diff --git a/cves/2015/CVE-2015-8813.yaml b/cves/2015/CVE-2015-8813.yaml index b8ac27b189..35e2bc110b 100644 --- a/cves/2015/CVE-2015-8813.yaml +++ b/cves/2015/CVE-2015-8813.yaml @@ -5,7 +5,7 @@ info: author: emadshanab severity: high description: A Server Side Request Forgery (SSRF) vulnerability in Umbraco in Feedproxy.aspx allows attackers to send arbitrary HTTP GET requests.Once you change the URL to the http://local/Umbraco/feedproxy.aspx?url=http://127.0.0.1:80/index, you able to access the localhost application of the server - refrense: | + reference: - https://blog.securelayer7.net/umbraco-the-open-source-asp-net-cms-multiple-vulnerabilities/ - https://nvd.nist.gov/vuln/detail/CVE-2015-8813 tags: cve,cve2015,ssrf,oob diff --git a/cves/2016/CVE-2016-0957.yaml b/cves/2016/CVE-2016-0957.yaml index 8dc7b5b7e6..676d804499 100644 --- a/cves/2016/CVE-2016-0957.yaml +++ b/cves/2016/CVE-2016-0957.yaml @@ -12,8 +12,8 @@ requests: - method: GET path: - "{{BaseURL}}/system/console?.css" - header: - - Authorization: "Basic YWRtaW46YWRtaW4K" + headers: + Authorization: "Basic YWRtaW46YWRtaW4K" matchers-condition: and matchers: diff --git a/cves/2017/CVE-2017-16806.yaml b/cves/2017/CVE-2017-16806.yaml index b49f7913cd..ef7744125e 100644 --- a/cves/2017/CVE-2017-16806.yaml +++ b/cves/2017/CVE-2017-16806.yaml @@ -22,5 +22,5 @@ requests: regex: - "root:.*:0:0:" - "\\[(font|extension|file)s\\]" - conditon: or + condition: or part: body diff --git a/cves/2018/CVE-2018-2894.yaml b/cves/2018/CVE-2018-2894.yaml index 793bb0e89a..7b96e235fa 100644 --- a/cves/2018/CVE-2018-2894.yaml +++ b/cves/2018/CVE-2018-2894.yaml @@ -19,4 +19,4 @@ requests: words: - "* Copyright (c) 2005,2013, Oracle" - "settings" - conditon: and \ No newline at end of file + condition: and \ No newline at end of file diff --git a/cves/2019/CVE-2019-17558.yaml b/cves/2019/CVE-2019-17558.yaml index 9a90fab202..2a5e43edd8 100644 --- a/cves/2019/CVE-2019-17558.yaml +++ b/cves/2019/CVE-2019-17558.yaml @@ -3,7 +3,7 @@ info: name: Apache Solr 8.3.0 - Remote Code Execution via Velocity Template author: pikpikcu,madrobot severity: critical - refrense: https://nvd.nist.gov/vuln/detail/CVE-2019-17558 + reference: https://nvd.nist.gov/vuln/detail/CVE-2019-17558 tags: cve,cve2019,apache,rce,solr requests: diff --git a/cves/2019/CVE-2019-18394.yaml b/cves/2019/CVE-2019-18394.yaml index 853e3f08d8..389cc72ec4 100644 --- a/cves/2019/CVE-2019-18394.yaml +++ b/cves/2019/CVE-2019-18394.yaml @@ -5,7 +5,7 @@ info: author: pdteam severity: critical description: A Server Side Request Forgery (SSRF) vulnerability in FaviconServlet.java in Ignite Realtime Openfire through 4.4.2 allows attackers to send arbitrary HTTP GET requests. - refrense: | + reference: - https://swarm.ptsecurity.com/openfire-admin-console/ - https://github.com/igniterealtime/Openfire/pull/1497 tags: cve,cve2019,ssrf,openfire,oob diff --git a/cves/2019/CVE-2019-19985.yaml b/cves/2019/CVE-2019-19985.yaml index 0d20df8d6a..6d1138f5ce 100644 --- a/cves/2019/CVE-2019-19985.yaml +++ b/cves/2019/CVE-2019-19985.yaml @@ -5,7 +5,7 @@ info: author: KBA@SOGETI_ESEC,madrobot,dwisiswant0 severity: medium description: The WordPress plugin, Email Subscribers & Newsletters, before 4.2.3 had a flaw that allowed unauthenticated file download with user information disclosure. - refrense: https://www.exploit-db.com/exploits/48698 + reference: https://www.exploit-db.com/exploits/48698 tags: cve,cve2019,wordpress,wp-plugin requests: diff --git a/cves/2019/CVE-2019-20141.yaml b/cves/2019/CVE-2019-20141.yaml index 99e6a3915c..e94d8eb197 100644 --- a/cves/2019/CVE-2019-20141.yaml +++ b/cves/2019/CVE-2019-20141.yaml @@ -5,7 +5,7 @@ info: author: knassar702 severity: medium description: An XSS issue was discovered in the Laborator Neon theme 2.0 for WordPress via the data/autosuggest-remote.php q parameter. - refrense: https://knassar7o2.blogspot.com/2019/12/neon-dashboard-cve-2019-20141.html + reference: https://knassar7o2.blogspot.com/2019/12/neon-dashboard-cve-2019-20141.html tags: cve,cve2019,xss requests: diff --git a/exposed-panels/zte-panel.yaml b/exposed-panels/zte-panel.yaml index d37d9038d4..2ee12cdf1f 100644 --- a/exposed-panels/zte-panel.yaml +++ b/exposed-panels/zte-panel.yaml @@ -16,7 +16,7 @@ requests: - "ZTE Corporation. All rights reserved. " - '
' part: body - condtion: and + condition: and - type: word words: diff --git a/exposures/configs/exposed-gitignore.yaml b/exposures/configs/exposed-gitignore.yaml index aaef2e6431..b1b2a4644a 100644 --- a/exposures/configs/exposed-gitignore.yaml +++ b/exposures/configs/exposed-gitignore.yaml @@ -36,4 +36,4 @@ requests: - "image/" part: all negative: true - condtion: or \ No newline at end of file + condition: or \ No newline at end of file diff --git a/vulnerabilities/other/etouch-v2-sqli.yaml b/vulnerabilities/other/etouch-v2-sqli.yaml index f3dd0fe611..963398de58 100644 --- a/vulnerabilities/other/etouch-v2-sqli.yaml +++ b/vulnerabilities/other/etouch-v2-sqli.yaml @@ -4,7 +4,7 @@ info: author: princechaddha severity: high tags: etouch,sqli - refrence: | + reference: - https://github.com/mstxq17/CodeCheck/ - https://www.anquanke.com/post/id/168991 diff --git a/vulnerabilities/other/jfrog-unauth-build-exposed.yaml b/vulnerabilities/other/jfrog-unauth-build-exposed.yaml index c106f95dbd..fd92d1f28d 100644 --- a/vulnerabilities/other/jfrog-unauth-build-exposed.yaml +++ b/vulnerabilities/other/jfrog-unauth-build-exposed.yaml @@ -4,7 +4,7 @@ info: name: JFrog Unauthentication Builds author: dhiyaneshDK severity: medium - referemce: https://github.com/jaeles-project/jaeles-signatures/blob/master/common/jfrog-unauth-build-exposed.yaml + reference: https://github.com/jaeles-project/jaeles-signatures/blob/master/common/jfrog-unauth-build-exposed.yaml tags: jfrog requests: diff --git a/vulnerabilities/other/zms-auth-bypass.yaml b/vulnerabilities/other/zms-auth-bypass.yaml index 689b25ebb5..68e0db9695 100644 --- a/vulnerabilities/other/zms-auth-bypass.yaml +++ b/vulnerabilities/other/zms-auth-bypass.yaml @@ -4,7 +4,7 @@ info: name: Zoo Management System 1.0 - Authentication Bypass author: dwisiswant0 severity: high - refernce: https://www.exploit-db.com/exploits/48880 + reference: https://www.exploit-db.com/exploits/48880 requests: - raw: