TemplateMan Update [Sat Mar 23 09:28:19 UTC 2024] :robot:

projectdiscovery · Mar 23, 2024 · c491aa6 · c491aa6
1 parent 42e27ad
commit c491aa6
Show file tree

Hide file tree

Showing 2,095 changed files with 5,401 additions and 4,462 deletions.
diff --git a/code/cves/2019/CVE-2019-14287.yaml b/code/cves/2019/CVE-2019-14287.yaml
@@ -17,15 +17,15 @@ info:
     cvss-score: 8.8
     cve-id: CVE-2019-14287
     cwe-id: CWE-755
-    epss-score: 0.34299
-    epss-percentile: 0.96958
+    epss-score: 0.30814
+    epss-percentile: 0.96854
     cpe: cpe:2.3:a:sudo_project:sudo:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     max-request: 2
     vendor: sudo_project
     product: sudo
-  tags: cve,cve2019,sudo,code,linux,privesc,local,canonical
+  tags: packetstorm,cve,cve2019,sudo,code,linux,privesc,local,canonical
 
 self-contained: true
 code:

diff --git a/code/cves/2021/CVE-2021-3156.yaml b/code/cves/2021/CVE-2021-3156.yaml
@@ -18,13 +18,13 @@ info:
     cve-id: CVE-2021-3156
     cwe-id: CWE-193
     epss-score: 0.97085
-    epss-percentile: 0.99752
+    epss-percentile: 0.99757
     cpe: cpe:2.3:a:sudo_project:sudo:*:*:*:*:*:*:*:*
   metadata:
     verified: true
     vendor: sudo_project
     product: sudo
-  tags: cve,cve2021,sudo,code,linux,privesc,local,kev
+  tags: packetstorm,cve,cve2021,sudo,code,linux,privesc,local,kev
 
 self-contained: true
 code:

diff --git a/code/cves/2023/CVE-2023-2640.yaml b/code/cves/2023/CVE-2023-2640.yaml
@@ -21,8 +21,8 @@ info:
     cvss-score: 7.8
     cve-id: CVE-2023-2640
     cwe-id: CWE-863
-    epss-score: 0.00174
-    epss-percentile: 0.53697
+    epss-score: 0.00232
+    epss-percentile: 0.60636
     cpe: cpe:2.3:o:canonical:ubuntu_linux:23.04:*:*:*:*:*:*:*
   metadata:
     verified: true

diff --git a/code/cves/2023/CVE-2023-49105.yaml b/code/cves/2023/CVE-2023-49105.yaml
@@ -10,20 +10,22 @@ info:
     - https://owncloud.com/security-advisories/webdav-api-authentication-bypass-using-pre-signed-urls/
     - https://github.com/0xfed/ownedcloud
     - https://owncloud.org/security
+    - https://github.com/ambionics/owncloud-exploits
+    - https://github.com/nomi-sec/PoC-in-GitHub
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
     cvss-score: 9.8
     cve-id: CVE-2023-49105
     cwe-id: CWE-287
+    epss-score: 0.21237
+    epss-percentile: 0.96302
     cpe: cpe:2.3:a:owncloud:owncloud:*:*:*:*:*:*:*:*
-    epss-score: 0.00091
-    epss-percentile: 0.38353
   metadata:
     max-request: 2
+    vendor: owncloud
     product: owncloud
     shodan-query: title:"owncloud"
   tags: cve,cve2023,code,owncloud,auth-bypass
-
 variables:
   username: admin
 

diff --git a/code/cves/2023/CVE-2023-6246.yaml b/code/cves/2023/CVE-2023-6246.yaml
@@ -17,8 +17,8 @@ info:
     cvss-score: 7.8
     cve-id: CVE-2023-6246
     cwe-id: CWE-787,CWE-122
-    epss-score: 0.00383
-    epss-percentile: 0.72435
+    epss-score: 0.0077
+    epss-percentile: 0.80859
     cpe: cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*
   metadata:
     max-request: 1

diff --git a/dns/soa-detect.yaml b/dns/soa-detect.yaml
@@ -1,18 +1,18 @@
 id: soa-detect
 
