Fixing: severity mismatches, trailing spaces, other cleanups

cves/2017/CVE-2017-10075.yaml

@@ -15,7 +15,7 @@ info:
     cvss-score: 8.2
     cve-id: CVE-2017-10075
   metadata:
-    google-dork: inurl:"/cs/idcplg"
+    google-query: inurl:"/cs/idcplg"
     verified: "true"
   tags: cve,cve2017,xss,oracle
 

cves/2020/CVE-2020-23697.yaml

@@ -5,7 +5,7 @@ info:
   author: ritikchaddha
   severity: medium
   description: |
-    Cross Site Scripting vulnerabilty in Monstra CMS 3.0.4 via the 'page' feature in admin/index.php.
+    Cross Site Scripting vulnerability in Monstra CMS 3.0.4 via the 'page' feature in admin/index.php.
   reference:
     - https://github.com/monstra-cms/monstra/issues/463
     - https://nvd.nist.gov/vuln/detail/CVE-2020-23697

cves/2022/CVE-2022-0234.yaml

@@ -16,7 +16,7 @@ info:
     cve-id: CVE-2022-0234
     cwe-id: CWE-79
   metadata:
-    google-dork: inurl:"wp-content/plugins/woocommerce-currency-switcher"
+    google-query: inurl:"wp-content/plugins/woocommerce-currency-switcher"
     verified: "true"
   tags: wpscan,cve,cve2022,wordpress,wp-plugin,wp,xss,woocs
 

cves/2022/CVE-2022-1168.yaml

@@ -16,7 +16,7 @@ info:
     cve-id: CVE-2022-1168
     cwe-id: CWE-79
   metadata:
-    google-dork: inurl:"wp-content/plugins/wp-jobsearch"
+    google-query: inurl:"wp-content/plugins/wp-jobsearch"
     verified: "true"
   tags: wp-jobsearch",wpscan,cve,cve2022,wp-plugin,wp,wordpress,xss
 

cves/2022/CVE-2022-1442.yaml

@@ -17,7 +17,7 @@ info:
     cve-id: CVE-2022-1442
     cwe-id: CWE-862
   metadata:
-    google-dork: inurl:/wp-content/plugins/metform
+    google-query: inurl:/wp-content/plugins/metform
     verified: "true"
   tags: wpscan,cve2022,wordpress,wp-plugin,disclosure,unauth,metform,cve,wp
 

cves/2022/CVE-2022-25356.yaml

@@ -17,7 +17,7 @@ info:
     cve-id: CVE-2022-25356
     cwe-id: CWE-91
   metadata:
-    google-dork: inurl:"/SecurityGateway.dll"
+    google-query: inurl:"/SecurityGateway.dll"
     verified: "true"
   tags: cve,cve2022,altn,gateway,xml,injection
 

cves/2022/CVE-2022-26263.yaml

@@ -16,7 +16,7 @@ info:
     cwe-id: CWE-80
   metadata:
     verified: true
-    google-dork: inurl:/u8sl/WebHelp
+    google-query: inurl:/u8sl/WebHelp
   tags: cve,cve2022,yonyou,xss
 
 headless:

cves/2022/CVE-2022-33965.yaml

@@ -17,7 +17,7 @@ info:
     cve-id: CVE-2022-33965
     cwe-id: CWE-89
   metadata:
-    google-dork: inurl:"/wp-content/plugins/wp-stats-manager"
+    google-query: inurl:"/wp-content/plugins/wp-stats-manager"
     verified: "true"
   tags: cve,cve2022,wordpress,wp-plugin,wp,unauth,sqli,wp-stats-manager
 

cves/2022/CVE-2022-3484.yaml

@@ -16,7 +16,7 @@ info:
     cwe-id: CWE-79
   metadata:
     verified: true
-    google-dork: inurl:wp-content/plugins/wpb-show-core/modules/jplayer_new/jplayer_twitter_ver_1.php
+    google-query: inurl:wp-content/plugins/wpb-show-core/modules/jplayer_new/jplayer_twitter_ver_1.php
   tags: wpscan,cve,cve2022,wp-plugin,wp,wordpress,xss,wpb-show-core
 
 requests:

default-logins/panabit/panabit-default-login.yaml

@@ -3,7 +3,7 @@ id: panabit-default-login
 info:
   name: Panabit Gateway Default Login
   author: pikpikcu,ritikchaddha
-  severity: high
+  severity: medium
   description: Panabit Gateway default credentials were discovered.
   reference:
     - https://max.book118.com/html/2017/0623/117514590.shtm

exposed-panels/aerohive-netconfig-ui.yaml

@@ -10,7 +10,7 @@ info:
   classification:
     cwe-id: CWE-200
   metadata:
-    shodan-dork: http.title:"Aerohive NetConfig UI"
+    shodan-query: http.title:"Aerohive NetConfig UI"
   tags: panel,tech,hiveos,aerohive
 
 requests:

exposed-panels/aws-opensearch-login.yaml

@@ -3,7 +3,7 @@ id: aws-opensearch-login
 info:
   name: AWS OpenSearch Login - Detect
   author: Higor Melgaço (eremit4)
-  severity: medium
+  severity: info
   description: AWS OpenSearch login page was detected.
   reference:
     - https://aws.amazon.com/pt/blogs/opensource/introducing-opensearch/

exposed-panels/claris-filemaker-webdirect.yaml

@@ -13,7 +13,7 @@ info:
     - https://www.exploit-db.com/ghdb/5669
   metadata:
     verified: true
-    shodan-dork: title:"Claris FileMaker WebDirect"
+    shodan-query: title:"Claris FileMaker WebDirect"
   tags: panel,edb
 
 requests:

exposed-panels/code-server-login.yaml

@@ -11,7 +11,7 @@ info:
     cwe-id: CWE-200
   metadata:
     verified: true
-    shodan-dork: http.title:"code-server login"
+    shodan-query: http.title:"code-server login"
   tags: panel,detect,misc
 
 requests:

exposed-panels/couchdb-fauxton.yaml

@@ -3,7 +3,7 @@ id: couchdb-fauxton
 info:
   name: Apache CouchDB Fauxton Panel - Detect
   author: pdteam
-  severity: low
+  severity: info
   description: Apache CouchDB Fauxton panel was detected.
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N

exposed-panels/druid-console-exposure.yaml

@@ -3,7 +3,7 @@ id: druid-console-exposure
 info:
   name: Alibaba Druid Panel - Detect
   author: pdteam
-  severity: medium
+  severity: info
   description: Alibaba Druid panel was detected.
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N

exposed-panels/exposed-webalizer.yaml

@@ -3,7 +3,7 @@ id: exposed-webalizer
 info:
   name: Webalizer Panel - Detect
   author: pdteam
-  severity: low
+  severity: info
   description: Webalizer panel was detected.
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N

exposed-panels/hadoop-exposure.yaml

@@ -3,7 +3,7 @@ id: hadoop-exposure
 info:
   name: Apache Hadoop Panel - Detect
   author: pdteam
-  severity: low
+  severity: info
   description: Apache Hadoop panel was detected.
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N

exposed-panels/hangfire-dashboard.yaml

@@ -3,7 +3,7 @@ id: hangfire-dashboard
 info:
   name: Hangfire Dashboard Panel - Detect
   author: DhiyaneshDk
-  severity: low
+  severity: info
   description: Hangfire Dashboard panel was detected.
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N

exposed-panels/hydra-dashboard.yaml

@@ -3,7 +3,7 @@ id: hydra-dashboard
 info:
   name: Hydra Router Dashboard - Detect
   author: tess
-  severity: low
+  severity: info
   description: Hydra router dashboard was detected.
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N

exposed-panels/hypertest-dashboard.yaml

@@ -3,7 +3,7 @@ id: hypertest-dashboard
 info:
   name: HyperTest Common Dashboard - Detect
   author: DhiyaneshDk
-  severity: high
+  severity: info
   description: HyperTest Common Dashboard was detected.
   reference:
     - https://www.facebook.com/photo?fbid=487809593389565&set=a.467014098802448

exposed-panels/jmx-console.yaml

@@ -3,7 +3,7 @@ id: jmx-console
 info:
   name: JBoss JMX Management Console Login Panel - Detect
   author: yashanand155
-  severity: low
+  severity: info
   description: JBoss JMX Management Console login panel was detected.
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N

exposed-panels/kafka-connect-ui.yaml

@@ -3,7 +3,7 @@ id: kafka-connect-ui
 info:
   name: Apache Kafka Connect UI Login Panel - Detect
   author: pdteam
-  severity: low
+  severity: info
   description: Apache Kafka Connect UI login panel was detected.
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N

exposed-panels/kafka-consumer-monitor.yaml

@@ -3,7 +3,7 @@ id: kafka-consumer-monitor
 info:
   name: Apache Kafka Consumer Offset Monitor Panel - Detect
   author: dhiyaneshDK
-  severity: low
+  severity: info
   description: Apache Kafka Consumer Offset Monitor panel was detected.
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N

exposed-panels/kafka-monitoring.yaml

@@ -3,7 +3,7 @@ id: kafka-monitoring
 info:
   name: Apache Kafka Monitor Login Panel - Detect
   author: pdteam
-  severity: low
+  severity: info
   description: Apache Kafka Monitor login panel was detected.
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N

exposed-panels/kafka-topics-ui.yaml

@@ -3,7 +3,7 @@ id: kafka-topics-ui
 info:
   name: Apache Kafka Topics Panel - Detect
   author: pdteam
-  severity: low
+  severity: info
   description: Apache Kafka Topics panel was detected.
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N

exposed-panels/kfm/kaes-file-manager.yaml

@@ -3,7 +3,7 @@ id: kaes-file-manager
 info:
   name: Kae's File Manager Login Panel - Detect
   author: princechaddha
-  severity: unknown
+  severity: info
   description: Kae's File Manager login panel was detected.
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N

exposed-panels/kubernetes-dashboard.yaml

@@ -3,7 +3,7 @@ id: kubernetes-dashboard
 info:
   name: Kubernetes Dashboard Panel - Detect
   author: pdteam
-  severity: low
+  severity: info
   description: Kubernetes Dashboard panel was detected.
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N

exposed-panels/linkerd-panel.yaml

@@ -3,7 +3,7 @@ id: linkerd-panel
 info:
   name: Linkerd Panel - Detect
   author: tess
-  severity: high
+  severity: info
   description: |
     Linkerd panel was detected.
   classification:

exposed-panels/mcloud-panel.yaml

@@ -3,7 +3,7 @@ id: mcloud-panel
 info:
   name: mCloud Login Panel - Detect
   author: ritikchaddha
-  severity: high
+  severity: info
   description: mCloud login panel was detected.
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N

exposed-panels/microfocus-admin-server.yaml

@@ -3,7 +3,7 @@ id: microfocus-admin-server
 info:
   name: Micro Focus Enterprise Server Admin Panel - Detect
   author: theabhinavgaur
-  severity: medium
+  severity: info
   description: Micro Focus Enterprise Server Admin panel was detected.
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N

exposed-panels/monitorix-exposure.yaml

@@ -3,7 +3,7 @@ id: monitorix-exposure
 info:
   name: Monitorix Panel - Detect
   author: geeknik
-  severity: low
+  severity: info
   description: Monitorix panel was detected.
   reference:
     - https://www.monitorix.org/

exposed-panels/netdata-panel.yaml

@@ -3,7 +3,7 @@ id: netdata-panel
 info:
   name: Netdata Panel - Detect
   author: TechbrunchFR
-  severity: low
+  severity: info
   description: |
     Netdata panel was detected.
   reference:

exposed-panels/nginx-ui-dashboard.yaml

@@ -3,7 +3,7 @@ id: nginx-ui-dashboard
 info:
   name: Nginx UI Panel - Detect
   author: gy741
-  severity: low
+  severity: info
   description: Nginx UI panel was detected.
   reference:
     - https://github.com/schenkd/nginx-ui

exposed-panels/novnc-login-panel.yaml

@@ -11,7 +11,7 @@ info:
     cwe-id: CWE-200
   metadata:
     verified: true
-    shodan-dork: http.title:"noVNC"
+    shodan-query: http.title:"noVNC"
   tags: panel,novnc
 
 requests:

exposed-panels/np-data-cache.yaml

@@ -3,7 +3,7 @@ id: np-data-cache
 info:
   name: NP Data Cache Panel - Detect
   author: tess
-  severity: unknown
+  severity: info
   description: NP Data Cache panel was detected.
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N

exposed-panels/openvpn-monitor.yaml

@@ -1,15 +1,15 @@
 id: openvpn-monitor
 
 info:
-  name: OpenVPN Monitor Disclosure
+  name: OpenVPN Monitor - Detect
   author: geeknik
-  severity: high
+  severity: info
   description: openvpn-monitor was discovered. OpenVPN Monitor is a simple python program to generate html that displays the status of an OpenVPN server, including all its current connections.
   reference:
     - https://openvpn-monitor.openbytes.ie/
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
-    cvss-score: 5.3
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
     cwe-id: CWE-200
   tags: openvpn,disclosure,panel
 

