-percentile: 0.91808 cpe: cpe:2.3:a:masacms:masacms:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-47615.yaml b/http/cves/2022/CVE-2022-47615.yaml index b03ae7f1ab..04cffd4753 100644 --- a/http/cves/2022/CVE-2022-47615.yaml +++ b/http/cves/2022/CVE-2022-47615.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2022-47615 cwe-id: CWE-434 - epss-score: 0.00815 - epss-percentile: 0.79954 + epss-score: 0.01111 + epss-percentile: 0.84217 cpe: cpe:2.3:a:thimpress:learnpress:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-47966.yaml b/http/cves/2022/CVE-2022-47966.yaml index 2de59a2339..d9f17e6787 100644 --- a/http/cves/2022/CVE-2022-47966.yaml +++ b/http/cves/2022/CVE-2022-47966.yaml @@ -20,8 +20,8 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2022-47966 - epss-score: 0.97118 - epss-percentile: 0.99747 + epss-score: 0.97422 + epss-percentile: 0.9993 cpe: cpe:2.3:a:zohocorp:manageengine_access_manager_plus:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-48012.yaml b/http/cves/2022/CVE-2022-48012.yaml index fbbf987ed0..e512208648 100644 --- a/http/cves/2022/CVE-2022-48012.yaml +++ b/http/cves/2022/CVE-2022-48012.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-48012 cwe-id: CWE-79 - epss-score: 0.00078 - epss-percentile: 0.32323 + epss-score: 0.00112 + epss-percentile: 0.43742 cpe: cpe:2.3:a:opencats:opencats:0.9.7:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2022/CVE-2022-48197.yaml b/http/cves/2022/CVE-2022-48197.yaml index 535760cf4d..2b4a321722 100644 --- a/http/cves/2022/CVE-2022-48197.yaml +++ b/http/cves/2022/CVE-2022-48197.yaml @@ -18,8 +18,8 @@ info: cvss-score: 6.1 cve-id: CVE-2022-48197 cwe-id: CWE-79 - epss-score: 0.00193 - epss-percentile: 0.57079 + epss-score: 0.0012 + epss-percentile: 0.45243 cpe: cpe:2.3:a:yui_project:yui:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-0126.yaml b/http/cves/2023/CVE-2023-0126.yaml index 36448e078e..06e6ffbe51 100644 --- a/http/cves/2023/CVE-2023-0126.yaml +++ b/http/cves/2023/CVE-2023-0126.yaml @@ -14,13 +14,15 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2023-0126 - https://github.com/advisories/GHSA-mr28-27qx-phg3 - https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0001 + - https://github.com/Gerxnox/One-Liner-Collections + - https://github.com/thecybertix/One-Liner-Collections classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2023-0126 cwe-id: CWE-22 - epss-score: 0.03857 - epss-percentile: 0.91024 + epss-score: 0.34658 + epss-percentile: 0.96997 cpe: cpe:2.3:o:sonicwall:sma1000_firmware:12.4.2:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2023/CVE-2023-0236.yaml b/http/cves/2023/CVE-2023-0236.yaml index e2dfa130d4..26e6594e02 100644 --- a/http/cves/2023/CVE-2023-0236.yaml +++ b/http/cves/2023/CVE-2023-0236.yaml @@ -12,13 +12,14 @@ info: reference: - https://wpscan.com/vulnerability/503835db-426d-4b49-85f7-c9a20d6ff5b8 - https://nvd.nist.gov/vuln/detail/CVE-2023-0236 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2023-0236 cwe-id: CWE-79 - epss-score: 0.00078 - epss-percentile: 0.32657 + epss-score: 0.00119 + epss-percentile: 0.45193 cpe: cpe:2.3:a:themeum:tutor_lms:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-0334.yaml b/http/cves/2023/CVE-2023-0334.yaml index 0afcb684c4..30e4a1049f 100644 --- a/http/cves/2023/CVE-2023-0334.yaml +++ b/http/cves/2023/CVE-2023-0334.yaml @@ -15,8 +15,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-0334 cwe-id: CWE-79 - epss-score: 0.00071 - epss-percentile: 0.29124 + epss-score: 0.001 + epss-percentile: 0.40094 cpe: cpe:2.3:a:shortpixel:shortpixel_adaptive_images:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-0514.yaml b/http/cves/2023/CVE-2023-0514.yaml index 7643acc429..8df794d244 100644 --- a/http/cves/2023/CVE-2023-0514.yaml +++ b/http/cves/2023/CVE-2023-0514.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2023-0514 cwe-id: CWE-79 epss-score: 0.00071 - epss-percentile: 0.29179 + epss-percentile: 0.29003 cpe: cpe:2.3:a:membership_database_project:membership_database:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-0552.yaml b/http/cves/2023/CVE-2023-0552.yaml index d20d4b0419..3dab61cfb1 100644 --- a/http/cves/2023/CVE-2023-0552.yaml +++ b/http/cves/2023/CVE-2023-0552.yaml @@ -16,8 +16,8 @@ info: cvss-score: 5.4 cve-id: CVE-2023-0552 cwe-id: CWE-601 - epss-score: 0.00086 - epss-percentile: 0.34914 + epss-score: 0.00092 + epss-percentile: 0.37956 cpe: cpe:2.3:a:genetechsolutions:pie_register:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-0562.yaml b/http/cves/2023/CVE-2023-0562.yaml index 67401a6a76..cbf69f732a 100644 --- a/http/cves/2023/CVE-2023-0562.yaml +++ b/http/cves/2023/CVE-2023-0562.yaml @@ -14,13 +14,14 @@ info: - https://vuldb.com/?ctiid.219716 - https://nvd.nist.gov/vuln/detail/CVE-2023-0562 - https://vuldb.com/?id.219716 + - https://github.com/ctflearner/ctflearner classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-0562 cwe-id: CWE-89 - epss-score: 0.02592 - epss-percentile: 0.89177 + epss-score: 0.02218 + epss-percentile: 0.89242 cpe: cpe:2.3:a:phpgurukul:bank_locker_management_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-0563.yaml b/http/cves/2023/CVE-2023-0563.yaml index 3ee837241a..b7de462860 100644 --- a/http/cves/2023/CVE-2023-0563.yaml +++ b/http/cves/2023/CVE-2023-0563.yaml @@ -14,13 +14,14 @@ info: - https://vuldb.com/?ctiid.219717 - https://nvd.nist.gov/vuln/detail/CVE-2023-0563 - https://vuldb.com/?id.219717 + - https://github.com/ctflearner/ctflearner classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N cvss-score: 4.8 cve-id: CVE-2023-0563 cwe-id: CWE-79 - epss-score: 0.00354 - epss-percentile: 0.68998 + epss-score: 0.00249 + epss-percentile: 0.64164 cpe: cpe:2.3:a:phpgurukul:bank_locker_management_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-0600.yaml b/http/cves/2023/CVE-2023-0600.yaml index 9dab3cca64..e55c4d4e82 100644 --- a/http/cves/2023/CVE-2023-0600.yaml +++ b/http/cves/2023/CVE-2023-0600.yaml @@ -6,28 +6,28 @@ info: severity: critical description: | The plugin does not escape user input which is concatenated to an SQL query, allowing unauthenticated visitors to conduct SQL Injection attacks. + remediation: Fixed in version 6.9 reference: - https://wpscan.com/vulnerability/8f46df4d-cb80-4d66-846f-85faf2ea0ec4 - https://nvd.nist.gov/vuln/detail/CVE-2023-0600 - remediation: Fixed in version 6.9 + - https://github.com/truocphan/VulnBox classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-0600 cwe-id: CWE-89 + epss-score: 0.02396 + epss-percentile: 0.89644 cpe: cpe:2.3:a:plugins-market:wp_visitor_statistics:*:*:*:*:*:wordpress:*:* - epss-score: 0.03606 - epss-percentile: 0.9066 metadata: - fofa-query: body="wp-stats-manager" - framework: wordpress - max-request: 2 - product: wp_visitor_statistics - public-www: /wp-content/plugins/wp-stats-manager/ - vendor: plugins-market verified: true + max-request: 2 + vendor: plugins-market + product: wp_visitor_statistics + framework: wordpress + fofa-query: body="wp-stats-manager" + public-www: /wp-content/plugins/wp-stats-manager/ tags: cve,cve2023,wp,wp-plugin,wordpress,wpscan,unauth,wp-stats-manager,sqli,plugins-market - variables: str: '{{rand_int(100000, 999999)}}' diff --git a/http/cves/2023/CVE-2023-0669.yaml b/http/cves/2023/CVE-2023-0669.yaml index e57bd24c93..f9e67012c3 100644 --- a/http/cves/2023/CVE-2023-0669.yaml +++ b/http/cves/2023/CVE-2023-0669.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.2 cve-id: CVE-2023-0669 cwe-id: CWE-502 - epss-score: 0.96821 - epss-percentile: 0.99616 + epss-score: 0.96954 + epss-percentile: 0.99709 cpe: cpe:2.3:a:fortra:goanywhere_managed_file_transfer:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-0900.yaml b/http/cves/2023/CVE-2023-0900.yaml index 585e833b8b..296d231971 100644 --- a/http/cves/2023/CVE-2023-0900.yaml +++ b/http/cves/2023/CVE-2023-0900.yaml @@ -15,8 +15,8 @@ info: cvss-score: 7.2 cve-id: CVE-2023-0900 cwe-id: CWE-89 - epss-score: 0.00979 - epss-percentile: 0.81794 + epss-score: 0.00947 + epss-percentile: 0.82798 cpe: cpe:2.3:a:wpdevart:pricing_table_builder:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-0942.yaml b/http/cves/2023/CVE-2023-0942.yaml index 0c0c74cf4c..01a7dfefb7 100644 --- a/http/cves/2023/CVE-2023-0942.yaml +++ b/http/cves/2023/CVE-2023-0942.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-0942 cwe-id: CWE-79 - epss-score: 0.00384 - epss-percentile: 0.70358 + epss-score: 0.0049 + epss-percentile: 0.7561 cpe: cpe:2.3:a:artisanworkshop:japanized_for_woocommerce:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-0947.yaml b/http/cves/2023/CVE-2023-0947.yaml index f0a77e54d3..23e8df985c 100644 --- a/http/cves/2023/CVE-2023-0947.yaml +++ b/http/cves/2023/CVE-2023-0947.yaml @@ -15,8 +15,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-0947 cwe-id: CWE-22 - epss-score: 0.01669 - epss-percentile: 0.86282 + epss-score: 0.0114 + epss-percentile: 0.84427 cpe: cpe:2.3:a:flatpress:flatpress:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-0948.yaml b/http/cves/2023/CVE-2023-0948.yaml index 70be52a87b..d4531dc8dd 100644 --- a/http/cves/2023/CVE-2023-0948.yaml +++ b/http/cves/2023/CVE-2023-0948.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2023-0948 cwe-id: CWE-79 epss-score: 0.00071 - epss-percentile: 0.29205 + epss-percentile: 0.29003 cpe: cpe:2.3:a:artisanworkshop:japanized_for_woocommerce:*:*:*:*:*:wordpress:*:* metadata: verified: "true" diff --git a/http/cves/2023/CVE-2023-1020.yaml b/http/cves/2023/CVE-2023-1020.yaml index 059f9cd466..b1d60a6bc8 100644 --- a/http/cves/2023/CVE-2023-1020.yaml +++ b/http/cves/2023/CVE-2023-1020.yaml @@ -17,8 +17,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-1020 cwe-id: CWE-89 - epss-score: 0.16196 - epss-percentile: 0.95507 + epss-score: 0.05497 + epss-percentile: 0.93034 cpe: cpe:2.3:a:wp_live_chat_shoutbox_project:wp_live_chat_shoutbox:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-1080.yaml b/http/cves/2023/CVE-2023-1080.yaml index 60aa60989c..812dc0c968 100644 --- a/http/cves/2023/CVE-2023-1080.yaml +++ b/http/cves/2023/CVE-2023-1080.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-1080 cwe-id: CWE-79 - epss-score: 0.00229 - epss-percentile: 0.61047 + epss-score: 0.0025 + epss-percentile: 0.64332 cpe: cpe:2.3:a:gnpublisher:gn_publisher:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-1263.yaml b/http/cves/2023/CVE-2023-1263.yaml index d9df457316..08482dcb85 100644 --- a/http/cves/2023/CVE-2023-1263.yaml +++ b/http/cves/2023/CVE-2023-1263.yaml @@ -18,8 +18,8 @@ info: cvss-score: 5.3 cve-id: CVE-2023-1263 cwe-id: CWE-200 - epss-score: 0.00254 - epss-percentile: 0.63154 + epss-score: 0.00238 + epss-percentile: 0.61195 cpe: cpe:2.3:a:niteothemes:coming_soon_\&_maintenance:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-1454.yaml b/http/cves/2023/CVE-2023-1454.yaml index be478c96ba..0c41c94a32 100644 --- a/http/cves/2023/CVE-2023-1454.yaml +++ b/http/cves/2023/CVE-2023-1454.yaml @@ -15,13 +15,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2023-1454 - https://vuldb.com/?ctiid.223299 - https://vuldb.com/?id.223299 + - https://github.com/Awrrays/FrameVul classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-1454 cwe-id: CWE-89 - epss-score: 0.0391 - epss-percentile: 0.91088 + epss-score: 0.04509 + epss-percentile: 0.92282 cpe: cpe:2.3:a:jeecg:jeecg-boot:3.5.0:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2023/CVE-2023-1496.yaml b/http/cves/2023/CVE-2023-1496.yaml index 48fabf1ecb..60053821b1 100644 --- a/http/cves/2023/CVE-2023-1496.yaml +++ b/http/cves/2023/CVE-2023-1496.yaml @@ -17,8 +17,8 @@ info: cvss-score: 5.4 cve-id: CVE-2023-1496 cwe-id: CWE-79 - epss-score: 0.00077 - epss-percentile: 0.31886 + epss-score: 0.00085 + epss-percentile: 0.34963 cpe: cpe:2.3:a:evilmartians:imgproxy:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-1671.yaml b/http/cves/2023/CVE-2023-1671.yaml index 968e1b63f1..9ed9df9ec5 100644 --- a/http/cves/2023/CVE-2023-1671.yaml +++ b/http/cves/2023/CVE-2023-1671.yaml @@ -15,13 +15,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2023-1671 - http://packetstormsecurity.com/files/172016/Sophos-Web-Appliance-4.3.10.4-Command-Injection.html - https://www.sophos.com/en-us/security-advisories/sophos-sa-20230404-swa-rce + - https://github.com/lions2012/Penetration_Testing_POC classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-1671 cwe-id: CWE-77 - epss-score: 0.95313 - epss-percentile: 0.99196 + epss-score: 0.96156 + epss-percentile: 0.99469 cpe: cpe:2.3:a:sophos:web_appliance:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-1698.yaml b/http/cves/2023/CVE-2023-1698.yaml index ef9023ed83..859c29191f 100644 --- a/http/cves/2023/CVE-2023-1698.yaml +++ b/http/cves/2023/CVE-2023-1698.yaml @@ -14,13 +14,15 @@ info: - https://onekey.com/blog/security-advisory-wago-unauthenticated-remote-command-execution/ - https://nvd.nist.gov/vuln/detail/CVE-2023-1698 - https://cert.vde.com/en/advisories/VDE-2023-007/ + - https://github.com/codeb0ss/CVE-2023-1698-PoC + - https://github.com/deIndra/CVE-2023-1698 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-1698 cwe-id: CWE-78 - epss-score: 0.47065 - epss-percentile: 0.97124 + epss-score: 0.55051 + epss-percentile: 0.97591 cpe: cpe:2.3:o:wago:compact_controller_100_firmware:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2023/CVE-2023-1719.yaml b/http/cves/2023/CVE-2023-1719.yaml index d5271635ac..0c8bbd66fa 100644 --- a/http/cves/2023/CVE-2023-1719.yaml +++ b/http/cves/2023/CVE-2023-1719.yaml @@ -9,13 +9,14 @@ info: reference: - https://starlabs.sg/advisories/23/23-1719/ - https://nvd.nist.gov/vuln/detail/CVE-2023-1719 + - https://github.com/20142995/sectool classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-1719 cwe-id: CWE-665 epss-score: 0.02807 - epss-percentile: 0.89587 + epss-percentile: 0.90415 cpe: cpe:2.3:a:bitrix24:bitrix24:22.0.300:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-1730.yaml b/http/cves/2023/CVE-2023-1730.yaml index 0bd8e1502c..98be5172ea 100644 --- a/http/cves/2023/CVE-2023-1730.yaml +++ b/http/cves/2023/CVE-2023-1730.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-1730 cwe-id: CWE-89 - epss-score: 0.16196 - epss-percentile: 0.95507 + epss-score: 0.05497 + epss-percentile: 0.93034 cpe: cpe:2.3:a:supportcandy:supportcandy:*:*:*:*:*:wordpress:*:* metadata: verified: "true" diff --git a/http/cves/2023/CVE-2023-1780.yaml b/http/cves/2023/CVE-2023-1780.yaml index 8f9f2590f1..f3055a28e9 100644 --- a/http/cves/2023/CVE-2023-1780.yaml +++ b/http/cves/2023/CVE-2023-1780.yaml @@ -16,7 +16,7 @@ info: cve-id: CVE-2023-1780 cwe-id: CWE-79 epss-score: 0.00071 - epss-percentile: 0.29205 + epss-percentile: 0.2903 cpe: cpe:2.3:a:codeermeneer:companion_sitemap_generator:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-1835.yaml b/http/cves/2023/CVE-2023-1835.yaml index 74b928c271..071b29016e 100644 --- a/http/cves/2023/CVE-2023-1835.yaml +++ b/http/cves/2023/CVE-2023-1835.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2023-1835 cwe-id: CWE-79 epss-score: 0.00071 - epss-percentile: 0.29179 + epss-percentile: 0.29003 cpe: cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-1880.yaml b/http/cves/2023/CVE-2023-1880.yaml index a78c7025e1..2427c34a71 100644 --- a/http/cves/2023/CVE-2023-1880.yaml +++ b/http/cves/2023/CVE-2023-1880.yaml @@ -16,8 +16,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-1880 cwe-id: CWE-79 - epss-score: 0.00071 - epss-percentile: 0.29121 + epss-score: 0.00078 + epss-percentile: 0.3203 cpe: cpe:2.3:a:phpmyfaq:phpmyfaq:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-1890.yaml b/http/cves/2023/CVE-2023-1890.yaml index ecc61f913b..c9919cbedd 100644 --- a/http/cves/2023/CVE-2023-1890.yaml +++ b/http/cves/2023/CVE-2023-1890.yaml @@ -18,8 +18,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-1890 cwe-id: CWE-79 - epss-score: 0.00302 - epss-percentile: 0.66493 + epss-score: 0.00203 + epss-percentile: 0.57653 cpe: cpe:2.3:a:pauple:tablesome:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-20073.yaml b/http/cves/2023/CVE-2023-20073.yaml index 21ddeb2a71..4fc46cd88a 100644 --- a/http/cves/2023/CVE-2023-20073.yaml +++ b/http/cves/2023/CVE-2023-20073.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-20073 cwe-id: CWE-434 - epss-score: 0.52411 - epss-percentile: 0.97303 + epss-score: 0.38542 + epss-percentile: 0.97132 cpe: cpe:2.3:o:cisco:rv340_firmware:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-2009.yaml b/http/cves/2023/CVE-2023-2009.yaml index f0671b28c2..587a044952 100644 --- a/http/cves/2023/CVE-2023-2009.yaml +++ b/http/cves/2023/CVE-2023-2009.yaml @@ -16,7 +16,7 @@ info: cve-id: CVE-2023-2009 cwe-id: CWE-79 epss-score: 0.00078 - epss-percentile: 0.32649 + epss-percentile: 0.3232 cpe: cpe:2.3:a:pretty_url_project:pretty_url:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-2023.yaml b/http/cves/2023/CVE-2023-2023.yaml index d583d91941..849d8b3ec6 100644 --- a/http/cves/2023/CVE-2023-2023.yaml +++ b/http/cves/2023/CVE-2023-2023.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-2023 cwe-id: CWE-79 - epss-score: 0.00071 - epss-percentile: 0.29245 + epss-score: 0.00374 + epss-percentile: 0.722 cpe: cpe:2.3:a:kunalnagar:custom_404_pro:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-20864.yaml b/http/cves/2023/CVE-2023-20864.yaml index d947472763..5ddbd433db 100644 --- a/http/cves/2023/CVE-2023-20864.yaml +++ b/http/cves/2023/CVE-2023-20864.yaml @@ -13,13 +13,14 @@ info: reference: - https://www.vmware.com/security/advisories/VMSA-2023-0007.html - https://nvd.nist.gov/vuln/detail/CVE-2023-20864 + - https://github.com/Threekiii/CVE classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-20864 cwe-id: CWE-502 - epss-score: 0.22038 - epss-percentile: 0.96031 + epss-score: 0.29094 + epss-percentile: 0.96766 cpe: cpe:2.3:a:vmware:aria_operations_for_logs:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-20887.yaml b/http/cves/2023/CVE-2023-20887.yaml index 5bed794c08..b70a70b6e6 100644 --- a/http/cves/2023/CVE-2023-20887.yaml +++ b/http/cves/2023/CVE-2023-20887.yaml @@ -22,8 +22,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-20887 cwe-id: CWE-77 - epss-score: 0.96266 - epss-percentile: 0.99422 + epss-score: 0.96408 + epss-percentile: 0.99538 cpe: cpe:2.3:a:vmware:vrealize_network_insight:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-2122.yaml b/http/cves/2023/CVE-2023-2122.yaml index 63079a201c..ab180e2a41 100644 --- a/http/cves/2023/CVE-2023-2122.yaml +++ b/http/cves/2023/CVE-2023-2122.yaml @@ -17,7 +17,7 @@ info: cve-id: CVE-2023-2122 cwe-id: CWE-79 epss-score: 0.00064 - epss-percentile: 0.26204 + epss-percentile: 0.26189 cpe: cpe:2.3:a:10web:image_optimizer:*:*:*:*:*:wordpress:*:* metadata: verified: "true" diff --git a/http/cves/2023/CVE-2023-2178.yaml b/http/cves/2023/CVE-2023-2178.yaml index 41d4910a33..a1d5491e6e 100644 --- a/http/cves/2023/CVE-2023-2178.yaml +++ b/http/cves/2023/CVE-2023-2178.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2023-2178 cwe-id: CWE-79 epss-score: 0.00078 - epss-percentile: 0.32659 + epss-percentile: 0.3232 cpe: cpe:2.3:a:aajoda:aajoda_testimonials:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-22232.yaml b/http/cves/2023/CVE-2023-22232.yaml index a2084bfd52..0a5dcdaec3 100644 --- a/http/cves/2023/CVE-2023-22232.yaml +++ b/http/cves/2023/CVE-2023-22232.yaml @@ -16,8 +16,8 @@ info: cvss-score: 5.3 cve-id: CVE-2023-22232 cwe-id: CWE-284,NVD-CWE-noinfo - epss-score: 0.12027 - epss-percentile: 0.94872 + epss-score: 0.13033 + epss-percentile: 0.95385 cpe: cpe:2.3:a:adobe:connect:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-22432.yaml b/http/cves/2023/CVE-2023-22432.yaml index 085ef7e208..81c4795fca 100644 --- a/http/cves/2023/CVE-2023-22432.yaml +++ b/http/cves/2023/CVE-2023-22432.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-22432 cwe-id: CWE-601 - epss-score: 0.02498 - epss-percentile: 0.88998 + epss-score: 0.00877 + epss-percentile: 0.82098 cpe: cpe:2.3:a:web2py:web2py:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-22463.yaml b/http/cves/2023/CVE-2023-22463.yaml index 05fd845903..59473003f3 100644 --- a/http/cves/2023/CVE-2023-22463.yaml +++ b/http/cves/2023/CVE-2023-22463.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-22463 cwe-id: CWE-798 - epss-score: 0.02067 - epss-percentile: 0.8787 + epss-score: 0.02033 + epss-percentile: 0.88693 cpe: cpe:2.3:a:fit2cloud:kubepi:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-22478.yaml b/http/cves/2023/CVE-2023-22478.yaml index 774898e7f3..7967ca1f22 100644 --- a/http/cves/2023/CVE-2023-22478.yaml +++ b/http/cves/2023/CVE-2023-22478.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.5 cve-id: CVE-2023-22478 cwe-id: CWE-862 - epss-score: 0.03166 - epss-percentile: 0.90172 + epss-score: 0.03365 + epss-percentile: 0.91177 cpe: cpe:2.3:a:fit2cloud:kubepi:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-22480.yaml b/http/cves/2023/CVE-2023-22480.yaml index 4c6b9d7d04..60690bd831 100644 --- a/http/cves/2023/CVE-2023-22480.yaml +++ b/http/cves/2023/CVE-2023-22480.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-22480 cwe-id: CWE-863,CWE-285 - epss-score: 0.01867 - epss-percentile: 0.87123 + epss-score: 0.01487 + epss-percentile: 0.86532 cpe: cpe:2.3:a:fit2cloud:kubeoperator:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-22518.yaml b/http/cves/2023/CVE-2023-22518.yaml index bb923f309d..f9ee8f91d7 100644 --- a/http/cves/2023/CVE-2023-22518.yaml +++ b/http/cves/2023/CVE-2023-22518.yaml @@ -18,8 +18,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-22518 cwe-id: CWE-863 - epss-score: 0.96525 - epss-percentile: 0.99513 + epss-score: 0.97011 + epss-percentile: 0.99725 cpe: cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-2252.yaml b/http/cves/2023/CVE-2023-2252.yaml index cecfabf622..c830eb7c77 100644 --- a/http/cves/2023/CVE-2023-2252.yaml +++ b/http/cves/2023/CVE-2023-2252.yaml @@ -18,8 +18,8 @@ info: cvss-score: 2.7 cve-id: CVE-2023-2252 cwe-id: CWE-22 - epss-score: 0.00112 - epss-percentile: 0.44321 + epss-score: 0.00129 + epss-percentile: 0.46802 cpe: cpe:2.3:a:wpwax:directorist:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-22527.yaml b/http/cves/2023/CVE-2023-22527.yaml index d7d025c7bf..5899b3b0b8 100644 --- a/http/cves/2023/CVE-2023-22527.yaml +++ b/http/cves/2023/CVE-2023-22527.yaml @@ -11,19 +11,22 @@ info: - https://confluence.atlassian.com/pages/viewpage.action?pageId=1333335615 - https://jira.atlassian.com/browse/CONFSERVER-93833 - https://blog.projectdiscovery.io/atlassian-confluence-ssti-remote-code-execution/ + - http://packetstormsecurity.com/files/176789/Atlassian-Confluence-SSTI-Injection.html + - https://github.com/ramirezs4/Tips-and-tools-forensics---RS4 classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H - cvss-score: 10 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 cve-id: CVE-2023-22527 - epss-score: 0.00044 - epss-percentile: 0.08115 + cwe-id: CWE-74 + epss-score: 0.96568 + epss-percentile: 0.99595 cpe: cpe:2.3:a:atlassian:confluence_data_center:*:*:*:*:*:*:*:* metadata: max-request: 1 vendor: atlassian product: confluence_data_center shodan-query: http.component:"Atlassian Confluence" - tags: cve,cve2023,confluence,rce,ssti + tags: cve,cve2023,confluence,rce,ssti,kev http: - raw: diff --git a/http/cves/2023/CVE-2023-23489.yaml b/http/cves/2023/CVE-2023-23489.yaml index a1eb0774d2..ed9b4c10b1 100644 --- a/http/cves/2023/CVE-2023-23489.yaml +++ b/http/cves/2023/CVE-2023-23489.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-23489 cwe-id: CWE-89 - epss-score: 0.08904 - epss-percentile: 0.94014 + epss-score: 0.10655 + epss-percentile: 0.94927 cpe: cpe:2.3:a:sandhillsdev:easy_digital_downloads:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-23491.yaml b/http/cves/2023/CVE-2023-23491.yaml index 2d82a1221d..9996cd9caa 100644 --- a/http/cves/2023/CVE-2023-23491.yaml +++ b/http/cves/2023/CVE-2023-23491.yaml @@ -10,13 +10,15 @@ info: reference: - https://wpscan.com/vulnerability/49178a9d-0500-4e3e-8ea1-6cd4eeda2a4e - https://nvd.nist.gov/vuln/detail/CVE-2023-23491 + - https://github.com/ARPSyndicate/cvemon + - https://github.com/JoshuaMart/JoshuaMart classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2023-23491 cwe-id: CWE-79 - epss-score: 0.00078 - epss-percentile: 0.32657 + epss-score: 0.00119 + epss-percentile: 0.45193 cpe: cpe:2.3:a:fullworksplugins:quick_event_manager:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-2356.yaml b/http/cves/2023/CVE-2023-2356.yaml index ccea7f703e..ed9666334b 100644 --- a/http/cves/2023/CVE-2023-2356.yaml +++ b/http/cves/2023/CVE-2023-2356.yaml @@ -14,13 +14,15 @@ info: - https://huntr.dev/bounties/7b5d130d-38eb-4133-8c7d-0dfc9a9d9896/ - https://nvd.nist.gov/vuln/detail/CVE-2023-2356 - https://github.com/mlflow/mlflow/commit/f73147496e05c09a8b83d95fb4f1bf86696c6342 + - https://github.com/Ostorlab/KEV + - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2023-2356 cwe-id: CWE-23 - epss-score: 0.00941 - epss-percentile: 0.81349 + epss-score: 0.00875 + epss-percentile: 0.82072 cpe: cpe:2.3:a:lfprojects:mlflow:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-24278.yaml b/http/cves/2023/CVE-2023-24278.yaml index c4569f06db..be2f1ac371 100644 --- a/http/cves/2023/CVE-2023-24278.yaml +++ b/http/cves/2023/CVE-2023-24278.yaml @@ -14,13 +14,14 @@ info: - https://census-labs.com/news/2023/03/16/reflected-xss-vulnerabilities-in-squidex-squidsvg-endpoint/ - https://www.openwall.com/lists/oss-security/2023/03/16/1 - https://nvd.nist.gov/vuln/detail/CVE-2023-24278 + - https://github.com/karimhabush/cyberowl classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2023-24278 cwe-id: CWE-79 - epss-score: 0.00099 - epss-percentile: 0.40654 + epss-score: 0.0011 + epss-percentile: 0.4314 cpe: cpe:2.3:a:squidex.io:squidex:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-24489.yaml b/http/cves/2023/CVE-2023-24489.yaml index 8a0e8a9801..3c48c7f2c4 100644 --- a/http/cves/2023/CVE-2023-24489.yaml +++ b/http/cves/2023/CVE-2023-24489.yaml @@ -14,13 +14,15 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2023-24489 - https://blog.assetnote.io/2023/07/04/citrix-sharefile-rce/ - https://support.citrix.com/article/CTX559517/sharefile-storagezones-controller-security-update-for-cve202324489 + - https://github.com/20142995/sectool + - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-24489 cwe-id: CWE-284,NVD-CWE-Other - epss-score: 0.9687 - epss-percentile: 0.99637 + epss-score: 0.97362 + epss-percentile: 0.99893 cpe: cpe:2.3:a:citrix:sharefile_storage_zones_controller:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-24733.yaml b/http/cves/2023/CVE-2023-24733.yaml index 97e8cdebc5..a97753ca0f 100644 --- a/http/cves/2023/CVE-2023-24733.yaml +++ b/http/cves/2023/CVE-2023-24733.yaml @@ -19,13 +19,13 @@ info: cvss-score: 6.1 cve-id: CVE-2023-24733 cwe-id: CWE-79 - epss-score: 0.00071 - epss-percentile: 0.29124 - cpe: cpe:2.3:a:pmb_project:pmb:7.4.6:*:*:*:*:*:*:* + epss-score: 0.00097 + epss-percentile: 0.39455 + cpe: cpe:2.3:a:sigb:pmb:7.4.6:*:*:*:*:*:*:* metadata: verified: true max-request: 1 - vendor: pmb_project + vendor: sigb product: pmb shodan-query: http.favicon.hash:1469328760 tags: cve,cve2023,unauth,xss,pmb,pmb_project diff --git a/http/cves/2023/CVE-2023-24735.yaml b/http/cves/2023/CVE-2023-24735.yaml index 8c187921bc..0a34721f1f 100644 --- a/http/cves/2023/CVE-2023-24735.yaml +++ b/http/cves/2023/CVE-2023-24735.yaml @@ -19,13 +19,13 @@ info: cvss-score: 6.1 cve-id: CVE-2023-24735 cwe-id: CWE-601 - epss-score: 0.01074 - epss-percentile: 0.82634 - cpe: cpe:2.3:a:pmb_project:pmb:7.4.6:*:*:*:*:*:*:* + epss-score: 0.00947 + epss-percentile: 0.8279 + cpe: cpe:2.3:a:sigb:pmb:7.4.6:*:*:*:*:*:*:* metadata: verified: true max-request: 1 - vendor: pmb_project + vendor: sigb product: pmb shodan-query: http.favicon.hash:1469328760 tags: cve2023,cve,redirect,pmb,pmb_project diff --git a/http/cves/2023/CVE-2023-24737.yaml b/http/cves/2023/CVE-2023-24737.yaml index 7527c6a58e..882ec49c3f 100644 --- a/http/cves/2023/CVE-2023-24737.yaml +++ b/http/cves/2023/CVE-2023-24737.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-24737 cwe-id: CWE-79 - epss-score: 0.00071 - epss-percentile: 0.29164 + epss-score: 0.00097 + epss-percentile: 0.39455 cpe: cpe:2.3:a:sigb:pmb:7.4.6:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-25135.yaml b/http/cves/2023/CVE-2023-25135.yaml index 9e5cc2e7f7..6cbac1d95b 100644 --- a/http/cves/2023/CVE-2023-25135.yaml +++ b/http/cves/2023/CVE-2023-25135.yaml @@ -14,13 +14,14 @@ info: - https://github.com/ambionics/vbulletin-exploits/blob/main/vbulletin-rce-cve-2023-25135.py - https://nvd.nist.gov/vuln/detail/CVE-2023-25135 - https://forum.vbulletin.com/forum/vbulletin-announcements/vbulletin-announcements_aa/4473890-vbulletin-5-6-9-security-patch + - https://github.com/netlas-io/netlas-dorks classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-25135 cwe-id: CWE-502 - epss-score: 0.50999 - epss-percentile: 0.97255 + epss-score: 0.71557 + epss-percentile: 0.97978 cpe: cpe:2.3:a:vbulletin:vbulletin:5.6.7:-:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-25573.yaml b/http/cves/2023/CVE-2023-25573.yaml index 0c1aff5622..b1c9316e01 100644 --- a/http/cves/2023/CVE-2023-25573.yaml +++ b/http/cves/2023/CVE-2023-25573.yaml @@ -13,13 +13,15 @@ info: - https://github.com/Threekiii/Awesome-POC/blob/master/Web%E5%BA%94%E7%94%A8%E6%BC%8F%E6%B4%9E/Metersphere%20file%20%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E8%AF%BB%E5%8F%96%E6%BC%8F%E6%B4%9E%20CVE-2023-25573.md - https://nvd.nist.gov/vuln/detail/CVE-2023-25573 - https://github.com/metersphere/metersphere/security/advisories/GHSA-mcwr-j9vm-5g8h + - https://github.com/20142995/sectool + - https://github.com/KayCHENvip/vulnerability-poc classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2023-25573 cwe-id: CWE-862 - epss-score: 0.02887 - epss-percentile: 0.8973 + epss-score: 0.03674 + epss-percentile: 0.91517 cpe: cpe:2.3:a:metersphere:metersphere:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-26035.yaml b/http/cves/2023/CVE-2023-26035.yaml index dfab91b445..1191c72b94 100644 --- a/http/cves/2023/CVE-2023-26035.yaml +++ b/http/cves/2023/CVE-2023-26035.yaml @@ -18,8 +18,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-26035 cwe-id: CWE-862 - epss-score: 0.96802 - epss-percentile: 0.99611 + epss-score: 0.97003 + epss-percentile: 0.99723 cpe: cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:* metadata: verified: true @@ -28,7 +28,6 @@ info: product: zoneminder shodan-query: html:"ZM - Login" tags: cve,cve2023,rce,zoneminder,unauth,packetstorm - flow: http(1) && http(2) http: diff --git a/http/cves/2023/CVE-2023-26067.yaml b/http/cves/2023/CVE-2023-26067.yaml index 30a6d667a5..3f606f3c49 100644 --- a/http/cves/2023/CVE-2023-26067.yaml +++ b/http/cves/2023/CVE-2023-26067.yaml @@ -21,8 +21,8 @@ info: cvss-score: 8.1 cve-id: CVE-2023-26067 cwe-id: CWE-20 - epss-score: 0.04701 - epss-percentile: 0.9181 + epss-score: 0.10331 + epss-percentile: 0.94831 cpe: cpe:2.3:o:lexmark:cxtpc_firmware:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-26347.yaml b/http/cves/2023/CVE-2023-26347.yaml index 3c567d05a3..11bcc5b14f 100644 --- a/http/cves/2023/CVE-2023-26347.yaml +++ b/http/cves/2023/CVE-2023-26347.yaml @@ -16,8 +16,8 @@ info: cvss-score: 7.5 cve-id: CVE-2023-26347 cwe-id: CWE-284 - epss-score: 0.00522 - epss-percentile: 0.74346 + epss-score: 0.00466 + epss-percentile: 0.74969 cpe: cpe:2.3:a:adobe:coldfusion:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-26469.yaml b/http/cves/2023/CVE-2023-26469.yaml index 0833d06f1b..d3619ee3c3 100644 --- a/http/cves/2023/CVE-2023-26469.yaml +++ b/http/cves/2023/CVE-2023-26469.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-26469 cwe-id: CWE-22 - epss-score: 0.93851 - epss-percentile: 0.98954 + epss-score: 0.93768 + epss-percentile: 0.99071 cpe: cpe:2.3:a:jorani:jorani:1.0.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-2648.yaml b/http/cves/2023/CVE-2023-2648.yaml index 83fe246913..bd8f0b0d6a 100644 --- a/http/cves/2023/CVE-2023-2648.yaml +++ b/http/cves/2023/CVE-2023-2648.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-2648 cwe-id: CWE-434 - epss-score: 0.05261 - epss-percentile: 0.92285 + epss-score: 0.05365 + epss-percentile: 0.9293 cpe: cpe:2.3:a:weaver:e-office:9.5:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-26842.yaml b/http/cves/2023/CVE-2023-26842.yaml index f5c511ba4c..c54f517ac9 100644 --- a/http/cves/2023/CVE-2023-26842.yaml +++ b/http/cves/2023/CVE-2023-26842.yaml @@ -13,13 +13,14 @@ info: reference: - https://github.com/10splayaSec/CVE-Disclosures/tree/main/ChurchCRM/CVE-2023-26842 - https://nvd.nist.gov/vuln/detail/CVE-2023-26842 + - https://github.com/10splayaSec/CVE-Disclosures classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N cvss-score: 5.4 cve-id: CVE-2023-26842 cwe-id: CWE-79 epss-score: 0.00148 - epss-percentile: 0.50683 + epss-percentile: 0.49853 cpe: cpe:2.3:a:churchcrm:churchcrm:4.5.3:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-26843.yaml b/http/cves/2023/CVE-2023-26843.yaml index ca21eadb27..49f66908a9 100644 --- a/http/cves/2023/CVE-2023-26843.yaml +++ b/http/cves/2023/CVE-2023-26843.yaml @@ -14,13 +14,15 @@ info: - https://github.com/10splayaSec/CVE-Disclosures/tree/main/ChurchCRM/CVE-2023-26843 - https://nvd.nist.gov/vuln/detail/CVE-2023-26843 - https://github.com/ChurchCRM/CRM + - https://github.com/10splayaSec/CVE-Disclosures + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N cvss-score: 5.4 cve-id: CVE-2023-26843 cwe-id: CWE-79 epss-score: 0.00146 - epss-percentile: 0.50485 + epss-percentile: 0.49668 cpe: cpe:2.3:a:churchcrm:churchcrm:4.5.3:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-27008.yaml b/http/cves/2023/CVE-2023-27008.yaml index ecf1c55a75..500bf7323c 100644 --- a/http/cves/2023/CVE-2023-27008.yaml +++ b/http/cves/2023/CVE-2023-27008.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-27008 cwe-id: CWE-79 - epss-score: 0.00089 - epss-percentile: 0.37645 + epss-score: 0.00099 + epss-percentile: 0.39906 cpe: cpe:2.3:a:atutor:atutor:2.2.1:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-27034.yaml b/http/cves/2023/CVE-2023-27034.yaml index ce3d19c572..9a8ff214d2 100644 --- a/http/cves/2023/CVE-2023-27034.yaml +++ b/http/cves/2023/CVE-2023-27034.yaml @@ -15,13 +15,14 @@ info: - https://security.friendsofpresta.org/modules/2023/03/13/jmsblog.html - https://github.com/advisories/GHSA-7jr7-v6gv-m656 - https://friends-of-presta.github.io/security-advisories/modules/2023/03/13/jmsblog.html + - https://github.com/codeb0ss/CVE-2023-27034-Exploit classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-27034 cwe-id: CWE-89 - epss-score: 0.01179 - epss-percentile: 0.83487 + epss-score: 0.01365 + epss-percentile: 0.8596 cpe: cpe:2.3:a:joommasters:jms_blog:2.5.5:*:*:*:*:prestashop:*:* metadata: max-request: 2 diff --git a/http/cves/2023/CVE-2023-27292.yaml b/http/cves/2023/CVE-2023-27292.yaml index 454a4915fd..759e960f3e 100644 --- a/http/cves/2023/CVE-2023-27292.yaml +++ b/http/cves/2023/CVE-2023-27292.yaml @@ -13,13 +13,14 @@ info: reference: - https://www.tenable.com/security/research/tra-2023-8 - https://nvd.nist.gov/vuln/detail/CVE-2023-27292 + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N cvss-score: 5.4 cve-id: CVE-2023-27292 cwe-id: CWE-601 - epss-score: 0.00081 - epss-percentile: 0.33897 + epss-score: 0.00092 + epss-percentile: 0.37956 cpe: cpe:2.3:a:opencats:opencats:0.9.6:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-27372.yaml b/http/cves/2023/CVE-2023-27372.yaml index 62b77e1b57..9d3fb87c97 100644 --- a/http/cves/2023/CVE-2023-27372.yaml +++ b/http/cves/2023/CVE-2023-27372.yaml @@ -20,8 +20,8 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-27372 - epss-score: 0.97042 - epss-percentile: 0.99709 + epss-score: 0.97152 + epss-percentile: 0.99786 cpe: cpe:2.3:a:spip:spip:*:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2023/CVE-2023-27524.yaml b/http/cves/2023/CVE-2023-27524.yaml index b21c73b762..352a335259 100644 --- a/http/cves/2023/CVE-2023-27524.yaml +++ b/http/cves/2023/CVE-2023-27524.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-27524 cwe-id: CWE-1188 - epss-score: 0.96225 - epss-percentile: 0.99405 + epss-score: 0.97224 + epss-percentile: 0.99822 cpe: cpe:2.3:a:apache:superset:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-27587.yaml b/http/cves/2023/CVE-2023-27587.yaml index 648d828990..c4177f7b02 100644 --- a/http/cves/2023/CVE-2023-27587.yaml +++ b/http/cves/2023/CVE-2023-27587.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.5 cve-id: CVE-2023-27587 cwe-id: CWE-209 - epss-score: 0.21224 - epss-percentile: 0.95983 + epss-score: 0.18807 + epss-percentile: 0.96117 cpe: cpe:2.3:a:readtomyshoe_project:readtomyshoe:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2023/CVE-2023-27639.yaml b/http/cves/2023/CVE-2023-27639.yaml index 3ac1db1f22..3cc961877d 100644 --- a/http/cves/2023/CVE-2023-27639.yaml +++ b/http/cves/2023/CVE-2023-27639.yaml @@ -15,8 +15,8 @@ info: cvss-score: 7.5 cve-id: CVE-2023-27639 cwe-id: CWE-22 - epss-score: 0.02805 - epss-percentile: 0.89632 + epss-score: 0.04002 + epss-percentile: 0.9185 cpe: cpe:2.3:a:tshirtecommerce:custom_product_designer:*:*:*:*:*:prestashop:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-27640.yaml b/http/cves/2023/CVE-2023-27640.yaml index a1c9053e8c..17882416b5 100644 --- a/http/cves/2023/CVE-2023-27640.yaml +++ b/http/cves/2023/CVE-2023-27640.yaml @@ -11,10 +11,17 @@ info: - https://security.friendsofpresta.org/module/2023/03/30/tshirtecommerce_cwe-22.html - https://nvd.nist.gov/vuln/detail/CVE-2023-27640 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 cve-id: CVE-2023-27640 + cwe-id: CWE-22 + epss-score: 0.04002 + epss-percentile: 0.9185 + cpe: cpe:2.3:a:tshirtecommerce:custom_product_designer:*:*:*:*:*:prestashop:*:* metadata: max-request: 1 - product: tshirtecommerce + vendor: tshirtecommerce + product: custom_product_designer framework: prestashop google-query: inurl:"/tshirtecommerce/" tags: cve,cve2023,prestashop,tshirtecommerce,lfi diff --git a/http/cves/2023/CVE-2023-2779.yaml b/http/cves/2023/CVE-2023-2779.yaml index 7bcba89082..8d66f00318 100644 --- a/http/cves/2023/CVE-2023-2779.yaml +++ b/http/cves/2023/CVE-2023-2779.yaml @@ -17,8 +17,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-2779 cwe-id: CWE-79 - epss-score: 0.00762 - epss-percentile: 0.79202 + epss-score: 0.00993 + epss-percentile: 0.8323 cpe: cpe:2.3:a:heator:social_share\,_social_login_and_social_comments:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-2796.yaml b/http/cves/2023/CVE-2023-2796.yaml index 72413a892e..48929b3a2f 100644 --- a/http/cves/2023/CVE-2023-2796.yaml +++ b/http/cves/2023/CVE-2023-2796.yaml @@ -14,13 +14,14 @@ info: - https://wpscan.com/vulnerability/e9ef793c-e5a3-4c55-beee-56b0909f7a0d - https://nvd.nist.gov/vuln/detail/CVE-2023-2796 - http://packetstormsecurity.com/files/173984/WordPress-EventON-Calendar-4.4-Insecure-Direct-Object-Reference.html + - https://github.com/nullfuzz-pentest/shodan-dorks classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2023-2796 cwe-id: CWE-862 - epss-score: 0.05279 - epss-percentile: 0.92282 + epss-score: 0.06666 + epss-percentile: 0.93671 cpe: cpe:2.3:a:myeventon:eventon:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-28121.yaml b/http/cves/2023/CVE-2023-28121.yaml index 2f8e5455f5..1f36c26132 100644 --- a/http/cves/2023/CVE-2023-28121.yaml +++ b/http/cves/2023/CVE-2023-28121.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-28121 cwe-id: CWE-287 - epss-score: 0.71629 - epss-percentile: 0.97799 + epss-score: 0.92977 + epss-percentile: 0.9898 cpe: cpe:2.3:a:automattic:woocommerce_payments:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-2813.yaml b/http/cves/2023/CVE-2023-2813.yaml index 33dbba60f7..982957da93 100644 --- a/http/cves/2023/CVE-2023-2813.yaml +++ b/http/cves/2023/CVE-2023-2813.yaml @@ -11,13 +11,14 @@ info: reference: - https://wpscan.com/vulnerability/f434afd3-7de4-4bf4-a9bb-9f9aeaae1dc5 - https://nvd.nist.gov/vuln/detail/CVE-2023-2813 + - https://github.com/fkie-cad/nvd-json-data-feeds classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2023-2813 cwe-id: CWE-79 - epss-score: 0.00183 - epss-percentile: 0.55614 + epss-score: 0.00115 + epss-percentile: 0.44236 cpe: cpe:2.3:a:ajaydsouza:connections_reloaded:*:*:*:*:*:wordpress:*:* metadata: verified: true @@ -26,7 +27,6 @@ info: product: connections_reloaded framework: wordpress tags: wpscan,cve,cve2023,wordpress,wp-theme,xss,ajaydsouza - variables: str: "{{rand_base(6)}}" random: "{{rand_base(3)}}" diff --git a/http/cves/2023/CVE-2023-2825.yaml b/http/cves/2023/CVE-2023-2825.yaml index 8c647cf8ef..958238538d 100644 --- a/http/cves/2023/CVE-2023-2825.yaml +++ b/http/cves/2023/CVE-2023-2825.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.5 cve-id: CVE-2023-2825 cwe-id: CWE-22 - epss-score: 0.06519 - epss-percentile: 0.93069 + epss-score: 0.09134 + epss-percentile: 0.94495 cpe: cpe:2.3:a:gitlab:gitlab:16.0.0:*:*:*:community:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-28662.yaml b/http/cves/2023/CVE-2023-28662.yaml index ed42131196..74688dc91c 100644 --- a/http/cves/2023/CVE-2023-28662.yaml +++ b/http/cves/2023/CVE-2023-28662.yaml @@ -6,31 +6,30 @@ info: severity: critical description: | The Gift Cards (Gift Vouchers and Packages) WordPress Plugin, version <= 4.3.1, is affected by an unauthenticated SQL injection vulnerability in the template parameter in the wpgv_doajax_voucher_pdf_save_func action. + impact: | + Successful exploitation of this vulnerability could allow an attacker to perform SQL injection attacks, potentially leading to unauthorized access, data leakage, or further compromise of the WordPress site. + remediation: | + Update the Gift Cards (Gift Vouchers and Packages) WordPress Plugin to the latest version available. reference: - https://www.tenable.com/security/research/tra-2023-2 - https://wordpress.org/plugins/gift-voucher/ - https://github.com/ARPSyndicate/cvemon - https://github.com/JoshuaMart/JoshuaMart - impact: | - Successful exploitation of this vulnerability could allow an attacker to perform SQL injection attacks, potentially leading to unauthorized access, data leakage, or further compromise of the WordPress site. - remediation: | - Update the Gift Cards (Gift Vouchers and Packages) WordPress Plugin to the latest version available. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-28662 cwe-id: CWE-89 - cpe: cpe:2.3:a:codemenschen:gift_vouchers:*:*:*:*:*:wordpress:*:* epss-score: 0.00076 epss-percentile: 0.31593 + cpe: cpe:2.3:a:codemenschen:gift_vouchers:*:*:*:*:*:wordpress:*:* metadata: + max-request: 2 vendor: codemenschen product: "gift_vouchers" framework: wordpress fofa-query: "body=\"/wp-content/plugins/gift-voucher/\"" - max-request: 2 tags: cve,cve2023,wordpress,wp,wp-plugin,sqli,unauth,gift-voucher - flow: http(1) && http(2) http: diff --git a/http/cves/2023/CVE-2023-29084.yaml b/http/cves/2023/CVE-2023-29084.yaml index 142b4f25c6..24bf7925eb 100644 --- a/http/cves/2023/CVE-2023-29084.yaml +++ b/http/cves/2023/CVE-2023-29084.yaml @@ -21,8 +21,8 @@ info: cvss-score: 7.2 cve-id: CVE-2023-29084 cwe-id: CWE-77 - epss-score: 0.42947 - epss-percentile: 0.97005 + epss-score: 0.45632 + epss-percentile: 0.97324 cpe: cpe:2.3:a:zohocorp:manageengine_admanager_plus:*:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2023/CVE-2023-29300.yaml b/http/cves/2023/CVE-2023-29300.yaml index f38bcff764..a6203187f8 100644 --- a/http/cves/2023/CVE-2023-29300.yaml +++ b/http/cves/2023/CVE-2023-29300.yaml @@ -13,13 +13,16 @@ info: reference: - https://blog.projectdiscovery.io/adobe-coldfusion-rce/ - https://helpx.adobe.com/security/products/coldfusion/apsb23-40.html + - https://github.com/Ostorlab/KEV + - https://github.com/Threekiii/Vulhub-Reproduce + - https://github.com/XRSec/AWVS-Update classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-29300 cwe-id: CWE-502 - epss-score: 0.93305 - epss-percentile: 0.9889 + epss-score: 0.96369 + epss-percentile: 0.99526 cpe: cpe:2.3:a:adobe:coldfusion:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2023/CVE-2023-29439.yaml b/http/cves/2023/CVE-2023-29439.yaml index 8363e7bcc6..e2487fc8d4 100644 --- a/http/cves/2023/CVE-2023-29439.yaml +++ b/http/cves/2023/CVE-2023-29439.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2023-29439 cwe-id: CWE-79 epss-score: 0.00087 - epss-percentile: 0.35959 + epss-percentile: 0.35426 cpe: cpe:2.3:a:fooplugins:foogallery:*:*:*:*:*:wordpress:*:* metadata: verified: "true" diff --git a/http/cves/2023/CVE-2023-29489.yaml b/http/cves/2023/CVE-2023-29489.yaml index a960cf5732..76d24f3381 100644 --- a/http/cves/2023/CVE-2023-29489.yaml +++ b/http/cves/2023/CVE-2023-29489.yaml @@ -14,13 +14,15 @@ info: - https://blog.assetnote.io/2023/04/26/xss-million-websites-cpanel/ - https://nvd.nist.gov/vuln/detail/CVE-2023-29489 - https://forums.cpanel.net/threads/cpanel-tsr-2023-0001-full-disclosure.708949/ + - https://github.com/SynixCyberCrimeMy/CVE-2023-29489 + - https://github.com/learnerboy88/CVE-2023-29489 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2023-29489 cwe-id: CWE-79 - epss-score: 0.00206 - epss-percentile: 0.58511 + epss-score: 0.00302 + epss-percentile: 0.69029 cpe: cpe:2.3:a:cpanel:cpanel:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-2982.yaml b/http/cves/2023/CVE-2023-2982.yaml index ad90d58b7b..c8cd03f791 100644 --- a/http/cves/2023/CVE-2023-2982.yaml +++ b/http/cves/2023/CVE-2023-2982.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-2982 cwe-id: CWE-288 - epss-score: 0.01383 - epss-percentile: 0.84949 + epss-score: 0.01566 + epss-percentile: 0.86966 cpe: cpe:2.3:a:miniorange:wordpress_social_login_and_register_\(discord\,_google\,_twitter\,_linkedin\):*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-30019.yaml b/http/cves/2023/CVE-2023-30019.yaml index 8425bb97e5..7464942b5d 100644 --- a/http/cves/2023/CVE-2023-30019.yaml +++ b/http/cves/2023/CVE-2023-30019.yaml @@ -13,13 +13,14 @@ info: reference: - https://breakandpray.com/cve-2023-30019-ssrf-in-imgproxy/ - https://github.com/imgproxy/imgproxy + - https://github.com/j4k0m/godkiller classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2023-30019 cwe-id: CWE-918 epss-score: 0.00094 - epss-percentile: 0.3934 + epss-percentile: 0.38689 cpe: cpe:2.3:a:evilmartians:imgproxy:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-30150.yaml b/http/cves/2023/CVE-2023-30150.yaml index 9e274ab5ba..c1f68d1230 100644 --- a/http/cves/2023/CVE-2023-30150.yaml +++ b/http/cves/2023/CVE-2023-30150.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-30150 cwe-id: CWE-89 - epss-score: 0.02634 - epss-percentile: 0.89268 + epss-score: 0.0409 + epss-percentile: 0.91941 cpe: cpe:2.3:a:leotheme:leocustomajax:1.0.0:*:*:*:*:prestashop:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-30212.yaml b/http/cves/2023/CVE-2023-30212.yaml index 02cb6d589f..99d71ab1b0 100644 --- a/http/cves/2023/CVE-2023-30212.yaml +++ b/http/cves/2023/CVE-2023-30212.yaml @@ -14,13 +14,15 @@ info: - https://www.ourphp.net/ - https://wanheiqiyihu.top/2023/03/27/OURPHP-v7-2-0-ourphp-out-php-Reflection-xss/ - https://nvd.nist.gov/vuln/detail/CVE-2023-30212 + - https://github.com/JasaluRah/Creating-a-Vulnerable-Docker-Environment-CVE-2023-30212- + - https://github.com/arunsnap/CVE-2023-30212-POC classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2023-30212 cwe-id: CWE-79 - epss-score: 0.02579 - epss-percentile: 0.89149 + epss-score: 0.02578 + epss-percentile: 0.89997 cpe: cpe:2.3:a:ourphp:ourphp:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-30625.yaml b/http/cves/2023/CVE-2023-30625.yaml index 91da9e99ee..8a419d9718 100644 --- a/http/cves/2023/CVE-2023-30625.yaml +++ b/http/cves/2023/CVE-2023-30625.yaml @@ -17,8 +17,8 @@ info: cvss-score: 8.8 cve-id: CVE-2023-30625 cwe-id: CWE-89 - epss-score: 0.93763 - epss-percentile: 0.98954 + epss-score: 0.94833 + epss-percentile: 0.99223 cpe: cpe:2.3:a:rudderstack:rudder-server:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2023/CVE-2023-30777.yaml b/http/cves/2023/CVE-2023-30777.yaml index 9ac0c5ede7..5118d7e845 100644 --- a/http/cves/2023/CVE-2023-30777.yaml +++ b/http/cves/2023/CVE-2023-30777.yaml @@ -20,8 +20,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-30777 cwe-id: CWE-79 - epss-score: 0.00269 - epss-percentile: 0.64351 + epss-score: 0.00338 + epss-percentile: 0.70791 cpe: cpe:2.3:a:advancedcustomfields:advanced_custom_fields:*:*:*:*:-:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-30943.yaml b/http/cves/2023/CVE-2023-30943.yaml index a2238cf1f4..c7c2893b9b 100644 --- a/http/cves/2023/CVE-2023-30943.yaml +++ b/http/cves/2023/CVE-2023-30943.yaml @@ -19,8 +19,8 @@ info: cvss-score: 5.3 cve-id: CVE-2023-30943 cwe-id: CWE-610,CWE-73 - epss-score: 0.02185 - epss-percentile: 0.88239 + epss-score: 0.01661 + epss-percentile: 0.87339 cpe: cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:* metadata: max-request: 4 diff --git a/http/cves/2023/CVE-2023-3219.yaml b/http/cves/2023/CVE-2023-3219.yaml index f3642f2970..f4614c2467 100644 --- a/http/cves/2023/CVE-2023-3219.yaml +++ b/http/cves/2023/CVE-2023-3219.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2023-3219 cwe-id: CWE-639 epss-score: 0.17304 - epss-percentile: 0.95627 + epss-percentile: 0.95981 cpe: cpe:2.3:a:myeventon:eventon:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-32243.yaml b/http/cves/2023/CVE-2023-32243.yaml index f626a2e187..c246ed5d97 100644 --- a/http/cves/2023/CVE-2023-32243.yaml +++ b/http/cves/2023/CVE-2023-32243.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-32243 cwe-id: CWE-287 - epss-score: 0.03567 - epss-percentile: 0.90679 + epss-score: 0.03267 + epss-percentile: 0.91046 cpe: cpe:2.3:a:wpdeveloper:essential_addons_for_elementor:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-32315.yaml b/http/cves/2023/CVE-2023-32315.yaml index 9521d0993a..56cb5bd990 100644 --- a/http/cves/2023/CVE-2023-32315.yaml +++ b/http/cves/2023/CVE-2023-32315.yaml @@ -13,13 +13,16 @@ info: reference: - https://github.com/advisories/GHSA-gw42-f939-fhvm - https://nvd.nist.gov/vuln/detail/CVE-2023-32315 + - https://github.com/izzz0/CVE-2023-32315-POC + - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors + - https://github.com/TLGKien/SploitusCrawl classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2023-32315 cwe-id: CWE-22 - epss-score: 0.96352 - epss-percentile: 0.99447 + epss-score: 0.97384 + epss-percentile: 0.99904 cpe: cpe:2.3:a:igniterealtime:openfire:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-32563.yaml b/http/cves/2023/CVE-2023-32563.yaml index 5019d5586b..92442772ec 100644 --- a/http/cves/2023/CVE-2023-32563.yaml +++ b/http/cves/2023/CVE-2023-32563.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-32563 cwe-id: CWE-22 - epss-score: 0.42647 - epss-percentile: 0.97218 + epss-score: 0.43167 + epss-percentile: 0.97254 cpe: cpe:2.3:a:ivanti:avalanche:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2023/CVE-2023-33338.yaml b/http/cves/2023/CVE-2023-33338.yaml index 9299a0276e..ed985c266a 100644 --- a/http/cves/2023/CVE-2023-33338.yaml +++ b/http/cves/2023/CVE-2023-33338.yaml @@ -18,8 +18,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-33338 cwe-id: CWE-89 - epss-score: 0.00761 - epss-percentile: 0.79129 + epss-score: 0.0152 + epss-percentile: 0.8674 cpe: cpe:2.3:a:phpgurukul:old_age_home_management_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-33439.yaml b/http/cves/2023/CVE-2023-33439.yaml index 2e7b43c8ee..6612c7e423 100644 --- a/http/cves/2023/CVE-2023-33439.yaml +++ b/http/cves/2023/CVE-2023-33439.yaml @@ -18,8 +18,8 @@ info: cvss-score: 7.2 cve-id: CVE-2023-33439 cwe-id: CWE-89 - epss-score: 0.00942 - epss-percentile: 0.81413 + epss-score: 0.00666 + epss-percentile: 0.79241 cpe: cpe:2.3:a:faculty_evaluation_system_project:faculty_evaluation_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-33584.yaml b/http/cves/2023/CVE-2023-33584.yaml index d2027b8b03..3c522da41b 100644 --- a/http/cves/2023/CVE-2023-33584.yaml +++ b/http/cves/2023/CVE-2023-33584.yaml @@ -11,13 +11,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2023-33584 - https://packetstormsecurity.com/files/cve/CVE-2023-33584 - https://www.sourcecodester.com/php/14444/enrollment-system-project-source-code-using-phpmysql.html + - https://github.com/akarrel/test_enrollment classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-33584 cwe-id: CWE-89 - epss-score: 0.05622 - epss-percentile: 0.92535 + epss-score: 0.09977 + epss-percentile: 0.94731 cpe: cpe:2.3:a:enrollment_system_project:enrollment_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-33629.yaml b/http/cves/2023/CVE-2023-33629.yaml index 63e5dba391..d9d0e70609 100644 --- a/http/cves/2023/CVE-2023-33629.yaml +++ b/http/cves/2023/CVE-2023-33629.yaml @@ -10,13 +10,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2023-33629 - https://hackmd.io/@0dayResearch/r1UjggZfh - https://hackmd.io/%400dayResearch/r1UjggZfh + - https://github.com/20142995/sectool classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H cvss-score: 7.2 cve-id: CVE-2023-33629 cwe-id: CWE-787 - epss-score: 0.00859 - epss-percentile: 0.8044 + epss-score: 0.00968 + epss-percentile: 0.82988 cpe: cpe:2.3:o:h3c:magic_r300-2100m_firmware:r300-2100mv100r004:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-34124.yaml b/http/cves/2023/CVE-2023-34124.yaml index eae244b470..ec43576005 100644 --- a/http/cves/2023/CVE-2023-34124.yaml +++ b/http/cves/2023/CVE-2023-34124.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-34124 cwe-id: CWE-287,CWE-305 - epss-score: 0.01564 - epss-percentile: 0.85901 + epss-score: 0.0172 + epss-percentile: 0.87553 cpe: cpe:2.3:a:sonicwall:analytics:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-34259.yaml b/http/cves/2023/CVE-2023-34259.yaml index d75fe8c375..dc395c3721 100644 --- a/http/cves/2023/CVE-2023-34259.yaml +++ b/http/cves/2023/CVE-2023-34259.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2023-34259 cwe-id: CWE-22 epss-score: 0.00554 - epss-percentile: 0.75129 + epss-percentile: 0.77111 cpe: cpe:2.3:o:kyocera:d-copia253mf_plus_firmware:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-34598.yaml b/http/cves/2023/CVE-2023-34598.yaml index 5a8d65fbab..1c3693b74d 100644 --- a/http/cves/2023/CVE-2023-34598.yaml +++ b/http/cves/2023/CVE-2023-34598.yaml @@ -14,13 +14,15 @@ info: - https://github.com/maddsec/CVE-2023-34598 - https://twitter.com/shaybt12/status/1673612503547355137?s=20 - https://nvd.nist.gov/vuln/detail/CVE-2023-34598 + - https://github.com/izj007/wechat + - https://github.com/komodoooo/Some-things classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-34598 cwe-id: CWE-22 - epss-score: 0.03362 - epss-percentile: 0.90424 + epss-score: 0.03342 + epss-percentile: 0.9114 cpe: cpe:2.3:a:gibbonedu:gibbon:25.0.00:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-34659.yaml b/http/cves/2023/CVE-2023-34659.yaml index 2304261cee..1736ea7cec 100644 --- a/http/cves/2023/CVE-2023-34659.yaml +++ b/http/cves/2023/CVE-2023-34659.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-34659 cwe-id: CWE-89 - epss-score: 0.04846 - epss-percentile: 0.91975 + epss-score: 0.21629 + epss-percentile: 0.96326 cpe: cpe:2.3:a:jeecg:jeecg_boot:3.5.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2023/CVE-2023-34751.yaml b/http/cves/2023/CVE-2023-34751.yaml index b1970a04d2..898539b60c 100644 --- a/http/cves/2023/CVE-2023-34751.yaml +++ b/http/cves/2023/CVE-2023-34751.yaml @@ -15,8 +15,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-34751 cwe-id: CWE-89 - epss-score: 0.01254 - epss-percentile: 0.84129 + epss-score: 0.02354 + epss-percentile: 0.89556 cpe: cpe:2.3:a:bloofox:bloofoxcms:0.5.2.1:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2023/CVE-2023-34752.yaml b/http/cves/2023/CVE-2023-34752.yaml index d66612f3f9..8ee2cbb300 100644 --- a/http/cves/2023/CVE-2023-34752.yaml +++ b/http/cves/2023/CVE-2023-34752.yaml @@ -17,8 +17,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-34752 cwe-id: CWE-89 - epss-score: 0.05297 - epss-percentile: 0.92306 + epss-score: 0.0945 + epss-percentile: 0.9459 cpe: cpe:2.3:a:bloofox:bloofoxcms:0.5.2.1:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2023/CVE-2023-34753.yaml b/http/cves/2023/CVE-2023-34753.yaml index 6174946ac1..155f59aaa8 100644 --- a/http/cves/2023/CVE-2023-34753.yaml +++ b/http/cves/2023/CVE-2023-34753.yaml @@ -15,8 +15,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-34753 cwe-id: CWE-89 - epss-score: 0.01254 - epss-percentile: 0.84081 + epss-score: 0.02354 + epss-percentile: 0.89556 cpe: cpe:2.3:a:bloofox:bloofoxcms:0.5.2.1:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2023/CVE-2023-34756.yaml b/http/cves/2023/CVE-2023-34756.yaml index 1d4f21af0a..788551541e 100644 --- a/http/cves/2023/CVE-2023-34756.yaml +++ b/http/cves/2023/CVE-2023-34756.yaml @@ -15,8 +15,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-34756 cwe-id: CWE-89 - epss-score: 0.01254 - epss-percentile: 0.84129 + epss-score: 0.02354 + epss-percentile: 0.89556 cpe: cpe:2.3:a:bloofox:bloofoxcms:0.5.2.1:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-34843.yaml b/http/cves/2023/CVE-2023-34843.yaml index 61b78f2262..ac65ad8df8 100644 --- a/http/cves/2023/CVE-2023-34843.yaml +++ b/http/cves/2023/CVE-2023-34843.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2023-34843 cwe-id: CWE-22 epss-score: 0.00349 - epss-percentile: 0.68925 + epss-percentile: 0.71237 cpe: cpe:2.3:a:traggo:traggo:0.3.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-34960.yaml b/http/cves/2023/CVE-2023-34960.yaml index cd5e80f876..03d9c33f17 100644 --- a/http/cves/2023/CVE-2023-34960.yaml +++ b/http/cves/2023/CVE-2023-34960.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-34960 cwe-id: CWE-77 - epss-score: 0.88811 - epss-percentile: 0.98462 + epss-score: 0.93541 + epss-percentile: 0.99046 cpe: cpe:2.3:a:chamilo:chamilo:*:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2023/CVE-2023-35843.yaml b/http/cves/2023/CVE-2023-35843.yaml index 015a3faa5e..51e833fa56 100644 --- a/http/cves/2023/CVE-2023-35843.yaml +++ b/http/cves/2023/CVE-2023-35843.yaml @@ -15,13 +15,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2023-35843 - https://github.com/nocodb/nocodb/blob/6decfa2b20c28db9946bddce0bcb1442b683ecae/packages/nocodb/src/lib/controllers/attachment.ctl.ts#L62-L74 - https://github.com/nocodb/nocodb/blob/f7ee7e3beb91d313a159895d1edc1aba9d91b0bc/packages/nocodb/src/controllers/attachments.controller.ts#L55-L66 + - https://github.com/0x783kb/Security-operation-book classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2023-35843 cwe-id: CWE-22 - epss-score: 0.02782 - epss-percentile: 0.89547 + epss-score: 0.03299 + epss-percentile: 0.91091 cpe: cpe:2.3:a:nocodb:nocodb:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-35844.yaml b/http/cves/2023/CVE-2023-35844.yaml index d07a9f37fd..a49c7b164e 100644 --- a/http/cves/2023/CVE-2023-35844.yaml +++ b/http/cves/2023/CVE-2023-35844.yaml @@ -24,8 +24,8 @@ info: cvss-score: 7.5 cve-id: CVE-2023-35844 cwe-id: CWE-22 - epss-score: 0.00782 - epss-percentile: 0.79503 + epss-score: 0.04986 + epss-percentile: 0.92655 cpe: cpe:2.3:a:lightdash:lightdash:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-36144.yaml b/http/cves/2023/CVE-2023-36144.yaml index 3f6816a079..78970178b0 100644 --- a/http/cves/2023/CVE-2023-36144.yaml +++ b/http/cves/2023/CVE-2023-36144.yaml @@ -18,8 +18,8 @@ info: cvss-score: 7.5 cve-id: CVE-2023-36144 cwe-id: CWE-862 - epss-score: 0.04828 - epss-percentile: 0.91962 + epss-score: 0.02858 + epss-percentile: 0.90492 cpe: cpe:2.3:o:intelbras:sg_2404_mr_firmware:1.00.54:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2023/CVE-2023-36289.yaml b/http/cves/2023/CVE-2023-36289.yaml index 6ac10cace9..ca1d06e8df 100644 --- a/http/cves/2023/CVE-2023-36289.yaml +++ b/http/cves/2023/CVE-2023-36289.yaml @@ -19,8 +19,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-36289 cwe-id: CWE-79 - epss-score: 0.00075 - epss-percentile: 0.30832 + epss-score: 0.00083 + epss-percentile: 0.33945 cpe: cpe:2.3:a:webkul:qloapps:1.6.0:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2023/CVE-2023-36346.yaml b/http/cves/2023/CVE-2023-36346.yaml index e6c9f71751..dfca2cfb41 100644 --- a/http/cves/2023/CVE-2023-36346.yaml +++ b/http/cves/2023/CVE-2023-36346.yaml @@ -15,13 +15,14 @@ info: - https://www.youtube.com/watch?v=bbbA-q1syrA - https://nvd.nist.gov/vuln/detail/CVE-2023-36346 - http://packetstormsecurity.com/files/173280/Sales-Of-Cashier-Goods-1.0-Cross-Site-Scripting.html + - https://github.com/ARPSyndicate/cvemon classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2023-36346 cwe-id: CWE-79 epss-score: 0.00096 - epss-percentile: 0.39882 + epss-percentile: 0.39295 cpe: cpe:2.3:a:codekop:codekop:2.0:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2023/CVE-2023-36934.yaml b/http/cves/2023/CVE-2023-36934.yaml index 07005dd734..862740abc5 100644 --- a/http/cves/2023/CVE-2023-36934.yaml +++ b/http/cves/2023/CVE-2023-36934.yaml @@ -15,13 +15,14 @@ info: - https://blog.projectdiscovery.io/moveit-transfer-sql-injection/ - https://thehackernews.com/2023/07/another-critical-unauthenticated-sqli.html - https://www.progress.com/moveit + - https://github.com/KushGuptaRH/MOVEit-Response classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N cvss-score: 9.1 cve-id: CVE-2023-36934 cwe-id: CWE-89 - epss-score: 0.01404 - epss-percentile: 0.85016 + epss-score: 0.09049 + epss-percentile: 0.94466 cpe: cpe:2.3:a:progress:moveit_transfer:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-37265.yaml b/http/cves/2023/CVE-2023-37265.yaml index 509ffca7f9..4cd25cf8fb 100644 --- a/http/cves/2023/CVE-2023-37265.yaml +++ b/http/cves/2023/CVE-2023-37265.yaml @@ -14,13 +14,14 @@ info: - https://github.com/IceWhaleTech/CasaOS/security/advisories/GHSA-m5q5-8mfw-p2hr - https://github.com/IceWhaleTech/CasaOS-Gateway/commit/391dd7f0f239020c46bf057cfa25f82031fc15f7 - https://github.com/IceWhaleTech/CasaOS-Gateway/security/advisories/GHSA-vjh7-5r6x-xh6g + - https://github.com/komodoooo/Some-things classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-37265 cwe-id: CWE-306 - epss-score: 0.09477 - epss-percentile: 0.94174 + epss-score: 0.14233 + epss-percentile: 0.95569 cpe: cpe:2.3:o:icewhale:casaos:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-37580.yaml b/http/cves/2023/CVE-2023-37580.yaml index 226f55470f..e2e97210a2 100644 --- a/http/cves/2023/CVE-2023-37580.yaml +++ b/http/cves/2023/CVE-2023-37580.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-37580 cwe-id: CWE-79 - epss-score: 0.27921 - epss-percentile: 0.96403 + epss-score: 0.30373 + epss-percentile: 0.96831 cpe: cpe:2.3:a:zimbra:zimbra:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/http/cves/2023/CVE-2023-37629.yaml b/http/cves/2023/CVE-2023-37629.yaml index 785aacd8ff..af0fc824f7 100644 --- a/http/cves/2023/CVE-2023-37629.yaml +++ b/http/cves/2023/CVE-2023-37629.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2023-37629 cwe-id: CWE-434 epss-score: 0.13221 - epss-percentile: 0.95065 + epss-percentile: 0.95417 cpe: cpe:2.3:a:simple_online_piggery_management_system_project:simple_online_piggery_management_system:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-3765.yaml b/http/cves/2023/CVE-2023-3765.yaml index 6e9c79f45d..4183da3a89 100644 --- a/http/cves/2023/CVE-2023-3765.yaml +++ b/http/cves/2023/CVE-2023-3765.yaml @@ -20,8 +20,8 @@ info: cvss-score: 10 cve-id: CVE-2023-3765 cwe-id: CWE-36 - epss-score: 0.00634 - epss-percentile: 0.76825 + epss-score: 0.00951 + epss-percentile: 0.82826 cpe: cpe:2.3:a:lfprojects:mlflow:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-37728.yaml b/http/cves/2023/CVE-2023-37728.yaml index 7fcb3da6b6..989578aeb1 100644 --- a/http/cves/2023/CVE-2023-37728.yaml +++ b/http/cves/2023/CVE-2023-37728.yaml @@ -17,8 +17,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-37728 cwe-id: CWE-79 - epss-score: 0.00167 - epss-percentile: 0.53357 + epss-score: 0.00259 + epss-percentile: 0.65066 cpe: cpe:2.3:a:icewarp:icewarp:10.2.1:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-37979.yaml b/http/cves/2023/CVE-2023-37979.yaml index aad714949d..c20c884c33 100644 --- a/http/cves/2023/CVE-2023-37979.yaml +++ b/http/cves/2023/CVE-2023-37979.yaml @@ -18,8 +18,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-37979 cwe-id: CWE-79 - epss-score: 0.00084 - epss-percentile: 0.35134 + epss-score: 0.00085 + epss-percentile: 0.34736 cpe: cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-38205.yaml b/http/cves/2023/CVE-2023-38205.yaml index a16813339f..1488758f3c 100644 --- a/http/cves/2023/CVE-2023-38205.yaml +++ b/http/cves/2023/CVE-2023-38205.yaml @@ -20,8 +20,8 @@ info: cvss-score: 7.5 cve-id: CVE-2023-38205 cwe-id: CWE-284,NVD-CWE-Other - epss-score: 0.84215 - epss-percentile: 0.98229 + epss-score: 0.93471 + epss-percentile: 0.99038 cpe: cpe:2.3:a:adobe:coldfusion:2018:-:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-3843.yaml b/http/cves/2023/CVE-2023-3843.yaml index cc1cfef13d..5f4cab8cb5 100644 --- a/http/cves/2023/CVE-2023-3843.yaml +++ b/http/cves/2023/CVE-2023-3843.yaml @@ -16,8 +16,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-3843 cwe-id: CWE-79 - epss-score: 0.002 - epss-percentile: 0.57852 + epss-score: 0.00235 + epss-percentile: 0.60949 cpe: cpe:2.3:a:moosocial:moodating:1.2:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-38433.yaml b/http/cves/2023/CVE-2023-38433.yaml index 778d1e7af8..ea853443cb 100644 --- a/http/cves/2023/CVE-2023-38433.yaml +++ b/http/cves/2023/CVE-2023-38433.yaml @@ -19,8 +19,8 @@ info: cvss-score: 7.5 cve-id: CVE-2023-38433 cwe-id: CWE-798 - epss-score: 0.00392 - epss-percentile: 0.70574 + epss-score: 0.0029 + epss-percentile: 0.6843 cpe: cpe:2.3:o:fujitsu:ip-he950e_firmware:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-3844.yaml b/http/cves/2023/CVE-2023-3844.yaml index 199eb071c0..c8f8c4fa4a 100644 --- a/http/cves/2023/CVE-2023-3844.yaml +++ b/http/cves/2023/CVE-2023-3844.yaml @@ -16,8 +16,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-3844 cwe-id: CWE-79 - epss-score: 0.002 - epss-percentile: 0.57852 + epss-score: 0.00235 + epss-percentile: 0.60949 cpe: cpe:2.3:a:moosocial:moodating:1.2:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-3845.yaml b/http/cves/2023/CVE-2023-3845.yaml index 0b458b9631..92449544bd 100644 --- a/http/cves/2023/CVE-2023-3845.yaml +++ b/http/cves/2023/CVE-2023-3845.yaml @@ -16,8 +16,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-3845 cwe-id: CWE-79 - epss-score: 0.002 - epss-percentile: 0.57852 + epss-score: 0.00235 + epss-percentile: 0.60949 cpe: cpe:2.3:a:moosocial:moodating:1.2:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-3847.yaml b/http/cves/2023/CVE-2023-3847.yaml index 2fe6be3b3d..78ac1b4891 100644 --- a/http/cves/2023/CVE-2023-3847.yaml +++ b/http/cves/2023/CVE-2023-3847.yaml @@ -11,13 +11,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2023-3847 - https://vuldb.com/?ctiid.235198 - https://vuldb.com/?id.235198 + - https://github.com/fkie-cad/nvd-json-data-feeds classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2023-3847 cwe-id: CWE-79 - epss-score: 0.002 - epss-percentile: 0.57852 + epss-score: 0.00235 + epss-percentile: 0.60949 cpe: cpe:2.3:a:moosocial:moodating:1.2:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-39002.yaml b/http/cves/2023/CVE-2023-39002.yaml index 147a766aff..f325d8cd20 100644 --- a/http/cves/2023/CVE-2023-39002.yaml +++ b/http/cves/2023/CVE-2023-39002.yaml @@ -16,7 +16,7 @@ info: cve-id: CVE-2023-39002 cwe-id: CWE-79 epss-score: 0.00064 - epss-percentile: 0.26129 + epss-percentile: 0.26117 cpe: cpe:2.3:a:opnsense:opnsense:*:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2023/CVE-2023-39109.yaml b/http/cves/2023/CVE-2023-39109.yaml index f65ceb1441..6b332ec057 100644 --- a/http/cves/2023/CVE-2023-39109.yaml +++ b/http/cves/2023/CVE-2023-39109.yaml @@ -10,13 +10,14 @@ info: - https://www.rconfig.com/downloads/rconfig-3.9.4.zip - https://github.com/zer0yu/CVE_Request/blob/master/rConfig/rConfig_path_a.md - https://nvd.nist.gov/vuln/detail/CVE-2023-39109 + - https://github.com/zer0yu/CVE_Request classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.8 cve-id: CVE-2023-39109 cwe-id: CWE-918 - epss-score: 0.01332 - epss-percentile: 0.84573 + epss-score: 0.03449 + epss-percentile: 0.91267 cpe: cpe:2.3:a:rconfig:rconfig:3.9.4:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-39110.yaml b/http/cves/2023/CVE-2023-39110.yaml index b3c5b3e604..b7dd4d8d54 100644 --- a/http/cves/2023/CVE-2023-39110.yaml +++ b/http/cves/2023/CVE-2023-39110.yaml @@ -10,13 +10,14 @@ info: - https://www.rconfig.com/downloads/rconfig-3.9.4.zip - https://github.com/zer0yu/CVE_Request/blob/master/rConfig/rConfig_%20ajaxGetFileByPath.md - https://nvd.nist.gov/vuln/detail/CVE-2023-39110 + - https://github.com/zer0yu/CVE_Request classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.8 cve-id: CVE-2023-39110 cwe-id: CWE-918 - epss-score: 0.01332 - epss-percentile: 0.84573 + epss-score: 0.03449 + epss-percentile: 0.91267 cpe: cpe:2.3:a:rconfig:rconfig:3.9.4:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-39143.yaml b/http/cves/2023/CVE-2023-39143.yaml index 051b2e5c2b..813ac6ee75 100644 --- a/http/cves/2023/CVE-2023-39143.yaml +++ b/http/cves/2023/CVE-2023-39143.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-39143 cwe-id: CWE-22 - epss-score: 0.88836 - epss-percentile: 0.98482 + epss-score: 0.93991 + epss-percentile: 0.99092 cpe: cpe:2.3:a:papercut:papercut_mf:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-3936.yaml b/http/cves/2023/CVE-2023-3936.yaml index b9660c1246..b0338df7d1 100644 --- a/http/cves/2023/CVE-2023-3936.yaml +++ b/http/cves/2023/CVE-2023-3936.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2023-3936 cwe-id: CWE-79 epss-score: 0.00064 - epss-percentile: 0.26233 + epss-percentile: 0.26189 cpe: cpe:2.3:a:adenion:blog2social:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-39598.yaml b/http/cves/2023/CVE-2023-39598.yaml index f4bd3f4612..dc9290ef75 100644 --- a/http/cves/2023/CVE-2023-39598.yaml +++ b/http/cves/2023/CVE-2023-39598.yaml @@ -18,8 +18,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-39598 cwe-id: CWE-79 - epss-score: 0.01072 - epss-percentile: 0.82679 + epss-score: 0.02804 + epss-percentile: 0.90411 cpe: cpe:2.3:a:icewarp:webclient:10.2.1:*:*:*:*:*:*:* metadata: verified: "true" diff --git a/http/cves/2023/CVE-2023-39600.yaml b/http/cves/2023/CVE-2023-39600.yaml index 9a3e87d7bf..f05daa8902 100644 --- a/http/cves/2023/CVE-2023-39600.yaml +++ b/http/cves/2023/CVE-2023-39600.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2023-39600 cwe-id: CWE-79 epss-score: 0.00064 - epss-percentile: 0.26129 + epss-percentile: 0.26117 cpe: cpe:2.3:a:icewarp:icewarp:11.4.6.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2023/CVE-2023-40355.yaml b/http/cves/2023/CVE-2023-40355.yaml index 80ba34d8b4..300a401ee8 100644 --- a/http/cves/2023/CVE-2023-40355.yaml +++ b/http/cves/2023/CVE-2023-40355.yaml @@ -10,15 +10,18 @@ info: - https://www.axigen.com/knowledgebase/Axigen-WebMail-XSS-Vulnerability-CVE-2023-40355-_396.html - https://nvd.nist.gov/vuln/detail/CVE-2023-40355 classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N - cvss-score: 6.5 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N + cvss-score: 5.4 cve-id: CVE-2023-40355 cwe-id: CWE-79 - epss-score: 0.0006 - epss-percentile: 0.22931 + epss-score: 0.00587 + epss-percentile: 0.77728 + cpe: cpe:2.3:a:axigen:axigen_mobile_webmail:*:*:*:*:*:*:*:* metadata: - max-request: 3 verified: true + max-request: 3 + vendor: axigen + product: axigen_mobile_webmail shodan-query: http.favicon.hash:-1247684400 tags: cve,cve2023,xss,axigen,webmail diff --git a/http/cves/2023/CVE-2023-4110.yaml b/http/cves/2023/CVE-2023-4110.yaml index ea75835491..d35d881d0f 100644 --- a/http/cves/2023/CVE-2023-4110.yaml +++ b/http/cves/2023/CVE-2023-4110.yaml @@ -16,8 +16,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-4110 cwe-id: CWE-79 - epss-score: 0.002 - epss-percentile: 0.57852 + epss-score: 0.00235 + epss-percentile: 0.60949 cpe: cpe:2.3:a:phpjabbers:availability_booking_calendar:5.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-41109.yaml b/http/cves/2023/CVE-2023-41109.yaml index a6f8ec77ab..6104f62503 100644 --- a/http/cves/2023/CVE-2023-41109.yaml +++ b/http/cves/2023/CVE-2023-41109.yaml @@ -21,8 +21,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-41109 cwe-id: CWE-78 - epss-score: 0.25963 - epss-percentile: 0.96281 + epss-score: 0.23094 + epss-percentile: 0.96433 cpe: cpe:2.3:o:patton:smartnode_sn200_firmware:*:*:*:*:*:*:*:* metadata: verified: true @@ -30,7 +30,6 @@ info: vendor: patton product: smartnode_sn200_firmware tags: cve,cve2023,smartnode,voip,patton - variables: payload: "echo CVE-2023-41109 | md5sum" diff --git a/http/cves/2023/CVE-2023-4111.yaml b/http/cves/2023/CVE-2023-4111.yaml index 5ef651f3d1..3751c17e62 100644 --- a/http/cves/2023/CVE-2023-4111.yaml +++ b/http/cves/2023/CVE-2023-4111.yaml @@ -16,8 +16,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-4111 cwe-id: CWE-79 - epss-score: 0.002 - epss-percentile: 0.57852 + epss-score: 0.00235 + epss-percentile: 0.60949 cpe: cpe:2.3:a:phpjabbers:bus_reservation_system:1.1:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-4112.yaml b/http/cves/2023/CVE-2023-4112.yaml index 37fc7f814c..3db9327c14 100644 --- a/http/cves/2023/CVE-2023-4112.yaml +++ b/http/cves/2023/CVE-2023-4112.yaml @@ -17,8 +17,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-4112 cwe-id: CWE-79 - epss-score: 0.00231 - epss-percentile: 0.61239 + epss-score: 0.00229 + epss-percentile: 0.60385 cpe: cpe:2.3:a:phpjabbers:shuttle_booking_software:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-4115.yaml b/http/cves/2023/CVE-2023-4115.yaml index 6bcb41a76d..a1fa4ea6c7 100644 --- a/http/cves/2023/CVE-2023-4115.yaml +++ b/http/cves/2023/CVE-2023-4115.yaml @@ -17,8 +17,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-4115 cwe-id: CWE-79 - epss-score: 0.00263 - epss-percentile: 0.63974 + epss-score: 0.0027 + epss-percentile: 0.67168 cpe: cpe:2.3:a:phpjabbers:cleaning_business_software:1.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-4116.yaml b/http/cves/2023/CVE-2023-4116.yaml index 5ef3b5b224..e7126dc5a0 100644 --- a/http/cves/2023/CVE-2023-4116.yaml +++ b/http/cves/2023/CVE-2023-4116.yaml @@ -17,8 +17,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-4116 cwe-id: CWE-79 - epss-score: 0.00263 - epss-percentile: 0.63974 + epss-score: 0.0027 + epss-percentile: 0.67168 cpe: cpe:2.3:a:phpjabbers:taxi_booking_script:2.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-41265.yaml b/http/cves/2023/CVE-2023-41265.yaml index 623399c1bb..90c272bf1f 100644 --- a/http/cves/2023/CVE-2023-41265.yaml +++ b/http/cves/2023/CVE-2023-41265.yaml @@ -17,8 +17,8 @@ info: cvss-score: 9.9 cve-id: CVE-2023-41265 cwe-id: CWE-444 - epss-score: 0.78543 - epss-percentile: 0.97976 + epss-score: 0.8352 + epss-percentile: 0.9837 cpe: cpe:2.3:a:qlik:qlik_sense:august_2022:-:*:*:enterprise:windows:*:* metadata: max-request: 1 diff --git a/http/cves/2023/CVE-2023-41266.yaml b/http/cves/2023/CVE-2023-41266.yaml index 69d7229525..52656fd01a 100644 --- a/http/cves/2023/CVE-2023-41266.yaml +++ b/http/cves/2023/CVE-2023-41266.yaml @@ -10,13 +10,14 @@ info: - https://www.praetorian.com/blog/advisory-qlik-sense/ - https://www.praetorian.com/blog/qlik-sense-technical-exploit - https://community.qlik.com/t5/Release-Notes/tkb-p/ReleaseNotes + - https://github.com/Ostorlab/KEV classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N cvss-score: 6.5 cve-id: CVE-2023-41266 cwe-id: CWE-20 - epss-score: 0.526 - epss-percentile: 0.97294 + epss-score: 0.83414 + epss-percentile: 0.98363 cpe: cpe:2.3:a:qlik:qlik_sense:august_2022:-:*:*:enterprise:windows:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-4168.yaml b/http/cves/2023/CVE-2023-4168.yaml index 6fe9ad726b..3e45ec1dc3 100644 --- a/http/cves/2023/CVE-2023-4168.yaml +++ b/http/cves/2023/CVE-2023-4168.yaml @@ -17,8 +17,8 @@ info: cvss-score: 7.5 cve-id: CVE-2023-4168 cwe-id: CWE-200,NVD-CWE-noinfo - epss-score: 0.21058 - epss-percentile: 0.95974 + epss-score: 0.12454 + epss-percentile: 0.95296 cpe: cpe:2.3:a:templatecookie:adlisting:2.14.0:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-4169.yaml b/http/cves/2023/CVE-2023-4169.yaml index db064d1bd3..52433b1ee1 100644 --- a/http/cves/2023/CVE-2023-4169.yaml +++ b/http/cves/2023/CVE-2023-4169.yaml @@ -11,13 +11,14 @@ info: - https://github.com/blakespire/repoforcve/tree/main/RG-EW1200G - https://vuldb.com/?ctiid.236185 - https://vuldb.com/?id.236185 + - https://github.com/20142995/sectool classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.8 cve-id: CVE-2023-4169 cwe-id: CWE-284,NVD-CWE-noinfo - epss-score: 0.00803 - epss-percentile: 0.79768 + epss-score: 0.00938 + epss-percentile: 0.82702 cpe: cpe:2.3:o:ruijie:rg-ew1200g_firmware:1.0\(1\)b1p5:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2023/CVE-2023-4174.yaml b/http/cves/2023/CVE-2023-4174.yaml index 5ebeb346e5..c936710be9 100644 --- a/http/cves/2023/CVE-2023-4174.yaml +++ b/http/cves/2023/CVE-2023-4174.yaml @@ -21,8 +21,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-4174 cwe-id: CWE-79 - epss-score: 0.00209 - epss-percentile: 0.58844 + epss-score: 0.00352 + epss-percentile: 0.71356 cpe: cpe:2.3:a:moosocial:moostore:3.1.6:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-41763.yaml b/http/cves/2023/CVE-2023-41763.yaml index b0a00cbb78..1001939807 100644 --- a/http/cves/2023/CVE-2023-41763.yaml +++ b/http/cves/2023/CVE-2023-41763.yaml @@ -10,12 +10,14 @@ info: - https://frycos.github.io/vulns4free/2022/09/26/skype-audit-part2.html - https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-41763 - https://nvd.nist.gov/vuln/detail/CVE-2023-41763 + - https://github.com/Ostorlab/KEV + - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2023-41763 - epss-score: 0.15841 - epss-percentile: 0.95426 + epss-score: 0.05631 + epss-percentile: 0.93128 cpe: cpe:2.3:a:microsoft:skype_for_business_server:2015:cumulative_update_13:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-42344.yaml b/http/cves/2023/CVE-2023-42344.yaml index 113c3d9ffb..72726656c5 100644 --- a/http/cves/2023/CVE-2023-42344.yaml +++ b/http/cves/2023/CVE-2023-42344.yaml @@ -6,14 +6,14 @@ info: severity: high description: | users can execute code without authentication. An attacker can execute malicious requests on the OpenCms server. When the requests are successful vulnerable OpenCms can be exploited resulting in an unauthenticated XXE vulnerability. Based on research OpenCMS versions from 9.0.0 to 10.5.0 are vulnerable. + remediation: Advised to upgrade to OpenCMS 10.5.1 or later to patch the vulnerability reference: - https://blog.qualys.com/product-tech/2023/12/08/opencms-unauthenticated-xxe-vulnerability-cve-2023-42344 - https://labs.watchtowr.com/xxe-you-can-depend-on-me-opencms/ - remediation: Advised to upgrade to OpenCMS 10.5.1 or later to patch the vulnerability metadata: + verified: true max-request: 2 fofa-query: "OpenCms-9.5.3" - verified: true tags: cve,cve2023,xxe,opencms http: diff --git a/http/cves/2023/CVE-2023-42793.yaml b/http/cves/2023/CVE-2023-42793.yaml index 4bb26784bd..069b252f54 100644 --- a/http/cves/2023/CVE-2023-42793.yaml +++ b/http/cves/2023/CVE-2023-42793.yaml @@ -17,8 +17,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-42793 cwe-id: CWE-288 - epss-score: 0.97283 - epss-percentile: 0.99836 + epss-score: 0.97093 + epss-percentile: 0.99759 cpe: cpe:2.3:a:jetbrains:teamcity:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-43177.yaml b/http/cves/2023/CVE-2023-43177.yaml index b913de93da..0e078f1420 100644 --- a/http/cves/2023/CVE-2023-43177.yaml +++ b/http/cves/2023/CVE-2023-43177.yaml @@ -11,20 +11,20 @@ info: - https://convergetp.com/2023/11/16/crushftp-zero-day-cve-2023-43177-discovered/ - https://blog.projectdiscovery.io/crushftp-rce/ - https://github.com/the-emmons/CVE-Disclosures/blob/main/Pending/CrushFTP-2023-1.md + - https://github.com/nomi-sec/PoC-in-GitHub classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-43177 cwe-id: CWE-913 - epss-score: 0.00106 - epss-percentile: 0.42667 + epss-score: 0.92767 + epss-percentile: 0.98966 cpe: cpe:2.3:a:crushftp:crushftp:*:*:*:*:*:*:*:* metadata: max-request: 3 vendor: crushftp product: crushftp tags: cve,cve2023,crushftp,unauth,rce,intrusive - flow: http(1) && http(2) && http(3) variables: diff --git a/http/cves/2023/CVE-2023-43187.yaml b/http/cves/2023/CVE-2023-43187.yaml index bcc8a361e2..b14a0509b3 100644 --- a/http/cves/2023/CVE-2023-43187.yaml +++ b/http/cves/2023/CVE-2023-43187.yaml @@ -14,15 +14,15 @@ info: cvss-score: 9.8 cve-id: CVE-2023-43187 cwe-id: CWE-91 - epss-score: 0.00326 - epss-percentile: 0.70173 + epss-score: 0.09598 + epss-percentile: 0.94633 cpe: cpe:2.3:a:nodebb:nodebb:*:*:*:*:*:*:*:* metadata: + max-request: 2 vendor: nodebb product: nodebb - fofa-query: title="nodebb" + fofa-query: "title=\"nodebb\"" tags: cve,cve2023,nodebb,rce - flow: http(1) && http(2) http: diff --git a/http/cves/2023/CVE-2023-43325.yaml b/http/cves/2023/CVE-2023-43325.yaml index c166175232..a0991903fb 100644 --- a/http/cves/2023/CVE-2023-43325.yaml +++ b/http/cves/2023/CVE-2023-43325.yaml @@ -11,13 +11,14 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2023-43325 - https://moosocial.com/ - https://travel.moosocial.com/ + - https://github.com/fkie-cad/nvd-json-data-feeds classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2023-43325 cwe-id: CWE-79 - epss-score: 0.41721 - epss-percentile: 0.96972 + epss-score: 0.37241 + epss-percentile: 0.97089 cpe: cpe:2.3:a:moosocial:moosocial:3.1.8:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-43326.yaml b/http/cves/2023/CVE-2023-43326.yaml index 162709bc3a..af7fc2a046 100644 --- a/http/cves/2023/CVE-2023-43326.yaml +++ b/http/cves/2023/CVE-2023-43326.yaml @@ -10,13 +10,14 @@ info: - https://github.com/ahrixia/CVE-2023-43326 - https://nvd.nist.gov/vuln/detail/CVE-2023-43326 - https://moosocial.com/ + - https://github.com/nomi-sec/PoC-in-GitHub classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2023-43326 cwe-id: CWE-79 epss-score: 0.00643 - epss-percentile: 0.77002 + epss-percentile: 0.78809 cpe: cpe:2.3:a:moosocial:moosocial:3.1.8:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-43795.yaml b/http/cves/2023/CVE-2023-43795.yaml index 2da4e77701..a20341782f 100644 --- a/http/cves/2023/CVE-2023-43795.yaml +++ b/http/cves/2023/CVE-2023-43795.yaml @@ -10,13 +10,14 @@ info: - https://www.synacktiv.com/advisories/unauthenticated-server-side-request-forgery-crlf-injection-in-geoserver-wms.html - https://github.com/geoserver/geoserver/security/advisories/GHSA-5pr3-m5hm-9956 - https://nvd.nist.gov/vuln/detail/CVE-2023-43795 + - https://github.com/20142995/sectool classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-43795 cwe-id: CWE-918 - epss-score: 0.10955 - epss-percentile: 0.94582 + epss-score: 0.11649 + epss-percentile: 0.95151 cpe: cpe:2.3:a:osgeo:geoserver:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-44352.yaml b/http/cves/2023/CVE-2023-44352.yaml index 3f0131caa3..358881f089 100644 --- a/http/cves/2023/CVE-2023-44352.yaml +++ b/http/cves/2023/CVE-2023-44352.yaml @@ -14,17 +14,16 @@ info: cvss-score: 6.1 cve-id: CVE-2023-44352 cwe-id: CWE-79 - epss-score: 0.0006 - epss-percentile: 0.23281 + epss-score: 0.00931 + epss-percentile: 0.82639 cpe: cpe:2.3:a:adobe:coldfusion:*:*:*:*:*:*:*:* metadata: - max-request: 8 verified: true - vendor: Adobe - product: Adobe ColdFusion + max-request: 8 + vendor: adobe + product: coldfusion shodan-query: http.component:"Adobe Coldfusion" tags: cve,cve2023,coldfusion,adobe,xss - variables: string: "{{rand_base(8)}}" diff --git a/http/cves/2023/CVE-2023-45542.yaml b/http/cves/2023/CVE-2023-45542.yaml index eda1b775f0..88c36470b0 100644 --- a/http/cves/2023/CVE-2023-45542.yaml +++ b/http/cves/2023/CVE-2023-45542.yaml @@ -9,13 +9,14 @@ info: reference: - https://github.com/ahrixia/CVE-2023-45542 - https://nvd.nist.gov/vuln/detail/CVE-2023-45542 + - https://github.com/nomi-sec/PoC-in-GitHub classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2023-45542 cwe-id: CWE-79 - epss-score: 0.001 - epss-percentile: 0.40724 + epss-score: 0.00082 + epss-percentile: 0.33567 cpe: cpe:2.3:a:moosocial:moosocial:3.1.8:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-45671.yaml b/http/cves/2023/CVE-2023-45671.yaml index a46dd6757d..666da1df9f 100644 --- a/http/cves/2023/CVE-2023-45671.yaml +++ b/http/cves/2023/CVE-2023-45671.yaml @@ -16,8 +16,8 @@ info: cve-id: CVE-2023-45671 cpe: cpe:2.3:a:frigate:frigate:0.13.0:beta1:*:*:*:*:*:* metadata: - max-request: 1 verified: true + max-request: 1 vendor: frigate product: frigate shodan-query: title:"Frigate" diff --git a/http/cves/2023/CVE-2023-45852.yaml b/http/cves/2023/CVE-2023-45852.yaml index 49b0dcd75b..13d7e43ec8 100644 --- a/http/cves/2023/CVE-2023-45852.yaml +++ b/http/cves/2023/CVE-2023-45852.yaml @@ -10,13 +10,15 @@ info: - https://connectivity.viessmann.com/gb/mp-fp/vitogate/vitogate-300-bn-mb.html - https://github.com/Push3AX/vul/blob/main/viessmann/Vitogate300_RCE.md - https://nvd.nist.gov/vuln/detail/CVE-2023-45852 + - https://github.com/tanjiti/sec_profile + - https://github.com/komodoooo/Some-things classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-45852 cwe-id: CWE-77 - epss-score: 0.08478 - epss-percentile: 0.93821 + epss-score: 0.09217 + epss-percentile: 0.94519 cpe: cpe:2.3:o:viessmann:vitogate_300_firmware:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-4634.yaml b/http/cves/2023/CVE-2023-4634.yaml index 54cae7aa1b..6570863c95 100644 --- a/http/cves/2023/CVE-2023-4634.yaml +++ b/http/cves/2023/CVE-2023-4634.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-4634 cwe-id: CWE-73 - epss-score: 0.0217 - epss-percentile: 0.88199 + epss-score: 0.02012 + epss-percentile: 0.88618 cpe: cpe:2.3:a:davidlingren:media_library_assistant:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-46574.yaml b/http/cves/2023/CVE-2023-46574.yaml index 50f28d10aa..eb87ea6e13 100644 --- a/http/cves/2023/CVE-2023-46574.yaml +++ b/http/cves/2023/CVE-2023-46574.yaml @@ -9,20 +9,23 @@ info: reference: - https://nvd.nist.gov/vuln/detail/CVE-2023-46574 - https://github.com/OraclePi/repo/blob/main/totolink%20A3700R/1/A3700R%20%20V9.1.2u.6165_20211012%20vuln.md + - https://github.com/Marco-zcl/POC + - https://github.com/d4n-sec/d4n-sec.github.io + - https://github.com/wy876/POC classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-46574 cwe-id: CWE-77 + epss-score: 0.05804 + epss-percentile: 0.9323 cpe: cpe:2.3:o:totolink:a3700r_firmware:9.1.2u.6165_20211012:*:*:*:*:*:*:* - epss-score: 0.00223 - epss-percentile: 0.60602 metadata: + verified: true max-request: 2 + vendor: totolink product: a3700r_firmware shodan-query: title:"Totolink" - vendor: totolink - verified: true tags: cve,cve2023,totolink,router,iot,rce http: diff --git a/http/cves/2023/CVE-2023-46747.yaml b/http/cves/2023/CVE-2023-46747.yaml index a0a95009c0..a2d91c714e 100644 --- a/http/cves/2023/CVE-2023-46747.yaml +++ b/http/cves/2023/CVE-2023-46747.yaml @@ -11,13 +11,14 @@ info: - https://my.f5.com/manage/s/article/K000137353 - http://packetstormsecurity.com/files/175673/F5-BIG-IP-TMUI-AJP-Smuggling-Remote-Command-Execution.html - https://www.secpod.com/blog/f5-issues-warning-big-ip-vulnerability-used-in-active-exploit-chain/ + - https://github.com/f1tao/awesome-iot-security-resource classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-46747 - cwe-id: CWE-288 - epss-score: 0.96553 - epss-percentile: 0.99522 + cwe-id: CWE-306,CWE-288 + epss-score: 0.97202 + epss-percentile: 0.99806 cpe: cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-46805.yaml b/http/cves/2023/CVE-2023-46805.yaml index 6139c05d3a..a46bdbca9a 100644 --- a/http/cves/2023/CVE-2023-46805.yaml +++ b/http/cves/2023/CVE-2023-46805.yaml @@ -8,17 +8,22 @@ info: reference: - https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US - https://nvd.nist.gov/vuln/detail/CVE-2023-46805 + - http://packetstormsecurity.com/files/176668/Ivanti-Connect-Secure-Unauthenticated-Remote-Code-Execution.html + - https://github.com/H4lo/awesome-IoT-security-article + - https://github.com/inguardians/ivanti-VPN-issues-2024-research classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N cvss-score: 8.2 cve-id: CVE-2023-46805 cwe-id: CWE-287 + epss-score: 0.96274 + epss-percentile: 0.99497 cpe: cpe:2.3:a:ivanti:connect_secure:9.0:*:*:*:*:*:*:* metadata: + max-request: 2 vendor: ivanti product: "connect_secure" shodan-query: "html:\"welcome.cgi?p=logo\"" - max-request: 2 tags: cve,cve2023,kev,auth-bypass,ivanti http: diff --git a/http/cves/2023/CVE-2023-47115.yaml b/http/cves/2023/CVE-2023-47115.yaml index c006620cf3..fc6edc7c1c 100644 --- a/http/cves/2023/CVE-2023-47115.yaml +++ b/http/cves/2023/CVE-2023-47115.yaml @@ -22,8 +22,8 @@ info: cve-id: CVE-2023-47115 cwe-id: CWE-79 metadata: - max-request: 6 verified: true + max-request: 6 shodan-query: http.favicon.hash:-1649949475 tags: cve,cve2023,xss,authenticated,intrusive,label-studio diff --git a/http/cves/2023/CVE-2023-4714.yaml b/http/cves/2023/CVE-2023-4714.yaml index 7ce92d1d95..a0a85b18fb 100644 --- a/http/cves/2023/CVE-2023-4714.yaml +++ b/http/cves/2023/CVE-2023-4714.yaml @@ -13,13 +13,14 @@ info: - https://www.exploitalert.com/view-details.html?id=39826 - https://vuldb.com/?ctiid.238577 - https://vuldb.com/?id.238577 + - https://github.com/Threekiii/Awesome-POC classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2023-4714 cwe-id: CWE-200 - epss-score: 0.02512 - epss-percentile: 0.89027 + epss-score: 0.50923 + epss-percentile: 0.9748 cpe: cpe:2.3:a:playtube:playtube:3.0.1:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-47211.yaml b/http/cves/2023/CVE-2023-47211.yaml index cd56bf6426..2c34225ec4 100644 --- a/http/cves/2023/CVE-2023-47211.yaml +++ b/http/cves/2023/CVE-2023-47211.yaml @@ -16,7 +16,7 @@ info: cve-id: CVE-2023-47211 cwe-id: CWE-22 epss-score: 0.00164 - epss-percentile: 0.53022 + epss-percentile: 0.52059 cpe: cpe:2.3:a:zohocorp:manageengine_firewall_analyzer:*:*:*:*:*:*:*:* metadata: max-request: 3 diff --git a/http/cves/2023/CVE-2023-47246.yaml b/http/cves/2023/CVE-2023-47246.yaml index f6126092c6..0640164ca7 100644 --- a/http/cves/2023/CVE-2023-47246.yaml +++ b/http/cves/2023/CVE-2023-47246.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-47246 cwe-id: CWE-22 - epss-score: 0.6752 - epss-percentile: 0.97659 + epss-score: 0.94354 + epss-percentile: 0.99149 cpe: cpe:2.3:a:sysaid:sysaid_on-premises:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-49070.yaml b/http/cves/2023/CVE-2023-49070.yaml index 3373c5ff27..9b3e3a38b2 100644 --- a/http/cves/2023/CVE-2023-49070.yaml +++ b/http/cves/2023/CVE-2023-49070.yaml @@ -18,8 +18,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-49070 cwe-id: CWE-94 - epss-score: 0.59066 - epss-percentile: 0.97445 + epss-score: 0.84671 + epss-percentile: 0.98424 cpe: cpe:2.3:a:apache:ofbiz:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2023/CVE-2023-4966.yaml b/http/cves/2023/CVE-2023-4966.yaml index d54e719754..a013b9f00d 100644 --- a/http/cves/2023/CVE-2023-4966.yaml +++ b/http/cves/2023/CVE-2023-4966.yaml @@ -17,8 +17,8 @@ info: cvss-score: 7.5 cve-id: CVE-2023-4966 cwe-id: CWE-119,NVD-CWE-noinfo - epss-score: 0.93124 - epss-percentile: 0.98877 + epss-score: 0.96486 + epss-percentile: 0.9956 cpe: cpe:2.3:a:citrix:netscaler_application_delivery_controller:*:*:*:*:fips:*:*:* metadata: verified: "true" diff --git a/http/cves/2023/CVE-2023-49785.yaml b/http/cves/2023/CVE-2023-49785.yaml index 6a227653d1..86516eb35d 100644 --- a/http/cves/2023/CVE-2023-49785.yaml +++ b/http/cves/2023/CVE-2023-49785.yaml @@ -15,10 +15,13 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N cvss-score: 9.1 cve-id: CVE-2023-49785 + cwe-id: CWE-79 + epss-score: 0.00049 + epss-percentile: 0.1584 metadata: - max-request: 1 - shodan-query: title:NextChat,"ChatGPT Next Web" verified: true + max-request: 2 + shodan-query: "title:NextChat,\"ChatGPT Next Web\"" tags: cve,cve2023,ssrf,xss,chatgpt,nextchat http: diff --git a/http/cves/2023/CVE-2023-50290.yaml b/http/cves/2023/CVE-2023-50290.yaml index de2814aad2..558bc99f35 100644 --- a/http/cves/2023/CVE-2023-50290.yaml +++ b/http/cves/2023/CVE-2023-50290.yaml @@ -20,8 +20,9 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N cvss-score: 6.5 cve-id: CVE-2023-50290 + cwe-id: CWE-200,NVD-CWE-noinfo epss-score: 0.05452 - epss-percentile: 0.92435 + epss-percentile: 0.92995 cpe: cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2023/CVE-2023-5074.yaml b/http/cves/2023/CVE-2023-5074.yaml index 8d4c7edf0d..57669fecdc 100644 --- a/http/cves/2023/CVE-2023-5074.yaml +++ b/http/cves/2023/CVE-2023-5074.yaml @@ -18,8 +18,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-5074 cwe-id: CWE-798 - epss-score: 0.01816 - epss-percentile: 0.86896 + epss-score: 0.01695 + epss-percentile: 0.87453 cpe: cpe:2.3:a:dlink:d-view_8:2.0.1.28:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-5089.yaml b/http/cves/2023/CVE-2023-5089.yaml index 61ca61f503..c93b57dfd5 100644 --- a/http/cves/2023/CVE-2023-5089.yaml +++ b/http/cves/2023/CVE-2023-5089.yaml @@ -15,8 +15,8 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2023-5089 - epss-score: 0.00046 - epss-percentile: 0.13944 + epss-score: 0.00306 + epss-percentile: 0.6923 cpe: cpe:2.3:a:wpmudev:defender_security:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-50917.yaml b/http/cves/2023/CVE-2023-50917.yaml index 27ab597418..05599f5a21 100644 --- a/http/cves/2023/CVE-2023-50917.yaml +++ b/http/cves/2023/CVE-2023-50917.yaml @@ -17,8 +17,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-50917 cwe-id: CWE-77 - epss-score: 0.02327 - epss-percentile: 0.88616 + epss-score: 0.71101 + epss-percentile: 0.97965 cpe: cpe:2.3:a:mjdm:majordomo:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-50968.yaml b/http/cves/2023/CVE-2023-50968.yaml index a6dd4dff81..1b8ea3347a 100644 --- a/http/cves/2023/CVE-2023-50968.yaml +++ b/http/cves/2023/CVE-2023-50968.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2023-50968 cwe-id: CWE-918,CWE-200 epss-score: 0.32266 - epss-percentile: 0.96615 + epss-percentile: 0.96905 cpe: cpe:2.3:a:apache:ofbiz:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-51467.yaml b/http/cves/2023/CVE-2023-51467.yaml index 3c4cce70c2..2a84c04f07 100644 --- a/http/cves/2023/CVE-2023-51467.yaml +++ b/http/cves/2023/CVE-2023-51467.yaml @@ -17,8 +17,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-51467 cwe-id: CWE-918 - epss-score: 0.54475 - epss-percentile: 0.97354 + epss-score: 0.68495 + epss-percentile: 0.97894 cpe: cpe:2.3:a:apache:ofbiz:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2023/CVE-2023-52085.yaml b/http/cves/2023/CVE-2023-52085.yaml index 25b74adfbd..0cd46c56a2 100644 --- a/http/cves/2023/CVE-2023-52085.yaml +++ b/http/cves/2023/CVE-2023-52085.yaml @@ -14,15 +14,15 @@ info: cvss-score: 5.4 cve-id: CVE-2023-52085 cwe-id: CWE-22 + epss-score: 0.00256 + epss-percentile: 0.64798 cpe: cpe:2.3:a:wintercms:winter:*:*:*:*:*:*:*:* - epss-score: 0.00046 - epss-percentile: 0.12483 metadata: + max-request: 4 vendor: wintercms product: winter shodan-query: "title:\"Winter CMS\"" fofa-query: "title=\"Winter CMS\"" - max-request: 4 tags: cve,cve2023,authenticated,lfi,wintercms http: diff --git a/http/cves/2023/CVE-2023-5360.yaml b/http/cves/2023/CVE-2023-5360.yaml index ee53c3ed4f..772ec9571b 100644 --- a/http/cves/2023/CVE-2023-5360.yaml +++ b/http/cves/2023/CVE-2023-5360.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2023-5360 cwe-id: CWE-434 epss-score: 0.96723 - epss-percentile: 0.99589 + epss-percentile: 0.99637 cpe: cpe:2.3:a:royal-elementor-addons:royal_elementor_addons:*:*:*:*:*:wordpress:*:* metadata: verified: "true" diff --git a/http/cves/2023/CVE-2023-5375.yaml b/http/cves/2023/CVE-2023-5375.yaml index 2d61990a33..012e6c1eef 100644 --- a/http/cves/2023/CVE-2023-5375.yaml +++ b/http/cves/2023/CVE-2023-5375.yaml @@ -11,13 +11,14 @@ info: - https://huntr.dev/bounties/3fa2abde-cb58-45a3-a115-1727ece9acb9 - https://nvd.nist.gov/vuln/detail/CVE-2023-5375 - https://github.com/mosparo/mosparo/commit/9d5da367b78b8c883bfef5f332ffea26292f99e8 + - https://github.com/fkie-cad/nvd-json-data-feeds classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2023-5375 cwe-id: CWE-601 epss-score: 0.00083 - epss-percentile: 0.34359 + epss-percentile: 0.339 cpe: cpe:2.3:a:mosparo:mosparo:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-5556.yaml b/http/cves/2023/CVE-2023-5556.yaml index aacebf65f1..24b0928bcc 100644 --- a/http/cves/2023/CVE-2023-5556.yaml +++ b/http/cves/2023/CVE-2023-5556.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2023-5556 cwe-id: CWE-79 epss-score: 0.00064 - epss-percentile: 0.2616 + epss-percentile: 0.26117 cpe: cpe:2.3:a:structurizr:on-premises_installation:*:*:*:*:*:*:*:* metadata: max-request: 5 diff --git a/http/cves/2023/CVE-2023-5830.yaml b/http/cves/2023/CVE-2023-5830.yaml index a9f28e145a..7816fe7261 100644 --- a/http/cves/2023/CVE-2023-5830.yaml +++ b/http/cves/2023/CVE-2023-5830.yaml @@ -20,8 +20,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-5830 cwe-id: CWE-287 - epss-score: 0.00091 - epss-percentile: 0.37579 + epss-score: 0.00427 + epss-percentile: 0.73911 cpe: cpe:2.3:a:documentlocator:document_locator:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2023/CVE-2023-5914.yaml b/http/cves/2023/CVE-2023-5914.yaml index af96dd3713..8b83e8607c 100644 --- a/http/cves/2023/CVE-2023-5914.yaml +++ b/http/cves/2023/CVE-2023-5914.yaml @@ -16,8 +16,8 @@ info: cvss-score: 6.1 cve-id: CVE-2023-5914 cwe-id: CWE-79 - epss-score: 0.00046 - epss-percentile: 0.14154 + epss-score: 0.00095 + epss-percentile: 0.3876 cpe: cpe:2.3:a:cloud:citrix_storefront:*:*:*:*:ltsr:*:*:* metadata: max-request: 1 diff --git a/http/cves/2023/CVE-2023-6018.yaml b/http/cves/2023/CVE-2023-6018.yaml index 6a477460d7..f333d97416 100644 --- a/http/cves/2023/CVE-2023-6018.yaml +++ b/http/cves/2023/CVE-2023-6018.yaml @@ -14,8 +14,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-6018 cwe-id: CWE-78 - epss-score: 0.87111 - epss-percentile: 0.98361 + epss-score: 0.86232 + epss-percentile: 0.98502 cpe: cpe:2.3:a:lfprojects:mlflow:-:*:*:*:*:*:*:* metadata: verified: true @@ -24,7 +24,6 @@ info: product: mlflow shodan-query: http.title:"mlflow" tags: cve,cve2023,mlflow,oss,rce,intrusive - variables: model_name: "{{rand_text_alpha(6)}}" diff --git a/http/cves/2023/CVE-2023-6020.yaml b/http/cves/2023/CVE-2023-6020.yaml index 17c5ce2311..c0e1908bd6 100644 --- a/http/cves/2023/CVE-2023-6020.yaml +++ b/http/cves/2023/CVE-2023-6020.yaml @@ -13,9 +13,9 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2023-6020 - cwe-id: CWE-862,CWE-598 - epss-score: 0.05392 - epss-percentile: 0.92391 + cwe-id: CWE-862 + epss-score: 0.06351 + epss-percentile: 0.9349 cpe: cpe:2.3:a:ray_project:ray:-:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-6021.yaml b/http/cves/2023/CVE-2023-6021.yaml index 7188d4121c..634c1469a5 100644 --- a/http/cves/2023/CVE-2023-6021.yaml +++ b/http/cves/2023/CVE-2023-6021.yaml @@ -14,8 +14,8 @@ info: cvss-score: 7.5 cve-id: CVE-2023-6021 cwe-id: CWE-22,CWE-29 - epss-score: 0.00354 - epss-percentile: 0.69121 + epss-score: 0.0038 + epss-percentile: 0.72442 cpe: cpe:2.3:a:ray_project:ray:-:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-6023.yaml b/http/cves/2023/CVE-2023-6023.yaml index 2e5d76c82d..1d6609a45f 100644 --- a/http/cves/2023/CVE-2023-6023.yaml +++ b/http/cves/2023/CVE-2023-6023.yaml @@ -17,8 +17,8 @@ info: cvss-score: 7.5 cve-id: CVE-2023-6023 cwe-id: CWE-22,CWE-29 - epss-score: 0.00248 - epss-percentile: 0.62792 + epss-score: 0.003 + epss-percentile: 0.68895 cpe: cpe:2.3:a:vertaai:modeldb:-:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-6063.yaml b/http/cves/2023/CVE-2023-6063.yaml index dc7225f93c..587804f2ec 100644 --- a/http/cves/2023/CVE-2023-6063.yaml +++ b/http/cves/2023/CVE-2023-6063.yaml @@ -6,29 +6,28 @@ info: severity: high description: | The WP Fastest Cache WordPress plugin before 1.2.2 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by unauthenticated users. + remediation: Fixed in 1.2.2 reference: - https://wpscan.com/blog/unauthenticated-sql-injection-vulnerability-addressed-in-wp-fastest-cache-1-2-2/ - https://wordpress.org/plugins/wp-fastest-cache/ - https://github.com/motikan2010/CVE-2023-6063-PoC - https://nvd.nist.gov/vuln/detail/CVE-2023-6063 - https://wpscan.com/vulnerability/30a74105-8ade-4198-abe2-1c6f2967443e/ - remediation: Fixed in 1.2.2 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2023-6063 cwe-id: CWE-89 + epss-score: 0.02974 + epss-percentile: 0.9065 cpe: cpe:2.3:a:wpfastestcache:wp_fastest_cache:*:*:*:*:*:wordpress:*:* - epss-score: 0.00159 - epss-percentile: 0.52296 metadata: - framework: wordpress max-request: 2 - product: wp_fastest_cache - publicwww-query: /wp-content/plugins/wp-fastest-cache/ vendor: wpfastestcache + product: wp_fastest_cache + framework: wordpress + publicwww-query: /wp-content/plugins/wp-fastest-cache/ tags: cve,cve2023,wp-fastest-cache,wpscan,wordpress,wp-plugin - flow: http(1) && http(2) http: diff --git a/http/cves/2023/CVE-2023-6114.yaml b/http/cves/2023/CVE-2023-6114.yaml index 8f586c1f71..a50a125088 100644 --- a/http/cves/2023/CVE-2023-6114.yaml +++ b/http/cves/2023/CVE-2023-6114.yaml @@ -20,6 +20,8 @@ info: epss-score: 0.00145 epss-percentile: 0.50326 cpe: cpe:2.3:a:awesomemotive:duplicator:*:*:*:*:-:wordpress:*:* + metadata: + max-request: 2 tags: cve,cve2023,duplicator,duplicator-pro,lfi,wpscan,wordpress,wp-plugin,wp http: diff --git a/http/cves/2023/CVE-2023-6360.yaml b/http/cves/2023/CVE-2023-6360.yaml index 4fa0f7598f..2174166371 100644 --- a/http/cves/2023/CVE-2023-6360.yaml +++ b/http/cves/2023/CVE-2023-6360.yaml @@ -3,7 +3,7 @@ id: CVE-2023-6360 info: name: WordPress My Calendar <3.4.22 - SQL Injection author: xxcdd - severity: high + severity: critical description: | WordPress My Calendar plugin versions before 3.4.22 are vulnerable to an unauthenticated SQL injection within the 'from' and 'to' parameters of the '/my-calendar/v1/events' REST route. impact: | @@ -14,18 +14,23 @@ info: - https://www.joedolson.com/2023/11/my-calendar-3-4-22-security-release/ - https://wordpress.org/plugins/my-calendar/ - https://nvd.nist.gov/vuln/detail/CVE-2023-6360 + - https://github.com/JoshuaMart/JoshuaMart classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-6360 cwe-id: CWE-89 + epss-score: 0.00832 + epss-percentile: 0.81644 cpe: cpe:2.3:a:joedolson:my_calendar:*:*:*:*:*:wordpress:*:* metadata: - max-request: 2 verified: true + max-request: 2 + vendor: joedolson + product: my_calendar + framework: wordpress fofa-query: '"wordpress" && body="wp-content/plugins/my-calendar"' tags: cve,cve2023,sqli,wp,wordpress,wpscan,wp-plugin,my-calendar - flow: http(1) && http(2) http: diff --git a/http/cves/2023/CVE-2023-6553.yaml b/http/cves/2023/CVE-2023-6553.yaml index 872d9262c9..8aba6b5905 100644 --- a/http/cves/2023/CVE-2023-6553.yaml +++ b/http/cves/2023/CVE-2023-6553.yaml @@ -9,16 +9,24 @@ info: reference: - https://www.wordfence.com/blog/2023/12/critical-unauthenticated-remote-code-execution-found-in-backup-migration-plugin/ - https://github.com/Chocapikk/CVE-2023-6553 + - http://packetstormsecurity.com/files/176638/WordPress-Backup-Migration-1.3.7-Remote-Command-Execution.html + - https://www.synacktiv.com/en/publications/php-filters-chain-what-is-it-and-how-to-use-it + - https://www.wordfence.com/threat-intel/vulnerabilities/id/3511ba64-56a3-43d7-8ab8-c6e40e3b686e?source=cve classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2023-6553 + epss-score: 0.91621 + epss-percentile: 0.98837 + cpe: cpe:2.3:a:backupbliss:backup_migration:*:*:*:*:*:wordpress:*:* metadata: - google-query: inurl:"/wp-content/plugins/backup-backup/" max-request: 2 + vendor: backupbliss + product: backup_migration + framework: wordpress publicwww-query: /wp-content/plugins/backup-backup/ + google-query: inurl:"/wp-content/plugins/backup-backup/" tags: cve,cve2023,wp-plugin,rce,unauth,wordpress,wp - flow: http(1) && http(2) http: diff --git a/http/cves/2023/CVE-2023-6567.yaml b/http/cves/2023/CVE-2023-6567.yaml index d43fca12b7..aee193f5da 100644 --- a/http/cves/2023/CVE-2023-6567.yaml +++ b/http/cves/2023/CVE-2023-6567.yaml @@ -3,7 +3,7 @@ id: CVE-2023-6567 info: name: LearnPress <= 4.2.5.7 - SQL Injection author: iamnoooob,rootxharsh,pdresearch - severity: critical + severity: high description: | The LearnPress plugin for WordPress is vulnerable to time-based SQL Injection via the 'order_by' parameter in all versions up to, and including, 4.2.5.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. remediation: Fixed in version 4.2.5.8 @@ -11,13 +11,24 @@ info: - https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/learnpress/learnpress-4257-unauthenticated-sql-injection-via-order-by - https://wpscan.com/vulnerability/c5110450-3b4e-4100-8db4-0d7f5d43c12f/ - https://nvd.nist.gov/vuln/detail/CVE-2023-6567 + - https://plugins.trac.wordpress.org/changeset/3013957/learnpress + - https://www.wordfence.com/threat-intel/vulnerabilities/id/6ab578cd-3a0b-43d3-aaa7-0a01f431a4e2?source=cve classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 cve-id: CVE-2023-6567 + cwe-id: CWE-89 + epss-score: 0.00078 + epss-percentile: 0.32303 + cpe: cpe:2.3:a:thimpress:learnpress:*:*:*:*:*:wordpress:*:* metadata: - max-request: 1 verified: true + max-request: 1 + vendor: thimpress + product: learnpress + framework: wordpress publicwww-query: "/wp-content/plugins/learnpress" - tags: cve,cve2023,wp,wp-plugin,wordpress,learnpress,sqli + tags: wpscan,cve,cve2023,wp,wp-plugin,wordpress,learnpress,sqli http: - method: GET diff --git a/http/cves/2023/CVE-2023-6623.yaml b/http/cves/2023/CVE-2023-6623.yaml index 0ec0f61e0b..cd2ac1ff30 100644 --- a/http/cves/2023/CVE-2023-6623.yaml +++ b/http/cves/2023/CVE-2023-6623.yaml @@ -19,8 +19,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-6623 cwe-id: CWE-22 - epss-score: 0.10258 - epss-percentile: 0.9444 + epss-score: 0.07821 + epss-percentile: 0.94063 cpe: cpe:2.3:a:wpdeveloper:essential_blocks:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-6634.yaml b/http/cves/2023/CVE-2023-6634.yaml index 0d74420be2..18caa9a22c 100644 --- a/http/cves/2023/CVE-2023-6634.yaml +++ b/http/cves/2023/CVE-2023-6634.yaml @@ -18,8 +18,8 @@ info: cvss-score: 9.8 cve-id: CVE-2023-6634 cwe-id: CWE-77 - epss-score: 0.0911 - epss-percentile: 0.94073 + epss-score: 0.16476 + epss-percentile: 0.95874 cpe: cpe:2.3:a:thimpress:learnpress:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-6831.yaml b/http/cves/2023/CVE-2023-6831.yaml index bde88b3ab0..353c83e713 100644 --- a/http/cves/2023/CVE-2023-6831.yaml +++ b/http/cves/2023/CVE-2023-6831.yaml @@ -6,27 +6,27 @@ info: severity: high description: | Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2. + remediation: | + Upgrade Mlflow to version 2.9.2 or later to mitigate the vulnerability. reference: - https://nvd.nist.gov/vuln/detail/CVE-2023-6831 - https://github.com/mlflow/mlflow/commit/1da75dfcecd4d169e34809ade55748384e8af6c1 - https://huntr.com/bounties/0acdd745-0167-4912-9d5c-02035fe5b314 - remediation: | - Upgrade Mlflow to version 2.9.2 or later to mitigate the vulnerability. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H cvss-score: 8.1 cve-id: CVE-2023-6831 cwe-id: CWE-22 - cpe: cpe:2.3:a:lfprojects:mlflow:*:*:*:*:*:*:*:* epss-score: 0.00046 epss-percentile: 0.12693 + cpe: cpe:2.3:a:lfprojects:mlflow:*:*:*:*:*:*:*:* metadata: + verified: true + max-request: 2 vendor: lfprojects product: mlflow shodan-query: "http.title:\"mlflow\"" - max-request: 2 - verified: true - tags: cve,cve2023,mlflow,pathtraversal,lfprojects + tags: cve,cve2023,mlflow,pathtraversal,lfprojects,intrusive http: - raw: diff --git a/http/cves/2023/CVE-2023-6875.yaml b/http/cves/2023/CVE-2023-6875.yaml index 445d3e5bb0..b628e62b4c 100644 --- a/http/cves/2023/CVE-2023-6875.yaml +++ b/http/cves/2023/CVE-2023-6875.yaml @@ -19,7 +19,7 @@ info: cve-id: CVE-2023-6875 cwe-id: CWE-862 epss-score: 0.04263 - epss-percentile: 0.91445 + epss-percentile: 0.92089 cpe: cpe:2.3:a:wpexperts:post_smtp_mailer:*:*:*:*:*:wordpress:*:* metadata: verified: true diff --git a/http/cves/2023/CVE-2023-6895.yaml b/http/cves/2023/CVE-2023-6895.yaml index 4439e31558..9dbf68e90e 100644 --- a/http/cves/2023/CVE-2023-6895.yaml +++ b/http/cves/2023/CVE-2023-6895.yaml @@ -19,10 +19,10 @@ info: cpe: cpe:2.3:o:hikvision:intercom_broadcast_system:*:*:*:*:*:*:*:* metadata: verified: true - max-request: 1 + max-request: 2 vendor: hikvision - product: intercom_broadcast_system - fofa-query: icon_hash="-1830859634" + product: "intercom_broadcast_system" + fofa-query: "icon_hash=\"-1830859634\"" tags: cve,cve2023,hikvision,rce http: diff --git a/http/cves/2023/CVE-2023-6909.yaml b/http/cves/2023/CVE-2023-6909.yaml index 8b4b4a2736..1d6b1c002f 100644 --- a/http/cves/2023/CVE-2023-6909.yaml +++ b/http/cves/2023/CVE-2023-6909.yaml @@ -3,29 +3,32 @@ id: CVE-2023-6909 info: name: Mlflow <2.9.2 - Path Traversal author: Hyunsoo-ds - severity: critical + severity: high description: | Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.9.2. - reference: - - https://huntr.com/bounties/11209efb-0f84-482f-add0-587ea6b7e850/ - - https://nvd.nist.gov/vuln/detail/CVE-2023-6909 - - https://github.com/mlflow/mlflow/commit/1da75dfcecd4d169e34809ade55748384e8af6c1 impact: | Successful exploitation could be lead to disclose of sensitive information such as SSH Keys or Internal configurations. remediation: | To fix this vulnerability, it is important to update the mlflow package to the latest version 2.10.0. + reference: + - https://huntr.com/bounties/11209efb-0f84-482f-add0-587ea6b7e850/ + - https://nvd.nist.gov/vuln/detail/CVE-2023-6909 + - https://github.com/mlflow/mlflow/commit/1da75dfcecd4d169e34809ade55748384e8af6c1 classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N - cvss-score: 9.3 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 cve-id: CVE-2023-6909 cwe-id: CWE-29 + epss-score: 0.00409 + epss-percentile: 0.73387 + cpe: cpe:2.3:a:lfprojects:mlflow:*:*:*:*:*:*:*:* metadata: - max-request: 5 verified: true + max-request: 5 vendor: lfprojects product: mlflow shodan-query: "http.title:\"mlflow\"" - tags: cve,cve2023,mlflow,lfi + tags: cve,cve2023,mlflow,lfi,intrusive http: - raw: diff --git a/http/cves/2023/CVE-2023-6977.yaml b/http/cves/2023/CVE-2023-6977.yaml index 21be12dbe4..7fd4a975aa 100644 --- a/http/cves/2023/CVE-2023-6977.yaml +++ b/http/cves/2023/CVE-2023-6977.yaml @@ -14,12 +14,12 @@ info: - https://huntr.com/bounties/fe53bf71-3687-4711-90df-c26172880aaf - https://nvd.nist.gov/vuln/detail/CVE-2023-6977 classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2023-6977 cwe-id: CWE-29 - epss-score: 0.00084 - epss-percentile: 0.34913 + epss-score: 0.00409 + epss-percentile: 0.73387 cpe: cpe:2.3:a:lfprojects:mlflow:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2024/CVE-2024-0204.yaml b/http/cves/2024/CVE-2024-0204.yaml index 23a9dea13b..9d76227636 100644 --- a/http/cves/2024/CVE-2024-0204.yaml +++ b/http/cves/2024/CVE-2024-0204.yaml @@ -11,14 +11,20 @@ info: - https://www.fortra.com/security/advisory/fi-2024-001 - https://github.com/horizon3ai/CVE-2024-0204/blob/main/CVE-2024-0204.py - https://www.horizon3.ai/cve-2024-0204-fortra-goanywhere-mft-authentication-bypass-deep-dive/ + - http://packetstormsecurity.com/files/176683/GoAnywhere-MFT-Authentication-Bypass.html classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2024-0204 cwe-id: CWE-425 + epss-score: 0.53864 + epss-percentile: 0.97564 + cpe: cpe:2.3:a:fortra:goanywhere_managed_file_transfer:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 + vendor: fortra + product: goanywhere_managed_file_transfer shodan-query: http.favicon.hash:1484947000,1828756398,1170495932 fofa-query: app="GoAnywhere-MFT" zoomeye-query: app:"Fortra GoAnywhere-MFT" diff --git a/http/cves/2024/CVE-2024-0305.yaml b/http/cves/2024/CVE-2024-0305.yaml index 44835c2a0b..f3bbabb49e 100644 --- a/http/cves/2024/CVE-2024-0305.yaml +++ b/http/cves/2024/CVE-2024-0305.yaml @@ -12,16 +12,18 @@ info: - https://cxsecurity.com/cveshow/CVE-2024-0305 - https://nvd.nist.gov/vuln/detail/CVE-2024-0305 - https://vuldb.com/?id.249872 + - https://vuldb.com/?ctiid.249872 + - https://github.com/Marco-zcl/POC classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2024-0305 - epss-score: 0.00064 - epss-percentile: 0.2597 + epss-score: 0.00796 + epss-percentile: 0.81232 cpe: cpe:2.3:a:ncast_project:ncast:*:*:*:*:*:*:*:* metadata: - max-request: 1 verified: true + max-request: 1 vendor: ncast_project product: ncast fofa-query: app="Ncast-产品" && title=="高清智能录播系统" diff --git a/http/cves/2024/CVE-2024-0713.yaml b/http/cves/2024/CVE-2024-0713.yaml index d52bd7843a..b6b5b06d0c 100644 --- a/http/cves/2024/CVE-2024-0713.yaml +++ b/http/cves/2024/CVE-2024-0713.yaml @@ -15,17 +15,16 @@ info: cvss-score: 8.8 cve-id: CVE-2024-0713 cwe-id: CWE-434 - cpe: cpe:2.3:a:monitorr:monitorr:1.7.6m:*:*:*:*:*:*:* epss-score: 0.00061 epss-percentile: 0.2356 + cpe: cpe:2.3:a:monitorr:monitorr:1.7.6m:*:*:*:*:*:*:* metadata: + verified: true + max-request: 2 vendor: monitorr product: monitorr - verified: true fofa-query: "icon_hash=\"-211006074\"" - max-request: 2 tags: cve,cve2024,file-upload,intrusive,monitorr - variables: file: "{{to_lower(rand_text_alpha(5))}}" diff --git a/http/cves/2024/CVE-2024-1021.yaml b/http/cves/2024/CVE-2024-1021.yaml index bdda7021da..89b98cf57e 100644 --- a/http/cves/2024/CVE-2024-1021.yaml +++ b/http/cves/2024/CVE-2024-1021.yaml @@ -3,19 +3,32 @@ id: CVE-2024-1021 info: name: Rebuild <= 3.5.5 - Server-Side Request Forgery author: BMCel - severity: medium + severity: critical description: | There is a security vulnerability in Rebuild 3.5.5, which is due to a server-side request forgery vulnerability in the URL parameter of the readRawText function of the HTTP Request Handler component. - reference: - - https://github.com/getrebuild/rebuild - - https://nvd.nist.gov/vuln/detail/CVE-2024-1021 impact: | Successful exploitation of this vulnerability can result in unauthorized access to sensitive internal resources. remediation: | Apply the latest security patches or updates provided by Rebuild to fix this vulnerability. + reference: + - https://github.com/getrebuild/rebuild + - https://nvd.nist.gov/vuln/detail/CVE-2024-1021 + - https://vuldb.com/?ctiid.252290 + - https://vuldb.com/?id.252290 + - https://github.com/tanjiti/sec_profile + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2024-1021 + cwe-id: CWE-918 + epss-score: 0.01163 + epss-percentile: 0.84597 + cpe: cpe:2.3:a:ruifang-tech:rebuild:*:*:*:*:*:*:*:* metadata: - max-request: 2 verified: true + max-request: 2 + vendor: ruifang-tech + product: rebuild fofa-query: "icon_hash=\"871154672\"" tags: cve2024,cve,rebuild,ssrf diff --git a/http/cves/2024/CVE-2024-1061.yaml b/http/cves/2024/CVE-2024-1061.yaml index 4b0b41b083..9279d4cacf 100644 --- a/http/cves/2024/CVE-2024-1061.yaml +++ b/http/cves/2024/CVE-2024-1061.yaml @@ -3,26 +3,34 @@ id: CVE-2024-1061 info: name: WordPress HTML5 Video Player - SQL Injection author: xxcdd - severity: high + severity: critical description: | WordPress HTML5 Video Player plugin is vulnerable to SQL injection. An unauthenticated attacker can exploit this vulnerability to perform SQL injection attacks. - reference: - - https://www.tenable.com/security/research/tra-2024-02 - - https://wordpress.org/plugins/html5-video-player - - https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-1061 impact: | Successful exploitation of this vulnerability could allow an attacker to perform SQL injection attacks, potentially leading to unauthorized access, data leakage, or further compromise of the WordPress site. remediation: | Vendor did not acknowledge vulnerability but the issue seems to have been fixed in version 2.5.25. + reference: + - https://www.tenable.com/security/research/tra-2024-02 + - https://wordpress.org/plugins/html5-video-player + - https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-1061 + - https://github.com/tanjiti/sec_profile + - https://github.com/JoshuaMart/JoshuaMart classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N - cvss-score: 8.6 + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 cve-id: CVE-2024-1061 cwe-id: CWE-89 + epss-score: 0.00934 + epss-percentile: 0.82678 + cpe: cpe:2.3:a:bplugins:html5_video_player:*:*:*:*:*:wordpress:*:* metadata: verified: true - fofa-query: "\"wordpress\" && body=\"html5-video-player\"" max-request: 1 + vendor: bplugins + product: html5_video_player + framework: wordpress + fofa-query: "\"wordpress\" && body=\"html5-video-player\"" tags: cve,cve2024,wp,wordpress,wp-plugin,sqli,html5-video-player http: diff --git a/http/cves/2024/CVE-2024-1071.yaml b/http/cves/2024/CVE-2024-1071.yaml index 6302bfd4bd..3bbcb6db7e 100644 --- a/http/cves/2024/CVE-2024-1071.yaml +++ b/http/cves/2024/CVE-2024-1071.yaml @@ -10,16 +10,23 @@ info: reference: - https://www.wordfence.com/blog/2024/02/2063-bounty-awarded-for-unauthenticated-sql-injection-vulnerability-patched-in-ultimate-member-wordpress-plugin/ - https://securityonline.info/cve-2024-1071-wordpress-ultimate-member-plugin-under-active-attack/ + - https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.8.2/includes/core/class-member-directory-meta.php?rev=3022076 + - https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.8.2/includes/core/class-member-directory-meta.php?rev=3022076#L666 + - https://plugins.trac.wordpress.org/browser/ultimate-member/tags/2.8.2/includes/core/class-member-directory-meta.php?rev=3022076#L858 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 cve-id: CVE-2024-1071 cwe-id: CWE-89 + epss-score: 0.00063 + epss-percentile: 0.24988 metadata: verified: true max-request: 2 framework: wordpress + fofa-query: body="/wp-content/plugins/ultimate-member" publicwww-query: "/wp-content/plugins/ultimate-member/" zoomeye-query: app:"WordPress Ultimate Member Plugin" - fofa-query: body="/wp-content/plugins/ultimate-member" tags: cve,cve2024,ultimate-member,wpscan,wordpress,wp-plugin http: diff --git a/http/cves/2024/CVE-2024-1208.yaml b/http/cves/2024/CVE-2024-1208.yaml index a3a67c512c..2beec94098 100644 --- a/http/cves/2024/CVE-2024-1208.yaml +++ b/http/cves/2024/CVE-2024-1208.yaml @@ -10,19 +10,24 @@ info: reference: - https://github.com/karlemilnikka/CVE-2024-1208-and-CVE-2024-1210 - https://nvd.nist.gov/vuln/detail/CVE-2024-1208 + - https://www.wordfence.com/threat-intel/vulnerabilities/id/ae735117-e68b-448e-ad41-258d1be3aebc?source=cve + - https://github.com/nomi-sec/PoC-in-GitHub + - https://github.com/fkie-cad/nvd-json-data-feeds classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N cvss-score: 5.3 cve-id: CVE-2024-1208 + epss-score: 0.01024 + epss-percentile: 0.83462 cpe: cpe:2.3:a:learndash:learndash:*:*:*:*:*:wordpress:*:* metadata: - max-request: 1 verified: true + max-request: 1 vendor: learndash product: learndash framework: wordpress - googledork-query: inurl:"/wp-content/plugins/sfwd-lms" publicwww-query: "/wp-content/plugins/sfwd-lms" + googledork-query: inurl:"/wp-content/plugins/sfwd-lms" tags: cve,cve2024,wp,wp-plugin,wordpress,exposure,learndash http: diff --git a/http/cves/2024/CVE-2024-1209.yaml b/http/cves/2024/CVE-2024-1209.yaml index 7c8cfde3c7..699e3a032f 100644 --- a/http/cves/2024/CVE-2024-1209.yaml +++ b/http/cves/2024/CVE-2024-1209.yaml @@ -17,14 +17,14 @@ info: cve-id: CVE-2024-1209 cpe: cpe:2.3:a:learndash:learndash:*:*:*:*:*:wordpress:*:* metadata: - max-request: 1 verified: true + max-request: 1 vendor: learndash product: learndash framework: wordpress - googledork-query: inurl:"/wp-content/plugins/sfwd-lms" publicwww-query: "/wp-content/plugins/sfwd-lms" - tags: cve,cve2024,wp,wp-plugin,wordpress,exposure,learndash + googledork-query: inurl:"/wp-content/plugins/sfwd-lms" + tags: wpscan,cve,cve2024,wp,wp-plugin,wordpress,exposure,learndash http: - method: GET diff --git a/http/cves/2024/CVE-2024-1210.yaml b/http/cves/2024/CVE-2024-1210.yaml index 39895bd53a..c85375b2f7 100644 --- a/http/cves/2024/CVE-2024-1210.yaml +++ b/http/cves/2024/CVE-2024-1210.yaml @@ -17,14 +17,14 @@ info: cve-id: CVE-2024-1210 cpe: cpe:2.3:a:learndash:learndash:*:*:*:*:*:wordpress:*:* metadata: - max-request: 1 verified: true + max-request: 1 vendor: learndash product: learndash framework: wordpress - googledork-query: inurl:"/wp-content/plugins/sfwd-lms" publicwww-query: "/wp-content/plugins/sfwd-lms" - tags: cve,cve2024,wp,wp-plugin,wordpress,exposure,learndash + googledork-query: inurl:"/wp-content/plugins/sfwd-lms" + tags: wpscan,cve,cve2024,wp,wp-plugin,wordpress,exposure,learndash http: - method: GET diff --git a/http/cves/2024/CVE-2024-1212.yaml b/http/cves/2024/CVE-2024-1212.yaml index d27b2d6a70..bd29772deb 100644 --- a/http/cves/2024/CVE-2024-1212.yaml +++ b/http/cves/2024/CVE-2024-1212.yaml @@ -11,13 +11,14 @@ info: - https://support.kemptechnologies.com/hc/en-us/articles/23878931058445-LoadMaster-Security-Vulnerability-CVE-2024-1212 - https://support.kemptechnologies.com/hc/en-us/articles/24325072850573-Release-Notice-LMOS-7-2-59-2-7-2-54-8-7-2-48-10-CVE-2024-1212 - https://nvd.nist.gov/vuln/detail/CVE-2024-1212 + - https://freeloadbalancer.com/ classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H cvss-score: 10 cve-id: CVE-2024-1212 cwe-id: CWE-78 - epss-score: 0.00046 - epss-percentile: 0.13478 + epss-score: 0.00721 + epss-percentile: 0.802 metadata: verified: true max-request: 1 diff --git a/http/cves/2024/CVE-2024-1709.yaml b/http/cves/2024/CVE-2024-1709.yaml index 8afaaf6e0f..a3b025cc5a 100644 --- a/http/cves/2024/CVE-2024-1709.yaml +++ b/http/cves/2024/CVE-2024-1709.yaml @@ -13,7 +13,7 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2024-1709 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H - cvss-score: 10.0 + cvss-score: 10 cve-id: CVE-2024-1709 cwe-id: CWE-288 metadata: @@ -26,7 +26,6 @@ info: zoomeye-query: app:"ScreenConnect Remote Management Software" hunter-query: app.name="ConnectWise ScreenConnect software" tags: cve,cve2024,screenconnect,connectwise,auth-bypass,kev - variables: string: "{{rand_text_alpha(10)}}" diff --git a/http/cves/2024/CVE-2024-21644.yaml b/http/cves/2024/CVE-2024-21644.yaml index 75082d6594..42d6ca63da 100644 --- a/http/cves/2024/CVE-2024-21644.yaml +++ b/http/cves/2024/CVE-2024-21644.yaml @@ -17,8 +17,8 @@ info: cvss-score: 7.5 cve-id: CVE-2024-21644 cwe-id: CWE-284 - epss-score: 0.00186 - epss-percentile: 0.56007 + epss-score: 0.41231 + epss-percentile: 0.97205 cpe: cpe:2.3:a:pyload:pyload:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2024/CVE-2024-21645.yaml b/http/cves/2024/CVE-2024-21645.yaml index 96994c68e5..98e2f16367 100644 --- a/http/cves/2024/CVE-2024-21645.yaml +++ b/http/cves/2024/CVE-2024-21645.yaml @@ -6,28 +6,27 @@ info: severity: medium description: | A log injection vulnerability was identified in pyload. This vulnerability allows any unauthenticated actor to inject arbitrary messages into the logs gathered by pyload. + impact: | + Forged or otherwise, corrupted log files can be used to cover an attacker's tracks or even to implicate another party in the commission of a malicious act. reference: - https://github.com/advisories/GHSA-ghmw-rwh8-6qmr - https://nvd.nist.gov/vuln/detail/CVE-2024-21645 - https://github.com/fkie-cad/nvd-json-data-feeds - impact: | - Forged or otherwise, corrupted log files can be used to cover an attacker's tracks or even to implicate another party in the commission of a malicious act. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N cvss-score: 5.3 cve-id: CVE-2024-21645 cwe-id: CWE-74 - cpe: cpe:2.3:a:pyload:pyload:*:*:*:*:*:*:*:* epss-score: 0.00046 epss-percentile: 0.13723 + cpe: cpe:2.3:a:pyload:pyload:*:*:*:*:*:*:*:* metadata: verified: true + max-request: 2 vendor: pyload product: pyload shodan-query: "title:\"pyload\"" - max-request: 2 tags: cve,cve2024,pyload,authenticated,injection - variables: str: "{{rand_base(6)}}" diff --git a/http/cves/2024/CVE-2024-21887.yaml b/http/cves/2024/CVE-2024-21887.yaml index 910945cca9..8b3b4aa7ae 100644 --- a/http/cves/2024/CVE-2024-21887.yaml +++ b/http/cves/2024/CVE-2024-21887.yaml @@ -7,11 +7,17 @@ info: description: A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance. reference: - https://forums.ivanti.com/s/article/CVE-2023-46805-Authentication-Bypass-CVE-2024-21887-Command-Injection-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure-Gateways?language=en_US + - http://packetstormsecurity.com/files/176668/Ivanti-Connect-Secure-Unauthenticated-Remote-Code-Execution.html + - https://github.com/farukokutan/Threat-Intelligence-Research-Reports + - https://github.com/lions2012/Penetration_Testing_POC + - https://github.com/Chocapikk/CVE-2024-21887 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H cvss-score: 9.1 cve-id: CVE-2024-21887 cwe-id: CWE-77 + epss-score: 0.97322 + epss-percentile: 0.99871 cpe: cpe:2.3:a:ivanti:connect_secure:9.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/http/cves/2024/CVE-2024-21893.yaml b/http/cves/2024/CVE-2024-21893.yaml index d771bde4f9..9e27a3867c 100644 --- a/http/cves/2024/CVE-2024-21893.yaml +++ b/http/cves/2024/CVE-2024-21893.yaml @@ -10,17 +10,21 @@ info: - https://attackerkb.com/topics/FGlK1TVnB2/cve-2024-21893/rapid7-analysis - https://www.assetnote.io/resources/research/ivantis-pulse-connect-secure-auth-bypass-round-two - https://github.com/advisories/GHSA-5rr9-mqhj-7cr2 + - https://github.com/Chocapikk/CVE-2024-21893-to-CVE-2024-21887 + - https://github.com/Ostorlab/KEV classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N cvss-score: 8.2 cve-id: CVE-2024-21893 cwe-id: CWE-918 + epss-score: 0.96249 + epss-percentile: 0.9949 cpe: cpe:2.3:a:ivanti:connect_secure:9.0:-:*:*:*:*:*:* metadata: + max-request: 1 vendor: ivanti product: "connect_secure" shodan-query: "html:\"welcome.cgi?p=logo\"" - max-request: 1 tags: cve,cve2024,kev,ssrf,ivanti http: diff --git a/http/cves/2024/CVE-2024-22320.yaml b/http/cves/2024/CVE-2024-22320.yaml index 8ab570a358..9f8485ac70 100644 --- a/http/cves/2024/CVE-2024-22320.yaml +++ b/http/cves/2024/CVE-2024-22320.yaml @@ -14,8 +14,8 @@ info: cvss-score: 8.8 cve-id: CVE-2024-22320 cwe-id: CWE-502 - epss-score: 0.00283 - epss-percentile: 0.67773 + epss-score: 0.38316 + epss-percentile: 0.97125 cpe: cpe:2.3:a:ibm:operational_decision_manager:8.10.3:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/cves/2024/CVE-2024-25600.yaml b/http/cves/2024/CVE-2024-25600.yaml index b9f9d584b3..9277301ee3 100644 --- a/http/cves/2024/CVE-2024-25600.yaml +++ b/http/cves/2024/CVE-2024-25600.yaml @@ -13,9 +13,9 @@ info: - https://github.com/Chocapikk/CVE-2024-25600 - https://op-c.net/blog/cve-2024-25600-wordpresss-bricks-builder-rce-flaw-under-active-exploitation metadata: - publicwww-query: "/wp-content/themes/bricks/" verified: true max-request: 2 + publicwww-query: "/wp-content/themes/bricks/" tags: cve,cve2024,wpscan,wordpress,wp-plugin,wp,bricks,rce http: diff --git a/http/cves/2024/CVE-2024-25669.yaml b/http/cves/2024/CVE-2024-25669.yaml index fd62ad6bd6..e66204fd26 100644 --- a/http/cves/2024/CVE-2024-25669.yaml +++ b/http/cves/2024/CVE-2024-25669.yaml @@ -21,8 +21,8 @@ info: epss-percentile: 0.65504 cpe: cpe:2.3:a:a360inc:caseaware:-:*:*:*:*:*:*:* metadata: - max-request: 1 verified: true + max-request: 1 vendor: a360inc product: caseaware fofa-query: title="CaseAware" diff --git a/http/cves/2024/CVE-2024-25735.yaml b/http/cves/2024/CVE-2024-25735.yaml index 3f202bdf8d..39dddacc72 100644 --- a/http/cves/2024/CVE-2024-25735.yaml +++ b/http/cves/2024/CVE-2024-25735.yaml @@ -15,7 +15,7 @@ info: vendor: wyrestorm product: apollo vx20 shodan-query: ssl:"WyreStorm Apollo VX20" - tags: cve,cve2024,wyrestorm,info-leak + tags: packetstorm,cve,cve2024,wyrestorm,info-leak http: - method: GET diff --git a/http/cves/2024/CVE-2024-27198.yaml b/http/cves/2024/CVE-2024-27198.yaml index f3f138486d..6359103aec 100644 --- a/http/cves/2024/CVE-2024-27198.yaml +++ b/http/cves/2024/CVE-2024-27198.yaml @@ -9,15 +9,24 @@ info: reference: - https://www.rapid7.com/blog/post/2024/03/04/etr-cve-2024-27198-and-cve-2024-27199-jetbrains-teamcity-multiple-authentication-bypass-vulnerabilities-fixed/ - https://nvd.nist.gov/vuln/detail/CVE-2024-27198 + - https://www.darkreading.com/cyberattacks-data-breaches/jetbrains-teamcity-mass-exploitation-underway-rogue-accounts-thrive + - https://github.com/rampantspark/CVE-2024-27198 + - https://github.com/fireinrain/github-trending classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 + cve-id: CVE-2024-27198 cwe-id: CWE-288 + epss-score: 0.97209 + epss-percentile: 0.99812 + cpe: cpe:2.3:a:jetbrains:teamcity:*:*:*:*:*:*:*:* metadata: verified: true max-request: 1 + vendor: jetbrains + product: teamcity shodan-query: http.component:"TeamCity" - tags: cve,cve2024,teamcity,jetbrains,auth-bypass + tags: cve,cve2024,teamcity,jetbrains,auth-bypass,kev http: - method: GET diff --git a/http/cves/2024/CVE-2024-27497.yaml b/http/cves/2024/CVE-2024-27497.yaml index 6091840360..8839a592c9 100644 --- a/http/cves/2024/CVE-2024-27497.yaml +++ b/http/cves/2024/CVE-2024-27497.yaml @@ -9,6 +9,11 @@ info: reference: - https://warp-desk-89d.notion.site/Linksys-E-2000-efcd532d8dcf4710a4af13fca131a5b8 - https://nvd.nist.gov/vuln/detail/CVE-2024-27497 + - https://github.com/Ostorlab/KEV + - https://github.com/fkie-cad/nvd-json-data-feeds + classification: + epss-score: 0.00053 + epss-percentile: 0.19239 metadata: verified: true max-request: 1 diff --git a/http/cves/2024/CVE-2024-27954.yaml b/http/cves/2024/CVE-2024-27954.yaml index ea42f13279..73b35bc18e 100644 --- a/http/cves/2024/CVE-2024-27954.yaml +++ b/http/cves/2024/CVE-2024-27954.yaml @@ -12,13 +12,13 @@ info: - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27954 classification: cvss-score: 9.8 - cwe-id: CWE-918 cve-id: CVE-2022-1970 + cwe-id: CWE-918 metadata: - max-request: 1 verified: true + max-request: 1 publicwww-query: "/wp-content/plugins/wp-automatic" - tags: cve,cve2024,wp,wordpress,wp-plugin,lfi,ssrf,wp-automatic + tags: wpscan,cve,cve2024,wp,wordpress,wp-plugin,lfi,ssrf,wp-automatic http: - method: GET diff --git a/http/default-logins/druid/druid-default-login.yaml b/http/default-logins/druid/druid-default-login.yaml index f6235569af..f7997ffd4b 100644 --- a/http/default-logins/druid/druid-default-login.yaml +++ b/http/default-logins/druid/druid-default-login.yaml @@ -8,10 +8,9 @@ info: classification: cwe-id: CWE-798 metadata: - fofa-query: title="druid monitor" max-request: 2 + fofa-query: title="druid monitor" tags: druid,alibaba,default-login - flow: http(1) && http(2) http: diff --git a/http/default-logins/ibm/ibm-dcbc-default-login.yaml b/http/default-logins/ibm/ibm-dcbc-default-login.yaml index 4772caa9fd..b8f83b2ded 100644 --- a/http/default-logins/ibm/ibm-dcbc-default-login.yaml +++ b/http/default-logins/ibm/ibm-dcbc-default-login.yaml @@ -8,8 +8,8 @@ info: - https://www.ibm.com/docs/en/odm/8.0.1?topic=users-tutorial-getting-started-decision-center-business-console metadata: verified: true - shodan-query: "title=\"Decision Center | Business Console\"" max-request: 1 + shodan-query: "title=\"Decision Center | Business Console\"" tags: ibm,default-login,decision-center http: diff --git a/http/default-logins/ibm/ibm-dcec-default-login.yaml b/http/default-logins/ibm/ibm-dcec-default-login.yaml index 94ebd7002e..4bb0f239aa 100644 --- a/http/default-logins/ibm/ibm-dcec-default-login.yaml +++ b/http/default-logins/ibm/ibm-dcec-default-login.yaml @@ -8,8 +8,8 @@ info: - https://www.ibm.com/docs/en/odm/8.5.1?topic=console-tutorial-getting-started-decision-center-enterprise metadata: verified: true - shodan-query: "html=\"Decision Center Enterprise console\"" max-request: 1 + shodan-query: "html=\"Decision Center Enterprise console\"" tags: ibm,default-login,decision-center http: diff --git a/http/default-logins/ibm/ibm-dsc-default-login.yaml b/http/default-logins/ibm/ibm-dsc-default-login.yaml index 0a6aeea4fc..682a64e110 100644 --- a/http/default-logins/ibm/ibm-dsc-default-login.yaml +++ b/http/default-logins/ibm/ibm-dsc-default-login.yaml @@ -8,8 +8,8 @@ info: - https://www.ibm.com/docs/en/odm/8.8.0?topic=center-overview-decision metadata: verified: true - shodan-query: "title:\"Rule Execution Server\"" max-request: 1 + shodan-query: "title:\"Rule Execution Server\"" tags: ibm,default-login,decision-server http: diff --git a/http/default-logins/ibm/ibm-hmc-default-login.yaml b/http/default-logins/ibm/ibm-hmc-default-login.yaml index a00142c20c..27cf74663a 100644 --- a/http/default-logins/ibm/ibm-hmc-default-login.yaml +++ b/http/default-logins/ibm/ibm-hmc-default-login.yaml @@ -13,8 +13,8 @@ info: cvss-score: 8.3 cwe-id: CWE-522 metadata: - max-request: 1 verified: true + max-request: 1 shodan-query: http.favicon.hash:262502857 tags: default-login,ibm,hmc diff --git a/http/default-logins/ibm/imm-default-login.yaml b/http/default-logins/ibm/imm-default-login.yaml index f601f2517b..67e83595dc 100644 --- a/http/default-logins/ibm/imm-default-login.yaml +++ b/http/default-logins/ibm/imm-default-login.yaml @@ -14,8 +14,8 @@ info: metadata: verified: true max-request: 1 - fofa-query: "integrated management module" shodan-query: html:"ibmdojo" + fofa-query: "integrated management module" tags: imm,ibm,default-login http: diff --git a/http/default-logins/ispconfig-default-login.yaml b/http/default-logins/ispconfig-default-login.yaml index 450ae6886a..f297f5ec94 100644 --- a/http/default-logins/ispconfig-default-login.yaml +++ b/http/default-logins/ispconfig-default-login.yaml @@ -8,7 +8,8 @@ info: ISPConfig Default Password Vulnerability exposes systems to unauthorized access, compromising data integrity and security. metadata: verified: true - shodan-query: http.title:"ispconfig" + max-request: 9 + shodan-query: "http.title:\"ispconfig\"" tags: default-login,ispconfig http: diff --git a/http/default-logins/lucee/lucee-default-login.yaml b/http/default-logins/lucee/lucee-default-login.yaml index 465f166da9..e12f0de6ae 100644 --- a/http/default-logins/lucee/lucee-default-login.yaml +++ b/http/default-logins/lucee/lucee-default-login.yaml @@ -12,7 +12,7 @@ info: cwe-id: CWE-1392 metadata: verified: true - max-request: 2 + max-request: 1 shodan-query: "html:\"Lucee\"" fofa-query: "app=\"Lucee-Engine\"" tags: lucee,default-login diff --git a/http/default-logins/webmethod/webmethod-integration-default-login.yaml b/http/default-logins/webmethod/webmethod-integration-default-login.yaml index 91c1a340d0..e539379df1 100644 --- a/http/default-logins/webmethod/webmethod-integration-default-login.yaml +++ b/http/default-logins/webmethod/webmethod-integration-default-login.yaml @@ -7,11 +7,10 @@ info: reference: - https://documentation.softwareag.com/ metadata: - shodan-query: "http.favicon.hash:-234335289" - max-request: 5 verified: true + max-request: 5 + shodan-query: "http.favicon.hash:-234335289" tags: default-login,webmethod - flow: http(1) && http(2) http: diff --git a/http/exposed-panels/3cx-phone-management-panel.yaml b/http/exposed-panels/3cx-phone-management-panel.yaml index ac9d33c3b7..6058cf0974 100644 --- a/http/exposed-panels/3cx-phone-management-panel.yaml +++ b/http/exposed-panels/3cx-phone-management-panel.yaml @@ -14,9 +14,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: 3cx product: 3cx - max-request: 1 shodan-query: - http.title:"3CX Phone System Management Console" - http.favicon.hash:970132176 diff --git a/http/exposed-panels/3cx-phone-webclient-management-panel.yaml b/http/exposed-panels/3cx-phone-webclient-management-panel.yaml index 166e20a1ac..a0b9b4bdfc 100644 --- a/http/exposed-panels/3cx-phone-webclient-management-panel.yaml +++ b/http/exposed-panels/3cx-phone-webclient-management-panel.yaml @@ -14,9 +14,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: 3cx product: 3cx - max-request: 1 shodan-query: http.title:"3CX Webclient" google-query: intitle:"3CX Webclient" tags: panel,3cx diff --git a/http/exposed-panels/acemanager-login.yaml b/http/exposed-panels/acemanager-login.yaml index 8996e95184..7e00df874c 100644 --- a/http/exposed-panels/acemanager-login.yaml +++ b/http/exposed-panels/acemanager-login.yaml @@ -8,9 +8,9 @@ info: classification: cwe-id: CWE-200 metadata: + max-request: 1 vendor: sierrawireless product: airlink_mobility_manager - max-request: 1 fofa-query: app="ACEmanager" tags: panel,login,tech,acemanager diff --git a/http/exposed-panels/active-admin-exposure.yaml b/http/exposed-panels/active-admin-exposure.yaml index 4fbda74150..19d8488092 100644 --- a/http/exposed-panels/active-admin-exposure.yaml +++ b/http/exposed-panels/active-admin-exposure.yaml @@ -10,9 +10,9 @@ info: classification: cwe-id: CWE-200 metadata: + max-request: 1 vendor: activeadmin product: activeadmin - max-request: 1 tags: panel,activeadmin http: diff --git a/http/exposed-panels/activemq-panel.yaml b/http/exposed-panels/activemq-panel.yaml index b847e734c7..fd06c9b896 100644 --- a/http/exposed-panels/activemq-panel.yaml +++ b/http/exposed-panels/activemq-panel.yaml @@ -10,9 +10,9 @@ info: classification: cwe-id: CWE-200 metadata: + max-request: 1 vendor: apache product: activemq - max-request: 1 tags: panel,activemq,apache http: diff --git a/http/exposed-panels/adiscon-loganalyzer.yaml b/http/exposed-panels/adiscon-loganalyzer.yaml index c2cc4291e9..41ba5d061b 100644 --- a/http/exposed-panels/adiscon-loganalyzer.yaml +++ b/http/exposed-panels/adiscon-loganalyzer.yaml @@ -12,9 +12,9 @@ info: cvss-score: 7.5 cwe-id: CWE-200 metadata: + max-request: 1 vendor: adiscon product: loganalyzer - max-request: 1 tags: adiscon,loganalyzer,syslog,exposure,panel http: diff --git a/http/exposed-panels/adminer-panel-detect.yaml b/http/exposed-panels/adminer-panel-detect.yaml index 6778f37ea0..8d38b0f9b2 100644 --- a/http/exposed-panels/adminer-panel-detect.yaml +++ b/http/exposed-panels/adminer-panel-detect.yaml @@ -16,9 +16,9 @@ info: # Most versions have some kind of SSRF usability # Is generally handy if you find SQL creds metadata: + max-request: 741 vendor: adminer product: adminer - max-request: 741 tags: panel,fuzz,adminer,login,sqli http: diff --git a/http/exposed-panels/adminer-panel.yaml b/http/exposed-panels/adminer-panel.yaml index 0f2802e079..ed7b466c5c 100644 --- a/http/exposed-panels/adminer-panel.yaml +++ b/http/exposed-panels/adminer-panel.yaml @@ -10,10 +10,10 @@ info: classification: cwe-id: CWE-200 metadata: - vendor: adminer - product: adminer verified: true max-request: 8 + vendor: adminer + product: adminer shodan-query: title:"Login - Adminer" tags: panel,adminer diff --git a/http/exposed-panels/adobe/adobe-component-login.yaml b/http/exposed-panels/adobe/adobe-component-login.yaml index d9f2408fa2..4ce1fd7b95 100644 --- a/http/exposed-panels/adobe/adobe-component-login.yaml +++ b/http/exposed-panels/adobe/adobe-component-login.yaml @@ -10,9 +10,9 @@ info: classification: cwe-id: CWE-200 metadata: + max-request: 2 vendor: adobe product: coldfusion - max-request: 2 shodan-query: http.component:"Adobe ColdFusion" tags: panel,adobe,coldfusion,edb diff --git a/http/exposed-panels/adobe/adobe-connect-central-login.yaml b/http/exposed-panels/adobe/adobe-connect-central-login.yaml index 031d34d8d2..3861f8b5cb 100644 --- a/http/exposed-panels/adobe/adobe-connect-central-login.yaml +++ b/http/exposed-panels/adobe/adobe-connect-central-login.yaml @@ -10,9 +10,9 @@ info: classification: cwe-id: CWE-200 metadata: + max-request: 1 vendor: adobe product: connect - max-request: 1 tags: adobe,panel,connect-central http: diff --git a/http/exposed-panels/adobe/adobe-experience-manager-login.yaml b/http/exposed-panels/adobe/adobe-experience-manager-login.yaml index a562a4ec1e..082b631684 100644 --- a/http/exposed-panels/adobe/adobe-experience-manager-login.yaml +++ b/http/exposed-panels/adobe/adobe-experience-manager-login.yaml @@ -10,9 +10,9 @@ info: classification: cwe-id: CWE-200 metadata: + max-request: 1 vendor: adobe product: experience_manager - max-request: 1 shodan-query: http.title:"AEM Sign In" tags: panel,aem,adobe diff --git a/http/exposed-panels/adobe/aem-crx-package-manager.yaml b/http/exposed-panels/adobe/aem-crx-package-manager.yaml index 69da2e0373..37cc15284b 100644 --- a/http/exposed-panels/adobe/aem-crx-package-manager.yaml +++ b/http/exposed-panels/adobe/aem-crx-package-manager.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: adobe product: experience_manager - max-request: 1 shodan-query: - http.title:"AEM Sign In" - http.component:"Adobe Experience Manager" diff --git a/http/exposed-panels/adobe/aem-sling-login.yaml b/http/exposed-panels/adobe/aem-sling-login.yaml index 2810aa476d..07b55a7988 100644 --- a/http/exposed-panels/adobe/aem-sling-login.yaml +++ b/http/exposed-panels/adobe/aem-sling-login.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: adobe product: experience_manager - max-request: 1 shodan-query: - http.title:"AEM Sign In" - http.component:"Adobe Experience Manager" diff --git a/http/exposed-panels/afterlogic-webmail-login.yaml b/http/exposed-panels/afterlogic-webmail-login.yaml index 2fa89ab2d2..27750c70c4 100644 --- a/http/exposed-panels/afterlogic-webmail-login.yaml +++ b/http/exposed-panels/afterlogic-webmail-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: afterlogic product: aurora - max-request: 1 fofa-query: "X-Server: AfterlogicDAVServer" tags: panel,afterlogic,login,detect diff --git a/http/exposed-panels/airflow-panel.yaml b/http/exposed-panels/airflow-panel.yaml index 9c5beacde3..28e4c147ef 100644 --- a/http/exposed-panels/airflow-panel.yaml +++ b/http/exposed-panels/airflow-panel.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-668 metadata: + max-request: 2 vendor: apache product: airflow - max-request: 2 shodan-query: title:"Sign In - Airflow" tags: panel,apache,airflow,admin diff --git a/http/exposed-panels/akamai-cloudtest.yaml b/http/exposed-panels/akamai-cloudtest.yaml index b00898030c..f1439caba6 100644 --- a/http/exposed-panels/akamai-cloudtest.yaml +++ b/http/exposed-panels/akamai-cloudtest.yaml @@ -10,9 +10,9 @@ info: classification: cwe-id: CWE-200 metadata: + max-request: 1 vendor: akamai product: cloudtest - max-request: 1 tags: panel,akamai http: diff --git a/http/exposed-panels/alfresco-detect.yaml b/http/exposed-panels/alfresco-detect.yaml index 4ecadb297f..b149393e54 100644 --- a/http/exposed-panels/alfresco-detect.yaml +++ b/http/exposed-panels/alfresco-detect.yaml @@ -10,9 +10,9 @@ info: classification: cwe-id: CWE-200 metadata: + max-request: 1 vendor: alfresco product: alfresco - max-request: 1 tags: alfresco,tech,panel http: diff --git a/http/exposed-panels/allied-telesis-exposure.yaml b/http/exposed-panels/allied-telesis-exposure.yaml index 0f72e3228c..825744835c 100644 --- a/http/exposed-panels/allied-telesis-exposure.yaml +++ b/http/exposed-panels/allied-telesis-exposure.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: allied_telesis - product: device_gui verified: true max-request: 1 + vendor: allied_telesis + product: device_gui shodan-query: title:"Allied Telesis Device GUI" tags: panel,allied diff --git a/http/exposed-panels/ambari-exposure.yaml b/http/exposed-panels/ambari-exposure.yaml index 434946a4ea..b096151e48 100644 --- a/http/exposed-panels/ambari-exposure.yaml +++ b/http/exposed-panels/ambari-exposure.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-668 metadata: + max-request: 1 vendor: apache product: ambari - max-request: 1 tags: panel,apache,ambari,exposure http: diff --git a/http/exposed-panels/amcrest-login.yaml b/http/exposed-panels/amcrest-login.yaml index f10919c2fd..61239a0f39 100644 --- a/http/exposed-panels/amcrest-login.yaml +++ b/http/exposed-panels/amcrest-login.yaml @@ -10,9 +10,9 @@ info: classification: cwe-id: CWE-200 metadata: + max-request: 1 vendor: amcrest product: ip2m-853ew - max-request: 1 shodan-query: html:"amcrest" google-query: intext:"amcrest" "LDAP User" tags: panel,camera,amcrest,edb diff --git a/http/exposed-panels/ametys-admin-login.yaml b/http/exposed-panels/ametys-admin-login.yaml index a47109ee2d..ec0677628e 100644 --- a/http/exposed-panels/ametys-admin-login.yaml +++ b/http/exposed-panels/ametys-admin-login.yaml @@ -8,9 +8,9 @@ info: classification: cwe-id: CWE-200 metadata: + max-request: 1 vendor: ametys product: ametys - max-request: 1 tags: panel,ametys,cms http: diff --git a/http/exposed-panels/amp-application-panel.yaml b/http/exposed-panels/amp-application-panel.yaml index bd35b9e9e0..c08a536d10 100644 --- a/http/exposed-panels/amp-application-panel.yaml +++ b/http/exposed-panels/amp-application-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: cubecoders - product: amp verified: true max-request: 1 + vendor: cubecoders + product: amp shodan-query: title:"AMP - Application Management Panel" tags: panel,amp diff --git a/http/exposed-panels/ampache-panel.yaml b/http/exposed-panels/ampache-panel.yaml index dcbaa1d496..81853d0407 100644 --- a/http/exposed-panels/ampache-panel.yaml +++ b/http/exposed-panels/ampache-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: ampache - product: ampache verified: true max-request: 3 + vendor: ampache + product: ampache shodan-query: http.title:"For the Love of Music" tags: panel,ampache diff --git a/http/exposed-panels/ansible-tower-exposure.yaml b/http/exposed-panels/ansible-tower-exposure.yaml index 1c136b97b0..d0d1145809 100644 --- a/http/exposed-panels/ansible-tower-exposure.yaml +++ b/http/exposed-panels/ansible-tower-exposure.yaml @@ -13,9 +13,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: redhat product: ansible_tower - max-request: 1 shodan-query: title:"Ansible Tower" google-query: intitle:"Ansible Tower" tags: panel,ansible diff --git a/http/exposed-panels/apache-jmeter-dashboard.yaml b/http/exposed-panels/apache-jmeter-dashboard.yaml index a98e6f165d..e7ac427a06 100644 --- a/http/exposed-panels/apache-jmeter-dashboard.yaml +++ b/http/exposed-panels/apache-jmeter-dashboard.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: apache - product: jmeter verified: true max-request: 1 + vendor: apache + product: jmeter shodan-query: title:"Apache JMeter Dashboard" tags: apache,jmeter,panel diff --git a/http/exposed-panels/apache/apache-apisix-panel.yaml b/http/exposed-panels/apache/apache-apisix-panel.yaml index c1150df4a8..b506d99220 100644 --- a/http/exposed-panels/apache/apache-apisix-panel.yaml +++ b/http/exposed-panels/apache/apache-apisix-panel.yaml @@ -8,9 +8,9 @@ info: classification: cwe-id: CWE-200 metadata: + max-request: 1 vendor: apache product: apisix - max-request: 1 fofa-query: title="Apache APISIX Dashboard" tags: apache,apisix,panel diff --git a/http/exposed-panels/apache/apache-mesos-panel.yaml b/http/exposed-panels/apache/apache-mesos-panel.yaml index 3d0735c23c..83d7336930 100644 --- a/http/exposed-panels/apache/apache-mesos-panel.yaml +++ b/http/exposed-panels/apache/apache-mesos-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: apache - product: mesos verified: true max-request: 2 + vendor: apache + product: mesos shodan-query: http.title:"Mesos" fofa-query: app="APACHE-MESOS" tags: panel,apache,mesos diff --git a/http/exposed-panels/apache/public-tomcat-manager.yaml b/http/exposed-panels/apache/public-tomcat-manager.yaml index 0c00ae899b..95ef6b062c 100644 --- a/http/exposed-panels/apache/public-tomcat-manager.yaml +++ b/http/exposed-panels/apache/public-tomcat-manager.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: apache product: tomcat - max-request: 2 shodan-query: title:"Apache Tomcat" tags: panel,tomcat,apache diff --git a/http/exposed-panels/apigee-panel.yaml b/http/exposed-panels/apigee-panel.yaml index bcb84b2170..20f33c6936 100644 --- a/http/exposed-panels/apigee-panel.yaml +++ b/http/exposed-panels/apigee-panel.yaml @@ -1,19 +1,19 @@ id: apigee-panel -info: - name: Apigee Login Panel - Detect - author: righettod - severity: info - description: | - Apigee login panel was detected. - reference: - - https://cloud.google.com/apigee?hl=en - metadata: - max-request: 1 - verified: true - shodan-query: http.favicon.hash:"-839356603" - tags: panel,apigee,login - +info: + name: Apigee Login Panel - Detect + author: righettod + severity: info + description: | + Apigee login panel was detected. + reference: + - https://cloud.google.com/apigee?hl=en + metadata: + verified: true + max-request: 1 + shodan-query: http.favicon.hash:"-839356603" + tags: panel,apigee,login + http: - method: GET path: diff --git a/http/exposed-panels/appsmith-web-login.yaml b/http/exposed-panels/appsmith-web-login.yaml index 01f0fd27c7..8f4afedc20 100644 --- a/http/exposed-panels/appsmith-web-login.yaml +++ b/http/exposed-panels/appsmith-web-login.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: appsmith - product: appsmith verified: true max-request: 1 + vendor: appsmith + product: appsmith shodan-query: http.title:"appsmith" tags: panel,appsmith diff --git a/http/exposed-panels/appspace-panel.yaml b/http/exposed-panels/appspace-panel.yaml index ad1fff6deb..52a060ef87 100644 --- a/http/exposed-panels/appspace-panel.yaml +++ b/http/exposed-panels/appspace-panel.yaml @@ -8,10 +8,10 @@ info: reference: - https://www.appspace.com/ metadata: - vendor: appspace - product: appspace verified: true max-request: 3 + vendor: appspace + product: appspace shodan-query: title:"Appspace" tags: appspace,panel,detect diff --git a/http/exposed-panels/appsuite-panel.yaml b/http/exposed-panels/appsuite-panel.yaml index 1bbfef2d71..17b5912610 100644 --- a/http/exposed-panels/appsuite-panel.yaml +++ b/http/exposed-panels/appsuite-panel.yaml @@ -5,10 +5,10 @@ info: author: DhiyaneshDK severity: info metadata: - vendor: open-xchange - product: open-xchange_appsuite verified: true max-request: 1 + vendor: open-xchange + product: open-xchange_appsuite shodan-query: html:"Appsuite" tags: panel,appsuite,detect diff --git a/http/exposed-panels/appwrite-panel.yaml b/http/exposed-panels/appwrite-panel.yaml index 4529886202..b956b5ae78 100644 --- a/http/exposed-panels/appwrite-panel.yaml +++ b/http/exposed-panels/appwrite-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: appwrite - product: appwrite verified: true max-request: 2 + vendor: appwrite + product: appwrite shodan-query: http.favicon.hash:-633108100 tags: panel,appwrite,detect diff --git a/http/exposed-panels/arangodb-web-Interface.yaml b/http/exposed-panels/arangodb-web-Interface.yaml index 5eaef47ecd..d6742d9673 100644 --- a/http/exposed-panels/arangodb-web-Interface.yaml +++ b/http/exposed-panels/arangodb-web-Interface.yaml @@ -9,10 +9,10 @@ info: reference: - https://www.arangodb.com/docs/stable/ metadata: - vendor: arangodb - product: arangodb verified: "true" max-request: 1 + vendor: arangodb + product: arangodb shodan-query: http.title:"ArangoDB Web Interface" tags: panel,arangodb,login diff --git a/http/exposed-panels/arcgis/arcgis-panel.yaml b/http/exposed-panels/arcgis/arcgis-panel.yaml index bccd1147ca..9faec90afb 100644 --- a/http/exposed-panels/arcgis/arcgis-panel.yaml +++ b/http/exposed-panels/arcgis/arcgis-panel.yaml @@ -10,9 +10,9 @@ info: classification: cwe-id: CWE-200 metadata: + max-request: 1 vendor: esri product: arcgis_enterprise - max-request: 1 tags: docs,arcgis,cms,panel http: diff --git a/http/exposed-panels/arcgis/arcgis-services.yaml b/http/exposed-panels/arcgis/arcgis-services.yaml index 4456ac363d..0ebeba5ee8 100644 --- a/http/exposed-panels/arcgis/arcgis-services.yaml +++ b/http/exposed-panels/arcgis/arcgis-services.yaml @@ -8,10 +8,10 @@ info: reference: - https://enterprise.arcgis.com/en/ metadata: - vendor: esri - product: arcgis_server verified: true max-request: 1 + vendor: esri + product: arcgis_server shodan-query: title:"ArcGIS" tags: panel,arcgis,rest,api,detect diff --git a/http/exposed-panels/archibus-webcentral-panel.yaml b/http/exposed-panels/archibus-webcentral-panel.yaml index b14637e57d..c6fc641cf5 100644 --- a/http/exposed-panels/archibus-webcentral-panel.yaml +++ b/http/exposed-panels/archibus-webcentral-panel.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: archibus - product: web_central verified: true max-request: 3 + vendor: archibus + product: web_central shodan-query: http.favicon.hash:889652940 tags: panel,archibus diff --git a/http/exposed-panels/arcserve-panel.yaml b/http/exposed-panels/arcserve-panel.yaml index 0b68a02110..58ac7ccb80 100644 --- a/http/exposed-panels/arcserve-panel.yaml +++ b/http/exposed-panels/arcserve-panel.yaml @@ -8,10 +8,10 @@ info: - https://twitter.com/HunterMapping/status/1674267368359444480 - https://github.com/mdsecactivebreach/CVE-2023-26258-ArcServe metadata: - vendor: arcserve - product: udp verified: true max-request: 1 + vendor: arcserve + product: udp shodan-query: http.favicon.hash:-1889244460 fofa-query: icon_hash="-1889244460" tags: panel,login,arcserve,detect diff --git a/http/exposed-panels/arris-modem-detect.yaml b/http/exposed-panels/arris-modem-detect.yaml index b325bb25a9..897e030df4 100644 --- a/http/exposed-panels/arris-modem-detect.yaml +++ b/http/exposed-panels/arris-modem-detect.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: commscope - product: dg3450 verified: true max-request: 1 + vendor: commscope + product: dg3450 shodan-query: html:"phy.htm" tags: panel,arris diff --git a/http/exposed-panels/atlantis-detect.yaml b/http/exposed-panels/atlantis-detect.yaml index 941df61282..f959167d3e 100644 --- a/http/exposed-panels/atlantis-detect.yaml +++ b/http/exposed-panels/atlantis-detect.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: runatlantis - product: atlantis verified: true max-request: 1 + vendor: runatlantis + product: atlantis shodan-query: http.favicon.hash:-1706783005 tags: panel,atlantis diff --git a/http/exposed-panels/atlassian-bamboo-panel.yaml b/http/exposed-panels/atlassian-bamboo-panel.yaml index 7d4dd93918..3faf916ca1 100644 --- a/http/exposed-panels/atlassian-bamboo-panel.yaml +++ b/http/exposed-panels/atlassian-bamboo-panel.yaml @@ -1,19 +1,19 @@ id: atlassian-bamboo-panel -info: - name: Atlassian Bamboo Login Panel - Detect - author: righettod - severity: info - description: | - Atlassian Bamboo login panel was detected. - reference: - - https://www.atlassian.com/software/bamboo - metadata: - max-request: 1 - verified: true - shodan-query: http.title:"Bamboo" - tags: panel,bamboo,login,detect - +info: + name: Atlassian Bamboo Login Panel - Detect + author: righettod + severity: info + description: | + Atlassian Bamboo login panel was detected. + reference: + - https://www.atlassian.com/software/bamboo + metadata: + verified: true + max-request: 1 + shodan-query: http.title:"Bamboo" + tags: panel,bamboo,login,detect + http: - method: GET path: diff --git a/http/exposed-panels/atlassian-crowd-panel.yaml b/http/exposed-panels/atlassian-crowd-panel.yaml index 8c8cb94352..2f9bafaca4 100644 --- a/http/exposed-panels/atlassian-crowd-panel.yaml +++ b/http/exposed-panels/atlassian-crowd-panel.yaml @@ -10,9 +10,9 @@ info: classification: cwe-id: CWE-200 metadata: + max-request: 1 vendor: atlassian product: crowd - max-request: 1 category: sso tags: panel,atlassian diff --git a/http/exposed-panels/avantfax-panel.yaml b/http/exposed-panels/avantfax-panel.yaml index e128ec2c8f..8c354171f7 100644 --- a/http/exposed-panels/avantfax-panel.yaml +++ b/http/exposed-panels/avantfax-panel.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-668 metadata: + max-request: 1 vendor: avantfax product: avantfax - max-request: 1 shodan-query: http.title:"AvantFAX - Login" tags: panel,avantfax,login diff --git a/http/exposed-panels/avaya/avayaaura-cm-panel.yaml b/http/exposed-panels/avaya/avayaaura-cm-panel.yaml index f262547af3..a96e9f17ee 100644 --- a/http/exposed-panels/avaya/avayaaura-cm-panel.yaml +++ b/http/exposed-panels/avaya/avayaaura-cm-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: avaya product: aura_communication_manager - max-request: 1 tags: panel,avaya http: diff --git a/http/exposed-panels/avaya/avayaaura-system-manager-panel.yaml b/http/exposed-panels/avaya/avayaaura-system-manager-panel.yaml index ffd75ee2e5..b7b845ef15 100644 --- a/http/exposed-panels/avaya/avayaaura-system-manager-panel.yaml +++ b/http/exposed-panels/avaya/avayaaura-system-manager-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: avaya product: aura_system_manager - max-request: 1 tags: panel,avaya http: diff --git a/http/exposed-panels/aviatrix-panel.yaml b/http/exposed-panels/aviatrix-panel.yaml index b9504de6ac..800b116426 100644 --- a/http/exposed-panels/aviatrix-panel.yaml +++ b/http/exposed-panels/aviatrix-panel.yaml @@ -10,9 +10,9 @@ info: classification: cwe-id: CWE-200 metadata: + max-request: 1 vendor: aviatrix product: controller - max-request: 1 shodan-query: http.title:"Aviatrix Cloud Controller" tags: panel,aviatrix diff --git a/http/exposed-panels/avigilon-panel.yaml b/http/exposed-panels/avigilon-panel.yaml index 3071040242..72ff5b62b6 100644 --- a/http/exposed-panels/avigilon-panel.yaml +++ b/http/exposed-panels/avigilon-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: avigilon - product: avigilon_control_center verified: true max-request: 1 + vendor: avigilon + product: avigilon_control_center shodan-query: http.title:"Login - Avigilon Control Center" tags: panel,avigilon diff --git a/http/exposed-panels/aws-opensearch-login.yaml b/http/exposed-panels/aws-opensearch-login.yaml index 1fa3c73280..a8b961c37e 100644 --- a/http/exposed-panels/aws-opensearch-login.yaml +++ b/http/exposed-panels/aws-opensearch-login.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: amazon product: opensearch - max-request: 1 tags: panel,opensearch,aws http: diff --git a/http/exposed-panels/axway-securetransport-panel.yaml b/http/exposed-panels/axway-securetransport-panel.yaml index d25c3bea73..a449a5cb5f 100644 --- a/http/exposed-panels/axway-securetransport-panel.yaml +++ b/http/exposed-panels/axway-securetransport-panel.yaml @@ -13,10 +13,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: axway - product: securetransport verified: true max-request: 1 + vendor: axway + product: securetransport shodan-query: http.title:"SecureTransport" || http.favicon.hash:1330269434 tags: panel,axway,securetransport diff --git a/http/exposed-panels/axway-securetransport-webclient.yaml b/http/exposed-panels/axway-securetransport-webclient.yaml index 83f4c948a3..b82b24717e 100644 --- a/http/exposed-panels/axway-securetransport-webclient.yaml +++ b/http/exposed-panels/axway-securetransport-webclient.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: axway - product: securetransport verified: true max-request: 1 + vendor: axway + product: securetransport google-query: intitle:"ST Web Client" tags: panel,axway,securetransport,webclient diff --git a/http/exposed-panels/axxon-client-panel.yaml b/http/exposed-panels/axxon-client-panel.yaml index 1e6e85fa37..cdb8519103 100644 --- a/http/exposed-panels/axxon-client-panel.yaml +++ b/http/exposed-panels/axxon-client-panel.yaml @@ -11,10 +11,10 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - vendor: axxonsoft - product: axxon_next verified: true max-request: 1 + vendor: axxonsoft + product: axxon_next shodan-query: title:"Axxon Next client" tags: panel,axxon,vms,login,detect diff --git a/http/exposed-panels/bedita-panel.yaml b/http/exposed-panels/bedita-panel.yaml index 603fe6336c..c1cd03a8df 100644 --- a/http/exposed-panels/bedita-panel.yaml +++ b/http/exposed-panels/bedita-panel.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: bedita product: bedita - max-request: 1 shodan-query: http.title:"BEdita" tags: panel,bedita diff --git a/http/exposed-panels/beego-admin-dashboard.yaml b/http/exposed-panels/beego-admin-dashboard.yaml index dd26fee729..be1ba30993 100644 --- a/http/exposed-panels/beego-admin-dashboard.yaml +++ b/http/exposed-panels/beego-admin-dashboard.yaml @@ -13,10 +13,10 @@ info: cvss-score: 5.3 cwe-id: CWE-200 metadata: - vendor: beego - product: beego verified: true max-request: 1 + vendor: beego + product: beego shodan-query: html:"Beego Admin Dashboard" tags: panel,beego,unauth diff --git a/http/exposed-panels/bigbluebutton-login.yaml b/http/exposed-panels/bigbluebutton-login.yaml index cffed04e75..96d1907eee 100644 --- a/http/exposed-panels/bigbluebutton-login.yaml +++ b/http/exposed-panels/bigbluebutton-login.yaml @@ -10,9 +10,9 @@ info: classification: cwe-id: CWE-200 metadata: + max-request: 1 vendor: bigbluebutton product: greenlight - max-request: 1 tags: panel,bigbluebutton http: diff --git a/http/exposed-panels/bigip-rest-panel.yaml b/http/exposed-panels/bigip-rest-panel.yaml index 687c5d0e32..2119e1e26b 100644 --- a/http/exposed-panels/bigip-rest-panel.yaml +++ b/http/exposed-panels/bigip-rest-panel.yaml @@ -15,9 +15,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: f5 product: big-ip_access_policy_manager - max-request: 1 shodan-query: http.title:"BIG-IP®-+Redirect" +"Server" tags: panel,bigip,f5 diff --git a/http/exposed-panels/bitdefender-gravityzone.yaml b/http/exposed-panels/bitdefender-gravityzone.yaml index 90dd5fa120..7b960dd346 100644 --- a/http/exposed-panels/bitdefender-gravityzone.yaml +++ b/http/exposed-panels/bitdefender-gravityzone.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: bitdefender - product: gravityzone verified: true max-request: 1 + vendor: bitdefender + product: gravityzone shodan-query: title:"Bitdefender GravityZone" tags: panel,bitdefender diff --git a/http/exposed-panels/bitrix-panel.yaml b/http/exposed-panels/bitrix-panel.yaml index 1ae8ac9bbe..5a5e639306 100644 --- a/http/exposed-panels/bitrix-panel.yaml +++ b/http/exposed-panels/bitrix-panel.yaml @@ -8,9 +8,9 @@ info: classification: cwe-id: CWE-200 metadata: + max-request: 1 vendor: bitrix product: bitrix24 - max-request: 1 tags: panel,bitrix,login http: diff --git a/http/exposed-panels/bitwarden-vault-panel.yaml b/http/exposed-panels/bitwarden-vault-panel.yaml index 0e4c3de03e..90f48aac84 100644 --- a/http/exposed-panels/bitwarden-vault-panel.yaml +++ b/http/exposed-panels/bitwarden-vault-panel.yaml @@ -7,10 +7,10 @@ info: reference: - https://bitwarden.com/?utm_source=google&utm_medium=cpc&utm_campaign=AW_ALL_NU_CL_Bitwarden_en_GSN_DTMB_Brand-Login_KW:Brand-Login_Consolidated&utm_content=646427936792&utm_term=bitwarden%20vault%20login|kwd-826827349840&hsa_acc=2567950947&hsa_cam=19621984700&hsa_grp=145977914135&hsa_ad=646427936792&hsa_src=g&hsa_tgt=kwd-826827349840&hsa_kw=bitwarden%20vault%20login&hsa_mt=e&hsa_net=adwords&hsa_ver=3&gad=1&gclid=Cj0KCQjwpompBhDZARIsAFD_Fp-07Mni-xzuKd5Ewi6I7qzRTdZOYSxMsMVvKVWhGm5qg2KUiY2Z7SQaAvSIEALw_wcB metadata: - vendor: bitwarden - product: bitwarden verified: true max-request: 1 + vendor: bitwarden + product: bitwarden shodan-query: title:"Bitwarden Web Vault" tags: panel,bitwarden,vault,detect diff --git a/http/exposed-panels/bloofoxcms-login-panel.yaml b/http/exposed-panels/bloofoxcms-login-panel.yaml index 22a9f60b96..6b9e08af7e 100644 --- a/http/exposed-panels/bloofoxcms-login-panel.yaml +++ b/http/exposed-panels/bloofoxcms-login-panel.yaml @@ -5,10 +5,10 @@ info: author: theamanrawat severity: info metadata: - vendor: bloofox - product: bloofoxcms verified: "true" max-request: 2 + vendor: bloofox + product: bloofoxcms fofa-query: "Powered by bloofoxCMS" tags: panel,bloofox,cms diff --git a/http/exposed-panels/bolt-cms-panel.yaml b/http/exposed-panels/bolt-cms-panel.yaml index f2ecfa6f81..ab4e1f7332 100644 --- a/http/exposed-panels/bolt-cms-panel.yaml +++ b/http/exposed-panels/bolt-cms-panel.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: boltcms product: bolt - max-request: 1 tags: panel,bolt,cms,login http: diff --git a/http/exposed-panels/bookstack-panel.yaml b/http/exposed-panels/bookstack-panel.yaml index c497271490..5fdd4a9eef 100644 --- a/http/exposed-panels/bookstack-panel.yaml +++ b/http/exposed-panels/bookstack-panel.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: bookstackapp product: bookstack - max-request: 1 shodan-query: http.title:"BookStack" tags: panel,bookstack diff --git a/http/exposed-panels/buildbot-panel.yaml b/http/exposed-panels/buildbot-panel.yaml index c5ed43ff38..f6e74891bb 100644 --- a/http/exposed-panels/buildbot-panel.yaml +++ b/http/exposed-panels/buildbot-panel.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: buildbot - product: buildbot verified: true max-request: 1 + vendor: buildbot + product: buildbot shodan-query: http.title:"BuildBot" tags: panel,buildbot,cicd diff --git a/http/exposed-panels/bynder-panel.yaml b/http/exposed-panels/bynder-panel.yaml index 5dcf0acbea..08dde7db71 100644 --- a/http/exposed-panels/bynder-panel.yaml +++ b/http/exposed-panels/bynder-panel.yaml @@ -1,19 +1,19 @@ id: bynder-panel -info: - name: Bynder Login Panel - Detect - author: righettod - severity: info - description: | - Bynder login panel was detected. - reference: - - https://www.bynder.com/en/ - metadata: - max-request: 1 - verified: true - shodan-query: http.favicon.hash:1017650009 - tags: panel,bynder,login,detect - +info: + name: Bynder Login Panel - Detect + author: righettod + severity: info + description: | + Bynder login panel was detected. + reference: + - https://www.bynder.com/en/ + metadata: + verified: true + max-request: 1 + shodan-query: http.favicon.hash:1017650009 + tags: panel,bynder,login,detect + http: - method: GET path: diff --git a/http/exposed-panels/cacti-panel.yaml b/http/exposed-panels/cacti-panel.yaml index 0c1b92c138..236ecc323f 100644 --- a/http/exposed-panels/cacti-panel.yaml +++ b/http/exposed-panels/cacti-panel.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: cacti product: cacti - max-request: 2 tags: tech,cacti,login,panel http: diff --git a/http/exposed-panels/cas-login.yaml b/http/exposed-panels/cas-login.yaml index 81c5ddfa7c..eaaafdb327 100644 --- a/http/exposed-panels/cas-login.yaml +++ b/http/exposed-panels/cas-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: apereo product: central_authentication_service - max-request: 1 shodan-query: http.title:'CAS - Central Authentication Service' github: https://github.com/apereo/cas tags: apereo,cas,panel,login diff --git a/http/exposed-panels/casdoor-login.yaml b/http/exposed-panels/casdoor-login.yaml index 3d50c1583a..6d2532b18a 100644 --- a/http/exposed-panels/casdoor-login.yaml +++ b/http/exposed-panels/casdoor-login.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: casbin product: casdoor - max-request: 1 shodan-query: http.title:"Casdoor" tags: panel,casdoor diff --git a/http/exposed-panels/centreon-panel.yaml b/http/exposed-panels/centreon-panel.yaml index 4ba8100de7..b4768973c8 100644 --- a/http/exposed-panels/centreon-panel.yaml +++ b/http/exposed-panels/centreon-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: centreon product: centreon_web - max-request: 1 shodan-query: http.title:"Centreon" tags: panel,centreon,login diff --git a/http/exposed-panels/checkmk/checkmk-login.yaml b/http/exposed-panels/checkmk/checkmk-login.yaml index 965f95e586..a6cce9db4a 100644 --- a/http/exposed-panels/checkmk/checkmk-login.yaml +++ b/http/exposed-panels/checkmk/checkmk-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: tribe29 product: checkmk - max-request: 1 tags: login,tech,synology,rackstation,panel http: diff --git a/http/exposed-panels/checkpoint/ssl-network-extender.yaml b/http/exposed-panels/checkpoint/ssl-network-extender.yaml index 6934c2eb60..28367a77ee 100644 --- a/http/exposed-panels/checkpoint/ssl-network-extender.yaml +++ b/http/exposed-panels/checkpoint/ssl-network-extender.yaml @@ -13,9 +13,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: checkpoint product: ssl_network_extender - max-request: 1 shodan-query: http.title:"Check Point SSL Network Extender" google-query: intitle:"SSL Network Extender Login" tags: panel,checkpoint,router diff --git a/http/exposed-panels/cisco-unity-panel.yaml b/http/exposed-panels/cisco-unity-panel.yaml index 807681556c..395ad8b37e 100644 --- a/http/exposed-panels/cisco-unity-panel.yaml +++ b/http/exposed-panels/cisco-unity-panel.yaml @@ -7,9 +7,9 @@ info: description: | A Cisco Unity Connection instance was detected. metadata: - shodan-query: "html:\"Cisco Unity Connection\"" - max-request: 2 verified: true + max-request: 2 + shodan-query: "html:\"Cisco Unity Connection\"" tags: panel,cisco,unity,login,detect http: diff --git a/http/exposed-panels/cisco/cisco-anyconnect-vpn.yaml b/http/exposed-panels/cisco/cisco-anyconnect-vpn.yaml index cc3991bc32..5e4092b756 100644 --- a/http/exposed-panels/cisco/cisco-anyconnect-vpn.yaml +++ b/http/exposed-panels/cisco/cisco-anyconnect-vpn.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: cisco product: anyconnect_secure_mobility_client - max-request: 1 tags: cisco,panel,vpn http: diff --git a/http/exposed-panels/cisco/cisco-asa-panel.yaml b/http/exposed-panels/cisco/cisco-asa-panel.yaml index faa64d84ca..8b5defd038 100644 --- a/http/exposed-panels/cisco/cisco-asa-panel.yaml +++ b/http/exposed-panels/cisco/cisco-asa-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: cisco product: adaptive_security_appliance_software - max-request: 1 tags: cisco,panel http: diff --git a/http/exposed-panels/cisco/cisco-edge-340.yaml b/http/exposed-panels/cisco/cisco-edge-340.yaml index c054bd6485..122ace2f6a 100644 --- a/http/exposed-panels/cisco/cisco-edge-340.yaml +++ b/http/exposed-panels/cisco/cisco-edge-340.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: cisco product: edge_340_firmware - max-request: 1 shodan-query: http.title:"Cisco Edge 340" tags: panel,cisco diff --git a/http/exposed-panels/cisco/cisco-expressway-panel.yaml b/http/exposed-panels/cisco/cisco-expressway-panel.yaml index 7dd5c5eed5..83cca7bff5 100644 --- a/http/exposed-panels/cisco/cisco-expressway-panel.yaml +++ b/http/exposed-panels/cisco/cisco-expressway-panel.yaml @@ -1,19 +1,19 @@ id: cisco-expressway-panel -info: - name: CISCO Expressway Login Panel - Detect - author: righettod - severity: info - description: | - CISCO Expressway login panel was detected. - reference: - - https://www.cisco.com/c/en/us/products/unified-communications/expressway-series/index.html - metadata: - verified: true - max-request: 1 - shodan-query: html:"Cisco Expressway" - tags: panel,cisco,login,detect - +info: + name: CISCO Expressway Login Panel - Detect + author: righettod + severity: info + description: | + CISCO Expressway login panel was detected. + reference: + - https://www.cisco.com/c/en/us/products/unified-communications/expressway-series/index.html + metadata: + verified: true + max-request: 1 + shodan-query: html:"Cisco Expressway" + tags: panel,cisco,login,detect + http: - method: GET path: diff --git a/http/exposed-panels/cisco/cisco-finesse-login.yaml b/http/exposed-panels/cisco/cisco-finesse-login.yaml index 0472558288..f7816cf067 100644 --- a/http/exposed-panels/cisco/cisco-finesse-login.yaml +++ b/http/exposed-panels/cisco/cisco-finesse-login.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: cisco product: finesse - max-request: 1 tags: panel,cisco,edb http: diff --git a/http/exposed-panels/cisco/cisco-integrated-login.yaml b/http/exposed-panels/cisco/cisco-integrated-login.yaml index ffb28819b5..009c633839 100644 --- a/http/exposed-panels/cisco/cisco-integrated-login.yaml +++ b/http/exposed-panels/cisco/cisco-integrated-login.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: cisco product: integrated_management_controller - max-request: 1 tags: panel,cisco,edb http: diff --git a/http/exposed-panels/cisco/cisco-ios-xe-panel.yaml b/http/exposed-panels/cisco/cisco-ios-xe-panel.yaml index 676bdcd0a0..80d543dadd 100644 --- a/http/exposed-panels/cisco/cisco-ios-xe-panel.yaml +++ b/http/exposed-panels/cisco/cisco-ios-xe-panel.yaml @@ -12,10 +12,10 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - vendor: cisco - product: ios_xe verified: "true" max-request: 2 + vendor: cisco + product: ios_xe shodan-query: http.html_hash:1076109428 tags: panel,cisco ssl: diff --git a/http/exposed-panels/cisco/cisco-onprem-panel.yaml b/http/exposed-panels/cisco/cisco-onprem-panel.yaml index 6b850bf192..9db31590a2 100644 --- a/http/exposed-panels/cisco/cisco-onprem-panel.yaml +++ b/http/exposed-panels/cisco/cisco-onprem-panel.yaml @@ -10,10 +10,10 @@ info: - https://www.cisco.com/c/en/us/products/collateral/cloud-systems-management/smart-software-manager-satellite/datasheet-c78-734539.html - https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ssm-sql-X9MmjSYh metadata: - vendor: cisco - product: smart_software_manager_on-prem verified: true max-request: 2 + vendor: cisco + product: smart_software_manager_on-prem shodan-query: title:"On-Prem License Workspace" fofa-query: title="On-Prem License Workspace" tags: cisco,manager,login,panel diff --git a/http/exposed-panels/cisco/cisco-prime-infrastructure.yaml b/http/exposed-panels/cisco/cisco-prime-infrastructure.yaml index a0e53f8f73..73cacea835 100644 --- a/http/exposed-panels/cisco/cisco-prime-infrastructure.yaml +++ b/http/exposed-panels/cisco/cisco-prime-infrastructure.yaml @@ -11,9 +11,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: cisco product: prime_infrastructure - max-request: 1 shodan-query: http.title:"prime infrastructure" tags: panel,cisco diff --git a/http/exposed-panels/cisco/cisco-sd-wan.yaml b/http/exposed-panels/cisco/cisco-sd-wan.yaml index 261be1dab7..5728d3b1ee 100644 --- a/http/exposed-panels/cisco/cisco-sd-wan.yaml +++ b/http/exposed-panels/cisco/cisco-sd-wan.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: cisco product: sd-wan - max-request: 1 tags: panel,cisco http: diff --git a/http/exposed-panels/cisco/cisco-secure-desktop.yaml b/http/exposed-panels/cisco/cisco-secure-desktop.yaml index b4400605e0..de69815cc8 100644 --- a/http/exposed-panels/cisco/cisco-secure-desktop.yaml +++ b/http/exposed-panels/cisco/cisco-secure-desktop.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: cisco product: secure_desktop - max-request: 1 tags: cisco,panel http: diff --git a/http/exposed-panels/cisco/cisco-ucs-kvm-login.yaml b/http/exposed-panels/cisco/cisco-ucs-kvm-login.yaml index 0509b7a5c0..d8a4ec5e51 100644 --- a/http/exposed-panels/cisco/cisco-ucs-kvm-login.yaml +++ b/http/exposed-panels/cisco/cisco-ucs-kvm-login.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: cisco product: unified_computing_system - max-request: 1 shodan-query: http.title:"Cisco UCS KVM Direct" tags: panel,cisco,ucs,kvm diff --git a/http/exposed-panels/citrix-adc-gateway-detect.yaml b/http/exposed-panels/citrix-adc-gateway-detect.yaml index 119c760ce2..bd8931492c 100644 --- a/http/exposed-panels/citrix-adc-gateway-detect.yaml +++ b/http/exposed-panels/citrix-adc-gateway-detect.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: citrix product: gateway - max-request: 2 tags: panel,citrix http: diff --git a/http/exposed-panels/citrix-vpn-detect.yaml b/http/exposed-panels/citrix-vpn-detect.yaml index 9b5b105a27..fb92ef9571 100644 --- a/http/exposed-panels/citrix-vpn-detect.yaml +++ b/http/exposed-panels/citrix-vpn-detect.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: citrix product: gateway - max-request: 1 tags: panel,citrix http: diff --git a/http/exposed-panels/cleanweb-panel.yaml b/http/exposed-panels/cleanweb-panel.yaml index 7b885b195b..df132d01c5 100644 --- a/http/exposed-panels/cleanweb-panel.yaml +++ b/http/exposed-panels/cleanweb-panel.yaml @@ -9,8 +9,8 @@ info: reference: - https://tentelemed.com/ metadata: - max-request: 1 verified: true + max-request: 1 shodan-query: http.title:"CleanWeb" tags: panel,cleanweb,login,detect diff --git a/http/exposed-panels/clearpass-policy-manager.yaml b/http/exposed-panels/clearpass-policy-manager.yaml index 3413cf6daa..3ca2e321cd 100644 --- a/http/exposed-panels/clearpass-policy-manager.yaml +++ b/http/exposed-panels/clearpass-policy-manager.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: arubanetworks product: clearpass_policy_manager - max-request: 1 shodan-query: http.title:"ClearPass Policy Manager" tags: panel,aruba diff --git a/http/exposed-panels/cloudpanel-login.yaml b/http/exposed-panels/cloudpanel-login.yaml index 965657438b..0d1a23e5df 100644 --- a/http/exposed-panels/cloudpanel-login.yaml +++ b/http/exposed-panels/cloudpanel-login.yaml @@ -5,10 +5,10 @@ info: author: DhiyaneshDk severity: info metadata: - vendor: mgt-commerce - product: cloudpanel verified: true max-request: 1 + vendor: mgt-commerce + product: cloudpanel shodan-query: http.favicon.hash:151132309 fofa-query: icon_hash="151132309" tags: panel,login,cloudpanel,detect diff --git a/http/exposed-panels/cobbler-webgui.yaml b/http/exposed-panels/cobbler-webgui.yaml index baeb118d37..502d24ec75 100644 --- a/http/exposed-panels/cobbler-webgui.yaml +++ b/http/exposed-panels/cobbler-webgui.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: cobblerd product: cobbler - max-request: 1 shodan-query: http.title:"Cobbler Web Interface" tags: cobbler,webserver,panel diff --git a/http/exposed-panels/code-server-login.yaml b/http/exposed-panels/code-server-login.yaml index f965e61720..9e0cbf0f88 100644 --- a/http/exposed-panels/code-server-login.yaml +++ b/http/exposed-panels/code-server-login.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: coder - product: code-server verified: true max-request: 1 + vendor: coder + product: code-server shodan-query: http.title:"code-server login" tags: panel,detect,misc diff --git a/http/exposed-panels/code42-panel.yaml b/http/exposed-panels/code42-panel.yaml index 58070beb66..b40bd61dd3 100644 --- a/http/exposed-panels/code42-panel.yaml +++ b/http/exposed-panels/code42-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: code42 product: code42 - max-request: 1 tags: panel,code42 http: diff --git a/http/exposed-panels/codemeter-webadmin-panel.yaml b/http/exposed-panels/codemeter-webadmin-panel.yaml index c7fd8afb1e..c7b4adaf29 100644 --- a/http/exposed-panels/codemeter-webadmin-panel.yaml +++ b/http/exposed-panels/codemeter-webadmin-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-668 metadata: + max-request: 1 vendor: wibu product: codemeter - max-request: 1 tags: codemeter,webadmin,panel http: diff --git a/http/exposed-panels/coldfusion-administrator-login.yaml b/http/exposed-panels/coldfusion-administrator-login.yaml index 34c1c47217..00499f9885 100644 --- a/http/exposed-panels/coldfusion-administrator-login.yaml +++ b/http/exposed-panels/coldfusion-administrator-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: adobe product: coldfusion - max-request: 1 shodan-query: http.title:"ColdFusion Administrator Login" tags: panel,coldfusion,adobe diff --git a/http/exposed-panels/compal-panel.yaml b/http/exposed-panels/compal-panel.yaml index da24dedcf0..cc63f55471 100644 --- a/http/exposed-panels/compal-panel.yaml +++ b/http/exposed-panels/compal-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: compal product: ch7465lg_firmware - max-request: 1 tags: panel http: diff --git a/http/exposed-panels/concrete5/concrete5-install.yaml b/http/exposed-panels/concrete5/concrete5-install.yaml index 790f6a0047..a1d679f24f 100644 --- a/http/exposed-panels/concrete5/concrete5-install.yaml +++ b/http/exposed-panels/concrete5/concrete5-install.yaml @@ -8,10 +8,10 @@ info: reference: - https://documentation.concretecms.org/developers/introduction/installing-concrete-cms metadata: - vendor: concrete5 - product: concrete5 verified: true max-request: 2 + vendor: concrete5 + product: concrete5 shodan-query: http.title:"Install concrete5" tags: panel,install,concrete,cms diff --git a/http/exposed-panels/concrete5/concrete5-panel.yaml b/http/exposed-panels/concrete5/concrete5-panel.yaml index c4607ba9f9..c2cc91be24 100644 --- a/http/exposed-panels/concrete5/concrete5-panel.yaml +++ b/http/exposed-panels/concrete5/concrete5-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: concrete5 product: concrete5 - max-request: 1 shodan-query: http.title:"concrete5" tags: panel,concrete5,cms diff --git a/http/exposed-panels/connect-box-login.yaml b/http/exposed-panels/connect-box-login.yaml index 3d3d0d5bbf..1c3e540d26 100644 --- a/http/exposed-panels/connect-box-login.yaml +++ b/http/exposed-panels/connect-box-login.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: upc - product: connect_box_eurodocsis_firmware verified: true max-request: 1 + vendor: upc + product: connect_box_eurodocsis_firmware shodan-query: 'NET-DK/1.0' tags: panel,connectbox,iot diff --git a/http/exposed-panels/contao-login-panel.yaml b/http/exposed-panels/contao-login-panel.yaml index d844c97d2d..df2e1392a7 100644 --- a/http/exposed-panels/contao-login-panel.yaml +++ b/http/exposed-panels/contao-login-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: contao - product: contao verified: true max-request: 1 + vendor: contao + product: contao shodan-query: http.html:"Contao Open Source CMS" tags: panel,contao diff --git a/http/exposed-panels/corebos-panel.yaml b/http/exposed-panels/corebos-panel.yaml index f446077572..f38fa3ef82 100644 --- a/http/exposed-panels/corebos-panel.yaml +++ b/http/exposed-panels/corebos-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: corebos - product: corebos verified: true max-request: 1 + vendor: corebos + product: corebos shodan-query: http.html:"corebos" tags: panel,corebos diff --git a/http/exposed-panels/cortex-xsoar-login.yaml b/http/exposed-panels/cortex-xsoar-login.yaml index ff5b8a3ee5..edcdab5c12 100644 --- a/http/exposed-panels/cortex-xsoar-login.yaml +++ b/http/exposed-panels/cortex-xsoar-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: paloaltonetworks product: cortex_xsoar - max-request: 1 shodan-query: http.title:"Cortex XSOAR" tags: panel,soar,login diff --git a/http/exposed-panels/couchdb-exposure.yaml b/http/exposed-panels/couchdb-exposure.yaml index 706f7c881e..3d88603683 100644 --- a/http/exposed-panels/couchdb-exposure.yaml +++ b/http/exposed-panels/couchdb-exposure.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: apache product: couchdb - max-request: 1 tags: panel,couchdb http: diff --git a/http/exposed-panels/couchdb-fauxton.yaml b/http/exposed-panels/couchdb-fauxton.yaml index 30761dec0a..5c6d6078fa 100644 --- a/http/exposed-panels/couchdb-fauxton.yaml +++ b/http/exposed-panels/couchdb-fauxton.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: apache product: couchdb - max-request: 1 tags: panel,apache,couchdb http: diff --git a/http/exposed-panels/cpanel-api-codes.yaml b/http/exposed-panels/cpanel-api-codes.yaml index e85b47462e..6673c6be30 100644 --- a/http/exposed-panels/cpanel-api-codes.yaml +++ b/http/exposed-panels/cpanel-api-codes.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: cpanel - product: cpanel verified: true max-request: 1 + vendor: cpanel + product: cpanel shodan-query: title:"CPanel - API Codes" tags: panel,cpanel diff --git a/http/exposed-panels/craftcms-admin-panel.yaml b/http/exposed-panels/craftcms-admin-panel.yaml index 244b880e84..cea0a19dad 100644 --- a/http/exposed-panels/craftcms-admin-panel.yaml +++ b/http/exposed-panels/craftcms-admin-panel.yaml @@ -11,9 +11,9 @@ info: cwe-id: CWE-200 metadata: max-request: 1 - shodan-query: 'X-Powered-By: Craft CMS' vendor: nystudio107 product: seomatic + shodan-query: 'X-Powered-By: Craft CMS' tags: panel,craftcms http: diff --git a/http/exposed-panels/crush-ftp-login.yaml b/http/exposed-panels/crush-ftp-login.yaml index 3829c2fc36..df8a9bc6ef 100644 --- a/http/exposed-panels/crush-ftp-login.yaml +++ b/http/exposed-panels/crush-ftp-login.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: crushftp - product: crushftp verified: true max-request: 1 + vendor: crushftp + product: crushftp tags: panel,edb,crushftp,detect http: diff --git a/http/exposed-panels/cyberoam-ssl-vpn-panel.yaml b/http/exposed-panels/cyberoam-ssl-vpn-panel.yaml index 4cf892b89e..5c59d9fdd5 100644 --- a/http/exposed-panels/cyberoam-ssl-vpn-panel.yaml +++ b/http/exposed-panels/cyberoam-ssl-vpn-panel.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: sophos product: cyberoam - max-request: 1 shodan-query: title:"Cyberoam SSL VPN Portal" google-query: intitle:"Cyberoam SSL VPN Portal" tags: panel,cyberoam,vpn diff --git a/http/exposed-panels/dahua-web-panel.yaml b/http/exposed-panels/dahua-web-panel.yaml index ff0240d33d..dbf987357a 100644 --- a/http/exposed-panels/dahua-web-panel.yaml +++ b/http/exposed-panels/dahua-web-panel.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - max-request: 1 verified: true + max-request: 1 shodan-query: http.favicon.hash:1653394551 - tags: edb,panel,dahua,panel,detect + tags: edb,panel,dahua,detect http: - method: GET diff --git a/http/exposed-panels/darktrace-threat-visualizer.yaml b/http/exposed-panels/darktrace-threat-visualizer.yaml index 0f3b36231e..f939fb0bc6 100644 --- a/http/exposed-panels/darktrace-threat-visualizer.yaml +++ b/http/exposed-panels/darktrace-threat-visualizer.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: darktrace - product: threat_visualizer verified: true max-request: 1 + vendor: darktrace + product: threat_visualizer shodan-query: html:"Darktrace Threat Visualizer" tags: panel,darktrace diff --git a/http/exposed-panels/dashy-panel.yaml b/http/exposed-panels/dashy-panel.yaml index 96f8923f4a..942705cfc1 100644 --- a/http/exposed-panels/dashy-panel.yaml +++ b/http/exposed-panels/dashy-panel.yaml @@ -7,10 +7,10 @@ info: reference: - https://dashy.to/ metadata: - vendor: dashy - product: dashy verified: true max-request: 1 + vendor: dashy + product: dashy shodan-query: http.favicon.hash:-1013024216 tags: panel,dashy,detect diff --git a/http/exposed-panels/dataease-panel.yaml b/http/exposed-panels/dataease-panel.yaml index e3d22f7525..d40d08046b 100644 --- a/http/exposed-panels/dataease-panel.yaml +++ b/http/exposed-panels/dataease-panel.yaml @@ -9,10 +9,10 @@ info: reference: - https://github.com/dataease/dataease metadata: - vendor: dataease - product: dataease verified: true max-request: 1 + vendor: dataease + product: dataease shodan-query: html:"Dataease" tags: login,panel,dataease diff --git a/http/exposed-panels/daybyday-panel.yaml b/http/exposed-panels/daybyday-panel.yaml index f8c79486c5..d090778640 100644 --- a/http/exposed-panels/daybyday-panel.yaml +++ b/http/exposed-panels/daybyday-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: daybydaycrm product: daybyday - max-request: 1 shodan-query: http.title:"Daybyday" tags: panel,daybyday diff --git a/http/exposed-panels/dell-wyse-login.yaml b/http/exposed-panels/dell-wyse-login.yaml index 593ef7c733..5af00888d3 100644 --- a/http/exposed-panels/dell-wyse-login.yaml +++ b/http/exposed-panels/dell-wyse-login.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: dell product: wyse_management_suite - max-request: 1 tags: panel,dell,login http: diff --git a/http/exposed-panels/deluge-webui-panel.yaml b/http/exposed-panels/deluge-webui-panel.yaml index cba0ea7c3d..1ca006fd12 100644 --- a/http/exposed-panels/deluge-webui-panel.yaml +++ b/http/exposed-panels/deluge-webui-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: deluge-torrent - product: deluge verified: true max-request: 1 + vendor: deluge-torrent + product: deluge shodan-query: title:"Deluge WebUI" tags: panel,deluge diff --git a/http/exposed-panels/digitalrebar-login.yaml b/http/exposed-panels/digitalrebar-login.yaml index 8b82952a33..077962eeab 100644 --- a/http/exposed-panels/digitalrebar-login.yaml +++ b/http/exposed-panels/digitalrebar-login.yaml @@ -13,9 +13,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: rackn product: digital_rebar - max-request: 2 tags: rackn,digitalrebar,panel http: diff --git a/http/exposed-panels/directadmin-login-panel.yaml b/http/exposed-panels/directadmin-login-panel.yaml index cea4c0e560..58c2654eab 100644 --- a/http/exposed-panels/directadmin-login-panel.yaml +++ b/http/exposed-panels/directadmin-login-panel.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: directadmin product: directadmin - max-request: 1 shodan-query: title:"DirectAdmin Login" tags: panel,directadmin diff --git a/http/exposed-panels/django-admin-panel.yaml b/http/exposed-panels/django-admin-panel.yaml index a760c2e53a..8b68445f65 100644 --- a/http/exposed-panels/django-admin-panel.yaml +++ b/http/exposed-panels/django-admin-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: djangoproject product: django - max-request: 1 tags: panel,django,python http: diff --git a/http/exposed-panels/dokuwiki-panel.yaml b/http/exposed-panels/dokuwiki-panel.yaml index 77ccd87fe9..0d5fc93c02 100644 --- a/http/exposed-panels/dokuwiki-panel.yaml +++ b/http/exposed-panels/dokuwiki-panel.yaml @@ -5,12 +5,12 @@ info: author: righettod severity: info description: | - Dokuwiki login panel was detected. + Dokuwiki login panel was detected. reference: - https://www.dokuwiki.org/dokuwiki metadata: - max-request: 1 verified: true + max-request: 1 shodan-query: http.html:"/dokuwiki/" tags: panel,dokuwiki,login diff --git a/http/exposed-panels/dotclear-panel.yaml b/http/exposed-panels/dotclear-panel.yaml index 884582dcea..df2a833506 100644 --- a/http/exposed-panels/dotclear-panel.yaml +++ b/http/exposed-panels/dotclear-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: dotclear product: dotclear - max-request: 2 shodan-query: http.title:"Dotclear" tags: panel,dotclear diff --git a/http/exposed-panels/dotcms-admin-panel.yaml b/http/exposed-panels/dotcms-admin-panel.yaml index add829ab5a..190bc14ff0 100644 --- a/http/exposed-panels/dotcms-admin-panel.yaml +++ b/http/exposed-panels/dotcms-admin-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: dotcms product: dotcms - max-request: 1 tags: panel,dotcms,cms http: diff --git a/http/exposed-panels/drawio-flowchartmaker-panel.yaml b/http/exposed-panels/drawio-flowchartmaker-panel.yaml index ff7b927c55..844d157665 100644 --- a/http/exposed-panels/drawio-flowchartmaker-panel.yaml +++ b/http/exposed-panels/drawio-flowchartmaker-panel.yaml @@ -14,9 +14,9 @@ info: metadata: verified: true max-request: 1 - shodan-query: http.title:"Flowchart Maker" vendor: diagrams product: drawio + shodan-query: http.title:"Flowchart Maker" tags: panel,drawio,oss http: diff --git a/http/exposed-panels/druid-console-exposure.yaml b/http/exposed-panels/druid-console-exposure.yaml index 7a438fa2ce..3118ae9d8a 100644 --- a/http/exposed-panels/druid-console-exposure.yaml +++ b/http/exposed-panels/druid-console-exposure.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: alibaba product: druid - max-request: 1 tags: panel,alibaba,druid http: diff --git a/http/exposed-panels/druid-panel.yaml b/http/exposed-panels/druid-panel.yaml index aa55750ceb..1e76cce227 100644 --- a/http/exposed-panels/druid-panel.yaml +++ b/http/exposed-panels/druid-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: apache product: druid - max-request: 1 tags: panel,druid http: diff --git a/http/exposed-panels/drupal-login.yaml b/http/exposed-panels/drupal-login.yaml index 56a18479ff..962098ecb1 100644 --- a/http/exposed-panels/drupal-login.yaml +++ b/http/exposed-panels/drupal-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: drupal product: drupal - max-request: 2 shodan-query: http.component:"drupal" tags: panel,drupal diff --git a/http/exposed-panels/dzzoffice/dzzoffice-install.yaml b/http/exposed-panels/dzzoffice/dzzoffice-install.yaml index 0f3ec02e33..a4bb505303 100644 --- a/http/exposed-panels/dzzoffice/dzzoffice-install.yaml +++ b/http/exposed-panels/dzzoffice/dzzoffice-install.yaml @@ -10,10 +10,10 @@ info: cvss-score: 7.5 cwe-id: CWE-200 metadata: - vendor: dzzoffice - product: dzzoffice verified: true max-request: 1 + vendor: dzzoffice + product: dzzoffice shodan-query: http.favicon.hash:-1961736892 fofa-query: title="dzzoffice" tags: panel,dzzoffice,install diff --git a/http/exposed-panels/eMerge-panel.yaml b/http/exposed-panels/eMerge-panel.yaml index f7361f4e1f..6b1a7cac97 100644 --- a/http/exposed-panels/eMerge-panel.yaml +++ b/http/exposed-panels/eMerge-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: nortekcontrol - product: linear_emerge_essential_firmware verified: true max-request: 1 + vendor: nortekcontrol + product: linear_emerge_essential_firmware shodan-query: http.title:"eMerge" tags: panel,emerge,nortek diff --git a/http/exposed-panels/easyjob-panel.yaml b/http/exposed-panels/easyjob-panel.yaml index 57e745f496..cab346c730 100644 --- a/http/exposed-panels/easyjob-panel.yaml +++ b/http/exposed-panels/easyjob-panel.yaml @@ -10,8 +10,8 @@ info: - https://www.en.because-software.com/software/easyjob/ metadata: verified: true - shodan-query: "http.title:\"Log in - easyJOB\"" max-request: 1 + shodan-query: "http.title:\"Log in - easyJOB\"" tags: panel,easyjob,login http: diff --git a/http/exposed-panels/edgeos-login.yaml b/http/exposed-panels/edgeos-login.yaml index da3f7fc198..03378f8e1a 100644 --- a/http/exposed-panels/edgeos-login.yaml +++ b/http/exposed-panels/edgeos-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: ui product: edgeos - max-request: 1 tags: login,tech,edgeos,edgemax,panel http: diff --git a/http/exposed-panels/emby-panel.yaml b/http/exposed-panels/emby-panel.yaml index 00f0863524..5894ac5a7c 100644 --- a/http/exposed-panels/emby-panel.yaml +++ b/http/exposed-panels/emby-panel.yaml @@ -14,10 +14,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: emby - product: emby verified: true max-request: 1 + vendor: emby + product: emby shodan-query: http.title:"emby" tags: panel,emby,oss diff --git a/http/exposed-panels/emqx-panel.yaml b/http/exposed-panels/emqx-panel.yaml index 9763a7926a..4218769a62 100644 --- a/http/exposed-panels/emqx-panel.yaml +++ b/http/exposed-panels/emqx-panel.yaml @@ -1,19 +1,19 @@ id: emqx-panel -info: - name: EMQX Login Panel - Detect - author: righettod - severity: info - description: | - EMQX login panel was detected. - reference: - - https://www.emqx.io/ - metadata: - max-request: 1 - verified: true - shodan-query: http.title:"EMQX Dashboard" - tags: panel,emqx,login,detect - +info: + name: EMQX Login Panel - Detect + author: righettod + severity: info + description: | + EMQX login panel was detected. + reference: + - https://www.emqx.io/ + metadata: + verified: true + max-request: 1 + shodan-query: http.title:"EMQX Dashboard" + tags: panel,emqx,login,detect + http: - method: GET path: diff --git a/http/exposed-panels/eset-protect-panel.yaml b/http/exposed-panels/eset-protect-panel.yaml index 17752c45f3..e72c3916b5 100644 --- a/http/exposed-panels/eset-protect-panel.yaml +++ b/http/exposed-panels/eset-protect-panel.yaml @@ -9,8 +9,8 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - max-request: 1 verified: true + max-request: 1 shodan-query: http.favicon.hash:751911084 tags: login,eset,panel,detect diff --git a/http/exposed-panels/esphome-panel.yaml b/http/exposed-panels/esphome-panel.yaml index b426986b08..0fce1b0fe1 100644 --- a/http/exposed-panels/esphome-panel.yaml +++ b/http/exposed-panels/esphome-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: esphome - product: esphome verified: true max-request: 1 + vendor: esphome + product: esphome shodan-query: title:"Login - ESPHome" tags: panel,esphome,iot diff --git a/http/exposed-panels/esxi-system.yaml b/http/exposed-panels/esxi-system.yaml index 117aec83ad..b8d146f86d 100644 --- a/http/exposed-panels/esxi-system.yaml +++ b/http/exposed-panels/esxi-system.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: vmware product: esxi - max-request: 1 shodan-query: html:"esxUiApp" tags: panel,esxi diff --git a/http/exposed-panels/eventum-panel.yaml b/http/exposed-panels/eventum-panel.yaml index 391c67f62c..f104a80b1f 100644 --- a/http/exposed-panels/eventum-panel.yaml +++ b/http/exposed-panels/eventum-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: mysql - product: eventum verified: true max-request: 1 + vendor: mysql + product: eventum shodan-query: http.favicon.hash:305412257 tags: panel,eventum diff --git a/http/exposed-panels/evlink/evse-web-panel.yaml b/http/exposed-panels/evlink/evse-web-panel.yaml index 5a71ae6a55..2c25b4ba57 100644 --- a/http/exposed-panels/evlink/evse-web-panel.yaml +++ b/http/exposed-panels/evlink/evse-web-panel.yaml @@ -5,10 +5,10 @@ info: author: ritikchaddha severity: info metadata: - vendor: schneider-electric - product: evlink_charging_station_firmware verified: true max-request: 2 + vendor: schneider-electric + product: evlink_charging_station_firmware shodan-query: title:"EVSE Web Interface" fofa-query: title="EVSE Web Interface" tags: panel,evlink,evse,login,detect diff --git a/http/exposed-panels/exagrid-manager-panel.yaml b/http/exposed-panels/exagrid-manager-panel.yaml index 96aec4e2ba..e2085e6e0c 100644 --- a/http/exposed-panels/exagrid-manager-panel.yaml +++ b/http/exposed-panels/exagrid-manager-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: exagrid - product: backup_appliance verified: true max-request: 1 + vendor: exagrid + product: backup_appliance shodan-query: title:"ExaGrid Manager" tags: exagrid,manager,login,panel diff --git a/http/exposed-panels/extron-cms-panel.yaml b/http/exposed-panels/extron-cms-panel.yaml index 974c62a430..684411a8e0 100644 --- a/http/exposed-panels/extron-cms-panel.yaml +++ b/http/exposed-panels/extron-cms-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: ektron - product: ektron_content_management_system verified: true max-request: 1 + vendor: ektron + product: ektron_content_management_system shodan-query: http.html:"Ektron" fofa-query: app="Ektron-CMS" tags: panel,ektron,cms diff --git a/http/exposed-panels/f-secure-policy-manager.yaml b/http/exposed-panels/f-secure-policy-manager.yaml index 6748ddde21..445f890a27 100644 --- a/http/exposed-panels/f-secure-policy-manager.yaml +++ b/http/exposed-panels/f-secure-policy-manager.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: withsecure product: f-secure_policy_manager - max-request: 1 shodan-query: http.title:"F-Secure Policy Manager Server" tags: login,panel diff --git a/http/exposed-panels/filebrowser-login-panel.yaml b/http/exposed-panels/filebrowser-login-panel.yaml index d4b5cd986f..7f1e18fd32 100644 --- a/http/exposed-panels/filebrowser-login-panel.yaml +++ b/http/exposed-panels/filebrowser-login-panel.yaml @@ -7,10 +7,10 @@ info: reference: - https://filebrowser.org/ metadata: - vendor: filebrowser - product: filebrowser verified: true max-request: 3 + vendor: filebrowser + product: filebrowser shodan-query: http.favicon.hash:1052926265 tags: panel,filebrowser,detect diff --git a/http/exposed-panels/fiori-launchpad.yaml b/http/exposed-panels/fiori-launchpad.yaml index 104c60a39e..2c84c03072 100644 --- a/http/exposed-panels/fiori-launchpad.yaml +++ b/http/exposed-panels/fiori-launchpad.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: sap - product: fiori_launchpad verified: true max-request: 1 + vendor: sap + product: fiori_launchpad google-query: sap/bc/ui5_ui5/ui2/ushell/shells/abap/FioriLaunchpad.html -site:sap.com tags: sap,fiori,edb,panel diff --git a/http/exposed-panels/fiorilaunchpad-logon.yaml b/http/exposed-panels/fiorilaunchpad-logon.yaml index 9525675211..cd81fb42b5 100644 --- a/http/exposed-panels/fiorilaunchpad-logon.yaml +++ b/http/exposed-panels/fiorilaunchpad-logon.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: sap product: fiori_launchpad - max-request: 1 tags: panel,edb http: diff --git a/http/exposed-panels/fireware-xtm-user-authentication.yaml b/http/exposed-panels/fireware-xtm-user-authentication.yaml index dbe9fc2b3b..ad8862cf85 100644 --- a/http/exposed-panels/fireware-xtm-user-authentication.yaml +++ b/http/exposed-panels/fireware-xtm-user-authentication.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: watchguard product: fireware_xtm - max-request: 1 shodan-query: http.title:"Fireware XTM User Authentication" tags: panel diff --git a/http/exposed-panels/flink-exposure.yaml b/http/exposed-panels/flink-exposure.yaml index 7a01f2fb2b..4f7162e7cd 100644 --- a/http/exposed-panels/flink-exposure.yaml +++ b/http/exposed-panels/flink-exposure.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: apache product: flink - max-request: 1 tags: panel,apache,flink http: diff --git a/http/exposed-panels/forcepoint.yaml b/http/exposed-panels/forcepoint.yaml index 3ffb103470..4f1bb39f15 100644 --- a/http/exposed-panels/forcepoint.yaml +++ b/http/exposed-panels/forcepoint.yaml @@ -11,9 +11,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: forcepoint product: email_security - max-request: 1 tags: forcepoint,panel,login http: diff --git a/http/exposed-panels/forti/fortiadc-panel.yaml b/http/exposed-panels/forti/fortiadc-panel.yaml index 930f41dc50..e2bdc06227 100644 --- a/http/exposed-panels/forti/fortiadc-panel.yaml +++ b/http/exposed-panels/forti/fortiadc-panel.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: fortinet - product: fortiadc verified: true max-request: 1 + vendor: fortinet + product: fortiadc shodan-query: title:"FortiADC" tags: panel,fortinet diff --git a/http/exposed-panels/fortinet/fortiap-panel.yaml b/http/exposed-panels/fortinet/fortiap-panel.yaml index 0ef30aad4b..166646dfa5 100644 --- a/http/exposed-panels/fortinet/fortiap-panel.yaml +++ b/http/exposed-panels/fortinet/fortiap-panel.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: fortinet - product: fortiap verified: true max-request: 1 + vendor: fortinet + product: fortiap shodan-query: title:"FortiAP" tags: panel,fortinet,fortiap diff --git a/http/exposed-panels/fortinet/fortiauthenticator-detect.yaml b/http/exposed-panels/fortinet/fortiauthenticator-detect.yaml index 3aa7a54181..ca5a4d8d3a 100644 --- a/http/exposed-panels/fortinet/fortiauthenticator-detect.yaml +++ b/http/exposed-panels/fortinet/fortiauthenticator-detect.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: fortinet - product: fortiauthenticator verified: true max-request: 1 + vendor: fortinet + product: fortiauthenticator shodan-query: http.favicon.hash:-1653412201 tags: panel,fortinet,fortiauthenticator,detect diff --git a/http/exposed-panels/fortinet/forticlientems-panel.yaml b/http/exposed-panels/fortinet/forticlientems-panel.yaml index 92c39c7c20..3e08c1fb52 100644 --- a/http/exposed-panels/fortinet/forticlientems-panel.yaml +++ b/http/exposed-panels/fortinet/forticlientems-panel.yaml @@ -5,8 +5,8 @@ info: author: h4sh5 severity: info metadata: - max-request: 1 verified: true + max-request: 1 shodan-query: http.favicon.hash:-800551065 tags: panel,fortinet,forticlient,ems,login,detect diff --git a/http/exposed-panels/fortinet/fortimail-panel.yaml b/http/exposed-panels/fortinet/fortimail-panel.yaml index c330d05f00..464d588653 100644 --- a/http/exposed-panels/fortinet/fortimail-panel.yaml +++ b/http/exposed-panels/fortinet/fortimail-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: fortinet product: fortimail - max-request: 1 shodan-query: title:"Fortimail" fofa-query: Fortimail && port=443 tags: panel,fortinet,fortimail,login diff --git a/http/exposed-panels/fortinet/fortinet-fortiddos-panel.yaml b/http/exposed-panels/fortinet/fortinet-fortiddos-panel.yaml index f4d526659c..fb6f9f3dc6 100644 --- a/http/exposed-panels/fortinet/fortinet-fortiddos-panel.yaml +++ b/http/exposed-panels/fortinet/fortinet-fortiddos-panel.yaml @@ -9,10 +9,10 @@ info: reference: - https://www.fortinet.com/products/ddos/fortiddos metadata: - vendor: fortinet - product: fortiddos verified: true max-request: 1 + vendor: fortinet + product: fortiddos shodan-query: http.title:"FortiDDoS" tags: panel,fortinet,fortiddos,login diff --git a/http/exposed-panels/fortinet/fortinet-fortimanager-panel.yaml b/http/exposed-panels/fortinet/fortinet-fortimanager-panel.yaml index 5a45277720..6134d645b5 100644 --- a/http/exposed-panels/fortinet/fortinet-fortimanager-panel.yaml +++ b/http/exposed-panels/fortinet/fortinet-fortimanager-panel.yaml @@ -13,9 +13,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: fortinet product: fortimanager - max-request: 1 tags: panel,fortinet,fortios,fortimanager,detect http: diff --git a/http/exposed-panels/fortinet/fortinet-fortinac-panel.yaml b/http/exposed-panels/fortinet/fortinet-fortinac-panel.yaml index f0dfeee9a1..ed27b3b62d 100644 --- a/http/exposed-panels/fortinet/fortinet-fortinac-panel.yaml +++ b/http/exposed-panels/fortinet/fortinet-fortinac-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: fortinet - product: fortinac verified: true max-request: 1 + vendor: fortinet + product: fortinac shodan-query: http.title:"Fortinac" tags: panel,fortinet,fortinac,login diff --git a/http/exposed-panels/fortinet/fortios-management-panel.yaml b/http/exposed-panels/fortinet/fortios-management-panel.yaml index 5338893cd5..2caa3a76a3 100644 --- a/http/exposed-panels/fortinet/fortios-management-panel.yaml +++ b/http/exposed-panels/fortinet/fortios-management-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: fortinet - product: fortios verified: true max-request: 1 + vendor: fortinet + product: fortios shodan-query: http.favicon.hash:945408572 tags: panel,fortinet,fortios,fortigate,fortiproxy,fortiap diff --git a/http/exposed-panels/fortinet/fortios-panel.yaml b/http/exposed-panels/fortinet/fortios-panel.yaml index d6082f6164..f0148d7165 100644 --- a/http/exposed-panels/fortinet/fortios-panel.yaml +++ b/http/exposed-panels/fortinet/fortios-panel.yaml @@ -13,10 +13,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: fortinet - product: fortios verified: true max-request: 1 + vendor: fortinet + product: fortios shodan-query: http.favicon.hash:945408572 tags: panel,fortinet,fortios diff --git a/http/exposed-panels/fortinet/fortitester-login-panel.yaml b/http/exposed-panels/fortinet/fortitester-login-panel.yaml index 792fabcc30..f96ae991ef 100644 --- a/http/exposed-panels/fortinet/fortitester-login-panel.yaml +++ b/http/exposed-panels/fortinet/fortitester-login-panel.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: fortinet - product: fortitester verified: true max-request: 2 + vendor: fortinet + product: fortitester shodan-query: title:"FortiTester" tags: panel,fortinet diff --git a/http/exposed-panels/fortinet/fortiweb-panel.yaml b/http/exposed-panels/fortinet/fortiweb-panel.yaml index 5bcd8a79fc..f5f8b0c4b7 100644 --- a/http/exposed-panels/fortinet/fortiweb-panel.yaml +++ b/http/exposed-panels/fortinet/fortiweb-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: fortinet product: fortiweb - max-request: 1 tags: panel,fortinet,fortiweb,login http: diff --git a/http/exposed-panels/fortinet/fortiwlm-panel.yaml b/http/exposed-panels/fortinet/fortiwlm-panel.yaml index db8f2529a6..42c0910ce6 100644 --- a/http/exposed-panels/fortinet/fortiwlm-panel.yaml +++ b/http/exposed-panels/fortinet/fortiwlm-panel.yaml @@ -13,9 +13,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: fortinet product: fortiwlm - max-request: 1 shodan-query: html:"fortiwlm" tags: panel,fortinet,fortiwlm,login diff --git a/http/exposed-panels/freeipa-panel.yaml b/http/exposed-panels/freeipa-panel.yaml index 886255aad6..35b7bea0a4 100644 --- a/http/exposed-panels/freeipa-panel.yaml +++ b/http/exposed-panels/freeipa-panel.yaml @@ -12,9 +12,9 @@ info: metadata: verified: true max-request: 2 - shodan-query: html:"FreeIPA" vendor: freeipa product: freeipa + shodan-query: html:"FreeIPA" tags: panel,login,freeipa http: diff --git a/http/exposed-panels/freepbx-administration-panel.yaml b/http/exposed-panels/freepbx-administration-panel.yaml index 0909aef08f..96ae2f465c 100644 --- a/http/exposed-panels/freepbx-administration-panel.yaml +++ b/http/exposed-panels/freepbx-administration-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: sangoma - product: freepbx verified: true max-request: 1 + vendor: sangoma + product: freepbx shodan-query: http.title:"FreePBX Administration" tags: freepbx,panel diff --git a/http/exposed-panels/friendica-panel.yaml b/http/exposed-panels/friendica-panel.yaml index 2e5ca75c30..79aadf4f20 100644 --- a/http/exposed-panels/friendica-panel.yaml +++ b/http/exposed-panels/friendica-panel.yaml @@ -9,10 +9,10 @@ info: reference: - https://friendi.ca metadata: + verified: true + max-request: 1 vendor: friendica product: friendica - max-request: 1 - verified: true shodan-query: http.title:"Friendica" tags: friendica,panel,login,detect diff --git a/http/exposed-panels/froxlor-management-panel.yaml b/http/exposed-panels/froxlor-management-panel.yaml index 5937cce16c..fff70b5d39 100644 --- a/http/exposed-panels/froxlor-management-panel.yaml +++ b/http/exposed-panels/froxlor-management-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: froxlor - product: froxlor verified: true max-request: 1 + vendor: froxlor + product: froxlor shodan-query: title:"Froxlor Server Management Panel" tags: panel,froxlor diff --git a/http/exposed-panels/ftm-manager-panel.yaml b/http/exposed-panels/ftm-manager-panel.yaml index 4858016e4a..47f8841630 100644 --- a/http/exposed-panels/ftm-manager-panel.yaml +++ b/http/exposed-panels/ftm-manager-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: ibm - product: financial_transaction_manager verified: true max-request: 1 + vendor: ibm + product: financial_transaction_manager shodan-query: http.html:"FTM manager" google-query: intitle:"FTM manager" tags: panel,ftm diff --git a/http/exposed-panels/fuelcms-panel.yaml b/http/exposed-panels/fuelcms-panel.yaml index 0809737047..2747e39545 100644 --- a/http/exposed-panels/fuelcms-panel.yaml +++ b/http/exposed-panels/fuelcms-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: daylightstudio product: fuel_cms - max-request: 1 tags: panel,fuelcms,oss http: diff --git a/http/exposed-panels/fusionauth-admin-panel.yaml b/http/exposed-panels/fusionauth-admin-panel.yaml index 688f604d93..f9176e8401 100644 --- a/http/exposed-panels/fusionauth-admin-panel.yaml +++ b/http/exposed-panels/fusionauth-admin-panel.yaml @@ -5,10 +5,10 @@ info: author: ritikchaddha severity: info metadata: - vendor: fusionauth - product: fusionauth verified: true max-request: 2 + vendor: fusionauth + product: fusionauth shodan-query: title:"FusionAuth" tags: panel,fusionauth,detect,login diff --git a/http/exposed-panels/geoserver-login-panel.yaml b/http/exposed-panels/geoserver-login-panel.yaml index d67903eb8f..db520e2c0c 100644 --- a/http/exposed-panels/geoserver-login-panel.yaml +++ b/http/exposed-panels/geoserver-login-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: osgeo - product: geoserver verified: true max-request: 2 + vendor: osgeo + product: geoserver shodan-query: title:"GeoServer" tags: panel,geoserver diff --git a/http/exposed-panels/gerapy-detect.yaml b/http/exposed-panels/gerapy-detect.yaml index 83c0df3f70..958d2b74fc 100644 --- a/http/exposed-panels/gerapy-detect.yaml +++ b/http/exposed-panels/gerapy-detect.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: gerapy product: gerapy - max-request: 1 tags: tech,gerapy,panel http: diff --git a/http/exposed-panels/git-repository-browser.yaml b/http/exposed-panels/git-repository-browser.yaml index deb8670fac..bd80ff0565 100644 --- a/http/exposed-panels/git-repository-browser.yaml +++ b/http/exposed-panels/git-repository-browser.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: cgit_project - product: cgit verified: true max-request: 1 + vendor: cgit_project + product: cgit shodan-query: http.title:"Git repository browser" tags: panel,git diff --git a/http/exposed-panels/gitblit-panel.yaml b/http/exposed-panels/gitblit-panel.yaml index fce628d592..4331b78688 100644 --- a/http/exposed-panels/gitblit-panel.yaml +++ b/http/exposed-panels/gitblit-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: gitblit - product: gitblit verified: true max-request: 1 + vendor: gitblit + product: gitblit shodan-query: http.title:"Gitblit" tags: panel,gitblit diff --git a/http/exposed-panels/gitea-login.yaml b/http/exposed-panels/gitea-login.yaml index 62290646b7..1a07f41166 100644 --- a/http/exposed-panels/gitea-login.yaml +++ b/http/exposed-panels/gitea-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: gitea product: gitea - max-request: 1 shodan-query: html:"Powered by Gitea Version" tags: gitea,panel diff --git a/http/exposed-panels/github-enterprise-detect.yaml b/http/exposed-panels/github-enterprise-detect.yaml index db0daad6a5..efec51ead2 100644 --- a/http/exposed-panels/github-enterprise-detect.yaml +++ b/http/exposed-panels/github-enterprise-detect.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: github - product: enterprise_server verified: true max-request: 1 + vendor: github + product: enterprise_server shodan-query: title:"Setup GitHub Enterprise" tags: panel,github diff --git a/http/exposed-panels/gitlab-detect.yaml b/http/exposed-panels/gitlab-detect.yaml index 0516d66b73..921d981e2c 100644 --- a/http/exposed-panels/gitlab-detect.yaml +++ b/http/exposed-panels/gitlab-detect.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: gitlab product: gitlab - max-request: 1 shodan-query: http.title:"GitLab" tags: panel,gitlab diff --git a/http/exposed-panels/globalprotect-panel.yaml b/http/exposed-panels/globalprotect-panel.yaml index f9350b8029..08821d05fb 100644 --- a/http/exposed-panels/globalprotect-panel.yaml +++ b/http/exposed-panels/globalprotect-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: paloaltonetworks product: globalprotect - max-request: 2 tags: panel,panos,globalprotect http: diff --git a/http/exposed-panels/glpi-panel.yaml b/http/exposed-panels/glpi-panel.yaml index c17c354ec6..edc1a57fc2 100644 --- a/http/exposed-panels/glpi-panel.yaml +++ b/http/exposed-panels/glpi-panel.yaml @@ -13,10 +13,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: glpi-project - product: glpi verified: true max-request: 3 + vendor: glpi-project + product: glpi shodan-query: http.title:"GLPI" tags: glpi,edb,panel diff --git a/http/exposed-panels/gnu-mailman.yaml b/http/exposed-panels/gnu-mailman.yaml index 31df3e6425..6cc84c273e 100644 --- a/http/exposed-panels/gnu-mailman.yaml +++ b/http/exposed-panels/gnu-mailman.yaml @@ -11,10 +11,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: gnu - product: mailman verified: true max-request: 2 + vendor: gnu + product: mailman shodan-query: title:"Mailing Lists" tags: exposure,mailman,panel diff --git a/http/exposed-panels/goanywhere-mft-login.yaml b/http/exposed-panels/goanywhere-mft-login.yaml index 3ec6ceca5d..7a21804a4c 100644 --- a/http/exposed-panels/goanywhere-mft-login.yaml +++ b/http/exposed-panels/goanywhere-mft-login.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - shodan-query: "http.html:\"GoAnywhere Managed File Transfer\"" verified: true max-request: 2 + shodan-query: "http.html:\"GoAnywhere Managed File Transfer\"" tags: panel,goanywhere,login,filetransfer http: diff --git a/http/exposed-panels/gocd-login.yaml b/http/exposed-panels/gocd-login.yaml index b8c929e9fa..7637eb842b 100644 --- a/http/exposed-panels/gocd-login.yaml +++ b/http/exposed-panels/gocd-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: thoughtworks product: gocd - max-request: 1 shodan-query: html:"GoCD Version" tags: go,panel,gocd diff --git a/http/exposed-panels/gogs-panel.yaml b/http/exposed-panels/gogs-panel.yaml index 46b36cf00c..44fa2af58f 100644 --- a/http/exposed-panels/gogs-panel.yaml +++ b/http/exposed-panels/gogs-panel.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: gogs - product: gogs verified: true max-request: 1 + vendor: gogs + product: gogs shodan-query: title:"Sign In - Gogs" google-query: intitle:"Sign In - Gogs" tags: panel,gogs diff --git a/http/exposed-panels/gotify-panel.yaml b/http/exposed-panels/gotify-panel.yaml index b07624127c..803bbfa8f2 100644 --- a/http/exposed-panels/gotify-panel.yaml +++ b/http/exposed-panels/gotify-panel.yaml @@ -8,11 +8,11 @@ info: reference: - https://github.com/gotify/server metadata: + verified: true + max-request: 1 vendor: gotify product: server - verified: true shodan-query: "http.title:\"Gotify\"" - max-request: 1 tags: panel,gotify,login,detect http: diff --git a/http/exposed-panels/gradle/gradle-enterprise-panel.yaml b/http/exposed-panels/gradle/gradle-enterprise-panel.yaml index 4350247967..0d7df36b64 100644 --- a/http/exposed-panels/gradle/gradle-enterprise-panel.yaml +++ b/http/exposed-panels/gradle/gradle-enterprise-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: gradle product: gradle_enterprise - max-request: 1 tags: panel,gradle http: diff --git a/http/exposed-panels/grafana-detect.yaml b/http/exposed-panels/grafana-detect.yaml index d0112812be..87dd552719 100644 --- a/http/exposed-panels/grafana-detect.yaml +++ b/http/exposed-panels/grafana-detect.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + max-request: 2 vendor: grafana product: grafana - max-request: 2 shodan-query: title:"Grafana" category: devops tags: panel,grafana,detect diff --git a/http/exposed-panels/graylog-panel.yaml b/http/exposed-panels/graylog-panel.yaml index d8292b0efe..26860e57d7 100644 --- a/http/exposed-panels/graylog-panel.yaml +++ b/http/exposed-panels/graylog-panel.yaml @@ -9,8 +9,8 @@ info: reference: - https://graylog.org/ metadata: - max-request: 1 verified: true + max-request: 1 shodan-query: http.title:"Graylog Web Interface" tags: panel,graylog,login,detect diff --git a/http/exposed-panels/greenbone-panel.yaml b/http/exposed-panels/greenbone-panel.yaml index a419f87ad2..ccad37c9dc 100644 --- a/http/exposed-panels/greenbone-panel.yaml +++ b/http/exposed-panels/greenbone-panel.yaml @@ -7,10 +7,10 @@ info: description: | Greenbone Security Assistant Web Panel is detected metadata: - vendor: greenbone - product: greenbone_security_assistant verified: true max-request: 1 + vendor: greenbone + product: greenbone_security_assistant shodan-query: http.title:"Greenbone Security Assistant" zoomeye-query: title:"Greenbone Security Assistant" tags: panel,greenbone,login diff --git a/http/exposed-panels/h2console-panel.yaml b/http/exposed-panels/h2console-panel.yaml index a480457cc8..5914a5afc7 100644 --- a/http/exposed-panels/h2console-panel.yaml +++ b/http/exposed-panels/h2console-panel.yaml @@ -13,9 +13,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: h2database product: h2 - max-request: 1 shodan-query: http.title:"H2 Console" tags: panel,h2,console diff --git a/http/exposed-panels/hadoop-exposure.yaml b/http/exposed-panels/hadoop-exposure.yaml index dbc160bd37..16923f83fa 100644 --- a/http/exposed-panels/hadoop-exposure.yaml +++ b/http/exposed-panels/hadoop-exposure.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: apache product: hadoop - max-request: 1 tags: panel,apache,hadoop http: diff --git a/http/exposed-panels/haivision-gateway-panel.yaml b/http/exposed-panels/haivision-gateway-panel.yaml index 37bdc78d5b..0f5d48eeb2 100644 --- a/http/exposed-panels/haivision-gateway-panel.yaml +++ b/http/exposed-panels/haivision-gateway-panel.yaml @@ -9,8 +9,8 @@ info: - https://www.haivision.com/ metadata: verified: true - shodan-query: "http.title:\"Haivision Gateway\"" max-request: 1 + shodan-query: "http.title:\"Haivision Gateway\"" tags: panel,haivision,login,detect http: diff --git a/http/exposed-panels/haivision-media-platform-panel.yaml b/http/exposed-panels/haivision-media-platform-panel.yaml index 762477dbfb..6dc15dc506 100644 --- a/http/exposed-panels/haivision-media-platform-panel.yaml +++ b/http/exposed-panels/haivision-media-platform-panel.yaml @@ -9,9 +9,10 @@ info: - https://www.haivision.com/ metadata: verified: true - shodan-query: "http.title:\"Haivision Media Platform\"" max-request: 1 + shodan-query: "http.title:\"Haivision Media Platform\"" tags: panel,haivision,login,detect + http: - method: GET path: diff --git a/http/exposed-panels/hangfire-dashboard.yaml b/http/exposed-panels/hangfire-dashboard.yaml index f974cce429..1316df6b92 100644 --- a/http/exposed-panels/hangfire-dashboard.yaml +++ b/http/exposed-panels/hangfire-dashboard.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: hangfire - product: hangfire verified: true max-request: 2 + vendor: hangfire + product: hangfire shodan-query: title:"Overview – Hangfire Dashboard" tags: panel,hangfire diff --git a/http/exposed-panels/harbor-panel.yaml b/http/exposed-panels/harbor-panel.yaml index cb62b3d632..d78881cc98 100644 --- a/http/exposed-panels/harbor-panel.yaml +++ b/http/exposed-panels/harbor-panel.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: linuxfoundation - product: harbor verified: true max-request: 1 + vendor: linuxfoundation + product: harbor shodan-query: http.favicon.hash:657337228 tags: panel,harbor diff --git a/http/exposed-panels/hashicorp-consul-agent.yaml b/http/exposed-panels/hashicorp-consul-agent.yaml index b301c564f6..894fb9029e 100644 --- a/http/exposed-panels/hashicorp-consul-agent.yaml +++ b/http/exposed-panels/hashicorp-consul-agent.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: hashicorp product: consul - max-request: 1 tags: tech,consul,api,panel http: diff --git a/http/exposed-panels/hashicorp-consul-webgui.yaml b/http/exposed-panels/hashicorp-consul-webgui.yaml index f145c5876e..a0f6e2652f 100644 --- a/http/exposed-panels/hashicorp-consul-webgui.yaml +++ b/http/exposed-panels/hashicorp-consul-webgui.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: hashicorp product: consul - max-request: 1 shodan-query: http.title:"Consul by HashiCorp" tags: consul,webserver,panel diff --git a/http/exposed-panels/hestia-panel.yaml b/http/exposed-panels/hestia-panel.yaml index db0d291dd2..ffd0c269d7 100644 --- a/http/exposed-panels/hestia-panel.yaml +++ b/http/exposed-panels/hestia-panel.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: hestiacp - product: control_panel verified: true max-request: 1 + vendor: hestiacp + product: control_panel shodan-query: title:"Hestia Control Panel" tags: panel,hestia,detect diff --git a/http/exposed-panels/highmail-admin-panel.yaml b/http/exposed-panels/highmail-admin-panel.yaml index a5d16c540f..4aad26a8b5 100644 --- a/http/exposed-panels/highmail-admin-panel.yaml +++ b/http/exposed-panels/highmail-admin-panel.yaml @@ -12,9 +12,9 @@ info: metadata: verified: true max-request: 2 - shodan-query: title:"HighMail" vendor: aryanic product: high_cms + shodan-query: title:"HighMail" fofa-query: title="HighMail" tags: highmail,panel diff --git a/http/exposed-panels/hmc-hybris-panel.yaml b/http/exposed-panels/hmc-hybris-panel.yaml index 09bba70f9f..733e807000 100644 --- a/http/exposed-panels/hmc-hybris-panel.yaml +++ b/http/exposed-panels/hmc-hybris-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: sap product: hybris - max-request: 2 tags: panel,sap http: diff --git a/http/exposed-panels/homematic-panel.yaml b/http/exposed-panels/homematic-panel.yaml index c9735e9bad..9951e3766f 100644 --- a/http/exposed-panels/homematic-panel.yaml +++ b/http/exposed-panels/homematic-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: eq-3 product: homematic_ccu3_firmware - max-request: 1 shodan-query: http.html:"Homematic" tags: panel,homematic,iot diff --git a/http/exposed-panels/hospital-management-panel.yaml b/http/exposed-panels/hospital-management-panel.yaml index 0b17b41e2c..f70550f92b 100644 --- a/http/exposed-panels/hospital-management-panel.yaml +++ b/http/exposed-panels/hospital-management-panel.yaml @@ -12,9 +12,9 @@ info: metadata: verified: true max-request: 1 - shodan-query: http.html:"Hospital Management System" vendor: hospital_management_system_project product: hospital_management_system + shodan-query: http.html:"Hospital Management System" tags: panel,hms,cms http: diff --git a/http/exposed-panels/hp-ilo-5.yaml b/http/exposed-panels/hp-ilo-5.yaml index de16da4f79..2934f31c1b 100644 --- a/http/exposed-panels/hp-ilo-5.yaml +++ b/http/exposed-panels/hp-ilo-5.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: hpe product: integrated_lights-out_5 - max-request: 1 tags: hp,ilo,panel http: diff --git a/http/exposed-panels/hp-service-manager.yaml b/http/exposed-panels/hp-service-manager.yaml index 5c538175b8..58d4ed23d4 100644 --- a/http/exposed-panels/hp-service-manager.yaml +++ b/http/exposed-panels/hp-service-manager.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: hp product: service_manager - max-request: 2 shodan-query: http.title:"HP Service Manager" tags: panel,hp,service diff --git a/http/exposed-panels/hybris-administration-console.yaml b/http/exposed-panels/hybris-administration-console.yaml index b65bd8c2de..91fea7f349 100644 --- a/http/exposed-panels/hybris-administration-console.yaml +++ b/http/exposed-panels/hybris-administration-console.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: sap - product: hybris verified: true max-request: 1 + vendor: sap + product: hybris shodan-query: title:"Hybris" tags: panel,hybris diff --git a/http/exposed-panels/hydra-dashboard.yaml b/http/exposed-panels/hydra-dashboard.yaml index 1bb9cad958..d15db5e3af 100644 --- a/http/exposed-panels/hydra-dashboard.yaml +++ b/http/exposed-panels/hydra-dashboard.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: hydra_project - product: hydra verified: true max-request: 1 + vendor: hydra_project + product: hydra shodan-query: title:"Hydra Router Dashboard" tags: panel,exposure,hydra diff --git a/http/exposed-panels/ibm/ibm-dcec-panel.yaml b/http/exposed-panels/ibm/ibm-dcec-panel.yaml index 261a8a9e6f..c9c93622be 100644 --- a/http/exposed-panels/ibm/ibm-dcec-panel.yaml +++ b/http/exposed-panels/ibm/ibm-dcec-panel.yaml @@ -10,8 +10,8 @@ info: - https://www.ibm.com/docs/en/odm/8.5.1?topic=console-tutorial-getting-started-decision-center-enterprise metadata: verified: true - shodan-query: "html:\"Decision Center Enterprise console\"" max-request: 1 + shodan-query: "html:\"Decision Center Enterprise console\"" tags: panel,ibm,login,detect,decision-center http: diff --git a/http/exposed-panels/ibm/ibm-decision-server-console.yaml b/http/exposed-panels/ibm/ibm-decision-server-console.yaml index 1a0b1d065f..683eb9c612 100644 --- a/http/exposed-panels/ibm/ibm-decision-server-console.yaml +++ b/http/exposed-panels/ibm/ibm-decision-server-console.yaml @@ -10,8 +10,8 @@ info: - https://www.ibm.com/docs/en/odm/8.12.0?topic=overview-introducing-rule-execution-server metadata: verified: true - shodan-query: "title:\"Rule Execution Server\"" max-request: 1 + shodan-query: "title:\"Rule Execution Server\"" tags: panel,ibm,login,detect,decision-server http: diff --git a/http/exposed-panels/ibm/ibm-maximo-login.yaml b/http/exposed-panels/ibm/ibm-maximo-login.yaml index 8fdcb38405..64b043513c 100644 --- a/http/exposed-panels/ibm/ibm-maximo-login.yaml +++ b/http/exposed-panels/ibm/ibm-maximo-login.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: ibm - product: maximo_asset_management verified: true max-request: 1 + vendor: ibm + product: maximo_asset_management shodan-query: http.favicon.hash:-399298961 tags: maximo,panel,ibm diff --git a/http/exposed-panels/ibm/ibm-mqseries-web-console.yaml b/http/exposed-panels/ibm/ibm-mqseries-web-console.yaml index d08a276f6a..e42c20813d 100644 --- a/http/exposed-panels/ibm/ibm-mqseries-web-console.yaml +++ b/http/exposed-panels/ibm/ibm-mqseries-web-console.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: ibm product: mq - max-request: 1 tags: panel,ibm http: diff --git a/http/exposed-panels/ibm/ibm-note-login.yaml b/http/exposed-panels/ibm/ibm-note-login.yaml index 62b9c1d7d9..57065c6b10 100644 --- a/http/exposed-panels/ibm/ibm-note-login.yaml +++ b/http/exposed-panels/ibm/ibm-note-login.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: ibm product: inotes - max-request: 2 tags: ibm,edb,panel http: diff --git a/http/exposed-panels/ibm/ibm-odm-panel.yaml b/http/exposed-panels/ibm/ibm-odm-panel.yaml index b60c598c01..7acac6cdcd 100644 --- a/http/exposed-panels/ibm/ibm-odm-panel.yaml +++ b/http/exposed-panels/ibm/ibm-odm-panel.yaml @@ -10,8 +10,8 @@ info: - https://www.ibm.com/docs/en/odm/8.12.0 metadata: verified: true - fofa-query: "title=\"Decision Center | Business Console\"" max-request: 1 + fofa-query: "title=\"Decision Center | Business Console\"" tags: panel,ibm,login,detect,decision-center http: diff --git a/http/exposed-panels/ibm/ibm-security-access-manager.yaml b/http/exposed-panels/ibm/ibm-security-access-manager.yaml index 76abc850b0..11d2e3af26 100644 --- a/http/exposed-panels/ibm/ibm-security-access-manager.yaml +++ b/http/exposed-panels/ibm/ibm-security-access-manager.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: ibm product: security_access_manager - max-request: 1 tags: panel,ibm http: diff --git a/http/exposed-panels/ibm/ibm-websphere-admin-panel.yaml b/http/exposed-panels/ibm/ibm-websphere-admin-panel.yaml index ec98ec4f98..37e5855ce9 100644 --- a/http/exposed-panels/ibm/ibm-websphere-admin-panel.yaml +++ b/http/exposed-panels/ibm/ibm-websphere-admin-panel.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: ibm - product: websphere_application_server verified: true max-request: 1 + vendor: ibm + product: websphere_application_server shodan-query: http.favicon.hash:1337147129 tags: websphere,panel,ibm diff --git a/http/exposed-panels/ibm/ibm-websphere-panel.yaml b/http/exposed-panels/ibm/ibm-websphere-panel.yaml index 9614ab70e6..2be941a5ff 100644 --- a/http/exposed-panels/ibm/ibm-websphere-panel.yaml +++ b/http/exposed-panels/ibm/ibm-websphere-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: ibm product: websphere_portal - max-request: 1 shodan-query: http.html:"IBM WebSphere Portal" tags: ibm,websphere,panel diff --git a/http/exposed-panels/icewarp-panel-detect.yaml b/http/exposed-panels/icewarp-panel-detect.yaml index 13597f6e51..2502ec3af9 100644 --- a/http/exposed-panels/icewarp-panel-detect.yaml +++ b/http/exposed-panels/icewarp-panel-detect.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: icewarp - product: icewarp_server verified: true max-request: 1 + vendor: icewarp + product: icewarp_server shodan-query: title:"icewarp" tags: icewarp,panel diff --git a/http/exposed-panels/icinga-web-login.yaml b/http/exposed-panels/icinga-web-login.yaml index f9f5606198..97fd31e870 100644 --- a/http/exposed-panels/icinga-web-login.yaml +++ b/http/exposed-panels/icinga-web-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: icinga product: icinga_web_2 - max-request: 1 shodan-query: http.title:"Icinga Web 2 Login" tags: panel,icinga diff --git a/http/exposed-panels/ictprotege-login-panel.yaml b/http/exposed-panels/ictprotege-login-panel.yaml index 5a21ff03fd..a1964275a2 100644 --- a/http/exposed-panels/ictprotege-login-panel.yaml +++ b/http/exposed-panels/ictprotege-login-panel.yaml @@ -9,10 +9,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: ict - product: protege_wx_firmware verified: true max-request: 1 + vendor: ict + product: protege_wx_firmware shodan-query: title:"ICT Protege WX®" tags: panel,ictprotege diff --git a/http/exposed-panels/identity-services-engine.yaml b/http/exposed-panels/identity-services-engine.yaml index ae61409a97..ab553d5b63 100644 --- a/http/exposed-panels/identity-services-engine.yaml +++ b/http/exposed-panels/identity-services-engine.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: cisco product: identity_services_engine - max-request: 2 shodan-query: http.title:"Identity Services Engine" tags: panel diff --git a/http/exposed-panels/ilch-admin-panel.yaml b/http/exposed-panels/ilch-admin-panel.yaml index 8a0eef000c..50638884d3 100644 --- a/http/exposed-panels/ilch-admin-panel.yaml +++ b/http/exposed-panels/ilch-admin-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: ilch - product: cms verified: true max-request: 1 + vendor: ilch + product: cms shodan-query: http.title:"Ilch" tags: panel,ilch,cms diff --git a/http/exposed-panels/ilias-panel.yaml b/http/exposed-panels/ilias-panel.yaml index cdf20a437c..8a1bb2b165 100644 --- a/http/exposed-panels/ilias-panel.yaml +++ b/http/exposed-panels/ilias-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: ilias - product: ilias verified: true max-request: 2 + vendor: ilias + product: ilias shodan-query: http.html:"ILIAS" tags: panel,ilias diff --git a/http/exposed-panels/incapptic-connect-panel.yaml b/http/exposed-panels/incapptic-connect-panel.yaml index 49afdca033..ad047c0e5a 100644 --- a/http/exposed-panels/incapptic-connect-panel.yaml +++ b/http/exposed-panels/incapptic-connect-panel.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: ivanti product: incapptic_connect - max-request: 2 shodan-query: - http.title:"incapptic" - http.favicon.hash:-1067582922 diff --git a/http/exposed-panels/influxdb-panel.yaml b/http/exposed-panels/influxdb-panel.yaml index ab0802f948..91ee222908 100644 --- a/http/exposed-panels/influxdb-panel.yaml +++ b/http/exposed-panels/influxdb-panel.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: influxdata product: influxdb - max-request: 1 shodan-query: http.title:"InfluxDB - Admin Interface" tags: panel,influxdb diff --git a/http/exposed-panels/intelbras-panel.yaml b/http/exposed-panels/intelbras-panel.yaml index 8af8f34cdc..7108c39692 100644 --- a/http/exposed-panels/intelbras-panel.yaml +++ b/http/exposed-panels/intelbras-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: intelbras - product: cip_92200_firmware verified: true max-request: 1 + vendor: intelbras + product: cip_92200_firmware shodan-query: http.title:"Intelbras" fofa-query: app="Intelbras" tags: panel,intelbras diff --git a/http/exposed-panels/intellian-aptus-panel.yaml b/http/exposed-panels/intellian-aptus-panel.yaml index 6cce467701..84d29e9963 100644 --- a/http/exposed-panels/intellian-aptus-panel.yaml +++ b/http/exposed-panels/intellian-aptus-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: intelliantech product: aptus_web - max-request: 1 shodan-query: http.title:"Intellian Aptus Web" tags: panel,intellian,aptus diff --git a/http/exposed-panels/itop-panel.yaml b/http/exposed-panels/itop-panel.yaml index 6dc1d85c63..8741f882c6 100644 --- a/http/exposed-panels/itop-panel.yaml +++ b/http/exposed-panels/itop-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: combodo product: itop - max-request: 2 tags: panel,itop http: diff --git a/http/exposed-panels/ivanti-connect-secure-panel.yaml b/http/exposed-panels/ivanti-connect-secure-panel.yaml index 8d52e50256..adbcd55e24 100644 --- a/http/exposed-panels/ivanti-connect-secure-panel.yaml +++ b/http/exposed-panels/ivanti-connect-secure-panel.yaml @@ -9,10 +9,10 @@ info: reference: - https://www.ivanti.com/products/connect-secure-vpn metadata: - vendor: ivanti - product: "connect_secure" verified: true max-request: 2 + vendor: ivanti + product: "connect_secure" shodan-query: "title:\"Ivanti Connect Secure\"" tags: panel,connectsecure,login diff --git a/http/exposed-panels/jaspersoft-panel.yaml b/http/exposed-panels/jaspersoft-panel.yaml index fabc5e6c50..2cbc667312 100644 --- a/http/exposed-panels/jaspersoft-panel.yaml +++ b/http/exposed-panels/jaspersoft-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: tibco product: jaspersoft - max-request: 2 shodan-query: http.title:"Jaspersoft" tags: panel,jaspersoft diff --git a/http/exposed-panels/jboss/jboss-jbpm-admin.yaml b/http/exposed-panels/jboss/jboss-jbpm-admin.yaml index ce4aa5a3fc..d08a9661e1 100644 --- a/http/exposed-panels/jboss/jboss-jbpm-admin.yaml +++ b/http/exposed-panels/jboss/jboss-jbpm-admin.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: redhat - product: jbpm verified: true max-request: 1 + vendor: redhat + product: jbpm shodan-query: html:"JBossWS" tags: jboss,panel,login diff --git a/http/exposed-panels/jboss/jboss-juddi.yaml b/http/exposed-panels/jboss/jboss-juddi.yaml index 03abbd6150..6578d224f3 100644 --- a/http/exposed-panels/jboss/jboss-juddi.yaml +++ b/http/exposed-panels/jboss/jboss-juddi.yaml @@ -14,10 +14,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: redhat - product: jboss_enterprise_web_platform verified: true max-request: 2 + vendor: redhat + product: jboss_enterprise_web_platform shodan-query: html:"JBoss WS" tags: panel,jboss,juddi diff --git a/http/exposed-panels/jboss/jboss-soa-platform.yaml b/http/exposed-panels/jboss/jboss-soa-platform.yaml index 9ecabe2e87..cbf28711a8 100644 --- a/http/exposed-panels/jboss/jboss-soa-platform.yaml +++ b/http/exposed-panels/jboss/jboss-soa-platform.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: redhat - product: jboss_soa_platform verified: true max-request: 1 + vendor: redhat + product: jboss_soa_platform shodan-query: http.title:"Welcome to the JBoss SOA Platform" tags: panel,jboss,soa diff --git a/http/exposed-panels/jboss/jmx-console.yaml b/http/exposed-panels/jboss/jmx-console.yaml index 9e6761685a..1aeae2b7d4 100644 --- a/http/exposed-panels/jboss/jmx-console.yaml +++ b/http/exposed-panels/jboss/jmx-console.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: redhat product: jboss_keycloak - max-request: 1 tags: panel,jmx,jboss http: diff --git a/http/exposed-panels/jboss/wildfly-panel.yaml b/http/exposed-panels/jboss/wildfly-panel.yaml index 112b7b3885..f7ba784876 100644 --- a/http/exposed-panels/jboss/wildfly-panel.yaml +++ b/http/exposed-panels/jboss/wildfly-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: redhat product: wildfly - max-request: 1 tags: panel,jboss,wildfly http: diff --git a/http/exposed-panels/jcms-panel.yaml b/http/exposed-panels/jcms-panel.yaml index 45eea31872..ba9e61d16c 100644 --- a/http/exposed-panels/jcms-panel.yaml +++ b/http/exposed-panels/jcms-panel.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: jalios - product: jcms verified: true max-request: 2 + vendor: jalios + product: jcms shodan-query: html:"Jalios JCMS" tags: panel,jalios,jcms diff --git a/http/exposed-panels/jedox-web-panel.yaml b/http/exposed-panels/jedox-web-panel.yaml index 73a2c3df6c..07bffbe275 100644 --- a/http/exposed-panels/jedox-web-panel.yaml +++ b/http/exposed-panels/jedox-web-panel.yaml @@ -9,10 +9,10 @@ info: reference: - https://www.jedox.com metadata: - vendor: jedox - product: jedox verified: true max-request: 2 + vendor: jedox + product: jedox shodan-query: title:"Jedox Web - Login" google-query: intitle:"Jedox Web Login" tags: panel,jedox,detect diff --git a/http/exposed-panels/jeedom-panel.yaml b/http/exposed-panels/jeedom-panel.yaml index d414a82b1f..a54170c3be 100644 --- a/http/exposed-panels/jeedom-panel.yaml +++ b/http/exposed-panels/jeedom-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: jeedom product: jeedom - max-request: 1 shodan-query: http.title:"Jeedom" tags: panel,jeedom,login diff --git a/http/exposed-panels/jenkins-api-panel.yaml b/http/exposed-panels/jenkins-api-panel.yaml index 65f75fa141..d13c090b55 100644 --- a/http/exposed-panels/jenkins-api-panel.yaml +++ b/http/exposed-panels/jenkins-api-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: jenkins product: jenkins - max-request: 1 tags: panel,api,jenkins http: diff --git a/http/exposed-panels/jenkins-login.yaml b/http/exposed-panels/jenkins-login.yaml index 6a701fefdd..9e68929b23 100644 --- a/http/exposed-panels/jenkins-login.yaml +++ b/http/exposed-panels/jenkins-login.yaml @@ -11,9 +11,9 @@ info: classification: cwe-id: CWE-200 metadata: + max-request: 1 vendor: jenkins product: jenkins - max-request: 1 tags: panel,jenkins http: diff --git a/http/exposed-panels/joomla-panel.yaml b/http/exposed-panels/joomla-panel.yaml index 1721eb61eb..5d0ab505da 100644 --- a/http/exposed-panels/joomla-panel.yaml +++ b/http/exposed-panels/joomla-panel.yaml @@ -5,9 +5,9 @@ info: author: its0x08 severity: info metadata: + max-request: 1 vendor: joomla product: joomla\! - max-request: 1 tags: panel,joomla http: diff --git a/http/exposed-panels/juniper-panel.yaml b/http/exposed-panels/juniper-panel.yaml index ec676d5857..5c83e5d06e 100644 --- a/http/exposed-panels/juniper-panel.yaml +++ b/http/exposed-panels/juniper-panel.yaml @@ -12,8 +12,8 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - max-request: 1 verified: true + max-request: 1 shodan-query: "http.title:\"Juniper Web Device Manager\"" tags: panel,juniper,vpn,login diff --git a/http/exposed-panels/kafka-center-login.yaml b/http/exposed-panels/kafka-center-login.yaml index 068e7c4aa9..62c33df669 100644 --- a/http/exposed-panels/kafka-center-login.yaml +++ b/http/exposed-panels/kafka-center-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: apache product: kafka - max-request: 1 shodan-query: http.title:"Kafka Center" tags: panel,kafka diff --git a/http/exposed-panels/kafka-consumer-monitor.yaml b/http/exposed-panels/kafka-consumer-monitor.yaml index 7d08b03ee6..59c0f0b74f 100644 --- a/http/exposed-panels/kafka-consumer-monitor.yaml +++ b/http/exposed-panels/kafka-consumer-monitor.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: apache product: kafka - max-request: 1 shodan-query: http.title:"Kafka Consumer Offset Monitor" tags: panel,kafka diff --git a/http/exposed-panels/kafka-monitoring.yaml b/http/exposed-panels/kafka-monitoring.yaml index 85100877bf..21f365f948 100644 --- a/http/exposed-panels/kafka-monitoring.yaml +++ b/http/exposed-panels/kafka-monitoring.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: apache product: kafka - max-request: 1 tags: panel,kafka,apache http: diff --git a/http/exposed-panels/kafka-topics-ui.yaml b/http/exposed-panels/kafka-topics-ui.yaml index d080d4d4d1..9f66b87b54 100644 --- a/http/exposed-panels/kafka-topics-ui.yaml +++ b/http/exposed-panels/kafka-topics-ui.yaml @@ -12,10 +12,10 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + max-request: 2 vendor: provectus product: ui platform: kafka - max-request: 2 tags: panel,kafka,apache,detect http: diff --git a/http/exposed-panels/kanboard-login.yaml b/http/exposed-panels/kanboard-login.yaml index 5c326f50c4..4bd84b1d64 100644 --- a/http/exposed-panels/kanboard-login.yaml +++ b/http/exposed-panels/kanboard-login.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: kanboard - product: kanboard verified: true max-request: 1 + vendor: kanboard + product: kanboard shodan-query: http.favicon.hash:2056442365 tags: panel,kanboard diff --git a/http/exposed-panels/keycloak-admin-panel.yaml b/http/exposed-panels/keycloak-admin-panel.yaml index a142a38f4e..a952d44ffe 100644 --- a/http/exposed-panels/keycloak-admin-panel.yaml +++ b/http/exposed-panels/keycloak-admin-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: redhat - product: keycloak verified: true max-request: 3 + vendor: redhat + product: keycloak shodan-query: http.favicon.hash:-1105083093 tags: panel,keycloak diff --git a/http/exposed-panels/kibana-panel.yaml b/http/exposed-panels/kibana-panel.yaml index fd9fd032ae..595dca82d5 100644 --- a/http/exposed-panels/kibana-panel.yaml +++ b/http/exposed-panels/kibana-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 3 vendor: elastic product: kibana - max-request: 3 shodan-query: http.title:"Kibana" tags: panel,kibana diff --git a/http/exposed-panels/kiteworks-pcn-panel.yaml b/http/exposed-panels/kiteworks-pcn-panel.yaml index b3fff568e9..da2abfba3b 100644 --- a/http/exposed-panels/kiteworks-pcn-panel.yaml +++ b/http/exposed-panels/kiteworks-pcn-panel.yaml @@ -9,10 +9,10 @@ info: reference: - https://www.kiteworks.com/platform/private-content-network/ metadata: - vendor: accellion - product: kiteworks verified: true max-request: 1 + vendor: accellion + product: kiteworks shodan-query: http.favicon.hash:-1215318992 tags: panel,kiteworks,login,detect diff --git a/http/exposed-panels/kiwitcms-login.yaml b/http/exposed-panels/kiwitcms-login.yaml index bae7446228..1a1e018a37 100644 --- a/http/exposed-panels/kiwitcms-login.yaml +++ b/http/exposed-panels/kiwitcms-login.