-info:
-  name: SOA Record Service - Detection
-  author: rxerium
-  severity: info
-  description: |
-    Detects which domain provider a domain is using, detected through SOA records
-  reference:
-    - https://www.cloudflare.com/learning/dns/dns-records/dns-soa-record/
-  metadata:
-    max-request: 1
-    verified: true
-  tags: dns,soa
-
+info:
+  name: SOA Record Service - Detection
+  author: rxerium
+  severity: info
+  description: |
+    Detects which domain provider a domain is using, detected through SOA records
+  reference:
+    - https://www.cloudflare.com/learning/dns/dns-records/dns-soa-record/
+  metadata:
+    verified: true
+    max-request: 1
+  tags: dns,soa
+
 dns:
   - name: "{{FQDN}}"
 

diff --git a/dns/spf-record-detect.yaml b/dns/spf-record-detect.yaml
@@ -1,15 +1,16 @@
 id: spf-record-detect
 
-info:
-  name: SPF Record - Detection
-  author: rxerium
-  severity: info
-  description: |
-    An SPF TXT record was detected
-  reference:
-    - https://www.mimecast.com/content/how-to-create-an-spf-txt-record
-  tags: dns,spf
-
+info:
+  name: SPF Record - Detection
+  author: rxerium
+  severity: info
+  description: |
+    An SPF TXT record was detected
+  reference:
+    - https://www.mimecast.com/content/how-to-create-an-spf-txt-record
+  metadata:
+    max-request: 1
+  tags: dns,spf
 dns:
   - name: "{{FQDN}}"
     type: TXT

diff --git a/dns/txt-service-detect.yaml b/dns/txt-service-detect.yaml
@@ -1,18 +1,18 @@
 id: txt-service-detect
 
-info:
-  name: DNS TXT Service - Detect
-  author: rxerium
-  severity: info
-  description: |
-    Finding the services companies use via their TXT records.
-  reference:
-    - https://www.abenezer.ca/blog/services-companies-use-txt-records
-  metadata:
-    max-request: 1
-    verified: true
-  tags: dns,txt
-
+info:
+  name: DNS TXT Service - Detect
+  author: rxerium
+  severity: info
+  description: |
+    Finding the services companies use via their TXT records.
+  reference:
+    - https://www.abenezer.ca/blog/services-companies-use-txt-records
+  metadata:
+    verified: true
+    max-request: 1
+  tags: dns,txt
+
 dns:
   - name: "{{FQDN}}"
     type: TXT

diff --git a/headless/cves/2018/CVE-2018-25031.yaml b/headless/cves/2018/CVE-2018-25031.yaml
@@ -20,7 +20,7 @@ info:
     cve-id: CVE-2018-25031
     cwe-id: CWE-20
     epss-score: 0.00265
-    epss-percentile: 0.65414
+    epss-percentile: 0.65516
     cpe: cpe:2.3:a:smartbear:swagger_ui:*:*:*:*:*:*:*:*
   metadata:
     verified: true

diff --git a/http/cves/2000/CVE-2000-0114.yaml b/http/cves/2000/CVE-2000-0114.yaml
@@ -12,13 +12,15 @@ info:
     - https://nvd.nist.gov/vuln/detail/CVE-2000-0114
     - https://www.exploit-db.com/exploits/19897
     - https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0114
+    - https://github.com/0xPugazh/One-Liners
+    - https://github.com/ARPSyndicate/kenzer-templates
   classification:
     cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N
     cvss-score: 5
     cve-id: CVE-2000-0114
     cwe-id: NVD-CWE-Other
-    epss-score: 0.09258
-    epss-percentile: 0.94099
+    epss-score: 0.15958
+    epss-percentile: 0.95829
     cpe: cpe:2.3:a:microsoft:internet_information_server:3.0:*:*:*:*:*:*:*
   metadata:
     max-request: 1

diff --git a/http/cves/2001/CVE-2001-0537.yaml b/http/cves/2001/CVE-2001-0537.yaml
@@ -15,13 +15,14 @@ info:
     - https://nvd.nist.gov/vuln/detail/CVE-2001-0537
     - http://www.ciac.org/ciac/bulletins/l-106.shtml
     - https://exchange.xforce.ibmcloud.com/vulnerabilities/6749
+    - https://github.com/ARPSyndicate/cvemon
   classification:
     cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:C
     cvss-score: 9.3
     cve-id: CVE-2001-0537
     cwe-id: CWE-287
-    epss-score: 0.88063
-    epss-percentile: 0.98412
+    epss-score: 0.87683
+    epss-percentile: 0.98569
     cpe: cpe:2.3:o:cisco:ios:11.3:*:*:*:*:*:*:*
   metadata:
     verified: true

diff --git a/http/cves/2004/CVE-2004-0519.yaml b/http/cves/2004/CVE-2004-0519.yaml
@@ -20,7 +20,7 @@ info:
     cve-id: CVE-2004-0519
     cwe-id: NVD-CWE-Other
     epss-score: 0.02285
-    epss-percentile: 0.88555
+    epss-percentile: 0.89406
     cpe: cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*
   metadata:
     max-request: 1