exposed-panels/openvpn-router-management.yaml

@@ -3,7 +3,7 @@ id: openvpn-router-management
 info:
   name: OpenVPN Server Router Management Panel - Detect
   author: ritikchaddha
-  severity: low
+  severity: info
   description: OpenVPN Server Router Management Panel was detected.
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N

exposed-panels/polycom-admin-detect.yaml

@@ -3,7 +3,7 @@ id: polycom-admin-detect
 info:
   name: Polycom Admin Panel - Detect
   author: e_schultze_
-  severity: low
+  severity: info
   description: Polycom admin panel was detected.
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N

exposed-panels/powerlogic-ion.yaml

@@ -3,7 +3,7 @@ id: powerlogic-ion
 info:
   name: PowerLogic ION Panel - Detect
   author: dhiyaneshDK
-  severity: low
+  severity: info
   description: PowerLogic ION panel was detected.
   reference:
     - https://www.exploit-db.com/ghdb/6810

exposed-panels/prometheus-pushgateway-exposed-panel.yaml

@@ -3,7 +3,7 @@ id: prometheus-pushgateway-exposed-panel
 info:
   name: Prometheus Pushgateway Panel - Detect
   author: codexlynx
-  severity: low
+  severity: info
   description: Prometheus Pushgateway panel was detected.
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N

exposed-panels/redis-commander-exposure.yaml

@@ -3,7 +3,7 @@ id: redis-commander-exposure
 info:
   name: Redis Commander Panel - Detect
   author: dahse89
-  severity: low
+  severity: info
   description: Redis Commander panel was detected.
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N

exposed-panels/sap-successfactors-detect.yaml

@@ -6,7 +6,7 @@ info:
   severity: info
   metadata:
     verified: "true"
-    shodan-dork: title:"Login - SAP SuccessFactors"
+    shodan-query: title:"Login - SAP SuccessFactors"
   tags: sap,detect
 
 requests:

exposed-panels/securityspy-detect.yaml

@@ -3,7 +3,7 @@ id: securityspy-detect
 info:
   name: SecuritySpy Camera Panel - Detect
   author: pussycat0x
-  severity: medium
+  severity: info
   description: SecuritySpy Camera panel was detected.
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N

exposed-panels/selenium-grid.yaml

@@ -3,7 +3,7 @@ id: selenium-grid
 info:
   name: Selenium Grid Panel - Detect
   author: pussycat0x
-  severity: unknown
+  severity: info
   description: Selenium Grid panel was detected.
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N

exposed-panels/selenoid-ui-exposure.yaml

@@ -3,7 +3,7 @@ id: selenoid-ui-exposure
 info:
   name: Selenoid UI Login Panel - Detect
   author: pdteam
-  severity: medium
+  severity: info
   description: Selenoid UI login panel was detected.
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N

exposed-panels/smartping-dashboard.yaml

@@ -3,7 +3,7 @@ id: smartping-dashboard
 info:
   name: SmartPing Dashboard Panel - Detect
   author: DhiyaneshDk
-  severity: low
+  severity: info
   description: SmartPing Dashboard panel was detected.
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N

exposed-panels/syncthru-web-service.yaml

@@ -3,7 +3,7 @@ id: syncthru-web-service
 info:
   name: SyncThru Web Service Panel - Detect
   author: DhiyaneshDk
-  severity: low
+  severity: info
   description: SyncThru Web Service panel was detected.
   reference:
     - https://www.exploit-db.com/ghdb/7843

exposed-panels/tekton-dashboard.yaml

@@ -3,7 +3,7 @@ id: tekton-dashboard
 info:
   name: Tekton Dashboard Panel - Detect
   author: DhiyaneshDk
-  severity: low
+  severity: info
   description: Tekton Dashboard panel was detected.
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N

exposed-panels/unauth-xproxy-dashboard.yaml

@@ -3,11 +3,11 @@ id: unauth-xproxy-dashboard
 info:
   name: X-Proxy Dashboard Panel - Detect
   author: pussycat0x
-  severity: high
+  severity: info
   description: X-Proxy Dashboard panel was detected.
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
-    cvss-score: 5.3
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
     cwe-id: CWE-200
   metadata:
     fofa-query: "X-Proxy Dashboard"

exposed-panels/unauthenticated-frp.yaml

@@ -1,7 +1,7 @@
 id: unauthenticated-frp
 
 info:
-  name: FRPS Dashboard - Detect 
+  name: FRPS Dashboard - Detect
   author: pikpikcu
   severity: info
   description: FRPS Dashboard panel was detected.

exposed-panels/vmware-cloud-director.yaml

@@ -6,7 +6,7 @@ info:
   severity: info
   metadata:
     verified: true
-    shodan-dork: title:"Welcome to VMware Cloud Director"
+    shodan-query: title:"Welcome to VMware Cloud Director"
   tags: panel,vmware
 
 requests:

exposed-panels/wagtail-cms-detect.yaml

@@ -5,9 +5,9 @@ info:
   author: kishore-hariram
   severity: info
   classification:
-       cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
-       cvss-score: 0.0
-       cwe-id: CWE-200
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
+    cwe-id: CWE-200
   metadata:
     verified: true
     shodan-query: title:"Wagtail - Sign in"

exposed-panels/xds-amr-status.yaml

@@ -5,7 +5,7 @@ info:
   author: pussycat0x
   severity: info
   metadata:
-    shodan-dork: 'http.title:"XDS-AMR - status"'
+    shodan-query: 'http.title:"XDS-AMR - status"'
   tags: panel,tech,xamr,xds
 
 requests:

exposures/backups/froxlor-database-backup.yaml

@@ -6,7 +6,7 @@ info:
   severity: medium
   metadata:
     verified: true
-    shodan-dork: title:"Froxlor Server Management Panel"
+    shodan-query: title:"Froxlor Server Management Panel"
   tags: froxlor,backup,exposure,disclosure
 
 requests:

file/logs/suspicious-sql-error-messages.yaml

@@ -3,7 +3,7 @@ id: suspicious-sql-error-messages
 info:
   name: SQL - Error Messages
   author: geeknik
-  severity: high
+  severity: critical
   description: SQL error messages that indicate probing for an injection attack were detected.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

fuzzing/wordpress-weak-credentials.yaml

@@ -9,9 +9,9 @@ info:
   reference:
     - https://www.wpwhitesecurity.com/strong-wordpress-passwords-wpscan/
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
-    cvss-score: 5.8
-    cwe-id: CWE-522
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
+    cvss-score: 9.3
+    cwe-id: CWE-1391
   tags: wordpress,default-login,fuzz
 
 requests:

iot/snapdrop-detect.yaml

@@ -6,7 +6,7 @@ info:
   severity: info
   metadata:
     verified: "true"
-    shodan-dork: http.title:"Snapdrop"
+    shodan-query: http.title:"Snapdrop"
   tags: iot,snapdrop
 
 requests:

misconfiguration/openbmcs/openbmcs-ssrf.yaml

@@ -3,7 +3,7 @@ id: openbmcs-ssrf
 info:
   name: OpenBMCS 2.4 - Server-Side Request Forgery /  Remote File Inclusion
   author: dhiyaneshDK
-  severity: medium 
+  severity: medium
   description: OpenBMCS 2.4 is susceptible to unauthenticated server-side request forgery and remote file inclusion vulnerabilities within its functionalities. The application parses user supplied data in the POST parameter 'ip' to query a server IP on port 81 by default. Since no validation is carried out on the parameter, an attacker can specify an external domain and force the application to make an HTTP request to an arbitrary destination host.
   reference:
     - https://www.exploit-db.com/exploits/50670

misconfiguration/unauth-ldap-account-manager.yaml

@@ -6,7 +6,7 @@ info:
   severity: medium
   metadata:
     verified: "true"
-    shodan-dork: http.title:"LDAP Account Manager"
+    shodan-query: http.title:"LDAP Account Manager"
   tags: ldap,misconfig,unauth
 
 requests:

network/cisco-smi-exposure.yaml

@@ -3,7 +3,7 @@ id: cisco-smi-exposure
 info:
   name: Cisco Smart Install Endpoints Exposure
   author: dwisiswant0
-  severity: info
+  severity: medium
   description: Cisco Smart Install endpoints were discovered. Exposure of SMI to untrusted networks could allow complete compromise of the switch.
   reference:
     - https://blog.talosintelligence.com/2017/02/cisco-coverage-for-smart-install-client.html

network/tidb-native-password.yaml

@@ -3,7 +3,7 @@ id: tidb-native-password
 info:
   name: TiDB - Password Vulnerability
   author: lu4nx
-  severity: info
+  severity: medium
   description: TiDB queries with enabled native password support are susceptible to password brute-force attacks.
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

