TemplateMan Update [Tue Nov 14 16:35:16 UTC 2023] 🤖
parent
0acd9f08cb
commit
d13d82ad9b
|
@ -19,7 +19,7 @@ info:
|
|||
cve-id: CVE-2012-0896
|
||||
cwe-id: CWE-22
|
||||
epss-score: 0.02262
|
||||
epss-percentile: 0.88392
|
||||
epss-percentile: 0.8839
|
||||
cpe: cpe:2.3:a:count_per_day_project:count_per_day:2.2:*:*:*:*:*:*:*
|
||||
metadata:
|
||||
max-request: 1
|
||||
|
@ -42,4 +42,5 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a004730450221009700fbe61ad5532e3d045a4e18022907f02d9a51120d2482f30fc6ab5ccd686402206bb9c8c5f8013954e5f19195bc255d332777e9770f02b4139cd6744f19ff5458:922c64590222798bb761d5b6d8e72950
|
||||
|
||||
# digest: 4a0a004730450221009700fbe61ad5532e3d045a4e18022907f02d9a51120d2482f30fc6ab5ccd686402206bb9c8c5f8013954e5f19195bc255d332777e9770f02b4139cd6744f19ff5458:922c64590222798bb761d5b6d8e72950
|
||||
|
|
|
@ -16,7 +16,7 @@ info:
|
|||
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
||||
cvss-score: 9.8
|
||||
cve-id: CVE-2018-0127
|
||||
cwe-id: CWE-200,CWE-306
|
||||
cwe-id: CWE-306,CWE-200
|
||||
epss-score: 0.09982
|
||||
epss-percentile: 0.94289
|
||||
cpe: cpe:2.3:o:cisco:rv132w_firmware:1.0.0.1:*:*:*:*:*:*:*
|
||||
|
|
|
@ -18,7 +18,7 @@ info:
|
|||
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
||||
cvss-score: 7.5
|
||||
cve-id: CVE-2018-3760
|
||||
cwe-id: CWE-22,CWE-200
|
||||
cwe-id: CWE-200,CWE-22
|
||||
epss-score: 0.05013
|
||||
epss-percentile: 0.92004
|
||||
cpe: cpe:2.3:a:redhat:cloudforms:4.5:*:*:*:*:*:*:*
|
||||
|
|
|
@ -19,7 +19,7 @@ info:
|
|||
cve-id: CVE-2019-8086
|
||||
cwe-id: CWE-611
|
||||
epss-score: 0.14515
|
||||
epss-percentile: 0.95187
|
||||
epss-percentile: 0.9519
|
||||
cpe: cpe:2.3:a:adobe:experience_manager:6.2:*:*:*:*:*:*:*
|
||||
metadata:
|
||||
max-request: 2
|
||||
|
|
|
@ -14,7 +14,7 @@ info:
|
|||
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
|
||||
cvss-score: 6.5
|
||||
cve-id: CVE-2020-5412
|
||||
cwe-id: CWE-441,CWE-610
|
||||
cwe-id: CWE-610,CWE-441
|
||||
epss-score: 0.50583
|
||||
epss-percentile: 0.97197
|
||||
cpe: cpe:2.3:a:vmware:spring_cloud_netflix:*:*:*:*:*:*:*:*
|
||||
|
|
|
@ -17,7 +17,7 @@ info:
|
|||
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
|
||||
cvss-score: 9.9
|
||||
cve-id: CVE-2021-21345
|
||||
cwe-id: CWE-502,CWE-78
|
||||
cwe-id: CWE-78,CWE-502
|
||||
epss-score: 0.40326
|
||||
epss-percentile: 0.969
|
||||
cpe: cpe:2.3:a:xstream_project:xstream:*:*:*:*:*:*:*:*
|
||||
|
|
|
@ -15,7 +15,7 @@ info:
|
|||
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
|
||||
cvss-score: 7.5
|
||||
cve-id: CVE-2021-24146
|
||||
cwe-id: CWE-862,CWE-284
|
||||
cwe-id: CWE-284,CWE-862
|
||||
epss-score: 0.0212
|
||||
epss-percentile: 0.8795
|
||||
cpe: cpe:2.3:a:webnus:modern_events_calendar_lite:*:*:*:*:*:wordpress:*:*
|
||||
|
|
|
@ -17,7 +17,7 @@ info:
|
|||
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
||||
cvss-score: 9.8
|
||||
cve-id: CVE-2021-24215
|
||||
cwe-id: CWE-425,CWE-284
|
||||
cwe-id: CWE-284,CWE-425
|
||||
epss-score: 0.06792
|
||||
epss-percentile: 0.93151
|
||||
cpe: cpe:2.3:a:wpruby:controlled_admin_access:*:*:*:*:*:wordpress:*:*
|
||||
|
|
|
@ -19,7 +19,7 @@ info:
|
|||
cve-id: CVE-2021-24387
|
||||
cwe-id: CWE-79
|
||||
epss-score: 0.00145
|
||||
epss-percentile: 0.50142
|
||||
epss-percentile: 0.50131
|
||||
cpe: cpe:2.3:a:contempothemes:real_estate_7:*:*:*:*:*:wordpress:*:*
|
||||
metadata:
|
||||
max-request: 1
|
||||
|
@ -49,4 +49,5 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4b0a004830460221009497a9506b746393fd8ea187a64f73879d4b05e9f0ec87a81c222ec9a25c92c7022100ab0db0b6e0435e481ba6b80fa08ed9e6017bbe16b75bc2bd2aac7f36a88efb47:922c64590222798bb761d5b6d8e72950
|
||||
|
||||
# digest: 4b0a004830460221009497a9506b746393fd8ea187a64f73879d4b05e9f0ec87a81c222ec9a25c92c7022100ab0db0b6e0435e481ba6b80fa08ed9e6017bbe16b75bc2bd2aac7f36a88efb47:922c64590222798bb761d5b6d8e72950
|
||||
|
|
|
@ -14,7 +14,7 @@ info:
|
|||
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
|
||||
cvss-score: 6.5
|
||||
cve-id: CVE-2021-24947
|
||||
cwe-id: CWE-352,CWE-863
|
||||
cwe-id: CWE-863,CWE-352
|
||||
epss-score: 0.00206
|
||||
epss-percentile: 0.58412
|
||||
cpe: cpe:2.3:a:thinkupthemes:responsive_vector_maps:*:*:*:*:*:wordpress:*:*
|
||||
|
|
|
@ -16,7 +16,7 @@ info:
|
|||
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
||||
cvss-score: 9.8
|
||||
cve-id: CVE-2021-25003
|
||||
cwe-id: CWE-434,CWE-94
|
||||
cwe-id: CWE-94,CWE-434
|
||||
epss-score: 0.5392
|
||||
epss-percentile: 0.97273
|
||||
cpe: cpe:2.3:a:wptaskforce:wpcargo_track_\&_trace:*:*:*:*:*:wordpress:*:*
|
||||
|
|
|
@ -18,7 +18,7 @@ info:
|
|||
cve-id: CVE-2021-25055
|
||||
cwe-id: CWE-79
|
||||
epss-score: 0.001
|
||||
epss-percentile: 0.41025
|
||||
epss-percentile: 0.4101
|
||||
cpe: cpe:2.3:a:feedwordpress_project:feedwordpress:*:*:*:*:*:wordpress:*:*
|
||||
metadata:
|
||||
max-request: 2
|
||||
|
@ -58,4 +58,5 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a00473045022100f6c1f39561c955c713d25c6923103e5758b7b5dc718a49dea306a510ec1ba11402206a9c43c32ce01b028f58325c3440f30559fbe66b5e2b7ad3ce11070944bab2b7:922c64590222798bb761d5b6d8e72950
|
||||
|
||||