diff --git a/http/cves/2004/CVE-2004-1965.yaml b/http/cves/2004/CVE-2004-1965.yaml
@@ -21,7 +21,7 @@ info:
     cve-id: CVE-2004-1965
     cwe-id: NVD-CWE-Other
     epss-score: 0.0113
-    epss-percentile: 0.83145
+    epss-percentile: 0.84351
     cpe: cpe:2.3:a:openbb:openbb:1.0.0_beta1:*:*:*:*:*:*:*
   metadata:
     max-request: 1

diff --git a/http/cves/2005/CVE-2005-4385.yaml b/http/cves/2005/CVE-2005-4385.yaml
@@ -13,13 +13,14 @@ info:
     - http://pridels0.blogspot.com/2005/12/cofax-xss-vuln.html
     - https://nvd.nist.gov/vuln/detail/CVE-2005-4385
     - http://www.vupen.com/english/advisories/2005/2977
+    - https://github.com/ARPSyndicate/kenzer-templates
   classification:
     cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N
     cvss-score: 4.3
     cve-id: CVE-2005-4385
     cwe-id: NVD-CWE-Other
     epss-score: 0.00294
-    epss-percentile: 0.65964
+    epss-percentile: 0.68633
     cpe: cpe:2.3:a:cofax:cofax:1.9.9c:*:*:*:*:*:*:*
   metadata:
     max-request: 1

diff --git a/http/cves/2007/CVE-2007-0885.yaml b/http/cves/2007/CVE-2007-0885.yaml
@@ -10,13 +10,14 @@ info:
   reference:
     - https://exchange.xforce.ibmcloud.com/vulnerabilities/32418
     - https://nvd.nist.gov/vuln/detail/CVE-2007-0885
+    - https://github.com/ARPSyndicate/kenzer-templates
   classification:
     cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P
     cvss-score: 6.8
     cve-id: CVE-2007-0885
     cwe-id: NVD-CWE-Other
     epss-score: 0.0093
-    epss-percentile: 0.81235
+    epss-percentile: 0.82626
     cpe: cpe:2.3:a:rainbow_portal:rainbow.zen:*:*:*:*:*:*:*:*
   metadata:
     max-request: 1

diff --git a/http/cves/2007/CVE-2007-3010.yaml b/http/cves/2007/CVE-2007-3010.yaml
@@ -21,16 +21,16 @@ info:
     cvss-score: 10
     cve-id: CVE-2007-3010
     cwe-id: CWE-20
-    epss-score: 0.97264
-    epss-percentile: 0.99824
+    epss-score: 0.97317
+    epss-percentile: 0.99868
     cpe: cpe:2.3:a:alcatel-lucent:omnipcx:7.1:*:enterprise:*:*:*:*:*
   metadata:
     verified: true
     max-request: 1
     vendor: alcatel-lucent
     product: omnipcx
-    fofa-query: app="Alcatel_Lucent-OmniPCX-Enterprise"
     shodan-query: title:"OmniPCX for Enterprise"
+    fofa-query: app="Alcatel_Lucent-OmniPCX-Enterprise"
   tags: cve,cve2007,kev,rce,alcatel
 
 http:

diff --git a/http/cves/2007/CVE-2007-4504.yaml b/http/cves/2007/CVE-2007-4504.yaml
@@ -13,13 +13,14 @@ info:
     - https://www.exploit-db.com/exploits/4307
     - https://exchange.xforce.ibmcloud.com/vulnerabilities/36222
     - https://nvd.nist.gov/vuln/detail/CVE-2007-4504
+    - https://github.com/ARPSyndicate/kenzer-templates
   classification:
     cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:N
     cvss-score: 5
     cve-id: CVE-2007-4504
     cwe-id: CWE-22
-    epss-score: 0.01677
-    epss-percentile: 0.86314
+    epss-score: 0.02599
+    epss-percentile: 0.90043
     cpe: cpe:2.3:a:joomla:rsfiles:*:*:*:*:*:*:*:*
   metadata:
     max-request: 1

diff --git a/http/cves/2007/CVE-2007-4556.yaml b/http/cves/2007/CVE-2007-4556.yaml
@@ -22,7 +22,7 @@ info:
     cve-id: CVE-2007-4556
     cwe-id: NVD-CWE-Other
     epss-score: 0.16469
-    epss-percentile: 0.95533
+    epss-percentile: 0.95873
     cpe: cpe:2.3:a:opensymphony:xwork:*:*:*:*:*:*:*:*
   metadata:
     max-request: 1

