Dashboard Content Enhancements (#4819)

Dashboard Content Enhancements

cnvd/2020/CNVD-2020-23735.yaml

@@ -1,12 +1,16 @@
 id: CNVD-2020-23735
 
 info:
-  name: Xxunchi Local File read
+  name: Xxunchi CMS - Local File Inclusion
   author: princechaddha
   severity: medium
-  description: Xunyou cms has an arbitrary file reading vulnerability. Attackers can use vulnerabilities to obtain sensitive information.
+  description: Xunyou CMS is vulnerable to local file inclusion. Attackers can use vulnerabilities to obtain sensitive information.
   reference:
     - https://www.cnvd.org.cn/flaw/show/2025171
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
+    cwe-id: CWE-22
   tags: xunchi,lfi,cnvd,cnvd2020
 
 requests:
@@ -26,3 +30,5 @@ requests:
           - "NzbwpQSdbY06Dngnoteo2wdgiekm7j4N"
           - "display_errors"
         condition: and
+
+# Enhanced by mp on 2022/07/22

cnvd/2020/CNVD-2020-62422.yaml

@@ -1,9 +1,10 @@
 id: CNVD-2020-62422
 
 info:
-  name: Seeyon - Arbitrary File Retrieval
+  name: Seeyon - Local File Inclusion
   author: pikpikcu
   severity: medium
+  description: Seeyon is vulnerable to local file inclusion.
   reference:
     - https://blog.csdn.net/m0_46257936/article/details/113150699
   tags: lfi,cnvd,cnvd2020,seeyon
@@ -30,3 +31,5 @@ requests:
         words:
           - "ctpDataSource.password"
         condition: and
+
+# Enhanced by mp on 2022/07/22

cves/2008/CVE-2008-5587.yaml

@@ -1,15 +1,16 @@
 id: CVE-2008-5587
 
 info:
-  name: phpPgAdmin 4.2.1 - '_language' Local File Inclusion
+  name: phpPgAdmin <=4.2.1 - Local File Inclusion
   author: dhiyaneshDK
   severity: medium
-  description: Directory traversal vulnerability in libraries/lib.inc.php in phpPgAdmin 4.2.1 and earlier, when register_globals is enabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the _language parameter to index.php.
+  description: phpPgAdmin 4.2.1 is vulnerable to local file inclusion in libraries/lib.inc.php when register globals is enabled. Remote attackers can read arbitrary files via a .. (dot dot) in the _language parameter to index.php.
   reference:
     - https://www.exploit-db.com/exploits/7363
     - http://web.archive.org/web/20210121184707/https://www.securityfocus.com/bid/32670/
     - http://web.archive.org/web/20160520063306/http://secunia.com/advisories/33014
     - http://web.archive.org/web/20151104173853/http://secunia.com/advisories/33263
+    - https://nvd.nist.gov/vuln/detail/CVE-2008-5587
   classification:
     cve-id: CVE-2008-5587
   metadata:
@@ -31,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/22

cves/2009/CVE-2009-1151.yaml

@@ -13,7 +13,7 @@ info:
     - https://nvd.nist.gov/vuln/detail/CVE-2009-1151
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
-    cvss-score: 10
+    cvss-score: 10.0
     cve-id: CVE-2009-1151
     cwe-id: CWE-77
   tags: cve,cve2009,phpmyadmin,rce,deserialization,kev

cves/2015/CVE-2015-4666.yaml

@@ -1,14 +1,14 @@
 id: CVE-2015-4666
+
 info:
-  name: Xceedium Xsuite 2.4.4.5 - Directory Traversal
+  name: Xceedium Xsuite <=2.4.4.5 - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: Directory traversal vulnerability in opm/read_sessionlog.php in Xceedium Xsuite 2.4.4.5 and earlier allows remote attackers to read arbitrary files in the logFile parameter.
+  description: Xceedium Xsuite 2.4.4.5 and earlier is vulnerable to local file inclusion via opm/read_sessionlog.php that allows remote attackers to read arbitrary files in the logFile parameter.
   reference:
     - https://www.modzero.com/advisories/MZ-15-02-Xceedium-Xsuite.txt
-    - https://www.cvedetails.com/cve/CVE-2015-4666
     - http://packetstormsecurity.com/files/132809/Xceedium-Xsuite-Command-Injection-XSS-Traversal-Escalation.html
-    - http://www.modzero.ch/advisories/MZ-15-02-Xceedium-Xsuite.txt
+    - https://nvd.nist.gov/vuln/detail/CVE-2015-4666
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -31,3 +31,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/13

cves/2015/CVE-2015-5354.yaml

@@ -4,12 +4,12 @@ info:
   name: Novius OS 5.0.1-elche - Open Redirect
   author: 0x_Akoko
   severity: medium
-  description: Open redirect vulnerability in Novius OS 5.0.1 (Elche) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect parameter to admin/nos/login.
+  description: Novius OS 5.0.1 (Elche) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect parameter to admin/nos/login.
   reference:
     - https://packetstormsecurity.com/files/132478/Novius-OS-5.0.1-elche-XSS-LFI-Open-Redirect.html
     - https://vuldb.com/?id.76181
-    - https://nvd.nist.gov/vuln/detail/CVE-2015-5354
     - http://packetstormsecurity.com/files/132478/Novius-OS-5.0.1-elche-XSS-LFI-Open-Redirect.html
+    - https://nvd.nist.gov/vul n/detail/CVE-2015-5354
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -27,3 +27,5 @@ requests:
         part: header
         regex:
           - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
+
+# Enhanced by mp on 2022/07/22

cves/2015/CVE-2015-7780.yaml

@@ -1,15 +1,16 @@
 id: CVE-2015-7780
 
 info:
-  name: ManageEngine Firewall Analyzer 8.0 - Directory Traversal
+  name: ManageEngine Firewall Analyzer <8.0 - Local File Inclusion
   author: daffainfo
   severity: medium
-  description: Directory traversal vulnerability in ManageEngine Firewall Analyzer before 8.0.
+  description: ManageEngine Firewall Analyzer before 8.0 is vulnerable to local file inclusion.
   reference:
     - https://www.exploit-db.com/exploits/35933
     - https://www.cvedetails.com/cve/CVE-2015-7780/
     - http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-000185.html
     - http://jvn.jp/en/jp/JVN21968837/index.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2015-7780
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 6.5
@@ -39,3 +40,5 @@ requests:
         part: header
         words:
           - "application/xml"
+
+# Enhanced by mp on 2022/07/22

cves/2018/CVE-2018-1271.yaml

@@ -1,15 +1,16 @@
 id: CVE-2018-1271
 
 info:
-  name: Spring MVC Directory Traversal Vulnerability
+  name: Spring MVC Framework - Local File Inclusion
   author: hetroublemakr
   severity: medium
-  description: Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to configure Spring MVC to serve static resources (e.g. CSS, JS, images). When static resources are served from a file system on Windows (as opposed to the classpath, or the ServletContext), a malicious user can send a request using a specially crafted URL that can lead a directory traversal attack.
+  description: Spring MVC Framework versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported are vulnerable to local file inclusion because they allow applications to configure Spring MVC to serve static resources (e.g. CSS, JS, images). A malicious user can send a request using a specially crafted URL that can lead a directory traversal attack.
   reference:
     - https://medium.com/@knownsec404team/analysis-of-spring-mvc-directory-traversal-vulnerability-cve-2018-1271-b291bdb6be0d
     - https://pivotal.io/security/cve-2018-1271
     - http://web.archive.org/web/20210518132800/https://www.securityfocus.com/bid/103699
     - https://access.redhat.com/errata/RHSA-2018:1320
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-1271
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 5.9
@@ -30,3 +31,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/22

cves/2018/CVE-2018-1335.yaml

@@ -5,13 +5,13 @@ info:
   author: pikpikcu
   severity: high
   description: Apache Tika versions 1.7 to 1.17 allow clients to send carefully crafted headers to tika-server that could be used to inject commands into the command line of the server running tika-server. This vulnerability only affects those running tika-server on a server that is open to untrusted clients.
+  remediation: Upgrade to Tika 1.18.
   reference:
     - https://rhinosecuritylabs.com/application-security/exploiting-cve-2018-1335-apache-tika/
     - https://www.exploit-db.com/exploits/47208
     - https://lists.apache.org/thread.html/b3ed4432380af767effd4c6f27665cc7b2686acccbefeb9f55851dca@%3Cdev.tika.apache.org%3E
     - http://web.archive.org/web/20210516175956/https://www.securityfocus.com/bid/104001
     - https://nvd.nist.gov/vuln/detail/CVE-2018-1335
-  remediation: Upgrade to Tika 1.18.
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.1

cves/2018/CVE-2018-13980.yaml

@@ -1,15 +1,15 @@
 id: CVE-2018-13980
 
 info:
-  name: Zeta Producer Desktop CMS 14.2.0 - Arbitrary File Retrieval
+  name: Zeta Producer Desktop CMS <14.2.1 - Local File Inclusion
   author: wisnupramoedya
   severity: medium
-  description: The websites that were built from Zeta Producer Desktop CMS before 14.2.1 are vulnerable to unauthenticated file disclosure if the plugin "filebrowser" is installed, because of assets/php/filebrowser/filebrowser.main.php?file=../ directory traversal.
+  description: Zeta Producer Desktop CMS before 14.2.1 is vulnerable to local file inclusion if the plugin "filebrowser" is installed because of assets/php/filebrowser/filebrowser.main.php?file=../ directory traversal.
   reference:
     - https://www.exploit-db.com/exploits/45016
-    - https://nvd.nist.gov/vuln/detail/CVE-2018-13980
     - https://www.sec-consult.com/en/blog/advisories/remote-code-execution-local-file-disclosure-zeta-producer-desktop-cms/
     - http://packetstormsecurity.com/files/148537/Zeta-Producer-Desktop-CMS-14.2.0-Code-Execution-File-Disclosure.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-13980
   classification:
     cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 5.5
@@ -32,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/22

cves/2018/CVE-2018-15535.yaml

@@ -4,7 +4,7 @@ info:
   name: Responsive FileManager <9.13.4 - Local File Inclusion
   author: daffainfo
   severity: high
-  description: Responsive FileManager before version 9.13.4 is susceptible to local file inclusion via filemanager/ajax_calls.php because it uses external input to construct a pathname that should be within a restricted directory. Instead, because it does not properly neutralize get_file sequences such as ".." can resolve to a location that is outside of that directory, aka local file inclusion.
+  description: Responsive FileManager before version 9.13.4 is vulnerable to local file inclusion via filemanager/ajax_calls.php because it uses external input to construct a pathname that should be within a restricted directory, aka local file inclusion.
   reference:
     - https://www.exploit-db.com/exploits/45271
     - https://nvd.nist.gov/vuln/detail/CVE-2018-15535
@@ -33,4 +33,4 @@ requests:
         status:
           - 200
 
-# Enhanced by mp on 2022/07/07
+# Enhanced by mp on 2022/07/08

cves/2018/CVE-2018-16059.yaml

@@ -1,15 +1,14 @@
 id: CVE-2018-16059
 
 info:
-  name: WirelessHART Fieldgate SWG70 3.0 - Directory Traversal
+  name: WirelessHART Fieldgate SWG70 3.0 - Local File Inclusion
   author: daffainfo
   severity: medium
-  description: Endress+Hauser WirelessHART Fieldgate SWG70 3.x devices allow Directory Traversal via the fcgi-bin/wgsetcgi filename parameter.
+  description: WirelessHART Fieldgate SWG70 3.0 is vulnerable to local file inclusion via the fcgi-bin/wgsetcgi filename parameter.
   reference:
-    - https://nvd.nist.gov/vuln/detail/CVE-2018-16059
     - https://www.exploit-db.com/exploits/45342
-    - https://www.exploit-db.com/exploits/45342/
     - https://ics-cert.us-cert.gov/advisories/ICSA-19-073-03
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-16059
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
@@ -33,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/22

cves/2018/CVE-2018-16133.yaml

@@ -1,15 +1,16 @@
 id: CVE-2018-16133
 
 info:
-  name: Cybrotech CyBroHttpServer 1.0.3 Directory Traversal
+  name: Cybrotech CyBroHttpServer 1.0.3 - Local File Inclusion
   author: 0x_Akoko
   severity: medium
-  description: Cybrotech CyBroHttpServer 1.0.3 allows Directory Traversal in the URI.
+  description: Cybrotech CyBroHttpServer 1.0.3 is vulnerable to local file inclusion in the URI.
   reference:
     - https://packetstormsecurity.com/files/149177/Cybrotech-CyBroHttpServer-1.0.3-Directory-Traversal.html
     - http://www.cybrotech.com/
     - https://www.cvedetails.com/cve/CVE-2018-16133
     - https://github.com/EmreOvunc/CyBroHttpServer-v1.0.3-Directory-Traversal
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-16133
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
@@ -32,3 +33,5 @@ requests:
           - "fonts"
           - "extensions"
         condition: and
+
+# Enhanced by mp on 2022/07/22

cves/2018/CVE-2018-18775.yaml

@@ -1,14 +1,14 @@
 id: CVE-2018-18775
 
 info:
-  name: Cross Site Scripting in Microstrategy Web version 7
+  name: Microstrategy Web 7 - Cross-Site Scripting
   author: 0x_Akoko
   severity: medium
-  description: Microstrategy Web, version 7, does not sufficiently encode user-controlled inputs, resulting in a Cross-Site Scripting (XSS) vulnerability via the Login.asp Msg parameter
+  description: Microstrategy Web 7 does not sufficiently encode user-controlled inputs, resulting in cross-site scripting via the Login.asp Msg parameter.
   reference:
     - https://www.exploit-db.com/exploits/45755
     - http://packetstormsecurity.com/files/150059/Microstrategy-Web-7-Cross-Site-Scripting-Traversal.html
-    - https://www.exploit-db.com/exploits/45755/
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-18775
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
@@ -35,3 +35,5 @@ requests:
         words:
           - "text/html"
         part: header
+
+# Enhanced by mp on 2022/07/22

