Descriptions and references

cves/2020/CVE-2020-5777.yaml

@@ -4,7 +4,8 @@ info:
   name: Remote Auth Bypass in MAGMI (Magento Mass Importer) Plugin <= v0.7.23
   author: dwisiswant0
   severity: high
-  description: "MAGMI versions prior to 0.7.24 are vulnerable to a remote authentication bypass due to allowing default credentials in the event there is a database connection failure."
+  description: MAGMI versions prior to 0.7.24 are vulnerable to a remote authentication bypass due to allowing default credentials in the event there is a database connection failure.
+  reference: https://github.com/dweeves/magmi-git/blob/18bd9ec905c90bfc9eaed0c2bf2d3525002e33b9/magmi/inc/magmi_auth.php#L35
   tags: cve,cve2020,magmi
 
   # Response code 503 indicates a potential successful "Too many connections" error

cves/2020/CVE-2020-5902.yaml

@@ -4,6 +4,19 @@ info:
   name: F5 BIG-IP TMUI RCE
   author: madrobot & dwisiswant0 & ringo
   severity: high
+  description: In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages.
+  reference: |
+    - http://packetstormsecurity.com/files/158333/BIG-IP-TMUI-Remote-Code-Execution.html
+    - http://packetstormsecurity.com/files/158334/BIG-IP-TMUI-Remote-Code-Execution.html
+    - http://packetstormsecurity.com/files/158366/F5-BIG-IP-TMUI-Directory-Traversal-File-Upload-Code-Execution.html
+    - http://packetstormsecurity.com/files/158414/Checker-CVE-2020-5902.html
+    - http://packetstormsecurity.com/files/158581/F5-Big-IP-13.1.3-Build-0.0.6-Local-File-Inclusion.html
+    - https://badpackets.net/over-3000-f5-big-ip-endpoints-vulnerable-to-cve-2020-5902/
+    - https://github.com/Critical-Start/Team-Ares/tree/master/CVE-2020-5902
+    - https://support.f5.com/csp/article/K52145254
+    - https://swarm.ptsecurity.com/rce-in-f5-big-ip/
+    - https://www.criticalstart.com/f5-big-ip-remote-code-execution-exploit/
+    - https://www.kb.cert.org/vuls/id/290915
   tags: cve,cve2020,bigip,rce
 
 requests:

cves/2020/CVE-2020-8115.yaml

@@ -4,6 +4,11 @@ info:
   name: Revive Adserver XSS
   author: madrobot & dwisiswant0
   severity: medium
+  description: |
+    A reflected XSS vulnerability has been discovered in the publicly accessible afr.php delivery script of Revive Adserver <= 5.0.3 by Jacopo Tediosi. There are currently no known exploits: the session identifier cannot be accessed as it is stored in an http-only cookie as of v3.2.2. On older versions, however, under specific circumstances, it could be possible to steal the session identifier and gain access to the admin interface. The query string sent to the www/delivery/afr.php script was printed back without proper escaping in a JavaScript context, allowing an attacker to execute arbitrary JS code on the browser of the victim.
+  reference: |
+    - https://hackerone.com/reports/775693
+    - https://www.revive-adserver.com/security/revive-sa-2020-001/
   tags: cve,cve2020,xss
 
 requests:

cves/2020/CVE-2020-8512.yaml

@@ -5,11 +5,11 @@ info:
   author: pdnuclei & dwisiswant0
   severity: medium
   description: In IceWarp Webmail Server through 11.4.4.1, there is XSS in the /webmail/ color parameter.
-  reference: https://www.exploit-db.com/exploits/47988
+  reference: |
+    - https://www.exploit-db.com/exploits/47988
+    - https://twitter.com/sagaryadav8742/status/1275170967527006208
   tags: cve,cve2020,xss
 
-  # https://twitter.com/sagaryadav8742/status/1275170967527006208
-
 requests:
   - method: GET
     path: