From d69d4c45ca52c96f7e2c12ba588586d4f6d5d8ed Mon Sep 17 00:00:00 2001
From: sullo <sullo@cirt.net>
Date: Fri, 17 Mar 2023 15:01:01 -0400
Subject: [PATCH] Add description and enhance one where the UI failed to save
 properly. dos2unix on a template

---
 cves/2015/CVE-2015-9312.yaml                  |  6 +-
 .../detection/ibm-d2b-database-server.yaml    | 64 +++++++++----------
 2 files changed, 35 insertions(+), 35 deletions(-)

diff --git a/cves/2015/CVE-2015-9312.yaml b/cves/2015/CVE-2015-9312.yaml
index 6954a1c100..e01780289d 100644
--- a/cves/2015/CVE-2015-9312.yaml
+++ b/cves/2015/CVE-2015-9312.yaml
@@ -1,16 +1,16 @@
 id: CVE-2015-9312
 
 info:
-  name: NewStatPress <= 1.0.4 - Cross-Site Scripting
+  name: NewStatPress <=1.0.4 - Cross-Site Scripting
   author: r3Y3r53
   severity: medium
   description: |
-    The NewStatPress plugin utilizes on lines 28 and 31 of the file ‘includes/nsp_search.php’ several variables from the $_GET scope, without sanitation. While WordPress automatically escapes quotes on this scope, the outputs on these lines are outside of quotes, and as such can be utilized to trigger a Reflected XSS attack.
+    WordPress NewStatPress plugin through 1.0.4 contains a cross-site scripting vulnerability. The plugin utilizes, on lines 28 and 31 of the file âincludes/nsp_search.phpâ, several variables from the $_GET scope without sanitation. While WordPress automatically escapes quotes on this scope, the outputs on these lines are outside of quotes, and as such can be utilized to initiate a cross-site scripting attack.
   reference:
     - https://wpscan.com/vulnerability/46bf6c69-b612-4aee-965d-91f53f642054
-    - https://nvd.nist.gov/vuln/detail/CVE-2015-9312
     - https://g0blin.co.uk/g0blin-00057/
     - https://wordpress.org/plugins/newstatpress/#developers
+    - https://nvd.nist.gov/vuln/detail/CVE-2015-9312
   remediation: Fixed in version 1.0.6
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
diff --git a/network/detection/ibm-d2b-database-server.yaml b/network/detection/ibm-d2b-database-server.yaml
index 0f3df11b2e..aaa1d9638f 100644
--- a/network/detection/ibm-d2b-database-server.yaml
+++ b/network/detection/ibm-d2b-database-server.yaml
@@ -1,32 +1,32 @@
-id: ibm-d2b-database-server
-
-info:
-  name: IBM DB2 Database Server Detection
-  author: pussycat0x
-  severity: info
-  description: |
-    A Db2 server is a relational database management system (RDBMS) that delivers data to its IBM data server clients. If you plan to use a database that resides on this computer, install a Db2 server. For more information about Db2 server.
-  reference:
-    - https://nmap.org/nsedoc/scripts/db2-das-info.html
-  metadata:
-    verified: true
-    shodan-query: product:"IBM DB2 Database Server"
-  tags: network,ibm,database,db,db2
-
-network:
-  - inputs:
-      - data: "01c2000000040000b601000053514c4442325241000100000401010005001d008800000001000080000000010900000001000040000000010900000001000040000000010800000004000040000000010400000001000040000000400400000004000040000000010400000004000040000000010400000004000040000000010400000002000040000000010400000004000040000000010000000001000040000000000400000004000080000000010400000004000080000000010400000003000080000000010400000004000080000000010800000001000040000000010400000004000040000000011000000001000080000000011000000001000080000000010400000004000040000000010900000001000040000000010900000001000080000000010400000003000080000000010000000000000000000000000104000001000080000000010000000000000000000000000000000000000000000000000000000001000040000000010000000001000040000000002020202020202020000000000000000000000000000000000100ff000000000000000000000000000000000000000000e404000000000000000000000000000000000000007f"
-        type: hex
-
-    host:
-      - "{{Hostname}}"
-      - "{{Host}}:50000"
-
-    matchers:
-      - type: word
-        encoding: hex
-        words:
-          - "SQLDB2RA"
-          - "DB2"
-          - "SQLJS1D"
-        condition: or
+id: ibm-d2b-database-server
+
+info:
+  name: IBM DB2 Database Server Detection
+  author: pussycat0x
+  severity: info
+  description: |
+    A Db2 server is a relational database management system (RDBMS) that delivers data to its IBM data server clients. If you plan to use a database that resides on this computer, install a Db2 server. For more information about Db2 server.
+  reference:
+    - https://nmap.org/nsedoc/scripts/db2-das-info.html
+  metadata:
+    verified: true
+    shodan-query: product:"IBM DB2 Database Server"
+  tags: network,ibm,database,db,db2
+
+network:
+  - inputs:
+      - data: "01c2000000040000b601000053514c4442325241000100000401010005001d008800000001000080000000010900000001000040000000010900000001000040000000010800000004000040000000010400000001000040000000400400000004000040000000010400000004000040000000010400000004000040000000010400000002000040000000010400000004000040000000010000000001000040000000000400000004000080000000010400000004000080000000010400000003000080000000010400000004000080000000010800000001000040000000010400000004000040000000011000000001000080000000011000000001000080000000010400000004000040000000010900000001000040000000010900000001000080000000010400000003000080000000010000000000000000000000000104000001000080000000010000000000000000000000000000000000000000000000000000000001000040000000010000000001000040000000002020202020202020000000000000000000000000000000000100ff000000000000000000000000000000000000000000e404000000000000000000000000000000000000007f"
+        type: hex
+
+    host:
+      - "{{Hostname}}"
+      - "{{Host}}:50000"
+
+    matchers:
+      - type: word
+        encoding: hex
+        words:
+          - "SQLDB2RA"
+          - "DB2"
+          - "SQLJS1D"
+        condition: or