cves/2018/CVE-2018-18777.yaml

@@ -1,17 +1,15 @@
 id: CVE-2018-18777
 
 info:
-  name: Path traversal vulnerability in Microstrategy Web version 7
+  name: Microstrategy Web 7 - Local File Inclusion
   author: 0x_Akoko
   severity: medium
   description: |
-    Directory traversal vulnerability in Microstrategy Web, version 7, in "/WebMstr7/servlet/mstrWeb" (in the parameter subpage)
+    Microstrategy Web 7 is vulnerable to local file inclusion via "/WebMstr7/servlet/mstrWeb" (in the parameter subpage). Remote authenticated users can bypass intended SecurityManager restrictions and list a parent directory via a /.. (slash dot dot) in a pathname used by a web application. NOTE: this is a deprecated product.
-    allows remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via a /..
-    (slash dot dot) in a pathname used by a web application. NOTE: this is a deprecated product.
   reference:
     - https://www.exploit-db.com/exploits/45755
     - http://packetstormsecurity.com/files/150059/Microstrategy-Web-7-Cross-Site-Scripting-Traversal.html
-    - https://www.exploit-db.com/exploits/45755/
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-18777
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 4.3
@@ -34,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/22

cves/2018/CVE-2018-18778.yaml

@@ -1,13 +1,14 @@
 id: CVE-2018-18778
 
 info:
-  name: mini_httpd Path Traversal
+  name: ACME mini_httpd <1.30 - Local File Inclusion
   author: dhiyaneshDK
   severity: medium
-  description: ACME mini_httpd before 1.30 lets remote users read arbitrary files.
+  description: ACME mini_httpd before 1.30 is vulnerable to local file inclusion.
   reference:
     - https://www.acunetix.com/vulnerabilities/web/acme-mini_httpd-arbitrary-file-read/
     - http://www.acme.com/software/mini_httpd/
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-18778
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 6.5
@@ -31,3 +32,5 @@ requests:
       - type: regex
         regex:
           - "root:.*:0:0:"
+
+# Enhanced by mp on 2022/07/22

cves/2018/CVE-2018-2392.yaml

@@ -1,17 +1,18 @@
 id: CVE-2018-2392
 
 info:
-  name: SAP Internet Graphics Server (IGS) XML External Entity
+  name: SAP Internet Graphics Server (IGS) - XML External Entity Injection
   author: _generic_human_
   severity: high
   description: |
-    SAP Internet Graphics Servers (IGS) running versions 7.20, 7.20EXT, 7.45, 7.49, or 7.53 has two XXE vulnerabilities within the XMLCHART page - CVE-2018-2392 and CVE-2018-2393. These vulnerabilities occur due to a lack of appropriate validation on the Extension HTML tag when submitting a POST request to the XMLCHART page to generate a new chart.
+    SAP Internet Graphics Servers (IGS) running versions 7.20, 7.20EXT, 7.45, 7.49, or 7.53 has two XML external entity injection (XXE) vulnerabilities within the XMLCHART page - CVE-2018-2392 and CVE-2018-2393. These vulnerabilities occur due to a lack of appropriate validation on the Extension HTML tag when submitting a POST request to the XMLCHART page to generate a new chart.
   reference:
     - https://launchpad.support.sap.com/#/notes/2525222
     - https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/
     - https://www.rapid7.com/db/modules/auxiliary/admin/sap/sap_igs_xmlchart_xxe/
     - https://troopers.de/troopers18/agenda/3r38lr/
     - https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/admin/sap/sap_igs_xmlchart_xxe.rb
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-2392
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
     cvss-score: 7.5
@@ -87,3 +88,5 @@ requests:
           - "SAP Internet Graphics Server"
         part: header
         condition: and
+
+# Enhanced by mp on 2022/07/08

cves/2018/CVE-2018-3714.yaml

@@ -1,12 +1,13 @@
 id: CVE-2018-3714
 
 info:
-  name: node-srv Path Traversal
+  name: node-srv - Local File Inclusion
   author: madrobot
   severity: medium
-  description: node-srv node module suffers from a Path Traversal vulnerability due to lack of validation of url, which allows a malicious user to read content of any file with known path.
+  description: node-srv is vulnerable to local file inclusion due to lack of url validation, which allows a malicious user to read content of any file with known path.
   reference:
     - https://hackerone.com/reports/309124
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-3714
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 6.5
@@ -27,3 +28,5 @@ requests:
         regex:
           - "root:.*:0:0:"
         part: body
+
+# Enhanced by mp on 2022/07/22

cves/2018/CVE-2018-3760.yaml

@@ -1,17 +1,17 @@
 id: CVE-2018-3760
 
 info:
-  name: Ruby On Rails Path Traversal
+  name: Ruby On Rails - Local File Inclusion
   author: 0xrudra,pikpikcu
   severity: high
   description: |
-    Ruby On Rails is a well-known Ruby Web development framework, which uses Sprockets as a static file server in development environment. Sprockets is a Ruby library that compiles and distributes static resource files.
+    Ruby On Rails is vulnerable to local file inclusion caused by secondary decoding in Sprockets 3.7.1 and lower versions. An attacker can use %252e%252e/ to access the root directory and read or execute any file on the target server.
-    There is a path traversal vulnerability caused by secondary decoding in Sprockets 3.7.1 and lower versions. An attacker can use %252e%252e/ to access the root directory and read or execute any file on the target server.
   reference:
     - https://github.com/vulhub/vulhub/tree/master/rails/CVE-2018-3760
     - https://i.blackhat.com/us-18/Wed-August-8/us-18-Orange-Tsai-Breaking-Parser-Logic-Take-Your-Path-Normalization-Off-And-Pop-0days-Out-2.pdf
     - https://seclists.org/oss-sec/2018/q2/210
     - https://xz.aliyun.com/t/2542
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-3760
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -46,3 +46,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/08

cves/2018/CVE-2018-6008.yaml

@@ -1,15 +1,15 @@
 id: CVE-2018-6008
 
 info:
-  name: Joomla! Component Jtag Members Directory 5.3.7 - Arbitrary File Retrieval
+  name: Joomla! Jtag Members Directory 5.3.7 - Local File Inclusion
   author: daffainfo
   severity: high
-  description: Arbitrary file retrieval exists in the Jtag Members Directory 5.3.7 component for Joomla! via the download_file parameter.
+  description: Joomla! Jtag Members Directory 5.3.7 is vulnerable to local file inclusion via the download_file parameter.
   reference:
     - https://www.exploit-db.com/exploits/43913
     - https://www.cvedetails.com/cve/CVE-2018-6008
     - https://packetstormsecurity.com/files/146137/Joomla-Jtag-Members-Directory-5.3.7-Arbitrary-File-Download.html
-    - https://www.exploit-db.com/exploits/43913/
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-6008
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -32,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/08

cves/2018/CVE-2018-6910.yaml

@@ -1,7 +1,7 @@
 id: CVE-2018-6910
 
 info:
-  name: DedeCMS 5.7 path disclosure
+  name: DedeCMS 5.7 - Path Disclosure
   author: pikpikcu
   severity: high
   description: DedeCMS 5.7 allows remote attackers to discover the full path via a direct request for include/downmix.inc.php or inc/inc_archives_functions.php
@@ -9,6 +9,7 @@ info:
     - https://nvd.nist.gov/vuln/detail/CVE-2018-6910
     - https://github.com/kongxin520/DedeCMS/blob/master/DedeCMS_5.7_Bug.md
     - https://kongxin.gitbook.io/dedecms-5-7-bug/
+    - https://nvd.nist.gov/vuln/detail/CVE-2018-6910
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -34,3 +35,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/08

cves/2019/CVE-2019-11013.yaml

@@ -1,15 +1,15 @@
 id: CVE-2019-11013
 
 info:
-  name: Nimble Streamer 3.0.2-2 to 3.5.4-9 - Path Traversal
+  name: Nimble Streamer <=3.5.4-9 - Local File Inclusion
   author: 0x_Akoko
   severity: medium
-  description: Nimble Streamer 3.0.2-2 through 3.5.4-9 has a ../ directory traversal vulnerability. Successful exploitation could allow an attacker to traverse the file system to access files or directories that are outside of the restricted directory on the remote server.
+  description: Nimble Streamer 3.0.2-2 through 3.5.4-9 is vulnerable to local file inclusion. An attacker can traverse the file system to access files or directories that are outside of the restricted directory on the remote server.
   reference:
     - https://www.exploit-db.com/exploits/47301
-    - https://nvd.nist.gov/vuln/detail/CVE-2019-11013
     - https://mayaseven.com/nimble-directory-traversal-in-nimble-streamer-version-3-0-2-2-to-3-5-4-9/
     - http://packetstormsecurity.com/files/154196/Nimble-Streamer-3.x-Directory-Traversal.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-11013
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 6.5
@@ -32,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/22

cves/2019/CVE-2019-13396.yaml

@@ -1,15 +1,14 @@
 id: CVE-2019-13396
 
 info:
-  name: FlightPath Local File Inclusion
+  name: FlightPath - Local File Inclusion
   author: 0x_Akoko,daffainfo
   severity: medium
-  description: FlightPath versions prior to 4.8.2 and 5.0-rc2 suffer from a local file inclusion vulnerability.
+  description: FlightPath versions prior to 4.8.2 and 5.0-rc2 are vulnerable to local file inclusion.
   reference:
     - https://www.exploit-db.com/exploits/47121
-    - https://www.cvedetails.com/cve/CVE-2019-13396/
-    - https://nvd.nist.gov/vuln/detail/CVE-2019-13396
     - http://getflightpath.com/node/2650
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-13396
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
@@ -49,3 +48,5 @@ requests:
         internal: true
         regex:
           - "idden' name='form_token' value='([a-z0-9]+)'>"
+
+# Enhanced by mp on 2022/07/22

cves/2019/CVE-2019-14251.yaml

@@ -1,14 +1,14 @@
 id: CVE-2019-14251
 
 info:
-  name: T24 in TEMENOS Channels R15.01 - Pre Authenticated Path Traversal
+  name: T24 Web Server - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: An unauthenticated path traversal vulnerability was discovered permitting an attacker to exfiltrate data directly from the T24 web server.
+  description: T24 web server is vulnerable to unauthenticated local file inclusion that permits an attacker to exfiltrate data directly from server.
   reference:
     - https://github.com/kmkz/exploit/blob/master/CVE-2019-14251-TEMENOS-T24.txt
-    - https://www.cvedetails.com/cve/CVE-2019-14251
     - https://vuldb.com/?id.146815
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-14251
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -34,3 +34,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/13

cves/2019/CVE-2019-14312.yaml

@@ -4,12 +4,12 @@ info:
   name: Aptana Jaxer 1.0.3.4547 - Local File inclusion
   author: daffainfo
   severity: medium
-  description: Aptana Jaxer 1.0.3.4547 is vulnerable to a local file inclusion vulnerability in the wikilite source code viewer. This vulnerability allows a remote attacker to read internal files on the server via a tools/sourceViewer/index.html?filename=../ URI.
+  description: Aptana Jaxer 1.0.3.4547 is vulnerable to local file inclusion in the wikilite source code viewer. An attacker can read internal files on the server via a tools/sourceViewer/index.html?filename=../ URI.
   reference:
     - https://www.exploit-db.com/exploits/47214
-    - https://www.cvedetails.com/cve/CVE-2019-14312
     - http://packetstormsecurity.com/files/153985/Aptana-Jaxer-1.0.3.4547-Local-File-Inclusion.html
     - https://github.com/aptana/Jaxer/commits/master
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-14312
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 6.5
@@ -32,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/22

cves/2019/CVE-2019-18393.yaml

@@ -1,13 +1,14 @@
 id: CVE-2019-18393
 
 info:
-  name: Openfire LFI
+  name: Ignite Realtime Openfire <4.42 - Local File Inclusion
   author: pikpikcu
   severity: medium
-  description: PluginServlet.java in Ignite Realtime Openfire through 4.4.2 does not ensure that retrieved files are located under the Openfire home directory, aka a directory traversal vulnerability.
+  description: Ignite Realtime Openfire through 4.4.2 is vulnerable to local file inclusion via PluginServlet.java. It does not ensure that retrieved files are located under the Openfire home directory.
   reference:
-    - https://swarm.ptsecurity.com/openfire-admin-console/
     - https://github.com/igniterealtime/Openfire/pull/1498
+    - https://swarm.ptsecurity.com/openfire-admin-console/
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-18393
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
@@ -31,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/22

cves/2019/CVE-2019-18665.yaml

@@ -1,15 +1,16 @@
 id: CVE-2019-18665
 info:
-  name: DOMOS 5.5 - Directory Traversal
+  name: DOMOS 5.5 - Local File Inclusion
   author: 0x_Akoko
   severity: high
   description: |
-    The Log module in SECUDOS DOMOS before 5.6 allows local file inclusion.
+    SECUDOS DOMOS before 5.6 allows local file inclusion via the log module.
   reference:
     - https://atomic111.github.io/article/secudos-domos-directory_traversal
     - https://vuldb.com/?id.144804
     - https://www.cvedetails.com/cve/CVE-2019-18665
     - https://www.secudos.de/news-und-events/aktuelle-news/domos-release-5-6
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-18665
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -32,3 +33,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/08

