Dashboard Text Enhancement (#3798)

Dashboard text enhancements

cves/2010/CVE-2010-1657.yaml

@@ -5,10 +5,9 @@ info:
   author: daffainfo
   severity: high
   description: A directory traversal vulnerability in the SmartSite (com_smartsite) component 1.0.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
-  remediation: Upgrade to a supported version.
   reference:
+    - https://nvd.nist.gov/vuln/detail/CVE-2010-1657
     - https://www.exploit-db.com/exploits/12428
-    - https://www.cvedetails.com/cve/CVE-2010-1657
   tags: cve,cve2010,joomla,lfi
   classification:
     cve-id: CVE-2010-1657
@@ -26,4 +25,4 @@ requests:
         status:
           - 200
 
-# Enhanced by mp on 2022/02/15
+# Enhanced by mp on 2022/02/27

cves/2010/CVE-2010-1658.yaml

@@ -1,16 +1,17 @@
 id: CVE-2010-1658
+
 info:
   name: Joomla! Component NoticeBoard 1.3 - Local File Inclusion
   author: daffainfo
   severity: high
   description: A directory traversal vulnerability in the Code-Garage NoticeBoard (com_noticeboard) component 1.3 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
-  remediation: Upgrade to a supported version.
   reference:
     - https://www.exploit-db.com/exploits/12427
     - https://www.cvedetails.com/cve/CVE-2010-1658
   tags: cve,cve2010,joomla,lfi
   classification:
     cve-id: CVE-2010-1658
+
 requests:
   - method: GET
     path:
@@ -23,4 +24,5 @@ requests:
       - type: status
         status:
           - 200
-# Enhanced by mp on 2022/02/15
+
+# Enhanced by mp on 2022/02/27

cves/2014/CVE-2014-9094.yaml

@@ -31,5 +31,3 @@ requests:
           - 200
 
 # Enhanced by mp on 2022/02/25
-
-# Enhanced by mp on 2022/02/25

cves/2021/CVE-2021-41653.yaml

@@ -2,12 +2,14 @@ id: CVE-2021-41653
 
 info:
   name: TP-Link - OS Command Injection
-  description: The PING function on the TP-Link TL-WR840N EU v5 router with firmware through TL-WR840N(EU)_V5_171211 is vulnerable to remote code execution via a crafted payload in an IP address input field.
+  description: The PING function on the TP-Link TL-WR840N EU v5 router with firmware through TL-WR840N(EU)_V5_171211 is vulnerable to remote code execution via a specially crafted payload in an IP address input field.
   author: gy741
   severity: critical
+  remediation: Upgrade the firmware to at least version "TL-WR840N(EU)_V5_211109".
   reference:
     - https://k4m1ll0.com/cve-2021-41653.html
     - https://nvd.nist.gov/vuln/detail/CVE-2021-41653
+    - https://www.tp-link.com/us/press/security-advisory/
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.80
@@ -46,3 +48,5 @@ requests:
         part: interactsh_protocol  # Confirms the HTTP Interaction
         words:
           - "http"
+
+# Enhanced by mp on 2022/02/27

cves/2021/CVE-2021-41773.yaml

@@ -4,10 +4,12 @@ info:
   name: Apache 2.4.49 - Path Traversal and Remote Code Execution
   author: daffainfo
   severity: high
-  description: A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the expected document root. If files outside of the document root are not protected by "require all denied" these requests can succeed. Additionally this flaw could leak the source of interpreted files like CGI scripts. This issue is known to be exploited in the wild. This issue only affects Apache 2.4.49 and not earlier versions.
+  description: A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the expected document root. If files outside of the document root are not protected by "require all denied" these requests can succeed. Additionally, this flaw could leak the source of interpreted files like CGI scripts. This issue is known to be exploited in the wild. This issue only affects Apache 2.4.49 and not earlier versions.
+  remediation: Update to Apache HTTP Server 2.4.50 or later.
   reference:
     - https://github.com/apache/httpd/commit/e150697086e70c552b2588f369f2d17815cb1782
     - https://nvd.nist.gov/vuln/detail/CVE-2021-41773
+    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41773
     - https://twitter.com/ptswarm/status/1445376079548624899
     - https://twitter.com/h4x0r_dz/status/1445401960371429381
     - https://github.com/blasty/CVE-2021-41773
@@ -45,3 +47,5 @@ requests:
         name: RCE
         words:
           - "CVE-2021-41773-POC"
+
+# Enhanced by mp on 2022/02/27