diff --git a/http/cves/2008/CVE-2008-1059.yaml b/http/cves/2008/CVE-2008-1059.yaml
@@ -22,7 +22,7 @@ info:
     cve-id: CVE-2008-1059
     cwe-id: CWE-94
     epss-score: 0.01493
-    epss-percentile: 0.85524
+    epss-percentile: 0.86573
     cpe: cpe:2.3:a:wordpress:sniplets_plugin:1.1.2:*:*:*:*:*:*:*
   metadata:
     max-request: 1

diff --git a/http/cves/2008/CVE-2008-2650.yaml b/http/cves/2008/CVE-2008-2650.yaml
@@ -22,7 +22,7 @@ info:
     cve-id: CVE-2008-2650
     cwe-id: CWE-22
     epss-score: 0.06344
-    epss-percentile: 0.92938
+    epss-percentile: 0.93486
     cpe: cpe:2.3:a:cmsimple:cmsimple:3.1:*:*:*:*:*:*:*
   metadata:
     max-request: 1

diff --git a/http/cves/2008/CVE-2008-4668.yaml b/http/cves/2008/CVE-2008-4668.yaml
@@ -14,13 +14,14 @@ info:
     - http://securityreason.com/securityalert/4464
     - https://nvd.nist.gov/vuln/detail/CVE-2008-4668
     - https://exchange.xforce.ibmcloud.com/vulnerabilities/45490
+    - https://github.com/ARPSyndicate/kenzer-templates
   classification:
     cvss-metrics: CVSS:2.0/AV:N/AC:L/Au:N/C:C/I:P/A:P
     cvss-score: 9
     cve-id: CVE-2008-4668
     cwe-id: CWE-22
     epss-score: 0.01018
-    epss-percentile: 0.82089
+    epss-percentile: 0.83418
     cpe: cpe:2.3:a:joomla:com_imagebrowser:0.1.5:*:*:*:*:*:*:*
   metadata:
     max-request: 1

diff --git a/http/cves/2008/CVE-2008-4764.yaml b/http/cves/2008/CVE-2008-4764.yaml
@@ -18,7 +18,7 @@ info:
     cve-id: CVE-2008-4764
     cwe-id: CWE-22
     epss-score: 0.02365
-    epss-percentile: 0.88742
+    epss-percentile: 0.89577
     cpe: cpe:2.3:a:extplorer:com_extplorer:*:rc2:*:*:*:*:*:*
   metadata:
     max-request: 1

diff --git a/http/cves/2008/CVE-2008-6172.yaml b/http/cves/2008/CVE-2008-6172.yaml
@@ -20,7 +20,7 @@ info:
     cve-id: CVE-2008-6172
     cwe-id: CWE-22
     epss-score: 0.00509
-    epss-percentile: 0.74088
+    epss-percentile: 0.76096
     cpe: cpe:2.3:a:weberr:rwcards:3.0.11:*:*:*:*:*:*:*
   metadata:
     max-request: 1

diff --git a/http/cves/2008/CVE-2008-6465.yaml b/http/cves/2008/CVE-2008-6465.yaml
@@ -15,13 +15,14 @@ info:
     - https://exchange.xforce.ibmcloud.com/vulnerabilities/45254
     - https://exchange.xforce.ibmcloud.com/vulnerabilities/45252
     - https://nvd.nist.gov/vuln/detail/CVE-2008-6465
+    - https://github.com/ARPSyndicate/kenzer-templates
   classification:
     cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:P/A:N
     cvss-score: 4.3
     cve-id: CVE-2008-6465
     cwe-id: CWE-79
     epss-score: 0.00421
-    epss-percentile: 0.71537
+    epss-percentile: 0.73765
     cpe: cpe:2.3:a:parallels:h-sphere:3.0.0:p9:*:*:*:*:*:*
   metadata:
     verified: true

diff --git a/http/cves/2008/CVE-2008-6668.yaml b/http/cves/2008/CVE-2008-6668.yaml
@@ -21,7 +21,7 @@ info:
     cve-id: CVE-2008-6668
     cwe-id: CWE-22
     epss-score: 0.00359
-    epss-percentile: 0.6932
+    epss-percentile: 0.71607
     cpe: cpe:2.3:a:dirk_bartley:nweb2fax:*:*:*:*:*:*:*:*
   metadata:
     max-request: 2