cves/2019/CVE-2019-2616.yaml

@@ -1,14 +1,14 @@
 id: CVE-2019-2616
 
 info:
-  name: XXE in Oracle Business Intelligence and XML Publisher
+  name: Oracle Business Intelligence/XML Publisher - XML External Entity Injection
   author: pdteam
   severity: high
-  description: Oracle Business Intelligence / XML Publisher 11.1.1.9.0 / 12.2.1.3.0 / 12.2.1.4.0 - XML External Entity Injection
+  description: Oracle Business Intelligence and XML Publisher 11.1.1.9.0 / 12.2.1.3.0 / 12.2.1.4.0 are vulnerable to an XML external entity injection attack.
   reference:
-    - https://nvd.nist.gov/vuln/detail/CVE-2019-2616
     - https://www.exploit-db.com/exploits/46729
     - http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-2616
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
     cvss-score: 7.2
@@ -29,4 +29,6 @@ requests:
       - type: word
         part: interactsh_protocol # Confirms the HTTP Interaction
         words:
-          - "http"
+          - "http"
+
+# Enhanced by mp on 2022/07/08

cves/2019/CVE-2019-2767.yaml

@@ -1,14 +1,14 @@
 id: CVE-2019-2767
 
 info:
-  name: Oracle Business Intelligence - Publisher XXE
+  name: Oracle Business Intelligence Publisher - XML External Entity Injection
   author: madrobot
   severity: high
-  description: There is an XXE vulnerability in the BI Publisher (formerly XML Publisher) component of Oracle Fusion Middleware. The supported versions affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. This easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise BI Publisher.
+  description: Oracle Business Intelligence Publisher is vulnerable to an XML external entity injection attack. The supported versions affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. This easily exploitable vulnerability allows unauthenticated attackers with network access via HTTP to compromise BI Publisher.
   reference:
-    - https://nvd.nist.gov/vuln/detail/CVE-2019-2767
     - https://www.exploit-db.com/exploits/46729
     - http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-2767
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
     cvss-score: 7.2
@@ -26,3 +26,5 @@ requests:
         part: interactsh_protocol  # Confirms the HTTP Interaction
         words:
           - "http"
+
+# Enhanced by mp on 2022/07/08

cves/2019/CVE-2019-3799.yaml

@@ -1,14 +1,15 @@
 id: CVE-2019-3799
 
 info:
-  name: Spring-Cloud-Config-Server Directory Traversal
+  name: Spring Cloud Config Server - Local File Inclusion
   author: madrobot
   severity: medium
-  description: Spring Cloud Config, versions 2.1.x prior to 2.1.2, versions 2.0.x prior to 2.0.4, and versions 1.4.x prior to 1.4.6, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead a directory traversal attack.
+  description: Spring Cloud Config Server versions 2.1.x prior to 2.1.2, 2.0.x prior to 2.0.4, 1.4.x prior to 1.4.6, and older unsupported versions are vulnerable to local file inclusion because they allow applications to serve arbitrary configuration files. An attacker can send a request using a specially crafted URL that can lead to a directory traversal attack.
   reference:
     - https://github.com/mpgn/CVE-2019-3799
     - https://pivotal.io/security/cve-2019-3799
     - https://www.oracle.com/security-alerts/cpuapr2022.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-3799
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
     cvss-score: 6.5
@@ -29,3 +30,5 @@ requests:
         regex:
           - 'root:.*:0:0:'
         part: body
+
+# Enhanced by mp on 2022/07/22

cves/2019/CVE-2019-6340.yaml

@@ -1,15 +1,15 @@
 id: CVE-2019-6340
 
 info:
-  name: Drupal 8 core RESTful Web Services RCE
+  name: Drupal - Remote Code Execution
   author: madrobot
   severity: high
-  description: Some field types do not properly sanitize data from non-form sources in Drupal 8.5.x before 8.5.11 and Drupal 8.6.x before 8.6.10. This can lead to arbitrary PHP code execution in some cases.
+  description: Drupal 8.5.x before 8.5.11 and Drupal 8.6.x before 8.6.10 V contain certain field types that do not properly sanitize data from non-form sources, which can lead to arbitrary PHP code execution in some cases.
   reference:
-    - https://nvd.nist.gov/vuln/detail/CVE-2019-6340
     - https://www.drupal.org/sa-core-2019-003
     - http://web.archive.org/web/20210125004201/https://www.securityfocus.com/bid/107106/
     - https://www.synology.com/security/advisory/Synology_SA_19_09
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-6340
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.1
@@ -48,3 +48,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/08

cves/2019/CVE-2019-7254.yaml

@@ -1,15 +1,16 @@
 id: CVE-2019-7254
 
 info:
-  name: eMerge E3 1.00-06 - Unauthenticated Directory Traversal
+  name: eMerge E3 1.00-06 - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: Linear eMerge E3-Series devices allow File Inclusion.
+  description: Linear eMerge E3-Series devices are vulnerable to local file inclusion.
   reference:
     - https://www.exploit-db.com/exploits/47616
     - https://applied-risk.com/labs/advisories
     - https://www.applied-risk.com/resources/ar-2019-005
     - http://packetstormsecurity.com/files/155252/Linear-eMerge-E3-1.00-06-Directory-Traversal.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-7254
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -33,3 +34,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/08

cves/2019/CVE-2019-7315.yaml

@@ -1,13 +1,14 @@
 id: CVE-2019-7315
+
 info:
-  name: Genie Access WIP3BVAF IP Camera - Directory Traversal
+  name: Genie Access WIP3BVAF IP Camera - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: Genie Access WIP3BVAF WISH IP 3MP IR Auto Focus Bullet Camera devices through 3.X are vulnerable to directory traversal via the web interface, as demonstrated by reading /etc/shadow.
+  description: Genie Access WIP3BVAF WISH IP 3MP IR Auto Focus Bullet Camera devices through 3.X are vulnerable to local file inclusion via the web interface, as demonstrated by reading /etc/shadow.
   reference:
     - https://labs.nettitude.com/blog/cve-2019-7315-genie-access-wip3bvaf-ip-camera-directory-traversal/
     - https://vuldb.com/?id.136593
-    - https://www.cvedetails.com/cve/CVE-2019-7315
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-7315
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -30,3 +31,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/08

cves/2019/CVE-2019-8442.yaml

@@ -1,13 +1,14 @@
 id: CVE-2019-8442
 
 info:
-  name: JIRA Directory Traversal
+  name: Jira - Local File Inclusion
   author: Kishore Krishna (siLLyDaddy)
   severity: high
-  description: The CachingResourceDownloadRewriteRule class in Jira before version 7.13.4, and from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1 allows remote attackers to access files in the Jira webroot under the META-INF directory via a lax path access check.
+  description: Jira before version 7.13.4, from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1, allows remote attackers to access files in the Jira webroot under the META-INF directory via local file inclusion.
   reference:
     - https://jira.atlassian.com/browse/JRASERVER-69241
     - http://web.archive.org/web/20210125215006/https://www.securityfocus.com/bid/108460/
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-8442
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -30,3 +31,5 @@ requests:
         words:
           - '<groupId>com.atlassian.jira</groupId>'
         part: body
+
+# Enhanced by mp on 2022/07/08

cves/2019/CVE-2019-8903.yaml

@@ -1,14 +1,15 @@
 id: CVE-2019-8903
 
 info:
-  name: Totaljs - Unauthenticated Directory Traversal
+  name: Totaljs <3.2.3 - Local File Inclusion
   author: madrobot
   severity: high
-  description: index.js in Total.js Platform before 3.2.3 allows path traversal.
+  description: Total.js Platform before 3.2.3 is vulnerable to local file inclusion.
   reference:
     - https://blog.certimetergroup.com/it/articolo/security/total.js-directory-traversal-cve-2019-8903
     - https://github.com/totaljs/framework/commit/c37cafbf3e379a98db71c1125533d1e8d5b5aef7
     - https://github.com/totaljs/framework/commit/de16238d13848149f5d1dae51f54e397a525932b
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-8903
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -29,3 +30,5 @@ requests:
         words:
           - "apache2.conf"
         part: body
+
+# Enhanced by mp on 2022/07/08

cves/2019/CVE-2019-9041.yaml

@@ -1,13 +1,14 @@
 id: CVE-2019-9041
 
 info:
-  name: ZZZCMS 1.6.1 RCE
+  name: ZZZCMS 1.6.1 - Remote Code Execution
   author: pikpikcu
   severity: high
-  description: An issue was discovered in ZZZCMS zzzphp V1.6.1. In the inc/zzz_template.php file, the parserIfLabel() function's filtering is not strict, resulting in PHP code execution, as demonstrated by the if:assert substring.
+  description: ZZZCMS zzzphp V1.6.1 is vulnerable to remote code execution via the inc/zzz_template.php file because the parserIfLabel() function's filtering is not strict, resulting in PHP code execution as demonstrated by the if:assert substring.
   reference:
-    - http://www.iwantacve.cn/index.php/archives/118/
     - https://www.exploit-db.com/exploits/46454/
+    - http://www.iwantacve.cn/index.php/archives/118/
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-9041
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 7.2
@@ -34,3 +35,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/08

cves/2019/CVE-2019-9922.yaml

@@ -1,13 +1,15 @@
 id: CVE-2019-9922
+
 info:
-  name: JE Messenger 1.2.2 Joomla - Directory Traversal
+  name: Joomla! Harmis Messenger 1.2.2 - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla. Directory Traversal allows read access to arbitrary files.
+  description: Joomla! Harmis Messenger 1.2.2 is vulnerable to local file inclusion which could give an attacker read access to arbitrary files.
   reference:
     - https://github.com/azd-cert/CVE/blob/master/CVEs/CVE-2019-9922.md
     - https://www.cvedetails.com/cve/CVE-2019-9922
     - https://extensions.joomla.org/extension/je-messenger/
+    - https://nvd.nist.gov/vuln/detail/CVE-2019-9922
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -30,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/13

cves/2020/CVE-2020-0618.yaml

@@ -4,7 +4,7 @@ info:
   name: Microsoft SQL Server Reporting Services - Remote Code Execution
   author: joeldeleep
   severity: high
-  description: Microsoft SQL Server Reporting Services are susceptible to a  remote code execution vulnerability when it incorrectly handles page requests.
+  description: Microsoft SQL Server Reporting Services is vulnerable to a remote code execution vulnerability because it incorrectly handles page requests.
   reference:
     - https://www.mdsec.co.uk/2020/02/cve-2020-0618-rce-in-sql-server-reporting-services-ssrs/
     - https://github.com/euphrat1ca/CVE-2020-0618

cves/2020/CVE-2020-11455.yaml

@@ -1,15 +1,16 @@
 id: CVE-2020-11455
 
 info:
-  name: LimeSurvey 4.1.11 - Path Traversal
+  name: LimeSurvey 4.1.11 - Local File Inclusion
   author: daffainfo
   severity: medium
-  description: LimeSurvey before 4.1.12+200324 contains a path traversal vulnerability in application/controllers/admin/LimeSurveyFileManager.php.
+  description: LimeSurvey before 4.1.12+200324 is vulnerable to local file inclusion because it contains a path traversal vulnerability in application/controllers/admin/LimeSurveyFileManager.php.
   reference:
     - https://www.exploit-db.com/exploits/48297
     - https://www.cvedetails.com/cve/CVE-2020-11455
     - https://github.com/LimeSurvey/LimeSurvey/commit/daf50ebb16574badfb7ae0b8526ddc5871378f1b
     - http://packetstormsecurity.com/files/157112/LimeSurvey-4.1.11-Path-Traversal.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-11455
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
@@ -32,3 +33,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/22

cves/2020/CVE-2020-11738.yaml

@@ -1,13 +1,11 @@
 id: CVE-2020-11738
 
 info:
-  name: WordPress Duplicator plugin Directory Traversal
+  name: WordPress Duplicator 1.3.24 & 1.3.26 - Local File Inclusion
   author: dwisiswant0
   severity: high
   description: |
-    The issue is being actively exploited, and allows attackers
+    WordPress Duplicator 1.3.24 & 1.3.26 are vulnerable to local file inclusion vulnerabilities that could allow attackers to download arbitrary files, such as the wp-config.php file. According to the vendor, the vulnerability was only in two
-    to download arbitrary files, such as the wp-config.php file.
-    According to the vendor, the vulnerability was only in two
     versions v1.3.24 and v1.3.26, the vulnerability wasn't
     present in versions 1.3.22 and before.
   reference:
@@ -15,6 +13,7 @@ info:
     - https://snapcreek.com/duplicator/docs/changelog/?lite
     - https://www.wordfence.com/blog/2020/02/active-attack-on-recently-patched-duplicator-plugin-vulnerability-affects-over-1-million-sites/
     - http://packetstormsecurity.com/files/160621/WordPress-Duplicator-1.3.26-Directory-Traversal-File-Read.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-11738
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -44,4 +43,6 @@ requests:
           - "root:.*:0:0:"
           - "define\\('DB_(NAME|USER|PASSWORD|HOST|CHARSET|COLLATE)'"
         condition: or
-        part: body
+        part: body
+
+# Enhanced by mp on 2022/07/13