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: kiwitcms product: kiwi_tcms - max-request: 1 shodan-query: title:"Kiwi TCMS - Login",http.favicon.hash:-1909533337 tags: kiwitcms,panel diff --git a/http/exposed-panels/koel-panel.yaml b/http/exposed-panels/koel-panel.yaml index a853402fae..6999a1227d 100644 --- a/http/exposed-panels/koel-panel.yaml +++ b/http/exposed-panels/koel-panel.yaml @@ -1,20 +1,20 @@ id: koel-panel -info: - name: Koel Panel - Detect - author: rxerium - severity: info - description: | - Personal audio streaming service that works. - reference: - - https://koel.dev/ - - https://github.com/koel/koel - metadata: - max-request: 1 - shodan-query: title:"Koel" - verified: true - tags: panel,koel,login - +info: + name: Koel Panel - Detect + author: rxerium + severity: info + description: | + Personal audio streaming service that works. + reference: + - https://koel.dev/ + - https://github.com/koel/koel + metadata: + verified: true + max-request: 1 + shodan-query: title:"Koel" + tags: panel,koel,login + http: - method: GET path: diff --git a/http/exposed-panels/konga-panel.yaml b/http/exposed-panels/konga-panel.yaml index 3b8ebd50b4..5a8e18597f 100644 --- a/http/exposed-panels/konga-panel.yaml +++ b/http/exposed-panels/konga-panel.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: pantsel product: konga - max-request: 1 tags: tech,konga,oss,panel http: diff --git a/http/exposed-panels/kopano-webapp-panel.yaml b/http/exposed-panels/kopano-webapp-panel.yaml index 9246023f13..5ae68768a3 100644 --- a/http/exposed-panels/kopano-webapp-panel.yaml +++ b/http/exposed-panels/kopano-webapp-panel.yaml @@ -9,8 +9,8 @@ info: - https://kopano.com/ metadata: verified: true - shodan-query: "http.title:\"Kopano WebApp\"" max-request: 1 + shodan-query: "http.title:\"Kopano WebApp\"" tags: panel,kopano,login,detect http: diff --git a/http/exposed-panels/kubernetes-dashboard.yaml b/http/exposed-panels/kubernetes-dashboard.yaml index ca56f933c2..e9c37c8cb2 100644 --- a/http/exposed-panels/kubernetes-dashboard.yaml +++ b/http/exposed-panels/kubernetes-dashboard.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: kubernetes product: dashboard - max-request: 1 tags: panel,kubernetes,devops http: diff --git a/http/exposed-panels/kubernetes-enterprise-manager.yaml b/http/exposed-panels/kubernetes-enterprise-manager.yaml index 3fb74be415..8f2f51c657 100644 --- a/http/exposed-panels/kubernetes-enterprise-manager.yaml +++ b/http/exposed-panels/kubernetes-enterprise-manager.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: kubernetes product: kubernetes - max-request: 1 fofa-query: app="Kubernetes-Enterprise-Manager" tags: tech,kubernetes,panel diff --git a/http/exposed-panels/kubernetes-web-view.yaml b/http/exposed-panels/kubernetes-web-view.yaml index 3fd1029aa4..da6ef9c1df 100644 --- a/http/exposed-panels/kubernetes-web-view.yaml +++ b/http/exposed-panels/kubernetes-web-view.yaml @@ -10,10 +10,10 @@ info: cvss-score: 6.5 cwe-id: CWE-200 metadata: - vendor: kubernetes - product: kubernetes verified: true max-request: 2 + vendor: kubernetes + product: kubernetes shodan-query: title:"Kubernetes Web View" tags: panel,misconfig,kubernetes,k8s diff --git a/http/exposed-panels/kubeview-dashboard.yaml b/http/exposed-panels/kubeview-dashboard.yaml index c3582a3a84..af931ccd4c 100644 --- a/http/exposed-panels/kubeview-dashboard.yaml +++ b/http/exposed-panels/kubeview-dashboard.yaml @@ -11,10 +11,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: kubeview_project - product: kubeview verified: true max-request: 1 + vendor: kubeview_project + product: kubeview shodan-query: http.favicon.hash:-379154636 tags: exposure,k8s,kubernetes,kubeview,dashboard,panel diff --git a/http/exposed-panels/labkey-server-login.yaml b/http/exposed-panels/labkey-server-login.yaml index bc64d03cf3..c6e9d69af1 100644 --- a/http/exposed-panels/labkey-server-login.yaml +++ b/http/exposed-panels/labkey-server-login.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: labkey - product: labkey_server verified: true max-request: 2 + vendor: labkey + product: labkey_server shodan-query: 'title:"Sign In: /home"' tags: panel,labkey diff --git a/http/exposed-panels/labtech-panel.yaml b/http/exposed-panels/labtech-panel.yaml index 0274fcb1b5..6243730a35 100644 --- a/http/exposed-panels/labtech-panel.yaml +++ b/http/exposed-panels/labtech-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: labtech_software product: labtech - max-request: 1 tags: panel,labtech http: diff --git a/http/exposed-panels/lansweeper-login.yaml b/http/exposed-panels/lansweeper-login.yaml index 422e3649b2..87c4d65c1e 100644 --- a/http/exposed-panels/lansweeper-login.yaml +++ b/http/exposed-panels/lansweeper-login.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: lansweeper - product: lansweeper verified: true max-request: 1 + vendor: lansweeper + product: lansweeper shodan-query: title:"Lansweeper - Login" tags: lansweeper,tech,panel diff --git a/http/exposed-panels/lenovo-fp-panel.yaml b/http/exposed-panels/lenovo-fp-panel.yaml index 7a54863b9f..0a7443216e 100644 --- a/http/exposed-panels/lenovo-fp-panel.yaml +++ b/http/exposed-panels/lenovo-fp-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: lenovo - product: fan_power_controller verified: true max-request: 2 + vendor: lenovo + product: fan_power_controller shodan-query: http.html:"Fan and Power Controller" tags: panel,lenovo diff --git a/http/exposed-panels/librenms-login.yaml b/http/exposed-panels/librenms-login.yaml index 49ebdc5cb6..4fa143db6b 100644 --- a/http/exposed-panels/librenms-login.yaml +++ b/http/exposed-panels/librenms-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: librenms product: librenms - max-request: 1 fofa-query: title="librenms" tags: librenms,panel diff --git a/http/exposed-panels/liferay-portal.yaml b/http/exposed-panels/liferay-portal.yaml index b40ffbe27c..6c278de1da 100644 --- a/http/exposed-panels/liferay-portal.yaml +++ b/http/exposed-panels/liferay-portal.yaml @@ -13,10 +13,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: liferay - product: liferay_portal verified: true max-request: 3 + vendor: liferay + product: liferay_portal shodan-query: http.favicon.hash:129457226 tags: panel,liferay,portal diff --git a/http/exposed-panels/linkerd-panel.yaml b/http/exposed-panels/linkerd-panel.yaml index 438f592a75..4cd4360108 100644 --- a/http/exposed-panels/linkerd-panel.yaml +++ b/http/exposed-panels/linkerd-panel.yaml @@ -11,10 +11,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: linkerd - product: linkerd verified: true max-request: 1 + vendor: linkerd + product: linkerd shodan-query: html:"data-controller-namespace" tags: panel,misconfig,linkerd,exposure diff --git a/http/exposed-panels/linshare-panel.yaml b/http/exposed-panels/linshare-panel.yaml index 841ffa3bf1..c412357d02 100644 --- a/http/exposed-panels/linshare-panel.yaml +++ b/http/exposed-panels/linshare-panel.yaml @@ -10,8 +10,8 @@ info: - https://github.com/linagora/linshare metadata: verified: true - shodan-query: "http.title:\"LinShare\"" max-request: 3 + shodan-query: "http.title:\"LinShare\"" tags: panel,linshare,login,detect http: diff --git a/http/exposed-panels/livehelperchat-admin-panel.yaml b/http/exposed-panels/livehelperchat-admin-panel.yaml index e20135a318..b781466cbf 100644 --- a/http/exposed-panels/livehelperchat-admin-panel.yaml +++ b/http/exposed-panels/livehelperchat-admin-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: livehelperchat - product: live_helper_chat verified: true max-request: 1 + vendor: livehelperchat + product: live_helper_chat shodan-query: title:"Live Helper Chat" fofa-query: title="Live Helper Chat" tags: livehelperchat,panel diff --git a/http/exposed-panels/livezilla-login-panel.yaml b/http/exposed-panels/livezilla-login-panel.yaml index 675913a67c..b57a1a2a51 100644 --- a/http/exposed-panels/livezilla-login-panel.yaml +++ b/http/exposed-panels/livezilla-login-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: livezilla product: livezilla - max-request: 1 tags: panel,livezilla,login http: diff --git a/http/exposed-panels/lockself-panel.yaml b/http/exposed-panels/lockself-panel.yaml index 8320d7f0e1..8c4a58d4e3 100644 --- a/http/exposed-panels/lockself-panel.yaml +++ b/http/exposed-panels/lockself-panel.yaml @@ -9,8 +9,8 @@ info: reference: - https://www.lockself.com/en/ metadata: - max-request: 1 verified: true + max-request: 1 shodan-query: http.title:"LockSelf" tags: panel,lockself,login,detect diff --git a/http/exposed-panels/magento-admin-panel.yaml b/http/exposed-panels/magento-admin-panel.yaml index 251ae42753..fb9c26455a 100644 --- a/http/exposed-panels/magento-admin-panel.yaml +++ b/http/exposed-panels/magento-admin-panel.yaml @@ -13,10 +13,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: magento - product: magento verified: true max-request: 1 + vendor: magento + product: magento shodan-query: http.component:"Magento" tags: magento,panel diff --git a/http/exposed-panels/magento-downloader-panel.yaml b/http/exposed-panels/magento-downloader-panel.yaml index b8736accd0..8353daa5ff 100644 --- a/http/exposed-panels/magento-downloader-panel.yaml +++ b/http/exposed-panels/magento-downloader-panel.yaml @@ -10,10 +10,10 @@ info: - https://magentary.com/kb/restrict-access-to-magento-downloader/ - https://www.mageplaza.com/kb/how-to-stop-brute-force-attacks-magento.html#solution-3 metadata: - vendor: magento - product: magento verified: true max-request: 1 + vendor: magento + product: magento shodan-query: http.component:"Magento" tags: magento,exposure,panel diff --git a/http/exposed-panels/mantisbt-panel.yaml b/http/exposed-panels/mantisbt-panel.yaml index c2bddf7c7b..b958ca9e42 100644 --- a/http/exposed-panels/mantisbt-panel.yaml +++ b/http/exposed-panels/mantisbt-panel.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: mantisbt - product: mantisbt verified: true max-request: 1 + vendor: mantisbt + product: mantisbt shodan-query: http.favicon.hash:662709064 tags: panel,mantisbt diff --git a/http/exposed-panels/matomo-login-portal.yaml b/http/exposed-panels/matomo-login-portal.yaml index c222b63519..2b95be2aad 100644 --- a/http/exposed-panels/matomo-login-portal.yaml +++ b/http/exposed-panels/matomo-login-portal.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: matomo product: matomo - max-request: 2 tags: panel,matomo http: diff --git a/http/exposed-panels/memos-panel.yaml b/http/exposed-panels/memos-panel.yaml index 3add461831..2deb05edcf 100644 --- a/http/exposed-panels/memos-panel.yaml +++ b/http/exposed-panels/memos-panel.yaml @@ -10,10 +10,10 @@ info: - https://github.com/usememos/memos - https://www.usememos.com/ metadata: - vendor: usememos - product: memos verified: true max-request: 2 + vendor: usememos + product: memos shodan-query: title:"Memos" tags: panel,memos,detect diff --git a/http/exposed-panels/meshcentral-login.yaml b/http/exposed-panels/meshcentral-login.yaml index c642238b62..a974e0f453 100644 --- a/http/exposed-panels/meshcentral-login.yaml +++ b/http/exposed-panels/meshcentral-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: meshcentral product: meshcentral - max-request: 1 shodan-query: http.title:"MeshCentral - Login" tags: panel,meshcentral diff --git a/http/exposed-panels/metabase-panel.yaml b/http/exposed-panels/metabase-panel.yaml index ec18105032..a0d0697db8 100644 --- a/http/exposed-panels/metabase-panel.yaml +++ b/http/exposed-panels/metabase-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: metabase product: metabase - max-request: 1 shodan-query: http.title:"Metabase" tags: panel,metabase,login diff --git a/http/exposed-panels/metasploit-panel.yaml b/http/exposed-panels/metasploit-panel.yaml index 4fdd7ddbfc..45a0fa43b1 100644 --- a/http/exposed-panels/metasploit-panel.yaml +++ b/http/exposed-panels/metasploit-panel.yaml @@ -11,10 +11,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: rapid7 - product: metasploit verified: true max-request: 1 + vendor: rapid7 + product: metasploit shodan-query: http.title:"metasploit" zoomeye-query: title:'Metasploit' tags: panel,metasploit,login diff --git a/http/exposed-panels/metasploit-setup-page.yaml b/http/exposed-panels/metasploit-setup-page.yaml index f8aabddbe1..047b6d04bf 100644 --- a/http/exposed-panels/metasploit-setup-page.yaml +++ b/http/exposed-panels/metasploit-setup-page.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: rapid7 - product: metasploit verified: true max-request: 1 + vendor: rapid7 + product: metasploit shodan-query: title:"Metasploit - Setup and Configuration" tags: panel,metasploit,setup diff --git a/http/exposed-panels/metersphere-login.yaml b/http/exposed-panels/metersphere-login.yaml index 22dd896853..34f4a52c1d 100644 --- a/http/exposed-panels/metersphere-login.yaml +++ b/http/exposed-panels/metersphere-login.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: metersphere product: metersphere - max-request: 2 tags: panel,metersphere http: diff --git a/http/exposed-panels/mfiles-web-detect.yaml b/http/exposed-panels/mfiles-web-detect.yaml index 827535c503..870b41c22c 100644 --- a/http/exposed-panels/mfiles-web-detect.yaml +++ b/http/exposed-panels/mfiles-web-detect.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: m-files - product: m-files verified: true max-request: 2 + vendor: m-files + product: m-files shodan-query: http.html:"M-Files Web" tags: panel,m-files diff --git a/http/exposed-panels/microfocus-admin-server.yaml b/http/exposed-panels/microfocus-admin-server.yaml index b897eea24c..f3d94bd472 100644 --- a/http/exposed-panels/microfocus-admin-server.yaml +++ b/http/exposed-panels/microfocus-admin-server.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: microfocus - product: enterprise_server verified: true max-request: 1 + vendor: microfocus + product: enterprise_server shodan-query: "Micro Focus DSD" tags: panel,exposure,microfocus,admin diff --git a/http/exposed-panels/microfocus-filr-panel.yaml b/http/exposed-panels/microfocus-filr-panel.yaml index fcf59071b0..9f373be17c 100644 --- a/http/exposed-panels/microfocus-filr-panel.yaml +++ b/http/exposed-panels/microfocus-filr-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: microfocus - product: filr verified: true max-request: 1 + vendor: microfocus + product: filr shodan-query: http.html:"Micro Focus Filr" tags: panel,microfocus,filr diff --git a/http/exposed-panels/microfocus-vibe-panel.yaml b/http/exposed-panels/microfocus-vibe-panel.yaml index f3530c3ff9..f0d13210ed 100644 --- a/http/exposed-panels/microfocus-vibe-panel.yaml +++ b/http/exposed-panels/microfocus-vibe-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: microfocus - product: vibe verified: true max-request: 1 + vendor: microfocus + product: vibe shodan-query: http.html:"Micro Focus Vibe" tags: panel,microfocus,vibe diff --git a/http/exposed-panels/microsoft-exchange-panel.yaml b/http/exposed-panels/microsoft-exchange-panel.yaml index d23b0420d6..ea6114a43d 100644 --- a/http/exposed-panels/microsoft-exchange-panel.yaml +++ b/http/exposed-panels/microsoft-exchange-panel.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: microsoft product: exchange_server - max-request: 1 tags: microsoft,panel,exchange http: diff --git a/http/exposed-panels/mikrotik/mikrotik-routeros-old.yaml b/http/exposed-panels/mikrotik/mikrotik-routeros-old.yaml index b8728ff54f..ec36fa71f4 100644 --- a/http/exposed-panels/mikrotik/mikrotik-routeros-old.yaml +++ b/http/exposed-panels/mikrotik/mikrotik-routeros-old.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: mikrotik - product: routeros verified: true max-request: 1 + vendor: mikrotik + product: routeros shodan-query: title:"mikrotik routeros > administration" tags: panel,login,mikrotik diff --git a/http/exposed-panels/mikrotik/mikrotik-routeros.yaml b/http/exposed-panels/mikrotik/mikrotik-routeros.yaml index d0f91c241c..6c7741a886 100644 --- a/http/exposed-panels/mikrotik/mikrotik-routeros.yaml +++ b/http/exposed-panels/mikrotik/mikrotik-routeros.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: mikrotik product: routeros - max-request: 1 tags: panel,login http: diff --git a/http/exposed-panels/mini-start-page.yaml b/http/exposed-panels/mini-start-page.yaml index cf0b66c23f..c1baf26ef8 100644 --- a/http/exposed-panels/mini-start-page.yaml +++ b/http/exposed-panels/mini-start-page.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: miniweb_http_server_project product: miniweb_http_server - max-request: 2 tags: edb,panel http: diff --git a/http/exposed-panels/minio-browser.yaml b/http/exposed-panels/minio-browser.yaml index c4e0e259b2..623d30429a 100644 --- a/http/exposed-panels/minio-browser.yaml +++ b/http/exposed-panels/minio-browser.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: minio product: minio - max-request: 1 shodan-query: title:"MinIO Browser" tags: panel,minio diff --git a/http/exposed-panels/misp-panel.yaml b/http/exposed-panels/misp-panel.yaml index a0ba58e250..bdc513bfed 100644 --- a/http/exposed-panels/misp-panel.yaml +++ b/http/exposed-panels/misp-panel.yaml @@ -5,10 +5,10 @@ info: author: johnk3r severity: info metadata: - vendor: misp - product: misp verified: "true" max-request: 1 + vendor: misp + product: misp shodan-query: http.title:"Users - MISP" tags: panel,misp diff --git a/http/exposed-panels/mitel-panel-detect.yaml b/http/exposed-panels/mitel-panel-detect.yaml index 66c1f3158a..2bf77b2006 100644 --- a/http/exposed-panels/mitel-panel-detect.yaml +++ b/http/exposed-panels/mitel-panel-detect.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: mitel - product: cmg_suite verified: true max-request: 2 + vendor: mitel + product: cmg_suite shodan-query: http.html:"Mitel Networks" tags: panel,mitel diff --git a/http/exposed-panels/modoboa-panel.yaml b/http/exposed-panels/modoboa-panel.yaml index 78651f5988..ef2ede0458 100644 --- a/http/exposed-panels/modoboa-panel.yaml +++ b/http/exposed-panels/modoboa-panel.yaml @@ -13,10 +13,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: modoboa - product: modoboa verified: true max-request: 2 + vendor: modoboa + product: modoboa shodan-query: http.favicon.hash:1949005079 tags: panel,modoboa,mail diff --git a/http/exposed-panels/monstra-admin-panel.yaml b/http/exposed-panels/monstra-admin-panel.yaml index 120b7d53b7..9fd87000d5 100644 --- a/http/exposed-panels/monstra-admin-panel.yaml +++ b/http/exposed-panels/monstra-admin-panel.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: monstra - product: monstra_cms verified: true max-request: 1 + vendor: monstra + product: monstra_cms shodan-query: http.favicon.hash:419828698 tags: panel,monstra diff --git a/http/exposed-panels/moodle-workplace-panel.yaml b/http/exposed-panels/moodle-workplace-panel.yaml index 3745874349..09c838fa5a 100644 --- a/http/exposed-panels/moodle-workplace-panel.yaml +++ b/http/exposed-panels/moodle-workplace-panel.yaml @@ -9,8 +9,8 @@ info: reference: - https://moodle.com/solutions/workplace/ metadata: - max-request: 1 verified: true + max-request: 1 shodan-query: http.html:"moodle" tags: panel,moodle,login,detect diff --git a/http/exposed-panels/movable-type-login.yaml b/http/exposed-panels/movable-type-login.yaml index bb8e03961d..c7d962c8e0 100644 --- a/http/exposed-panels/movable-type-login.yaml +++ b/http/exposed-panels/movable-type-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: sixapart product: movable_type - max-request: 2 shodan-query: title:"サインイン | Movable Type Pro" tags: panel,movable diff --git a/http/exposed-panels/ms-exchange-web-service.yaml b/http/exposed-panels/ms-exchange-web-service.yaml index 5167adde1f..569dae271f 100644 --- a/http/exposed-panels/ms-exchange-web-service.yaml +++ b/http/exposed-panels/ms-exchange-web-service.yaml @@ -10,10 +10,10 @@ info: - https://learn.microsoft.com/en-us/exchange/client-developer/exchange-web-services/start-using-web-services-in-exchange - https://pentestlab.blog/tag/ews/ metadata: + verified: true + max-request: 1 vendor: microsoft product: exchange_server - max-request: 1 - verified: true shodan-query: http.favicon.hash:1768726119 tags: ms,microsoft,exchange,tech diff --git a/http/exposed-panels/mybb-forum-detect.yaml b/http/exposed-panels/mybb-forum-detect.yaml index cffdfce9ce..ef47e7e588 100644 --- a/http/exposed-panels/mybb-forum-detect.yaml +++ b/http/exposed-panels/mybb-forum-detect.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: mybb - product: mybb verified: true max-request: 1 + vendor: mybb + product: mybb shodan-query: http.title:"MyBB" tags: panel,mybb,forum diff --git a/http/exposed-panels/mybb/mybb-forum-install.yaml b/http/exposed-panels/mybb/mybb-forum-install.yaml index aae4256c95..75db797ee9 100644 --- a/http/exposed-panels/mybb/mybb-forum-install.yaml +++ b/http/exposed-panels/mybb/mybb-forum-install.yaml @@ -10,10 +10,10 @@ info: cvss-score: 8.6 cwe-id: CWE-200 metadata: - vendor: mybb - product: mybb verified: true max-request: 1 + vendor: mybb + product: mybb shodan-query: http.title:"MyBB" tags: panel,mybb,forum diff --git a/http/exposed-panels/nagios-panel.yaml b/http/exposed-panels/nagios-panel.yaml index 5fc299119e..1c7a8f5512 100644 --- a/http/exposed-panels/nagios-panel.yaml +++ b/http/exposed-panels/nagios-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: nagios - product: nagios verified: true max-request: 2 + vendor: nagios + product: nagios shodan-query: http.title:"nagios" tags: panel,nagios diff --git a/http/exposed-panels/nagios-xi-panel.yaml b/http/exposed-panels/nagios-xi-panel.yaml index a68c95faab..f791557f27 100644 --- a/http/exposed-panels/nagios-xi-panel.yaml +++ b/http/exposed-panels/nagios-xi-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: nagios - product: nagios_xi verified: true max-request: 2 + vendor: nagios + product: nagios_xi shodan-query: http.title:"Nagios XI" tags: panel,nagios,nagios-xi diff --git a/http/exposed-panels/nagvis-panel.yaml b/http/exposed-panels/nagvis-panel.yaml index 83a9c464d5..ff6ee66b75 100644 --- a/http/exposed-panels/nagvis-panel.yaml +++ b/http/exposed-panels/nagvis-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: nagvis - product: nagvis verified: true max-request: 2 + vendor: nagvis + product: nagvis shodan-query: http.html:"NagVis" tags: panel,nagvis diff --git a/http/exposed-panels/neo4j-browser.yaml b/http/exposed-panels/neo4j-browser.yaml index fcccde19d7..dee96f05c8 100644 --- a/http/exposed-panels/neo4j-browser.yaml +++ b/http/exposed-panels/neo4j-browser.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: neo4j product: neo4j - max-request: 1 shodan-query: http.title:"Neo4j Browser" tags: neo4j,exposure,unauth,panel diff --git a/http/exposed-panels/neocase-hrportal-panel.yaml b/http/exposed-panels/neocase-hrportal-panel.yaml index 9553b9d410..b04668962f 100644 --- a/http/exposed-panels/neocase-hrportal-panel.yaml +++ b/http/exposed-panels/neocase-hrportal-panel.yaml @@ -1,19 +1,19 @@ id: neocase-hrportal-panel -info: - name: Neocase HR Portal Login Panel - Detect - author: righettod - severity: info - description: | - Neocase HR Portal login panel was detected. - reference: - - https://www.neocasesoftware.com/neocase-hr-solution/ - - https://www.neocasesoftware.com/self-service-portal-module/ - metadata: - max-request: 1 - verified: true - tags: panel,neocase,login,detect - +info: + name: Neocase HR Portal Login Panel - Detect + author: righettod + severity: info + description: | + Neocase HR Portal login panel was detected. + reference: + - https://www.neocasesoftware.com/neocase-hr-solution/ + - https://www.neocasesoftware.com/self-service-portal-module/ + metadata: + verified: true + max-request: 1 + tags: panel,neocase,login,detect + http: - method: GET path: diff --git a/http/exposed-panels/nessus-panel.yaml b/http/exposed-panels/nessus-panel.yaml index c7b11ae514..908a7cdda6 100644 --- a/http/exposed-panels/nessus-panel.yaml +++ b/http/exposed-panels/nessus-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: tenable - product: nessus verified: true max-request: 2 + vendor: tenable + product: nessus shodan-query: title:"Nessus" tags: panel,nessus diff --git a/http/exposed-panels/netdata-dashboard-detected.yaml b/http/exposed-panels/netdata-dashboard-detected.yaml index ebe645c0aa..a26a1588fc 100644 --- a/http/exposed-panels/netdata-dashboard-detected.yaml +++ b/http/exposed-panels/netdata-dashboard-detected.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: netdata product: netdata - max-request: 1 shodan-query: 'Server: NetData Embedded HTTP Server' tags: netdata,panel,tech diff --git a/http/exposed-panels/netdata-panel.yaml b/http/exposed-panels/netdata-panel.yaml index 33de1024c3..2ac97f890f 100644 --- a/http/exposed-panels/netdata-panel.yaml +++ b/http/exposed-panels/netdata-panel.yaml @@ -13,9 +13,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: netdata product: netdata - max-request: 1 shodan-query: http.title:"netdata dashboard" tags: panel,netdata diff --git a/http/exposed-panels/netflix-conductor-ui.yaml b/http/exposed-panels/netflix-conductor-ui.yaml index 44a6554199..a991a2d7df 100644 --- a/http/exposed-panels/netflix-conductor-ui.yaml +++ b/http/exposed-panels/netflix-conductor-ui.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: netflix product: conductor - max-request: 1 shodan-query: http.title:"Conductor UI", http.title:"Workflow UI" tags: webserver,netflix,conductor,panel diff --git a/http/exposed-panels/netscaler-aaa-login.yaml b/http/exposed-panels/netscaler-aaa-login.yaml index dba398c216..fdc03cdf7a 100644 --- a/http/exposed-panels/netscaler-aaa-login.yaml +++ b/http/exposed-panels/netscaler-aaa-login.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: citrix product: netscaler - max-request: 1 tags: panel,netscaler,login,edb http: diff --git a/http/exposed-panels/netscaler-gateway.yaml b/http/exposed-panels/netscaler-gateway.yaml index 4916858c92..abf59c6fce 100644 --- a/http/exposed-panels/netscaler-gateway.yaml +++ b/http/exposed-panels/netscaler-gateway.yaml @@ -11,9 +11,9 @@ info: classification: cwe-id: CWE-200 metadata: + max-request: 1 vendor: citrix product: netscaler_gateway - max-request: 1 tags: panel,netscaler http: diff --git a/http/exposed-panels/nexus-panel.yaml b/http/exposed-panels/nexus-panel.yaml index 2fd91757b1..e6d6747568 100644 --- a/http/exposed-panels/nexus-panel.yaml +++ b/http/exposed-panels/nexus-panel.yaml @@ -1,19 +1,19 @@ id: nexus-panel -info: - name: Nexus Login Panel - Detect - author: righettod - severity: info - description: | - Nexus login panel was detected. - reference: - - https://www.sonatype.com/products/sonatype-nexus-repository - metadata: - max-request: 1 - verified: true - shodan-query: http.title:"Sonatype Nexus Repository" - tags: panel,nexus,login,detect - +info: + name: Nexus Login Panel - Detect + author: righettod + severity: info + description: | + Nexus login panel was detected. + reference: + - https://www.sonatype.com/products/sonatype-nexus-repository + metadata: + verified: true + max-request: 1 + shodan-query: http.title:"Sonatype Nexus Repository" + tags: panel,nexus,login,detect + http: - method: GET path: diff --git a/http/exposed-panels/nginx-ui-dashboard.yaml b/http/exposed-panels/nginx-ui-dashboard.yaml index 9934f813f1..9e1fc95377 100644 --- a/http/exposed-panels/nginx-ui-dashboard.yaml +++ b/http/exposed-panels/nginx-ui-dashboard.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: f5 - product: nginx verified: true max-request: 1 + vendor: f5 + product: nginx shodan-query: http.title:"nginx ui" tags: panel,nginx,exposure diff --git a/http/exposed-panels/nzbget-panel.yaml b/http/exposed-panels/nzbget-panel.yaml index 74a410defc..554c9d6629 100644 --- a/http/exposed-panels/nzbget-panel.yaml +++ b/http/exposed-panels/nzbget-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: nzbget - product: nzbget verified: true max-request: 1 + vendor: nzbget + product: nzbget shodan-query: html:"NZBGet" tags: panel,nzbget diff --git a/http/exposed-panels/ocomon-panel.yaml b/http/exposed-panels/ocomon-panel.yaml index 1af4108b16..fc440ae5d1 100644 --- a/http/exposed-panels/ocomon-panel.yaml +++ b/http/exposed-panels/ocomon-panel.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: ocomon_project - product: ocomon verified: true max-request: 1 + vendor: ocomon_project + product: ocomon shodan-query: http.html:"OcoMon" tags: panel,ocomon,oss diff --git a/http/exposed-panels/octoprint-login.yaml b/http/exposed-panels/octoprint-login.yaml index 03610ae22d..0e7c84d770 100644 --- a/http/exposed-panels/octoprint-login.yaml +++ b/http/exposed-panels/octoprint-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: octoprint product: octoprint - max-request: 2 tags: octoprint,panel http: diff --git a/http/exposed-panels/odoo-database-manager.yaml b/http/exposed-panels/odoo-database-manager.yaml index 6ac1a75ad0..af6f0bbe24 100644 --- a/http/exposed-panels/odoo-database-manager.yaml +++ b/http/exposed-panels/odoo-database-manager.yaml @@ -6,10 +6,10 @@ info: severity: low description: Odoo database manager was discovered. metadata: - vendor: odoo - product: odoo verified: true max-request: 1 + vendor: odoo + product: odoo shodan-query: title:"Odoo" tags: panel,odoo,backup diff --git a/http/exposed-panels/odoo-panel.yaml b/http/exposed-panels/odoo-panel.yaml index 6ec8974b6a..6d73536d88 100644 --- a/http/exposed-panels/odoo-panel.yaml +++ b/http/exposed-panels/odoo-panel.yaml @@ -5,10 +5,10 @@ info: author: DhiyaneshDK,righettod severity: info metadata: - vendor: odoo - product: odoo verified: true max-request: 2 + vendor: odoo + product: odoo shodan-query: "title:\"Odoo\"" tags: login,panel,odoo diff --git a/http/exposed-panels/office-webapps-panel.yaml b/http/exposed-panels/office-webapps-panel.yaml index d739a604fc..7691d2eb40 100644 --- a/http/exposed-panels/office-webapps-panel.yaml +++ b/http/exposed-panels/office-webapps-panel.yaml @@ -11,10 +11,10 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-668 metadata: - vendor: microsoft - product: office_web_apps_server verified: true max-request: 2 + vendor: microsoft + product: office_web_apps_server shodan-query: html:"Provide a link that opens Word" tags: panel,office-webapps,login,microsoft diff --git a/http/exposed-panels/oipm-detect.yaml b/http/exposed-panels/oipm-detect.yaml index f2797d2e47..7820d6529d 100644 --- a/http/exposed-panels/oipm-detect.yaml +++ b/http/exposed-panels/oipm-detect.yaml @@ -11,9 +11,9 @@ info: classification: cwe-id: CWE-200 metadata: + max-request: 1 vendor: oneidentity product: password_manager - max-request: 1 tags: panel http: diff --git a/http/exposed-panels/onlyoffice-login-panel.yaml b/http/exposed-panels/onlyoffice-login-panel.yaml index 170a58a8da..e8174e144b 100644 --- a/http/exposed-panels/onlyoffice-login-panel.yaml +++ b/http/exposed-panels/onlyoffice-login-panel.yaml @@ -7,10 +7,10 @@ info: description: | ONLYOFFICE Community Server is a free open-source collaborative system developed to manage documents, projects, customer relationship and email correspondence. metadata: - vendor: onlyoffice - product: onlyoffice verified: true max-request: 2 + vendor: onlyoffice + product: onlyoffice fofa-query: app="ONLYOFFICE" && (icon_hash="1928933157" || icon_hash="826083956" || icon_hash="-1380930248" || icon_hash="-285544629" || icon_hash="812741391") tags: panel,onlyoffice,detect diff --git a/http/exposed-panels/open-stack-dashboard-login.yaml b/http/exposed-panels/open-stack-dashboard-login.yaml index dae5f1d0a7..f4553f56c4 100644 --- a/http/exposed-panels/open-stack-dashboard-login.yaml +++ b/http/exposed-panels/open-stack-dashboard-login.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: openstack product: horizon - max-request: 2 tags: panel,openstack,edb http: diff --git a/http/exposed-panels/openam-panel.yaml b/http/exposed-panels/openam-panel.yaml index a4db76d899..9b2bff1092 100644 --- a/http/exposed-panels/openam-panel.yaml +++ b/http/exposed-panels/openam-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 20 vendor: forgerock product: openam - max-request: 20 shodan-query: http.title:"OpenAM" tags: panel,openam,opensso,login diff --git a/http/exposed-panels/opencart-panel.yaml b/http/exposed-panels/opencart-panel.yaml index 8937b81f49..197a269c9e 100644 --- a/http/exposed-panels/opencart-panel.yaml +++ b/http/exposed-panels/opencart-panel.yaml @@ -13,10 +13,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: opencart - product: opencart verified: true max-request: 2 + vendor: opencart + product: opencart shodan-query: html:"OpenCart" tags: panel,opencart diff --git a/http/exposed-panels/opencats-panel.yaml b/http/exposed-panels/opencats-panel.yaml index 726993962b..41b76868b9 100644 --- a/http/exposed-panels/opencats-panel.yaml +++ b/http/exposed-panels/opencats-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: opencats - product: opencats verified: true max-request: 2 + vendor: opencats + product: opencats shodan-query: title:"opencats" tags: panel,opencats diff --git a/http/exposed-panels/openemr-detect.yaml b/http/exposed-panels/openemr-detect.yaml index b937181a8d..e620846dab 100644 --- a/http/exposed-panels/openemr-detect.yaml +++ b/http/exposed-panels/openemr-detect.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: open-emr product: openemr - max-request: 1 shodan-query: http.html:"OpenEMR" fofa-query: app="OpenEMR" tags: panel,openemr diff --git a/http/exposed-panels/openerp-database.yaml b/http/exposed-panels/openerp-database.yaml index edfbc584fe..a6c10ed2d5 100644 --- a/http/exposed-panels/openerp-database.yaml +++ b/http/exposed-panels/openerp-database.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: odoo product: odoo - max-request: 1 tags: openerp,panel http: diff --git a/http/exposed-panels/openfire-admin-panel.yaml b/http/exposed-panels/openfire-admin-panel.yaml index 26b3083d45..3ad9debf08 100644 --- a/http/exposed-panels/openfire-admin-panel.yaml +++ b/http/exposed-panels/openfire-admin-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: igniterealtime - product: openfire verified: true max-request: 2 + vendor: igniterealtime + product: openfire shodan-query: http.title:"Openfire Admin Console" tags: panel,openfire,admin,console diff --git a/http/exposed-panels/opennms-web-console.yaml b/http/exposed-panels/opennms-web-console.yaml index e4d40eb5dc..c5a3211ebb 100644 --- a/http/exposed-panels/opennms-web-console.yaml +++ b/http/exposed-panels/opennms-web-console.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: opennms product: opennms - max-request: 1 tags: panel,login,edb http: diff --git a/http/exposed-panels/opensis-panel.yaml b/http/exposed-panels/opensis-panel.yaml index 3af481e229..bbb0774f4f 100644 --- a/http/exposed-panels/opensis-panel.yaml +++ b/http/exposed-panels/opensis-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: os4ed product: opensis - max-request: 2 shodan-query: http.title:"openSIS" tags: panel,opensis,login diff --git a/http/exposed-panels/openvas-panel.yaml b/http/exposed-panels/openvas-panel.yaml index 859816e410..cea986e5eb 100644 --- a/http/exposed-panels/openvas-panel.yaml +++ b/http/exposed-panels/openvas-panel.yaml @@ -1,19 +1,19 @@ id: openvas-panel -info: - name: OpenVas Login Panel - Detect - author: rxerium - severity: info - description: | - An OpenVas Admin login panel was detected. - reference: - - https://openvas.org/ - metadata: - verified: true - max-request: 1 - shodan-query: http.favicon.hash:1606029165 - tags: panel,openvas,admin,login - +info: + name: OpenVas Login Panel - Detect + author: rxerium + severity: info + description: | + An OpenVas Admin login panel was detected. + reference: + - https://openvas.org/ + metadata: + verified: true + max-request: 1 + shodan-query: http.favicon.hash:1606029165 + tags: panel,openvas,admin,login + http: - method: GET path: diff --git a/http/exposed-panels/openvpn-admin.yaml b/http/exposed-panels/openvpn-admin.yaml index 65de53af16..f518a76697 100644 --- a/http/exposed-panels/openvpn-admin.yaml +++ b/http/exposed-panels/openvpn-admin.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: openvpn - product: openvpn verified: true max-request: 3 + vendor: openvpn + product: openvpn shodan-query: http.title:"OpenVPN-Admin" tags: panel,openvpn,admin,config diff --git a/http/exposed-panels/openvpn-connect.yaml b/http/exposed-panels/openvpn-connect.yaml index a883215722..b6e9715307 100644 --- a/http/exposed-panels/openvpn-connect.yaml +++ b/http/exposed-panels/openvpn-connect.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: openvpn - product: connect verified: true max-request: 1 + vendor: openvpn + product: connect shodan-query: http.title:"openvpn connect" tags: panel,openvpn,connect,vpn diff --git a/http/exposed-panels/openvpn-router-management.yaml b/http/exposed-panels/openvpn-router-management.yaml index 68924acee3..0609596f94 100644 --- a/http/exposed-panels/openvpn-router-management.yaml +++ b/http/exposed-panels/openvpn-router-management.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: openvpn - product: openvpn verified: true max-request: 1 + vendor: openvpn + product: openvpn shodan-query: http.html:"Router Management - Server OpenVPN" tags: panel,openvpn,router diff --git a/http/exposed-panels/openwrt-login.yaml b/http/exposed-panels/openwrt-login.yaml index d2b8eb0104..407db7f929 100644 --- a/http/exposed-panels/openwrt-login.yaml +++ b/http/exposed-panels/openwrt-login.yaml @@ -8,9 +8,9 @@ info: - https://openwrt.org - https://github.com/openwrt/luci metadata: + max-request: 2 vendor: openwrt product: openwrt - max-request: 2 shodan-query: http.title:"OpenWrt - LuCI" tags: openwrt,router,panel diff --git a/http/exposed-panels/openwrt/openwrt-luci-panel.yaml b/http/exposed-panels/openwrt/openwrt-luci-panel.yaml index 46672d82d0..a3b256e4c7 100644 --- a/http/exposed-panels/openwrt/openwrt-luci-panel.yaml +++ b/http/exposed-panels/openwrt/openwrt-luci-panel.yaml @@ -8,9 +8,9 @@ info: reference: - https://forum.archive.openwrt.org/viewtopic.php?id=16611 metadata: + max-request: 1 vendor: x-wrt product: luci - max-request: 1 shodan-query: http.title:"OpenWrt - LuCI" tags: panel,default-login,openwrt diff --git a/http/exposed-panels/openx-panel.yaml b/http/exposed-panels/openx-panel.yaml index 1c325c2c86..306dd2665e 100644 --- a/http/exposed-panels/openx-panel.yaml +++ b/http/exposed-panels/openx-panel.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + verified: true + max-request: 2 vendor: revive-adserver product: revive_adserver - max-request: 2 - verified: true shodan-query: title:"Revive Adserver" tags: panel,openx,revive,adserver,login diff --git a/http/exposed-panels/opinio-panel.yaml b/http/exposed-panels/opinio-panel.yaml index 09b147b9f2..630dd6b54e 100644 --- a/http/exposed-panels/opinio-panel.yaml +++ b/http/exposed-panels/opinio-panel.yaml @@ -8,8 +8,8 @@ info: reference: - https://www.objectplanet.com/opinio/ metadata: - max-request: 2 verified: true + max-request: 2 shodan-query: http.title:"Opinio" tags: panel,opinio,login,detect diff --git a/http/exposed-panels/oracle-business-control.yaml b/http/exposed-panels/oracle-business-control.yaml index be2dd9d9df..9c6ab2f819 100644 --- a/http/exposed-panels/oracle-business-control.yaml +++ b/http/exposed-panels/oracle-business-control.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: oracle product: commerce - max-request: 1 shodan-query: http.title:"Oracle Commerce" tags: oracle,login,panel diff --git a/http/exposed-panels/oracle-business-intelligence.yaml b/http/exposed-panels/oracle-business-intelligence.yaml index d7ae1d6cd0..b13faa7623 100644 --- a/http/exposed-panels/oracle-business-intelligence.yaml +++ b/http/exposed-panels/oracle-business-intelligence.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: oracle - product: business_intelligence verified: true max-request: 1 + vendor: oracle + product: business_intelligence shodan-query: http.title:"Oracle Business Intelligence Sign In" tags: panel,oracle diff --git a/http/exposed-panels/oracle-enterprise-manager-login.yaml b/http/exposed-panels/oracle-enterprise-manager-login.yaml index 0429654995..09d4fd7414 100644 --- a/http/exposed-panels/oracle-enterprise-manager-login.yaml +++ b/http/exposed-panels/oracle-enterprise-manager-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: oracle product: enterprise_manager_base_platform - max-request: 1 tags: panel,oracle,manager,login http: diff --git a/http/exposed-panels/oracle-people-enterprise.yaml b/http/exposed-panels/oracle-people-enterprise.yaml index b6f8d9eb14..c66f554e6e 100644 --- a/http/exposed-panels/oracle-people-enterprise.yaml +++ b/http/exposed-panels/oracle-people-enterprise.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: oracle product: peoplesoft_enterprise - max-request: 1 shodan-query: http.title:"Oracle Peoplesoft Enterprise" tags: oracle,login,panel diff --git a/http/exposed-panels/orchid-vms-panel.yaml b/http/exposed-panels/orchid-vms-panel.yaml index adb2ece8f0..6e004f6356 100644 --- a/http/exposed-panels/orchid-vms-panel.yaml +++ b/http/exposed-panels/orchid-vms-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: ipconfigure product: orchid_core_vms - max-request: 1 shodan-query: http.title:"Orchid Core VMS" tags: panel,orchid diff --git a/http/exposed-panels/osticket-panel.yaml b/http/exposed-panels/osticket-panel.yaml index adae92d55b..159c5f2925 100644 --- a/http/exposed-panels/osticket-panel.yaml +++ b/http/exposed-panels/osticket-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: osticket - product: osticket verified: true max-request: 2 + vendor: osticket + product: osticket shodan-query: http.html:"powered by osTicket" tags: panel,osticket diff --git a/http/exposed-panels/osticket/osticket-install.yaml b/http/exposed-panels/osticket/osticket-install.yaml index cb77d01e57..7b2afd01f3 100644 --- a/http/exposed-panels/osticket/osticket-install.yaml +++ b/http/exposed-panels/osticket/osticket-install.yaml @@ -10,10 +10,10 @@ info: cvss-score: 9.4 cwe-id: CWE-284 metadata: - vendor: osticket - product: osticket verified: true max-request: 2 + vendor: osticket + product: osticket shodan-query: http.title:"osTicket Installer" tags: panel,osticket,install diff --git a/http/exposed-panels/pahtool-panel.yaml b/http/exposed-panels/pahtool-panel.yaml index a358c7a48c..27d2b92510 100644 --- a/http/exposed-panels/pahtool-panel.yaml +++ b/http/exposed-panels/pahtool-panel.yaml @@ -9,8 +9,8 @@ info: reference: - http://www.inovultus.com/index.html metadata: - max-request: 1 verified: true + max-request: 1 shodan-query: http.title:"PAHTool" tags: panel,pahtool,login,detect diff --git a/http/exposed-panels/pairdrop-panel.yaml b/http/exposed-panels/pairdrop-panel.yaml index 42812f5aae..bfe8e9d6c3 100644 --- a/http/exposed-panels/pairdrop-panel.yaml +++ b/http/exposed-panels/pairdrop-panel.yaml @@ -1,19 +1,19 @@ id: pair-drop-panel -info: - name: Pair Drop Panel - Detect - author: rxerium - severity: info - description: | - Local file sharing in your browser. Inspired by Apple's AirDrop. Fork of Snapdrop. - reference: - - https://github.com/schlagmichdoch/pairdrop - metadata: - verified: true - max-request: 1 - shodan-query: title:"PairDrop" - tags: panel,pairdrop,login - +info: + name: Pair Drop Panel - Detect + author: rxerium + severity: info + description: | + Local file sharing in your browser. Inspired by Apple's AirDrop. Fork of Snapdrop. + reference: + - https://github.com/schlagmichdoch/pairdrop + metadata: + verified: true + max-request: 1 + shodan-query: title:"PairDrop" + tags: panel,pairdrop,login + http: - method: GET path: diff --git a/http/exposed-panels/pandora-fms-console.yaml b/http/exposed-panels/pandora-fms-console.yaml index 992fd50950..e6edcc00e6 100644 --- a/http/exposed-panels/pandora-fms-console.yaml +++ b/http/exposed-panels/pandora-fms-console.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: pandorafms product: pandora_fms - max-request: 1 tags: panel,edb http: diff --git a/http/exposed-panels/papercut-ng-panel.yaml b/http/exposed-panels/papercut-ng-panel.yaml index a2805d35ba..7f8aea9da1 100644 --- a/http/exposed-panels/papercut-ng-panel.yaml +++ b/http/exposed-panels/papercut-ng-panel.yaml @@ -7,10 +7,10 @@ info: description: | PaperCut is a print management system. Log in to manage your print quotas, see your print history and configure your system. metadata: - vendor: papercut - product: papercut_ng verified: true max-request: 1 + vendor: papercut + product: papercut_ng google-query: html:'content="PaperCut' tags: panel,papercut,detect diff --git a/http/exposed-panels/parallels/parallels-hsphere-detect.yaml b/http/exposed-panels/parallels/parallels-hsphere-detect.yaml index 3639ac6bce..38c057905f 100644 --- a/http/exposed-panels/parallels/parallels-hsphere-detect.yaml +++ b/http/exposed-panels/parallels/parallels-hsphere-detect.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: parallels - product: h-sphere verified: true max-request: 1 + vendor: parallels + product: h-sphere shodan-query: title:"Parallels H-Sphere" tags: panel,parallels,hsphere diff --git a/http/exposed-panels/parse-dashboard.yaml b/http/exposed-panels/parse-dashboard.yaml index a887f717fe..019caabdca 100644 --- a/http/exposed-panels/parse-dashboard.yaml +++ b/http/exposed-panels/parse-dashboard.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: parseplatform - product: parse-server verified: true max-request: 1 + vendor: parseplatform + product: parse-server shodan-query: title:"Parse Dashboard" tags: panel,parse,exposure diff --git a/http/exposed-panels/passbolt-panel.yaml b/http/exposed-panels/passbolt-panel.yaml index 71473077e0..a16e6e8673 100644 --- a/http/exposed-panels/passbolt-panel.yaml +++ b/http/exposed-panels/passbolt-panel.yaml @@ -10,9 +10,10 @@ info: - https://www.passbolt.com/ metadata: verified: true - shodan-query: "http.title:\"Passbolt | Open source password manager for teams\"" max-request: 1 + shodan-query: "http.title:\"Passbolt | Open source password manager for teams\"" tags: panel,passbolt,login + http: - method: GET path: diff --git a/http/exposed-panels/pega-web-panel.yaml b/http/exposed-panels/pega-web-panel.yaml index 8b447812a2..01d9bcad4f 100644 --- a/http/exposed-panels/pega-web-panel.yaml +++ b/http/exposed-panels/pega-web-panel.yaml @@ -13,10 +13,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: pega - product: platform verified: true max-request: 2 + vendor: pega + product: platform shodan-query: title:"Pega Platform" google-query: inurl:"/prweb/PRAuth/app/default" tags: panel,pega diff --git a/http/exposed-panels/pfsense-login.yaml b/http/exposed-panels/pfsense-login.yaml index 57abaf5bb1..d2852c31e2 100644 --- a/http/exposed-panels/pfsense-login.yaml +++ b/http/exposed-panels/pfsense-login.yaml @@ -13,9 +13,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: pfsense product: pfsense - max-request: 1 shodan-query: http.title:"pfSense - Login" google-query: intitle:"pfSense - Login" tags: panel,pfsense diff --git a/http/exposed-panels/phabricator-login.yaml b/http/exposed-panels/phabricator-login.yaml index ed04fe68af..02cf8e8bbf 100644 --- a/http/exposed-panels/phabricator-login.yaml +++ b/http/exposed-panels/phabricator-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: phacility product: phabricator - max-request: 1 shodan-query: html:"phabricator-standard-page" tags: panel,phabricator diff --git a/http/exposed-panels/phoronix-pane.yaml b/http/exposed-panels/phoronix-pane.yaml index 71f07fe511..84b28f83e5 100644 --- a/http/exposed-panels/phoronix-pane.yaml +++ b/http/exposed-panels/phoronix-pane.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: phoronix-media product: phoronix_test_suite - max-request: 1 shodan-query: http.title:"phoronix-test-suite" tags: panel,phoronix diff --git a/http/exposed-panels/phpcollab-panel.yaml b/http/exposed-panels/phpcollab-panel.yaml index d29ca0210e..ab53be3924 100644 --- a/http/exposed-panels/phpcollab-panel.yaml +++ b/http/exposed-panels/phpcollab-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: phpcollab product: phpcollab - max-request: 1 shodan-query: http.title:"PhpCollab" tags: panel,phpcollab,login diff --git a/http/exposed-panels/phpmyadmin-panel.yaml b/http/exposed-panels/phpmyadmin-panel.yaml index 381c7e8208..693ed9d90f 100644 --- a/http/exposed-panels/phpmyadmin-panel.yaml +++ b/http/exposed-panels/phpmyadmin-panel.yaml @@ -9,10 +9,10 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - shodan-query: "http.title:phpMyAdmin" + max-request: 13 vendor: phpmyadmin product: phpmyadmin - max-request: 13 + shodan-query: "http.title:phpMyAdmin" tags: panel,phpmyadmin http: diff --git a/http/exposed-panels/phppgadmin-panel.yaml b/http/exposed-panels/phppgadmin-panel.yaml index 5ee0b70452..ab6f4fe22f 100644 --- a/http/exposed-panels/phppgadmin-panel.yaml +++ b/http/exposed-panels/phppgadmin-panel.yaml @@ -13,10 +13,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: phppgadmin_project - product: phppgadmin verified: true max-request: 2 + vendor: phppgadmin_project + product: phppgadmin shodan-query: http.title:phpPgAdmin tags: panel,phppgadmin diff --git a/http/exposed-panels/piwigo-panel.yaml b/http/exposed-panels/piwigo-panel.yaml index 87d603133b..352ec0e9b9 100644 --- a/http/exposed-panels/piwigo-panel.yaml +++ b/http/exposed-panels/piwigo-panel.yaml @@ -9,10 +9,10 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - vendor: piwigo - product: piwigo verified: true max-request: 2 + vendor: piwigo + product: piwigo shodan-query: http.favicon.hash:540706145 fofa-query: title="piwigo" google-query: Powered by Piwigo diff --git a/http/exposed-panels/planet-estream-panel.yaml b/http/exposed-panels/planet-estream-panel.yaml index 58149864ef..604f48e361 100644 --- a/http/exposed-panels/planet-estream-panel.yaml +++ b/http/exposed-panels/planet-estream-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: planetestream - product: planet_estream verified: true max-request: 1 + vendor: planetestream + product: planet_estream shodan-query: title:"Login - Planet eStream" tags: panel,planet,estream diff --git a/http/exposed-panels/plesk-obsidian-login.yaml b/http/exposed-panels/plesk-obsidian-login.yaml index ec416436f3..6088eb4aff 100644 --- a/http/exposed-panels/plesk-obsidian-login.yaml +++ b/http/exposed-panels/plesk-obsidian-login.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: plesk - product: obsidian verified: true max-request: 1 + vendor: plesk + product: obsidian shodan-query: http.html:"Plesk Obsidian" tags: panel,plesk,login,edb diff --git a/http/exposed-panels/plesk-onyx-login.yaml b/http/exposed-panels/plesk-onyx-login.yaml index 0c14258c99..da558faaeb 100644 --- a/http/exposed-panels/plesk-onyx-login.yaml +++ b/http/exposed-panels/plesk-onyx-login.yaml @@ -13,10 +13,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: plesk - product: onyx verified: true max-request: 1 + vendor: plesk + product: onyx shodan-query: http.html:"Plesk Onyx" http.html:"plesk-build" google-query: inurl:login_up.php "Plesk Onyx" tags: panel,plesk,login,edb diff --git a/http/exposed-panels/polycom-admin-detect.yaml b/http/exposed-panels/polycom-admin-detect.yaml index 0d72286e89..ea2aa0c0d8 100644 --- a/http/exposed-panels/polycom-admin-detect.yaml +++ b/http/exposed-panels/polycom-admin-detect.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: polycom product: vvx - max-request: 1 tags: panel http: diff --git a/http/exposed-panels/portainer-panel.yaml b/http/exposed-panels/portainer-panel.yaml index 0fff1ab268..37660595be 100644 --- a/http/exposed-panels/portainer-panel.yaml +++ b/http/exposed-panels/portainer-panel.yaml @@ -7,10 +7,10 @@ info: reference: - https://github.com/portainer/portainer metadata: - vendor: portainer - product: portainer verified: true max-request: 2 + vendor: portainer + product: portainer shodan-query: title:"Portainer" tags: panel,portainer,detect diff --git a/http/exposed-panels/posthog-admin-panel.yaml b/http/exposed-panels/posthog-admin-panel.yaml index 9263d70d44..b384e0b323 100644 --- a/http/exposed-panels/posthog-admin-panel.yaml +++ b/http/exposed-panels/posthog-admin-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: posthog - product: posthog verified: true max-request: 1 + vendor: posthog + product: posthog shodan-query: http.title:"posthog" tags: panel,posthog diff --git a/http/exposed-panels/powerlogic-ion.yaml b/http/exposed-panels/powerlogic-ion.yaml index 8a067c389c..b833bb89d2 100644 --- a/http/exposed-panels/powerlogic-ion.yaml +++ b/http/exposed-panels/powerlogic-ion.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: schneider-electric product: ion7600 - max-request: 1 tags: panel,edb http: diff --git a/http/exposed-panels/pritunl-panel.yaml b/http/exposed-panels/pritunl-panel.yaml index a742c58c91..5d86a9e08f 100644 --- a/http/exposed-panels/pritunl-panel.yaml +++ b/http/exposed-panels/pritunl-panel.yaml @@ -10,10 +10,10 @@ info: - https://github.com/louislam/uptime-kuma - https://uptime.kuma.pet/docs/ metadata: - vendor: pritunl - product: pritunl verified: true max-request: 1 + vendor: pritunl + product: pritunl shodan-query: title:"Pritunl" tags: pritunl,panel,login diff --git a/http/exposed-panels/processwire-login.yaml b/http/exposed-panels/processwire-login.yaml index 89c48839ee..930b2f4974 100644 --- a/http/exposed-panels/processwire-login.yaml +++ b/http/exposed-panels/processwire-login.yaml @@ -11,10 +11,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: processwire - product: processwire verified: true max-request: 1 + vendor: processwire + product: processwire shodan-query: http.html:"processwire" tags: panel,processwire diff --git a/http/exposed-panels/project-insight-login.yaml b/http/exposed-panels/project-insight-login.yaml index bbc43e8616..3e542a274c 100644 --- a/http/exposed-panels/project-insight-login.yaml +++ b/http/exposed-panels/project-insight-login.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: helpproject product: help - max-request: 1 shodan-query: http.title:"Project Insight - Login" tags: panel,edb diff --git a/http/exposed-panels/projectsend-login.yaml b/http/exposed-panels/projectsend-login.yaml index f42b882a8b..1a6a14bb53 100644 --- a/http/exposed-panels/projectsend-login.yaml +++ b/http/exposed-panels/projectsend-login.yaml @@ -13,9 +13,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: projectsend product: projectsend - max-request: 1 google-query: intext:Provided by ProjectSend tags: panel,projectsend,edb diff --git a/http/exposed-panels/prometheus-exposed-panel.yaml b/http/exposed-panels/prometheus-exposed-panel.yaml index 62dbed1fa2..cdc6603e7b 100644 --- a/http/exposed-panels/prometheus-exposed-panel.yaml +++ b/http/exposed-panels/prometheus-exposed-panel.yaml @@ -9,9 +9,9 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + max-request: 2 vendor: prometheus product: prometheus - max-request: 2 tags: panel,prometheus http: diff --git a/http/exposed-panels/proofpoint-protection-server-panel.yaml b/http/exposed-panels/proofpoint-protection-server-panel.yaml index fa416b961a..ae8ea5200d 100644 --- a/http/exposed-panels/proofpoint-protection-server-panel.yaml +++ b/http/exposed-panels/proofpoint-protection-server-panel.yaml @@ -9,11 +9,11 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - product: "proofpoint protection server" - shodan-query: "http.favicon.hash:942678640" verified: true max-request: 2 vendor: proofpoint + product: "proofpoint protection server" + shodan-query: "http.favicon.hash:942678640" tags: panel,proofpoint,login,detect http: diff --git a/http/exposed-panels/proxmox-panel.yaml b/http/exposed-panels/proxmox-panel.yaml index e400919df1..0bc86ba8d5 100644 --- a/http/exposed-panels/proxmox-panel.yaml +++ b/http/exposed-panels/proxmox-panel.yaml @@ -13,10 +13,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: proxmox - product: proxmox verified: true max-request: 1 + vendor: proxmox + product: proxmox shodan-query: http.favicon.hash:213144638 tags: panel,proxmox,login diff --git a/http/exposed-panels/pulsar-admin-console.yaml b/http/exposed-panels/pulsar-admin-console.yaml index a8490ef12b..0874e86cf0 100644 --- a/http/exposed-panels/pulsar-admin-console.yaml +++ b/http/exposed-panels/pulsar-admin-console.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: apache - product: pulsar verified: true max-request: 1 + vendor: apache + product: pulsar shodan-query: title:"Pulsar Admin Console" tags: panel,pulsar,console,admin diff --git a/http/exposed-panels/pulsar-adminui-panel.yaml b/http/exposed-panels/pulsar-adminui-panel.yaml index f6f314b3db..faa76b07d2 100644 --- a/http/exposed-panels/pulsar-adminui-panel.yaml +++ b/http/exposed-panels/pulsar-adminui-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: apache - product: pulsar verified: true max-request: 1 + vendor: apache + product: pulsar shodan-query: title:"Pulsar Admin UI" tags: panel,pulsar,pulsarui,admin diff --git a/http/exposed-panels/pure-storage-login.yaml b/http/exposed-panels/pure-storage-login.yaml index 4e7f0362dd..b2c378cff0 100644 --- a/http/exposed-panels/pure-storage-login.yaml +++ b/http/exposed-panels/pure-storage-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: purestorage product: purity - max-request: 1 shodan-query: http.title:"Pure Storage Login" tags: panel,purestorage diff --git a/http/exposed-panels/pyload-panel.yaml b/http/exposed-panels/pyload-panel.yaml index dcd37ca66c..a8bd96431a 100644 --- a/http/exposed-panels/pyload-panel.yaml +++ b/http/exposed-panels/pyload-panel.yaml @@ -9,10 +9,10 @@ info: reference: - https://github.com/pyload/pyload metadata: - vendor: pyload - product: pyload verified: true max-request: 2 + vendor: pyload + product: pyload shodan-query: title:"Login - pyLoad" tags: panel,pyload,login diff --git a/http/exposed-panels/qBittorrent-panel.yaml b/http/exposed-panels/qBittorrent-panel.yaml index d8d88dd1f2..b96131e618 100644 --- a/http/exposed-panels/qBittorrent-panel.yaml +++ b/http/exposed-panels/qBittorrent-panel.yaml @@ -7,10 +7,10 @@ info: reference: - https://www.qbittorrent.org/ metadata: - vendor: qbittorrent - product: qbittorrent verified: true max-request: 1 + vendor: qbittorrent + product: qbittorrent shodan-query: title:"qbittorrent" tags: panel,qbittorrent,detect diff --git a/http/exposed-panels/qdpm-login-panel.yaml b/http/exposed-panels/qdpm-login-panel.yaml index de4493d031..d2d8bdac35 100644 --- a/http/exposed-panels/qdpm-login-panel.yaml +++ b/http/exposed-panels/qdpm-login-panel.yaml @@ -5,10 +5,10 @@ info: author: theamanrawat severity: info metadata: - vendor: qdpm - product: qdpm verified: "true" max-request: 2 + vendor: qdpm + product: qdpm shodan-query: http.favicon.hash:762074255 tags: panel,qdpm,login diff --git a/http/exposed-panels/qlik-sense-server.yaml b/http/exposed-panels/qlik-sense-server.yaml index b4f497d6eb..c7bc1b3db8 100644 --- a/http/exposed-panels/qlik-sense-server.yaml +++ b/http/exposed-panels/qlik-sense-server.yaml @@ -13,10 +13,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: qlik - product: qlik_sense verified: true max-request: 2 + vendor: qlik + product: qlik_sense shodan-query: http.title:"Qlik-Sense" fofa-query: app="Qlik-Sense" tags: panel,qlik diff --git a/http/exposed-panels/qmail-admin-login.yaml b/http/exposed-panels/qmail-admin-login.yaml index f6a6b0fc1b..41e1b5745d 100644 --- a/http/exposed-panels/qmail-admin-login.yaml +++ b/http/exposed-panels/qmail-admin-login.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: qmail_project - product: qmail verified: true max-request: 5 + vendor: qmail_project + product: qmail shodan-query: title:"QmailAdmin" tags: qmail,panel diff --git a/http/exposed-panels/qnap/qnap-photostation-panel.yaml b/http/exposed-panels/qnap/qnap-photostation-panel.yaml index a0b3023c68..74d26e504f 100644 --- a/http/exposed-panels/qnap/qnap-photostation-panel.yaml +++ b/http/exposed-panels/qnap/qnap-photostation-panel.yaml @@ -13,10 +13,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: qnap - product: photo_station verified: true max-request: 1 + vendor: qnap + product: photo_station shodan-query: http.title:"Photo Station" tags: panel,photostation,qnap diff --git a/http/exposed-panels/qnap/qnap-qts-panel.yaml b/http/exposed-panels/qnap/qnap-qts-panel.yaml index 34d3648fd4..c041e59fb2 100644 --- a/http/exposed-panels/qnap/qnap-qts-panel.yaml +++ b/http/exposed-panels/qnap/qnap-qts-panel.yaml @@ -13,10 +13,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: qnap - product: qts verified: true max-request: 2 + vendor: qnap + product: qts shodan-query: product:"QNAP" google-query: intitle:"QNAP Turbo NAS" inurl:/cgi-bin tags: panel,qnap,qts diff --git a/http/exposed-panels/quantum-scalar-detect.yaml b/http/exposed-panels/quantum-scalar-detect.yaml index 25d04ab770..90fd77674e 100644 --- a/http/exposed-panels/quantum-scalar-detect.yaml +++ b/http/exposed-panels/quantum-scalar-detect.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: quantum product: scalar_i500 - max-request: 1 tags: panel,quantum,scalar http: diff --git a/http/exposed-panels/rabbitmq-dashboard.yaml b/http/exposed-panels/rabbitmq-dashboard.yaml index f30eeba65a..72f69f9076 100644 --- a/http/exposed-panels/rabbitmq-dashboard.yaml +++ b/http/exposed-panels/rabbitmq-dashboard.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: vmware product: rabbitmq - max-request: 1 tags: panel,rabbitmq http: diff --git a/http/exposed-panels/rancher-dashboard.yaml b/http/exposed-panels/rancher-dashboard.yaml index d4ff976910..2cb35cdfb4 100644 --- a/http/exposed-panels/rancher-dashboard.yaml +++ b/http/exposed-panels/rancher-dashboard.yaml @@ -11,10 +11,10 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - vendor: rancher - product: rancher verified: "true" max-request: 2 + vendor: rancher + product: rancher shodan-query: http.favicon.hash:-1324930554 tags: panel,rancher,dashboard,login diff --git a/http/exposed-panels/rancher-panel.yaml b/http/exposed-panels/rancher-panel.yaml index 38376fbb68..09bc66db23 100644 --- a/http/exposed-panels/rancher-panel.yaml +++ b/http/exposed-panels/rancher-panel.yaml @@ -13,10 +13,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: suse - product: rancher verified: true max-request: 1 + vendor: suse + product: rancher shodan-query: http.favicon.hash:464587962 tags: panel,rancher,kubernetes,devops,cloud,login diff --git a/http/exposed-panels/rdweb-panel.yaml b/http/exposed-panels/rdweb-panel.yaml index c500cc7ab5..39c9426425 100644 --- a/http/exposed-panels/rdweb-panel.yaml +++ b/http/exposed-panels/rdweb-panel.yaml @@ -9,10 +9,10 @@ info: reference: - https://rdweb.wvd.microsoft.com/webclient metadata: - vendor: microsoft - product: remote_desktop verified: true max-request: 1 + vendor: microsoft + product: remote_desktop shodan-query: html:"RD Web Access" tags: panel,login,rdp,web-access diff --git a/http/exposed-panels/redash-panel.yaml b/http/exposed-panels/redash-panel.yaml index afd2901bc2..c9648817e4 100644 --- a/http/exposed-panels/redash-panel.yaml +++ b/http/exposed-panels/redash-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: redash product: redash - max-request: 1 shodan-query: http.favicon.hash:698624197 tags: panel,redash diff --git a/http/exposed-panels/redmine-panel.yaml b/http/exposed-panels/redmine-panel.yaml index 77ba2be1cf..8e72063aa1 100644 --- a/http/exposed-panels/redmine-panel.yaml +++ b/http/exposed-panels/redmine-panel.yaml @@ -1,18 +1,18 @@ id: redmine-panel -info: - name: Redmine Login Panel - Detect - author: righettod - severity: info - description: Redmine login panel was detected. - reference: - - https://www.redmine.org/ - metadata: - max-request: 1 - verified: true - shodan-query: http.html:'content="Redmine' - tags: panel,redmine,login,detect - +info: + name: Redmine Login Panel - Detect + author: righettod + severity: info + description: Redmine login panel was detected. + reference: + - https://www.redmine.org/ + metadata: + verified: true + max-request: 1 + shodan-query: http.html:'content="Redmine' + tags: panel,redmine,login,detect + http: - method: GET path: diff --git a/http/exposed-panels/repetier-server-panel.yaml b/http/exposed-panels/repetier-server-panel.yaml index 8edd3bc517..fc6333e4a2 100644 --- a/http/exposed-panels/repetier-server-panel.yaml +++ b/http/exposed-panels/repetier-server-panel.yaml @@ -9,9 +9,9 @@ info: metadata: verified: true max-request: 1 - shodan-query: title:"Repetier-Server" vendor: repetier-server product: repetier-server + shodan-query: title:"Repetier-Server" tags: panel,repetier,detect http: diff --git a/http/exposed-panels/reportico-admin-panel.yaml b/http/exposed-panels/reportico-admin-panel.yaml index db4d45dd1f..b06efaff01 100644 --- a/http/exposed-panels/reportico-admin-panel.yaml +++ b/http/exposed-panels/reportico-admin-panel.yaml @@ -10,10 +10,10 @@ info: - https://www.reportico.org/site2/index.php - https://github.com/reportico-web/reportico metadata: - vendor: reportico - product: reportico verified: true max-request: 2 + vendor: reportico + product: reportico shodan-query: title:"Reportico Administration Page" tags: panel,reportico,login,detect diff --git a/http/exposed-panels/rocketchat-panel.yaml b/http/exposed-panels/rocketchat-panel.yaml index eacd042f61..317c2dcaf2 100644 --- a/http/exposed-panels/rocketchat-panel.yaml +++ b/http/exposed-panels/rocketchat-panel.yaml @@ -9,8 +9,8 @@ info: - https://www.rocket.chat/ metadata: verified: true - shodan-query: "http.title:\"Rocket.Chat\"" max-request: 1 + shodan-query: "http.title:\"Rocket.Chat\"" tags: panel,rocketchat,login,detect http: diff --git a/http/exposed-panels/rocketmq-console-exposure.yaml b/http/exposed-panels/rocketmq-console-exposure.yaml index 4d273fda64..1acdeef1a9 100644 --- a/http/exposed-panels/rocketmq-console-exposure.yaml +++ b/http/exposed-panels/rocketmq-console-exposure.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: apache - product: rocketmq verified: true max-request: 1 + vendor: apache + product: rocketmq shodan-query: http.title:"RocketMq-console-ng" tags: panel,apache diff --git a/http/exposed-panels/roxy-fileman.yaml b/http/exposed-panels/roxy-fileman.yaml index 8eb068398e..be17dc8f22 100644 --- a/http/exposed-panels/roxy-fileman.yaml +++ b/http/exposed-panels/roxy-fileman.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: roxyfileman - product: roxy_fileman verified: true max-request: 4 + vendor: roxyfileman + product: roxy_fileman google-query: intitle:"Roxy file manager" tags: tech,roxy,fileman,panel diff --git a/http/exposed-panels/ruckus-unleashed-panel.yaml b/http/exposed-panels/ruckus-unleashed-panel.yaml index 7397d374ab..e66bbc1d93 100644 --- a/http/exposed-panels/ruckus-unleashed-panel.yaml +++ b/http/exposed-panels/ruckus-unleashed-panel.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: ruckuswireless product: unleashed_firmware - max-request: 1 shodan-query: http.title:"Unleashed Login" google-query: intitle:"Unleashed Login" tags: panel,ruckus diff --git a/http/exposed-panels/ruckus-wireless-admin-login.yaml b/http/exposed-panels/ruckus-wireless-admin-login.yaml index 63947335fc..2e488704db 100644 --- a/http/exposed-panels/ruckus-wireless-admin-login.yaml +++ b/http/exposed-panels/ruckus-wireless-admin-login.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: ruckuswireless - product: e510 verified: true max-request: 1 + vendor: ruckuswireless + product: e510 shodan-query: title:"ruckus" tags: panel,exposed,ruckus diff --git a/http/exposed-panels/ruijie/rg-uac-panel.yaml b/http/exposed-panels/ruijie/rg-uac-panel.yaml index 46c65f6817..843ae97673 100644 --- a/http/exposed-panels/ruijie/rg-uac-panel.yaml +++ b/http/exposed-panels/ruijie/rg-uac-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: ruijie product: rg-uac_firmware - max-request: 1 shodan-query: http.html:"Get_Verify_Info" tags: panel,ruijie,router,firewall diff --git a/http/exposed-panels/sage-panel.yaml b/http/exposed-panels/sage-panel.yaml index d0ea448695..c1b7c9c237 100644 --- a/http/exposed-panels/sage-panel.yaml +++ b/http/exposed-panels/sage-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: sage product: x3 - max-request: 1 shodan-query: http.title:"Sage X3" tags: panel,sage,login diff --git a/http/exposed-panels/samba-swat-panel.yaml b/http/exposed-panels/samba-swat-panel.yaml index 3006b4a2e3..96dae4df03 100644 --- a/http/exposed-panels/samba-swat-panel.yaml +++ b/http/exposed-panels/samba-swat-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: samba product: samba - max-request: 1 tags: panel,samba http: diff --git a/http/exposed-panels/samsung-printer-detect.yaml b/http/exposed-panels/samsung-printer-detect.yaml index d644ca80f0..3596372720 100644 --- a/http/exposed-panels/samsung-printer-detect.yaml +++ b/http/exposed-panels/samsung-printer-detect.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: samsung product: printer_firmware - max-request: 1 fofa-query: app="SAMSUNG-Printer" tags: iot,panel,samsung,printer diff --git a/http/exposed-panels/sap-netweaver-portal.yaml b/http/exposed-panels/sap-netweaver-portal.yaml index 6ba844b1ea..29a768e5c8 100644 --- a/http/exposed-panels/sap-netweaver-portal.yaml +++ b/http/exposed-panels/sap-netweaver-portal.yaml @@ -13,9 +13,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: sap product: netweaver_portal - max-request: 1 tags: panel,sap http: diff --git a/http/exposed-panels/sap-successfactors-detect.yaml b/http/exposed-panels/sap-successfactors-detect.yaml index b9a1b0657e..d8dd6a6615 100644 --- a/http/exposed-panels/sap-successfactors-detect.yaml +++ b/http/exposed-panels/sap-successfactors-detect.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: sap - product: successfactors verified: true max-request: 2 + vendor: sap + product: successfactors shodan-query: title:"Login - SAP SuccessFactors" tags: panel,sap,detect diff --git a/http/exposed-panels/sapfiori-panel.yaml b/http/exposed-panels/sapfiori-panel.yaml index 229f64de16..730f360b53 100644 --- a/http/exposed-panels/sapfiori-panel.yaml +++ b/http/exposed-panels/sapfiori-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: sap product: fiori - max-request: 2 tags: panel,sap,fiori http: diff --git a/http/exposed-panels/sas-login-panel.yaml b/http/exposed-panels/sas-login-panel.yaml index ec0ab87fff..24b524158e 100644 --- a/http/exposed-panels/sas-login-panel.yaml +++ b/http/exposed-panels/sas-login-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: sas - product: base_sas verified: true max-request: 1 + vendor: sas + product: base_sas shodan-query: http.favicon.hash:957255151 tags: sas,panel diff --git a/http/exposed-panels/sauter-moduwebvision-panel.yaml b/http/exposed-panels/sauter-moduwebvision-panel.yaml index f5bc5a1191..43f058e6a7 100644 --- a/http/exposed-panels/sauter-moduwebvision-panel.yaml +++ b/http/exposed-panels/sauter-moduwebvision-panel.yaml @@ -9,10 +9,10 @@ info: reference: - https://www.sauter-controls.com metadata: - vendor: sauter - product: moduweb_vision verified: true max-request: 1 + vendor: sauter + product: moduweb_vision shodan-query: http.favicon.hash:-1663319756 tags: panel,moduweb,sauter,login diff --git a/http/exposed-panels/seafile-panel.yaml b/http/exposed-panels/seafile-panel.yaml index 91a20239eb..377cd77a8f 100644 --- a/http/exposed-panels/seafile-panel.yaml +++ b/http/exposed-panels/seafile-panel.yaml @@ -13,10 +13,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: seafile - product: seafile verified: true max-request: 1 + vendor: seafile + product: seafile shodan-query: http.favicon.hash:1552322396 tags: sefile,panel,login diff --git a/http/exposed-panels/seagate-nas-login.yaml b/http/exposed-panels/seagate-nas-login.yaml index 7ff121e93f..c9129ff4df 100644 --- a/http/exposed-panels/seagate-nas-login.yaml +++ b/http/exposed-panels/seagate-nas-login.yaml @@ -7,10 +7,10 @@ info: description: | Seagate NAS - SEAGATE Login was detected. metadata: - vendor: seagate - product: nas_os verified: true max-request: 1 + vendor: seagate + product: nas_os shodan-query: title:"Seagate NAS - SEAGATE" tags: panel,seagate,login diff --git a/http/exposed-panels/security-onion-panel.yaml b/http/exposed-panels/security-onion-panel.yaml index 39da23ffa4..0569fdeea3 100644 --- a/http/exposed-panels/security-onion-panel.yaml +++ b/http/exposed-panels/security-onion-panel.yaml @@ -10,10 +10,10 @@ info: - https://securityonionsolutions.com/ - https://github.com/Security-Onion-Solutions/securityonion metadata: - vendor: securityonionsolutions - product: security_onion verified: true max-request: 2 + vendor: securityonionsolutions + product: security_onion shodan-query: title:"Security Onion" tags: panel,security,onion,detect diff --git a/http/exposed-panels/seeddms-panel.yaml b/http/exposed-panels/seeddms-panel.yaml index ce388afdd9..c0ab9c94f4 100644 --- a/http/exposed-panels/seeddms-panel.yaml +++ b/http/exposed-panels/seeddms-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: seeddms product: seeddms - max-request: 2 shodan-query: http.title:"SeedDMS" tags: panel,seeddms,login diff --git a/http/exposed-panels/sentry-panel.yaml b/http/exposed-panels/sentry-panel.yaml index 07fc5838ec..4f7cf09d04 100644 --- a/http/exposed-panels/sentry-panel.yaml +++ b/http/exposed-panels/sentry-panel.yaml @@ -9,11 +9,11 @@ info: reference: - https://sentry.io/ metadata: + verified: true + max-request: 1 vendor: sentry product: sentry - verified: true shodan-query: "http.title:\"Login | Sentry\"" - max-request: 1 tags: panel,sentry,login http: diff --git a/http/exposed-panels/servicedesk-login-panel.yaml b/http/exposed-panels/servicedesk-login-panel.yaml index 0c96a1c45f..bddc87e567 100644 --- a/http/exposed-panels/servicedesk-login-panel.yaml +++ b/http/exposed-panels/servicedesk-login-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: atlassian product: confluence_data_center - max-request: 2 shodan-query: http.component:"Atlassian Confluence" tags: servicedesk,confluence,jira,panel,login diff --git a/http/exposed-panels/servicenow-panel.yaml b/http/exposed-panels/servicenow-panel.yaml index af030422ec..6a779a3549 100644 --- a/http/exposed-panels/servicenow-panel.yaml +++ b/http/exposed-panels/servicenow-panel.yaml @@ -9,10 +9,10 @@ info: reference: - https://www.servicenow.com/ metadata: - vendor: servicenow - product: servicenow verified: true max-request: 1 + vendor: servicenow + product: servicenow shodan-query: http.favicon.hash:1701804003 tags: panel,servicenow,login,detect diff --git a/http/exposed-panels/shardingsphere-panel.yaml b/http/exposed-panels/shardingsphere-panel.yaml index 00fc908724..f00aadb809 100644 --- a/http/exposed-panels/shardingsphere-panel.yaml +++ b/http/exposed-panels/shardingsphere-panel.yaml @@ -8,10 +8,10 @@ info: classification: cwe-id: CWE-200 metadata: - vendor: apache - product: shardingsphere_elasticjob-ui verified: true max-request: 1 + vendor: apache + product: shardingsphere_elasticjob-ui shodan-query: http.favicon.hash:816588900 tags: panel,shardingsphere,login diff --git a/http/exposed-panels/sharefile-panel.yaml b/http/exposed-panels/sharefile-panel.yaml index 8b4d2554c1..f1eb833b84 100644 --- a/http/exposed-panels/sharefile-panel.yaml +++ b/http/exposed-panels/sharefile-panel.yaml @@ -9,10 +9,10 @@ info: reference: - https://www.sharefile.com/ metadata: - vendor: citrix - product: sharefile verified: true max-request: 1 + vendor: citrix + product: sharefile shodan-query: title:"ShareFile Login" tags: sharefile,login,panel,detect diff --git a/http/exposed-panels/shell-box.yaml b/http/exposed-panels/shell-box.yaml index 5e6e9a317c..6bf0c83740 100644 --- a/http/exposed-panels/shell-box.yaml +++ b/http/exposed-panels/shell-box.yaml @@ -10,10 +10,10 @@ info: - https://github.com/shellinabox/shellinabox - https://www.cvedetails.com/vulnerability-list/vendor_id-15771/product_id-33062/Shellinabox-Project-Shellinabox.html metadata: - vendor: shellinabox_project - product: shellinabox verified: true max-request: 1 + vendor: shellinabox_project + product: shellinabox shodan-query: http.favicon.hash:-629968763 tags: shell,emulator,detect,panel,login diff --git a/http/exposed-panels/sidekiq-dashboard.yaml b/http/exposed-panels/sidekiq-dashboard.yaml index 05a088ce41..32a5816b5d 100644 --- a/http/exposed-panels/sidekiq-dashboard.yaml +++ b/http/exposed-panels/sidekiq-dashboard.yaml @@ -14,9 +14,9 @@ info: cvss-score: 5.3 cwe-id: CWE-200 metadata: + max-request: 1 vendor: contribsys product: sidekiq - max-request: 1 tags: unauth,panel,sidekiq http: diff --git a/http/exposed-panels/sitefinity-login.yaml b/http/exposed-panels/sitefinity-login.yaml index 4f1fdeb560..c7750b21ce 100644 --- a/http/exposed-panels/sitefinity-login.yaml +++ b/http/exposed-panels/sitefinity-login.yaml @@ -8,9 +8,9 @@ info: reference: - https://www.exploit-db.com/ghdb/6722 metadata: + max-request: 1 vendor: progress product: sitefinity_cms - max-request: 1 tags: sitefinity,edb,panel http: diff --git a/http/exposed-panels/siteomat-login.yaml b/http/exposed-panels/siteomat-login.yaml index a307182685..2b73ab5261 100644 --- a/http/exposed-panels/siteomat-login.yaml +++ b/http/exposed-panels/siteomat-login.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: orpak product: siteomat - max-request: 1 tags: siteomat,login,edb,panel http: diff --git a/http/exposed-panels/skeepers-panel.yaml b/http/exposed-panels/skeepers-panel.yaml index 9f10335271..d8914d3243 100644 --- a/http/exposed-panels/skeepers-panel.yaml +++ b/http/exposed-panels/skeepers-panel.yaml @@ -1,19 +1,19 @@ id: skeepers-panel -info: - name: Skeepers Login Panel - Detect - author: righettod - severity: info - description: | - Skeepers login panel was detected. - reference: - - https://skeepers.io - metadata: - max-request: 1 - shodan-query: http.title:"Skeepers" - verified: true - tags: panel,skeepers,login,detect - +info: + name: Skeepers Login Panel - Detect + author: righettod + severity: info + description: | + Skeepers login panel was detected. + reference: + - https://skeepers.io + metadata: + verified: true + max-request: 2 + shodan-query: "http.title:\"Skeepers\"" + tags: panel,skeepers,login,detect + http: - method: GET path: diff --git a/http/exposed-panels/skycaiji-admin-panel.yaml b/http/exposed-panels/skycaiji-admin-panel.yaml index ff2c2b4752..30e79648cb 100644 --- a/http/exposed-panels/skycaiji-admin-panel.yaml +++ b/http/exposed-panels/skycaiji-admin-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: skycaiji product: skycaiji - max-request: 1 tags: panel,tech,skycaiji http: diff --git a/http/exposed-panels/softether-vpn-panel.yaml b/http/exposed-panels/softether-vpn-panel.yaml index 22968668d3..9c3056ef53 100644 --- a/http/exposed-panels/softether-vpn-panel.yaml +++ b/http/exposed-panels/softether-vpn-panel.yaml @@ -7,8 +7,8 @@ info: description: | SoftEther VPN panel was detected. metadata: - max-request: 1 verified: true + max-request: 1 shodan-query: http.title:"SoftEther VPN Server" tags: panel,vpn,softether diff --git a/http/exposed-panels/solarview-compact-panel.yaml b/http/exposed-panels/solarview-compact-panel.yaml index ac03ddb3a0..5d52047b2a 100644 --- a/http/exposed-panels/solarview-compact-panel.yaml +++ b/http/exposed-panels/solarview-compact-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: contec - product: solarview_compact_firmware verified: true max-request: 1 + vendor: contec + product: solarview_compact_firmware shodan-query: http.html:"SolarView Compact" tags: panel,solarview,iot diff --git a/http/exposed-panels/solarwinds-arm-panel.yaml b/http/exposed-panels/solarwinds-arm-panel.yaml index ea0aa7f962..0516f6bed9 100644 --- a/http/exposed-panels/solarwinds-arm-panel.yaml +++ b/http/exposed-panels/solarwinds-arm-panel.yaml @@ -13,10 +13,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: solarwinds - product: access_rights_manager verified: true max-request: 1 + vendor: solarwinds + product: access_rights_manager shodan-query: http.favicon.hash:-1416464161 censys-query: services.http.response.html_title="Solarwinds Access Rights Manager" tags: panel,solarwinds diff --git a/http/exposed-panels/solarwinds-orion.yaml b/http/exposed-panels/solarwinds-orion.yaml index 4aeb3954e4..72c9bbd906 100644 --- a/http/exposed-panels/solarwinds-orion.yaml +++ b/http/exposed-panels/solarwinds-orion.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: solarwinds product: orion_platform - max-request: 1 tags: panel,solarwinds http: diff --git a/http/exposed-panels/solarwinds-servuftp-detect.yaml b/http/exposed-panels/solarwinds-servuftp-detect.yaml index a2d94dfe0a..a13f6a8d3c 100644 --- a/http/exposed-panels/solarwinds-servuftp-detect.yaml +++ b/http/exposed-panels/solarwinds-servuftp-detect.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: solarwinds product: serv-u - max-request: 1 tags: solarwinds,panel http: diff --git a/http/exposed-panels/solr-panel-exposure.yaml b/http/exposed-panels/solr-panel-exposure.yaml index f3024181f6..3b185ffdfe 100644 --- a/http/exposed-panels/solr-panel-exposure.yaml +++ b/http/exposed-panels/solr-panel-exposure.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: apache - product: solr verified: true max-request: 2 + vendor: apache + product: solr shodan-query: http.title:"Solr Admin" tags: panel,solr,apache,admin diff --git a/http/exposed-panels/sonarqube-login.yaml b/http/exposed-panels/sonarqube-login.yaml index 007f5b2cdf..5198d2295d 100644 --- a/http/exposed-panels/sonarqube-login.yaml +++ b/http/exposed-panels/sonarqube-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: sonarsource product: sonarqube - max-request: 1 tags: panel,sonarqube http: diff --git a/http/exposed-panels/sonic-wall-application.yaml b/http/exposed-panels/sonic-wall-application.yaml index e7b24e07dc..e476fcce29 100644 --- a/http/exposed-panels/sonic-wall-application.yaml +++ b/http/exposed-panels/sonic-wall-application.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: sonicwall - product: sma1000_firmware verified: true max-request: 1 + vendor: sonicwall + product: sma1000_firmware shodan-query: title:"Appliance Management Console Login" tags: panel,sonicwall,login diff --git a/http/exposed-panels/sonic-wall-login.yaml b/http/exposed-panels/sonic-wall-login.yaml index c0a6530f29..ea3c6a4667 100644 --- a/http/exposed-panels/sonic-wall-login.yaml +++ b/http/exposed-panels/sonic-wall-login.yaml @@ -6,10 +6,10 @@ info: severity: info description: SonicWall Network Security Login panel was detected. metadata: - vendor: sonicwall - product: tz_350 verified: true max-request: 2 + vendor: sonicwall + product: tz_350 shodan-query: title:"SonicWall Network Security Login" tags: panel,sonicwall,login diff --git a/http/exposed-panels/sonicwall-analyzer-login.yaml b/http/exposed-panels/sonicwall-analyzer-login.yaml index a7a38f450b..8a8b54d88e 100644 --- a/http/exposed-panels/sonicwall-analyzer-login.yaml +++ b/http/exposed-panels/sonicwall-analyzer-login.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: sonicwall - product: analyzer verified: true max-request: 1 + vendor: sonicwall + product: analyzer shodan-query: title:"SonicWall Analyzer Login" tags: panel,sonicwall diff --git a/http/exposed-panels/sonicwall-management-panel.yaml b/http/exposed-panels/sonicwall-management-panel.yaml index 41c9708ecb..d35514f236 100644 --- a/http/exposed-panels/sonicwall-management-panel.yaml +++ b/http/exposed-panels/sonicwall-management-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: sonicwall product: global_management_system - max-request: 1 tags: panel,sonicwall http: diff --git a/http/exposed-panels/sonicwall-sslvpn-panel.yaml b/http/exposed-panels/sonicwall-sslvpn-panel.yaml index 07556bd228..eec6de955a 100644 --- a/http/exposed-panels/sonicwall-sslvpn-panel.yaml +++ b/http/exposed-panels/sonicwall-sslvpn-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: sonicwall product: sonicos - max-request: 1 tags: panel,sonicwall http: diff --git a/http/exposed-panels/sophos-fw-version-detect.yaml b/http/exposed-panels/sophos-fw-version-detect.yaml index 53bff4f024..462238b1dd 100644 --- a/http/exposed-panels/sophos-fw-version-detect.yaml +++ b/http/exposed-panels/sophos-fw-version-detect.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: sophos - product: sfos verified: true max-request: 2 + vendor: sophos + product: sfos shodan-query: title:"Sophos" tags: panel,sophos diff --git a/http/exposed-panels/sophos-mobile-panel.yaml b/http/exposed-panels/sophos-mobile-panel.yaml index cf82245cab..d6d71f05c4 100644 --- a/http/exposed-panels/sophos-mobile-panel.yaml +++ b/http/exposed-panels/sophos-mobile-panel.yaml @@ -13,9 +13,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: sophos product: mobile - max-request: 1 shodan-query: http.title:"Sophos Mobile" tags: panel,sophos diff --git a/http/exposed-panels/sophos-web-appliance.yaml b/http/exposed-panels/sophos-web-appliance.yaml index 235def09b6..35d9db8621 100644 --- a/http/exposed-panels/sophos-web-appliance.yaml +++ b/http/exposed-panels/sophos-web-appliance.yaml @@ -7,10 +7,10 @@ info: reference: - https://docs.sophos.com/nsg/swa/help/en-us/nsg/swa/concepts/AboutYourAppliance.html metadata: - vendor: sophos - product: web_appliance verified: true max-request: 1 + vendor: sophos + product: web_appliance shodan-query: 'http.favicon.hash:-893681401' tags: panel,login,sophos diff --git a/http/exposed-panels/spacelogic-cbus-panel.yaml b/http/exposed-panels/spacelogic-cbus-panel.yaml index 4a15db1233..8ca0971e6a 100644 --- a/http/exposed-panels/spacelogic-cbus-panel.yaml +++ b/http/exposed-panels/spacelogic-cbus-panel.yaml @@ -7,9 +7,9 @@ info: metadata: verified: true max-request: 1 - shodan-query: html:"SpaceLogic C-Bus" vendor: schneider-electric product: spacelogic_c-bus_home_controller_firmware + shodan-query: html:"SpaceLogic C-Bus" tags: panel,spacelogic,login http: diff --git a/http/exposed-panels/spark-panel.yaml b/http/exposed-panels/spark-panel.yaml index cb90263c88..7124fe0111 100644 --- a/http/exposed-panels/spark-panel.yaml +++ b/http/exposed-panels/spark-panel.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: apache - product: spark verified: true max-request: 1 + vendor: apache + product: spark shodan-query: html:"/apps/IMT/Html/" tags: panel,spark diff --git a/http/exposed-panels/sphider-login.yaml b/http/exposed-panels/sphider-login.yaml index b9a45e53ae..5f3ec68374 100644 --- a/http/exposed-panels/sphider-login.yaml +++ b/http/exposed-panels/sphider-login.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 3 vendor: sphider product: sphider - max-request: 3 tags: edb,panel http: diff --git a/http/exposed-panels/splunk-enterprise-panel.yaml b/http/exposed-panels/splunk-enterprise-panel.yaml index 76bf31b68c..147c5b1f7e 100644 --- a/http/exposed-panels/splunk-enterprise-panel.yaml +++ b/http/exposed-panels/splunk-enterprise-panel.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: splunk product: splunk - max-request: 1 shodan-query: http.title:"Login - Splunk" tags: panel,splunk diff --git a/http/exposed-panels/spotweb-login-panel.yaml b/http/exposed-panels/spotweb-login-panel.yaml index d9d35be873..8d580e2908 100644 --- a/http/exposed-panels/spotweb-login-panel.yaml +++ b/http/exposed-panels/spotweb-login-panel.yaml @@ -5,10 +5,10 @@ info: author: theamanrawat severity: info metadata: - vendor: spotweb_project - product: spotweb verified: true max-request: 1 + vendor: spotweb_project + product: spotweb shodan-query: title:"SpotWeb - overview" tags: panel,spotweb,detect diff --git a/http/exposed-panels/sql-monitor.yaml b/http/exposed-panels/sql-monitor.yaml index c8647762a0..46e69e56c9 100644 --- a/http/exposed-panels/sql-monitor.yaml +++ b/http/exposed-panels/sql-monitor.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: red-gate product: sql_monitor - max-request: 1 shodan-query: html:"SQL Monitor" tags: panel diff --git a/http/exposed-panels/squirrelmail-login.yaml b/http/exposed-panels/squirrelmail-login.yaml index e05ad4f2ab..1595d77d62 100644 --- a/http/exposed-panels/squirrelmail-login.yaml +++ b/http/exposed-panels/squirrelmail-login.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 4 vendor: squirrelmail product: squirrelmail - max-request: 4 shodan-query: title:"SquirrelMail" tags: squirrelmail,edb,panel diff --git a/http/exposed-panels/strapi-documentation.yaml b/http/exposed-panels/strapi-documentation.yaml index afaa91d486..b703341032 100644 --- a/http/exposed-panels/strapi-documentation.yaml +++ b/http/exposed-panels/strapi-documentation.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: strapi product: strapi - max-request: 2 tags: strapi,panel http: diff --git a/http/exposed-panels/strapi-panel.yaml b/http/exposed-panels/strapi-panel.yaml index 18803bba5e..61dad4d273 100644 --- a/http/exposed-panels/strapi-panel.yaml +++ b/http/exposed-panels/strapi-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: strapi product: strapi - max-request: 1 tags: panel,strapi,login http: diff --git a/http/exposed-panels/structurizr-panel.yaml b/http/exposed-panels/structurizr-panel.yaml index 60c12293b6..b741e14181 100644 --- a/http/exposed-panels/structurizr-panel.yaml +++ b/http/exposed-panels/structurizr-panel.yaml @@ -11,9 +11,9 @@ info: metadata: verified: true max-request: 2 - shodan-query: http.favicon.hash:1199592666 vendor: structurizr product: on-premises_installation + shodan-query: http.favicon.hash:1199592666 tags: panel,structurizr,detect http: diff --git a/http/exposed-panels/subrion-login.yaml b/http/exposed-panels/subrion-login.yaml index ea4f54147b..002d1ae5a9 100644 --- a/http/exposed-panels/subrion-login.yaml +++ b/http/exposed-panels/subrion-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: intelliants product: subrion - max-request: 1 tags: panel,subrion http: diff --git a/http/exposed-panels/sugarcrm-panel.yaml b/http/exposed-panels/sugarcrm-panel.yaml index 24b3a86635..370eba1dc2 100644 --- a/http/exposed-panels/sugarcrm-panel.yaml +++ b/http/exposed-panels/sugarcrm-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: sugarcrm product: sugarcrm - max-request: 2 shodan-query: http.title:sugarcrm tags: sugarcrm,panel diff --git a/http/exposed-panels/superset-login.yaml b/http/exposed-panels/superset-login.yaml index 02c75099a1..8018c8f1a7 100644 --- a/http/exposed-panels/superset-login.yaml +++ b/http/exposed-panels/superset-login.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: apache - product: superset verified: true max-request: 2 + vendor: apache + product: superset shodan-query: http.favicon.hash:1582430156 tags: panel,superset diff --git a/http/exposed-panels/symantec/symantec-dlp-login.yaml b/http/exposed-panels/symantec/symantec-dlp-login.yaml index 049797bf53..4311887d83 100644 --- a/http/exposed-panels/symantec/symantec-dlp-login.yaml +++ b/http/exposed-panels/symantec/symantec-dlp-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: symantec product: data_loss_prevention - max-request: 1 shodan-query: http.title:"Symantec Data Loss Prevention" tags: symantec,panel,login diff --git a/http/exposed-panels/symantec/symantec-epm-login.yaml b/http/exposed-panels/symantec/symantec-epm-login.yaml index 64311db2db..c7fb0a3257 100644 --- a/http/exposed-panels/symantec/symantec-epm-login.yaml +++ b/http/exposed-panels/symantec/symantec-epm-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: symantec product: endpoint_protection_manager - max-request: 1 shodan-query: http.title:"Symantec Endpoint Protection Manager" tags: symantec,panel,login diff --git a/http/exposed-panels/symantec/symantec-iam-console.yaml b/http/exposed-panels/symantec/symantec-iam-console.yaml index eed01ec0b7..8faa3f8517 100644 --- a/http/exposed-panels/symantec/symantec-iam-console.yaml +++ b/http/exposed-panels/symantec/symantec-iam-console.yaml @@ -9,9 +9,9 @@ info: reference: - https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/identity-manager/14-4/configuring/environments-overview/management-console.html metadata: + max-request: 1 vendor: broadcom product: symantec_identity_manager - max-request: 1 tags: symantec,panel,login http: diff --git a/http/exposed-panels/syncserver-panel.yaml b/http/exposed-panels/syncserver-panel.yaml index cb55d6e538..078e89b8ef 100644 --- a/http/exposed-panels/syncserver-panel.yaml +++ b/http/exposed-panels/syncserver-panel.yaml @@ -5,10 +5,10 @@ info: author: DhiyaneshDk severity: info metadata: - vendor: microchip - product: syncserver_s650_firmware verified: true max-request: 1 + vendor: microchip + product: syncserver_s650_firmware shodan-query: html:"Symmetricom SyncServer" tags: panel,login,syncserver,symmetricom,detect diff --git a/http/exposed-panels/syncthru-web-service.yaml b/http/exposed-panels/syncthru-web-service.yaml index 7d9fe9b9ef..ee56a81ad0 100644 --- a/http/exposed-panels/syncthru-web-service.yaml +++ b/http/exposed-panels/syncthru-web-service.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: samsung - product: syncthru_web_service verified: true max-request: 1 + vendor: samsung + product: syncthru_web_service shodan-query: title:"SyncThru Web Service" tags: edb,panel,syncthru,printer diff --git a/http/exposed-panels/sysaid-panel.yaml b/http/exposed-panels/sysaid-panel.yaml index 2553b77f29..e1cd526bd5 100644 --- a/http/exposed-panels/sysaid-panel.yaml +++ b/http/exposed-panels/sysaid-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: sysaid product: sysaid - max-request: 2 tags: panel,sysaid,helpdesk http: diff --git a/http/exposed-panels/tableau-service-manager.yaml b/http/exposed-panels/tableau-service-manager.yaml index 9d67c04f36..b75036bc05 100644 --- a/http/exposed-panels/tableau-service-manager.yaml +++ b/http/exposed-panels/tableau-service-manager.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: tableausoftware - product: tableau_server verified: true max-request: 1 + vendor: tableausoftware + product: tableau_server shodan-query: title:"Login - Tableau Services Manager" tags: panel,tableau diff --git a/http/exposed-panels/tautulli-panel.yaml b/http/exposed-panels/tautulli-panel.yaml index 554b7c39fa..9a8c09b2cc 100644 --- a/http/exposed-panels/tautulli-panel.yaml +++ b/http/exposed-panels/tautulli-panel.yaml @@ -10,10 +10,10 @@ info: - https://tautulli.com/ - https://github.com/Tautulli/Tautulli metadata: - vendor: tautulli - product: tautulli verified: true max-request: 2 + vendor: tautulli + product: tautulli shodan-query: title:"TAUTULLI" tags: panel,tautulli,detect diff --git a/http/exposed-panels/teamcity-login-panel.yaml b/http/exposed-panels/teamcity-login-panel.yaml index b2b27a87e4..d0c7776c13 100644 --- a/http/exposed-panels/teamcity-login-panel.yaml +++ b/http/exposed-panels/teamcity-login-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: jetbrains - product: teamcity verified: true max-request: 1 + vendor: jetbrains + product: teamcity shodan-query: http.component:"TeamCity" tags: panel,teamcity,jetbrains,detect diff --git a/http/exposed-panels/teampass-panel.yaml b/http/exposed-panels/teampass-panel.yaml index e876d49853..15387aa3c3 100644 --- a/http/exposed-panels/teampass-panel.yaml +++ b/http/exposed-panels/teampass-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: teampass - product: teampass verified: true max-request: 2 + vendor: teampass + product: teampass shodan-query: http.html:"teampass" tags: panel,teampass diff --git a/http/exposed-panels/telesquare/tlr-2005ksh-login.yaml b/http/exposed-panels/telesquare/tlr-2005ksh-login.yaml index 0502eddf89..6d8fe7251b 100644 --- a/http/exposed-panels/telesquare/tlr-2005ksh-login.yaml +++ b/http/exposed-panels/telesquare/tlr-2005ksh-login.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: telesquare - product: tlr-2005ksh_firmware verified: true max-request: 1 + vendor: telesquare + product: tlr-2005ksh_firmware shodan-query: http.html:"TLR-2005KSH" tags: panel,router,telesquare diff --git a/http/exposed-panels/teradici-pcoip-panel.yaml b/http/exposed-panels/teradici-pcoip-panel.yaml index 46cf28b63a..f6e2205631 100644 --- a/http/exposed-panels/teradici-pcoip-panel.yaml +++ b/http/exposed-panels/teradici-pcoip-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: teradici product: pcoip_client - max-request: 1 tags: panel,teradici,pcoip http: diff --git a/http/exposed-panels/terraform-enterprise-panel.yaml b/http/exposed-panels/terraform-enterprise-panel.yaml index 54ae79e4dd..57f2f955d1 100644 --- a/http/exposed-panels/terraform-enterprise-panel.yaml +++ b/http/exposed-panels/terraform-enterprise-panel.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: hashicorp product: terraform - max-request: 1 shodan-query: title:"Terraform Enterprise" google-query: intitle:"Terraform Enterprise" tags: panel,terraform diff --git a/http/exposed-panels/thinfinity-virtualui-panel.yaml b/http/exposed-panels/thinfinity-virtualui-panel.yaml index 3640f593f7..e3ee38850e 100644 --- a/http/exposed-panels/thinfinity-virtualui-panel.yaml +++ b/http/exposed-panels/thinfinity-virtualui-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: cybelesoft product: thinfinity_virtualui - max-request: 1 shodan-query: http.title:"Thinfinity VirtualUI" tags: panel,thinfinity,virtualui diff --git a/http/exposed-panels/thruk-login.yaml b/http/exposed-panels/thruk-login.yaml index 8ff1a69495..bbe0a58794 100644 --- a/http/exposed-panels/thruk-login.yaml +++ b/http/exposed-panels/thruk-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: thruk product: thruk - max-request: 1 fofa-query: title=="Thruk Monitoring Webinterface" tags: thruk,panel diff --git a/http/exposed-panels/tikiwiki-cms.yaml b/http/exposed-panels/tikiwiki-cms.yaml index 72197beffb..5cb7311dc6 100644 --- a/http/exposed-panels/tikiwiki-cms.yaml +++ b/http/exposed-panels/tikiwiki-cms.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: tiki product: tikiwiki_cms\/groupware - max-request: 2 tags: panel,tikiwiki http: diff --git a/http/exposed-panels/tomcat/tomcat-exposed-docs.yaml b/http/exposed-panels/tomcat/tomcat-exposed-docs.yaml index a44db18b1b..e76fcd96a2 100644 --- a/http/exposed-panels/tomcat/tomcat-exposed-docs.yaml +++ b/http/exposed-panels/tomcat/tomcat-exposed-docs.yaml @@ -5,9 +5,9 @@ info: author: Podalirius severity: info metadata: + max-request: 1 vendor: apache product: tomcat - max-request: 1 shodan-query: title:"Apache Tomcat" tags: version,tomcat,docs,panel diff --git a/http/exposed-panels/totemomail-panel.yaml b/http/exposed-panels/totemomail-panel.yaml index 4ee3e4f856..a364a7a3c3 100644 --- a/http/exposed-panels/totemomail-panel.yaml +++ b/http/exposed-panels/totemomail-panel.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: totemo - product: totemomail verified: true max-request: 2 + vendor: totemo + product: totemomail google-query: intext:"totemomail" inurl:responsiveUI tags: totemomail,panel diff --git a/http/exposed-panels/tracer-sc-login.yaml b/http/exposed-panels/tracer-sc-login.yaml index d37585cc2a..e3c4da04ec 100644 --- a/http/exposed-panels/tracer-sc-login.yaml +++ b/http/exposed-panels/tracer-sc-login.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: trane product: tracer_sc - max-request: 1 tags: tracer,trane,iot,panel,login http: diff --git a/http/exposed-panels/traefik-dashboard.yaml b/http/exposed-panels/traefik-dashboard.yaml index 568d00a8cc..cdb79a86dd 100644 --- a/http/exposed-panels/traefik-dashboard.yaml +++ b/http/exposed-panels/traefik-dashboard.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: traefik - product: traefik verified: true max-request: 1 + vendor: traefik + product: traefik shodan-query: http.title:"traefik" tags: panel,traefik diff --git a/http/exposed-panels/trendnet/trendnet-tew827dru-login.yaml b/http/exposed-panels/trendnet/trendnet-tew827dru-login.yaml index 2b541103e3..a877566082 100644 --- a/http/exposed-panels/trendnet/trendnet-tew827dru-login.yaml +++ b/http/exposed-panels/trendnet/trendnet-tew827dru-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: trendnet product: tew-827dru_firmware - max-request: 1 shodan-query: http.html:"TEW-827DRU" tags: panel,router,trendnet diff --git a/http/exposed-panels/tufin-securetrack-login.yaml b/http/exposed-panels/tufin-securetrack-login.yaml index 9af178d977..6d64d1ef64 100644 --- a/http/exposed-panels/tufin-securetrack-login.yaml +++ b/http/exposed-panels/tufin-securetrack-login.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: tufin product: securetrack - max-request: 1 shodan-query: http.title:"SecureTrack - Tufin Technologies" google-query: intitle:"SecureTrack - Tufin Technologies" tags: panel,tufin diff --git a/http/exposed-panels/typo3-login.yaml b/http/exposed-panels/typo3-login.yaml index 230f81e577..39faa2c921 100644 --- a/http/exposed-panels/typo3-login.yaml +++ b/http/exposed-panels/typo3-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: typo3 product: typo3 - max-request: 1 tags: panel,typo3 http: diff --git a/http/exposed-panels/umbraco-login.yaml b/http/exposed-panels/umbraco-login.yaml index cfe96ea306..793bc3a93b 100644 --- a/http/exposed-panels/umbraco-login.yaml +++ b/http/exposed-panels/umbraco-login.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: umbraco - product: umbraco_cms verified: true max-request: 1 + vendor: umbraco + product: umbraco_cms shodan-query: http.title:"Umbraco" tags: panel,umbraco,detect diff --git a/http/exposed-panels/unauth/tautulli-unauth.yaml b/http/exposed-panels/unauth/tautulli-unauth.yaml index 4ce1a45bcf..a5bec6e939 100644 --- a/http/exposed-panels/unauth/tautulli-unauth.yaml +++ b/http/exposed-panels/unauth/tautulli-unauth.yaml @@ -5,10 +5,10 @@ info: author: ritikchaddha severity: medium metadata: - vendor: tautulli - product: tautulli verified: true max-request: 1 + vendor: tautulli + product: tautulli shodan-query: title:"Tautulli - Home" tags: panel,misconfig,tautulli,unauth,exposure diff --git a/http/exposed-panels/untangle-admin-login.yaml b/http/exposed-panels/untangle-admin-login.yaml index 151addef8d..0e39ff80de 100644 --- a/http/exposed-panels/untangle-admin-login.yaml +++ b/http/exposed-panels/untangle-admin-login.yaml @@ -12,10 +12,10 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: - vendor: untangle - product: ng_firewall verified: true max-request: 2 + vendor: untangle + product: ng_firewall shodan-query: title:"Untangle Administrator Login" tags: panel,untangle,admin,login diff --git a/http/exposed-panels/vault-panel.yaml b/http/exposed-panels/vault-panel.yaml index a31f6a3153..3ac4463448 100644 --- a/http/exposed-panels/vault-panel.yaml +++ b/http/exposed-panels/vault-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: hashicorp - product: vault verified: true max-request: 2 + vendor: hashicorp + product: vault shodan-query: http.favicon.hash:-919788577 tags: panel,vault,detect diff --git a/http/exposed-panels/veeam-panel.yaml b/http/exposed-panels/veeam-panel.yaml index 0b4e445d98..5dbc2170c2 100644 --- a/http/exposed-panels/veeam-panel.yaml +++ b/http/exposed-panels/veeam-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: veeam - product: one_reporter verified: true max-request: 1 + vendor: veeam + product: one_reporter shodan-query: http.favicon.hash:-633512412 tags: panel,veeam diff --git a/http/exposed-panels/virtua-software-panel.yaml b/http/exposed-panels/virtua-software-panel.yaml index cc61413d09..ddec5e5679 100644 --- a/http/exposed-panels/virtua-software-panel.yaml +++ b/http/exposed-panels/virtua-software-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: virtuasoftware - product: cobranca verified: true max-request: 1 + vendor: virtuasoftware + product: cobranca shodan-query: http.favicon.hash:876876147 tags: panel,virtua diff --git a/http/exposed-panels/vmware-cloud-director.yaml b/http/exposed-panels/vmware-cloud-director.yaml index 2355e6b46d..ea41609ca2 100644 --- a/http/exposed-panels/vmware-cloud-director.yaml +++ b/http/exposed-panels/vmware-cloud-director.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: vmware - product: cloud_director verified: true max-request: 1 + vendor: vmware + product: cloud_director shodan-query: title:"Welcome to VMware Cloud Director" tags: panel,vmware diff --git a/http/exposed-panels/vmware-horizon-daas.yaml b/http/exposed-panels/vmware-horizon-daas.yaml index 84f129417f..2e58767e97 100644 --- a/http/exposed-panels/vmware-horizon-daas.yaml +++ b/http/exposed-panels/vmware-horizon-daas.yaml @@ -5,10 +5,10 @@ info: author: DhiyaneshDK severity: info metadata: - vendor: vmware - product: horizon_daas verified: true max-request: 1 + vendor: vmware + product: horizon_daas shodan-query: title:"Horizon DaaS" tags: panel,vmware diff --git a/http/exposed-panels/vmware-horizon-panel.yaml b/http/exposed-panels/vmware-horizon-panel.yaml index 0ebe279eee..09981106b1 100644 --- a/http/exposed-panels/vmware-horizon-panel.yaml +++ b/http/exposed-panels/vmware-horizon-panel.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: vmware product: horizon - max-request: 2 tags: horizon,vmware,edb,panel http: diff --git a/http/exposed-panels/vmware-vcenter-converter-standalone.yaml b/http/exposed-panels/vmware-vcenter-converter-standalone.yaml index 81b4136f1a..94d94d81e7 100644 --- a/http/exposed-panels/vmware-vcenter-converter-standalone.yaml +++ b/http/exposed-panels/vmware-vcenter-converter-standalone.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: vmware - product: vcenter_converter_standalone verified: true max-request: 1 + vendor: vmware + product: vcenter_converter_standalone shodan-query: title:"VMware vCenter Converter Standalone" tags: panel,vmware,vcenter diff --git a/http/exposed-panels/vmware-vcloud-director.yaml b/http/exposed-panels/vmware-vcloud-director.yaml index 7e27305769..2d1aa0b8ab 100644 --- a/http/exposed-panels/vmware-vcloud-director.yaml +++ b/http/exposed-panels/vmware-vcloud-director.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: vmware - product: vcloud_director verified: true max-request: 1 + vendor: vmware + product: vcloud_director shodan-query: title:"VMware vCloud Director" tags: panel,vmware,vcloud diff --git a/http/exposed-panels/voipmonitor-panel.yaml b/http/exposed-panels/voipmonitor-panel.yaml index e08d81ec9f..2b79d4b3a2 100644 --- a/http/exposed-panels/voipmonitor-panel.yaml +++ b/http/exposed-panels/voipmonitor-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: voipmonitor product: voipmonitor - max-request: 1 shodan-query: http.title:"VoIPmonitor" tags: panel,voipmonitor,login diff --git a/http/exposed-panels/vrealize-loginsight-panel.yaml b/http/exposed-panels/vrealize-loginsight-panel.yaml index ddb1259bee..df9ca347ba 100644 --- a/http/exposed-panels/vrealize-loginsight-panel.yaml +++ b/http/exposed-panels/vrealize-loginsight-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: vmware - product: vrealize_log_insight verified: true max-request: 1 + vendor: vmware + product: vrealize_log_insight shodan-query: title:"vRealize Log insight" tags: panel,vmware,vrealize diff --git a/http/exposed-panels/vue-pacs-panel.yaml b/http/exposed-panels/vue-pacs-panel.yaml index 6535b8adf2..a229ebe56c 100644 --- a/http/exposed-panels/vue-pacs-panel.yaml +++ b/http/exposed-panels/vue-pacs-panel.yaml @@ -9,10 +9,10 @@ info: reference: - https://www.usa.philips.com/healthcare/solutions/diagnostic-informatics/enterprise-imaging-pacs metadata: - vendor: philips - product: vue_pacs verified: true max-request: 1 + vendor: philips + product: vue_pacs shodan-query: http.title:"Vue PACS" tags: vue,pacs,panel,login diff --git a/http/exposed-panels/wagtail-cms-detect.yaml b/http/exposed-panels/wagtail-cms-detect.yaml index 501b09dbbd..e8f100bed5 100644 --- a/http/exposed-panels/wagtail-cms-detect.yaml +++ b/http/exposed-panels/wagtail-cms-detect.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: torchbox - product: wagtail verified: true max-request: 2 + vendor: torchbox + product: wagtail shodan-query: title:"Wagtail - Sign in" tags: panel,wagtail diff --git a/http/exposed-panels/watchguard-panel.yaml b/http/exposed-panels/watchguard-panel.yaml index f7e942b081..e3a3b0478b 100644 --- a/http/exposed-panels/watchguard-panel.yaml +++ b/http/exposed-panels/watchguard-panel.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: watchguard product: firebox_t15 - max-request: 1 tags: watchguard,edb,panel http: diff --git a/http/exposed-panels/wazuh-panel.yaml b/http/exposed-panels/wazuh-panel.yaml index d3beda1723..66895ac6f2 100644 --- a/http/exposed-panels/wazuh-panel.yaml +++ b/http/exposed-panels/wazuh-panel.yaml @@ -8,9 +8,9 @@ info: reference: - https://github.com/wazuh/wazuh metadata: + max-request: 1 vendor: wazuh product: wazuh - max-request: 1 shodan-query: http.title:"Wazuh" tags: panel,wazuh,login diff --git a/http/exposed-panels/wd-mycloud-panel.yaml b/http/exposed-panels/wd-mycloud-panel.yaml index cb70037f99..08a714b493 100644 --- a/http/exposed-panels/wd-mycloud-panel.yaml +++ b/http/exposed-panels/wd-mycloud-panel.yaml @@ -7,10 +7,10 @@ info: reference: - https://www.zerodayinitiative.com/blog/2023/4/19/cve-2022-29844-a-classic-buffer-overflow-on-the-western-digital-my-cloud-pro-series-pr4100 metadata: - vendor: western_digital - product: mycloud_nas verified: true max-request: 1 + vendor: western_digital + product: mycloud_nas shodan-query: http.favicon.hash:-1074357885 tags: panel,login,mycloud,wd,detect diff --git a/http/exposed-panels/web-viewer-panel.yaml b/http/exposed-panels/web-viewer-panel.yaml index 428c8d1215..44bf19679a 100644 --- a/http/exposed-panels/web-viewer-panel.yaml +++ b/http/exposed-panels/web-viewer-panel.yaml @@ -5,10 +5,10 @@ info: author: JustaAcat severity: info metadata: - vendor: samsung - product: dvr verified: true max-request: 1 + vendor: samsung + product: dvr shodan-query: title:"Web Viewer for Samsung DVR" tags: panel,web-viewer,detect diff --git a/http/exposed-panels/webeditors-check-detect.yaml b/http/exposed-panels/webeditors-check-detect.yaml index 45cc93aa9d..3302e289fb 100644 --- a/http/exposed-panels/webeditors-check-detect.yaml +++ b/http/exposed-panels/webeditors-check-detect.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 17 vendor: ckeditor product: ckeditor - max-request: 17 tags: panel,webeditors http: diff --git a/http/exposed-panels/weblogic-login.yaml b/http/exposed-panels/weblogic-login.yaml index 84e981785f..e6ccd43ff8 100644 --- a/http/exposed-panels/weblogic-login.yaml +++ b/http/exposed-panels/weblogic-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: oracle product: weblogic_server - max-request: 1 shodan-query: product:"Oracle Weblogic" tags: panel,oracle,weblogic,login diff --git a/http/exposed-panels/weblogic-uddiexplorer.yaml b/http/exposed-panels/weblogic-uddiexplorer.yaml index 17272f2820..f1f52fce2e 100644 --- a/http/exposed-panels/weblogic-uddiexplorer.yaml +++ b/http/exposed-panels/weblogic-uddiexplorer.yaml @@ -13,9 +13,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: oracle product: weblogic_server - max-request: 1 tags: panel,oracle,weblogic,tenable http: diff --git a/http/exposed-panels/webmin-panel.yaml b/http/exposed-panels/webmin-panel.yaml index 062e869232..fce866d69c 100644 --- a/http/exposed-panels/webmin-panel.yaml +++ b/http/exposed-panels/webmin-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 2 vendor: webmin product: webmin - max-request: 2 tags: panel,webmin http: diff --git a/http/exposed-panels/webtitan-cloud-panel.yaml b/http/exposed-panels/webtitan-cloud-panel.yaml index a64f7b917f..e2c4b41e0b 100644 --- a/http/exposed-panels/webtitan-cloud-panel.yaml +++ b/http/exposed-panels/webtitan-cloud-panel.yaml @@ -7,10 +7,10 @@ info: description: | WebTitan Cloud is a cloud-based web filtering solution that monitors, controls, and protects users and businesses online. It blocks malware, phishing, viruses, ransomware, and malicious sites. metadata: - vendor: titanhq - product: webtitan verified: true max-request: 1 + vendor: titanhq + product: webtitan shodan-query: http.favicon.hash:1090061843 fofa-query: title="WebTitan" tags: panel,webtitan,cloud,detect diff --git a/http/exposed-panels/webtransfer-client-panel.yaml b/http/exposed-panels/webtransfer-client-panel.yaml index 6c4b5a2b64..80409b2230 100644 --- a/http/exposed-panels/webtransfer-client-panel.yaml +++ b/http/exposed-panels/webtransfer-client-panel.yaml @@ -1,18 +1,18 @@ id: webtransfer-client-panel -info: - name: Web Transfer Client Login Panel - Detect - author: righettod - severity: info - description: Progress Web Transfer Client login panel was detected. - reference: - - https://www.progress.com/ftp-server/web-transfer - metadata: - max-request: 1 - verified: true - shodan-query: http.title:"Web Transfer Client" - tags: panel,webtransferclient,login,detect - +info: + name: Web Transfer Client Login Panel - Detect + author: righettod + severity: info + description: Progress Web Transfer Client login panel was detected. + reference: + - https://www.progress.com/ftp-server/web-transfer + metadata: + verified: true + max-request: 1 + shodan-query: http.title:"Web Transfer Client" + tags: panel,webtransferclient,login,detect + http: - method: GET path: diff --git a/http/exposed-panels/webuzo-admin-panel.yaml b/http/exposed-panels/webuzo-admin-panel.yaml index 10e54f91cf..8d95dd99a6 100644 --- a/http/exposed-panels/webuzo-admin-panel.yaml +++ b/http/exposed-panels/webuzo-admin-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: softaculous - product: webuzo verified: true max-request: 1 + vendor: softaculous + product: webuzo shodan-query: http.title:"Webuzo - Admin Panel" tags: panel,webuzo,admin diff --git a/http/exposed-panels/weiphp-panel.yaml b/http/exposed-panels/weiphp-panel.yaml index 2e406f9077..c1ea72359e 100644 --- a/http/exposed-panels/weiphp-panel.yaml +++ b/http/exposed-panels/weiphp-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: weiphp - product: weiphp verified: true max-request: 1 + vendor: weiphp + product: weiphp shodan-query: http.html:"weiphp" tags: panel,weiphp diff --git a/http/exposed-panels/whm-login-detect.yaml b/http/exposed-panels/whm-login-detect.yaml index 3284967f42..33a5575ad1 100644 --- a/http/exposed-panels/whm-login-detect.yaml +++ b/http/exposed-panels/whm-login-detect.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: cpanel product: whm - max-request: 1 tags: edb,whm,panel,login http: diff --git a/http/exposed-panels/wordpress-login.yaml b/http/exposed-panels/wordpress-login.yaml index 4f3b33d791..ff3af78c9f 100644 --- a/http/exposed-panels/wordpress-login.yaml +++ b/http/exposed-panels/wordpress-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: wordpress product: wordpress - max-request: 1 tags: panel,wordpress http: diff --git a/http/exposed-panels/workspace-one-uem.yaml b/http/exposed-panels/workspace-one-uem.yaml index ba9473160e..77e4d0d572 100644 --- a/http/exposed-panels/workspace-one-uem.yaml +++ b/http/exposed-panels/workspace-one-uem.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: vmware - product: workspace_one_uem verified: true max-request: 1 + vendor: vmware + product: workspace_one_uem shodan-query: http.html:"Airwatch" tags: panel,workspaceone,vmware diff --git a/http/exposed-panels/wowza-streaming-engine.yaml b/http/exposed-panels/wowza-streaming-engine.yaml index e452f2270a..916a5f2152 100644 --- a/http/exposed-panels/wowza-streaming-engine.yaml +++ b/http/exposed-panels/wowza-streaming-engine.yaml @@ -6,9 +6,9 @@ info: severity: info description: Wowza Streaming Engine Manager panel was detected. metadata: + max-request: 1 vendor: wowza product: streaming_engine - max-request: 1 shodan-query: http.title:"Manager" product:"Wowza Streaming Engine" tags: panel diff --git a/http/exposed-panels/wso2-management-console.yaml b/http/exposed-panels/wso2-management-console.yaml index 525f477178..c98311fa20 100644 --- a/http/exposed-panels/wso2-management-console.yaml +++ b/http/exposed-panels/wso2-management-console.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: wso2 product: api_manager - max-request: 1 shodan-query: http.favicon.hash:1398055326 tags: panel,wso2,edb diff --git a/http/exposed-panels/xeams-admin-console.yaml b/http/exposed-panels/xeams-admin-console.yaml index 085baa1902..f6d2baa692 100644 --- a/http/exposed-panels/xeams-admin-console.yaml +++ b/http/exposed-panels/xeams-admin-console.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: synametrics - product: xeams verified: true max-request: 2 + vendor: synametrics + product: xeams shodan-query: http.title:"Xeams Admin" tags: panel,xeams,admin,console diff --git a/http/exposed-panels/xenmobile-login.yaml b/http/exposed-panels/xenmobile-login.yaml index eba784be68..e70f29a8f4 100644 --- a/http/exposed-panels/xenmobile-login.yaml +++ b/http/exposed-panels/xenmobile-login.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: citrix product: xenmobile_device_manager_mdm - max-request: 1 tags: panel,edb http: diff --git a/http/exposed-panels/xoops/xoops-installation-wizard.yaml b/http/exposed-panels/xoops/xoops-installation-wizard.yaml index 6546e33361..7142096081 100644 --- a/http/exposed-panels/xoops/xoops-installation-wizard.yaml +++ b/http/exposed-panels/xoops/xoops-installation-wizard.yaml @@ -6,9 +6,9 @@ info: severity: low description: XOOPS Installation Wizard panel was detected. metadata: + max-request: 1 vendor: xoops product: xoops - max-request: 1 tags: panel,xoops http: diff --git a/http/exposed-panels/xvr-login.yaml b/http/exposed-panels/xvr-login.yaml index a15d6c8164..b56a3b5c20 100644 --- a/http/exposed-panels/xvr-login.yaml +++ b/http/exposed-panels/xvr-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: dahuasecurity product: xvr5xxx - max-request: 1 shodan-query: http.title:"XVR LOGIN" tags: panel,xvr diff --git a/http/exposed-panels/xxljob-panel.yaml b/http/exposed-panels/xxljob-panel.yaml index 49da482afc..fd7f0265c3 100644 --- a/http/exposed-panels/xxljob-panel.yaml +++ b/http/exposed-panels/xxljob-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: xuxueli - product: xxl-job verified: true max-request: 2 + vendor: xuxueli + product: xxl-job shodan-query: http.favicon.hash:1691956220 tags: panel,xxljob,login diff --git a/http/exposed-panels/yarn-manager-exposure.yaml b/http/exposed-panels/yarn-manager-exposure.yaml index 5962c0ef47..f7cac04c7c 100644 --- a/http/exposed-panels/yarn-manager-exposure.yaml +++ b/http/exposed-panels/yarn-manager-exposure.yaml @@ -6,9 +6,9 @@ info: severity: low description: Apache YARN ResourceManager panel was detected. metadata: + max-request: 1 vendor: apache product: hadoop - max-request: 1 tags: panel,apache,yarn,exposure http: diff --git a/http/exposed-panels/yzmcms-panel.yaml b/http/exposed-panels/yzmcms-panel.yaml index 200f22b35b..d3b400fdf9 100644 --- a/http/exposed-panels/yzmcms-panel.yaml +++ b/http/exposed-panels/yzmcms-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: yzmcms product: yzmcms - max-request: 1 shodan-query: http.title:"YzmCMS" tags: panel,yzmcms,login diff --git a/http/exposed-panels/zabbix-server-login.yaml b/http/exposed-panels/zabbix-server-login.yaml index c7bfca3f71..3c1880a181 100644 --- a/http/exposed-panels/zabbix-server-login.yaml +++ b/http/exposed-panels/zabbix-server-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: zabbix product: zabbix - max-request: 1 shodan-query: http.title:"zabbix-server" tags: panel,zabbix diff --git a/http/exposed-panels/zblog-exposed-admin-panel.yaml b/http/exposed-panels/zblog-exposed-admin-panel.yaml index bbcd1e42ad..33fa68ab87 100644 --- a/http/exposed-panels/zblog-exposed-admin-panel.yaml +++ b/http/exposed-panels/zblog-exposed-admin-panel.yaml @@ -12,10 +12,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: zblogcn - product: zblogphp verified: true max-request: 1 + vendor: zblogcn + product: zblogphp shodan-query: http.title:zblog tags: zblog,panel diff --git a/http/exposed-panels/zenario-login-panel.yaml b/http/exposed-panels/zenario-login-panel.yaml index 391e737466..d020d72ab9 100644 --- a/http/exposed-panels/zenario-login-panel.yaml +++ b/http/exposed-panels/zenario-login-panel.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: tribalsystems product: zenario - max-request: 1 tags: panel,zenario http: diff --git a/http/exposed-panels/zentao-detect.yaml b/http/exposed-panels/zentao-detect.yaml index 1749b04c0f..1ba21e7ca1 100644 --- a/http/exposed-panels/zentao-detect.yaml +++ b/http/exposed-panels/zentao-detect.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: easycorp product: zentao - max-request: 1 tags: panel http: diff --git a/http/exposed-panels/zeroshell-login.yaml b/http/exposed-panels/zeroshell-login.yaml index 2492edeff8..b0a6a39685 100644 --- a/http/exposed-panels/zeroshell-login.yaml +++ b/http/exposed-panels/zeroshell-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: zeroshell product: zeroshell - max-request: 1 shodan-query: http.title:"ZeroShell" tags: panel,zeroshell diff --git a/http/exposed-panels/zimbra-web-client.yaml b/http/exposed-panels/zimbra-web-client.yaml index b210c77208..4a7b4170fb 100644 --- a/http/exposed-panels/zimbra-web-client.yaml +++ b/http/exposed-panels/zimbra-web-client.yaml @@ -13,10 +13,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: synacor - product: zimbra_collaboration_suite verified: true max-request: 1 + vendor: synacor + product: zimbra_collaboration_suite shodan-query: http.title:"Zimbra Web Client Sign In" tags: edb,panel,zimbra diff --git a/http/exposed-panels/zimbra-web-login.yaml b/http/exposed-panels/zimbra-web-login.yaml index 4e616ca0a8..95aeb55cf8 100644 --- a/http/exposed-panels/zimbra-web-login.yaml +++ b/http/exposed-panels/zimbra-web-login.yaml @@ -13,10 +13,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: synacor - product: zimbra_collaboration_suite verified: true max-request: 1 + vendor: synacor + product: zimbra_collaboration_suite shodan-query: http.title:"Zimbra Collaboration Suite" tags: panel,zimbra diff --git a/http/exposed-panels/zoho/manageengine-adaudit.yaml b/http/exposed-panels/zoho/manageengine-adaudit.yaml index 7d576ca15d..679fb345dd 100644 --- a/http/exposed-panels/zoho/manageengine-adaudit.yaml +++ b/http/exposed-panels/zoho/manageengine-adaudit.yaml @@ -14,10 +14,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: zohocorp - product: manageengine_adaudit_plus verified: true max-request: 2 + vendor: zohocorp + product: manageengine_adaudit_plus shodan-query: http.title:"ADAudit Plus" || http.title:"ManageEngine - ADManager Plus" tags: panel,zoho,manageengine diff --git a/http/exposed-panels/zoho/manageengine-adselfservice.yaml b/http/exposed-panels/zoho/manageengine-adselfservice.yaml index d4f777ad09..d30fb4e628 100644 --- a/http/exposed-panels/zoho/manageengine-adselfservice.yaml +++ b/http/exposed-panels/zoho/manageengine-adselfservice.