technologies/dash-panel-detect.yaml

@@ -6,7 +6,7 @@ info:
   severity: info
   metadata:
     verified: "true"
-    shodan-dork: html:"DashRenderer"
+    shodan-query: html:"DashRenderer"
   tags: tech,dash
 
 requests:

technologies/default-parallels-plesk.yaml

@@ -6,7 +6,7 @@ info:
   severity: info
   metadata:
     verified: true
-    shodan-dork: title:"Default Parallels Plesk Panel Page"
+    shodan-query: title:"Default Parallels Plesk Panel Page"
   tags: tech,default-page,parallels,plesk
 
 requests:

technologies/gitbook-detect.yaml

@@ -8,7 +8,7 @@ info:
   reference: https://www.gitbook.com/
   metadata:
     verified: true
-    shodan-dork: http.title:"gitbook"
+    shodan-query: http.title:"gitbook"
     fofa: app="Introduction-GitBook"
   tags: tech,gitbook
 

technologies/joomla-detect.yaml

@@ -12,7 +12,7 @@ info:
     - https://hackertarget.com/attacking-enumerating-joomla/
   metadata:
     verified: true
-    google-dork: Joomla! Administration Login inurl:"/index.php" || intitle:"Joomla Web Installer"
+    google-query: Joomla! Administration Login inurl:"/index.php" || intitle:"Joomla Web Installer"
   tags: tech,joomla,cms,oss
 
 requests:

technologies/open-virtualization-manager-detect.yaml

@@ -10,8 +10,8 @@ info:
     - https://www.ovirt.org/
     - https://www.ovirt.org/dropped/admin-guide/virt/console-client-resources.html
   classification:
-    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
-    cvss-score: 5.3
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
+    cvss-score: 0.0
     cwe-id: CWE-200
   metadata:
     shodan-query: title:"Ovirt-Engine"

technologies/puppet-node-manager-detect.yaml

@@ -5,7 +5,7 @@ info:
   author: pussycat0x
   severity: info
   metadata:
-    fofa-dork: 'app="puppet-Node-Manager"'
+    fofa-query: 'app="puppet-Node-Manager"'
   tags: node,tech
 
 requests:
@@ -21,4 +21,4 @@ requests:
 
       - type: status
         status:
-          - 200
+          - 200

technologies/vbulletin-detect.yaml

@@ -10,7 +10,7 @@ info:
   metadata:
     verified: true
     shodan-query: title:"Powered By vBulletin"
-    google-dork: intext:"Powered By vBulletin"
+    google-query: intext:"Powered By vBulletin"
   tags: tech,vbulletin
 
 requests:

vulnerabilities/froxlor-xss.yaml

@@ -8,7 +8,7 @@ info:
     The user must click the forgot password link in order to execute this XSS.
   metadata:
     verified: true
-    shodan-dork: title:"Froxlor Server Management Panel"
+    shodan-query: title:"Froxlor Server Management Panel"
   tags: froxlor,xss
 
 requests:

vulnerabilities/other/aerocms-sqli.yaml

@@ -3,7 +3,7 @@ id: aerocms-sqli
 info:
   name: AeroCMS 0.0.1 - SQL Injection
   author: shivampand3y
-  severity: high
+  severity: critical
   description: |
     AeroCMS 0.0.1 contains a SQL injection vulnerability via the author parameter. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.
   reference:

vulnerabilities/wordpress/wp-grimag-open-redirect.yaml

@@ -3,7 +3,7 @@ id: wp-grimag-open-redirect
 info:
   name: WordPress Grimag <1.1.1 - Open Redirection
   author: 0x_Akoko
-  severity: medium 
+  severity: medium
   description: WordPress Grimag theme before 1.1.1 contains an open redirect vulnerability. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.
   remediation: Fixed in 1.1.1.
   reference:

vulnerabilities/wordpress/wp-multiple-theme-ssrf.yaml

@@ -3,7 +3,7 @@ id: wp-multiple-theme-ssrf
 info:
   name: WordPress Themes - Code Injection
   author: madrobot
-  severity: high
+  severity: critical
   description: Fifteen WordPress themes are susceptible to code injection using a version of epsilon-framework, due to lack of capability and CSRF nonce checks in AJAX actions.
   reference:
     - https://www.exploit-db.com/exploits/49327