cves/2021/CVE-2021-41826.yaml

@@ -4,7 +4,7 @@ info:
   name: PlaceOS 1.2109.1 - Open Redirection
   author: geeknik
   severity: medium
-  description: PlaceOS Authentication Service before 1.29.10.0 allows app/controllers/auth/sessions_controller.rb open redirect
+  description: PlaceOS Authentication Service before 1.29.10.0 allows app/controllers/auth/sessions_controller.rb open redirect.
   reference:
     - https://github.com/PlaceOS/auth/issues/36
     - https://www.exploit-db.com/exploits/50359
@@ -34,3 +34,5 @@ requests:
         part: header
         regex:
           - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)(?:[a-zA-Z0-9\-_\.@]*)example\.com.*$'
+
+# Enhanced by mp on 2022/02/27

cves/2021/CVE-2021-41878.yaml

@@ -1,11 +1,12 @@
 id: CVE-2021-41878
 
 info:
-  name: i-Panel Administration System - Reflected XSS
+  name: i-Panel Administration System - Reflected Cross-Site Scripting
   author: madrobot
   severity: medium
-  description: A reflected cross-site scripting (XSS) vulnerability exists in the i-Panel Administration System Version 2.0 that enables a remote attacker to execute arbitrary JavaScript code in the browser-based web console.
+  description: A reflected cross-site scripting vulnerability exists in the i-Panel Administration System Version 2.0 that enables a remote attacker to execute arbitrary JavaScript code in the browser-based web console.
   reference:
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-41878
     - https://cybergroot.com/cve_submission/2021-1/XSS_i-Panel_2.0.html
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41878
   classification:
@@ -35,3 +36,5 @@ requests:
         words:
           - "text/html"
         part: header
+
+# Enhanced by mp on 2022/02/27

cves/2021/CVE-2021-41951.yaml

@@ -1,9 +1,9 @@
 id: CVE-2021-41951
 
 info:
-  name: Resourcespace - Reflected XSS
+  name: Resourcespace - Reflected Cross-Site Scripting
   author: coldfish
-  description: ResourceSpace before 9.6 rev 18290 is affected by a reflected Cross-Site Scripting vulnerability in plugins/wordpress_sso/pages/index.php via the wordpress_user parameter.
+  description: ResourceSpace before 9.6 rev 18290 is affected by a reflected cross-site scripting vulnerability in plugins/wordpress_sso/pages/index.php via the wordpress_user parameter.
   severity: medium
   tags: cve,cve2021,xss,resourcespace
   reference:
@@ -34,3 +34,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/02/27

cves/2021/CVE-2021-42013.yaml

@@ -4,8 +4,10 @@ info:
   name: Apache 2.4.49/2.4.50 - Path Traversal and Remote Code Execution
   author: nvn1729,0xd0ff9
   severity: critical
-  description: A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49 and 2.4.50. An attacker could use a path traversal attack to map URLs to files outside the expected document root. If files outside of the document root are not protected by "require all denied" these requests can succeed. Additionally this flaw could leak the source of interpreted files like CGI scripts. In certain configurations, for instance if mod_cgi is enabled, this flaw can lead to remote code execution. This issue only affects Apache 2.4.49 and 2.4.50 and not earlier versions. Note - CVE-2021-42013 is due to an incomplete fix for the original vulnerability CVE-2021-41773.
+  description: A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49 and 2.4.50. An attacker could use a path traversal attack to map URLs to files outside the expected document root. If files outside of the document root are not protected by "require all denied" these requests can succeed. Additionally, this flaw could leak the source of interpreted files like CGI scripts. In certain configurations, for instance if mod_cgi is enabled, this flaw can lead to remote code execution. This issue only affects Apache 2.4.49 and 2.4.50 and not earlier versions. Note - CVE-2021-42013 is due to an incomplete fix for the original vulnerability CVE-2021-41773.
+  remediation: Upgrade to Apache HTTP Server 2.4.51 or later.
   reference:
+    - https://httpd.apache.org/security/vulnerabilities_24.html
     - https://github.com/apache/httpd/commit/5c385f2b6c8352e2ca0665e66af022d6e936db6d
     - https://nvd.nist.gov/vuln/detail/CVE-2021-42013
     - https://twitter.com/itsecurityco/status/1446136957117943815
@@ -44,3 +46,5 @@ requests:
         name: RCE
         words:
           - "CVE-2021-42013"
+
+# Enhanced by mp on 2022/02/27

cves/2021/CVE-2021-42237.yaml

@@ -119,3 +119,5 @@ requests:
           - "System.ArgumentNullException"
 