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: zohocorp - product: manageengine_adselfservice_plus verified: true max-request: 2 + vendor: zohocorp + product: manageengine_adselfservice_plus shodan-query: http.title:"ADSelfService Plus" tags: panel,zoho,manageengine diff --git a/http/exposed-panels/zoho/manageengine-analytics.yaml b/http/exposed-panels/zoho/manageengine-analytics.yaml index 86e0ce39a4..0e775cc0e8 100644 --- a/http/exposed-panels/zoho/manageengine-analytics.yaml +++ b/http/exposed-panels/zoho/manageengine-analytics.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: zohocorp product: manageengine_analytics_plus - max-request: 1 fofa-query: app="ZOHO-流量管理" tags: panel,zoho,manageengine diff --git a/http/exposed-panels/zoho/manageengine-apex-helpdesk.yaml b/http/exposed-panels/zoho/manageengine-apex-helpdesk.yaml index 60588735e7..3f00a25983 100644 --- a/http/exposed-panels/zoho/manageengine-apex-helpdesk.yaml +++ b/http/exposed-panels/zoho/manageengine-apex-helpdesk.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: zohocorp product: manageengine_analytics_plus - max-request: 1 shodan-query: http.title:"APEX IT Help Desk" tags: panel,zoho,manageengine diff --git a/http/exposed-panels/zoho/manageengine-applications-manager.yaml b/http/exposed-panels/zoho/manageengine-applications-manager.yaml index 416b387e2c..1e9913f75a 100644 --- a/http/exposed-panels/zoho/manageengine-applications-manager.yaml +++ b/http/exposed-panels/zoho/manageengine-applications-manager.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: zohocorp product: manageengine_applications_manager - max-request: 1 tags: panel,zoho,manageengine http: diff --git a/http/exposed-panels/zoho/manageengine-assetexplorer.yaml b/http/exposed-panels/zoho/manageengine-assetexplorer.yaml index 46f69b6ded..3f42d8b077 100644 --- a/http/exposed-panels/zoho/manageengine-assetexplorer.yaml +++ b/http/exposed-panels/zoho/manageengine-assetexplorer.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: zohocorp product: manageengine_assetexplorer - max-request: 1 shodan-query: http.title:"ManageEngine AssetExplorer" tags: panel,zoho,manageengine diff --git a/http/exposed-panels/zoho/manageengine-desktop.yaml b/http/exposed-panels/zoho/manageengine-desktop.yaml index 31e4069768..77ee23c616 100644 --- a/http/exposed-panels/zoho/manageengine-desktop.yaml +++ b/http/exposed-panels/zoho/manageengine-desktop.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: zohocorp product: manageengine_desktop_central - max-request: 1 shodan-query: http.title:"ManageEngine Desktop Central 10" tags: panel,zoho,manageengine diff --git a/http/exposed-panels/zoho/manageengine-network-config.yaml b/http/exposed-panels/zoho/manageengine-network-config.yaml index 87249427a7..8fe60ca548 100644 --- a/http/exposed-panels/zoho/manageengine-network-config.yaml +++ b/http/exposed-panels/zoho/manageengine-network-config.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: zohocorp - product: manageengine_network_configuration_manager verified: true max-request: 1 + vendor: zohocorp + product: manageengine_network_configuration_manager shodan-query: http.title:"Network Configuration Manager" tags: panel,zoho,manageengine diff --git a/http/exposed-panels/zoho/manageengine-opmanager.yaml b/http/exposed-panels/zoho/manageengine-opmanager.yaml index 7fdb037163..f0ba34caf1 100644 --- a/http/exposed-panels/zoho/manageengine-opmanager.yaml +++ b/http/exposed-panels/zoho/manageengine-opmanager.yaml @@ -12,9 +12,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: zohocorp product: manageengine_opmanager - max-request: 1 shodan-query: http.title:"OpManager Plus" tags: panel,zoho,manageengine diff --git a/http/exposed-panels/zoho/manageengine-servicedesk.yaml b/http/exposed-panels/zoho/manageengine-servicedesk.yaml index 4731249ff4..d55a5114d1 100644 --- a/http/exposed-panels/zoho/manageengine-servicedesk.yaml +++ b/http/exposed-panels/zoho/manageengine-servicedesk.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: zohocorp product: manageengine_servicedesk_plus - max-request: 1 shodan-query: http.title:"ManageEngine ServiceDesk Plus" tags: panel,zoho,manageengine diff --git a/http/exposed-panels/zoho/manageengine-supportcenter.yaml b/http/exposed-panels/zoho/manageengine-supportcenter.yaml index dcfa5c8813..b6bddf58bc 100644 --- a/http/exposed-panels/zoho/manageengine-supportcenter.yaml +++ b/http/exposed-panels/zoho/manageengine-supportcenter.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: zohocorp product: manageengine_supportcenter_plus - max-request: 1 shodan-query: http.title:"ManageEngine SupportCenter Plus" tags: panel,zoho,manageengine diff --git a/http/exposed-panels/zoneminder-login.yaml b/http/exposed-panels/zoneminder-login.yaml index ad6545925a..5c4ac81377 100644 --- a/http/exposed-panels/zoneminder-login.yaml +++ b/http/exposed-panels/zoneminder-login.yaml @@ -10,9 +10,9 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: + max-request: 1 vendor: zoneminder product: zoneminder - max-request: 1 tags: panel,zoneminder http: diff --git a/http/exposed-panels/zyxel-router-panel.yaml b/http/exposed-panels/zyxel-router-panel.yaml index 4267da666d..44e1aaefb4 100644 --- a/http/exposed-panels/zyxel-router-panel.yaml +++ b/http/exposed-panels/zyxel-router-panel.yaml @@ -10,10 +10,10 @@ info: cvss-score: 0 cwe-id: CWE-200 metadata: - vendor: zyxel - product: nr5101 verified: true max-request: 2 + vendor: zyxel + product: nr5101 shodan-query: 'title:"Web-Based Configurator" html:"zyxel"' tags: panel,zyxel,router,iot diff --git a/http/exposed-panels/zyxel/zyxel-vmg1312b10d-login.yaml b/http/exposed-panels/zyxel/zyxel-vmg1312b10d-login.yaml index ce46228b81..c15093b12d 100644 --- a/http/exposed-panels/zyxel/zyxel-vmg1312b10d-login.yaml +++ b/http/exposed-panels/zyxel/zyxel-vmg1312b10d-login.yaml @@ -5,10 +5,10 @@ info: author: princechaddha severity: info metadata: - vendor: zyxel - product: vmg1312-b10d_firmware verified: true max-request: 1 + vendor: zyxel + product: vmg1312-b10d_firmware shodan-query: http.html:"VMG1312-B10D" tags: tech,zyxel,modem,router,panel diff --git a/http/exposures/apis/swagger-api.yaml b/http/exposures/apis/swagger-api.yaml index 433638d12d..98326f2280 100644 --- a/http/exposures/apis/swagger-api.yaml +++ b/http/exposures/apis/swagger-api.yaml @@ -10,9 +10,9 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + verified: true max-request: 59 shodan-query: "http.title:\"swagger\"" - verified: true tags: exposure,api,swagger http: diff --git a/http/exposures/configs/sphinxsearch-config.yaml b/http/exposures/configs/sphinxsearch-config.yaml index 17b471a071..ce144a8976 100644 --- a/http/exposures/configs/sphinxsearch-config.yaml +++ b/http/exposures/configs/sphinxsearch-config.yaml @@ -10,8 +10,8 @@ info: reference: - https://github.com/manticorp/SphinxSearch/blob/master/sphinx.conf.example metadata: - max-request: 7 verified: true + max-request: 7 tags: sphinx,sphinxsearch,exposure,config http: diff --git a/http/exposures/files/ds-store-file.yaml b/http/exposures/files/ds-store-file.yaml index 6aa19d2773..1170335265 100644 --- a/http/exposures/files/ds-store-file.yaml +++ b/http/exposures/files/ds-store-file.yaml @@ -2,9 +2,9 @@ id: ds-store-file info: name: Exposed DS_Store File - description: A .DS_Store file was found. This file may contain names of files that exist on the server, including backups or other files that aren't meant to be publicly available. author: 0w4ys,pwnhxl severity: info + description: A .DS_Store file was found. This file may contain names of files that exist on the server, including backups or other files that aren't meant to be publicly available. reference: - https://github.com/lijiejie/ds_store_exp metadata: diff --git a/http/exposures/files/generic-db.yaml b/http/exposures/files/generic-db.yaml index 99da464258..52d21d14e5 100644 --- a/http/exposures/files/generic-db.yaml +++ b/http/exposures/files/generic-db.yaml @@ -7,37 +7,37 @@ info: description: | This is collection of some web frameworks recommendation or default configuration for SQLite database file location. If this file is publicly accessible due to server misconfiguration, it could result in application data leak including users sensitive data, password hashes etc. reference: - - https://laravel.com/docs/11.x/database#sqlite-configuration # database/database.sqlite - - https://laravel.com/docs/5.2/database # database/database.sqlite - - https://github.com/laracasts/larabook/blob/master/app/config/database.php#L51 # app/database/production.sqlite - - https://forum.codeigniter.com/post-389846.html # writable/db.sqlite3 - - https://github.com/codeigniter4projects/playground/blob/develop/.env.example#L33 # writable/database.db - - https://symfony.com/doc/current/doctrine.html#configuring-the-database # var/app.db - - https://symfony.com/doc/4.x/doctrine.html#configuring-the-database # var/app.db - - https://symfony.com/doc/3.x/doctrine.html # app/sqlite.db - - https://symfony.com/doc/2.x/doctrine.html # sqlite.db - - https://openclassrooms.com/forum/sujet/symfony3-sqlite-could-not-create-database # var/data/db.sqlite - - https://symfony.com/doc/current/reference/configuration/doctrine.html#doctrine-dbal-configuration # var/data/data.sqlite - - https://stackoverflow.com/questions/31762878/sqlite-3-database-with-django # db.sqlite3 - - https://medium.com/@codewithbushra/using-sqlite-as-a-database-backend-in-django-projects-code-with-bushra-d23e3100686e # db.sqlite3 - - https://gist.github.com/jwo/4512764?permalink_comment_id=2235763#gistcomment-2235763 # db/production.sqlite3 - - https://stackoverflow.com/a/30345819/1632572 # db/production.sqlite3 - - https://developerhowto.com/2018/12/29/build-a-rest-api-with-node-js-and-express-js/ # db.sqlite - - https://sqldocs.org/sqlite/sqlite-nodejs/ # mydb.sqlite - - https://stackoverflow.com/questions/41620788/error-database-connection-sqlite-is-missing-or-could-not-be-created-cakephp # app/data/app_db.sqlite - - https://stackoverflow.com/questions/2722383/using-sqlite3-with-cakephp # app/webroot/database.sqlite, app/database.sqlite - - https://levelup.gitconnected.com/how-to-connect-and-use-the-sqlite-database-in-codeigniter-3-48cd50d3e78d # application/databases/db.sqlite - - https://turmanauli.medium.com/how-to-connect-codeigniter-to-sqlite3-database-like-a-pro-2177497a6d30 # application/db/database.sqlite - - https://forum.codeigniter.com/thread-74522.html # application/Database/db1.db - - https://stackoverflow.com/a/37088960/1632572 # application/database/data.db - - https://docs.laminas.dev/tutorials/getting-started/database-and-models/ # data/*.db - - https://phalcon-nucleon.github.io/#!database/getting-started.html # storage/database/database.sqlite - - https://www.yiiframework.com/doc/blog/1.1/en/prototype.database # protected/data/*.db - - https://pusher.com/tutorials/rest-api-slim-part-1/ # db/database.db - - https://www.digitalocean.com/community/tutorials/how-to-use-the-fat-free-php-framework # db/database.sqlite - - https://doc.nette.org/en/database/configuration#toc-single-connection # app/Model/*.db - - https://www.sqlite.org/fileformat.html # SQLite file always starts with "SQLite format {sqlite_version}" - - https://en.wikipedia.org/wiki/List_of_file_signatures # SQLite binary signature: 53 51 4C 69 74 65 20 66 6F 72 6D 61 74 20 + - https://laravel.com/docs/11.x/database#sqlite-configuration # database/database.sqlite + - https://laravel.com/docs/5.2/database # database/database.sqlite + - https://github.com/laracasts/larabook/blob/master/app/config/database.php#L51 # app/database/production.sqlite + - https://forum.codeigniter.com/post-389846.html # writable/db.sqlite3 + - https://github.com/codeigniter4projects/playground/blob/develop/.env.example#L33 # writable/database.db + - https://symfony.com/doc/current/doctrine.html#configuring-the-database # var/app.db + - https://symfony.com/doc/4.x/doctrine.html#configuring-the-database # var/app.db + - https://symfony.com/doc/3.x/doctrine.html # app/sqlite.db + - https://symfony.com/doc/2.x/doctrine.html # sqlite.db + - https://openclassrooms.com/forum/sujet/symfony3-sqlite-could-not-create-database # var/data/db.sqlite + - https://symfony.com/doc/current/reference/configuration/doctrine.html#doctrine-dbal-configuration # var/data/data.sqlite + - https://stackoverflow.com/questions/31762878/sqlite-3-database-with-django # db.sqlite3 + - https://medium.com/@codewithbushra/using-sqlite-as-a-database-backend-in-django-projects-code-with-bushra-d23e3100686e # db.sqlite3 + - https://gist.github.com/jwo/4512764?permalink_comment_id=2235763#gistcomment-2235763 # db/production.sqlite3 + - https://stackoverflow.com/a/30345819/1632572 # db/production.sqlite3 + - https://developerhowto.com/2018/12/29/build-a-rest-api-with-node-js-and-express-js/ # db.sqlite + - https://sqldocs.org/sqlite/sqlite-nodejs/ # mydb.sqlite + - https://stackoverflow.com/questions/41620788/error-database-connection-sqlite-is-missing-or-could-not-be-created-cakephp # app/data/app_db.sqlite + - https://stackoverflow.com/questions/2722383/using-sqlite3-with-cakephp # app/webroot/database.sqlite, app/database.sqlite + - https://levelup.gitconnected.com/how-to-connect-and-use-the-sqlite-database-in-codeigniter-3-48cd50d3e78d # application/databases/db.sqlite + - https://turmanauli.medium.com/how-to-connect-codeigniter-to-sqlite3-database-like-a-pro-2177497a6d30 # application/db/database.sqlite + - https://forum.codeigniter.com/thread-74522.html # application/Database/db1.db + - https://stackoverflow.com/a/37088960/1632572 # application/database/data.db + - https://docs.laminas.dev/tutorials/getting-started/database-and-models/ # data/*.db + - https://phalcon-nucleon.github.io/#!database/getting-started.html # storage/database/database.sqlite + - https://www.yiiframework.com/doc/blog/1.1/en/prototype.database # protected/data/*.db + - https://pusher.com/tutorials/rest-api-slim-part-1/ # db/database.db + - https://www.digitalocean.com/community/tutorials/how-to-use-the-fat-free-php-framework # db/database.sqlite + - https://doc.nette.org/en/database/configuration#toc-single-connection # app/Model/*.db + - https://www.sqlite.org/fileformat.html # SQLite file always starts with "SQLite format {sqlite_version}" + - https://en.wikipedia.org/wiki/List_of_file_signatures # SQLite binary signature: 53 51 4C 69 74 65 20 66 6F 72 6D 61 74 20 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 diff --git a/http/exposures/logs/teampass-ldap.yaml b/http/exposures/logs/teampass-ldap.yaml index c49a5f29fe..d8150c3efd 100644 --- a/http/exposures/logs/teampass-ldap.yaml +++ b/http/exposures/logs/teampass-ldap.yaml @@ -13,8 +13,8 @@ info: cvss-score: 7.5 cwe-id: CWE-200 metadata: - max-request: 1 verified: true + max-request: 1 fofa-query: app="TEAMPASS" tags: exposure,teampass,ldap,logs diff --git a/http/fuzzing/wordpress-plugins-detect.yaml b/http/fuzzing/wordpress-plugins-detect.yaml index 09cb5eb977..d24187e45e 100644 --- a/http/fuzzing/wordpress-plugins-detect.yaml +++ b/http/fuzzing/wordpress-plugins-detect.yaml @@ -5,7 +5,7 @@ info: author: 0xcrypto severity: info metadata: - max-request: 98135 + max-request: 100563 tags: fuzz,wordpress http: diff --git a/http/miscellaneous/maxforwards-headers-detect.yaml b/http/miscellaneous/maxforwards-headers-detect.yaml index 13490d201b..a16c9df15c 100644 --- a/http/miscellaneous/maxforwards-headers-detect.yaml +++ b/http/miscellaneous/maxforwards-headers-detect.yaml @@ -1,21 +1,21 @@ id: maxforwards-headers-detect -info: - name: Max-Forwards Header - Detect - author: righettod - severity: info - description: Max-Forwards response header is specified. - reference: - - https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Max-Forwards - - https://http.dev/max-forwards - - https://twitter.com/irsdl/status/1337299267652825088 - metadata: - verified: true - max-request: 1 - shodan-query: "Max-Forwards:" - fofa-query: header="max-forwards" - tags: miscellaneous,misc,max-forwards - +info: + name: Max-Forwards Header - Detect + author: righettod + severity: info + description: Max-Forwards response header is specified. + reference: + - https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Max-Forwards + - https://http.dev/max-forwards + - https://twitter.com/irsdl/status/1337299267652825088 + metadata: + verified: true + max-request: 1 + shodan-query: "Max-Forwards:" + fofa-query: header="max-forwards" + tags: miscellaneous,misc,max-forwards + http: - method: GET path: diff --git a/http/misconfiguration/cloudflare-rocketloader-htmli.yaml b/http/misconfiguration/cloudflare-rocketloader-htmli.yaml index 87296005fe..9f2110a5f3 100644 --- a/http/misconfiguration/cloudflare-rocketloader-htmli.yaml +++ b/http/misconfiguration/cloudflare-rocketloader-htmli.yaml @@ -11,8 +11,8 @@ info: - https://developers.cloudflare.com/speed/optimization/content/rocket-loader/enable/ - https://developers.cloudflare.com/fundamentals/reference/policies-compliances/content-security-policies/#product-requirements metadata: - max-request: 1 verified: true + max-request: 1 tags: misconfig,cloudflare,htmli http: diff --git a/http/misconfiguration/sap/sap-public-admin.yaml b/http/misconfiguration/sap/sap-public-admin.yaml index 31bb93bc20..14200e6916 100644 --- a/http/misconfiguration/sap/sap-public-admin.yaml +++ b/http/misconfiguration/sap/sap-public-admin.yaml @@ -4,13 +4,12 @@ info: name: SAP ICM Admin Web Interface author: t3l3machus severity: low - description: - The SAP ICM (Internet Communication Manager) admin monitor interface is often set to public and can be accessed without authentication. The interface discloses version information about the underlying operating system, a brief SAP patch level overview, running services including their corresponding ports and more. + description: The SAP ICM (Internet Communication Manager) admin monitor interface is often set to public and can be accessed without authentication. The interface discloses version information about the underlying operating system, a brief SAP patch level overview, running services including their corresponding ports and more. reference: - https://www.saptechnicalguru.com/information-disclosure-sap-web-administration-interface/ metadata: - max-request: 1 verified: true + max-request: 1 shodan-query: html:"SAP" tags: sap,misconfig,admin,dashboard diff --git a/http/osint/phishing/1password-phish.yaml b/http/osint/phishing/1password-phish.yaml index 23dbf177f6..cfb6c753c0 100644 --- a/http/osint/phishing/1password-phish.yaml +++ b/http/osint/phishing/1password-phish.yaml @@ -1,15 +1,16 @@ id: 1password-phish -info: - name: 1password phishing Detection - author: rxerium - severity: info - description: | - A 1password phishing website was detected - reference: - - https://1password.com +info: + name: 1password phishing Detection + author: rxerium + severity: info + description: | + A 1password phishing website was detected + reference: + - https://1password.com + metadata: + max-request: 1 tags: phishing,1password,osint - http: - method: GET path: diff --git a/http/osint/phishing/adobe-phish.yaml b/http/osint/phishing/adobe-phish.yaml index 5476559196..d848a111e6 100644 --- a/http/osint/phishing/adobe-phish.yaml +++ b/http/osint/phishing/adobe-phish.yaml @@ -1,15 +1,16 @@ id: adobe-phish -info: - name: adobe phishing Detection - author: rxerium - severity: info - description: | - An adobe phishing website was detected - reference: - - https://adobe.com +info: + name: adobe phishing Detection + author: rxerium + severity: info + description: | + An adobe phishing website was detected + reference: + - https://adobe.com + metadata: + max-request: 1 tags: phishing,adobe,osint - http: - method: GET path: diff --git a/http/osint/phishing/aliexpress-phish.yaml b/http/osint/phishing/aliexpress-phish.yaml index 3a7226f401..f48faed1b9 100644 --- a/http/osint/phishing/aliexpress-phish.yaml +++ b/http/osint/phishing/aliexpress-phish.yaml @@ -1,15 +1,16 @@ id: aliexpress-phish -info: - name: aliexpress phishing Detection - author: rxerium - severity: info - description: | - An aliexpress phishing website was detected - reference: - - https://aliexpress.com +info: + name: aliexpress phishing Detection + author: rxerium + severity: info + description: | + An aliexpress phishing website was detected + reference: + - https://aliexpress.com + metadata: + max-request: 1 tags: phishing,aliexpress,osint - http: - method: GET path: diff --git a/http/osint/phishing/amazon-phish.yaml b/http/osint/phishing/amazon-phish.yaml index bf762ca186..a737a22a72 100644 --- a/http/osint/phishing/amazon-phish.yaml +++ b/http/osint/phishing/amazon-phish.yaml @@ -1,15 +1,16 @@ id: amazon-phish -info: - name: Amazon phishing Detection - author: rxerium - severity: info - description: | - An amazon phishing website was detected - reference: - - https://amazon.com - tags: phishing,amazon,osint - +info: + name: Amazon phishing Detection + author: rxerium + severity: info + description: | + An amazon phishing website was detected + reference: + - https://amazon.com + metadata: + max-request: 1 + tags: phishing,amazon,osint http: - method: GET path: diff --git a/http/osint/phishing/amazon-web-services-phish.yaml b/http/osint/phishing/amazon-web-services-phish.yaml index fce3fa438c..9009e1fada 100644 --- a/http/osint/phishing/amazon-web-services-phish.yaml +++ b/http/osint/phishing/amazon-web-services-phish.yaml @@ -1,15 +1,16 @@ id: amazon-web-services-phish -info: - name: amazon web services phishing Detection - author: rxerium - severity: info - description: | - An amazon-web-services phishing website was detected - reference: - - https://signin.aws.amazon.com +info: + name: amazon web services phishing Detection + author: rxerium + severity: info + description: | + An amazon-web-services phishing website was detected + reference: + - https://signin.aws.amazon.com + metadata: + max-request: 1 tags: phishing,amazon-web-services,aws,osint - http: - method: GET path: diff --git a/http/osint/phishing/american-express-phish.yaml b/http/osint/phishing/american-express-phish.yaml index acd84b9e0e..8a94285f37 100644 --- a/http/osint/phishing/american-express-phish.yaml +++ b/http/osint/phishing/american-express-phish.yaml @@ -1,15 +1,16 @@ id: american-express-phish -info: - name: american-express phishing Detection - author: rxerium - severity: info - description: | - An american express phishing website was detected - reference: - - https://www.americanexpress.com +info: + name: american-express phishing Detection + author: rxerium + severity: info + description: | + An american express phishing website was detected + reference: + - https://www.americanexpress.com + metadata: + max-request: 1 tags: phishing,american-express,osint - http: - method: GET path: diff --git a/http/osint/phishing/anydesk-phish.yaml b/http/osint/phishing/anydesk-phish.yaml index d58b203e5d..b2257c56cd 100644 --- a/http/osint/phishing/anydesk-phish.yaml +++ b/http/osint/phishing/anydesk-phish.yaml @@ -1,15 +1,16 @@ id: anydesk-phish -info: - name: anydesk phishing Detection - author: rxerium - severity: info - description: | - An anydesk phishing website was detected - reference: - - https://anydesk.com +info: + name: anydesk phishing Detection + author: rxerium + severity: info + description: | + An anydesk phishing website was detected + reference: + - https://anydesk.com + metadata: + max-request: 1 tags: phishing,anydesk,osint - http: - method: GET path: diff --git a/http/osint/phishing/avast-phish.yaml b/http/osint/phishing/avast-phish.yaml index 6271d8e3e3..512e45479d 100644 --- a/http/osint/phishing/avast-phish.yaml +++ b/http/osint/phishing/avast-phish.yaml @@ -1,15 +1,16 @@ id: avast-phish -info: - name: avast phishing Detection - author: rxerium - severity: info - description: | - An avast phishing website was detected - reference: - - https://avast.com +info: + name: avast phishing Detection + author: rxerium + severity: info + description: | + An avast phishing website was detected + reference: + - https://avast.com + metadata: + max-request: 1 tags: phishing,avast,osint - http: - method: GET path: diff --git a/http/osint/phishing/avg-phish.yaml b/http/osint/phishing/avg-phish.yaml index 9ce3687aa8..34656ead3c 100644 --- a/http/osint/phishing/avg-phish.yaml +++ b/http/osint/phishing/avg-phish.yaml @@ -1,15 +1,16 @@ id: avg-phish -info: - name: avg phishing Detection - author: rxerium - severity: info - description: | - An avg phishing website was detected - reference: - - https://avg.com +info: + name: avg phishing Detection + author: rxerium + severity: info + description: | + An avg phishing website was detected + reference: + - https://avg.com + metadata: + max-request: 1 tags: phishing,avg,osint - http: - method: GET path: diff --git a/http/osint/phishing/bank-of-america-phish.yaml b/http/osint/phishing/bank-of-america-phish.yaml index f4a14af6c4..140fbbce3f 100644 --- a/http/osint/phishing/bank-of-america-phish.yaml +++ b/http/osint/phishing/bank-of-america-phish.yaml @@ -1,15 +1,16 @@ id: bank-of-america-phish -info: - name: Bank Of America phishing Detection - author: rxerium - severity: info - description: | - A Bank Of America phishing website was detected - reference: - - https://bankofamerica.com +info: + name: Bank Of America phishing Detection + author: rxerium + severity: info + description: | + A Bank Of America phishing website was detected + reference: + - https://bankofamerica.com + metadata: + max-request: 1 tags: phishing,BankOfAmerica,osint - http: - method: GET path: diff --git a/http/osint/phishing/battlenet-phish.yaml b/http/osint/phishing/battlenet-phish.yaml index 9e138de312..95cd040fe0 100644 --- a/http/osint/phishing/battlenet-phish.yaml +++ b/http/osint/phishing/battlenet-phish.yaml @@ -1,15 +1,16 @@ id: battlenet-phish -info: - name: battlenet phishing Detection - author: rxerium - severity: info - description: | - A battlenet phishing website was detected - reference: - - https://eu.account.battle.net/login +info: + name: battlenet phishing Detection + author: rxerium + severity: info + description: | + A battlenet phishing website was detected + reference: + - https://eu.account.battle.net/login + metadata: + max-request: 1 tags: phishing,battlenet,osint - http: - method: GET path: diff --git a/http/osint/phishing/bestbuy-phish.yaml b/http/osint/phishing/bestbuy-phish.yaml index 2824ecf4f1..de495199dd 100644 --- a/http/osint/phishing/bestbuy-phish.yaml +++ b/http/osint/phishing/bestbuy-phish.yaml @@ -1,15 +1,16 @@ id: best-buy-phish -info: - name: best buy phishing Detection - author: rxerium - severity: info - description: | - A best buy phishing website was detected - reference: - - https://bestbuy.com +info: + name: best buy phishing Detection + author: rxerium + severity: info + description: | + A best buy phishing website was detected + reference: + - https://bestbuy.com + metadata: + max-request: 1 tags: phishing,bestbuy,osint - http: - method: GET path: diff --git a/http/osint/phishing/bitdefender-phish.yaml b/http/osint/phishing/bitdefender-phish.yaml index d3f037a258..f8cbaafcaa 100644 --- a/http/osint/phishing/bitdefender-phish.yaml +++ b/http/osint/phishing/bitdefender-phish.yaml @@ -1,15 +1,16 @@ id: bitdefender-phish -info: - name: bitdefender phishing Detection - author: rxerium - severity: info - description: | - A bitdefender phishing website was detected - reference: - - https://bitdefender.com +info: + name: bitdefender phishing Detection + author: rxerium + severity: info + description: | + A bitdefender phishing website was detected + reference: + - https://bitdefender.com + metadata: + max-request: 1 tags: phishing,bitdefender,osint - http: - method: GET path: diff --git a/http/osint/phishing/bitwarden-phish.yaml b/http/osint/phishing/bitwarden-phish.yaml index 2209b13baf..b5f3b74031 100644 --- a/http/osint/phishing/bitwarden-phish.yaml +++ b/http/osint/phishing/bitwarden-phish.yaml @@ -1,15 +1,16 @@ id: bitwarden-phish -info: - name: bitwarden phishing Detection - author: rxerium - severity: info - description: | - A bitwarden phishing website was detected - reference: - - https://bitwarden.com +info: + name: bitwarden phishing Detection + author: rxerium + severity: info + description: | + A bitwarden phishing website was detected + reference: + - https://bitwarden.com + metadata: + max-request: 1 tags: phishing,bitwarden,osint - http: - method: GET path: diff --git a/http/osint/phishing/blender-phish.yaml b/http/osint/phishing/blender-phish.yaml index b3f8a7ae35..1f30a2ad0a 100644 --- a/http/osint/phishing/blender-phish.yaml +++ b/http/osint/phishing/blender-phish.yaml @@ -1,15 +1,16 @@ id: blender-phish -info: - name: blender phishing Detection - author: rxerium - severity: info - description: | - A blender phishing website was detected - reference: - - https://blender.org +info: + name: blender phishing Detection + author: rxerium + severity: info + description: | + A blender phishing website was detected + reference: + - https://blender.org + metadata: + max-request: 1 tags: phishing,blender,osint - http: - method: GET path: diff --git a/http/osint/phishing/booking-phish.yaml b/http/osint/phishing/booking-phish.yaml index 7234dab618..9205e74350 100644 --- a/http/osint/phishing/booking-phish.yaml +++ b/http/osint/phishing/booking-phish.yaml @@ -1,15 +1,16 @@ id: booking-phish -info: - name: booking phishing Detection - author: rxerium - severity: info - description: | - A booking phishing website was detected - reference: - - https://booking.com +info: + name: booking phishing Detection + author: rxerium + severity: info + description: | + A booking phishing website was detected + reference: + - https://booking.com + metadata: + max-request: 1 tags: phishing,booking,osint - http: - method: GET path: diff --git a/http/osint/phishing/box-storage-phish.yaml b/http/osint/phishing/box-storage-phish.yaml index a230bd86f1..b4d9b05234 100644 --- a/http/osint/phishing/box-storage-phish.yaml +++ b/http/osint/phishing/box-storage-phish.yaml @@ -1,15 +1,16 @@ id: box-phish -info: - name: box phishing Detection - author: rxerium - severity: info - description: | - A box phishing website was detected - reference: - - https://box.com +info: + name: box phishing Detection + author: rxerium + severity: info + description: | + A box phishing website was detected + reference: + - https://box.com + metadata: + max-request: 1 tags: phishing,box-storage,osint - http: - method: GET path: diff --git a/http/osint/phishing/brave-phish.yaml b/http/osint/phishing/brave-phish.yaml index 61cd683b15..b335d5c460 100644 --- a/http/osint/phishing/brave-phish.yaml +++ b/http/osint/phishing/brave-phish.yaml @@ -1,15 +1,16 @@ id: brave-phish -info: - name: brave phishing Detection - author: rxerium - severity: info - description: | - A brave phishing website was detected - reference: - - https://brave.com +info: + name: brave phishing Detection + author: rxerium + severity: info + description: | + A brave phishing website was detected + reference: + - https://brave.com + metadata: + max-request: 1 tags: phishing,brave,osint - http: - method: GET path: diff --git a/http/osint/phishing/brighthr-phish.yaml b/http/osint/phishing/brighthr-phish.yaml index e5a92dea68..bb0c31a18e 100644 --- a/http/osint/phishing/brighthr-phish.yaml +++ b/http/osint/phishing/brighthr-phish.yaml @@ -1,15 +1,16 @@ id: brighthr-phish -info: - name: brighthr phishing Detection - author: rxerium - severity: info - description: | - A brighthr phishing website was detected - reference: - - https://brighthr.com +info: + name: brighthr phishing Detection + author: rxerium + severity: info + description: | + A brighthr phishing website was detected + reference: + - https://brighthr.com + metadata: + max-request: 1 tags: phishing,brighthr,osint - http: - method: GET path: diff --git a/http/osint/phishing/ccleaner-phish.yaml b/http/osint/phishing/ccleaner-phish.yaml index fa4001b51b..4145d8bc6c 100644 --- a/http/osint/phishing/ccleaner-phish.yaml +++ b/http/osint/phishing/ccleaner-phish.yaml @@ -1,15 +1,16 @@ id: ccleaner-phish -info: - name: ccleaner phishing Detection - author: rxerium - severity: info - description: | - A ccleaner phishing website was detected - reference: - - https://ccleaner.com +info: + name: ccleaner phishing Detection + author: rxerium + severity: info + description: | + A ccleaner phishing website was detected + reference: + - https://ccleaner.com + metadata: + max-request: 1 tags: phishing,ccleaner,osint - http: - method: GET path: diff --git a/http/osint/phishing/chase-phish.yaml b/http/osint/phishing/chase-phish.yaml index 1c1d18ffee..9c3f62dce7 100644 --- a/http/osint/phishing/chase-phish.yaml +++ b/http/osint/phishing/chase-phish.yaml @@ -1,15 +1,16 @@ id: Chase-phish -info: - name: Chase phishing Detection - author: rxerium - severity: info - description: | - A Chase phishing website was detected - reference: - - https://chase.com +info: + name: Chase phishing Detection + author: rxerium + severity: info + description: | + A Chase phishing website was detected + reference: + - https://chase.com + metadata: + max-request: 1 tags: phishing,Chase,osint - http: - method: GET path: diff --git a/http/osint/phishing/chrome-phish.yaml b/http/osint/phishing/chrome-phish.yaml index 22caf9c1ab..e678baa58f 100644 --- a/http/osint/phishing/chrome-phish.yaml +++ b/http/osint/phishing/chrome-phish.yaml @@ -1,15 +1,16 @@ id: chrome-phish -info: - name: chrome phishing Detection - author: rxerium - severity: info - description: | - A chrome phishing website was detected - reference: - - https://www.google.com/intl/en_uk/chrome/ +info: + name: chrome phishing Detection + author: rxerium + severity: info + description: | + A chrome phishing website was detected + reference: + - https://www.google.com/intl/en_uk/chrome/ + metadata: + max-request: 1 tags: phishing,chrome,osint - http: - method: GET path: diff --git a/http/osint/phishing/costa-phish.yaml b/http/osint/phishing/costa-phish.yaml index 51f4e27057..19bd969466 100644 --- a/http/osint/phishing/costa-phish.yaml +++ b/http/osint/phishing/costa-phish.yaml @@ -1,15 +1,16 @@ id: costa-phish -info: - name: costa phishing Detection - author: rxerium - severity: info - description: | - A costa phishing website was detected - reference: - - https://costa.co.uk +info: + name: costa phishing Detection + author: rxerium + severity: info + description: | + A costa phishing website was detected + reference: + - https://costa.co.uk + metadata: + max-request: 1 tags: phishing,costa,osint - http: - method: GET path: diff --git a/http/osint/phishing/dashlane-phish.yaml b/http/osint/phishing/dashlane-phish.yaml index ead50ba91e..a666dd37ee 100644 --- a/http/osint/phishing/dashlane-phish.yaml +++ b/http/osint/phishing/dashlane-phish.yaml @@ -1,15 +1,16 @@ id: dashlane-phish -info: - name: dashlane phishing Detection - author: rxerium - severity: info - description: | - A dashlane phishing website was detected - reference: - - https://dashlane.com +info: + name: dashlane phishing Detection + author: rxerium + severity: info + description: | + A dashlane phishing website was detected + reference: + - https://dashlane.com + metadata: + max-request: 1 tags: phishing,dashlane,osint - http: - method: GET path: diff --git a/http/osint/phishing/deezer-phish.yaml b/http/osint/phishing/deezer-phish.yaml index 1aea91c944..47d230268c 100644 --- a/http/osint/phishing/deezer-phish.yaml +++ b/http/osint/phishing/deezer-phish.yaml @@ -1,15 +1,16 @@ id: deezer-phish -info: - name: deezer phishing Detection - author: rxerium - severity: info - description: | - A deezer phishing website was detected - reference: - - https://deezer.com +info: + name: deezer phishing Detection + author: rxerium + severity: info + description: | + A deezer phishing website was detected + reference: + - https://deezer.com + metadata: + max-request: 1 tags: phishing,deezer,osint - http: - method: GET path: diff --git a/http/osint/phishing/deliveroo-phish.yaml b/http/osint/phishing/deliveroo-phish.yaml index 28215fbab8..0e7fa3213c 100644 --- a/http/osint/phishing/deliveroo-phish.yaml +++ b/http/osint/phishing/deliveroo-phish.yaml @@ -1,15 +1,16 @@ id: deliveroo-phish -info: - name: deliveroo phishing Detection - author: rxerium - severity: info - description: | - A deliveroo phishing website was detected - reference: - - https://deliveroo.co.uk +info: + name: deliveroo phishing Detection + author: rxerium + severity: info + description: | + A deliveroo phishing website was detected + reference: + - https://deliveroo.co.uk + metadata: + max-request: 1 tags: phishing,deliveroo,osint - http: - method: GET path: diff --git a/http/osint/phishing/digital-ocean-phish.yaml b/http/osint/phishing/digital-ocean-phish.yaml index 7bdd3a0ef8..5bf81e5800 100644 --- a/http/osint/phishing/digital-ocean-phish.yaml +++ b/http/osint/phishing/digital-ocean-phish.yaml @@ -1,15 +1,16 @@ id: digital-ocean-phish -info: - name: digital ocean phishing Detection - author: rxerium - severity: info - description: | - A digital-ocean phishing website was detected - reference: - - https://digitalocean.com +info: + name: digital ocean phishing Detection + author: rxerium + severity: info + description: | + A digital-ocean phishing website was detected + reference: + - https://digitalocean.com + metadata: + max-request: 1 tags: phishing,digital-ocean,osint - http: - method: GET path: diff --git a/http/osint/phishing/discord-phish.yaml b/http/osint/phishing/discord-phish.yaml index 2fea0dbdde..ffeafaa6c8 100644 --- a/http/osint/phishing/discord-phish.yaml +++ b/http/osint/phishing/discord-phish.yaml @@ -1,15 +1,16 @@ id: Discord-phish -info: - name: Discord phishing Detection - author: rxerium - severity: info - description: | - A Discord phishing website was detected - reference: - - https://discord.com +info: + name: Discord phishing Detection + author: rxerium + severity: info + description: | + A Discord phishing website was detected + reference: + - https://discord.com + metadata: + max-request: 1 tags: phishing,discord,osint - http: - method: GET path: diff --git a/http/osint/phishing/disneyplus-phish.yaml b/http/osint/phishing/disneyplus-phish.yaml index 8867c09a68..5e5b8773a9 100644 --- a/http/osint/phishing/disneyplus-phish.yaml +++ b/http/osint/phishing/disneyplus-phish.yaml @@ -1,15 +1,16 @@ id: disneyplus-phish -info: - name: disneyplus phishing Detection - author: rxerium - severity: info - description: | - A disneyplus phishing website was detected - reference: - - https://disneyplus.com +info: + name: disneyplus phishing Detection + author: rxerium + severity: info + description: | + A disneyplus phishing website was detected + reference: + - https://disneyplus.com + metadata: + max-request: 1 tags: phishing,disneyplus,osint - http: - method: GET path: diff --git a/http/osint/phishing/dropbox-phish.yaml b/http/osint/phishing/dropbox-phish.yaml index 5f3f473bd8..f5d0eb9199 100644 --- a/http/osint/phishing/dropbox-phish.yaml +++ b/http/osint/phishing/dropbox-phish.yaml @@ -1,15 +1,16 @@ id: dropbox-phish -info: - name: dropbox phishing Detection - author: rxerium - severity: info - description: | - A dropbox phishing website was detected - reference: - - https://dropbox.com +info: + name: dropbox phishing Detection + author: rxerium + severity: info + description: | + A dropbox phishing website was detected + reference: + - https://dropbox.com + metadata: + max-request: 1 tags: phishing,dropbox,osint - http: - method: GET path: diff --git a/http/osint/phishing/duckduckgo-phish.yaml b/http/osint/phishing/duckduckgo-phish.yaml index 4a387caddf..29d307ad9d 100644 --- a/http/osint/phishing/duckduckgo-phish.yaml +++ b/http/osint/phishing/duckduckgo-phish.yaml @@ -1,15 +1,16 @@ id: duckduckgo-phish -info: - name: duckduckgo phishing Detection - author: rxerium - severity: info - description: | - A duckduckgo phishing website was detected - reference: - - https://duckduckgo.com +info: + name: duckduckgo phishing Detection + author: rxerium + severity: info + description: | + A duckduckgo phishing website was detected + reference: + - https://duckduckgo.com + metadata: + max-request: 1 tags: phishing,duckduckgo,osint - http: - method: GET path: diff --git a/http/osint/phishing/ebay-phish.yaml b/http/osint/phishing/ebay-phish.yaml index 71d8f27126..e9c4d689c8 100644 --- a/http/osint/phishing/ebay-phish.yaml +++ b/http/osint/phishing/ebay-phish.yaml @@ -1,15 +1,16 @@ id: ebay-phish -info: - name: ebay phishing Detection - author: rxerium - severity: info - description: | - A ebay phishing website was detected - reference: - - https://ebay.com +info: + name: ebay phishing Detection + author: rxerium + severity: info + description: | + A ebay phishing website was detected + reference: + - https://ebay.com + metadata: + max-request: 1 tags: phishing,ebay,osint - http: - method: GET path: diff --git a/http/osint/phishing/edge-phish.yaml b/http/osint/phishing/edge-phish.yaml index 77d9bac5d7..8a0ca8d429 100644 --- a/http/osint/phishing/edge-phish.yaml +++ b/http/osint/phishing/edge-phish.yaml @@ -1,15 +1,16 @@ id: edge-phish -info: - name: edge phishing Detection - author: rxerium - severity: info - description: | - A edge phishing website was detected - reference: - - https://www.microsoft.com/en-us/edge/download?form=MA13FJ&ch=1 +info: + name: edge phishing Detection + author: rxerium + severity: info + description: | + A edge phishing website was detected + reference: + - https://www.microsoft.com/en-us/edge/download?form=MA13FJ&ch=1 + metadata: + max-request: 1 tags: phishing,edge,osint - http: - method: GET path: diff --git a/http/osint/phishing/ee-mobile-phish.yaml b/http/osint/phishing/ee-mobile-phish.yaml index 4ab8ff8c6f..1bee7353f0 100644 --- a/http/osint/phishing/ee-mobile-phish.yaml +++ b/http/osint/phishing/ee-mobile-phish.yaml @@ -1,15 +1,16 @@ id: ee-mobile-phish -info: - name: ee phishing Detection - author: rxerium - severity: info - description: | - A ee phishing website was detected - reference: - - https://ee.co.uk +info: + name: ee phishing Detection + author: rxerium + severity: info + description: | + A ee phishing website was detected + reference: + - https://ee.co.uk + metadata: + max-request: 1 tags: phishing,ee,osint - http: - method: GET path: diff --git a/http/osint/phishing/eset-phish.yaml b/http/osint/phishing/eset-phish.yaml index 5bcf230cda..6e9e5ce3fd 100644 --- a/http/osint/phishing/eset-phish.yaml +++ b/http/osint/phishing/eset-phish.yaml @@ -1,15 +1,16 @@ id: eset-phish -info: - name: eset phishing Detection - author: rxerium - severity: info - description: | - A eset phishing website was detected - reference: - - https://eset.com +info: + name: eset phishing Detection + author: rxerium + severity: info + description: | + A eset phishing website was detected + reference: + - https://eset.com + metadata: + max-request: 1 tags: phishing,eset,osint - http: - method: GET path: diff --git a/http/osint/phishing/evernote-phish.yaml b/http/osint/phishing/evernote-phish.yaml index e76cdc7478..a159bb2d32 100644 --- a/http/osint/phishing/evernote-phish.yaml +++ b/http/osint/phishing/evernote-phish.yaml @@ -1,15 +1,16 @@ id: evernote-phish -info: - name: evernote phishing Detection - author: rxerium - severity: info - description: | - A evernote phishing website was detected - reference: - - https://evernote.com +info: + name: evernote phishing Detection + author: rxerium + severity: info + description: | + A evernote phishing website was detected + reference: + - https://evernote.com + metadata: + max-request: 1 tags: phishing,evernote,osint - http: - method: GET path: diff --git a/http/osint/phishing/facebook-phish.yaml b/http/osint/phishing/facebook-phish.yaml index 72de43cc0a..4fab4e443c 100644 --- a/http/osint/phishing/facebook-phish.yaml +++ b/http/osint/phishing/facebook-phish.yaml @@ -1,15 +1,16 @@ id: facebook-phish -info: - name: Facebook phishing Detection - author: rxerium - severity: info - description: | - A Facebook phishing website was detected - reference: - - https://facebook.com +info: + name: Facebook phishing Detection + author: rxerium + severity: info + description: | + A Facebook phishing website was detected + reference: + - https://facebook.com + metadata: + max-request: 1 tags: phishing,facebook,osint - http: - method: GET path: diff --git a/http/osint/phishing/figma-phish.yaml b/http/osint/phishing/figma-phish.yaml index 74e460cbc9..c34b0d9763 100644 --- a/http/osint/phishing/figma-phish.yaml +++ b/http/osint/phishing/figma-phish.yaml @@ -1,15 +1,16 @@ id: figma-phish -info: - name: figma phishing Detection - author: rxerium - severity: info - description: | - A figma phishing website was detected - reference: - - https://figma.com +info: + name: figma phishing Detection + author: rxerium + severity: info + description: | + A figma phishing website was detected + reference: + - https://figma.com + metadata: + max-request: 1 tags: phishing,figma,osint - http: - method: GET path: diff --git a/http/osint/phishing/filezilla-phish.yaml b/http/osint/phishing/filezilla-phish.yaml index a2dc18a303..a35c30cecd 100644 --- a/http/osint/phishing/filezilla-phish.yaml +++ b/http/osint/phishing/filezilla-phish.yaml @@ -1,15 +1,16 @@ id: filezilla-phish -info: - name: filezilla phishing Detection - author: rxerium - severity: info - description: | - A filezilla phishing website was detected - reference: - - https://filezilla-project.org +info: + name: filezilla phishing Detection + author: rxerium + severity: info + description: | + A filezilla phishing website was detected + reference: + - https://filezilla-project.org + metadata: + max-request: 1 tags: phishing,filezilla,osint - http: - method: GET path: diff --git a/http/osint/phishing/firefox-phish.yaml b/http/osint/phishing/firefox-phish.yaml index 083fd895e2..e7bed4305a 100644 --- a/http/osint/phishing/firefox-phish.yaml +++ b/http/osint/phishing/firefox-phish.yaml @@ -1,15 +1,16 @@ id: firefox-phish -info: - name: firefox phishing Detection - author: rxerium - severity: info - description: | - A firefox phishing website was detected - reference: - - https://www.mozilla.org/en-GB/firefox/new/ +info: + name: firefox phishing Detection + author: rxerium + severity: info + description: | + A firefox phishing website was detected + reference: + - https://www.mozilla.org/en-GB/firefox/new/ + metadata: + max-request: 1 tags: phishing,firefox,osint - http: - method: GET path: diff --git a/http/osint/phishing/gimp-phish.yaml b/http/osint/phishing/gimp-phish.yaml index 04c0e7f0c1..47f3d60d3d 100644 --- a/http/osint/phishing/gimp-phish.yaml +++ b/http/osint/phishing/gimp-phish.yaml @@ -1,15 +1,16 @@ id: gimp-phish -info: - name: gimp phishing Detection - author: rxerium - severity: info - description: | - A gimp phishing website was detected - reference: - - https://gimp.org +info: + name: gimp phishing Detection + author: rxerium + severity: info + description: | + A gimp phishing website was detected + reference: + - https://gimp.org + metadata: + max-request: 1 tags: phishing,gimp,osint - http: - method: GET path: diff --git a/http/osint/phishing/github-phish.yaml b/http/osint/phishing/github-phish.yaml index 667f7a1e8c..3008c09bdb 100644 --- a/http/osint/phishing/github-phish.yaml +++ b/http/osint/phishing/github-phish.yaml @@ -1,15 +1,16 @@ id: github-phish -info: - name: github phishing Detection - author: rxerium - severity: info - description: | - A github phishing website was detected - reference: - - https://github.com +info: + name: github phishing Detection + author: rxerium + severity: info + description: | + A github phishing website was detected + reference: + - https://github.com + metadata: + max-request: 1 tags: phishing,github,osint - http: - method: GET path: diff --git a/http/osint/phishing/google-phish.yaml b/http/osint/phishing/google-phish.yaml index 36b4e321c5..3f64c75348 100644 --- a/http/osint/phishing/google-phish.yaml +++ b/http/osint/phishing/google-phish.yaml @@ -1,15 +1,16 @@ id: google-phish -info: - name: Google phishing Detection - author: rxerium - severity: info - description: | - A google phishing website was detected - reference: - - https://google.com +info: + name: Google phishing Detection + author: rxerium + severity: info + description: | + A google phishing website was detected + reference: + - https://google.com + metadata: + max-request: 1 tags: phishing,google,osint - http: - method: GET path: diff --git a/http/osint/phishing/icloud-phish.yaml b/http/osint/phishing/icloud-phish.yaml index d561ba5d79..8c7bc53da7 100644 --- a/http/osint/phishing/icloud-phish.yaml +++ b/http/osint/phishing/icloud-phish.yaml @@ -1,15 +1,16 @@ id: iCloud-phish -info: - name: iCloud phishing Detection - author: rxerium - severity: info - description: | - A iCloud phishing website was detected - reference: - - https://icloud.com +info: + name: iCloud phishing Detection + author: rxerium + severity: info + description: | + A iCloud phishing website was detected + reference: + - https://icloud.com + metadata: + max-request: 1 tags: phishing,icloud,osint - http: - method: GET path: diff --git a/http/osint/phishing/instagram-phish.yaml b/http/osint/phishing/instagram-phish.yaml index 9526db3f26..6f62dc1d42 100644 --- a/http/osint/phishing/instagram-phish.yaml +++ b/http/osint/phishing/instagram-phish.yaml @@ -1,15 +1,16 @@ id: instagram-phish -info: - name: instagram phishing Detection - author: rxerium - severity: info - description: | - A instagram phishing website was detected - reference: - - https://instagram.com +info: + name: instagram phishing Detection + author: rxerium + severity: info + description: | + A instagram phishing website was detected + reference: + - https://instagram.com + metadata: + max-request: 1 tags: phishing,instagram,osint - http: - method: GET path: diff --git a/http/osint/phishing/kakao-login-phish.yaml b/http/osint/phishing/kakao-login-phish.yaml index b201b43935..30903e6817 100644 --- a/http/osint/phishing/kakao-login-phish.yaml +++ b/http/osint/phishing/kakao-login-phish.yaml @@ -1,16 +1,17 @@ id: kakao-login-phish -info: - name: kakao login phishing Detection - author: hahwul - severity: info - description: | - A kakao login phishing website was detected - reference: - - https://accounts.kakao.com - - https://www.kakaocorp.com +info: + name: kakao login phishing Detection + author: hahwul + severity: info + description: | + A kakao login phishing website was detected + reference: + - https://accounts.kakao.com + - https://www.kakaocorp.com + metadata: + max-request: 1 tags: phishing,kakao,osint - http: - method: GET path: diff --git a/http/osint/phishing/kaspersky-phish.yaml b/http/osint/phishing/kaspersky-phish.yaml index 12db9c19a4..d9d2aaa660 100644 --- a/http/osint/phishing/kaspersky-phish.yaml +++ b/http/osint/phishing/kaspersky-phish.yaml @@ -1,15 +1,16 @@ id: kaspersky-phish -info: - name: kaspersky phishing Detection - author: rxerium - severity: info - description: | - A kaspersky phishing website was detected - reference: - - https://kaspersky.co.uk +info: + name: kaspersky phishing Detection + author: rxerium + severity: info + description: | + A kaspersky phishing website was detected + reference: + - https://kaspersky.co.uk + metadata: + max-request: 1 tags: phishing,kaspersky,osint - http: - method: GET path: diff --git a/http/osint/phishing/kayak-phish.yaml b/http/osint/phishing/kayak-phish.yaml index 94184c5bca..fe9e83dff0 100644 --- a/http/osint/phishing/kayak-phish.yaml +++ b/http/osint/phishing/kayak-phish.yaml @@ -1,15 +1,16 @@ id: kayak-phish -info: - name: kayak phishing Detection - author: rxerium - severity: info - description: | - A kayak phishing website was detected - reference: - - https://kayak.co.uk +info: + name: kayak phishing Detection + author: rxerium + severity: info + description: | + A kayak phishing website was detected + reference: + - https://kayak.co.uk + metadata: + max-request: 1 tags: phishing,kayak,osint - http: - method: GET path: diff --git a/http/osint/phishing/keepass-phish.yaml b/http/osint/phishing/keepass-phish.yaml index b2ad21f016..dd215dddbf 100644 --- a/http/osint/phishing/keepass-phish.yaml +++ b/http/osint/phishing/keepass-phish.yaml @@ -1,15 +1,16 @@ id: keepass-phish -info: - name: keepass phishing Detection - author: rxerium - severity: info - description: | - A keepass phishing website was detected - reference: - - https://keepass.info +info: + name: keepass phishing Detection + author: rxerium + severity: info + description: | + A keepass phishing website was detected + reference: + - https://keepass.info + metadata: + max-request: 1 tags: phishing,keepass,osint - http: - method: GET path: diff --git a/http/osint/phishing/keepersecurity-phish.yaml b/http/osint/phishing/keepersecurity-phish.yaml index f0e50710ce..b17f6affb1 100644 --- a/http/osint/phishing/keepersecurity-phish.yaml +++ b/http/osint/phishing/keepersecurity-phish.yaml @@ -1,15 +1,16 @@ id: keepersecurity-phish -info: - name: keepersecurity phishing Detection - author: rxerium - severity: info - description: | - A keepersecurity phishing website was detected - reference: - - https://keepersecurity.com +info: + name: keepersecurity phishing Detection + author: rxerium + severity: info + description: | + A keepersecurity phishing website was detected + reference: + - https://keepersecurity.com + metadata: + max-request: 1 tags: phishing,keepersecurity,osint - http: - method: GET path: diff --git a/http/osint/phishing/keybase-phish.yaml b/http/osint/phishing/keybase-phish.yaml index 7e5a640bcc..59ebb102a5 100644 --- a/http/osint/phishing/keybase-phish.yaml +++ b/http/osint/phishing/keybase-phish.yaml @@ -1,15 +1,16 @@ id: keybase-phish -info: - name: keybase phishing Detection - author: rxerium - severity: info - description: | - A keybase phishing website was detected - reference: - - https://keybase.io +info: + name: keybase phishing Detection + author: rxerium + severity: info + description: | + A keybase phishing website was detected + reference: + - https://keybase.io + metadata: + max-request: 1 tags: phishing,keybase,osint - http: - method: GET path: diff --git a/http/osint/phishing/lastpass-phish.yaml b/http/osint/phishing/lastpass-phish.yaml index d3eaf764be..402ed499b3 100644 --- a/http/osint/phishing/lastpass-phish.yaml +++ b/http/osint/phishing/lastpass-phish.yaml @@ -1,15 +1,16 @@ id: lastpass-phish -info: - name: lastpass phishing Detection - author: rxerium - severity: info - description: | - A lastpass phishing website was detected - reference: - - https://lastpass.com +info: + name: lastpass phishing Detection + author: rxerium + severity: info + description: | + A lastpass phishing website was detected + reference: + - https://lastpass.com + metadata: + max-request: 1 tags: phishing,lastpass,osint - http: - method: GET path: diff --git a/http/osint/phishing/libre-office-phish.yaml b/http/osint/phishing/libre-office-phish.yaml index 0db80b42ef..37616cc277 100644 --- a/http/osint/phishing/libre-office-phish.yaml +++ b/http/osint/phishing/libre-office-phish.yaml @@ -1,15 +1,16 @@ id: libre-office-phish -info: - name: libre office phishing Detection - author: rxerium - severity: info - description: | - A libre office phishing website was detected - reference: - - https://libreoffice.org +info: + name: libre office phishing Detection + author: rxerium + severity: info + description: | + A libre office phishing website was detected + reference: + - https://libreoffice.org + metadata: + max-request: 1 tags: phishing,libre-office,osint - http: - method: GET path: diff --git a/http/osint/phishing/linkedin-phish.yaml b/http/osint/phishing/linkedin-phish.yaml index fe52e042cc..27693ccdfe 100644 --- a/http/osint/phishing/linkedin-phish.yaml +++ b/http/osint/phishing/linkedin-phish.yaml @@ -1,15 +1,16 @@ id: linkedin-phish -info: - name: linkedin phishing Detection - author: rxerium - severity: info - description: | - A linkedin phishing website was detected - reference: - - https://linkedin.com +info: + name: linkedin phishing Detection + author: rxerium + severity: info + description: | + A linkedin phishing website was detected + reference: + - https://linkedin.com + metadata: + max-request: 1 tags: phishing,linkedin,osint - http: - method: GET path: diff --git a/http/osint/phishing/malwarebytes-phish.yaml b/http/osint/phishing/malwarebytes-phish.yaml index 24c9e03feb..446d1ef2b6 100644 --- a/http/osint/phishing/malwarebytes-phish.yaml +++ b/http/osint/phishing/malwarebytes-phish.yaml @@ -1,15 +1,16 @@ id: malwarebytes-phish -info: - name: malwarebytes phishing Detection - author: rxerium - severity: info - description: | - A malwarebytes phishing website was detected - reference: - - https://malwarebytes.com +info: + name: malwarebytes phishing Detection + author: rxerium + severity: info + description: | + A malwarebytes phishing website was detected + reference: + - https://malwarebytes.com + metadata: + max-request: 1 tags: phishing,malwarebytes,osint - http: - method: GET path: diff --git a/http/osint/phishing/mcafee-phish.yaml b/http/osint/phishing/mcafee-phish.yaml index 5084270de7..308fb8b8aa 100644 --- a/http/osint/phishing/mcafee-phish.yaml +++ b/http/osint/phishing/mcafee-phish.yaml @@ -1,15 +1,16 @@ id: mcafee-phish -info: - name: mcafee phishing Detection - author: rxerium - severity: info - description: | - A mcafee phishing website was detected - reference: - - https://mcafee.com +info: + name: mcafee phishing Detection + author: rxerium + severity: info + description: | + A mcafee phishing website was detected + reference: + - https://mcafee.com + metadata: + max-request: 1 tags: phishing,mcafee,osint - http: - method: GET path: diff --git a/http/osint/phishing/mega-phish.yaml b/http/osint/phishing/mega-phish.yaml index 7fe4d0abc9..089d4eb2bf 100644 --- a/http/osint/phishing/mega-phish.yaml +++ b/http/osint/phishing/mega-phish.yaml @@ -1,15 +1,16 @@ id: mega-phish -info: - name: mega phishing Detection - author: rxerium - severity: info - description: | - A mega phishing website was detected - reference: - - https://mega.io +info: + name: mega phishing Detection + author: rxerium + severity: info + description: | + A mega phishing website was detected + reference: + - https://mega.io + metadata: + max-request: 1 tags: phishing,mega,osint - http: - method: GET path: diff --git a/http/osint/phishing/messenger-phish.yaml b/http/osint/phishing/messenger-phish.yaml index 3d88196268..35324d195e 100644 --- a/http/osint/phishing/messenger-phish.yaml +++ b/http/osint/phishing/messenger-phish.yaml @@ -1,15 +1,16 @@ id: messenger-phish -info: - name: messenger phishing Detection - author: rxerium - severity: info - description: | - A messenger phishing website was detected - reference: - - https://messenger.com +info: + name: messenger phishing Detection + author: rxerium + severity: info + description: | + A messenger phishing website was detected + reference: + - https://messenger.com + metadata: + max-request: 1 tags: phishing,messenger,osint - http: - method: GET path: diff --git a/http/osint/phishing/microcenter-phish.yaml b/http/osint/phishing/microcenter-phish.yaml index a57309bb19..49e6a8f8f0 100644 --- a/http/osint/phishing/microcenter-phish.yaml +++ b/http/osint/phishing/microcenter-phish.yaml @@ -1,15 +1,16 @@ id: microcenter-phish -info: - name: microcenter phishing Detection - author: rxerium - severity: info - description: | - A microcenter phishing website was detected - reference: - - https://microcenter.com +info: + name: microcenter phishing Detection + author: rxerium + severity: info + description: | + A microcenter phishing website was detected + reference: + - https://microcenter.com + metadata: + max-request: 1 tags: phishing,microcenter,osint - http: - method: GET path: diff --git a/http/osint/phishing/microsoft-phish.yaml b/http/osint/phishing/microsoft-phish.yaml index 99c6b44bce..bd45294d4d 100644 --- a/http/osint/phishing/microsoft-phish.yaml +++ b/http/osint/phishing/microsoft-phish.yaml @@ -1,16 +1,17 @@ id: microsoft-phish -info: - name: Microsoft phishing Detection - author: rxerium - severity: info - description: | - A microsoft phishing website was detected - reference: - - https://office.com - - https://microsoft.com +info: + name: Microsoft phishing Detection + author: rxerium + severity: info + description: | + A microsoft phishing website was detected + reference: + - https://office.com + - https://microsoft.com + metadata: + max-request: 1 tags: phishing,microsoft,osint - http: - method: GET path: diff --git a/http/osint/phishing/microsoft-teams-phish.yaml b/http/osint/phishing/microsoft-teams-phish.yaml index f8869bb524..62960ead8b 100644 --- a/http/osint/phishing/microsoft-teams-phish.yaml +++ b/http/osint/phishing/microsoft-teams-phish.yaml @@ -1,15 +1,16 @@ id: microsoft-teams-phish -info: - name: microsoft teams phishing Detection - author: rxerium - severity: info - description: | - A microsoft teams phishing website was detected - reference: - - https://www.microsoft.com/en-gb/microsoft-teams/download-app +info: + name: microsoft teams phishing Detection + author: rxerium + severity: info + description: | + A microsoft teams phishing website was detected + reference: + - https://www.microsoft.com/en-gb/microsoft-teams/download-app + metadata: + max-request: 1 tags: phishing,microsoft-teams,osint - http: - method: GET path: diff --git a/http/osint/phishing/naver-login-phish.yaml b/http/osint/phishing/naver-login-phish.yaml index 7acfce6023..e8e97801cf 100644 --- a/http/osint/phishing/naver-login-phish.yaml +++ b/http/osint/phishing/naver-login-phish.yaml @@ -1,16 +1,17 @@ id: naver-login-phish -info: - name: naver login phishing Detection - author: hahwul - severity: info - description: | - A naver login phishing website was detected - reference: - - https://nid.naver.com - - https://www.navercorp.com +info: + name: naver login phishing Detection + author: hahwul + severity: info + description: | + A naver login phishing website was detected + reference: + - https://nid.naver.com + - https://www.navercorp.com + metadata: + max-request: 1 tags: phishing,naver,osint - http: - method: GET path: diff --git a/http/osint/phishing/netflix-phish.yaml b/http/osint/phishing/netflix-phish.yaml index 2e0d56d427..d06814e676 100644 --- a/http/osint/phishing/netflix-phish.yaml +++ b/http/osint/phishing/netflix-phish.yaml @@ -1,15 +1,16 @@ id: netflix-phish -info: - name: netflix phishing Detection - author: rxerium - severity: info - description: | - A netflix phishing website was detected - reference: - - https://netflix.com +info: + name: netflix phishing Detection + author: rxerium + severity: info + description: | + A netflix phishing website was detected + reference: + - https://netflix.com + metadata: + max-request: 1 tags: phishing,netflix,osint - http: - method: GET path: diff --git a/http/osint/phishing/nordpass-phish.yaml b/http/osint/phishing/nordpass-phish.yaml index ab84b6f1ee..b639e5980c 100644 --- a/http/osint/phishing/nordpass-phish.yaml +++ b/http/osint/phishing/nordpass-phish.yaml @@ -1,15 +1,16 @@ id: nordpass-phish -info: - name: nordpass phishing Detection - author: rxerium - severity: info - description: | - A nordpass phishing website was detected - reference: - - https://nordpass.com +info: + name: nordpass phishing Detection + author: rxerium + severity: info + description: | + A nordpass phishing website was detected + reference: + - https://nordpass.com + metadata: + max-request: 1 tags: phishing,nordpass,osint - http: - method: GET path: diff --git a/http/osint/phishing/norton-phish.yaml b/http/osint/phishing/norton-phish.yaml index 3e7096b27b..0a36ae8c92 100644 --- a/http/osint/phishing/norton-phish.yaml +++ b/http/osint/phishing/norton-phish.yaml @@ -1,15 +1,16 @@ id: norton-phish -info: - name: norton phishing Detection - author: rxerium - severity: info - description: | - A norton phishing website was detected - reference: - - https://norton.com +info: + name: norton phishing Detection + author: rxerium + severity: info + description: | + A norton phishing website was detected + reference: + - https://norton.com + metadata: + max-request: 1 tags: phishing,norton,osint - http: - method: GET path: diff --git a/http/osint/phishing/notion-phish.yaml b/http/osint/phishing/notion-phish.yaml index 16b4cce0cf..4fc72b80bb 100644 --- a/http/osint/phishing/notion-phish.yaml +++ b/http/osint/phishing/notion-phish.yaml @@ -1,15 +1,16 @@ id: notion-phish -info: - name: notion phishing Detection - author: rxerium - severity: info - description: | - A notion phishing website was detected - reference: - - https://notion.so +info: + name: notion phishing Detection + author: rxerium + severity: info + description: | + A notion phishing website was detected + reference: + - https://notion.so + metadata: + max-request: 1 tags: phishing,notion,osint - http: - method: GET path: diff --git a/http/osint/phishing/o2-mobile-phish.yaml b/http/osint/phishing/o2-mobile-phish.yaml index ca6cb7b4a7..90bfdf1b9f 100644 --- a/http/osint/phishing/o2-mobile-phish.yaml +++ b/http/osint/phishing/o2-mobile-phish.yaml @@ -1,15 +1,16 @@ id: o2-mobile-phish -info: - name: o2 phishing Detection - author: rxerium - severity: info - description: | - A o2 phishing website was detected - reference: - - https://o2.co.uk +info: + name: o2 phishing Detection + author: rxerium + severity: info + description: | + A o2 phishing website was detected + reference: + - https://o2.co.uk + metadata: + max-request: 1 tags: phishing,o2,osint - http: - method: GET path: diff --git a/http/osint/phishing/openai-phish.yaml b/http/osint/phishing/openai-phish.yaml index 987fdb76a5..62953c5246 100644 --- a/http/osint/phishing/openai-phish.yaml +++ b/http/osint/phishing/openai-phish.yaml @@ -1,15 +1,16 @@ id: openai-phish -info: - name: openai phishing Detection - author: rxerium - severity: info - description: | - A openai phishing website was detected - reference: - - https://openai.com +info: + name: openai phishing Detection + author: rxerium + severity: info + description: | + A openai phishing website was detected + reference: + - https://openai.com + metadata: + max-request: 1 tags: phishing,openai,osint - http: - method: GET path: diff --git a/http/osint/phishing/opera-phish.yaml b/http/osint/phishing/opera-phish.yaml index 92319703b2..7c0519a594 100644 --- a/http/osint/phishing/opera-phish.yaml +++ b/http/osint/phishing/opera-phish.yaml @@ -1,15 +1,16 @@ id: opera-phish -info: - name: opera phishing Detection - author: rxerium - severity: info - description: | - A opera phishing website was detected - reference: - - https://opera.com +info: + name: opera phishing Detection + author: rxerium + severity: info + description: | + A opera phishing website was detected + reference: + - https://opera.com + metadata: + max-request: 1 tags: phishing,opera,osint - http: - method: GET path: diff --git a/http/osint/phishing/paramountplus-phish.yaml b/http/osint/phishing/paramountplus-phish.yaml index 903d29f256..73c188473c 100644 --- a/http/osint/phishing/paramountplus-phish.yaml +++ b/http/osint/phishing/paramountplus-phish.yaml @@ -1,15 +1,16 @@ id: paramountplus-phish -info: - name: paramountplus phishing Detection - author: rxerium - severity: info - description: | - A paramountplus phishing website was detected - reference: - - https://paramountplus.com +info: + name: paramountplus phishing Detection + author: rxerium + severity: info + description: | + A paramountplus phishing website was detected + reference: + - https://paramountplus.com + metadata: + max-request: 1 tags: phishing,paramountplus,osint - http: - method: GET path: diff --git a/http/osint/phishing/paypal-phish.yaml b/http/osint/phishing/paypal-phish.yaml index bc9aad0838..a9266ba518 100644 --- a/http/osint/phishing/paypal-phish.yaml +++ b/http/osint/phishing/paypal-phish.yaml @@ -1,15 +1,16 @@ id: Paypal-phish -info: - name: Paypal phishing Detection - author: rxerium - severity: info - description: | - A Paypal phishing website was detected - reference: - - https://paypal.com +info: + name: Paypal phishing Detection + author: rxerium + severity: info + description: | + A Paypal phishing website was detected + reference: + - https://paypal.com + metadata: + max-request: 1 tags: phishing,paypal,osint - http: - method: GET path: diff --git a/http/osint/phishing/pcloud-phish.yaml b/http/osint/phishing/pcloud-phish.yaml index ffd3244d00..d74c5e620c 100644 --- a/http/osint/phishing/pcloud-phish.yaml +++ b/http/osint/phishing/pcloud-phish.yaml @@ -1,15 +1,16 @@ id: pcloud-phish -info: - name: pcloud phishing Detection - author: rxerium - severity: info - description: | - A pcloud phishing website was detected - reference: - - https://pcloud.com +info: + name: pcloud phishing Detection + author: rxerium + severity: info + description: | + A pcloud phishing website was detected + reference: + - https://pcloud.com + metadata: + max-request: 1 tags: phishing,pcloud,osint - http: - method: GET path: diff --git a/http/osint/phishing/pintrest-phish.yaml b/http/osint/phishing/pintrest-phish.yaml index 4ce15cdf51..df488bb60d 100644 --- a/http/osint/phishing/pintrest-phish.yaml +++ b/http/osint/phishing/pintrest-phish.yaml @@ -1,15 +1,16 @@ id: pinterest-phish -info: - name: pinterest phishing Detection - author: rxerium - severity: info - description: | - A pinterest phishing website was detected - reference: - - https://pinterest.com +info: + name: pinterest phishing Detection + author: rxerium + severity: info + description: | + A pinterest phishing website was detected + reference: + - https://pinterest.com + metadata: + max-request: 1 tags: phishing,pinterest,osint - http: - method: GET path: diff --git a/http/osint/phishing/plusnet-phish.yaml b/http/osint/phishing/plusnet-phish.yaml index d6f2f42e86..b906d72295 100644 --- a/http/osint/phishing/plusnet-phish.yaml +++ b/http/osint/phishing/plusnet-phish.yaml @@ -1,15 +1,16 @@ id: plusnet-phish -info: - name: plusnet phishing Detection - author: rxerium - severity: info - description: | - A plusnet phishing website was detected - reference: - - https://plus.net +info: + name: plusnet phishing Detection + author: rxerium + severity: info + description: | + A plusnet phishing website was detected + reference: + - https://plus.net + metadata: + max-request: 1 tags: phishing,plusnet,osint - http: - method: GET path: diff --git a/http/osint/phishing/proton-phish.yaml b/http/osint/phishing/proton-phish.yaml index 57e8cd378b..5368faab02 100644 --- a/http/osint/phishing/proton-phish.yaml +++ b/http/osint/phishing/proton-phish.yaml @@ -1,15 +1,16 @@ id: proton-phish -info: - name: proton phishing Detection - author: rxerium - severity: info - description: | - A proton phishing website was detected - reference: - - https://proton.me +info: + name: proton phishing Detection + author: rxerium + severity: info + description: | + A proton phishing website was detected + reference: + - https://proton.me + metadata: + max-request: 1 tags: phishing,proton,osint - http: - method: GET path: diff --git a/http/osint/phishing/putty-phish.yaml b/http/osint/phishing/putty-phish.yaml index 72ac2f4dab..43d358afc4 100644 --- a/http/osint/phishing/putty-phish.yaml +++ b/http/osint/phishing/putty-phish.yaml @@ -1,15 +1,16 @@ id: putty-phish -info: - name: putty phishing Detection - author: rxerium - severity: info - description: | - A putty phishing website was detected - reference: - - https://putty.org +info: + name: putty phishing Detection + author: rxerium + severity: info + description: | + A putty phishing website was detected + reference: + - https://putty.org + metadata: + max-request: 1 tags: phishing,putty,osint - http: - method: GET path: diff --git a/http/osint/phishing/python-phish.yaml b/http/osint/phishing/python-phish.yaml index 40d1f86cf9..7036dd43ab 100644 --- a/http/osint/phishing/python-phish.yaml +++ b/http/osint/phishing/python-phish.yaml @@ -1,15 +1,16 @@ id: python-phish -info: - name: python phishing Detection - author: rxerium - severity: info - description: | - A python phishing website was detected - reference: - - https://python.org +info: + name: python phishing Detection + author: rxerium + severity: info + description: | + A python phishing website was detected + reference: + - https://python.org + metadata: + max-request: 1 tags: phishing,python,osint - http: - method: GET path: diff --git a/http/osint/phishing/quora-phish.yaml b/http/osint/phishing/quora-phish.yaml index 7bb59e9439..08ca27771e 100644 --- a/http/osint/phishing/quora-phish.yaml +++ b/http/osint/phishing/quora-phish.yaml @@ -1,15 +1,16 @@ id: quora-phish -info: - name: quora phishing Detection - author: rxerium - severity: info - description: | - A quora phishing website was detected - reference: - - https://quora.com +info: + name: quora phishing Detection + author: rxerium + severity: info + description: | + A quora phishing website was detected + reference: + - https://quora.com + metadata: + max-request: 1 tags: phishing,quora,osint - http: - method: GET path: diff --git a/http/osint/phishing/reddit-phish.yaml b/http/osint/phishing/reddit-phish.yaml index d720f1f476..5ef420800a 100644 --- a/http/osint/phishing/reddit-phish.yaml +++ b/http/osint/phishing/reddit-phish.yaml @@ -1,15 +1,16 @@ id: reddit-phish -info: - name: reddit phishing Detection - author: rxerium - severity: info - description: | - A reddit phishing website was detected - reference: - - https://reddit.com +info: + name: reddit phishing Detection + author: rxerium + severity: info + description: | + A reddit phishing website was detected + reference: + - https://reddit.com + metadata: + max-request: 1 tags: phishing,reddit,osint - http: - method: GET path: diff --git a/http/osint/phishing/roblox-phish.yaml b/http/osint/phishing/roblox-phish.yaml index 6a3e8202b4..d4997aea54 100644 --- a/http/osint/phishing/roblox-phish.yaml +++ b/http/osint/phishing/roblox-phish.yaml @@ -1,15 +1,16 @@ id: roblox-phish -info: - name: roblox phishing Detection - author: rxerium - severity: info - description: | - A roblox phishing website was detected - reference: - - https://roblox.com +info: + name: roblox phishing Detection + author: rxerium + severity: info + description: | + A roblox phishing website was detected + reference: + - https://roblox.com + metadata: + max-request: 1 tags: phishing,roblox,osint - http: - method: GET path: diff --git a/http/osint/phishing/roboform-phish.yaml b/http/osint/phishing/roboform-phish.yaml index 499fe32a8f..edda32326c 100644 --- a/http/osint/phishing/roboform-phish.yaml +++ b/http/osint/phishing/roboform-phish.yaml @@ -1,15 +1,16 @@ id: roboform-phish -info: - name: roboform phishing Detection - author: rxerium - severity: info - description: | - A roboform phishing website was detected - reference: - - https://roboform.com +info: + name: roboform phishing Detection + author: rxerium + severity: info + description: | + A roboform phishing website was detected + reference: + - https://roboform.com + metadata: + max-request: 1 tags: phishing,roboform,osint - http: - method: GET path: diff --git a/http/osint/phishing/royal-mail-phish.yaml b/http/osint/phishing/royal-mail-phish.yaml index 57c7958b23..943fdf078c 100644 --- a/http/osint/phishing/royal-mail-phish.yaml +++ b/http/osint/phishing/royal-mail-phish.yaml @@ -1,15 +1,16 @@ id: royal-mail-phish -info: - name: royal-mail phishing Detection - author: rxerium - severity: info - description: | - A royal-mail phishing website was detected - reference: - - https://royalmail.com +info: + name: royal-mail phishing Detection + author: rxerium + severity: info + description: | + A royal-mail phishing website was detected + reference: + - https://royalmail.com + metadata: + max-request: 1 tags: phishing,royal-mail,osint - http: - method: GET path: diff --git a/http/osint/phishing/samsung-phish.yaml b/http/osint/phishing/samsung-phish.yaml index 3ea0750f71..9c7f27cebb 100644 --- a/http/osint/phishing/samsung-phish.yaml +++ b/http/osint/phishing/samsung-phish.yaml @@ -1,15 +1,16 @@ id: samsung-phish -info: - name: samsung phishing Detection - author: rxerium - severity: info - description: | - A samsung phishing website was detected - reference: - - https://samsung.com +info: + name: samsung phishing Detection + author: rxerium + severity: info + description: | + A samsung phishing website was detected + reference: + - https://samsung.com + metadata: + max-request: 1 tags: phishing,samsung,osint - http: - method: GET path: diff --git a/http/osint/phishing/signal-phish.yaml b/http/osint/phishing/signal-phish.yaml index 30c508bee0..fc9d73e215 100644 --- a/http/osint/phishing/signal-phish.yaml +++ b/http/osint/phishing/signal-phish.yaml @@ -1,15 +1,16 @@ id: signal-phish -info: - name: signal phishing Detection - author: rxerium - severity: info - description: | - A signal phishing website was detected - reference: - - https://signal.org +info: + name: signal phishing Detection + author: rxerium + severity: info + description: | + A signal phishing website was detected + reference: + - https://signal.org + metadata: + max-request: 1 tags: phishing,signal,osint - http: - method: GET path: diff --git a/http/osint/phishing/sky-phish.yaml b/http/osint/phishing/sky-phish.yaml index 6a916f6797..174af1965c 100644 --- a/http/osint/phishing/sky-phish.yaml +++ b/http/osint/phishing/sky-phish.yaml @@ -1,15 +1,16 @@ id: sky-phish -info: - name: sky phishing Detection - author: rxerium - severity: info - description: | - A sky phishing website was detected - reference: - - https://sky.com +info: + name: sky phishing Detection + author: rxerium + severity: info + description: | + A sky phishing website was detected + reference: + - https://sky.com + metadata: + max-request: 1 tags: phishing,sky,osint - http: - method: GET path: diff --git a/http/osint/phishing/skype-phish.yaml b/http/osint/phishing/skype-phish.yaml index ab12e5be43..eccce10499 100644 --- a/http/osint/phishing/skype-phish.yaml +++ b/http/osint/phishing/skype-phish.yaml @@ -1,15 +1,16 @@ id: skype-phish -info: - name: skype phishing Detection - author: rxerium - severity: info - description: | - A skype phishing website was detected - reference: - - https://skype.com +info: + name: skype phishing Detection + author: rxerium + severity: info + description: | + A skype phishing website was detected + reference: + - https://skype.com + metadata: + max-request: 1 tags: phishing,skype,osint - http: - method: GET path: diff --git a/http/osint/phishing/skyscanner-phish.yaml b/http/osint/phishing/skyscanner-phish.yaml index 952c8e6a7e..a33f2ec602 100644 --- a/http/osint/phishing/skyscanner-phish.yaml +++ b/http/osint/phishing/skyscanner-phish.yaml @@ -1,15 +1,16 @@ id: skyscanner-phish -info: - name: skyscanner phishing Detection - author: rxerium - severity: info - description: | - A skyscanner phishing website was detected - reference: - - https://skyscanner.net +info: + name: skyscanner phishing Detection + author: rxerium + severity: info + description: | + A skyscanner phishing website was detected + reference: + - https://skyscanner.net + metadata: + max-request: 1 tags: phishing,skyscanner,osint - http: - method: GET path: diff --git a/http/osint/phishing/slack-phish.yaml b/http/osint/phishing/slack-phish.yaml index 09c306af10..89a05f5a5b 100644 --- a/http/osint/phishing/slack-phish.yaml +++ b/http/osint/phishing/slack-phish.yaml @@ -1,15 +1,16 @@ id: slack-phish -info: - name: slack phishing Detection - author: rxerium - severity: info - description: | - A slack phishing website was detected - reference: - - https://slack.com +info: + name: slack phishing Detection + author: rxerium + severity: info + description: | + A slack phishing website was detected + reference: + - https://slack.com + metadata: + max-request: 1 tags: phishing,slack,osint - http: - method: GET path: diff --git a/http/osint/phishing/sophos-phish.yaml b/http/osint/phishing/sophos-phish.yaml index ca6978a3ba..8fb4d59b4c 100644 --- a/http/osint/phishing/sophos-phish.yaml +++ b/http/osint/phishing/sophos-phish.yaml @@ -1,15 +1,16 @@ id: sophos-phish -info: - name: sophos phishing Detection - author: rxerium - severity: info - description: | - A sophos phishing website was detected - reference: - - https://sophos.com +info: + name: sophos phishing Detection + author: rxerium + severity: info + description: | + A sophos phishing website was detected + reference: + - https://sophos.com + metadata: + max-request: 1 tags: phishing,sophos,osint - http: - method: GET path: diff --git a/http/osint/phishing/spotify-phish.yaml b/http/osint/phishing/spotify-phish.yaml index ec3f4ffe22..99428f1ee8 100644 --- a/http/osint/phishing/spotify-phish.yaml +++ b/http/osint/phishing/spotify-phish.yaml @@ -1,15 +1,16 @@ id: spotify-phish -info: - name: spotify phishing Detection - author: rxerium - severity: info - description: | - A spotify phishing website was detected - reference: - - https://spotify.com +info: + name: spotify phishing Detection + author: rxerium + severity: info + description: | + A spotify phishing website was detected + reference: + - https://spotify.com + metadata: + max-request: 1 tags: phishing,spotify,osint - http: - method: GET path: diff --git a/http/osint/phishing/steam-phish.yaml b/http/osint/phishing/steam-phish.yaml index ee1b5cae79..71ed4e928d 100644 --- a/http/osint/phishing/steam-phish.yaml +++ b/http/osint/phishing/steam-phish.yaml @@ -1,15 +1,16 @@ id: steam-phish -info: - name: steam phishing Detection - author: rxerium - severity: info - description: | - A steam phishing website was detected - reference: - - https://steampowered.com +info: + name: steam phishing Detection + author: rxerium + severity: info + description: | + A steam phishing website was detected + reference: + - https://steampowered.com + metadata: + max-request: 1 tags: phishing,steam,osint - http: - method: GET path: diff --git a/http/osint/phishing/sync-storage-phish.yaml b/http/osint/phishing/sync-storage-phish.yaml index 29a632775d..8d4c76dea4 100644 --- a/http/osint/phishing/sync-storage-phish.yaml +++ b/http/osint/phishing/sync-storage-phish.yaml @@ -1,15 +1,16 @@ id: sync-phish -info: - name: sync storage phishing Detection - author: rxerium - severity: info - description: | - A sync storage phishing website was detected - reference: - - https://sync.com +info: + name: sync storage phishing Detection + author: rxerium + severity: info + description: | + A sync storage phishing website was detected + reference: + - https://sync.com + metadata: + max-request: 1 tags: phishing,sync,osint - http: - method: GET path: diff --git a/http/osint/phishing/target-phish.yaml b/http/osint/phishing/target-phish.yaml index 842caf6856..0b395adc0e 100644 --- a/http/osint/phishing/target-phish.yaml +++ b/http/osint/phishing/target-phish.yaml @@ -1,15 +1,16 @@ id: target-phish -info: - name: target phishing Detection - author: rxerium - severity: info - description: | - A target phishing website was detected - reference: - - https://target.com +info: + name: target phishing Detection + author: rxerium + severity: info + description: | + A target phishing website was detected + reference: + - https://target.com + metadata: + max-request: 1 tags: phishing,target,osint - http: - method: GET path: diff --git a/http/osint/phishing/teamviewer-phish.yaml b/http/osint/phishing/teamviewer-phish.yaml index 645c73ff78..11c47db2f5 100644 --- a/http/osint/phishing/teamviewer-phish.yaml +++ b/http/osint/phishing/teamviewer-phish.yaml @@ -1,15 +1,16 @@ id: teamviewer-phish -info: - name: teamviewer phishing Detection - author: rxerium - severity: info - description: | - A teamviewer phishing website was detected - reference: - - https://teamviewer.com +info: + name: teamviewer phishing Detection + author: rxerium + severity: info + description: | + A teamviewer phishing website was detected + reference: + - https://teamviewer.com + metadata: + max-request: 1 tags: phishing,teamviewer,osint - http: - method: GET path: diff --git a/http/osint/phishing/telegram-phish.yaml b/http/osint/phishing/telegram-phish.yaml index 1a9e57db1a..0669560434 100644 --- a/http/osint/phishing/telegram-phish.yaml +++ b/http/osint/phishing/telegram-phish.yaml @@ -1,15 +1,16 @@ id: telegram-phish -info: - name: telegram phishing Detection - author: rxerium - severity: info - description: | - A telegram phishing website was detected - reference: - - https://telegram.org +info: + name: telegram phishing Detection + author: rxerium + severity: info + description: | + A telegram phishing website was detected + reference: + - https://telegram.org + metadata: + max-request: 1 tags: phishing,telegram,osint - http: - method: GET path: diff --git a/http/osint/phishing/three-mobile-phish.yaml b/http/osint/phishing/three-mobile-phish.yaml index 1cc535b171..44b7f49897 100644 --- a/http/osint/phishing/three-mobile-phish.yaml +++ b/http/osint/phishing/three-mobile-phish.yaml @@ -1,15 +1,16 @@ id: three-mobile-phish -info: - name: three phishing Detection - author: rxerium - severity: info - description: | - A three phishing website was detected - reference: - - https://three.co.uk +info: + name: three phishing Detection + author: rxerium + severity: info + description: | + A three phishing website was detected + reference: + - https://three.co.uk + metadata: + max-request: 1 tags: phishing,three,osint - http: - method: GET path: diff --git a/http/osint/phishing/thunderbird-phish.yaml b/http/osint/phishing/thunderbird-phish.yaml index 07f5620187..021b7a3777 100644 --- a/http/osint/phishing/thunderbird-phish.yaml +++ b/http/osint/phishing/thunderbird-phish.yaml @@ -1,15 +1,16 @@ id: thunderbird-phish -info: - name: thunderbird phishing Detection - author: rxerium - severity: info - description: | - A thunderbird phishing website was detected - reference: - - https://thunderbird.net +info: + name: thunderbird phishing Detection + author: rxerium + severity: info + description: | + A thunderbird phishing website was detected + reference: + - https://thunderbird.net + metadata: + max-request: 1 tags: phishing,thunderbird,osint - http: - method: GET path: diff --git a/http/osint/phishing/ticketmaster-phish.yaml b/http/osint/phishing/ticketmaster-phish.yaml index 748c7c45f1..3b4cbcc23c 100644 --- a/http/osint/phishing/ticketmaster-phish.yaml +++ b/http/osint/phishing/ticketmaster-phish.yaml @@ -1,15 +1,16 @@ id: ticket-master-phish -info: - name: ticket master phishing Detection - author: rxerium - severity: info - description: | - A ticket-master phishing website was detected - reference: - - https://ticketmaster.com +info: + name: ticket master phishing Detection + author: rxerium + severity: info + description: | + A ticket-master phishing website was detected + reference: + - https://ticketmaster.com + metadata: + max-request: 1 tags: phishing,ticket-master,osint - http: - method: GET path: diff --git a/http/osint/phishing/tiktok-phish.yaml b/http/osint/phishing/tiktok-phish.yaml index f87c4566eb..fbe5c17519 100644 --- a/http/osint/phishing/tiktok-phish.yaml +++ b/http/osint/phishing/tiktok-phish.yaml @@ -1,15 +1,16 @@ id: tiktok-phish -info: - name: tiktok phishing Detection - author: rxerium - severity: info - description: | - A tiktok phishing website was detected - reference: - - https://tiktok.com +info: + name: tiktok phishing Detection + author: rxerium + severity: info + description: | + A tiktok phishing website was detected + reference: + - https://tiktok.com + metadata: + max-request: 1 tags: phishing,tiktok,osint - http: - method: GET path: diff --git a/http/osint/phishing/trading212-phish.yaml b/http/osint/phishing/trading212-phish.yaml index c9ffda1876..0343dacf7d 100644 --- a/http/osint/phishing/trading212-phish.yaml +++ b/http/osint/phishing/trading212-phish.yaml @@ -1,15 +1,16 @@ id: trading212-phish -info: - name: trading212 phishing Detection - author: rxerium - severity: info - description: | - A trading212 phishing website was detected - reference: - - https://trading212.com +info: + name: trading212 phishing Detection + author: rxerium + severity: info + description: | + A trading212 phishing website was detected + reference: + - https://trading212.com + metadata: + max-request: 1 tags: phishing,trading212,osint - http: - method: GET path: diff --git a/http/osint/phishing/trend-micro-phish.yaml b/http/osint/phishing/trend-micro-phish.yaml index f7e88e806a..ea72e4e6b2 100644 --- a/http/osint/phishing/trend-micro-phish.yaml +++ b/http/osint/phishing/trend-micro-phish.yaml @@ -1,15 +1,16 @@ id: trend-micro-phish -info: - name: trend micro phishing Detection - author: rxerium - severity: info - description: | - A trend micro phishing website was detected - reference: - - https://trendmicro.com +info: + name: trend micro phishing Detection + author: rxerium + severity: info + description: | + A trend micro phishing website was detected + reference: + - https://trendmicro.com + metadata: + max-request: 1 tags: phishing,trend-micro,osint - http: - method: GET path: diff --git a/http/osint/phishing/trip-phish.yaml b/http/osint/phishing/trip-phish.yaml index cbc1a8fb25..449169ad4b 100644 --- a/http/osint/phishing/trip-phish.yaml +++ b/http/osint/phishing/trip-phish.yaml @@ -1,15 +1,16 @@ id: trip-phish -info: - name: trip phishing Detection - author: rxerium - severity: info - description: | - A trip phishing website was detected - reference: - - https://trip.com +info: + name: trip phishing Detection + author: rxerium + severity: info + description: | + A trip phishing website was detected + reference: + - https://trip.com + metadata: + max-request: 1 tags: phishing,trip,osint - http: - method: GET path: diff --git a/http/osint/phishing/twitch-phish.yaml b/http/osint/phishing/twitch-phish.yaml index 52e4d69a1e..a2fce67dbb 100644 --- a/http/osint/phishing/twitch-phish.yaml +++ b/http/osint/phishing/twitch-phish.yaml @@ -1,15 +1,16 @@ id: twitch-phish -info: - name: Twitch phishing Detection - author: rxerium - severity: info - description: | - A twitch phishing website was detected - reference: - - https://twitch.tv +info: + name: Twitch phishing Detection + author: rxerium + severity: info + description: | + A twitch phishing website was detected + reference: + - https://twitch.tv + metadata: + max-request: 1 tags: phishing,twitch,osint - http: - method: GET path: diff --git a/http/osint/phishing/uber-phish.yaml b/http/osint/phishing/uber-phish.yaml index debf27a52a..b977c5f98a 100644 --- a/http/osint/phishing/uber-phish.yaml +++ b/http/osint/phishing/uber-phish.yaml @@ -1,15 +1,16 @@ id: uber-phish -info: - name: uber phishing Detection - author: rxerium - severity: info - description: | - A uber phishing website was detected - reference: - - https://uber.com +info: + name: uber phishing Detection + author: rxerium + severity: info + description: | + A uber phishing website was detected + reference: + - https://uber.com + metadata: + max-request: 1 tags: phishing,uber,osint - http: - method: GET path: diff --git a/http/osint/phishing/visual-studio-code-phish.yaml b/http/osint/phishing/visual-studio-code-phish.yaml index 8e6628cf3d..c4d9fd6e69 100644 --- a/http/osint/phishing/visual-studio-code-phish.yaml +++ b/http/osint/phishing/visual-studio-code-phish.yaml @@ -1,15 +1,16 @@ id: visual-studio-code-phish -info: - name: visual studio code phishing Detection - author: rxerium - severity: info - description: | - A visual studio code phishing website was detected - reference: - - https://visualstudio.com +info: + name: visual studio code phishing Detection + author: rxerium + severity: info + description: | + A visual studio code phishing website was detected + reference: + - https://visualstudio.com + metadata: + max-request: 1 tags: phishing,visual-studio-code,osint - http: - method: GET path: diff --git a/http/osint/phishing/vlc-player-phish.yaml b/http/osint/phishing/vlc-player-phish.yaml index 7c52d85fc3..bc0ae01d2f 100644 --- a/http/osint/phishing/vlc-player-phish.yaml +++ b/http/osint/phishing/vlc-player-phish.yaml @@ -1,15 +1,16 @@ id: vlc-media-phish -info: - name: vlc media phishing Detection - author: rxerium - severity: info - description: | - A vlc media phishing website was detected - reference: - - https://www.videolan.org +info: + name: vlc media phishing Detection + author: rxerium + severity: info + description: | + A vlc media phishing website was detected + reference: + - https://www.videolan.org + metadata: + max-request: 1 tags: phishing,vlc-media,osint - http: - method: GET path: diff --git a/http/osint/phishing/vodafone-phish.yaml b/http/osint/phishing/vodafone-phish.yaml index 720f753bdc..dfe643c5f5 100644 --- a/http/osint/phishing/vodafone-phish.yaml +++ b/http/osint/phishing/vodafone-phish.yaml @@ -1,15 +1,16 @@ id: vodafone-phish -info: - name: vodafone phishing Detection - author: rxerium - severity: info - description: | - A vodafone phishing website was detected - reference: - - https://vodafone.co.uk +info: + name: vodafone phishing Detection + author: rxerium + severity: info + description: | + A vodafone phishing website was detected + reference: + - https://vodafone.co.uk + metadata: + max-request: 1 tags: phishing,vodafone,osint - http: - method: GET path: diff --git a/http/osint/phishing/vultr-phish.yaml b/http/osint/phishing/vultr-phish.yaml index 544ff7ebf0..298fa60363 100644 --- a/http/osint/phishing/vultr-phish.yaml +++ b/http/osint/phishing/vultr-phish.yaml @@ -1,15 +1,16 @@ id: vultr-phish -info: - name: vultr phishing Detection - author: rxerium - severity: info - description: | - A vultr phishing website was detected - reference: - - https://my.vultr.com/ +info: + name: vultr phishing Detection + author: rxerium + severity: info + description: | + A vultr phishing website was detected + reference: + - https://my.vultr.com/ + metadata: + max-request: 1 tags: phishing,vultr,osint - http: - method: GET path: diff --git a/http/osint/phishing/walmart-phish.yaml b/http/osint/phishing/walmart-phish.yaml index 74fb1f6576..4ca20b4b96 100644 --- a/http/osint/phishing/walmart-phish.yaml +++ b/http/osint/phishing/walmart-phish.yaml @@ -1,15 +1,16 @@ id: walmart-phish -info: - name: walmart phishing Detection - author: rxerium - severity: info - description: | - A walmart phishing website was detected - reference: - - https://walmart.com +info: + name: walmart phishing Detection + author: rxerium + severity: info + description: | + A walmart phishing website was detected + reference: + - https://walmart.com + metadata: + max-request: 1 tags: phishing,walmart,osint - http: - method: GET path: diff --git a/http/osint/phishing/wetransfer-phish.yaml b/http/osint/phishing/wetransfer-phish.yaml index 3ece306eb3..a927e4f955 100644 --- a/http/osint/phishing/wetransfer-phish.yaml +++ b/http/osint/phishing/wetransfer-phish.yaml @@ -1,15 +1,16 @@ id: wetransfer-phish -info: - name: wetransfer phishing Detection - author: rxerium - severity: info - description: | - A wetransfer phishing website was detected - reference: - - https://wetransfer.com +info: + name: wetransfer phishing Detection + author: rxerium + severity: info + description: | + A wetransfer phishing website was detected + reference: + - https://wetransfer.com + metadata: + max-request: 1 tags: phishing,wetransfer,osint - http: - method: GET path: diff --git a/http/osint/phishing/whatsapp-phish.yaml b/http/osint/phishing/whatsapp-phish.yaml index 91f5f40369..1f035b71d8 100644 --- a/http/osint/phishing/whatsapp-phish.yaml +++ b/http/osint/phishing/whatsapp-phish.yaml @@ -1,15 +1,16 @@ id: Whatsapp-phish -info: - name: Whatsapp phishing Detection - author: rxerium - severity: info - description: | - A Whatsapp phishing website was detected - reference: - - https://whatsapp.com +info: + name: Whatsapp phishing Detection + author: rxerium + severity: info + description: | + A Whatsapp phishing website was detected + reference: + - https://whatsapp.com + metadata: + max-request: 1 tags: phishing,whatsapp,osint - http: - method: GET path: diff --git a/http/osint/phishing/wikipedia-phish.yaml b/http/osint/phishing/wikipedia-phish.yaml index 0f6819e98e..2adf7923ae 100644 --- a/http/osint/phishing/wikipedia-phish.yaml +++ b/http/osint/phishing/wikipedia-phish.yaml @@ -1,15 +1,16 @@ id: Wikipedia-phish -info: - name: Wikipedia phishing Detection - author: rxerium - severity: info - description: | - A Wikipedia phishing website was detected - reference: - - https://wikipedia.com +info: + name: Wikipedia phishing Detection + author: rxerium + severity: info + description: | + A Wikipedia phishing website was detected + reference: + - https://wikipedia.com + metadata: + max-request: 1 tags: phishing,wikipedia,osint - http: - method: GET path: diff --git a/http/osint/phishing/winscp-phish.yaml b/http/osint/phishing/winscp-phish.yaml index 64a3adf528..f0cb3e5ad8 100644 --- a/http/osint/phishing/winscp-phish.yaml +++ b/http/osint/phishing/winscp-phish.yaml @@ -1,15 +1,16 @@ id: winscp-phish -info: - name: winscp phishing Detection - author: rxerium - severity: info - description: | - A winscp phishing website was detected - reference: - - https://winscp.net +info: + name: winscp phishing Detection + author: rxerium + severity: info + description: | + A winscp phishing website was detected + reference: + - https://winscp.net + metadata: + max-request: 1 tags: phishing,winscp,osint - http: - method: GET path: diff --git a/http/osint/phishing/yahoo-phish.yaml b/http/osint/phishing/yahoo-phish.yaml index b15956bf41..2e2b3ab4ba 100644 --- a/http/osint/phishing/yahoo-phish.yaml +++ b/http/osint/phishing/yahoo-phish.yaml @@ -1,15 +1,16 @@ id: yahoo-phish -info: - name: Yahoo phishing Detection - author: rxerium - severity: info - description: | - A yahoo phishing website was detected - reference: - - https://yahoo.com +info: + name: Yahoo phishing Detection + author: rxerium + severity: info + description: | + A yahoo phishing website was detected + reference: + - https://yahoo.com + metadata: + max-request: 1 tags: phishing,yahoo,osint - http: - method: GET path: diff --git a/http/osint/phishing/zoom-phish.yaml b/http/osint/phishing/zoom-phish.yaml index 756e38b3c1..ab7a0e04c1 100644 --- a/http/osint/phishing/zoom-phish.yaml +++ b/http/osint/phishing/zoom-phish.yaml @@ -1,15 +1,16 @@ id: zoom-phish -info: - name: zoom phishing Detection - author: rxerium - severity: info - description: | - A zoom phishing website was detected - reference: - - https://zoom.us +info: + name: zoom phishing Detection + author: rxerium + severity: info + description: | + A zoom phishing website was detected + reference: + - https://zoom.us + metadata: + max-request: 1 tags: phishing,zoom,osint - http: - method: GET path: diff --git a/http/technologies/admiralcloud-detect.yaml b/http/technologies/admiralcloud-detect.yaml index 72c9fcf05b..c585d85def 100644 --- a/http/technologies/admiralcloud-detect.yaml +++ b/http/technologies/admiralcloud-detect.yaml @@ -1,19 +1,19 @@ id: admiralcloud-detect -info: - name: AdmiralCloud - Detect - author: righettod - severity: info - description: | - AdmiralCloud was detected. - reference: - - https://www.admiralcloud.com/en/ - metadata: - max-request: 1 - verified: true - shodan-query: http.title:"AdmiralCloud" - tags: tech,admiralcloud,detect - +info: + name: AdmiralCloud - Detect + author: righettod + severity: info + description: | + AdmiralCloud was detected. + reference: + - https://www.admiralcloud.com/en/ + metadata: + verified: true + max-request: 1 + shodan-query: http.title:"AdmiralCloud" + tags: tech,admiralcloud,detect + http: - method: GET path: diff --git a/http/technologies/arcgis-rest-api.yaml b/http/technologies/arcgis-rest-api.yaml index 34b7a0eff7..183d62abcc 100644 --- a/http/technologies/arcgis-rest-api.yaml +++ b/http/technologies/arcgis-rest-api.yaml @@ -10,9 +10,9 @@ info: classification: cwe-id: CWE-200 metadata: + max-request: 1 vendor: esri product: arcgis_engine - max-request: 1 tags: api,arcgis,cms,tech http: diff --git a/http/technologies/arcgis-tokens.yaml b/http/technologies/arcgis-tokens.yaml index f6a89be369..4067b93031 100644 --- a/http/technologies/arcgis-tokens.yaml +++ b/http/technologies/arcgis-tokens.yaml @@ -8,10 +8,10 @@ info: reference: - https://enterprise.arcgis.com/en/ metadata: - vendor: esri - product: arcgis_server verified: true max-request: 1 + vendor: esri + product: arcgis_server shodan-query: title:"ArcGIS" tags: tech,arcgis,tokens,detect diff --git a/http/technologies/directus-detect.yaml b/http/technologies/directus-detect.yaml index 2e01cf6172..b130dc3a9e 100644 --- a/http/technologies/directus-detect.yaml +++ b/http/technologies/directus-detect.yaml @@ -9,9 +9,9 @@ info: reference: - https://directus.io/ metadata: + verified: true max-request: 1 google-query: 'X-Powered-By: Directus' - verified: true tags: tech,directus,detect http: diff --git a/http/technologies/hcpanywhere-detect.yaml b/http/technologies/hcpanywhere-detect.yaml index 0319e3ecaa..0ad8a6f1a4 100644 --- a/http/technologies/hcpanywhere-detect.yaml +++ b/http/technologies/hcpanywhere-detect.yaml @@ -9,8 +9,8 @@ info: reference: - https://hcpanywhere.hds.com/portal/public/help-complete/en/cp_hcpaw_what_is.html metadata: - max-request: 1 verified: true + max-request: 1 shodan-query: icon_hash="915499123" tags: tech,hcpanywhere diff --git a/http/technologies/ibm/ibm-odm-detect.yaml b/http/technologies/ibm/ibm-odm-detect.yaml index 7c4002fe2d..39b7cda600 100644 --- a/http/technologies/ibm/ibm-odm-detect.yaml +++ b/http/technologies/ibm/ibm-odm-detect.yaml @@ -10,8 +10,8 @@ info: - https://www.ibm.com/products/operational-decision-manager metadata: verified: true - fofa-query: "icon_hash=\"707491698\"" max-request: 1 + fofa-query: "icon_hash=\"707491698\"" tags: ibm,decision-center,tech,detect http: diff --git a/http/technologies/microsoft/aspnet-version-detect.yaml b/http/technologies/microsoft/aspnet-version-detect.yaml index 3c81cdf235..58114b8031 100644 --- a/http/technologies/microsoft/aspnet-version-detect.yaml +++ b/http/technologies/microsoft/aspnet-version-detect.yaml @@ -8,11 +8,11 @@ info: Detects version disclosed via 'X-AspNet-Version' header. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0.0 + cvss-score: 0 cwe-id: CWE-200 metadata: - max-request: 1 verified: true + max-request: 1 shodan-query: "X-AspNet-Version" tags: tech,detect,aspnet diff --git a/http/technologies/microsoft/aspnetmvc-version-disclosure.yaml b/http/technologies/microsoft/aspnetmvc-version-disclosure.yaml index 3ead7e3a05..e106673d3c 100644 --- a/http/technologies/microsoft/aspnetmvc-version-disclosure.yaml +++ b/http/technologies/microsoft/aspnetmvc-version-disclosure.yaml @@ -8,11 +8,11 @@ info: Detects version disclosed via 'X-AspNetMvc-Version' header. classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N - cvss-score: 0.0 + cvss-score: 0 cwe-id: CWE-200 metadata: - max-request: 1 verified: true + max-request: 1 shodan-query: "X-AspNetMvc-Version" tags: aspnetmvc,tech,detect diff --git a/http/technologies/pexip-detect.yaml b/http/technologies/pexip-detect.yaml index 3e2223fa1f..c0b997c2a1 100644 --- a/http/technologies/pexip-detect.yaml +++ b/http/technologies/pexip-detect.yaml @@ -1,19 +1,19 @@ id: pexip-detect -info: - name: Pexip - Detect - author: righettod - severity: info - description: | - Pexip technology was detected. - reference: - - https://www.pexip.com/ - metadata: - verified: true - max-request: 1 - shodan-query: http.title:"Pexip Connect for Web" - tags: tech,pexip,detect - +info: + name: Pexip - Detect + author: righettod + severity: info + description: | + Pexip technology was detected. + reference: + - https://www.pexip.com/ + metadata: + verified: true + max-request: 1 + shodan-query: http.title:"Pexip Connect for Web" + tags: tech,pexip,detect + http: - method: GET path: diff --git a/http/technologies/wing-ftp-service-detect.yaml b/http/technologies/wing-ftp-service-detect.yaml index f13ae74309..551f2631dd 100644 --- a/http/technologies/wing-ftp-service-detect.yaml +++ b/http/technologies/wing-ftp-service-detect.yaml @@ -7,8 +7,8 @@ info: description: | The File Transfer Protocol (FTP) is a standard network protocol used to transfer computer files between a client and server on a computer network. metadata: - max-request: 1 verified: true + max-request: 1 shodan-query: "Wing FTP Server" tags: tech,ftp,wing,detect diff --git a/http/vulnerabilities/apache/apache-druid-kafka-connect-rce.yaml b/http/vulnerabilities/apache/apache-druid-kafka-connect-rce.yaml index 344fe9f3b0..7c295f8671 100644 --- a/http/vulnerabilities/apache/apache-druid-kafka-connect-rce.yaml +++ b/http/vulnerabilities/apache/apache-druid-kafka-connect-rce.yaml @@ -17,8 +17,8 @@ info: cvss-score: 8.8 cve-id: CVE-2023-25194 cwe-id: CWE-502 - epss-score: 0.91608 - epss-percentile: 0.98695 + epss-score: 0.89626 + epss-percentile: 0.98692 cpe: cpe:2.3:a:apache:kafka_connect:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/http/vulnerabilities/chanjet-tplus/chanjet-tplus-unauth-passreset.yaml b/http/vulnerabilities/chanjet-tplus/chanjet-tplus-unauth-passreset.yaml index 9451b34370..909ddc9963 100644 --- a/http/vulnerabilities/chanjet-tplus/chanjet-tplus-unauth-passreset.yaml +++ b/http/vulnerabilities/chanjet-tplus/chanjet-tplus-unauth-passreset.yaml @@ -10,8 +10,8 @@ info: - https://cn-sec.com/archives/1377207.html - https://www.chanjet.com metadata: - max-request: 2 verified: true + max-request: 2 fofa-query: app="畅捷通-TPlus" tags: tplus,unauth,chanjet diff --git a/http/vulnerabilities/dahua/dahua-bitmap-fileupload.yaml b/http/vulnerabilities/dahua/dahua-bitmap-fileupload.yaml index 32866a2c68..ca8b7c8046 100644 --- a/http/vulnerabilities/dahua/dahua-bitmap-fileupload.yaml +++ b/http/vulnerabilities/dahua/dahua-bitmap-fileupload.yaml @@ -7,11 +7,10 @@ info: reference: - https://github.com/wy876/POC/blob/main/%E5%A4%A7%E5%8D%8E%E6%99%BA%E6%85%A7%E5%9B%AD%E5%8C%BA%E7%BB%BC%E5%90%88%E7%AE%A1%E7%90%86%E5%B9%B3%E5%8F%B0bitmap%E6%8E%A5%E5%8F%A3%E5%AD%98%E5%9C%A8%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E4%B8%8A%E4%BC%A0%E6%BC%8F%E6%B4%9E.md metadata: - fofa-query: "app=\"dahua-智慧园区综合管理平台\"" verified: true max-request: 2 + fofa-query: "app=\"dahua-智慧园区综合管理平台\"" tags: dahua,file-upload,rce,intrusive - variables: rand_str: "{{randstr}}" cmd: "{{base64(to_lower(rand_text_alpha(6)))}}" diff --git a/http/vulnerabilities/landray/landray-eis-ws-infoleak.yaml b/http/vulnerabilities/landray/landray-eis-ws-infoleak.yaml index a931de2974..3bf0ba8048 100644 --- a/http/vulnerabilities/landray/landray-eis-ws-infoleak.yaml +++ b/http/vulnerabilities/landray/landray-eis-ws-infoleak.yaml @@ -12,8 +12,8 @@ info: metadata: verified: true max-request: 1 - zoomeye-query: app:"蓝凌EIS智慧协同平台" fofa-query: app="Landray-EIS智慧协同平台" + zoomeye-query: app:"蓝凌EIS智慧协同平台" tags: landray,eis,info-leak http: diff --git a/http/vulnerabilities/lucee-rce.yaml b/http/vulnerabilities/lucee-rce.yaml index 59e698ba3a..0f45ebe15f 100644 --- a/http/vulnerabilities/lucee-rce.yaml +++ b/http/vulnerabilities/lucee-rce.yaml @@ -7,9 +7,9 @@ info: reference: - https://blog.projectdiscovery.io/hello-lucee-let-us-hack-apple-again metadata: + verified: true max-request: 1 shodan-query: http.title:"Lucee" - verified: true tags: lucee,rce,oast http: diff --git a/http/vulnerabilities/other/glodon-linkworks-sqli.yaml b/http/vulnerabilities/other/glodon-linkworks-sqli.yaml index 1be62fc8cb..80db71d7d8 100644 --- a/http/vulnerabilities/other/glodon-linkworks-sqli.yaml +++ b/http/vulnerabilities/other/glodon-linkworks-sqli.yaml @@ -9,8 +9,8 @@ info: reference: - https://github.com/zan8in/pocwiki/blob/main/%E5%B9%BF%E8%81%94%E8%BE%BE-linkworks-gwgdwebservice%E5%AD%98%E5%9C%A8SQL%E6%B3%A8%E5%85%A5%E6%BC%8F%E6%B4%9E.md metadata: - max-request: 1 verified: true + max-request: 1 fofa-query: banner="Services/Identification/login.ashx" tags: glodon,linkworks,sqli diff --git a/http/vulnerabilities/other/lucee-unset-credentials.yaml b/http/vulnerabilities/other/lucee-unset-credentials.yaml index ddf31fb538..0a7ff5691d 100644 --- a/http/vulnerabilities/other/lucee-unset-credentials.yaml +++ b/http/vulnerabilities/other/lucee-unset-credentials.yaml @@ -12,8 +12,8 @@ info: classification: cwe-id: CWE-798 metadata: - max-request: 2 verified: true + max-request: 2 shodan-query: "html:\"Lucee\"" fofa-query: "app=\"Lucee-Engine\"" tags: lucee,default-login,unauth diff --git a/http/vulnerabilities/other/ups-network-lfi.yaml b/http/vulnerabilities/other/ups-network-lfi.yaml index 4ac9d89d60..9dbfc4d349 100644 --- a/http/vulnerabilities/other/ups-network-lfi.yaml +++ b/http/vulnerabilities/other/ups-network-lfi.yaml @@ -10,10 +10,10 @@ info: - https://packetstormsecurity.com/files/177626/upsnmc4-traversal.txt - https://www.exploit-db.com/exploits/51897 metadata: - max-request: 1 verified: true + max-request: 1 shodan-query: html:"UPS Network Management Card 4" - tags: ups,lfi + tags: packetstorm,ups,lfi http: - method: GET diff --git a/http/vulnerabilities/ruijie/ruijie-rg-eg-web-mis-rce.yaml b/http/vulnerabilities/ruijie/ruijie-rg-eg-web-mis-rce.yaml index 62e7aeaade..b00f4688b4 100644 --- a/http/vulnerabilities/ruijie/ruijie-rg-eg-web-mis-rce.yaml +++ b/http/vulnerabilities/ruijie/ruijie-rg-eg-web-mis-rce.yaml @@ -9,11 +9,10 @@ info: reference: - https://github.com/xinyisleep/pocscan/blob/main/%E9%94%90%E6%8D%B7/%E9%94%90%E6%8D%B7_EG%E6%98%93%E7%BD%91%E5%85%B3_WEB%E7%AE%A1%E7%90%86%E7%B3%BB%E7%BB%9F_%E5%89%8D%E5%8F%B0RCE.py metadata: - fofa-query: body="请输入您的RG-EG易网关的用户名和密码" - max-request: 2 verified: true + max-request: 2 + fofa-query: body="请输入您的RG-EG易网关的用户名和密码" tags: ruijie,router,iot,rce - flow: http(1) && http(2) http: diff --git a/javascript/audit/mysql/mysql-load-file.yaml b/javascript/audit/mysql/mysql-load-file.yaml index d1b64780bf..c45e8af43d 100644 --- a/javascript/audit/mysql/mysql-load-file.yaml +++ b/javascript/audit/mysql/mysql-load-file.yaml @@ -8,10 +8,10 @@ info: reference: - https://nmap.org/nsedoc/scripts/mysql-databases.html metadata: - shodan-query: port:3306 verified: true + max-request: 16 + shodan-query: "port:3306" tags: js,mysql,network,audit - javascript: - code: | let m = require('nuclei/mysql'); diff --git a/javascript/cves/2016/CVE-2016-8706.yaml b/javascript/cves/2016/CVE-2016-8706.yaml index 18a3a8018f..e22fb6d5fa 100644 --- a/javascript/cves/2016/CVE-2016-8706.yaml +++ b/javascript/cves/2016/CVE-2016-8706.yaml @@ -18,7 +18,7 @@ info: cve-id: CVE-2016-8706 cwe-id: CWE-190 epss-score: 0.89998 - epss-percentile: 0.987 + epss-percentile: 0.98714 cpe: cpe:2.3:a:memcached:memcached:*:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/javascript/cves/2023/CVE-2023-34039.yaml b/javascript/cves/2023/CVE-2023-34039.yaml index 478da2cd6f..60968b56a3 100644 --- a/javascript/cves/2023/CVE-2023-34039.yaml +++ b/javascript/cves/2023/CVE-2023-34039.yaml @@ -22,15 +22,14 @@ info: cvss-score: 9.8 cve-id: CVE-2023-34039 cwe-id: CWE-327 - epss-score: 0.88996 - epss-percentile: 0.98637 + epss-score: 0.9013 + epss-percentile: 0.98721 cpe: cpe:2.3:a:vmware:aria_operations_for_networks:*:*:*:*:*:*:*:* metadata: verified: true vendor: vmware product: aria_operations_for_networks tags: js,packetstorm,cve,cve2019,vmware,aria,rce,fuzz,vrealize - variables: keysDir: "helpers/payloads/cve-2023-34039-keys" # load all private keys from this directory diff --git a/javascript/enumeration/mysql/mysql-default-login.yaml b/javascript/enumeration/mysql/mysql-default-login.yaml index 6d9bf86242..8b5c2bdc11 100644 --- a/javascript/enumeration/mysql/mysql-default-login.yaml +++ b/javascript/enumeration/mysql/mysql-default-login.yaml @@ -7,8 +7,9 @@ info: description: | A MySQL service was accessed with easily guessed credentials. metadata: - shodan-query: port:3306 verified: true + max-request: 21 + shodan-query: "port:3306" tags: js,mysql,default-login,network,fuzz javascript: diff --git a/javascript/enumeration/mysql/mysql-info.yaml b/javascript/enumeration/mysql/mysql-info.yaml index 432e3a0a91..d068fc6669 100644 --- a/javascript/enumeration/mysql/mysql-info.yaml +++ b/javascript/enumeration/mysql/mysql-info.yaml @@ -9,9 +9,9 @@ info: reference: - https://nmap.org/nsedoc/scripts/mysql-info.html metadata: - shodan-query: port:3306 + max-request: 1 + shodan-query: "port:3306" tags: js,mssql,network - javascript: - code: | var m = require("nuclei/mysql"); diff --git a/javascript/enumeration/mysql/mysql-show-databases.yaml b/javascript/enumeration/mysql/mysql-show-databases.yaml index 6acf2122c3..f869c4b299 100644 --- a/javascript/enumeration/mysql/mysql-show-databases.yaml +++ b/javascript/enumeration/mysql/mysql-show-databases.yaml @@ -7,10 +7,10 @@ info: reference: - https://nmap.org/nsedoc/scripts/mysql-databases.html metadata: - shodan-query: port:3306 verified: true + max-request: 16 + shodan-query: "port:3306" tags: js,mysql,network,enum - javascript: - code: | let m = require('nuclei/mysql'); diff --git a/javascript/enumeration/mysql/mysql-show-variables.yaml b/javascript/enumeration/mysql/mysql-show-variables.yaml index 8d434e06fe..820aa64f36 100644 --- a/javascript/enumeration/mysql/mysql-show-variables.yaml +++ b/javascript/enumeration/mysql/mysql-show-variables.yaml @@ -8,7 +8,8 @@ info: reference: - https://nmap.org/nsedoc/scripts/mysql-variables.html metadata: - shodan-query: port:3306 + max-request: 16 + shodan-query: "port:3306" tags: js,mysql,network,enum javascript: diff --git a/javascript/enumeration/mysql/mysql-user-enum.yaml b/javascript/enumeration/mysql/mysql-user-enum.yaml index ccd7edd136..fc865a8a29 100644 --- a/javascript/enumeration/mysql/mysql-user-enum.yaml +++ b/javascript/enumeration/mysql/mysql-user-enum.yaml @@ -5,14 +5,14 @@ info: author: pussycat0x severity: high description: | - Attempts to list all users on a MySQL server. + Attempts to list all users on a MySQL server. reference: - https://nmap.org/nsedoc/scripts/mysql-users.html metadata: - shodan-query: port:3306 verified: true + max-request: 16 + shodan-query: "port:3306" tags: js,mysql,network,enum - javascript: - code: | let m = require('nuclei/mysql'); diff --git a/javascript/enumeration/smb/smb-default-creds.yaml b/javascript/enumeration/smb/smb-default-creds.yaml index cc806323d9..224be1dec4 100644 --- a/javascript/enumeration/smb/smb-default-creds.yaml +++ b/javascript/enumeration/smb/smb-default-creds.yaml @@ -10,9 +10,9 @@ info: - https://nmap.org/nsedoc/scripts/smb-brute.html metadata: verified: true + max-request: 9 shodan-query: "port:445" tags: js,network,smb,enum,default - javascript: - code: | var m = require("nuclei/smb"); diff --git a/javascript/enumeration/smb/smb-enum-domains.yaml b/javascript/enumeration/smb/smb-enum-domains.yaml index 5d84965454..0894efbdb0 100644 --- a/javascript/enumeration/smb/smb-enum-domains.yaml +++ b/javascript/enumeration/smb/smb-enum-domains.yaml @@ -5,7 +5,7 @@ info: author: DhiyaneshDK severity: info description: | - SMB enumeration of domains is often part of the reconnaissance phase, where security professionals or attackers attempt to gather information about the target network to identify potential vulnerabilities. + SMB enumeration of domains is often part of the reconnaissance phase, where security professionals or attackers attempt to gather information about the target network to identify potential vulnerabilities. reference: - https://nmap.org/nsedoc/scripts/smb-enum-domains.html metadata: @@ -13,7 +13,6 @@ info: max-request: 1 shodan-query: port:445 tags: js,network,smb,enum - javascript: - code: | var m = require("nuclei/smb"); diff --git a/javascript/enumeration/smb/smb-os-detect.yaml b/javascript/enumeration/smb/smb-os-detect.yaml index a9a0911aba..91a67741d5 100644 --- a/javascript/enumeration/smb/smb-os-detect.yaml +++ b/javascript/enumeration/smb/smb-os-detect.yaml @@ -9,9 +9,9 @@ info: reference: - https://nmap.org/nsedoc/scripts/smb-os-discovery.html metadata: + max-request: 1 shodan-query: "port:445" tags: js,network,smb,enum,os - javascript: - code: | var m = require("nuclei/smb"); diff --git a/javascript/enumeration/smb/smb-version-detect.yaml b/javascript/enumeration/smb/smb-version-detect.yaml index 2dfe2fea53..64a8a53382 100644 --- a/javascript/enumeration/smb/smb-version-detect.yaml +++ b/javascript/enumeration/smb/smb-version-detect.yaml @@ -7,9 +7,9 @@ info: description: | SMB version detection involves identifying the specific Server Message Block protocol version used by a system or network. This process is crucial for ensuring compatibility and security, as different SMB versions may have distinct features and vulnerabilities. metadata: + max-request: 1 shodan-query: "port:445" tags: js,network,smb,enum - javascript: - code: | let m = require("nuclei/smb"); diff --git a/javascript/enumeration/smb/smb2-server-time.yaml b/javascript/enumeration/smb/smb2-server-time.yaml index d08cd1e768..eb20987c0c 100644 --- a/javascript/enumeration/smb/smb2-server-time.yaml +++ b/javascript/enumeration/smb/smb2-server-time.yaml @@ -9,10 +9,10 @@ info: reference: - https://nmap.org/nsedoc/scripts/smb2-time.html metadata: - shodan-query: "port:445" verified: true + max-request: 1 + shodan-query: "port:445" tags: js,network,smb,enum - javascript: - code: | var m = require("nuclei/smb"); diff --git a/javascript/misconfiguration/mysql/mysql-empty-password.yaml b/javascript/misconfiguration/mysql/mysql-empty-password.yaml index 714f2e4107..3c51719665 100644 --- a/javascript/misconfiguration/mysql/mysql-empty-password.yaml +++ b/javascript/misconfiguration/mysql/mysql-empty-password.yaml @@ -7,7 +7,8 @@ info: description: | Checks for MySQL servers with an empty password for root or anonymous. metadata: - shodan-query: port:3306 + max-request: 3 + shodan-query: "port:3306" tags: js,mssql,network javascript: diff --git a/network/cves/2017/CVE-2017-5645.yaml b/network/cves/2017/CVE-2017-5645.yaml index 71b6524c5e..320009bc6c 100644 --- a/network/cves/2017/CVE-2017-5645.yaml +++ b/network/cves/2017/CVE-2017-5645.yaml @@ -22,7 +22,7 @@ info: cve-id: CVE-2017-5645 cwe-id: CWE-502 epss-score: 0.81948 - epss-percentile: 0.98287 + epss-percentile: 0.98292 cpe: cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/network/cves/2018/CVE-2018-2628.yaml b/network/cves/2018/CVE-2018-2628.yaml index 6f0c13cf58..7e775df2bd 100644 --- a/network/cves/2018/CVE-2018-2628.yaml +++ b/network/cves/2018/CVE-2018-2628.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2018-2628 cwe-id: CWE-502 epss-score: 0.97523 - epss-percentile: 0.99987 + epss-percentile: 0.99988 cpe: cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:* metadata: max-request: 1 diff --git a/network/cves/2018/CVE-2018-2893.yaml b/network/cves/2018/CVE-2018-2893.yaml index 7745656f41..7661ed1e33 100644 --- a/network/cves/2018/CVE-2018-2893.yaml +++ b/network/cves/2018/CVE-2018-2893.yaml @@ -20,7 +20,7 @@ info: cvss-score: 9.8 cve-id: CVE-2018-2893 epss-score: 0.97327 - epss-percentile: 0.99869 + epss-percentile: 0.99875 cpe: cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/network/cves/2020/CVE-2020-11981.yaml b/network/cves/2020/CVE-2020-11981.yaml index d2cda0df83..dc9a878224 100644 --- a/network/cves/2020/CVE-2020-11981.yaml +++ b/network/cves/2020/CVE-2020-11981.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-11981 cwe-id: CWE-78 epss-score: 0.9386 - epss-percentile: 0.99073 + epss-percentile: 0.99081 cpe: cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:* metadata: verified: true diff --git a/network/cves/2020/CVE-2020-1938.yaml b/network/cves/2020/CVE-2020-1938.yaml index d9c9dee1e9..1b6ea954d6 100644 --- a/network/cves/2020/CVE-2020-1938.yaml +++ b/network/cves/2020/CVE-2020-1938.yaml @@ -20,7 +20,7 @@ info: cve-id: CVE-2020-1938 cwe-id: CWE-269 epss-score: 0.97384 - epss-percentile: 0.99902 + epss-percentile: 0.99904 cpe: cpe:2.3:a:apache:geode:1.12.0:*:*:*:*:*:*:* metadata: max-request: 4 diff --git a/network/cves/2020/CVE-2020-7247.yaml b/network/cves/2020/CVE-2020-7247.yaml index af53dd33a1..106d570336 100644 --- a/network/cves/2020/CVE-2020-7247.yaml +++ b/network/cves/2020/CVE-2020-7247.yaml @@ -21,7 +21,7 @@ info: cve-id: CVE-2020-7247 cwe-id: CWE-755 epss-score: 0.97506 - epss-percentile: 0.99976 + epss-percentile: 0.99978 cpe: cpe:2.3:a:openbsd:opensmtpd:6.6:*:*:*:*:*:*:* metadata: max-request: 2 diff --git a/network/detection/redis-detect.yaml b/network/detection/redis-detect.yaml index 2df2c4354e..808488b7d5 100644 --- a/network/detection/redis-detect.yaml +++ b/network/detection/redis-detect.yaml @@ -9,11 +9,10 @@ info: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cwe-id: CWE-200 metadata: + verified: true max-request: 2 shodan-query: product:"redis" - verified: true tags: network,redis,detect - tcp: - inputs: - data: "*1\r\n$4\r\ninfo\r\n"