cves/2020/CVE-2020-11853.yaml

@@ -1,22 +1,17 @@
 id: CVE-2020-11853
 
 info:
-  name: Micro Focus Operation Bridge Manager RCE
+  name: Micro Focus Operations Bridge Manager <=2020.05 - Remote Code Execution
   author: dwisiswant0
   severity: high
   description: |
-    This template supports the detection part only.
+    Micro Focus Operations Bridge Manager in versions 2020.05 and below is vulnerable to remote code execution via UCMDB. The vulnerability allows remote attackers to execute arbitrary code on affected installations of Data Center Automation. An attack requires network access and authentication as a valid application user. Originated from Metasploit module (#14654).
-
-    UCMDB included in versions 2020.05 and below of Operations Bridge Manager are affected,
-    but this template can probably also be used to detect Operations Bridge Manager
-    (containeirized) and Application Performance Management.
-
-    Originated from Metasploit module (#14654).
   reference:
     - http://packetstormsecurity.com/files/161366/Micro-Focus-Operations-Bridge-Manager-Remote-Code-Execution.html
     - https://softwaresupport.softwaregrp.com/doc/KM03747658
     - https://softwaresupport.softwaregrp.com/doc/KM03747949
     - https://softwaresupport.softwaregrp.com/doc/KM03747948
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-11853
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.8
@@ -37,4 +32,6 @@ requests:
           - "HttpUcmdbServiceProviderFactoryImpl"
           - "ServerVersion=11.6.0"
         part: body
-        condition: and
+        condition: and
+
+# Enhanced by mp on 2022/07/13

cves/2020/CVE-2020-11978.yaml

@@ -1,15 +1,16 @@
 id: CVE-2020-11978
 
 info:
-  name: Apache Airflow <= 1.10.10 - 'Example Dag' Remote Code Execution
+  name: Apache Airflow <=1.10.10 - Remote Code Execution
   author: pdteam
   severity: high
-  description: An issue was found in Apache Airflow versions 1.10.10 and below. A remote code/command injection vulnerability was discovered in one of the example DAGs shipped with Airflow which would allow any authenticated user to run arbitrary commands as the user running airflow worker/scheduler (depending on the executor in use). If you already have examples disabled by setting load_examples=False in the config then you are not vulnerable.
+  description: Apache Airflow versions 1.10.10 and below are vulnerable to remote code/command injection vulnerabilities in one of the example DAGs shipped with Airflow. This could allow any authenticated user to run arbitrary commands as the user running airflow worker/scheduler (depending on the executor in use).
+  remediation: If you already have examples disabled by setting load_examples=False in the config then you are not vulnerable.
   reference:
     - https://github.com/pberba/CVE-2020-11978
-    - https://nvd.nist.gov/vuln/detail/CVE-2020-11978
     - https://twitter.com/wugeej/status/1400336603604668418
     - https://lists.apache.org/thread.html/r7255cf0be3566f23a768e2a04b40fb09e52fcd1872695428ba9afe91%40%3Cusers.airflow.apache.org%3E
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-11978
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.8
@@ -62,3 +63,5 @@ requests:
           - 'contains(body_4, "operator":"BashOperator")'
           - 'contains(all_headers_4, "application/json")'
         condition: and
+
+# Enhanced by mp on 2022/07/13

cves/2020/CVE-2020-13158.yaml

@@ -1,10 +1,10 @@
 id: CVE-2020-13158
 
 info:
-  name: Artica Proxy < 4.30.000000 Community Edition - Directory Traversal
+  name: Artica Proxy Community Edition <4.30.000000 - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: Artica Proxy before 4.30.000000 Community Edition allows Directory Traversal via the fw.progrss.details.php popup parameter.
+  description: Artica Proxy Community Edition before 4.30.000000 is vulnerable to local file inclusion via the fw.progrss.details.php popup parameter.
   reference:
     - https://github.com/InfoSec4Fun/CVE-2020-13158
     - https://sourceforge.net/projects/artica-squid/files/
@@ -30,3 +30,6 @@ requests:
       - type: status
         status:
           - 200
+
+
+# Enhanced by mp on 2022/07/13

cves/2020/CVE-2020-13700.yaml

@@ -1,17 +1,16 @@
 id: CVE-2020-13700
 
 info:
-  name: acf-to-rest-api wordpress plugin IDOR
+  name: WordPresss acf-to-rest-api <=3.1.0- Insecure Direct Object Reference
   author: pikpikcu
   severity: high
   description: |
-    An issue was discovered in the acf-to-rest-api plugin through 3.1.0 for WordPress.
+    WordPresss acf-to-rest-ap through 3.1.0 allows an insecure direct object reference via permalinks manipulation, as demonstrated by a wp-json/acf/v3/options/ request that can read sensitive information in the wp_options table such as the login and pass values.
-    It allows an insecure direct object reference via permalinks manipulation, as demonstrated by a
-    wp-json/acf/v3/options/ request that reads sensitive information in the wp_options table, such as the login and pass values.
   reference:
     - https://gist.github.com/mariuszpoplwski/4fbaab7f271bea99c733e3f2a4bafbb5
     - https://wordpress.org/plugins/acf-to-rest-api/#developers
     - https://github.com/airesvsg/acf-to-rest-api
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-13700
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -41,3 +40,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/13

cves/2020/CVE-2020-14864.yaml

@@ -1,13 +1,14 @@
 id: CVE-2020-14864
 
 info:
-  name: Oracle Fusion - "getPreviewImage" Directory Traversal/Local File Inclusion
+  name: Oracle Fusion - Directory Traversal/Local File Inclusion
   author: Ivo Palazzolo (@palaziv)
   severity: high
-  description: Oracle Business Intelligence Enterprise Edition 5.5.0.0.0 / 12.2.1.3.0 / 12.2.1.4.0 - "getPreviewImage" Directory Traversal/Local File Inclusion
+  description: Oracle Business Intelligence Enterprise Edition 5.5.0.0.0, 12.2.1.3.0, and 12.2.1.4.0 are vulnerable to local file inclusion vulnerabilities via "getPreviewImage."
   reference:
     - http://packetstormsecurity.com/files/159748/Oracle-Business-Intelligence-Enterprise-Edition-5.5.0.0.0-12.2.1.3.0-12.2.1.4.0-LFI.html
     - https://www.oracle.com/security-alerts/cpuoct2020.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-14864
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -28,4 +29,6 @@ requests:
       - type: regex
         regex:
           - 'root:.*:0:0:'
-        part: body
+        part: body
+
+# Enhanced by mp on 2022/07/13

cves/2020/CVE-2020-15050.yaml

@@ -1,10 +1,10 @@
 id: CVE-2020-15050
 
 info:
-  name: Suprema BioStar2 - Local File Inclusion (LFI)
+  name: Suprema BioStar <2.8.2 - Local File Inclusion
   author: gy741
   severity: high
-  description: An issue was discovered in the Video Extension in Suprema BioStar 2 before 2.8.2. Remote attackers can read arbitrary files from the server via Directory Traversal.
+  description: Suprema BioStar before 2.8.2 Video Extension allows remote attackers can read arbitrary files from the server via local file inclusion.
   reference:
     - http://packetstormsecurity.com/files/158576/Bio-Star-2.8.2-Local-File-Inclusion.html
     - https://www.supremainc.com/en/support/biostar-2-pakage.asp
@@ -29,3 +29,5 @@ requests:
           - "fonts"
           - "extensions"
         condition: and
+
+# Enhanced by mp on 2022/07/13

cves/2020/CVE-2020-16139.yaml

@@ -1,16 +1,17 @@
 id: CVE-2020-16139
 
 info:
-  name: Cisco 7937G Denial-of-Service Reboot Attack
+  name: Cisco Unified IP Conference Station 7937G - Denial-of-Service
   author: pikpikcu
   severity: high
   description: |
-    A denial-of-service in Cisco Unified IP Conference Station 7937G 1-4-4-0 through 1-4-5-7 allows attackers restart the device remotely through sending specially crafted packets. Note: We cannot prove this vulnerability exists. Out of an abundance of caution, this CVE is being assigned to better serve our customers and ensure all who are still running this product understand that the product is end of life and should be removed or upgraded.
+    Cisco Unified IP Conference Station 7937G 1-4-4-0 through 1-4-5-7 allows attackers to restart the device remotely via specially crafted packets that can cause a denial-of-service condition. Note: We cannot prove this vulnerability exists. Out of an abundance of caution, this CVE is being assigned to better serve our customers and ensure all who are still running this product understand that the product is end of life and should be removed or upgraded.
   reference:
     - https://blacklanternsecurity.com/2020-08-07-Cisco-Unified-IP-Conference-Station-7937G/
     - http://packetstormsecurity.com/files/158819/Cisco-7937G-Denial-Of-Service.html
     - https://www.blacklanternsecurity.com/2020-08-07-Cisco-Unified-IP-Conference-Station-7937G/
     - https://www.cisco.com/c/en/us/products/collateral/collaboration-endpoints/unified-ip-phone-7940g/end_of_life_notice_c51-729487.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-16139
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
     cvss-score: 7.5
@@ -34,4 +35,6 @@ requests:
           - "application/xml"
       - type: word
         words:
-          - 'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA'
+          - 'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA'
+
+# Enhanced by mp on 2022/07/13

cves/2020/CVE-2020-16952.yaml

@@ -1,14 +1,15 @@
 id: CVE-2020-16952
 
 info:
-  name: Microsoft SharePoint Server-Side Include (SSI) and ViewState RCE
+  name: Microsoft SharePoint - Remote Code Execution
   author: dwisiswant0
   severity: high
-  description: A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'.
+  description: Microsoft SharePoint is vulnerable to a remote code execution when the software fails to check the source markup of an application package.
   reference:
     - https://srcincite.io/pocs/cve-2020-16952.py.txt
     - https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16952
     - https://github.com/rapid7/metasploit-framework/blob/1a341ae93191ac5f6d8a9603aebb6b3a1f65f107/documentation/modules/exploit/windows/http/sharepoint_ssi_viewstate.md
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-16952
   classification:
     cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
     cvss-score: 7.8
@@ -41,3 +42,5 @@ requests:
           - 200
           - 201
         condition: or
+
+# Enhanced by mp on 2022/07/13

cves/2020/CVE-2020-17505.yaml

@@ -1,13 +1,14 @@
 id: CVE-2020-17505
 
 info:
-  name: Artica Web Proxy 4.30 OS Command Injection
+  name: Artica Web Proxy 4.30 - OS Command Injection
   author: dwisiswant0
   severity: high
-  description: Artica Web Proxy 4.30.000000 allows an authenticated remote attacker to inject commands via the service-cmds parameter in cyrus.php. These commands are executed with root privileges via service_cmds_peform.
+  description: Artica Web Proxy 4.30 allows an authenticated remote attacker to inject commands via the service-cmds parameter in cyrus.php. These commands are executed with root privileges via service_cmds_peform.
   reference:
     - https://blog.max0x4141.com/post/artica_proxy/
     - http://packetstormsecurity.com/files/159267/Artica-Proxy-4.30.000000-Authentication-Bypass-Command-Injection.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-17505
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.8
@@ -41,3 +42,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/13

cves/2020/CVE-2020-17518.yaml

@@ -1,17 +1,17 @@
 id: CVE-2020-17518
 
 info:
-  name: Apache Flink Upload Path Traversal
+  name: Apache Flink 1.5.1 - Local File Inclusion
   author: pdteam
   severity: high
   description: |
-    Apache Flink 1.5.1 introduced a REST handler that allows you to write an uploaded file to an arbitrary location on the local file system,
+    Apache Flink 1.5.1 is vulnerable to local file inclusion because of a REST handler that allows file uploads to an arbitrary location on the local file system through a maliciously modified HTTP HEADER.
-    through a maliciously modified HTTP HEADER.
   reference:
     - https://github.com/vulhub/vulhub/tree/master/flink/CVE-2020-17518
     - https://lists.apache.org/thread.html/rb43cd476419a48be89c1339b527a18116f23eec5b6df2b2acbfef261%40%3Cdev.flink.apache.org%3E
     - https://lists.apache.org/thread.html/rb43cd476419a48be89c1339b527a18116f23eec5b6df2b2acbfef261@%3Cuser.flink.apache.org%3E
     - https://lists.apache.org/thread.html/rb43cd476419a48be89c1339b527a18116f23eec5b6df2b2acbfef261@%3Cdev.flink.apache.org%3E
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-17518
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
     cvss-score: 7.5
@@ -41,3 +41,5 @@ requests:
       - type: dsl
         dsl:
           - 'contains(body, "test-poc") && status_code == 200' # Using CVE-2020-17519 to confirm this.
+
+# Enhanced by mp on 2022/07/13

cves/2020/CVE-2020-17519.yaml

@@ -1,15 +1,16 @@
 id: CVE-2020-17519
 
 info:
-  name: Apache Flink directory traversal
+  name: Apache Flink - Local File Inclusion
   author: pdteam
   severity: high
-  description: A change introduced in Apache Flink 1.11.0 (and released in 1.11.1 and 1.11.2 as well) allows attackers to read any file on the local filesystem of the JobManager through the REST interface of the JobManager process.
+  description: Apache Flink 1.11.0 (and released in 1.11.1 and 1.11.2 as well) allows attackers to read any file on the local filesystem of the JobManager through the REST interface of the JobManager process (aka local file inclusion).
   reference:
     - https://github.com/B1anda0/CVE-2020-17519
     - https://lists.apache.org/thread.html/r6843202556a6d0bce9607ebc02e303f68fc88e9038235598bde3b50d%40%3Cdev.flink.apache.org%3E
     - https://lists.apache.org/thread.html/r6843202556a6d0bce9607ebc02e303f68fc88e9038235598bde3b50d@%3Cdev.flink.apache.org%3E
     - https://lists.apache.org/thread.html/r6843202556a6d0bce9607ebc02e303f68fc88e9038235598bde3b50d@%3Cuser.flink.apache.org%3E
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-17519
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -30,3 +31,5 @@ requests:
         regex:
           - "root:.*:0:0:"
         part: body
+
+# Enhanced by mp on 2022/07/13

cves/2020/CVE-2020-2036.yaml

@@ -1,14 +1,15 @@
 id: CVE-2020-2036
 
 info:
-  name: Palo Alto Networks Reflected XSS
+  name: Palo Alto Networks PAN-OS Web Interface - Cross Site-Scripting
   author: madrobot
   severity: high
   description: |
-    A reflected cross-site scripting (XSS) vulnerability exists in the PAN-OS management web interface. A remote attacker able to convince an administrator with an active authenticated session on the firewall management interface to click on a crafted link to that management web interface could potentially execute arbitrary JavaScript code in the administrator's browser and perform administrative actions. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.16; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9.
+    PAN-OS management web interface is vulnerable to reflected cross-site scripting. A remote attacker able to convince an administrator with an active authenticated session on the firewall management interface to click on a crafted link to that management web interface could potentially execute arbitrary JavaScript code in the administrator's browser and perform administrative actions. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.16; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9.
   reference:
     - https://swarm.ptsecurity.com/swarm-of-palo-alto-pan-os-vulnerabilities/
     - https://security.paloaltonetworks.com/CVE-2020-2036
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-2036
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
     cvss-score: 8.8
@@ -38,3 +39,5 @@ requests:
         words:
           - "text/html"
         part: header
+
+# Enhanced by mp on 2022/07/13

cves/2020/CVE-2020-23972.yaml

@@ -1,18 +1,17 @@
 id: CVE-2020-23972
 
 info:
-  name: Joomla! Component GMapFP 3.5 - Unauthenticated Arbitrary File Upload
+  name: Joomla! Component GMapFP 3.5 - Arbitrary File Upload
   author: dwisiswant0
   severity: high
   description: |
-    An attacker can access the upload function of the application
+    Joomla! Component GMapFP 3.5 is vulnerable to arbitrary file upload vulnerabilities. An attacker can access the upload function of the application
-    without authenticating to the application and also can upload
+    without authentication and can upload files because of unrestricted file upload which can be bypassed by changing Content-Type & name file too double ext.
-    files due the issues of unrestricted file upload which can be
-    bypassed by changing Content-Type & name file too double ext.
   reference:
     - https://www.exploit-db.com/exploits/49129
     - https://raw.githubusercontent.com/me4yoursecurity/Reports/master/README.md
     - http://packetstormsecurity.com/files/159072/Joomla-GMapFP-J3.5-J3.5F-Arbitrary-File-Upload.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-23972
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
     cvss-score: 7.5
@@ -56,3 +55,5 @@ requests:
         part: body
         regex:
           - "window\\.opener\\.(changeDisplayImage|addphoto)\\(\"(.*?)\"\\);"
+
+# Enhanced by mp on 2022/07/13

cves/2020/CVE-2020-24571.yaml

@@ -1,12 +1,13 @@
 id: CVE-2020-24571
 
 info:
-  name: NexusDB v4.50.22 Path Traversal
+  name: NexusDB <4.50.23 - Local File Inclusion
   author: pikpikcu
   severity: high
-  description: NexusQA NexusDB before 4.50.23 allows the reading of files via ../ directory traversal.
+  description: NexusQA NexusDB before 4.50.23 allows the reading of files via ../ directory traversal and local file inclusion.
   reference:
     - https://www.nexusdb.com/mantis/bug_view_advanced_page.php?bug_id=2371
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-24571
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -29,3 +30,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/13

cves/2020/CVE-2020-24579.yaml

@@ -1,13 +1,14 @@
 id: CVE-2020-24579
 
 info:
-  name: D-Link DSL 2888a - Remote Command Execution
+  name: D-Link DSL 2888a - Authentication Bypass/Remote Command Execution
   author: pikpikcu
   severity: high
-  description: An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55. An unauthenticated attacker could bypass authentication to access authenticated pages and functionality.
+  description: D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55 are vulnerable to authentication bypass issues which can lead to remote command execution. An unauthenticated attacker could bypass authentication to access authenticated pages and functionality.
   reference:
     - https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/d-link-multiple-security-vulnerabilities-leading-to-rce/
     - https://www.trustwave.com/en-us/resources/security-resources/security-advisories/
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-24579
   classification:
     cvss-metrics: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.8
@@ -40,3 +41,5 @@ requests:
           - "nobody:[x*]:65534:65534"
           - "root:.*:0:0:"
         condition: or
+
+# Enhanced by mp on 2022/07/13

cves/2020/CVE-2020-24949.yaml

@@ -1,18 +1,20 @@
 id: CVE-2020-24949
 
 info:
-  name: PHPFusion 9.03.50 Remote Code Execution
+  name: PHP-Fusion 9.03.50 - Remote Code Execution
   author: geeknik
   severity: high
-  description: Privilege escalation in PHP-Fusion 9.03.50 downloads/downloads.php allows an authenticated user (not admin) to send a crafted request to the server and perform remote command execution (RCE).
+  description: PHP-Fusion 9.03.50 downloads/downloads.php allows an authenticated user (not admin) to send a crafted request to the server and perform remote command execution.
   reference:
     - https://packetstormsecurity.com/files/162852/phpfusion90350-exec.txt
     - https://github.com/php-fusion/PHP-Fusion/issues/2312
     - http://packetstormsecurity.com/files/162852/PHPFusion-9.03.50-Remote-Code-Execution.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-24949
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.8
     cve-id: CVE-2020-24949
+    cwe-id: CWE-77
   tags: cve,cve2020,phpfusion,rce,php
 
 requests:
@@ -30,4 +32,6 @@ requests:
       - type: word
         part: body
         words:
-          - "infusion_db.php"
+          - "infusion_db.php"
+
+# Enhanced by mp on 2022/07/13

cves/2020/CVE-2020-25078.yaml

@@ -1,14 +1,14 @@
 id: CVE-2020-25078
 
 info:
-  name: D-Link DCS-2530L Administrator password disclosure
+  name: D-Link DCS-2530L/DCS-2670L  - Administrator Password Disclosure
   author: pikpikcu
   severity: high
-  description: An issue was discovered on D-Link DCS-2530L before 1.06.01 Hotfix and DCS-2670L through 2.02 devices. The unauthenticated /config/getuser endpoint allows for remote administrator password disclosure.
+  description: D-Link DCS-2530L before 1.06.01 Hotfix and DCS-2670L through 2.02 devices are vulnerable to password disclosures vulnerabilities because the  /config/getuser endpoint allows for remote administrator password disclosure.
   reference:
-    - https://nvd.nist.gov/vuln/detail/CVE-2020-25078
     - https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10180
     - https://twitter.com/Dogonsecurity/status/1273251236167516161
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-25078
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -36,3 +36,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/15

cves/2020/CVE-2020-25540.yaml

@@ -1,15 +1,16 @@
 id: CVE-2020-25540
 
 info:
-  name: ThinkAdmin 6 - Arbitrarily File Read (CVE-2020-25540)
+  name: ThinkAdmin 6 - Local File Inclusion
   author: geeknik
   severity: high
-  description: ThinkAdmin v6 is affected by a directory traversal vulnerability. An unauthorized attacker can read arbitrary files on a remote server via GET request encode parameter.
+  description: ThinkAdmin version 6 is affected by a local file inclusion vulnerability because an unauthorized attacker can read arbitrary files on a remote server via GET request encode parameter.
   reference:
     - https://www.exploit-db.com/exploits/48812
     - https://github.com/zoujingli/ThinkAdmin/issues/244
     - https://wtfsec.org/posts/thinkadmin-v6-%E5%88%97%E7%9B%AE%E5%BD%95-%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E8%AF%BB%E5%8F%96/
     - http://packetstormsecurity.com/files/159177/ThinkAdmin-6-Arbitrary-File-Read.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-25540
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -30,3 +31,5 @@ requests:
       - type: regex
         regex:
           - "root:.*:0:0:"
+
+# Enhanced by mp on 2022/07/15

cves/2020/CVE-2020-25780.yaml

@@ -1,14 +1,14 @@
 id: CVE-2020-25780
 
 info:
-  name: Commvault CommCell Directory Traversal
+  name: Commvault CommCell - Local File Inclusion
   author: pdteam
   severity: high
-  description: In CommCell in Commvault before 14.68, 15.x before 15.58, 16.x before 16.44, 17.x before 17.29, and 18.x before 18.13, Directory Traversal can occur such that an attempt to view a log file can instead view a file outside of the log-files folder.
+  description: CommCell in Commvault before 14.68, 15.x before 15.58, 16.x before 16.44, 17.x before 17.29, and 18.x before 18.13 are vulnerable to local file inclusion because an attacker can view a log file can instead view a file outside of the log-files folder.
   reference:
-    - https://nvd.nist.gov/vuln/detail/CVE-2020-25780
     - https://srcincite.io/blog/2021/11/22/unlocking-the-vault.html
     - http://kb.commvault.com/article/63264
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-25780
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -44,4 +44,6 @@ requests:
 
       - type: status
         status:
-          - 200
+          - 200
+
+# Enhanced by mp on 2022/07/15

cves/2020/CVE-2020-26073.yaml

@@ -1,13 +1,14 @@
 id: CVE-2020-26073
 
 info:
-  name: Cisco SD-WAN vManage Software Directory Traversal
+  name: Cisco SD-WAN vManage Software - Local File Inclusion
   author: madrobot
   severity: high
   description: |
-    A vulnerability in the application data endpoints of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to gain access to sensitive information.
+    Cisco SD-WAN vManage Software in the application data endpoints is vulnerable to local file inclusion which could allow an unauthenticated, remote attacker to gain access to sensitive information.
   reference:
     - https://www.cisco.com/c/en/us/support/docs/csa/cisco-sa-vman-traversal-hQh24tmk.html
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26073
   classification:
     cve-id: CVE-2020-26073
   tags: cve,cve2020,cisco,lfi
@@ -25,3 +26,5 @@ requests:
         regex:
           - "root:.*:0:0:"
         part: body
+
+# Enhanced by mp on 2022/07/15

cves/2020/CVE-2020-27191.yaml

@@ -1,14 +1,14 @@
 id: CVE-2020-27191
 
 info:
-  name: LionWiki 3.2.11 - LFI
+  name: LionWiki <3.2.12 - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: LionWiki before 3.2.12 allows an unauthenticated user to read files as the web server user via crafted string in the index.php f1 variable, aka Local File Inclusion.
+  description: LionWiki before 3.2.12 allows an unauthenticated user to read files as the web server user via crafted strings in the index.php f1 variable, aka local file inclusion.
   reference:
     - https://www.junebug.site/blog/cve-2020-27191-lionwiki-3-2-11-lfi
     - http://lionwiki.0o.cz/index.php?page=Main+page
-    - https://www.cvedetails.com/cve/CVE-2020-27191
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-27191
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -30,3 +30,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/15

cves/2020/CVE-2020-27361.yaml

@@ -1,12 +1,13 @@
 id: CVE-2020-27361
 
 info:
-  name: Akkadian Provisioning Manager - Files Listing
+  name: Akkadian Provisioning Manager 4.50.02 - Sensitive Information Disclosure
   author: gy741
   severity: high
-  description: An issue exists within Akkadian Provisioning Manager 4.50.02 which allows attackers to view sensitive information within the /pme subdirectories.
+  description: Akkadian Provisioning Manager 4.50.02 could allow viewing of sensitive information within the /pme subdirectories.
   reference:
     - https://www.blacklanternsecurity.com/2021-07-01-Akkadian-CVE/
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-27191
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -30,3 +31,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/15

cves/2020/CVE-2020-27467.yaml

@@ -1,15 +1,15 @@
 id: CVE-2020-27467
 
 info:
-  name: Processwire CMS < 2.7.1 - Directory Traversal
+  name: Processwire CMS <2.7.1 - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: Local File Inclusion in Processwire CMS < 2.7.1 allows to retrieve arbitrary files via the download parameter to index.php By providing a specially crafted path to the vulnerable parameter, a remote attacker can retrieve the contents of sensitive files on the local system.
+  description: Processwire CMS prior to 2.7.1 is vulnerable to local file inclusion because it allows a remote attacker to retrieve sensitive files via the download parameter to index.php.
   reference:
     - https://github.com/Y1LD1R1M-1337/LFI-ProcessWire
     - https://processwire.com/
-    - https://www.cvedetails.com/cve/CVE-2020-27467
     - https://github.com/ceng-yildirim/LFI-processwire
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-27467
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -31,3 +31,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/15

cves/2020/CVE-2020-27866.yaml

@@ -1,16 +1,16 @@
 id: CVE-2020-27866
 
 info:
-  name: NETGEAR Authentication Bypass vulnerability
+  name: NETGEAR - Authentication Bypass
   author: gy741
   severity: high
-  description: This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6020, R6080, R6120, R6220, R6260, R6700v2, R6800, R6900v2, R7450, JNR3210, WNR2020,
+  description: NETGEAR R6020, R6080, R6120, R6220, R6260, R6700v2, R6800, R6900v2, R7450, JNR3210, WNR2020, Nighthawk AC2100, and Nighthawk AC2400 routers are vulnerable to authentication bypass vulnerabilities which could allow network-adjacent attackers to bypass authentication on affected installations.
-    Nighthawk AC2100, and Nighthawk AC2400 routers. Authentication is not required to exploit this vulnerability.
   reference:
     - https://wzt.ac.cn/2021/01/13/AC2400_vuln/
     - https://www.zerodayinitiative.com/advisories/ZDI-20-1451/
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27866
     - https://kb.netgear.com/000062641/Security-Advisory-for-Password-Recovery-Vulnerabilities-on-Some-Routers
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-27866
   classification:
     cvss-metrics: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.8
@@ -37,4 +37,6 @@ requests:
       - type: word
         words:
           - 'Debug Enable!'
-        part: body
+        part: body
+
+# Enhanced by mp on 2022/07/15

cves/2020/CVE-2020-27986.yaml

@@ -1,15 +1,16 @@
 id: CVE-2020-27986
 
 info:
-  name: SonarQube unauth
+  name: SonarQube - Authentication Bypass
   author: pikpikcu
   severity: high
   description: |
     SonarQube 8.4.2.36762 allows remote attackers to discover cleartext SMTP,
     SVN, and GitLab credentials via the api/settings/values URI.
-    NOTE: reportedly, the vendor's position for SMTP and SVN is "it is the administrator's responsibility to configure it."
+  remediation: Reportedly, the vendor's position for SMTP and SVN is "it is the administrator's responsibility to configure it."
   reference:
     - https://csl.com.co/sonarqube-auditando-al-auditor-parte-i/
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-27866
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -35,3 +36,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/15

cves/2020/CVE-2020-3452.yaml

@@ -1,11 +1,11 @@
 id: CVE-2020-3452
 
 info:
-  name: Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) - Arbitrary File Retrieval
+  name: Cisco Adaptive Security Appliance (ASA)/Firepower Threat Defense (FTD) - Local File Inclusion
   author: pdteam
   severity: high
   description: |
-    A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and read sensitive files on a targeted system. The vulnerability is due to a lack of proper input validation of URLs in HTTP requests processed by an affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences to an affected device. A successful exploit could allow the attacker to view arbitrary files within the web services file system on the targeted device. The web services file system is enabled when the affected device is configured with either WebVPN or AnyConnect features. This vulnerability cannot be used to obtain access to ASA or FTD system files or underlying operating system (OS) files.
+    Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software is vulnerable to local file inclusion due to directory traversal attacks that can read sensitive files on a targeted system because of a lack of proper input validation of URLs in HTTP requests processed by an affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences to an affected device. A successful exploit could allow the attacker to view arbitrary files within the web services file system on the targeted device. The web services file system is enabled when the affected device is configured with either WebVPN or AnyConnect features. This vulnerability cannot be used to obtain access to ASA or FTD system files or underlying operating system (OS) files.
   reference:
     - https://twitter.com/aboul3la/status/1286012324722155525
     - http://packetstormsecurity.com/files/158646/Cisco-ASA-FTD-Remote-File-Disclosure.html
@@ -13,6 +13,7 @@ info:
     - http://packetstormsecurity.com/files/159523/Cisco-ASA-FTD-9.6.4.42-Path-Traversal.html
     - http://packetstormsecurity.com/files/160497/Cisco-ASA-9.14.1.10-FTD-6.6.0.1-Path-Traversal.html
     - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ro-path-KJuQhB86
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-3452
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -31,3 +32,5 @@ requests:
           - "INTERNAL_PASSWORD_ENABLED"
           - "CONF_VIRTUAL_KEYBOARD"
         condition: and
+
+# Enhanced by mp on 2022/07/15

cves/2020/CVE-2020-5284.yaml

@@ -1,14 +1,15 @@
 id: CVE-2020-5284
 
 info:
-  name: Next.js .next/ limited path traversal
+  name: Next.js <9.3.2 - Local File Inclusion
   author: rootxharsh,iamnoooob,dwisiswant0
   severity: medium
-  description: Next.js versions before 9.3.2 have a directory traversal vulnerability. Attackers could craft special requests to access files in the dist directory (.next). This does not affect files outside of the dist directory (.next). In general, the dist directory only holds build assets unless your application intentionally stores other assets under this directory. This issue is fixed in version 9.3.2.
+  description: Next.js versions before 9.3.2 are vulnerable to local file inclusion. An attacker can craft special requests to access files in the dist directory (.next). This does not affect files outside of the dist directory (.next). In general, the dist directory only holds build assets unless your application intentionally stores other assets under this directory.
+  remediation: This issue is fixed in version 9.3.2.
   reference:
-    - https://github.com/zeit/next.js/releases/tag/v9.3.2 https://github.com/zeit/next.js/security/advisories/GHSA-fq77-7p7r-83rj
     - https://github.com/zeit/next.js/releases/tag/v9.3.2
     - https://github.com/zeit/next.js/security/advisories/GHSA-fq77-7p7r-83rj
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-5284
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 4.3
@@ -33,3 +34,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/22

cves/2020/CVE-2020-5405.yaml

@@ -1,13 +1,13 @@
 id: CVE-2020-5405
 
 info:
-  name: Spring Cloud Directory Traversal
+  name: Spring Cloud Config - Local File Inclusion
   author: harshbothra_
   severity: medium
-  description: Spring Cloud Config, versions 2.2.x prior to 2.2.2, versions 2.1.x prior to 2.1.7, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server
+  description: Spring Cloud Config versions 2.2.x prior to 2.2.2, 2.1.x prior to 2.1.7, and older unsupported versions are vulnerable to local file inclusion because they allow applications to serve arbitrary configuration files through the spring-cloud-config-server module.
-    module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead a directory traversal attack.
   reference:
     - https://pivotal.io/security/cve-2020-5405
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-5405
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
     cvss-score: 6.5
@@ -28,3 +28,5 @@ requests:
         regex:
           - "root:.*:0:0:"
         part: body
+
+# Enhanced by mp on 2022/07/22

cves/2020/CVE-2020-8193.yaml

@@ -1,14 +1,15 @@
 id: CVE-2020-8193
 
 info:
-  name: Citrix unauthenticated LFI
+  name: Citrix  - Local File Inclusion
   author: pdteam
   severity: medium
-  description: Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows unauthenticated access to certain URL endpoints.
+  description: Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 are vulnerable to local file inclusion because they allow unauthenticated access to certain URL endpoints.
   reference:
     - https://github.com/jas502n/CVE-2020-8193
     - http://packetstormsecurity.com/files/160047/Citrix-ADC-NetScaler-Local-File-Inclusion.html
     - https://support.citrix.com/article/CTX276688
+    - https://nvd.nist.gov/vuln/detail/CVE-2020-8193
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
     cvss-score: 6.5
@@ -73,3 +74,5 @@ requests:
         regex:
           - "root:.*:0:0:"
         part: body
+
+# Enhanced by mp on 2022/07/22

cves/2020/CVE-2020-8644.yaml

@@ -55,4 +55,4 @@ requests:
         status:
           - 200
 
-# Enhanced by mp on 2022/07/07
+# Enhanced by mp on 2022/07/07

cves/2021/CVE-2021-21402.yaml

@@ -1,18 +1,18 @@
 id: CVE-2021-21402
 
 info:
-  name: Jellyfin prior to 10.7.0 Unauthenticated Arbitrary File Read
+  name: Jellyfin <10.7.0 - Local File Inclusion
   author: dwisiswant0
   severity: medium
   description: |
-    Jellyfin allows unauthenticated arbitrary file read. This issue is more prevalent when
+    Jellyfin before 10.7.0 is vulnerable to local file inclusion. This issue is more prevalent when Windows is used as the host OS. Servers exposed to public Internet are potentially at risk.
-    Windows is used as the host OS. Servers that are exposed to the public Internet are
+  remediation: This is fixed in version 10.7.1.
-    potentially at risk. This is fixed in version 10.7.1.
   reference:
     - https://securitylab.github.com/advisories/GHSL-2021-050-jellyfin/
     - https://github.com/jellyfin/jellyfin/security/advisories/GHSA-wg4c-c9g9-rxhx
     - https://github.com/jellyfin/jellyfin/releases/tag/v10.7.1
     - https://github.com/jellyfin/jellyfin/commit/0183ef8e89195f420c48d2600bc0b72f6d3a7fd7
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-21402
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 6.5
@@ -42,3 +42,5 @@ requests:
         regex:
           - "\\[(font|extension|file)s\\]"
         part: body
+
+# Enhanced by mp on 2022/07/22

cves/2021/CVE-2021-23241.yaml

@@ -1,15 +1,15 @@
 id: CVE-2021-23241
 
 info:
-  name: Mercury Router Web Server Directory Traversal
+  name: MERCUSYS Mercury X18G 1.0.5 Router - Local File Inclusion
   author: daffainfo
   severity: medium
-  description: MERCUSYS Mercury X18G 1.0.5 devices allow Directory Traversal via ../ in conjunction with a loginLess or login.htm URI (for authentication bypass) to the web server, as demonstrated by the /loginLess/../../etc/passwd URI.
+  description: MERCUSYS Mercury X18G 1.0.5 devices are vulnerable to local file inclusion via ../ in conjunction with a loginLess or login.htm URI (for authentication bypass) to the web server, as demonstrated by the /loginLess/../../etc/passwd URI.
   reference:
     - https://github.com/BATTZION/MY_REQUEST/blob/master/Mercury%20Router%20Web%20Server%20Directory%20Traversal.md
-    - https://nvd.nist.gov/vuln/detail/CVE-2021-23241
     - https://www.mercusys.com/en/
     - https://www.mercurycom.com.cn/product-521-1.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-23241
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
@@ -32,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/22

cves/2021/CVE-2021-26085.yaml

@@ -1,15 +1,14 @@
 id: CVE-2021-26085
 
 info:
-  name: Confluence Pre-Authorization Arbitrary File Read in /s/ endpoint - CVE-2021-26085
+  name: Atlassian Confluence Server - Local File Inclusion
   author: princechaddha
   severity: medium
-  description: Affected versions of Atlassian Confluence Server allow remote attackers to view restricted resources via a Pre-Authorization Arbitrary File Read vulnerability in the /s/ endpoint.
+  description: Atlassian Confluence Server allows remote attackers to view restricted resources via local file inclusion in the /s/ endpoint.
   reference:
     - https://packetstormsecurity.com/files/164401/Atlassian-Confluence-Server-7.5.1-Arbitrary-File-Read.html
-    - https://nvd.nist.gov/vuln/detail/CVE-2021-26085
     - https://jira.atlassian.com/browse/CONFSERVER-67893
-    - http://packetstormsecurity.com/files/164401/Atlassian-Confluence-Server-7.5.1-Arbitrary-File-Read.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-26085
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
@@ -36,3 +35,5 @@ requests:
           - "<display-name>Confluence</display-name>"
           - "com.atlassian.confluence.setup.ConfluenceAppConfig"
         condition: and
+
+# Enhanced by mp on 2022/07/22

cves/2021/CVE-2021-26086.yaml

@@ -1,14 +1,14 @@
 id: CVE-2021-26086
 
 info:
-  name: Jira Limited Local File Read
+  name: Atlassian Jira Limited -  Local File Inclusion
   author: cocxanh
   severity: medium
-  description: Affected versions of Atlassian Jira Server and Data Center allow remote attackers to read particular files via a path traversal vulnerability in the /WEB-INF/web.xml endpoint.
+  description: Affected versions of Atlassian Jira Limited Server and Data Center are vulnerable to local file inclusion because they allow remote attackers to read particular files via a path traversal vulnerability in the /WEB-INF/web.xml endpoint.
   reference:
     - https://jira.atlassian.com/browse/JRASERVER-72695
-    - https://nvd.nist.gov/vuln/detail/CVE-2021-26086
     - http://packetstormsecurity.com/files/164405/Atlassian-Jira-Server-Data-Center-8.4.0-File-Read.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-26086
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
@@ -33,3 +33,5 @@ requests:
           - "</web-app>"
         part: body
         condition: and
+
+# Enhanced by mp on 2022/07/22

cves/2021/CVE-2021-27748.yaml

@@ -5,11 +5,11 @@ info:
   author: pdteam
   severity: high
   description: |
-    IBM WebSphere HCL Digital Experience is susceptible to server-side request forgery vulnerability that impacts on-premise deployments and containers.
+    IBM WebSphere HCL Digital Experience is vulnerable to server-side request forgery that impacts on-premise deployments and containers.
   reference:
     - https://blog.assetnote.io/2021/12/26/chained-ssrf-websphere/
     - https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0095665
-    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27748
+    - hhttps://nvd.nist.gov/vuln/detail/CVE-2022-31268
   classification:
     cve-id: CVE-2021-27748
   metadata:
@@ -35,4 +35,6 @@ requests:
 
       - type: status
         status:
-          - 200
+          - 200
+
+# Enhanced by mp on 2022/07/15

cves/2021/CVE-2021-28149.yaml

@@ -1,15 +1,15 @@
 id: CVE-2021-28149
 
 info:
-  name: Hongdian Directory Traversal
+  name: Hongdian H8922 3.0.5 Devices - Local File Inclusion
   author: gy741
   severity: medium
   description: |
-    Hongdian H8922 3.0.5 devices allow Directory Traversal. The /log_download.cgi log export handler does not validate user input and allows a remote attacker with minimal privileges to download any file from the device by substituting ../ (e.g., ../../etc/passwd) This can be carried out with a web browser by changing the file name accordingly. Upon visiting log_download.cgi?type=../../etc/passwd and logging in, the web server will allow a download of the contents of the /etc/passwd file.
+    Hongdian H8922 3.0.5 devices are vulnerable to local file inclusion. The /log_download.cgi log export handler does not validate user input and allows a remote attacker with minimal privileges to download any file from the device by substituting ../ (e.g., ../../etc/passwd) This can be carried out with a web browser by changing the file name accordingly. Upon visiting log_download.cgi?type=../../etc/passwd and logging in, the web server will allow a download of the contents of the /etc/passwd file.
   reference:
     - https://ssd-disclosure.com/ssd-advisory-hongdian-h8922-multiple-vulnerabilities/
-    - https://nvd.nist.gov/vuln/detail/CVE-2021-28149
     - http://en.hongdian.com/Products/Details/H8922
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-28149
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 6.5
@@ -47,3 +47,5 @@ requests:
           - "sshd:[x*]"
           - "root:[$]"
         part: body
+
+# Enhanced by mp on 2022/07/22

cves/2021/CVE-2021-28151.yaml

@@ -1,15 +1,15 @@
 id: CVE-2021-28151
 
 info:
-  name: Hongdian Command Injection
+  name: Hongdian H8922 3.0.5 - Remote Command Injection
   author: gy741
   severity: high
   description: |
     Hongdian H8922 3.0.5 devices allow OS command injection via shell metacharacters into the ip-address (aka Destination) field to the tools.cgi ping command, which is accessible with the username guest and password guest.
   reference:
     - https://ssd-disclosure.com/ssd-advisory-hongdian-h8922-multiple-vulnerabilities/
-    - https://nvd.nist.gov/vuln/detail/CVE-2021-28151
     - http://en.hongdian.com/Products/Details/H8922
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-28151
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.8
@@ -55,3 +55,5 @@ requests:
           - "groups="
         part: body
         condition: and
+
+# Enhanced by mp on 2022/07/15

cves/2021/CVE-2021-28377.yaml

@@ -1,10 +1,10 @@
 id: CVE-2021-28377
 
 info:
-  name: ChronoForums 2.0.11 - Directory Traversal
+  name: Joomla! ChronoForums 2.0.11 - Local File Inclusion
   author: 0x_Akoko
   severity: medium
-  description: The ChronoForums avatar function is vulnerable through unauthenticated path traversal attacks. This enables unauthenticated attackers to read arbitrary files, for example the Joomla! configuration file which contains credentials.
+  description: Joomla! ChronoForums 2.0.11 avatar function is vulnerable to local file inclusion through unauthenticated path traversal attacks. This enables an attacker to read arbitrary files, for example the Joomla! configuration file which contains credentials.
   reference:
     - https://herolab.usd.de/en/security-advisories/usd-2021-0007/
     - https://nvd.nist.gov/vuln/detail/CVE-2021-28377
@@ -29,3 +29,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/22

cves/2021/CVE-2021-28937.yaml

@@ -1,13 +1,14 @@
 id: CVE-2021-28937
 
 info:
-  name: Acexy Wireless-N WiFi Repeater Password Disclosure
+  name: Acexy Wireless-N WiFi Repeater REV 1.0 - Repeater Password Disclosure
   author: geeknik
   severity: high
-  description: The password.html page of the Web management interface of the Acexy Wireless-N WiFi Repeater REV 1.0 contains the administrator account password in plaintext.
+  description: Acexy Wireless-N WiFi Repeater REV 1.0 is vulnerable to password disclosure because the password.html page of the web management interface contains the administrator account password in plaintext.
   reference:
     - https://blog-ssh3ll.medium.com/acexy-wireless-n-wifi-repeater-vulnerabilities-8bd5d14a2990
     - http://acexy.com
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-28937
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -31,3 +32,5 @@ requests:
           - "addCfg('username'"
           - "addCfg('newpass'"
         condition: and
+
+# Enhanced by mp on 2022/07/15

cves/2021/CVE-2021-29442.yaml

@@ -1,18 +1,17 @@
 id: CVE-2021-29442
 
 info:
-  name: Nacos prior to 1.4.1 Missing Authentication Check
+  name: Nacos <1.4.1 - Authentication Bypass
   author: dwisiswant0
   severity: high
   description: |
-    In Nacos before version 1.4.1, the ConfigOpsController lets the user perform management operations like querying the database or even wiping it out.
+    Nacos before version 1.4.1 is vulnerable to authentication bypass because the ConfigOpsController lets the user perform management operations like querying the database or even wiping it out. While the /data/remove endpoint is properly protected with the @Secured annotation, the /derby endpoint is not protected and can be openly accessed by unauthenticated users. These endpoints are only valid when using embedded storage (derby DB) so this issue should not affect those installations using external storage (e.g. mysql).
-    While the /data/remove endpoint is properly protected with the @Secured annotation, the /derby endpoint is not protected and can be openly accessed by unauthenticated users.
-    These endpoints are only valid when using embedded storage (derby DB) so this issue should not affect those installations using external storage (e.g. mysql)
   reference:
     - https://securitylab.github.com/advisories/GHSL-2020-325_326-nacos/
     - https://github.com/alibaba/nacos/issues/4463
     - https://github.com/alibaba/nacos/pull/4517
     - https://github.com/advisories/GHSA-36hp-jr8h-556f
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-29442
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -37,3 +36,5 @@ requests:
         regex:
           - "\"TABLENAME\":\"(?:(?:(?:(?:(?:APP_CONFIGDATA_RELATION_[PS]UB|SYS(?:(?:CONGLOMERAT|ALIAS|(?:FI|RO)L)E|(?:(?:ROUTINE)?|COL)PERM|(?:FOREIGN)?KEY|CONSTRAINT|T(?:ABLEPERM|RIGGER)|S(?:TAT(?:EMENT|ISTIC)|EQUENCE|CHEMA)|DEPEND|CHECK|VIEW|USER)|USER|ROLE)S|CONFIG_(?:TAGS_RELATION|INFO_(?:AGGR|BETA|TAG))|TENANT_CAPACITY|GROUP_CAPACITY|PERMISSIONS|SYSCOLUMNS|SYS(?:DUMMY1|TABLES)|APP_LIST)|CONFIG_INFO)|TENANT_INFO)|HIS_CONFIG_INFO)\""
         part: body
+
+# Enhanced by mp on 2022/07/15

cves/2021/CVE-2021-30497.yaml

@@ -1,19 +1,21 @@
 id: CVE-2021-30497
 
 info:
-  name: Ivanti Avalanche Directory Traversal
+  name: Ivanti Avalanche 6.3.2 - Local File Inclusion
   author: gy741
   severity: high
-  description: A directory traversal vulnerability in Ivanti Avalanche allows remote unauthenticated user to access files that reside outside the 'image' folder
+  description: Ivanti Avalanche 6.3.2 is vulnerable to local file inclusion because it allows remote unauthenticated user to access files that reside outside the 'image' folder.
   reference:
     - https://ssd-disclosure.com/ssd-advisory-ivanti-avalanche-directory-traversal/
     - https://forums.ivanti.com/s/article/Security-Alert-CVE-2021-30497-Directory-Traversal-Vulnerability?language=en_US
     - https://help.ivanti.com/wl/help/en_us/aod/5.4/Avalanche/Console/Launching_the_Avalanche.htm
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30497
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
     cve-id: CVE-2021-30497
-  tags: cve,cve2021,avalanche,traversal
+    cwe-id: CWE-36
+  tags: cve,cve2021,avalanche,traversal,lfi
 
 requests:
   - method: GET
@@ -30,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/14

cves/2021/CVE-2021-31602.yaml

@@ -1,15 +1,16 @@
 id: CVE-2021-31602
 
 info:
-  name: Pentaho <= 9.1 Authentication Bypass of Spring APIs
+  name: Hitachi Vantara Pentaho/Business Intelligence Server - Authentication Bypass
   author: pussycat0x
   severity: high
-  description: An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence Server through 7.x. The Security Model has different layers of Access Control. One of these layers is the applicationContext security, which is defined in the applicationContext-spring-security.xml file. The default configuration allows an unauthenticated user with no previous knowledge of the platform settings to extract pieces of information without possessing valid credentials.
+  description: Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence Server through 7.x are vulnerable to authentication bypass. The Security Model has different layers of Access Control. One of these layers is the applicationContext security, which is defined in the applicationContext-spring-security.xml file. The default configuration allows an unauthenticated user with no previous knowledge of the platform settings to extract pieces of information without possessing valid credentials.
   reference:
     - https://seclists.org/fulldisclosure/2021/Nov/13
     - https://portswigger.net/daily-swig/remote-code-execution-sql-injection-bugs-uncovered-in-pentaho-business-analytics-software
     - https://hawsec.com/publications/pentaho/HVPENT210401-Pentaho-BA-Security-Assessment-Report-v1_1.pdf
     - https://www.hitachi.com/hirt/security/index.html
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31602
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -38,3 +39,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/15

cves/2021/CVE-2021-3223.yaml

@@ -1,14 +1,15 @@
 id: CVE-2021-3223
 
 info:
-  name: Node RED Dashboard - Directory Traversal
+  name: Node RED Dashboard <2.26.2 - Local File Inclusion
   author: gy741,pikpikcu
   severity: high
-  description: Node-RED-Dashboard before 2.26.2 allows ui_base/js/..%2f directory traversal to read files.
+  description: NodeRED-Dashboard before 2.26.2 is vulnerable to local file inclusion because it allows ui_base/js/..%2f directory traversal to read files.
   reference:
     - https://github.com/node-red/node-red-dashboard/issues/669
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3223
     - https://github.com/node-red/node-red-dashboard/releases/tag/2.26.2
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-3223
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -37,3 +38,5 @@ requests:
         part: body
         words:
           - "Node-RED web server is listening"
+
+# Enhanced by mp on 2022/07/15

cves/2021/CVE-2021-3374.yaml

@@ -1,14 +1,14 @@
 id: CVE-2021-3374
 
 info:
-  name: Rstudio Shiny Server Directory Traversal
+  name: Rstudio Shiny Server <1.5.16 - Local File Inclusion
   author: geeknik
   severity: medium
-  description: Rstudio Shiny-Server prior to 1.5.16 is vulnerable to directory traversal and source code leakage. This can be exploited by appending an encoded slash to the URL.
+  description: Rstudio Shiny Server prior to 1.5.16 is vulnerable to local file inclusion and source code leakage. This can be exploited by appending an encoded slash to the URL.
   reference:
-    - https://github.com/colemanjp/rstudio-shiny-server-directory-traversal-source-code-leak
     - https://github.com/colemanjp/shinyserver-directory-traversal-source-code-leak
     - https://blog.rstudio.com/2021/01/13/shiny-server-1-5-16-update/
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-3374
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
@@ -34,3 +34,5 @@ requests:
         part: body
         regex:
           - "[A-Za-z].*\\.R"
+
+# Enhanced by mp on 2022/07/22

cves/2021/CVE-2021-36749.yaml

@@ -1,15 +1,15 @@
 id: CVE-2021-36749
 
 info:
-  name: Apache Druid Authentication Restrictions Bypass
+  name: Apache Druid - Local File Inclusion
   author: _0xf4n9x_
   severity: medium
-  description: In the Druid ingestion system, the InputSource is used for reading data from a certain data source. However, the HTTP InputSource allows authenticated users to read data from other sources than intended, such as the local file system, with the privileges of the Druid server process. This is not an elevation of privilege when users access Druid directly, since Druid also provides the Local InputSource, which allows the same level of access. But it is problematic when users interact with Druid indirectly through an application that allows users to specify the HTTP InputSource, but not the Local InputSource. In this case, users could bypass the application-level restriction by passing a file URL to the HTTP InputSource. This issue was previously mentioned as being fixed in 0.21.0 as per CVE-2021-26920 but was not fixed in 0.21.0 or 0.21.1.
+  description: Apache Druid ingestion system is vulnerable to local file inclusion. The InputSource is used for reading data from a certain data source. However, the HTTP InputSource allows authenticated users to read data from other sources than intended, such as the local file system, with the privileges of the Druid server process. This is not an elevation of privilege when users access Druid directly, since Druid also provides the Local InputSource, which allows the same level of access. But it is problematic when users interact with Druid indirectly through an application that allows users to specify the HTTP InputSource, but not the Local InputSource. In this case, users could bypass the application-level restriction by passing a file URL to the HTTP InputSource. This issue was previously mentioned as being fixed in 0.21.0 as per CVE-2021-26920 but was not fixed in 0.21.0 or 0.21.1.
   reference:
-    - https://nvd.nist.gov/vuln/detail/CVE-2021-36749
     - https://www.cvedetails.com/cve/CVE-2021-36749/
     - https://github.com/BrucessKING/CVE-2021-36749
     - https://lists.apache.org/thread.html/rc9400a70d0ec5cdb8a3486fc5ddb0b5282961c0b63e764abfbcb9f5d%40%3Cdev.druid.apache.org%3E
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-36749
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 6.5
@@ -34,3 +34,5 @@ requests:
           - "root:.*:0:0:"
           - "druid:*:1000:1000:"
         condition: or
+
+# Enhanced by mp on 2022/07/22

cves/2021/CVE-2021-41569.yaml

@@ -1,13 +1,13 @@
 id: CVE-2021-41569
 info:
-  name: SAS 9.4 build 1520 - Local File Inclusion
+  name: SAS/Internet 9.4 1520 - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: SAS/Intrnet 9.4 build 1520 and earlier allows Local File Inclusion. The samples library (included by default) in the appstart.sas file, allows end-users of the application to access the sample.webcsf1.sas program, which contains user-controlled macro variables that are passed to the DS2CSF macro.
+  description: SAS/Internet 9.4 build 1520 and earlier allows local file inclusion. The samples library (included by default) in the appstart.sas file, allows end-users of the application to access the sample.webcsf1.sas program, which contains user-controlled macro variables that are passed to the DS2CSF macro.
   reference:
     - https://www.mindpointgroup.com/blog/high-risk-vulnerability-discovery-localfileinclusion-sas
-    - https://nvd.nist.gov/vuln/detail/CVE-2021-41569
     - https://support.sas.com/kb/68/641.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-41569
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -30,3 +30,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/15

cves/2022/CVE-2022-0656.yaml

@@ -1,10 +1,10 @@
 id: CVE-2022-0656
 
 info:
-  name: uDraw < 3.3.3 - Unauthenticated Arbitrary File Access
+  name: uDraw <3.3.3 - Local File Inclusion
   author: akincibor
   severity: high
-  description: The plugin does not validate the url parameter in its udraw_convert_url_to_base64 AJAX action (available to both unauthenticated and authenticated users) before using it in the file_get_contents function and returning its content base64 encoded in the response. As a result, unauthenticated users could read arbitrary files on the web server (such as /etc/passwd, wp-config.php etc).
+  description: uDraw before 3.3.3 does not validate the url parameter in its udraw_convert_url_to_base64 AJAX action (available to both unauthenticated and authenticated users) before using it in the file_get_contents function and returning its content base64 encoded in the response. As a result, unauthenticated users could read arbitrary files on the web server (such as /etc/passwd, wp-config.php etc).
   reference:
     - https://wpscan.com/vulnerability/925c4c28-ae94-4684-a365-5f1e34e6c151
     - https://nvd.nist.gov/vuln/detail/CVE-2022-0656
@@ -40,3 +40,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/22

cves/2022/CVE-2022-24129.yaml

@@ -1,15 +1,15 @@
 id: CVE-2022-24129
 
 info:
-  name: Shibboleth OIDC OP plugin <3.0.4 - Server-Side Request Forgery
+  name: Shibboleth OIDC OP <3.0.4 - Server-Side Request Forgery
   author: 0x_Akoko
   severity: high
-  description: The OIDC OP plugin before 3.0.4 for Shibboleth Identity Provider allows server-side request forgery (SSRF) due to insufficient restriction of the request_uri parameter. This allows attackers to interact with arbitrary third-party HTTP services.
+  description: The Shibboleth Identity Provider OIDC OP plugin before 3.0.4 is vulnerable to server-side request forgery (SSRF) due to insufficient restriction of the request_uri parameter, which allows attackers to interact with arbitrary third-party HTTP services.
   reference:
     - https://github.com/sbaresearch/advisories/tree/public/2022/SBA-ADV-20220127-01_Shibboleth_IdP_OIDC_OP_Plugin_SSRF
     - https://shibboleth.atlassian.net/wiki/spaces/IDPPLUGINS/pages/1376878976/OIDC+OP
-    - https://nvd.nist.gov/vuln/detail/CVE-2022-24129
     - http://shibboleth.net/community/advisories/
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-24129
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
     cvss-score: 8.2
@@ -33,3 +33,5 @@ requests:
         part: interactsh_request
         words:
           - "ShibbolethIdp"
+
+# Enhanced by mp on 2022/07/15

cves/2022/CVE-2022-26233.yaml

@@ -1,15 +1,16 @@
 id: CVE-2022-26233
 
 info:
-  name: Barco Control Room Management Suite - Directory Traversal
+  name: Barco Control Room Management Suite <=2.9 Build 0275 - Local File Inclusion
   author: 0x_Akoko
   severity: high
-  description: Barco Control Room Management through Suite 2.9 Build 0275 was discovered to be vulnerable to directory traversal, allowing attackers to access sensitive information and components. Requests must begin with the "GET /..\.." substring.
+  description: Barco Control Room Management through Suite 2.9 Build 0275 is vulnerable to local file inclusion that could allow attackers to access sensitive information and components. Requests must begin with the "GET /..\.." substring.
   reference:
     - https://0day.today/exploit/37579
     - https://www.cvedetails.com/cve/CVE-2022-26233
     - http://seclists.org/fulldisclosure/2022/Apr/0
     - http://packetstormsecurity.com/files/166577/Barco-Control-Room-Management-Suite-Directory-Traversal.html
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-26233
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -32,3 +33,5 @@ requests:
           - "fonts"
           - "extensions"
         condition: and
+
+# Enhanced by mp on 2022/07/15

cves/2022/CVE-2022-27849.yaml

@@ -1,14 +1,14 @@
 id: CVE-2022-27849
 info:
-  name: WordPress Simple Ajax Chat plugin <= 20220115 - Sensitive Information Disclosure vulnerability
+  name: WordPress Simple Ajax Chat <20220116 - Sensitive Information Disclosure vulnerability
   author: random-robbie
   severity: high
   description: |
-    Simple Ajax Chat < 20220216 - Sensitive Information Disclosure. The plugin does not properly restrict access to the exported data via the sac-export.csv file, which could allow unauthenticated users to access it
+    WordPress Simple Ajax Chat before 20220216 is vulnerable to sensitive information disclosure. The plugin does not properly restrict access to the exported data via the sac-export.csv file, which could allow unauthenticated users to access it.
   reference:
     - https://wordpress.org/plugins/simple-ajax-chat/#developers
-    - https://nvd.nist.gov/vuln/detail/CVE-2022-27849/
     - https://patchstack.com/database/vulnerability/simple-ajax-chat/wordpress-simple-ajax-chat-plugin-20220115-sensitive-information-disclosure-vulnerability
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-27849
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -41,3 +41,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/15

cves/2022/CVE-2022-28079.yaml

@@ -1,16 +1,17 @@
 id: CVE-2022-28079
 
 info:
-  name: College Management System - SQL Injection
+  name: College Management System 1.0 - SQL Injection
   author: ritikchaddha
   severity: high
   description: |
-    College Management System v1.0 was discovered to contain a SQL injection vulnerability via the course_code parameter.
+    College Management System 1.0 contains a SQL injection vulnerability via the course code parameter.
   reference:
     - https://github.com/erengozaydin/College-Management-System-course_code-SQL-Injection-Authenticated
     - https://download.code-projects.org/details/1c3b87e5-f6a6-46dd-9b5f-19c39667866f
     - https://nvd.nist.gov/vuln/detail/CVE-2022-28079
     - https://code-projects.org/college-management-system-in-php-with-source-code/
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-28079
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.8
@@ -41,3 +42,5 @@ requests:
       - type: status
         status:
           - 302
+
+# Enhanced by mp on 2022/07/15

cves/2022/CVE-2022-28080.yaml

@@ -5,12 +5,12 @@ info:
   author: lucasljm2001,ekrause,ritikchaddha
   severity: high
   description: |
-    Detects an SQL Injection vulnerability in Royal Event System
+    Royal Event is vulnerable to a SQL injection vulnerability.
   reference:
     - https://www.exploit-db.com/exploits/50934
     - https://www.sourcecodester.com/sites/default/files/download/oretnom23/Royal%20Event.zip
-    - https://nvd.nist.gov/vuln/detail/CVE-2022-28080
     - https://github.com/erengozaydin/Royal-Event-Management-System-todate-SQL-Injection-Authenticated
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-28080
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 8.8
@@ -68,3 +68,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/15

cves/2022/CVE-2022-29014.yaml

@@ -1,14 +1,13 @@
 id: CVE-2022-29014
 
 info:
-  name: Razer Sila Gaming Router v2.0.441_api-2.0.418 - LFI
+  name: Razer Sila Gaming Router 2.0.441_api-2.0.418 - Local File Inclusion
   author: edoardottt
   severity: high
-  description: A local file inclusion vulnerability in Razer Sila Gaming Router v2.0.441_api-2.0.418 allows attackers to read arbitrary files.
+  description: Razer Sila Gaming Router 2.0.441_api-2.0.418 is vulnerable to local file inclusion which could allow attackers to read arbitrary files.
   reference:
     - https://www.exploit-db.com/exploits/50864
     - https://nvd.nist.gov/vuln/detail/CVE-2022-29014
-    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29014
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -34,3 +33,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/15

cves/2022/CVE-2022-29298.yaml

@@ -1,15 +1,15 @@
 id: CVE-2022-29298
 
 info:
-  name: SolarView Compact 6.00 - Directory Traversal
+  name: SolarView Compact 6.00 - Local File Inclusion
   author: ritikchaddha
   severity: high
-  description: SolarView Compact ver.6.00 allows attackers to access sensitive files via directory traversal.
+  description: SolarView Compact 6.00 is vulnerable to local file inclusion which could allow attackers to access sensitive files.
   reference:
     - https://www.exploit-db.com/exploits/50950
     - https://drive.google.com/file/d/1-RHw9ekVidP8zc0xpbzBXnse2gSY1xbH/view
-    - https://nvd.nist.gov/vuln/detail/CVE-2022-29298
     - https://drive.google.com/file/d/1-RHw9ekVidP8zc0xpbzBXnse2gSY1xbH/view?usp=sharing
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-29298
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -35,3 +35,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/15

cves/2022/CVE-2022-31268.yaml

@@ -1,15 +1,15 @@
 id: CVE-2022-31268
 
 info:
-  name: Gitblit 1.9.3 - Path traversal
+  name: Gitblit 1.9.3 - Local File Inclusion
   author: 0x_Akoko
   severity: high
   description: |
-    A Path Traversal vulnerability in Gitblit 1.9.3 can lead to reading website files via /resources//../ (e.g., followed by a WEB-INF or META-INF pathname).
+    Gitblit 1.9.3 is vulnerable to local file inclusion via /resources//../ (e.g., followed by a WEB-INF or META-INF pathname).
   reference:
     - https://github.com/metaStor/Vuls/blob/main/gitblit/gitblit%20V1.9.3%20path%20traversal/gitblit%20V1.9.3%20path%20traversal.md
-    - https://www.cvedetails.com/cve/CVE-2022-31268
     - https://vuldb.com/?id.200500
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-31268
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5
@@ -44,3 +44,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/15

cves/2022/CVE-2022-32409.yaml

@@ -1,14 +1,14 @@
 id: CVE-2022-32409
 
 info:
-  name: i3geo - Directory Traversal
+  name: Portal do Software Publico Brasileiro i3geo 7.0.5 - Local File Inclusion
   author: pikpikcu
   severity: critical
-  description: A local file inclusion (LFI) vulnerability in the component codemirror.php of Portal do Software Publico Brasileiro i3geo v7.0.5 allows attackers to execute arbitrary PHP code via a crafted HTTP request
+  description: Portal do Software Publico Brasileiro i3geo 7.0.5 is vulnerable to local file inclusion in the component codemirror.php, which allows attackers to execute arbitrary PHP code via a crafted HTTP request.
   reference:
     - https://github.com/wagnerdracha/ProofOfConcept/blob/main/i3geo_proof_of_concept.txt
-    - https://nvd.nist.gov/vuln/detail/CVE-2022-32409
     - https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/07-Input_Validation_Testing/11.1-Testing_for_Local_File_Inclusion
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-32409
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
@@ -34,3 +34,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/22

cves/2022/CVE-2022-33174.yaml

@@ -1,11 +1,11 @@
 id: CVE-2022-33174
 
 info:
-  name: Powertek Firmware - Authorization Bypass
+  name: Powertek Firmware <3.30.30 - Authorization Bypass
   author: pikpikcu
   severity: high
   description: |
-    Power Distribution Units running on Powertek firmware (multiple brands) before 3.30.30 allows remote authorization bypass in the web interface. To exploit the vulnerability, an attacker must send an HTTP packet to the data retrieval interface (/cgi/get_param.cgi) with the tmpToken cookie set to an empty string followed by a semicolon. This bypasses an active session authorization check. This can be then used to fetch the values of protected sys.passwd and sys.su.name fields that contain the username and password in cleartext.
+    Powertek firmware (multiple brands) before 3.30.30 running Power Distribution Units are vulnerable to authorization bypass in the web interface. To exploit the vulnerability, an attacker must send an HTTP packet to the data retrieval interface (/cgi/get_param.cgi) with the tmpToken cookie set to an empty string followed by a semicolon. This bypasses an active session authorization check. This can be then used to fetch the values of protected sys.passwd and sys.su.name fields that contain the username and password in cleartext.
   reference:
     - https://gynvael.coldwind.pl/?lang=en&id=748
     - https://nvd.nist.gov/vuln/detail/CVE-2022-33174
@@ -45,3 +45,5 @@ requests:
         regex:
           - '<sys\.passwd>([A-Z0-9a-z]+)<\/sys\.passwd>'
           - '<sys\.su\.name>([a-z]+)<\/sys\.su\.name>'
+
+# Enhanced by mp on 2022/07/15

cves/2022/CVE-2022-34046.yaml

@@ -12,6 +12,8 @@ info:
   metadata:
     verified: true
     shodan-query: http.title:"Wi-Fi APP Login"
+  classification:
+    cve-id: CVE-2022-34046
   tags: cve,cve2022,wavlink,router,exposure
 
 requests:

cves/2022/CVE-2022-34047.yaml

@@ -12,6 +12,8 @@ info:
   metadata:
     verified: true
     shodan-query: http.title:"Wi-Fi APP Login"
+  classification:
+    cve-id: CVE-2022-34047
   tags: cve,cve2022,wavlink,router,exposure
 
 requests:

default-logins/apache/dubbo-admin-default-login.yaml

@@ -1,11 +1,16 @@
 id: dubbo-admin-default-login
 
 info:
-  name: Dubbo Admin Default Login
+  name: Apache Dubbo - Default Admin Discovery
   author: ritikchaddha
   severity: high
+  description: Apache Dubbo default admin credentials were discovered.
   reference:
     - https://www.cnblogs.com/wishwzp/p/9438658.html
+  classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
+    cvss-score: 8.3
+    cwe-id: CWE-522
   tags: dubbo,apache,default-login
 
 requests:
@@ -37,3 +42,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/15