# digest: 4a0a00473045022100f6c1f39561c955c713d25c6923103e5758b7b5dc718a49dea306a510ec1ba11402206a9c43c32ce01b028f58325c3440f30559fbe66b5e2b7ad3ce11070944bab2b7:922c64590222798bb761d5b6d8e72950
|
||||
|
|
|
@ -17,7 +17,7 @@ info:
|
|||
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
||||
cvss-score: 5.3
|
||||
cve-id: CVE-2021-39327
|
||||
cwe-id: CWE-200,CWE-459
|
||||
cwe-id: CWE-459,CWE-200
|
||||
epss-score: 0.1118
|
||||
epss-percentile: 0.94603
|
||||
cpe: cpe:2.3:a:ait-pro:bulletproof_security:*:*:*:*:*:wordpress:*:*
|
||||
|
|
|
@ -15,7 +15,7 @@ info:
|
|||
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
||||
cvss-score: 7.5
|
||||
cve-id: CVE-2021-41277
|
||||
cwe-id: CWE-200,CWE-22
|
||||
cwe-id: CWE-22,CWE-200
|
||||
epss-score: 0.06768
|
||||
epss-percentile: 0.93137
|
||||
cpe: cpe:2.3:a:metabase:metabase:0.40.0:-:*:*:*:*:*:*
|
||||
|
|
|
@ -18,7 +18,7 @@ info:
|
|||
cve-id: CVE-2021-43421
|
||||
cwe-id: CWE-434
|
||||
epss-score: 0.05774
|
||||
epss-percentile: 0.92547
|
||||
epss-percentile: 0.92549
|
||||
cpe: cpe:2.3:a:std42:elfinder:*:*:*:*:*:*:*:*
|
||||
metadata:
|
||||
verified: true
|
||||
|
@ -56,4 +56,5 @@ http:
|
|||
regex:
|
||||
- '"hash"\:"(.*?)"\,'
|
||||
internal: true
|
||||
# digest: 4b0a00483046022100b94d1d82046f761ef7c4d7e6bffb9f9bf050a5964d04e9918995f981cf75c830022100fe49a83cd9883c9d522b256cec3121b3d7b97b6ea2e19a9f81be3ac1a8442226:922c64590222798bb761d5b6d8e72950
|
||||
|
||||
# digest: 4b0a00483046022100b94d1d82046f761ef7c4d7e6bffb9f9bf050a5964d04e9918995f981cf75c830022100fe49a83cd9883c9d522b256cec3121b3d7b97b6ea2e19a9f81be3ac1a8442226:922c64590222798bb761d5b6d8e72950
|
||||
|
|
|
@ -16,7 +16,7 @@ info:
|
|||
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
||||
cvss-score: 8.8
|
||||
cve-id: CVE-2022-0824
|
||||
cwe-id: CWE-284,CWE-863
|
||||
cwe-id: CWE-863,CWE-284
|
||||
epss-score: 0.9725
|
||||
epss-percentile: 0.99805
|
||||
cpe: cpe:2.3:a:webmin:webmin:*:*:*:*:*:*:*:*
|
||||
|
|
|
@ -19,7 +19,7 @@ info:
|
|||
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
||||
cvss-score: 9.8
|
||||
cve-id: CVE-2022-22963
|
||||
cwe-id: CWE-917,CWE-94
|
||||
cwe-id: CWE-94,CWE-917
|
||||
epss-score: 0.97534
|
||||
epss-percentile: 0.99991
|
||||
cpe: cpe:2.3:a:vmware:spring_cloud_function:*:*:*:*:*:*:*:*
|
||||
|
|
|
@ -17,7 +17,7 @@ info:
|
|||
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
|
||||
cvss-score: 5.3
|
||||
cve-id: CVE-2022-23134
|
||||
cwe-id: CWE-284,CWE-287
|
||||
cwe-id: CWE-287,CWE-284
|
||||
epss-score: 0.19245
|
||||
epss-percentile: 0.95751
|
||||
cpe: cpe:2.3:a:zabbix:zabbix:*:*:*:*:*:*:*:*
|
||||
|
|
|
@ -17,7 +17,7 @@ info:
|
|||
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
|
||||
cvss-score: 6.1
|
||||
cve-id: CVE-2022-23544
|
||||
cwe-id: CWE-918,CWE-79
|
||||
cwe-id: CWE-79,CWE-918
|
||||
epss-score: 0.00059
|
||||
epss-percentile: 0.2328
|
||||
cpe: cpe:2.3:a:metersphere:metersphere:*:*:*:*:*:*:*:*
|
||||
|
|
|
@ -18,7 +18,7 @@ info:
|
|||
cve-id: CVE-2022-25125
|
||||
cwe-id: CWE-89
|
||||
epss-score: 0.02036
|
||||
epss-percentile: 0.87676
|
||||
epss-percentile: 0.87677
|
||||
cpe: cpe:2.3:a:mingsoft:mcms:5.2.4:*:*:*:*:*:*:*
|
||||
metadata:
|
||||
verified: true
|
||||
|
@ -50,4 +50,5 @@ http:
|
|||
part: header
|
||||
words:
|
||||
- "application/json"
|
||||
# digest: 4a0a00473045022100eb7991edd1ee893f55bffd3eed1f8133dc90a82de726d559f7517ea60cb40aea022045e72247a9d20055f0da6d39c024ee551b4d0ea39d9cc5d33bbee486ab60ce3b:922c64590222798bb761d5b6d8e72950
|
||||
|
||||
# digest: 4a0a00473045022100eb7991edd1ee893f55bffd3eed1f8133dc90a82de726d559f7517ea60cb40aea022045e72247a9d20055f0da6d39c024ee551b4d0ea39d9cc5d33bbee486ab60ce3b:922c64590222798bb761d5b6d8e72950
|
||||
|
|
|
@ -16,7 +16,7 @@ info:
|
|||
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
||||
cvss-score: 9.8
|
||||
cve-id: CVE-2023-3710
|
||||
cwe-id: CWE-20,CWE-77
|
||||
cwe-id: CWE-77,CWE-20
|
||||
epss-score: 0.70301
|
||||
epss-percentile: 0.97694
|
||||
cpe: cpe:2.3:o:honeywell:pm43_firmware:*:*:*:*:*:*:*:*
|
||||
|
|
|
@ -33,4 +33,5 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 490a00463044022013d72ca531849ffa27bee5457914cf1dfcee951495529d8d98bbbac22670391d022016f8615b830e6e549fe1dcb869367e344989c2d8741e37217bf8917d7514e32b:922c64590222798bb761d5b6d8e72950
|
||||
|
||||
# digest: 490a00463044022013d72ca531849ffa27bee5457914cf1dfcee951495529d8d98bbbac22670391d022016f8615b830e6e549fe1dcb869367e344989c2d8741e37217bf8917d7514e32b:922c64590222798bb761d5b6d8e72950
|
||||
|
|
|
@ -10,20 +10,18 @@ info:
|
|||
- https://www.tenable.com/plugins/nessus/153954
|
||||
metadata:
|
||||
verified: true
|
||||
max-request: 1
|
||||
shodan-query: product:"OpenSSH"
|
||||
tags: javascript,ssh,misconfig,network
|
||||
|
||||
variables:
|
||||
ecdsa_bit: '256' # 256 bytes = 2048 bits
|
||||
rsa_bit: '2048' # 2048 bits
|
||||
|
||||
javascript:
|
||||
- code: |
|
||||
let m = require("nuclei/ssh");
|
||||
let c = m.SSHClient();
|
||||
let response = c.ConnectSSHInfoMode(Host, Port);
|
||||
to_json(response);
|
||||
|
||||
args:
|
||||
Host: "{{Host}}"
|
||||
Port: "22"
|
||||
|
|
Loading…
Reference in New Issue