 # Enhanced by mp on 2022/02/08
+
+# Enhanced by mp on 2022/02/27

cves/2021/CVE-2021-42258.yaml

@@ -1,17 +1,11 @@
 id: CVE-2021-42258
 
 info:
-  name: BillQuick Web Suite SQLi
+  name: BillQuick Web Suite SQL Injection
   author: dwisiswant0
   severity: critical
   tags: cve,cve2021,sqli,billquick
-  description: |
+  description: BQE BillQuick Web Suite 2018 through 2021 before 22.0.9.1 allows SQL injection for unauthenticated remote code execution. Successful exploitation can include the ability to execute arbitrary code as MSSQLSERVER$ via xp_cmdshell.
-    BQE BillQuick Web Suite 2018 through 2021 before 22.0.9.1
-    allows SQL injection for unauthenticated remote code execution,
-    as exploited in the wild in October 2021 for ransomware installation.
-    SQL injection can, for example, use the txtID (aka username) parameter.
-    Successful exploitation can include the ability to execute
-    arbitrary code as MSSQLSERVER$ via xp_cmdshell.
   reference:
     - https://www.huntress.com/blog/threat-advisory-hackers-are-exploiting-a-vulnerability-in-popular-billing-software-to-deploy-ransomware
     - https://nvd.nist.gov/vuln/detail/CVE-2021-42258
@@ -34,7 +28,7 @@ requests:
         Origin: {{RootURL}}
         Content-Type: application/x-www-form-urlencoded
 
-        __EVENTTARGET=cmdOK&__EVENTARGUMENT=&__VIEWSTATE={{url_encode("§VS§")}}&__VIEWSTATEGENERATOR={{url_encode("§VSG§")}}&__EVENTVALIDATION={{url_encode("§EV§")}}&txtID=uname%27&txtPW=passwd&hdnClientDPI=96
+        __EVENTTARGET=cmdOK&__EVENTARGUMENT=&__VIEWSTATE={{url_encode("§VS§")}}&__VIEWSTATEGENERATOR={{url_encode("§VSG§")}}&__EVENTVALIDATION={{url_encode("§EV§")}}&txtID=uname%27&txtPW=passwd&hdnClientDPI=96
 
     cookie-reuse: true
     extractors:
@@ -67,3 +61,5 @@ requests:
           - "System.Data.SqlClient.SqlException"
           - "Incorrect syntax near"
           - "_ACCOUNTLOCKED"
+
+# Enhanced by mp on 2022/02/27

cves/2021/CVE-2021-42551.yaml

@@ -1,13 +1,13 @@
 id: CVE-2021-42551
 
 info:
-  name: NetBiblio WebOPAC - Reflected XSS
+  name: NetBiblio WebOPAC - Reflected Cross-Site Scripting
   author: compr00t
   severity: medium
-  description: NetBiblio WebOPAC before 4.0.0.320 is affected by a reflected Cross-Site Scripting vulnerability in its Wikipedia modul through /NetBiblio/search/shortview via the searchTerm parameter.
+  description: NetBiblio WebOPAC before 4.0.0.320 is affected by a reflected cross-site scripting vulnerability in its Wikipedia modul through /NetBiblio/search/shortview via the searchTerm parameter.
   reference:
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-42551
     - https://www.redguard.ch/advisories/netbiblio_webopac.txt
-    - https://www.cve.org/CVERecord?id=CVE-2021-42551
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.10
@@ -45,3 +45,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/02/27

cves/2021/CVE-2021-42565.yaml

@@ -2,11 +2,11 @@ id: CVE-2021-42565
 
 info:
   author: madrobot
-  name: myfactory FMS  -  Reflected XSS
+  name: myfactory FMS  -  Reflected Cross-Site Scripting
   severity: medium
-  description: myfactory.FMS before 7.1-912 allows XSS via the UID parameter.
+  description: myfactory.FMS before 7.1-912 allows cross-site scripting via the UID parameter.
   reference:
-    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-42566
+    - https://nvd.nist.gov/vuln/detail/CVE-2021-42565
     - https://www.redteam-pentesting.de/en/advisories/rt-sa-2021-001/-cross-site-scripting-in-myfactory-fms
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
@@ -37,3 +37,5 @@ requests:
         part: header
         words:
           - "text/html"
+
+# Enhanced by mp on 2022/02/27

vulnerabilities/wordpress/wp-xmlrpc-brute-force.yaml

@@ -4,7 +4,7 @@ info:
   name: Wordpress XMLRPC.php username and password Bruteforcer
   author: Exid
   severity: high
-  description: Ths template bruteforces username and passwords through xmlrpc.php being available.
+  description: This template bruteforces username and passwords through xmlrpc.php being available.
   reference:
     - https://bugdasht.ir/reports/3c6841c0-ae4c-11eb-a510-517171a9198c
     - https://www.acunetix.com/vulnerabilities/web/wordpress-xml-rpc-authentication-brute-force/